diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
new file mode 100644
index 00000000..92856193
--- /dev/null
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,51 @@
+name: Docker
+
+on:
+ workflow_dispatch:
+ inputs:
+ extra_tag:
+ description: 'Additional tag to push alongside the template tag (e.g. v1.2.3, leave empty for none)'
+ required: false
+ type: string
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ template: [claude-code, codex, gemini]
+ steps:
+ - uses: actions/checkout@v6
+
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v3
+
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+
+ - name: Log in to Docker Hub
+ uses: docker/login-action@v3
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+ - name: Compute tags
+ id: tags
+ run: |
+ TAGS="docker.io/cloudcliai/sandbox:${{ matrix.template }}"
+ if [ -n "${{ inputs.extra_tag }}" ]; then
+ TAGS="$TAGS,docker.io/cloudcliai/sandbox:${{ matrix.template }}-${{ inputs.extra_tag }}"
+ fi
+ echo "tags=$TAGS" >> "$GITHUB_OUTPUT"
+
+ - name: Build and push
+ uses: docker/build-push-action@v6
+ with:
+ context: ./docker
+ file: ./docker/${{ matrix.template }}/Dockerfile
+ platforms: linux/amd64,linux/arm64
+ push: true
+ tags: ${{ steps.tags.outputs.tags }}
+ cache-from: type=gha,scope=${{ matrix.template }}
+ cache-to: type=gha,mode=max,scope=${{ matrix.template }}
diff --git a/.gitignore b/.gitignore
index e9d1b52a..e6b7985b 100755
--- a/.gitignore
+++ b/.gitignore
@@ -137,6 +137,8 @@ tasks/
!src/i18n/locales/ja/tasks.json
!src/i18n/locales/ru/tasks.json
!src/i18n/locales/de/tasks.json
+!src/i18n/locales/tr/tasks.json
+!src/i18n/locales/it/tasks.json
# Git worktrees
.worktrees/
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1f81abd9..6b169e53 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,59 @@
All notable changes to CloudCLI UI will be documented in this file.
+## [1.31.5](https://github.com/siteboon/claudecodeui/compare/v1.31.4...v1.31.5) (2026-04-30)
+
+### New Features
+
+* add auto mode to claude code ([3f71d49](https://github.com/siteboon/claudecodeui/commit/3f71d4932b05dfedcdf816e2a3d7d0cd69c4f566))
+
+## [1.31.4](https://github.com/siteboon/claudecodeui/compare/v1.31.3...v1.31.4) (2026-04-30)
+
+### Bug Fixes
+
+* bump codex sdk to latest version ([658421c](https://github.com/siteboon/claudecodeui/commit/658421c1c44ec4eb58b69ec7b1844a9fba11a3f3))
+
+## [1.31.3](https://github.com/siteboon/claudecodeui/compare/v1.31.2...v1.31.3) (2026-04-30)
+
+## [1.31.2](https://github.com/siteboon/claudecodeui/compare/v1.31.0...v1.31.2) (2026-04-30)
+
+### Bug Fixes
+
+* migrations for new sqlite schema ([0753c04](https://github.com/siteboon/claudecodeui/commit/0753c047837dab17b86ae4453027e30b465870f8))
+
+## [1.31.0](https://github.com/siteboon/claudecodeui/compare/v1.30.0...v1.31.0) (2026-04-30)
+
+### Bug Fixes
+
+* **/status:** use CLAUDE_MODELS.DEFAULT instead of stale 'claude-sonnet-4.5' fallback ([#723](https://github.com/siteboon/claudecodeui/issues/723)) ([b4a39c7](https://github.com/siteboon/claudecodeui/commit/b4a39c729710a6294c62eb742e99e05f3e3914e9))
+
+## [1.30.0](https://github.com/siteboon/claudecodeui/compare/v1.29.5...v1.30.0) (2026-04-21)
+
+### New Features
+
+* **i18n:** add Italian language support ([#677](https://github.com/siteboon/claudecodeui/issues/677)) ([86b6545](https://github.com/siteboon/claudecodeui/commit/86b6545c3505475ac2de0cec75cc8f86ab22aceb))
+* **i18n:** add Turkish (tr) language support ([#678](https://github.com/siteboon/claudecodeui/issues/678)) ([89b754d](https://github.com/siteboon/claudecodeui/commit/89b754d186b68f3df8aa439a2d535644406066f0)), closes [#384](https://github.com/siteboon/claudecodeui/issues/384) [#514](https://github.com/siteboon/claudecodeui/issues/514) [#525](https://github.com/siteboon/claudecodeui/issues/525) [#534](https://github.com/siteboon/claudecodeui/issues/534)
+* introduce opus 4.7 ([#682](https://github.com/siteboon/claudecodeui/issues/682)) ([c5e55ad](https://github.com/siteboon/claudecodeui/commit/c5e55adc89d0316675f90a927aa40d115958ae9f))
+
+### Bug Fixes
+
+* iOS scrolling main chat area ([3969135](https://github.com/siteboon/claudecodeui/commit/3969135bd427fbf48f29bb3dbfedb47791ca78dc))
+* migrate PlanDisplay raw params from native details to Collapsible primitive ([fc3504e](https://github.com/siteboon/claudecodeui/commit/fc3504eaed8ca7ed9214838d148ea385b8352c31))
+* precise Claude SDK denial message detection in deriveToolStatus ([09dcea0](https://github.com/siteboon/claudecodeui/commit/09dcea05fbc8c208d931aa1f08618f0e8087392f))
+* reduce size of permission mode button tap target and provider selector on mobile ([457ca0d](https://github.com/siteboon/claudecodeui/commit/457ca0daabcaa8397f4375ee8aa2671336b648ff))
+* small mobile respnosive fixes ([25820ed](https://github.com/siteboon/claudecodeui/commit/25820ed995c1b813b1f9ed073097b08eb1d902ec))
+* small mobile respnosive fixes ([c471b5d](https://github.com/siteboon/claudecodeui/commit/c471b5d3fa6ce1968adb4cf87a15ac0e18febd20))
+
+### Refactoring
+
+* add primitives, plan mode display, and new session model selector ([7763e60](https://github.com/siteboon/claudecodeui/commit/7763e60fb32e34742058c055c57664a503a34d1d))
+* chat composer new design ([5758bee](https://github.com/siteboon/claudecodeui/commit/5758bee8a038ed50073dba882108617959dda82c))
+* queue primitive, tool status badges, and tool display cleanup ([ec0ff97](https://github.com/siteboon/claudecodeui/commit/ec0ff974cba213a1100b2a071b8ba533e812fe82))
+
+### Maintenance
+
+* add docker sandbox action ([fa5a238](https://github.com/siteboon/claudecodeui/commit/fa5a23897c086bcacf1cf5d926c650f98a0f2222))
+
## [1.29.5](https://github.com/siteboon/claudecodeui/compare/v1.29.4...v1.29.5) (2026-04-16)
### Bug Fixes
diff --git a/README.de.md b/README.de.md
index 461f59a8..c98af089 100644
--- a/README.de.md
+++ b/README.de.md
@@ -15,7 +15,7 @@
-
+
---
diff --git a/README.ja.md b/README.ja.md
index a3c7d04b..b5dfdc80 100644
--- a/README.ja.md
+++ b/README.ja.md
@@ -15,7 +15,7 @@
-
+
---
diff --git a/README.ko.md b/README.ko.md
index f0c17471..b5cf5a98 100644
--- a/README.ko.md
+++ b/README.ko.md
@@ -15,7 +15,7 @@
-
+
---
diff --git a/README.md b/README.md
index b6f2cfb7..ae95b030 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@
-
+
---
@@ -164,7 +164,7 @@ CloudCLI has a plugin system that lets you add custom tabs with their own fronte
|---|---|
| **[Project Stats](https://github.com/cloudcli-ai/cloudcli-plugin-starter)** | Shows file counts, lines of code, file-type breakdown, largest files, and recently modified files for your current project |
| **[Web Terminal](https://github.com/cloudcli-ai/cloudcli-plugin-terminal)** | Full xterm.js terminal with multi-tab support|
-
+| **[CloudCLI Scheduler](https://github.com/grostim/cloudcli-cron)** | Create workspace-scoped scheduled prompts and execute them through a local CLI such as Codex, Claude Code, or Gemini CLI|
### Build Your Own
**[Plugin Starter Template →](https://github.com/cloudcli-ai/cloudcli-plugin-starter)** — fork this repo to create your own plugin. It includes a working example with frontend rendering, live context updates, and RPC communication to a backend server.
diff --git a/README.ru.md b/README.ru.md
index a5907b38..c197676a 100644
--- a/README.ru.md
+++ b/README.ru.md
@@ -15,7 +15,7 @@
-
+
---
diff --git a/README.tr.md b/README.tr.md
new file mode 100644
index 00000000..a0bcdf58
--- /dev/null
+++ b/README.tr.md
@@ -0,0 +1,252 @@
+
+
+
Cloud CLI (Claude Code UI olarak da bilinir)
+
Claude Code, Cursor CLI, Codex ve Gemini-CLI için masaüstü ve mobil arayüz.
Yerel ya da uzaktan kullanarak aktif projelerine ve oturumlarına her yerden erişebilirsin.
