svamp-cli 0.2.85 → 0.2.86

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-MQKWgYFS.mjs';
+export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-rWXfNd7e.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -10,9 +10,9 @@ import 'node:fs';
 import 'util';
 import 'node:crypto';
 import 'node:path';
+import 'node:os';
 import 'node:child_process';
 import '@agentclientprotocol/sdk';
-import 'node:os';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';
 import '@modelcontextprotocol/sdk/types.js';

package/dist/{package-BDGD9W2l.mjs → package-C93hgi-7.mjs}

@@ -1,5 +1,5 @@
 var name = "svamp-cli";
-var version = "0.2.85";
+var version = "0.2.86";
 var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
 var author = "Amun AI AB";
 var license = "SEE LICENSE IN LICENSE";
@@ -19,7 +19,7 @@ var exports$1 = {
 var scripts = {
 	build: "rm -rf dist bin/skills && mkdir -p bin/skills && cp -r ../../skills/artifact bin/skills/artifact && tsc --noEmit && pkgroll",
 	typecheck: "tsc --noEmit",
-	test: "npx tsx test/test-context-window.mjs && npx tsx test/test-instance-config.mjs && npx tsx test/test-authorize.mjs && npx tsx test/test-normalize-allowed-user.mjs && npx tsx test/test-share-url.mjs && npx tsx test/test-update-sharing-normalization.mjs && npx tsx test/test-staged-homes-sweep.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-session-send-query.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only && node test/pinnedClaudeCode.test.mjs && node test/fleet.test.mjs",
+	test: "npx tsx test/test-context-window.mjs && npx tsx test/test-instance-config.mjs && npx tsx test/test-authorize.mjs && npx tsx test/test-normalize-allowed-user.mjs && npx tsx test/test-share-url.mjs && npx tsx test/test-update-sharing-normalization.mjs && npx tsx test/test-staged-homes-sweep.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-session-send-query.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only && node test/pinnedClaudeCode.test.mjs && node test/fleet.test.mjs && npx tsx test/test-routine.mjs && npx tsx test/test-routine-rpc.mjs",
 	"test:hypha": "node --no-warnings test/test-hypha-service.mjs",
 	dev: "tsx src/cli.ts",
 	"dev:daemon": "tsx src/cli.ts daemon start-sync",

package/dist/{run-Xk8il2Yz.mjs → run-CEs0etJC.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { resolve, join } from 'node:path';
 import { existsSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as registerSessionService, D as generateHookSettings } from './run-MQKWgYFS.mjs';
+import { c as connectToHypha, a as registerSessionService, E as generateHookSettings } from './run-rWXfNd7e.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';

package/dist/{run-MQKWgYFS.mjs → run-rWXfNd7e.mjs}

@@ -1,17 +1,17 @@
 import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(import.meta.url);import os, { homedir as homedir$1 } from 'os';
 import fs, { mkdir as mkdir$1, readdir as readdir$1, readFile, writeFile as writeFile$1, rename, unlink } from 'fs/promises';
-import { readFileSync as readFileSync$1, mkdirSync, writeFileSync, renameSync, existsSync as existsSync$1, rmSync, copyFileSync, unlinkSync as unlinkSync$1, watch, rmdirSync, readdirSync } from 'fs';
+import { readFileSync as readFileSync$1, mkdirSync, writeFileSync, renameSync, existsSync as existsSync$1, rmSync as rmSync$1, copyFileSync, unlinkSync as unlinkSync$1, watch, rmdirSync, readdirSync as readdirSync$1 } from 'fs';
 import path__default, { join, dirname, resolve, basename } from 'path';