+
+ CloudCLI Cloud · Dokümantasyon · Discord · Sorun Bildir · Katkıda Bulun
+
+
+
+ 
+ 
+
+
+
+
+
+
+---
+
+## Ekran Görüntüleri
+
+
+
+
+
+
+Masaüstü Görünümü
+
+
+Proje genel bakışı ve sohbeti gösteren ana arayüz
+ |
+
+Mobil Deneyim
+
+
+Dokunma gezinmesiyle duyarlı mobil tasarım
+ |
+
+
+
+CLI Seçimi
+
+
+Claude Code, Gemini, Cursor CLI ve Codex arasında seçim yap
+ |
+
+
+
+
+
+
+
+
+*Araç Ayarları arayüzü — yalnızca ihtiyacın olanı etkinleştir*
+
+
+
+**Önerilen yaklaşım**: Temel araçlarla başla ve gerektikçe daha fazlasını ekle. Bu ayarları sonra her zaman değiştirebilirsin.
+
+---
+
+## Eklentiler
+
+CloudCLI, kendi frontend UI'sı ve isteğe bağlı Node.js arka ucu olan özel sekmeler eklemeni sağlayan bir eklenti sistemine sahiptir. Git depolarından eklentileri doğrudan **Ayarlar > Eklentiler**'den yükleyebilir veya kendi eklentini yazabilirsin.
+
+### Mevcut Eklentiler
+
+| Eklenti | Açıklama |
+|---|---|
+| **[Project Stats](https://github.com/cloudcli-ai/cloudcli-plugin-starter)** | Mevcut projen için dosya sayıları, kod satırları, dosya türü dağılımı, en büyük dosyalar ve son değiştirilen dosyaları gösterir |
+| **[Web Terminal](https://github.com/cloudcli-ai/cloudcli-plugin-terminal)** | Çoklu sekme destekli tam xterm.js terminali |
+
+### Kendi Eklentini Yaz
+
+**[Plugin Starter Şablonu →](https://github.com/cloudcli-ai/cloudcli-plugin-starter)** — kendi eklentini oluşturmak için bu repo'yu fork'la. Frontend render, canlı bağlam güncellemeleri ve arka uç sunucusuyla RPC iletişimi içeren çalışan bir örnek içerir.
+
+**[Plugin Dokümantasyonu →](https://cloudcli.ai/docs/plugin-overview)** — plugin API'sı, manifest formatı, güvenlik modeli ve daha fazlası için tam rehber.
+
+---
+## Sık Sorulan Sorular
+
+
+Bu Claude Code Remote Control'dan nasıl farklı?
+
+Claude Code Remote Control, yerel terminalinde zaten çalışan bir oturuma mesaj göndermeni sağlar. Makinen açık kalmak zorunda, terminalin açık kalmak zorunda ve ağ bağlantısı olmadan yaklaşık 10 dakika sonra oturumlar zaman aşımına uğrar.
+
+CloudCLI UI ve CloudCLI Cloud, Claude Code'un yanında değil içinde çalışır — MCP sunucuların, izinlerin, ayarların ve oturumların, Claude Code'un yerel olarak kullandığının birebir aynısıdır. Hiçbir şey çoğaltılmaz veya ayrı yönetilmez.
+
+Pratikte bu ne demek:
+
+- **Tek oturum değil, tüm oturumların** — CloudCLI UI, `~/.claude` klasöründeki her oturumu otomatik keşfeder. Remote Control yalnızca tek aktif oturumu Claude mobil uygulamasına açar.
+- **Ayarların sana ait** — UI'da değiştirdiğin MCP sunucuları, araç izinleri ve proje yapılandırması doğrudan Claude Code yapılandırmana yazılır ve anında etkili olur; tersi de geçerli.
+- **Daha fazla ajanla çalışır** — Sadece Claude Code değil; Cursor CLI, Codex ve Gemini CLI de.
+- **Sadece sohbet penceresi değil, tam UI** — dosya gezgini, Git entegrasyonu, MCP yönetimi ve shell terminali hepsi yerleşik.
+- **CloudCLI Cloud bulutta çalışır** — laptop'unu kapat, ajan çalışmaya devam eder. Beklemen gereken terminal yok, uyanık tutman gereken makine yok.
+
+
+
+
+AI aboneliği için ayrıca ödeme yapmam gerekiyor mu?
+
+Evet. CloudCLI AI'yi değil, ortamı sağlar. Kendi Claude, Cursor, Codex veya Gemini aboneliğini getirirsin. CloudCLI Cloud, barındırılan ortam için aylık 7 $'dan başlar — bunun üzerine eklenir.
+
+
+
+
+CloudCLI UI'yi telefonumda kullanabilir miyim?
+
+Evet. Kendin barındırdığında, sunucuyu makinende çalıştır ve ağındaki herhangi bir tarayıcıda `[yourip]:port` adresini aç. CloudCLI Cloud için, herhangi bir cihazdan aç — VPN yok, port yönlendirme yok, kurulum yok. Native bir uygulama da hazırlanıyor.
+
+
+
+
+UI'da yaptığım değişiklikler yerel Claude Code kurulumumu etkiler mi?
+
+Evet, kendin barındırdığında. CloudCLI UI, Claude Code'un yerel olarak kullandığı aynı `~/.claude` yapılandırmasından okur ve ona yazar. UI üzerinden eklediğin MCP sunucuları Claude Code'da anında görünür; tersi de geçerli.
+
+
+
+---
+
+## Topluluk ve Destek
+
+- **[Dokümantasyon](https://cloudcli.ai/docs)** — kurulum, yapılandırma, özellikler ve sorun giderme
+- **[Discord](https://discord.gg/buxwujPNRE)** — yardım al ve diğer kullanıcılarla tanış
+- **[GitHub Issues](https://github.com/siteboon/claudecodeui/issues)** — hata raporları ve özellik istekleri
+- **[Katkı Rehberi](CONTRIBUTING.md)** — projeye nasıl katkıda bulunulur
+
+## Lisans
+
+GNU Affero General Public License v3.0 veya sonrası (AGPL-3.0-or-later) — tam metin ve Bölüm 7 altındaki ek şartlar için [LICENSE](LICENSE) dosyasına bak.
+
+Bu proje açık kaynaklıdır ve AGPL-3.0-or-later lisansı altında özgürce kullanılabilir, değiştirilebilir ve dağıtılabilir. Bu yazılımı değiştirir ve bir ağ servisi olarak çalıştırırsan, değiştirilmiş kaynak kodunu o servisin kullanıcılarına sunmak zorundasın.
+
+CloudCLI UI — (https://cloudcli.ai).
+
+## Teşekkürler
+
+### Kullanılan Teknolojiler
+- **[Claude Code](https://docs.anthropic.com/en/docs/claude-code)** — Anthropic'in resmi CLI'ı
+- **[Cursor CLI](https://docs.cursor.com/en/cli/overview)** — Cursor'un resmi CLI'ı
+- **[Codex](https://developers.openai.com/codex)** — OpenAI Codex
+- **[Gemini-CLI](https://geminicli.com/)** — Google Gemini CLI
+- **[React](https://react.dev/)** — Kullanıcı arayüzü kütüphanesi
+- **[Vite](https://vitejs.dev/)** — Hızlı derleme aracı ve geliştirme sunucusu
+- **[Tailwind CSS](https://tailwindcss.com/)** — Utility-first CSS framework
+- **[CodeMirror](https://codemirror.net/)** — Gelişmiş kod editörü
+- **[TaskMaster AI](https://github.com/eyaltoledano/claude-task-master)** *(İsteğe Bağlı)* — AI destekli proje yönetimi ve görev planlama
+
+
+### Sponsorlar
+- [Siteboon — AI destekli web sitesi oluşturucu](https://siteboon.ai)
+---
+
+
+ Claude Code, Cursor ve Codex topluluğu için özenle yapıldı.
+
diff --git a/README.zh-CN.md b/README.zh-CN.md
index daf9a1a9..3e6ced3f 100644
--- a/README.zh-CN.md
+++ b/README.zh-CN.md
@@ -15,7 +15,7 @@
-
+
---
diff --git a/eslint.config.js b/eslint.config.js
index 3ef25d92..6419a9fd 100644
--- a/eslint.config.js
+++ b/eslint.config.js
@@ -148,9 +148,26 @@ export default tseslint.config(
],
"boundaries/elements": [
{
- type: "backend-shared-types", // shared backend type contract that modules may consume without creating runtime coupling
- pattern: ["server/shared/types.{js,ts}"], // support the current shared types path
- mode: "file", // treat the types file itself as the boundary element instead of the whole folder
+ type: "backend-shared-type-contract", // shared backend type/interface contracts that modules may consume without creating runtime coupling
+ pattern: [
+ "server/shared/types.{js,ts}",
+ "server/shared/interfaces.{js,ts}",
+ ], // keep backend modules on explicit shared contract files for erased imports only
+ mode: "file", // treat each shared contract file itself as the boundary element instead of the whole folder
+ },
+ {
+ type: "backend-shared-utils", // shared backend runtime helpers that modules may import directly
+ pattern: ["server/shared/utils.{js,ts}"], // classify the shared utils file so modules can depend on it explicitly
+ mode: "file",
+ },
+ {
+ type: "backend-legacy-runtime", // legacy runtime persistence modules used while providers migrate into server/modules
+ pattern: [
+ "server/projects.js",
+ "server/sessionManager.js",
+ "server/utils/runtime-paths.js",
+ ], // provider history loading still resolves session data through these legacy runtime files
+ mode: "file",
},
{
type: "backend-module", // logical element name used by boundaries rules below
@@ -196,13 +213,13 @@ export default tseslint.config(
checkInternals: false, // do not apply these cross-module rules to imports inside the same module
rules: [
{
- from: { type: "backend-module" }, // modules may depend on the shared types contract only as erased type-only imports
- to: { type: "backend-shared-types" },
+ from: { type: "backend-module" }, // modules may depend on shared type/interface contracts only as erased type-only imports
+ to: { type: "backend-shared-type-contract" },
disallow: {
dependency: { kind: ["value", "typeof"] },
- }, // block runtime imports so shared types stay a compile-time contract instead of a hidden shared module
+ }, // block runtime imports so shared contracts stay compile-time only instead of becoming hidden shared modules
message:
- "Backend modules may only use `import type` when importing from server/shared/types.ts (or server/types.ts).",
+ "Backend modules may only use `import type` when importing from server/shared/types.ts or server/shared/interfaces.ts.",
},
{
to: { type: "backend-module" }, // when importing anything that belongs to another backend module
diff --git a/package-lock.json b/package-lock.json
index 7ea371ab..12985a52 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,16 +1,16 @@
{
"name": "@cloudcli-ai/cloudcli",
- "version": "1.29.5",
+ "version": "1.31.5",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@cloudcli-ai/cloudcli",
- "version": "1.29.5",
+ "version": "1.31.5",
"hasInstallScript": true,
"license": "AGPL-3.0-or-later",
"dependencies": {
- "@anthropic-ai/claude-agent-sdk": "^0.2.59",
+ "@anthropic-ai/claude-agent-sdk": "^0.2.116",
"@codemirror/lang-css": "^6.3.1",
"@codemirror/lang-html": "^6.4.9",
"@codemirror/lang-javascript": "^6.2.4",
@@ -21,10 +21,11 @@
"@codemirror/theme-one-dark": "^6.1.2",
"@iarna/toml": "^2.2.5",
"@octokit/rest": "^22.0.0",
- "@openai/codex-sdk": "^0.101.0",
+ "@openai/codex-sdk": "^0.125.0",
"@replit/codemirror-minimap": "^0.5.2",
"@tailwindcss/typography": "^0.5.16",
"@uiw/react-codemirror": "^4.23.13",
+ "@vscode/ripgrep": "^1.17.1",
"@xterm/addon-clipboard": "^0.1.0",
"@xterm/addon-fit": "^0.10.0",
"@xterm/addon-web-links": "^0.11.0",
@@ -35,6 +36,7 @@
"chokidar": "^4.0.3",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
+ "cmdk": "^1.1.1",
"cors": "^2.8.5",
"cross-spawn": "^7.0.3",
"express": "^4.18.2",
@@ -74,9 +76,13 @@
"@commitlint/config-conventional": "^20.5.0",
"@eslint/js": "^9.39.3",
"@release-it/conventional-changelog": "^10.0.5",
+ "@types/better-sqlite3": "^7.6.13",
+ "@types/cross-spawn": "^6.0.6",
+ "@types/express": "^5.0.6",
"@types/node": "^22.19.7",
"@types/react": "^18.2.43",
"@types/react-dom": "^18.2.17",
+ "@types/ws": "^8.18.1",
"@vitejs/plugin-react": "^4.6.0",
"auto-changelog": "^2.5.0",
"autoprefixer": "^10.4.16",
@@ -132,28 +138,155 @@
}
},
"node_modules/@anthropic-ai/claude-agent-sdk": {
- "version": "0.2.59",
- "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk/-/claude-agent-sdk-0.2.59.tgz",
- "integrity": "sha512-xPOUZZimZI5ChaO791olWGXqaRvCwOfj9/1micu42EL9czdcwiDm0WK1OGsqb2mZ7LSCoYWBB0ZHVKOxehemDA==",
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk/-/claude-agent-sdk-0.2.116.tgz",
+ "integrity": "sha512-5NKpgaOZkzNCGCvLxJZUVGimf5IcYmpQ2x2XrR9ilK+2UkWrnnwcUfIWo8bBz9e7lSYcUf9XleGigq2eOOF7aw==",
"license": "SEE LICENSE IN README.md",
+ "dependencies": {
+ "@anthropic-ai/sdk": "^0.81.0",
+ "@modelcontextprotocol/sdk": "^1.29.0"
+ },
"engines": {
"node": ">=18.0.0"
},
"optionalDependencies": {
- "@img/sharp-darwin-arm64": "^0.34.2",
- "@img/sharp-darwin-x64": "^0.34.2",
- "@img/sharp-linux-arm": "^0.34.2",
- "@img/sharp-linux-arm64": "^0.34.2",
- "@img/sharp-linux-x64": "^0.34.2",
- "@img/sharp-linuxmusl-arm64": "^0.34.2",
- "@img/sharp-linuxmusl-x64": "^0.34.2",
- "@img/sharp-win32-arm64": "^0.34.2",
- "@img/sharp-win32-x64": "^0.34.2"
+ "@anthropic-ai/claude-agent-sdk-darwin-arm64": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-darwin-x64": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-linux-arm64": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-linux-arm64-musl": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-linux-x64": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-linux-x64-musl": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-win32-arm64": "0.2.116",
+ "@anthropic-ai/claude-agent-sdk-win32-x64": "0.2.116"
},
"peerDependencies": {
"zod": "^4.0.0"
}
},
+ "node_modules/@anthropic-ai/claude-agent-sdk-darwin-arm64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-darwin-arm64/-/claude-agent-sdk-darwin-arm64-0.2.116.tgz",
+ "integrity": "sha512-mG19ovtXCpETmd5KmTU1JO2iIHZBG09IP8DmgZjLA3wLmTzpgn9Au9veRaeJeXb1EqiHiFZU+z+mNB79+w5v9g==",
+ "cpu": [
+ "arm64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "darwin"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-darwin-x64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-darwin-x64/-/claude-agent-sdk-darwin-x64-0.2.116.tgz",
+ "integrity": "sha512-qC25N0HRM8IXbM4Qi4svH9f51Y6DciDvjLV+oNYnxkdPgDG8p/+b7vQirN7qPxytIQb2TPdoFgUeCsSe7lrQyw==",
+ "cpu": [
+ "x64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "darwin"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-linux-arm64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-linux-arm64/-/claude-agent-sdk-linux-arm64-0.2.116.tgz",
+ "integrity": "sha512-MQIcJhhPM+RPJ7kMQdOQarkJ2FlJqOiu953c08YyJOoWdHykd3DIiHws3mf1Mwl/dfFeIyshOVpNND3hyIy5Dg==",
+ "cpu": [
+ "arm64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-linux-arm64-musl": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-linux-arm64-musl/-/claude-agent-sdk-linux-arm64-musl-0.2.116.tgz",
+ "integrity": "sha512-Dg/T3NkSp35ODiwdhj0KquvC6Xu+DMbyWFNkfepA3bz4oF2SVSgyOPYwVmfoJerzEUnYDldP4YhOxRrhbt0vXA==",
+ "cpu": [
+ "arm64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-linux-x64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-linux-x64/-/claude-agent-sdk-linux-x64-0.2.116.tgz",
+ "integrity": "sha512-Bww1fzQB+vcF0tRhmCAlwSsN4wR2HgX7pBT9AWuwzJj6DKsVC23N54Ea80lsnM7dTUtUTrGYMTwVUHTWqfYnfQ==",
+ "cpu": [
+ "x64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-linux-x64-musl": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-linux-x64-musl/-/claude-agent-sdk-linux-x64-musl-0.2.116.tgz",
+ "integrity": "sha512-LMYxUMa1nK4N9BPRJdcGBAvl9rjTI4ZHo+kfAKrJ3MlfB6VFF1tRIubwsWOaOtkuNazMdAYovsZJg4bdzOBBTQ==",
+ "cpu": [
+ "x64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-win32-arm64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-win32-arm64/-/claude-agent-sdk-win32-arm64-0.2.116.tgz",