 import { fileURLToPath } from 'url';
 import { execFile, spawn as spawn$1, execSync as execSync$1 } from 'child_process';
 import { randomUUID as randomUUID$1 } from 'crypto';
-import { existsSync, readFileSync, writeFileSync as writeFileSync$1, mkdirSync as mkdirSync$1, appendFileSync, unlinkSync } from 'node:fs';
+import { existsSync, readFileSync, mkdirSync as mkdirSync$1, readdirSync, writeFileSync as writeFileSync$1, renameSync as renameSync$1, rmSync, appendFileSync, unlinkSync } from 'node:fs';
 import { promisify } from 'util';
-import { randomUUID, createHash } from 'node:crypto';
+import { randomBytes, randomUUID, createHash } from 'node:crypto';
 import { join as join$1 } from 'node:path';
+import os$1, { homedir, platform } from 'node:os';
 import { spawn, execSync, execFile as execFile$1, execFileSync } from 'node:child_process';
 import { ndJsonStream, ClientSideConnection } from '@agentclientprotocol/sdk';
-import os$1, { homedir, platform } from 'node:os';
 import { Client } from '@modelcontextprotocol/sdk/client/index.js';
 import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
 import { ElicitRequestSchema } from '@modelcontextprotocol/sdk/types.js';
@@ -1393,7 +1393,7 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         const tunnels = handlers.tunnels;
         if (!tunnels) throw new Error("Tunnel management not available");
         if (tunnels.has(params.name)) throw new Error(`Tunnel '${params.name}' already running`);
-        const { FrpcTunnel } = await import('./frpc-D3LiH7GX.mjs');
+        const { FrpcTunnel } = await import('./frpc-BfBqHN33.mjs');
         const tunnel = new FrpcTunnel({
           name: params.name,
           ports: params.ports,
@@ -1609,6 +1609,262 @@ async function registerMachineService(server, machineId, metadata, daemonState,
   };
 }
 
+const FIELD_RANGES = [[0, 59], [0, 23], [1, 31], [1, 12], [0, 6]];
+function parseField(token, [min, max]) {
+  const set = /* @__PURE__ */ new Set();
+  for (const part of token.split(",")) {
+    let m;
+    if (part === "*") {
+      for (let i = min; i <= max; i++) set.add(i);
+    } else if (m = part.match(/^\*\/(\d+)$/)) {
+      const s = +m[1];
+      for (let i = min; i <= max; i += s) set.add(i);
+    } else if (m = part.match(/^(\d+)-(\d+)\/(\d+)$/)) {
+      for (let i = +m[1]; i <= +m[2]; i += +m[3]) set.add(i);
+    } else if (m = part.match(/^(\d+)-(\d+)$/)) {
+      for (let i = +m[1]; i <= +m[2]; i++) set.add(i);
+    } else if (m = part.match(/^(\d+)$/)) {
+      set.add(+m[1]);
+    } else throw new Error(`invalid cron field: "${token}"`);
+  }
+  for (const v of set) if (v < min || v > max) throw new Error(`cron value ${v} out of range [${min},${max}]`);
+  return set;
+}
+function parseCron(expr) {
+  const fields = String(expr).trim().split(/\s+/);
+  if (fields.length !== 5) throw new Error(`cron must have 5 fields, got ${fields.length}: "${expr}"`);
+  const [minute, hour, dom, month, dow] = fields.map((f, i) => parseField(f, FIELD_RANGES[i]));
+  return { minute, hour, dom, month, dow, domRestricted: fields[2] !== "*", dowRestricted: fields[4] !== "*" };
+}
+function cronMatches(expr, date) {
+  const c = typeof expr === "string" ? parseCron(expr) : expr;
+  if (!c.minute.has(date.getMinutes())) return false;
+  if (!c.hour.has(date.getHours())) return false;
+  if (!c.month.has(date.getMonth() + 1)) return false;
+  const domOk = c.dom.has(date.getDate());
+  const dowOk = c.dow.has(date.getDay());