+ "integrity": "sha512-h0YO1vkTIeUtffQhONrYbNC1pXmk1yjb1xxMEw7bAwucqtFoFpLDWe+q4+RhxaQr8ZOj6LtRE/U3dzPWHOlshA==",
+ "cpu": [
+ "arm64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "win32"
+ ]
+ },
+ "node_modules/@anthropic-ai/claude-agent-sdk-win32-x64": {
+ "version": "0.2.116",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/claude-agent-sdk-win32-x64/-/claude-agent-sdk-win32-x64-0.2.116.tgz",
+ "integrity": "sha512-3lllmtDFHgpW0ZM3iNvxsEjblrgRzF9Qm1lxTOtunP3hIn+pA/IkWMtKlN1ixxWiaBguLVQkJ90V6JHsvJJIvw==",
+ "cpu": [
+ "x64"
+ ],
+ "license": "SEE LICENSE IN LICENSE.md",
+ "optional": true,
+ "os": [
+ "win32"
+ ]
+ },
+ "node_modules/@anthropic-ai/sdk": {
+ "version": "0.81.0",
+ "resolved": "https://registry.npmjs.org/@anthropic-ai/sdk/-/sdk-0.81.0.tgz",
+ "integrity": "sha512-D4K5PvEV6wPiRtVlVsJHIUhHAmOZ6IT/I9rKlTf84gR7GyyAurPJK7z9BOf/AZqC5d1DhYQGJNKRmV+q8dGhgw==",
+ "license": "MIT",
+ "dependencies": {
+ "json-schema-to-ts": "^3.1.1"
+ },
+ "bin": {
+ "anthropic-ai-sdk": "bin/cli"
+ },
+ "peerDependencies": {
+ "zod": "^3.25.0 || ^4.0.0"
+ },
+ "peerDependenciesMeta": {
+ "zod": {
+ "optional": true
+ }
+ }
+ },
"node_modules/@babel/code-frame": {
"version": "7.27.1",
"resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz",
@@ -1698,6 +1831,18 @@
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
}
},
+ "node_modules/@hono/node-server": {
+ "version": "1.19.14",
+ "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.14.tgz",
+ "integrity": "sha512-GwtvgtXxnWsucXvbQXkRgqksiH2Qed37H9xHZocE5sA3N8O8O8/8FA3uclQXxXVzc9XBZuEOMK7+r02FmSpHtw==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=18.14.1"
+ },
+ "peerDependencies": {
+ "hono": "^4"
+ }
+ },
"node_modules/@humanfs/core": {
"version": "0.19.1",
"resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz",
@@ -1756,114 +1901,6 @@
"integrity": "sha512-trnsAYxU3xnS1gPHPyU961coFyLkh4gAD/0zQ5mymY4yOZ+CYvsPqUbOFSw0aDM4y0tV7tiFxL/1XfXPNC6IPg==",
"license": "ISC"
},
- "node_modules/@img/sharp-darwin-arm64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.34.5.tgz",
- "integrity": "sha512-imtQ3WMJXbMY4fxb/Ndp6HBTNVtWCUI0WdobyheGf5+ad6xX8VIDO8u2xE4qc/fr08CKG/7dDseFtn6M6g/r3w==",
- "cpu": [
- "arm64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "darwin"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-darwin-arm64": "1.2.4"
- }
- },
- "node_modules/@img/sharp-darwin-x64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.34.5.tgz",
- "integrity": "sha512-YNEFAF/4KQ/PeW0N+r+aVVsoIY0/qxxikF2SWdp+NRkmMB7y9LBZAVqQ4yhGCm/H3H270OSykqmQMKLBhBJDEw==",
- "cpu": [
- "x64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "darwin"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-darwin-x64": "1.2.4"
- }
- },
- "node_modules/@img/sharp-libvips-darwin-arm64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.2.4.tgz",
- "integrity": "sha512-zqjjo7RatFfFoP0MkQ51jfuFZBnVE2pRiaydKJ1G/rHZvnsrHAOcQALIi9sA5co5xenQdTugCvtb1cuf78Vf4g==",
- "cpu": [
- "arm64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "darwin"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-libvips-darwin-x64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.2.4.tgz",
- "integrity": "sha512-1IOd5xfVhlGwX+zXv2N93k0yMONvUlANylbJw1eTah8K/Jtpi15KC+WSiaX/nBmbm2HxRM1gZ0nSdjSsrZbGKg==",
- "cpu": [
- "x64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "darwin"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-libvips-linux-arm": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.2.4.tgz",
- "integrity": "sha512-bFI7xcKFELdiNCVov8e44Ia4u2byA+l3XtsAj+Q8tfCwO6BQ8iDojYdvoPMqsKDkuoOo+X6HZA0s0q11ANMQ8A==",
- "cpu": [
- "arm"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "linux"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-libvips-linux-arm64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.2.4.tgz",
- "integrity": "sha512-excjX8DfsIcJ10x1Kzr4RcWe1edC9PquDRRPx3YVCvQv+U5p7Yin2s32ftzikXojb1PIFc/9Mt28/y+iRklkrw==",
- "cpu": [
- "arm64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "linux"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
"node_modules/@img/sharp-libvips-linux-ppc64": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-ppc64/-/sharp-libvips-linux-ppc64-1.2.0.tgz",
@@ -1898,98 +1935,6 @@
"url": "https://opencollective.com/libvips"
}
},
- "node_modules/@img/sharp-libvips-linux-x64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.2.4.tgz",
- "integrity": "sha512-tJxiiLsmHc9Ax1bz3oaOYBURTXGIRDODBqhveVHonrHJ9/+k89qbLl0bcJns+e4t4rvaNBxaEZsFtSfAdquPrw==",
- "cpu": [
- "x64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "linux"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-libvips-linuxmusl-arm64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-arm64/-/sharp-libvips-linuxmusl-arm64-1.2.4.tgz",
- "integrity": "sha512-FVQHuwx1IIuNow9QAbYUzJ+En8KcVm9Lk5+uGUQJHaZmMECZmOlix9HnH7n1TRkXMS0pGxIJokIVB9SuqZGGXw==",
- "cpu": [
- "arm64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "linux"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-libvips-linuxmusl-x64": {
- "version": "1.2.4",
- "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-x64/-/sharp-libvips-linuxmusl-x64-1.2.4.tgz",
- "integrity": "sha512-+LpyBk7L44ZIXwz/VYfglaX/okxezESc6UxDSoyo2Ks6Jxc4Y7sGjpgU9s4PMgqgjj1gZCylTieNamqA1MF7Dg==",
- "cpu": [
- "x64"
- ],
- "license": "LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "linux"
- ],
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
- "node_modules/@img/sharp-linux-arm": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.34.5.tgz",
- "integrity": "sha512-9dLqsvwtg1uuXBGZKsxem9595+ujv0sJ6Vi8wcTANSFpwV/GONat5eCkzQo/1O6zRIkh0m/8+5BjrRr7jDUSZw==",
- "cpu": [
- "arm"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "linux"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-linux-arm": "1.2.4"
- }
- },
- "node_modules/@img/sharp-linux-arm64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.34.5.tgz",
- "integrity": "sha512-bKQzaJRY/bkPOXyKx5EVup7qkaojECG6NLYswgktOZjaXecSAeCWiZwwiFf3/Y+O1HrauiE3FVsGxFg8c24rZg==",
- "cpu": [
- "arm64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "linux"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-linux-arm64": "1.2.4"
- }
- },
"node_modules/@img/sharp-linux-ppc64": {
"version": "0.34.3",
"resolved": "https://registry.npmjs.org/@img/sharp-linux-ppc64/-/sharp-linux-ppc64-0.34.3.tgz",
@@ -2036,72 +1981,6 @@
"@img/sharp-libvips-linux-s390x": "1.2.0"
}
},
- "node_modules/@img/sharp-linux-x64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.34.5.tgz",
- "integrity": "sha512-MEzd8HPKxVxVenwAa+JRPwEC7QFjoPWuS5NZnBt6B3pu7EG2Ge0id1oLHZpPJdn3OQK+BQDiw9zStiHBTJQQQQ==",
- "cpu": [
- "x64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "linux"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-linux-x64": "1.2.4"
- }
- },
- "node_modules/@img/sharp-linuxmusl-arm64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-arm64/-/sharp-linuxmusl-arm64-0.34.5.tgz",
- "integrity": "sha512-fprJR6GtRsMt6Kyfq44IsChVZeGN97gTD331weR1ex1c1rypDEABN6Tm2xa1wE6lYb5DdEnk03NZPqA7Id21yg==",
- "cpu": [
- "arm64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "linux"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-linuxmusl-arm64": "1.2.4"
- }
- },
- "node_modules/@img/sharp-linuxmusl-x64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-x64/-/sharp-linuxmusl-x64-0.34.5.tgz",
- "integrity": "sha512-Jg8wNT1MUzIvhBFxViqrEhWDGzqymo3sV7z7ZsaWbZNDLXRJZoRGrjulp60YYtV4wfY8VIKcWidjojlLcWrd8Q==",
- "cpu": [
- "x64"
- ],
- "license": "Apache-2.0",
- "optional": true,
- "os": [
- "linux"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- },
- "optionalDependencies": {
- "@img/sharp-libvips-linuxmusl-x64": "1.2.4"
- }
- },
"node_modules/@img/sharp-wasm32": {
"version": "0.34.3",
"resolved": "https://registry.npmjs.org/@img/sharp-wasm32/-/sharp-wasm32-0.34.3.tgz",
@@ -2122,25 +2001,6 @@
"url": "https://opencollective.com/libvips"
}
},
- "node_modules/@img/sharp-win32-arm64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-win32-arm64/-/sharp-win32-arm64-0.34.5.tgz",
- "integrity": "sha512-WQ3AgWCWYSb2yt+IG8mnC6Jdk9Whs7O0gxphblsLvdhSpSTtmu69ZG1Gkb6NuvxsNACwiPV6cNSZNzt0KPsw7g==",
- "cpu": [
- "arm64"
- ],
- "license": "Apache-2.0 AND LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "win32"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
"node_modules/@img/sharp-win32-ia32": {
"version": "0.34.3",
"resolved": "https://registry.npmjs.org/@img/sharp-win32-ia32/-/sharp-win32-ia32-0.34.3.tgz",
@@ -2161,25 +2021,6 @@
"url": "https://opencollective.com/libvips"
}
},
- "node_modules/@img/sharp-win32-x64": {
- "version": "0.34.5",
- "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.34.5.tgz",
- "integrity": "sha512-+29YMsqY2/9eFEiW93eqWnuLcWcufowXewwSNIT6UwZdUUCrM3oFjMWH/Z6/TMmb4hlFenmfAVbpWeup2jryCw==",
- "cpu": [
- "x64"
- ],
- "license": "Apache-2.0 AND LGPL-3.0-or-later",
- "optional": true,
- "os": [
- "win32"
- ],
- "engines": {
- "node": "^18.17.0 || ^20.3.0 || >=21.0.0"
- },
- "funding": {
- "url": "https://opencollective.com/libvips"
- }
- },
"node_modules/@inquirer/ansi": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/@inquirer/ansi/-/ansi-1.0.0.tgz",
@@ -2754,6 +2595,380 @@
"integrity": "sha512-l0h88YhZFyKdXIFNfSWpyjStDjGHwZ/U7iobcK1cQQD8sejsONdQtTVU+1wVN1PBw40PiiHB1vA5S7VTfQiP9g==",
"license": "MIT"
},
+ "node_modules/@modelcontextprotocol/sdk": {
+ "version": "1.29.0",
+ "resolved": "https://registry.npmjs.org/@modelcontextprotocol/sdk/-/sdk-1.29.0.tgz",
+ "integrity": "sha512-zo37mZA9hJWpULgkRpowewez1y6ML5GsXJPY8FI0tBBCd77HEvza4jDqRKOXgHNn867PVGCyTdzqpz0izu5ZjQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@hono/node-server": "^1.19.9",
+ "ajv": "^8.17.1",
+ "ajv-formats": "^3.0.1",
+ "content-type": "^1.0.5",
+ "cors": "^2.8.5",
+ "cross-spawn": "^7.0.5",
+ "eventsource": "^3.0.2",
+ "eventsource-parser": "^3.0.0",
+ "express": "^5.2.1",
+ "express-rate-limit": "^8.2.1",
+ "hono": "^4.11.4",
+ "jose": "^6.1.3",
+ "json-schema-typed": "^8.0.2",
+ "pkce-challenge": "^5.0.0",
+ "raw-body": "^3.0.0",
+ "zod": "^3.25 || ^4.0",
+ "zod-to-json-schema": "^3.25.1"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "peerDependencies": {
+ "@cfworker/json-schema": "^4.1.1",
+ "zod": "^3.25 || ^4.0"
+ },
+ "peerDependenciesMeta": {
+ "@cfworker/json-schema": {
+ "optional": true
+ },
+ "zod": {
+ "optional": false
+ }
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/accepts": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/accepts/-/accepts-2.0.0.tgz",
+ "integrity": "sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==",
+ "license": "MIT",
+ "dependencies": {
+ "mime-types": "^3.0.0",
+ "negotiator": "^1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.6"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/ajv": {
+ "version": "8.18.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz",
+ "integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==",
+ "license": "MIT",
+ "dependencies": {
+ "fast-deep-equal": "^3.1.3",
+ "fast-uri": "^3.0.1",
+ "json-schema-traverse": "^1.0.0",
+ "require-from-string": "^2.0.2"
+ },
+ "funding": {
+ "type": "github",
+ "url": "https://github.com/sponsors/epoberezkin"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/body-parser": {
+ "version": "2.2.2",
+ "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.2.tgz",
+ "integrity": "sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA==",
+ "license": "MIT",
+ "dependencies": {
+ "bytes": "^3.1.2",
+ "content-type": "^1.0.5",
+ "debug": "^4.4.3",
+ "http-errors": "^2.0.0",
+ "iconv-lite": "^0.7.0",
+ "on-finished": "^2.4.1",
+ "qs": "^6.14.1",
+ "raw-body": "^3.0.1",
+ "type-is": "^2.0.1"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/content-disposition": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-1.1.0.tgz",
+ "integrity": "sha512-5jRCH9Z/+DRP7rkvY83B+yGIGX96OYdJmzngqnw2SBSxqCFPd0w2km3s5iawpGX8krnwSGmF0FW5Nhr0Hfai3g==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/cookie-signature": {
+ "version": "1.2.2",
+ "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.2.2.tgz",
+ "integrity": "sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=6.6.0"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/express": {
+ "version": "5.2.1",
+ "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz",
+ "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==",
+ "license": "MIT",
+ "dependencies": {
+ "accepts": "^2.0.0",
+ "body-parser": "^2.2.1",
+ "content-disposition": "^1.0.0",
+ "content-type": "^1.0.5",
+ "cookie": "^0.7.1",
+ "cookie-signature": "^1.2.1",
+ "debug": "^4.4.0",
+ "depd": "^2.0.0",
+ "encodeurl": "^2.0.0",
+ "escape-html": "^1.0.3",
+ "etag": "^1.8.1",
+ "finalhandler": "^2.1.0",
+ "fresh": "^2.0.0",
+ "http-errors": "^2.0.0",
+ "merge-descriptors": "^2.0.0",
+ "mime-types": "^3.0.0",
+ "on-finished": "^2.4.1",
+ "once": "^1.4.0",
+ "parseurl": "^1.3.3",
+ "proxy-addr": "^2.0.7",
+ "qs": "^6.14.0",
+ "range-parser": "^1.2.1",
+ "router": "^2.2.0",
+ "send": "^1.1.0",
+ "serve-static": "^2.2.0",
+ "statuses": "^2.0.1",
+ "type-is": "^2.0.1",
+ "vary": "^1.1.2"
+ },
+ "engines": {
+ "node": ">= 18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/finalhandler": {
+ "version": "2.1.1",
+ "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-2.1.1.tgz",
+ "integrity": "sha512-S8KoZgRZN+a5rNwqTxlZZePjT/4cnm0ROV70LedRHZ0p8u9fRID0hJUZQpkKLzro8LfmC8sx23bY6tVNxv8pQA==",
+ "license": "MIT",
+ "dependencies": {
+ "debug": "^4.4.0",
+ "encodeurl": "^2.0.0",
+ "escape-html": "^1.0.3",
+ "on-finished": "^2.4.1",
+ "parseurl": "^1.3.3",
+ "statuses": "^2.0.1"
+ },
+ "engines": {
+ "node": ">= 18.0.0"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/fresh": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/fresh/-/fresh-2.0.0.tgz",
+ "integrity": "sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A==",
+ "license": "MIT",
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/http-errors": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+ "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+ "license": "MIT",
+ "dependencies": {
+ "depd": "~2.0.0",
+ "inherits": "~2.0.4",
+ "setprototypeof": "~1.2.0",
+ "statuses": "~2.0.2",
+ "toidentifier": "~1.0.1"
+ },
+ "engines": {
+ "node": ">= 0.8"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/iconv-lite": {
+ "version": "0.7.2",
+ "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.2.tgz",
+ "integrity": "sha512-im9DjEDQ55s9fL4EYzOAv0yMqmMBSZp6G0VvFyTMPKWxiSBHUj9NW/qqLmXUwXrrM7AvqSlTCfvqRb0cM8yYqw==",
+ "license": "MIT",
+ "dependencies": {
+ "safer-buffer": ">= 2.1.2 < 3.0.0"
+ },
+ "engines": {
+ "node": ">=0.10.0"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/json-schema-traverse": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
+ "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
+ "license": "MIT"
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/media-typer": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-1.1.0.tgz",
+ "integrity": "sha512-aisnrDP4GNe06UcKFnV5bfMNPBUw4jsLGaWwWfnH3v02GnBuXX2MCVn5RbrWo0j3pczUilYblq7fQ7Nw2t5XKw==",
+ "license": "MIT",
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/merge-descriptors": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-2.0.0.tgz",
+ "integrity": "sha512-Snk314V5ayFLhp3fkUREub6WtjBfPdCPY1Ln8/8munuLuiYhsABgBVWsozAG+MWMbVEvcdcpbi9R7ww22l9Q3g==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/sindresorhus"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/mime-types": {
+ "version": "3.0.2",
+ "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.2.tgz",
+ "integrity": "sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A==",
+ "license": "MIT",
+ "dependencies": {
+ "mime-db": "^1.54.0"
+ },
+ "engines": {
+ "node": ">=18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/negotiator": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz",
+ "integrity": "sha512-8Ofs/AUQh8MaEcrlq5xOX0CQ9ypTF5dl78mjlMNfOK08fzpgTHQRQPBxcPlEtIw0yRpws+Zo/3r+5WRby7u3Gg==",
+ "license": "MIT",
+ "engines": {
+ "node": ">= 0.6"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/qs": {
+ "version": "6.15.1",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
+ "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
+ "license": "BSD-3-Clause",
+ "dependencies": {
+ "side-channel": "^1.1.0"
+ },
+ "engines": {
+ "node": ">=0.6"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/ljharb"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/raw-body": {
+ "version": "3.0.2",
+ "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.2.tgz",
+ "integrity": "sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==",
+ "license": "MIT",
+ "dependencies": {