+  if (c.domRestricted && c.dowRestricted) return domOk || dowOk;
+  return domOk && dowOk;
+}
+function nextFire(expr, from) {
+  const c = parseCron(expr);
+  const d = new Date(from.getTime());
+  d.setSeconds(0, 0);
+  d.setMinutes(d.getMinutes() + 1);
+  for (let i = 0; i < 366 * 24 * 60; i++) {
+    if (cronMatches(c, d)) return new Date(d.getTime());
+    d.setMinutes(d.getMinutes() + 1);
+  }
+  return null;
+}
+function resolvePath(ctx, path) {
+  return path.split(".").reduce((o, k) => o == null ? void 0 : o[k], ctx);
+}
+function renderTemplate(template, ctx) {
+  return String(template).replace(/\$\{([\w.$]+)\}/g, (_m, p) => {
+    const v = resolvePath(ctx, p);
+    return v == null ? "" : typeof v === "object" ? JSON.stringify(v) : String(v);
+  });
+}
+const TRIGGER_TYPES = ["manual", "schedule", "webhook", "api"];
+const ACTION_KINDS = ["message", "loop"];
+const OVERLAP = ["queue", "skip", "replace"];
+function validateRoutine(r) {
+  const errs = [];
+  if (!r || typeof r !== "object") return ["routine must be an object"];
+  if (!r.session_id) errs.push("session_id required");
+  if (!r.name) errs.push("name required");
+  const t = r.trigger;
+  if (!t || !TRIGGER_TYPES.includes(t.type)) errs.push(`trigger.type must be one of ${TRIGGER_TYPES.join("|")}`);
+  if (t?.type === "schedule") {
+    try {
+      parseCron(t.cron);
+    } catch (e) {
+      errs.push(`trigger.cron: ${e.message}`);
+    }
+    if (t.missed && !["catchup", "skip"].includes(t.missed)) errs.push("trigger.missed must be catchup|skip");
+  }
+  const a = r.action;
+  if (!a || !ACTION_KINDS.includes(a.kind)) errs.push(`action.kind must be one of ${ACTION_KINDS.join("|")}`);
+  if (a?.kind === "message" && !a.template) errs.push("action.template required for message action");
+  if (a?.kind === "loop" && !a.loop && !a.task_template) errs.push("action.loop or action.task_template required for loop action");
+  if (r.overlap && !OVERLAP.includes(r.overlap)) errs.push(`overlap must be one of ${OVERLAP.join("|")}`);
+  return errs;
+}
+
+function defaultRoutinesDir() {
+  return process.env.SVAMP_ROUTINES_DIR || join$1(homedir(), ".svamp", "routines");
+}
+const genId = () => "rt_" + randomBytes(5).toString("hex");
+const genKey = () => randomBytes(18).toString("base64url");
+class RoutineStore {
+  dir;
+  constructor(dir = defaultRoutinesDir()) {
+    this.dir = dir;
+    mkdirSync$1(dir, { recursive: true });
+  }
+  _path(id) {
+    return join$1(this.dir, `${id}.json`);
+  }
+  list(sessionId) {
+    const all = readdirSync(this.dir).filter((f) => f.endsWith(".json")).map((f) => {
+      try {
+        return JSON.parse(readFileSync(join$1(this.dir, f), "utf8"));
+      } catch {
+        return null;
+      }
+    }).filter((r) => !!r);
+    return sessionId ? all.filter((r) => r.session_id === sessionId) : all;
+  }
+  get(id) {
+    try {
+      return JSON.parse(readFileSync(this._path(id), "utf8"));
+    } catch {
+      return null;
+    }
+  }
+  save(routine) {
+    const r = { overlap: "queue", enabled: true, last_runs: [], ...routine };
+    if (!r.id) r.id = genId();
+    if ((r.trigger?.type === "webhook" || r.trigger?.type === "api") && !r.trigger.key) r.trigger.key = genKey();
+    const errs = validateRoutine(r);
+    if (errs.length) throw new Error("invalid routine: " + errs.join("; "));
+    const tmp = this._path(r.id) + ".tmp";
+    writeFileSync$1(tmp, JSON.stringify(r, null, 2));