+ "bytes": "~3.1.2",
+ "http-errors": "~2.0.1",
+ "iconv-lite": "~0.7.0",
+ "unpipe": "~1.0.0"
+ },
+ "engines": {
+ "node": ">= 0.10"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/send": {
+ "version": "1.2.1",
+ "resolved": "https://registry.npmjs.org/send/-/send-1.2.1.tgz",
+ "integrity": "sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ==",
+ "license": "MIT",
+ "dependencies": {
+ "debug": "^4.4.3",
+ "encodeurl": "^2.0.0",
+ "escape-html": "^1.0.3",
+ "etag": "^1.8.1",
+ "fresh": "^2.0.0",
+ "http-errors": "^2.0.1",
+ "mime-types": "^3.0.2",
+ "ms": "^2.1.3",
+ "on-finished": "^2.4.1",
+ "range-parser": "^1.2.1",
+ "statuses": "^2.0.2"
+ },
+ "engines": {
+ "node": ">= 18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/serve-static": {
+ "version": "2.2.1",
+ "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-2.2.1.tgz",
+ "integrity": "sha512-xRXBn0pPqQTVQiC8wyQrKs2MOlX24zQ0POGaj0kultvoOCstBQM5yvOhAVSUwOMjQtTvsPWoNCHfPGwaaQJhTw==",
+ "license": "MIT",
+ "dependencies": {
+ "encodeurl": "^2.0.0",
+ "escape-html": "^1.0.3",
+ "parseurl": "^1.3.3",
+ "send": "^1.2.0"
+ },
+ "engines": {
+ "node": ">= 18"
+ },
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/statuses": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+ "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+ "license": "MIT",
+ "engines": {
+ "node": ">= 0.8"
+ }
+ },
+ "node_modules/@modelcontextprotocol/sdk/node_modules/type-is": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/type-is/-/type-is-2.0.1.tgz",
+ "integrity": "sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==",
+ "license": "MIT",
+ "dependencies": {
+ "content-type": "^1.0.5",
+ "media-typer": "^1.1.0",
+ "mime-types": "^3.0.0"
+ },
+ "engines": {
+ "node": ">= 0.6"
+ }
+ },
"node_modules/@napi-rs/wasm-runtime": {
"version": "0.2.12",
"resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-0.2.12.tgz",
@@ -3092,9 +3307,9 @@
}
},
"node_modules/@openai/codex": {
- "version": "0.101.0",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0.tgz",
- "integrity": "sha512-H874q5K5I3chrT588BaddMr7GNvRYypc8C1MKWytNUF2PgxWMko2g/2DgKbt5OdajZKMsWdbsPywu34KQGf5Qw==",
+ "version": "0.125.0",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0.tgz",
+ "integrity": "sha512-GiE9wlgL95u/5BRirY5d3EaRLU1tu7Y1R09R8lCHHVmcQdSmhS809FdPDWH3gIYHS7ZriAPqXwJ3aLA0WKl40Q==",
"license": "Apache-2.0",
"bin": {
"codex": "bin/codex.js"
@@ -3103,19 +3318,19 @@
"node": ">=16"
},
"optionalDependencies": {
- "@openai/codex-darwin-arm64": "npm:@openai/codex@0.101.0-darwin-arm64",
- "@openai/codex-darwin-x64": "npm:@openai/codex@0.101.0-darwin-x64",
- "@openai/codex-linux-arm64": "npm:@openai/codex@0.101.0-linux-arm64",
- "@openai/codex-linux-x64": "npm:@openai/codex@0.101.0-linux-x64",
- "@openai/codex-win32-arm64": "npm:@openai/codex@0.101.0-win32-arm64",
- "@openai/codex-win32-x64": "npm:@openai/codex@0.101.0-win32-x64"
+ "@openai/codex-darwin-arm64": "npm:@openai/codex@0.125.0-darwin-arm64",
+ "@openai/codex-darwin-x64": "npm:@openai/codex@0.125.0-darwin-x64",
+ "@openai/codex-linux-arm64": "npm:@openai/codex@0.125.0-linux-arm64",
+ "@openai/codex-linux-x64": "npm:@openai/codex@0.125.0-linux-x64",
+ "@openai/codex-win32-arm64": "npm:@openai/codex@0.125.0-win32-arm64",
+ "@openai/codex-win32-x64": "npm:@openai/codex@0.125.0-win32-x64"
}
},
"node_modules/@openai/codex-darwin-arm64": {
"name": "@openai/codex",
- "version": "0.101.0-darwin-arm64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-darwin-arm64.tgz",
- "integrity": "sha512-unk4rTRQQ9o0w2Upu35IsJHpoZHJ+tU/myn6LNhUjcP9FrjLnEcAQJ6WIMtdTYVPja1PGhFSO0DNxV79GMvehw==",
+ "version": "0.125.0-darwin-arm64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-darwin-arm64.tgz",
+ "integrity": "sha512-Gn2fHiSO0XgyHp1OSd5DWUTm66Bv9UEuipW5pVEj1E+hWZCOrdqnYttllKFWtRGj5yiKefNX3JIxONgh/ZwlOQ==",
"cpu": [
"arm64"
],
@@ -3130,9 +3345,9 @@
},
"node_modules/@openai/codex-darwin-x64": {
"name": "@openai/codex",
- "version": "0.101.0-darwin-x64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-darwin-x64.tgz",
- "integrity": "sha512-+KFi1IapCQGd3vLQp2lI4xI3hu2QffDZYt7Fhfw6NxEFOKhHnTamRtQ5yI8jYQcYF+pQfYF2fyiuXLM1lITLQw==",
+ "version": "0.125.0-darwin-x64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-darwin-x64.tgz",
+ "integrity": "sha512-TZ5Lek2X/UXTI9LXFxzarvQaJeuTrqVh4POc7soO/8RclVnCxADnCf15sivxLd5eiFW4t0myGoeVoM4lciRiRg==",
"cpu": [
"x64"
],
@@ -3147,9 +3362,9 @@
},
"node_modules/@openai/codex-linux-arm64": {
"name": "@openai/codex",
- "version": "0.101.0-linux-arm64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-linux-arm64.tgz",
- "integrity": "sha512-RkDnQeq7M6ZBtD+8i+I5ewjjOf02BcJq6r1kN4RBewfAQBsz6B73Ns3OrI2bHVRsuPtAf8Cf1S4xg/eFZT2Omg==",
+ "version": "0.125.0-linux-arm64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-linux-arm64.tgz",
+ "integrity": "sha512-pPnJoJD6rZ2Iin0zNt/up36bO2/EOp2B+1/rPHu/lSq3PJbT3Fmnfut2kJy5LylXb7bGA2XQbtqOogZzIbnlkA==",
"cpu": [
"arm64"
],
@@ -3164,9 +3379,9 @@
},
"node_modules/@openai/codex-linux-x64": {
"name": "@openai/codex",
- "version": "0.101.0-linux-x64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-linux-x64.tgz",
- "integrity": "sha512-SJeEdQ4ReEU3nvtceZ1uY3me6oWoB3djr3GnZmAUCEUuYEWD1kRGprAyJB1N0B+8zhSv0SU2e9sX5t3aCV4AwQ==",
+ "version": "0.125.0-linux-x64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-linux-x64.tgz",
+ "integrity": "sha512-K2NTTEeBpz/G+N2x17UGWfauRt3So+ir4f+U/60l5PPnYEJB/w3YZrlXo2G9og8Dm9BqtoBAjoPV74sRv9tWWQ==",
"cpu": [
"x64"
],
@@ -3180,12 +3395,12 @@
}
},
"node_modules/@openai/codex-sdk": {
- "version": "0.101.0",
- "resolved": "https://registry.npmjs.org/@openai/codex-sdk/-/codex-sdk-0.101.0.tgz",
- "integrity": "sha512-Lrar2pDvGUX64itSbMNKuNBzxh72UwKokY4TPuXJRURwGX0qyDi80n7DiVivC40BwFsQWNs6behSo/9Mr6PoLw==",
+ "version": "0.125.0",
+ "resolved": "https://registry.npmjs.org/@openai/codex-sdk/-/codex-sdk-0.125.0.tgz",
+ "integrity": "sha512-1xCIHdSbQVF880nJ2aVWdPIsWZbSpKODwuP9y/gvtChDYhYfYEW0DKp2H8ZlctkzIjlzS/WzYmP6ZZPHIvs2Dg==",
"license": "Apache-2.0",
"dependencies": {
- "@openai/codex": "0.101.0"
+ "@openai/codex": "0.125.0"
},
"engines": {
"node": ">=18"
@@ -3193,9 +3408,9 @@
},
"node_modules/@openai/codex-win32-arm64": {
"name": "@openai/codex",
- "version": "0.101.0-win32-arm64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-win32-arm64.tgz",
- "integrity": "sha512-WQ8QsychjHyvlr+vCSTMbd2/yrBIZre5tRuM79eZi973BJz0CSEiFsNSGg5fvpnJuiHHawZ/8HWeir7nlatamQ==",
+ "version": "0.125.0-win32-arm64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-win32-arm64.tgz",
+ "integrity": "sha512-zxoUakw9oIHIFrAyk400XkkLBJFA6nOym0NDq6sQ/jhdcYraKqNSRCII2nsBwZHk+/4zgUvuk52iuutgysY/rQ==",
"cpu": [
"arm64"
],
@@ -3210,9 +3425,9 @@
},
"node_modules/@openai/codex-win32-x64": {
"name": "@openai/codex",
- "version": "0.101.0-win32-x64",
- "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.101.0-win32-x64.tgz",
- "integrity": "sha512-H+7h9x0fYrJRUZZHCA62Dzb/CS5Scl1sUw1aamfmHJzzorX+uTFOgGsibzqFpHTd6nRM4q8//fCdSxe5wUpOQQ==",
+ "version": "0.125.0-win32-x64",
+ "resolved": "https://registry.npmjs.org/@openai/codex/-/codex-0.125.0-win32-x64.tgz",
+ "integrity": "sha512-ofpOK+OWH5QFuUZ9pTM0d/PcXUXiIP5z5DpRcE9MlucJoyOl4Zy4Nu3NcuHF4YzCkZMQb6x3j0tjDEPHKqNQzw==",
"cpu": [
"x64"
],
@@ -3249,6 +3464,447 @@
"node": ">=14"
}
},
+ "node_modules/@radix-ui/primitive": {
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/primitive/-/primitive-1.1.3.tgz",
+ "integrity": "sha512-JTF99U/6XIjCBo0wqkU5sK10glYe27MRRsfwoiq5zzOEZLHU3A3KCMa5X/azekYRCJ0HlwI0crAXS/5dEHTzDg==",
+ "license": "MIT"
+ },
+ "node_modules/@radix-ui/react-compose-refs": {
+ "version": "1.1.2",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-compose-refs/-/react-compose-refs-1.1.2.tgz",
+ "integrity": "sha512-z4eqJvfiNnFMHIIvXP3CY57y2WJs5g2v3X0zm9mEJkrkNv4rDxu+sg9Jh8EkXyeqBkB7SOcboo9dMVqhyrACIg==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-context": {
+ "version": "1.1.2",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-context/-/react-context-1.1.2.tgz",
+ "integrity": "sha512-jCi/QKUM2r1Ju5a3J64TH2A5SpKAgh0LpknyqdQ4m6DCV0xJ2HG1xARRwNGPQfi1SLdLWZ1OJz6F4OMBBNiGJA==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-dialog": {
+ "version": "1.1.15",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-dialog/-/react-dialog-1.1.15.tgz",
+ "integrity": "sha512-TCglVRtzlffRNxRMEyR36DGBLJpeusFcgMVD9PZEzAKnUs1lKCgX5u9BmC2Yg+LL9MgZDugFFs1Vl+Jp4t/PGw==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/primitive": "1.1.3",
+ "@radix-ui/react-compose-refs": "1.1.2",
+ "@radix-ui/react-context": "1.1.2",
+ "@radix-ui/react-dismissable-layer": "1.1.11",
+ "@radix-ui/react-focus-guards": "1.1.3",
+ "@radix-ui/react-focus-scope": "1.1.7",
+ "@radix-ui/react-id": "1.1.1",
+ "@radix-ui/react-portal": "1.1.9",
+ "@radix-ui/react-presence": "1.1.5",
+ "@radix-ui/react-primitive": "2.1.3",
+ "@radix-ui/react-slot": "1.2.3",
+ "@radix-ui/react-use-controllable-state": "1.2.2",
+ "aria-hidden": "^1.2.4",
+ "react-remove-scroll": "^2.6.3"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-dialog/node_modules/@radix-ui/react-primitive": {
+ "version": "2.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.3.tgz",
+ "integrity": "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-slot": "1.2.3"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-dismissable-layer": {
+ "version": "1.1.11",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-dismissable-layer/-/react-dismissable-layer-1.1.11.tgz",
+ "integrity": "sha512-Nqcp+t5cTB8BinFkZgXiMJniQH0PsUt2k51FUhbdfeKvc4ACcG2uQniY/8+h1Yv6Kza4Q7lD7PQV0z0oicE0Mg==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/primitive": "1.1.3",
+ "@radix-ui/react-compose-refs": "1.1.2",
+ "@radix-ui/react-primitive": "2.1.3",
+ "@radix-ui/react-use-callback-ref": "1.1.1",
+ "@radix-ui/react-use-escape-keydown": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-dismissable-layer/node_modules/@radix-ui/react-primitive": {
+ "version": "2.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.3.tgz",
+ "integrity": "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-slot": "1.2.3"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-focus-guards": {
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-guards/-/react-focus-guards-1.1.3.tgz",
+ "integrity": "sha512-0rFg/Rj2Q62NCm62jZw0QX7a3sz6QCQU0LpZdNrJX8byRGaGVTqbrW9jAoIAHyMQqsNpeZ81YgSizOt5WXq0Pw==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-focus-scope": {
+ "version": "1.1.7",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-scope/-/react-focus-scope-1.1.7.tgz",
+ "integrity": "sha512-t2ODlkXBQyn7jkl6TNaw/MtVEVvIGelJDCG41Okq/KwUsJBwQ4XVZsHAVUkK4mBv3ewiAS3PGuUWuY2BoK4ZUw==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-compose-refs": "1.1.2",
+ "@radix-ui/react-primitive": "2.1.3",
+ "@radix-ui/react-use-callback-ref": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-focus-scope/node_modules/@radix-ui/react-primitive": {
+ "version": "2.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.3.tgz",
+ "integrity": "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-slot": "1.2.3"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-id": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-id/-/react-id-1.1.1.tgz",
+ "integrity": "sha512-kGkGegYIdQsOb4XjsfM97rXsiHaBwco+hFI66oO4s9LU+PLAC5oJ7khdOVFxkhsmlbpUqDAvXw11CluXP+jkHg==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-use-layout-effect": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-portal": {
+ "version": "1.1.9",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-portal/-/react-portal-1.1.9.tgz",
+ "integrity": "sha512-bpIxvq03if6UNwXZ+HTK71JLh4APvnXntDc6XOX8UVq4XQOVl7lwok0AvIl+b8zgCw3fSaVTZMpAPPagXbKmHQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-primitive": "2.1.3",
+ "@radix-ui/react-use-layout-effect": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-portal/node_modules/@radix-ui/react-primitive": {
+ "version": "2.1.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.3.tgz",
+ "integrity": "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-slot": "1.2.3"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-presence": {
+ "version": "1.1.5",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-presence/-/react-presence-1.1.5.tgz",
+ "integrity": "sha512-/jfEwNDdQVBCNvjkGit4h6pMOzq8bHkopq458dPt2lMjx+eBQUohZNG9A7DtO/O5ukSbxuaNGXMjHicgwy6rQQ==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-compose-refs": "1.1.2",
+ "@radix-ui/react-use-layout-effect": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-primitive": {
+ "version": "2.1.4",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.4.tgz",
+ "integrity": "sha512-9hQc4+GNVtJAIEPEqlYqW5RiYdrr8ea5XQ0ZOnD6fgru+83kqT15mq2OCcbe8KnjRZl5vF3ks69AKz3kh1jrhg==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-slot": "1.2.4"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "@types/react-dom": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc",
+ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "@types/react-dom": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-primitive/node_modules/@radix-ui/react-slot": {
+ "version": "1.2.4",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-slot/-/react-slot-1.2.4.tgz",
+ "integrity": "sha512-Jl+bCv8HxKnlTLVrcDE8zTMJ09R9/ukw4qBs/oZClOfoQk/cOTbDn+NceXfV7j09YPVQUryJPHurafcSg6EVKA==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-compose-refs": "1.1.2"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-slot": {
+ "version": "1.2.3",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-slot/-/react-slot-1.2.3.tgz",
+ "integrity": "sha512-aeNmHnBxbi2St0au6VBVC7JXFlhLlOnvIIlePNniyUNAClzmtAUEY8/pBiK3iHjufOlwA+c20/8jngo7xcrg8A==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-compose-refs": "1.1.2"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-use-callback-ref": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-use-callback-ref/-/react-use-callback-ref-1.1.1.tgz",
+ "integrity": "sha512-FkBMwD+qbGQeMu1cOHnuGB6x4yzPjho8ap5WtbEJ26umhgqVXbhekKUQO+hZEL1vU92a3wHwdp0HAcqAUF5iDg==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-use-controllable-state": {
+ "version": "1.2.2",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-use-controllable-state/-/react-use-controllable-state-1.2.2.tgz",
+ "integrity": "sha512-BjasUjixPFdS+NKkypcyyN5Pmg83Olst0+c6vGov0diwTEo6mgdqVR6hxcEgFuh4QrAs7Rc+9KuGJ9TVCj0Zzg==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-use-effect-event": "0.0.2",
+ "@radix-ui/react-use-layout-effect": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-use-effect-event": {
+ "version": "0.0.2",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-use-effect-event/-/react-use-effect-event-0.0.2.tgz",
+ "integrity": "sha512-Qp8WbZOBe+blgpuUT+lw2xheLP8q0oatc9UpmiemEICxGvFLYmHm9QowVZGHtJlGbS6A6yJ3iViad/2cVjnOiA==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-use-layout-effect": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-use-escape-keydown": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-use-escape-keydown/-/react-use-escape-keydown-1.1.1.tgz",
+ "integrity": "sha512-Il0+boE7w/XebUHyBjroE+DbByORGR9KKmITzbR7MyQ4akpORYP/ZmbhAr0DG7RmmBqoOnZdy2QlvajJ2QA59g==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-use-callback-ref": "1.1.1"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@radix-ui/react-use-layout-effect": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/@radix-ui/react-use-layout-effect/-/react-use-layout-effect-1.1.1.tgz",
+ "integrity": "sha512-RbJRS4UWQFkzHTTwVymMTUv8EqYhOp8dOOviLj2ugtTiXRaRQS7GLGxZTLL1jWhMeoSCf5zmcZkqTl9IiYfXcQ==",
+ "license": "MIT",
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
"node_modules/@release-it/conventional-changelog": {
"version": "10.0.5",
"resolved": "https://registry.npmjs.org/@release-it/conventional-changelog/-/conventional-changelog-10.0.5.tgz",
@@ -3705,6 +4361,47 @@
"@babel/types": "^7.20.7"
}
},
+ "node_modules/@types/better-sqlite3": {
+ "version": "7.6.13",
+ "resolved": "https://registry.npmjs.org/@types/better-sqlite3/-/better-sqlite3-7.6.13.tgz",
+ "integrity": "sha512-NMv9ASNARoKksWtsq/SHakpYAYnhBrQgGD8zkLYk/jaK8jUGn08CfEdTRgYhMypUQAfzSP8W6gNLe0q19/t4VA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
+ "node_modules/@types/body-parser": {
+ "version": "1.19.6",
+ "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.6.tgz",
+ "integrity": "sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/connect": "*",
+ "@types/node": "*"
+ }
+ },
+ "node_modules/@types/connect": {
+ "version": "3.4.38",
+ "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz",
+ "integrity": "sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