+    renameSync$1(tmp, this._path(r.id));
+    return r;
+  }
+  remove(id) {
+    const p = this._path(id);
+    if (existsSync(p)) {
+      rmSync(p);
+      return true;
+    }
+    return false;
+  }
+  setEnabled(id, enabled) {
+    const r = this.get(id);
+    if (!r) return null;
+    r.enabled = enabled;
+    return this.save(r);
+  }
+  recordRun(id, entry) {
+    const r = this.get(id);
+    if (!r) return null;
+    r.last_runs = [{ firedAt: (/* @__PURE__ */ new Date()).toISOString(), via: "manual", delivered: "message", outcome: "ok", ...entry }, ...r.last_runs || []].slice(0, 20);
+    return this.save(r);
+  }
+}
+
+const minuteKey = (d) => `${d.getFullYear()}-${d.getMonth()}-${d.getDate()}-${d.getHours()}-${d.getMinutes()}`;
+class RoutineRunner {
+  store;
+  deliver;
+  now;
+  onReplace;
+  log;
+  active = /* @__PURE__ */ new Set();
+  _firedMinute = /* @__PURE__ */ new Map();
+  constructor(o) {
+    this.store = o.store;
+    this.deliver = o.deliver;
+    this.now = o.now || (() => /* @__PURE__ */ new Date());
+    this.onReplace = o.onReplace;
+    this.log = o.log || (() => {
+    });
+  }
+  resolveAction(routine, payload = {}) {
+    const ctx = { ...payload, now: this.now().toISOString(), routine: { id: routine.id, name: routine.name } };
+    const a = routine.action;
+    if (a.kind === "message") return { kind: "message", text: renderTemplate(a.template || "", ctx) };
+    const task = renderTemplate(a.task_template || a.loop?.task || "", ctx);
+    return { kind: "loop", task, loop: a.loop };
+  }
+  markDone(id) {
+    this.active.delete(id);
+  }
+  _deliveredToday(routine) {
+    const today = this.now().toDateString();
+    return (routine.last_runs || []).filter((r) => r.outcome === "delivered" && new Date(r.firedAt).toDateString() === today).length;
+  }
+  async fire(routine, payload = {}, via = "manual") {
+    if (!routine.enabled) return { skipped: "disabled" };
+    if (routine.daily_cap && this._deliveredToday(this.store.get(routine.id) || routine) >= routine.daily_cap) {
+      this.store.recordRun(routine.id, { via, delivered: routine.action.kind, outcome: "skipped (daily cap)" });
+      return { skipped: "daily_cap" };
+    }
+    if (this.active.has(routine.id)) {
+      if (routine.overlap === "skip") {
+        this.store.recordRun(routine.id, { via, delivered: routine.action.kind, outcome: "skipped (busy)" });
+        return { skipped: "busy" };
+      }
+      if (routine.overlap === "replace") {
+        try {
+          this.onReplace?.(routine.id);
+        } catch {
+        }
+        this.active.delete(routine.id);
+      }
+    }
+    const resolved = this.resolveAction(routine, payload);
+    let outcome = "delivered";
+    try {
+      await this.deliver({ routine, action: routine.action, resolved, payload, via });
+      if (resolved.kind === "loop") this.active.add(routine.id);
+    } catch (e) {
+      outcome = "error: " + (e?.message || e);
+    }
+    const r = this.store.get(routine.id) || routine;
+    r.last_fired_at = this.now().toISOString();
+    r.last_runs = [{ firedAt: r.last_fired_at, via, delivered: resolved.kind, outcome }, ...r.last_runs || []].slice(0, 20);
+    this.store.save(r);
+    return { fired: true, via, resolved, outcome };
+  }
+  async tick(date = this.now()) {
+    const results = [];
+    for (const r of this.store.list()) {
+      if (!r.enabled || r.trigger?.type !== "schedule") continue;
+      if (!cronMatches(r.trigger.cron, date)) continue;
+      const mk = minuteKey(date);
+      if (this._firedMinute.get(r.id) === mk) continue;
+      this._firedMinute.set(r.id, mk);
+      results.push({ id: r.id, ...await this.fire(r, { tick: date.toISOString() }, "schedule") });
+    }
+    return results;
+  }
+  async webhook(id, opts = {}) {
+    const { key, method = "POST", body = {}, query = {} } = opts;
+    const r = this.store.get(id);
+    if (!r) return { status: 404, error: "routine not found" };
+    if (r.trigger?.type !== "webhook" && r.trigger?.type !== "api") return { status: 400, error: "not a webhook routine" };
+    if (!r.enabled) return { status: 409, error: "routine disabled" };
+    if (!r.trigger.public && r.trigger.key && key !== r.trigger.key) return { status: 401, error: "bad key" };
+    const methods = r.trigger.methods || ["GET", "POST"];
+    if (!methods.includes(method)) return { status: 405, error: "method not allowed" };
+    const res = await this.fire(r, { body, query }, r.trigger.type);
+    return { status: 200, ...res };
+  }
+  async runNow(id, payload = {}) {
+    const r = this.store.get(id);
+    if (!r) return { error: "not found" };
+    return this.fire(r, payload, "manual");
+  }
+  async catchUp(sinceDate, nowDate = this.now()) {
+    const results = [];
+    for (const r of this.store.list()) {
+      if (!r.enabled || r.trigger?.type !== "schedule" || r.trigger.missed !== "catchup") continue;
+      const deadlineMs = (r.trigger.deadline_sec || 3600) * 1e3;
+      const since = new Date(Math.max(sinceDate.getTime(), nowDate.getTime() - deadlineMs));
+      const due = nextFire(r.trigger.cron, since);
+      if (due && due <= nowDate) {
+        const last = r.last_fired_at ? new Date(r.last_fired_at) : /* @__PURE__ */ new Date(0);
+        if (last < due) results.push({ id: r.id, ...await this.fire(r, { catchup: due.toISOString() }, "schedule") });
+      }
+    }
+    return results;
+  }
+}
+
 function isStructuredMessage(msg) {
   return !!(msg.from || msg.fromSession || msg.subject || msg.replyTo || msg.threadId);
 }
@@ -1821,6 +2077,13 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     });
     return msg;
   };
+  const routineStore = new RoutineStore();
+  const syncRoutinesToMetadata = () => {
+    metadata.routines = routineStore.list(sessionId);
+    metadataVersion++;
+    notifyListeners({ type: "update-session", sessionId, metadata: { value: metadata, version: metadataVersion } });
+    callbacks.onMetadataUpdate?.(metadata);
+  };
   const rpcHandlers = {
     // ── Messages ──
     getMessages: async (afterSeq, limit, context) => {
@@ -1948,6 +2211,49 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
       callbacks.onUpdateConfig?.(patch);
       return { success: true };
     },
+    // ── Routines (session-scoped triggers -> message/loop). CRUD + metadata
+    //    sync; actual schedule/webhook firing is handled by the supervised
+    //    routine server (`svamp routine serve`) reading the shared store. ──
+    listRoutines: async (context) => {
+      authorizeRequest(context, metadata.sharing, "view");
+      return { routines: routineStore.list(sessionId) };
+    },
+    saveRoutine: async (routine, context) => {
+      authorizeRequest(context, metadata.sharing, "admin");
+      try {
+        const saved = routineStore.save({ ...routine, session_id: sessionId });
+        syncRoutinesToMetadata();
+        return { success: true, routine: saved };
+      } catch (e) {
+        return { success: false, error: e?.message || String(e) };
+      }
+    },
+    removeRoutine: async (id, context) => {
+      authorizeRequest(context, metadata.sharing, "admin");
+      const r = routineStore.get(id);
+      if (r && r.session_id !== sessionId) return { success: false };
+      const ok = routineStore.remove(id);
+      syncRoutinesToMetadata();
+      return { success: ok };
+    },
+    setRoutineEnabled: async (id, enabled, context) => {
+      authorizeRequest(context, metadata.sharing, "admin");
+      const r = routineStore.get(id);
+      if (r && r.session_id !== sessionId) return { success: false };
+      routineStore.setEnabled(id, enabled);
+      syncRoutinesToMetadata();
+      return { success: true };
+    },
+    runRoutineNow: async (id, context) => {
+      authorizeRequest(context, metadata.sharing, "interact");
+      const r = routineStore.get(id);
+      if (!r || r.session_id !== sessionId) return { error: "not found" };
+      const resolved = new RoutineRunner({ store: routineStore, deliver: async () => {
+      } }).resolveAction(r, {});
+      routineStore.recordRun(id, { via: "manual", delivered: resolved.kind, outcome: "resolved" });
+      syncRoutinesToMetadata();
+      return { success: true, resolved };
+    },
     // ── Agent State ──
     getAgentState: async (context) => {
       authorizeRequest(context, metadata.sharing, "view");
@@ -5556,11 +5862,16 @@ var claudeAuth = /*#__PURE__*/Object.freeze({
     updateEnvFile: updateEnvFile
 });
 
-const SVAMP_HOME$2 = process.env.SVAMP_HOME || join(homedir$1(), ".svamp");
-const CACHE_FILE = join(SVAMP_HOME$2, "instance-config.json");
+function svampHome() {
+  return process.env.SVAMP_HOME || join(homedir$1(), ".svamp");
+}
+function cacheFile() {
+  return join(svampHome(), "instance-config.json");
+}
 const CONFIG_FILENAME = "svamp.json";
 let _config = null;
 let _loaded = false;
+let _cacheChecked = false;
 function stripSlash$1(u) {
   return u.replace(/\/+$/, "");
 }
@@ -5588,8 +5899,8 @@ async function fetchConfig(anchor) {
 }
 function readCache() {
   try {
-    if (existsSync$1(CACHE_FILE)) {
-      const data = JSON.parse(readFileSync$1(CACHE_FILE, "utf-8"));
+    if (existsSync$1(cacheFile())) {
+      const data = JSON.parse(readFileSync$1(cacheFile(), "utf-8"));
       if (data && typeof data === "object" && !Array.isArray(data)) return data;
     }
   } catch {
@@ -5598,8 +5909,8 @@ function readCache() {
 }
 function writeCache(cfg) {
   try {
-    mkdirSync(SVAMP_HOME$2, { recursive: true });
-    writeFileSync(CACHE_FILE, JSON.stringify(cfg, null, 2) + "\n", "utf-8");
+    mkdirSync(svampHome(), { recursive: true });
+    writeFileSync(cacheFile(), JSON.stringify(cfg, null, 2) + "\n", "utf-8");
   } catch {
   }
 }
@@ -5618,38 +5929,43 @@ async function loadInstanceConfig(opts = {}) {
       applyConfig(fetched);
       writeCache(fetched);
       _loaded = true;
+      _cacheChecked = true;
       return _config;
     }
   }
   const cached = readCache();
   if (cached) applyConfig(cached);
   _loaded = true;
+  _cacheChecked = true;
   return _config;
 }
 function getLoadedConfig() {
-  if (!_loaded) {
+  if (!_loaded && !_cacheChecked) {
     const cached = readCache();
     if (cached) applyConfig(cached);
-    _loaded = true;
+    _cacheChecked = true;
   }
   return _config;
 }
 function clearInstanceConfigCache() {
   _config = null;
   _loaded = false;
+  _cacheChecked = false;
   try {
-    if (existsSync$1(CACHE_FILE)) rmSync(CACHE_FILE);
+    if (existsSync$1(cacheFile())) rmSync$1(cacheFile());
   } catch {
   }
 }
 function __setConfigForTest(cfg) {
   _config = cfg;
   _loaded = true;
+  _cacheChecked = true;
   if (cfg) applyConfig(cfg);
 }
 function __resetForTest() {
   _config = null;
   _loaded = false;
+  _cacheChecked = false;
 }
 
 var instanceConfig = /*#__PURE__*/Object.freeze({
@@ -7337,7 +7653,7 @@ function installBundledSkill(name) {
   mkdirSync(dst, { recursive: true });
   function copyDir(s, d) {
     mkdirSync(d, { recursive: true });
-    for (const entry of readdirSync(s, { withFileTypes: true })) {
+    for (const entry of readdirSync$1(s, { withFileTypes: true })) {
       const sp = join(s, entry.name);
       const dp = join(d, entry.name);
       if (entry.isDirectory()) copyDir(sp, dp);
@@ -8301,7 +8617,7 @@ async function startDaemon(options) {
     }
   }
   try {
-    await loadInstanceConfig();
+    await loadInstanceConfig({ force: true });
   } catch (err) {
     logger.log(`[config] Instance config load failed (continuing with env): ${err?.message || err}`);
   }
@@ -8369,7 +8685,7 @@ async function startDaemon(options) {
     const list = loadExposedTunnels().filter((t) => t.name !== name);
     saveExposedTunnels(list);
   }
-  const { ServeManager } = await import('./serveManager-j2Z-hrHL.mjs');
+  const { ServeManager } = await import('./serveManager-BgnooFJZ.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -10942,7 +11258,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
       const specs = loadExposedTunnels();
       if (specs.length === 0) return;
       logger.log(`[exposed-tunnels] Restoring ${specs.length} tunnel(s) from ${EXPOSED_TUNNELS_FILE}`);
-      const { FrpcTunnel } = await import('./frpc-D3LiH7GX.mjs');
+      const { FrpcTunnel } = await import('./frpc-BfBqHN33.mjs');
       for (const spec of specs) {
         if (tunnels.has(spec.name)) continue;
         try {
@@ -11689,4 +12005,4 @@ var run = /*#__PURE__*/Object.freeze({
     stopDaemon: stopDaemon
 });
 
-export { mergeSecurityContexts as A, buildSessionShareUrl as B, buildMachineShareUrl as C, generateHookSettings as D, DefaultTransport$1 as E, acpBackend as F, acpAgentConfig as G, codexMcpBackend as H, GeminiTransport$1 as I, claudeAuth as J, instanceConfig as K, api as L, run as M, ServeAuth as S, registerSessionService as a, stopDaemon as b, connectToHypha as c, daemonStatus as d, getFrpsSubdomainHost as e, getFrpsServerPort as f, getHyphaServerUrl$1 as g, getFrpsServerAddr as h, getHyphaServerUrl as i, hasCookieToken as j, getSkillsServer as k, getSkillsWorkspaceName as l, getSkillsCollectionName as m, fetchWithTimeout as n, searchSkills as o, parseFrontmatter as p, SKILLS_DIR as q, registerMachineService as r, startDaemon as s, getSkillInfo as t, downloadSkillFile as u, listSkillFiles as v, normalizeAllowedUser as w, loadSecurityContextConfig as x, resolveSecurityContext as y, buildSecurityContextFromFlags as z };
+export { buildSecurityContextFromFlags as A, mergeSecurityContexts as B, buildSessionShareUrl as C, buildMachineShareUrl as D, generateHookSettings as E, DefaultTransport$1 as F, acpBackend as G, acpAgentConfig as H, codexMcpBackend as I, GeminiTransport$1 as J, claudeAuth as K, instanceConfig as L, api as M, run as N, RoutineStore as R, ServeAuth as S, registerSessionService as a, stopDaemon as b, connectToHypha as c, daemonStatus as d, getFrpsSubdomainHost as e, getFrpsServerPort as f, getHyphaServerUrl$1 as g, getFrpsServerAddr as h, getHyphaServerUrl as i, hasCookieToken as j, RoutineRunner as k, getSkillsServer as l, getSkillsWorkspaceName as m, getSkillsCollectionName as n, fetchWithTimeout as o, parseFrontmatter as p, searchSkills as q, registerMachineService as r, startDaemon as s, SKILLS_DIR as t, getSkillInfo as u, downloadSkillFile as v, listSkillFiles as w, normalizeAllowedUser as x, loadSecurityContextConfig as y, resolveSecurityContext as z };

package/dist/{serveCommands-9D4WCoJR.mjs → serveCommands-Cw5hnh0B.mjs}

@@ -54,7 +54,7 @@ async function handleServeCommand() {
   }
 }
 async function serveAdd(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B75aXb6C.mjs');
+  const { connectAndGetMachine } = await import('./commands-Dj7Be8dw.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -93,7 +93,7 @@ async function serveAdd(args, machineId) {
   }
 }
 async function serveApply(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B75aXb6C.mjs');
+  const { connectAndGetMachine } = await import('./commands-Dj7Be8dw.mjs');
   const fs = await import('fs');
   const yaml = await import('yaml');
   const file = positionalArgs(args)[0];
@@ -182,7 +182,7 @@ async function serveApply(args, machineId) {
   }
 }
 async function serveRemove(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B75aXb6C.mjs');
+  const { connectAndGetMachine } = await import('./commands-Dj7Be8dw.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -202,7 +202,7 @@ async function serveRemove(args, machineId) {
   }
 }
 async function serveList(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B75aXb6C.mjs');
+  const { connectAndGetMachine } = await import('./commands-Dj7Be8dw.mjs');
   const all = hasFlag(args, "--all", "-a");
   const json = hasFlag(args, "--json");
   const sessionId = getFlag(args, "--session");
@@ -235,7 +235,7 @@ async function serveList(args, machineId) {
   }
 }
 async function serveInfo(machineId) {
-  const { connectAndGetMachine } = await import('./commands-B75aXb6C.mjs');
+  const { connectAndGetMachine } = await import('./commands-Dj7Be8dw.mjs');
   const { machine, server } = await connectAndGetMachine(machineId);
   try {
     const info = await machine.serveInfo();

package/dist/{serveManager-j2Z-hrHL.mjs → serveManager-BgnooFJZ.mjs}

@@ -4,7 +4,7 @@ import * as fs from 'fs';
 import * as http from 'http';
 import * as net from 'net';
 import * as path from 'path';
-import { i as getHyphaServerUrl, S as ServeAuth, j as hasCookieToken } from './run-MQKWgYFS.mjs';
+import { i as getHyphaServerUrl, S as ServeAuth, j as hasCookieToken } from './run-rWXfNd7e.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';
@@ -12,9 +12,9 @@ import 'node:fs';
 import 'util';
 import 'node:crypto';
 import 'node:path';
+import 'node:os';
 import 'node:child_process';
 import '@agentclientprotocol/sdk';
-import 'node:os';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';
 import '@modelcontextprotocol/sdk/types.js';
@@ -712,7 +712,7 @@ class ServeManager {
     const mount = this.mounts.get(mountName);
     const subdomainOverride = mount?.access === "link" && mount.linkToken ? /* @__PURE__ */ new Map([[this.port, `static-${subdomainSafe}-${mount.linkToken}`]]) : void 0;
     try {
-      const { FrpcTunnel } = await import('./frpc-D3LiH7GX.mjs');
+      const { FrpcTunnel } = await import('./frpc-BfBqHN33.mjs');
       let tunnel;
       tunnel = new FrpcTunnel({
         name: tunnelName,