+ "node_modules/@types/cross-spawn": {
+ "version": "6.0.6",
+ "resolved": "https://registry.npmjs.org/@types/cross-spawn/-/cross-spawn-6.0.6.tgz",
+ "integrity": "sha512-fXRhhUkG4H3TQk5dBhQ7m/JDdSNHKwR2BBia62lhwEIq9xGiQKLxd6LymNhn47SjXhsUEPmxi+PKw2OkW4LLjA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
"node_modules/@types/debug": {
"version": "4.1.12",
"resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.12.tgz",
@@ -3729,6 +4426,31 @@
"@types/estree": "*"
}
},
+ "node_modules/@types/express": {
+ "version": "5.0.6",
+ "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.6.tgz",
+ "integrity": "sha512-sKYVuV7Sv9fbPIt/442koC7+IIwK5olP1KWeD88e/idgoJqDm3JV/YUiPwkoKK92ylff2MGxSz1CSjsXelx0YA==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/body-parser": "*",
+ "@types/express-serve-static-core": "^5.0.0",
+ "@types/serve-static": "^2"
+ }
+ },
+ "node_modules/@types/express-serve-static-core": {
+ "version": "5.1.1",
+ "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.1.1.tgz",
+ "integrity": "sha512-v4zIMr/cX7/d2BpAEX3KNKL/JrT1s43s96lLvvdTmza1oEvDudCqK9aF/djc/SWgy8Yh0h30TZx5VpzqFCxk5A==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*",
+ "@types/qs": "*",
+ "@types/range-parser": "*",
+ "@types/send": "*"
+ }
+ },
"node_modules/@types/hast": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/@types/hast/-/hast-3.0.4.tgz",
@@ -3738,6 +4460,13 @@
"@types/unist": "*"
}
},
+ "node_modules/@types/http-errors": {
+ "version": "2.0.5",
+ "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz",
+ "integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/@types/json-schema": {
"version": "7.0.15",
"resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz",
@@ -3796,6 +4525,20 @@
"integrity": "sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw==",
"license": "MIT"
},
+ "node_modules/@types/qs": {
+ "version": "6.15.0",
+ "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.15.0.tgz",
+ "integrity": "sha512-JawvT8iBVWpzTrz3EGw9BTQFg3BQNmwERdKE22vlTxawwtbyUSlMppvZYKLZzB5zgACXdXxbD3m1bXaMqP/9ow==",
+ "dev": true,
+ "license": "MIT"
+ },
+ "node_modules/@types/range-parser": {
+ "version": "1.2.7",
+ "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
+ "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==",
+ "dev": true,
+ "license": "MIT"
+ },
"node_modules/@types/react": {
"version": "18.3.23",
"resolved": "https://registry.npmjs.org/@types/react/-/react-18.3.23.tgz",
@@ -3810,18 +4553,49 @@
"version": "18.3.7",
"resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-18.3.7.tgz",
"integrity": "sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==",
- "dev": true,
+ "devOptional": true,
"license": "MIT",
"peerDependencies": {
"@types/react": "^18.0.0"
}
},
+ "node_modules/@types/send": {
+ "version": "1.2.1",
+ "resolved": "https://registry.npmjs.org/@types/send/-/send-1.2.1.tgz",
+ "integrity": "sha512-arsCikDvlU99zl1g69TcAB3mzZPpxgw0UQnaHeC1Nwb015xp8bknZv5rIfri9xTOcMuaVgvabfIRA7PSZVuZIQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
+ "node_modules/@types/serve-static": {
+ "version": "2.2.0",
+ "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-2.2.0.tgz",
+ "integrity": "sha512-8mam4H1NHLtu7nmtalF7eyBH14QyOASmcxHhSfEoRyr0nP/YdoesEtU+uSRvMe96TW/HPTtkoKqQLl53N7UXMQ==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/http-errors": "*",
+ "@types/node": "*"
+ }
+ },
"node_modules/@types/unist": {
"version": "3.0.3",
"resolved": "https://registry.npmjs.org/@types/unist/-/unist-3.0.3.tgz",
"integrity": "sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q==",
"license": "MIT"
},
+ "node_modules/@types/ws": {
+ "version": "8.18.1",
+ "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz",
+ "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==",
+ "dev": true,
+ "license": "MIT",
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.56.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.56.1.tgz",
@@ -4466,6 +5240,18 @@
"vite": "^4.2.0 || ^5.0.0 || ^6.0.0 || ^7.0.0"
}
},
+ "node_modules/@vscode/ripgrep": {
+ "version": "1.17.1",
+ "resolved": "https://registry.npmjs.org/@vscode/ripgrep/-/ripgrep-1.17.1.tgz",
+ "integrity": "sha512-xTs7DGyAO3IsJYOCTBP8LnTvPiYVKEuyv8s0xyJDBXfs8rhBfqnZPvb6xDT+RnwWzcXqW27xLS/aGrkjX7lNWw==",
+ "hasInstallScript": true,
+ "license": "MIT",
+ "dependencies": {
+ "https-proxy-agent": "^7.0.2",
+ "proxy-from-env": "^1.1.0",
+ "yauzl": "^2.9.2"
+ }
+ },
"node_modules/@xterm/addon-clipboard": {
"version": "0.1.0",
"resolved": "https://registry.npmjs.org/@xterm/addon-clipboard/-/addon-clipboard-0.1.0.tgz",
@@ -4618,6 +5404,45 @@
"url": "https://github.com/sponsors/epoberezkin"
}
},
+ "node_modules/ajv-formats": {
+ "version": "3.0.1",
+ "resolved": "https://registry.npmjs.org/ajv-formats/-/ajv-formats-3.0.1.tgz",
+ "integrity": "sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==",
+ "license": "MIT",
+ "dependencies": {
+ "ajv": "^8.0.0"
+ },
+ "peerDependencies": {
+ "ajv": "^8.0.0"
+ },
+ "peerDependenciesMeta": {
+ "ajv": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/ajv-formats/node_modules/ajv": {
+ "version": "8.18.0",
+ "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.18.0.tgz",
+ "integrity": "sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==",
+ "license": "MIT",
+ "dependencies": {
+ "fast-deep-equal": "^3.1.3",
+ "fast-uri": "^3.0.1",
+ "json-schema-traverse": "^1.0.0",
+ "require-from-string": "^2.0.2"
+ },
+ "funding": {
+ "type": "github",
+ "url": "https://github.com/sponsors/epoberezkin"
+ }
+ },
+ "node_modules/ajv-formats/node_modules/json-schema-traverse": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
+ "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
+ "license": "MIT"
+ },
"node_modules/ansi-escapes": {
"version": "7.3.0",
"resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-7.3.0.tgz",
@@ -4701,6 +5526,18 @@
"sprintf-js": "~1.0.2"
}
},
+ "node_modules/aria-hidden": {
+ "version": "1.2.6",
+ "resolved": "https://registry.npmjs.org/aria-hidden/-/aria-hidden-1.2.6.tgz",
+ "integrity": "sha512-ik3ZgC9dY/lYVVM++OISsaYDeg1tb0VtP5uL3ouh1koGOaUMDPpbFIei4JkFimWUFPn90sbMNMXQAIVOlnYKJA==",
+ "license": "MIT",
+ "dependencies": {
+ "tslib": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ }
+ },
"node_modules/array-buffer-byte-length": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/array-buffer-byte-length/-/array-buffer-byte-length-1.0.2.tgz",
@@ -5259,6 +6096,15 @@
"ieee754": "^1.1.13"
}
},
+ "node_modules/buffer-crc32": {
+ "version": "0.2.13",
+ "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz",
+ "integrity": "sha512-VO9Ht/+p3SN7SKWqcrgEzjGbRSJYTx+Q1pTQC0wrWqHx0vpJraQ6GtHx8tvcg1rlK1byhU5gccxgOgj7B0TDkQ==",
+ "license": "MIT",
+ "engines": {
+ "node": "*"
+ }
+ },
"node_modules/buffer-equal-constant-time": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
@@ -5794,6 +6640,22 @@
"node": ">=6"
}
},
+ "node_modules/cmdk": {
+ "version": "1.1.1",
+ "resolved": "https://registry.npmjs.org/cmdk/-/cmdk-1.1.1.tgz",
+ "integrity": "sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==",
+ "license": "MIT",
+ "dependencies": {
+ "@radix-ui/react-compose-refs": "^1.1.1",
+ "@radix-ui/react-dialog": "^1.1.6",
+ "@radix-ui/react-id": "^1.1.0",
+ "@radix-ui/react-primitive": "^2.0.2"
+ },
+ "peerDependencies": {
+ "react": "^18 || ^19 || ^19.0.0-rc",
+ "react-dom": "^18 || ^19 || ^19.0.0-rc"
+ }
+ },
"node_modules/codemirror": {
"version": "6.0.2",
"resolved": "https://registry.npmjs.org/codemirror/-/codemirror-6.0.2.tgz",
@@ -6566,6 +7428,12 @@
"node": ">=8"
}
},
+ "node_modules/detect-node-es": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/detect-node-es/-/detect-node-es-1.1.0.tgz",
+ "integrity": "sha512-ypdmJU/TbBby2Dxibuv7ZLW3Bs1QEmM7nHjEANfohJLvE0XVujisn1qPJcZxg+qDucsr+bP6fLD1rPS3AhJ7EQ==",
+ "license": "MIT"
+ },
"node_modules/devlop": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/devlop/-/devlop-1.1.0.tgz",
@@ -7625,6 +8493,27 @@
"dev": true,
"license": "MIT"
},
+ "node_modules/eventsource": {
+ "version": "3.0.7",
+ "resolved": "https://registry.npmjs.org/eventsource/-/eventsource-3.0.7.tgz",
+ "integrity": "sha512-CRT1WTyuQoD771GW56XEZFQ/ZoSfWid1alKGDYMmkt2yl8UXrVR4pspqWNEcqKvVIzg6PAltWjxcSSPrboA4iA==",
+ "license": "MIT",
+ "dependencies": {
+ "eventsource-parser": "^3.0.1"
+ },
+ "engines": {
+ "node": ">=18.0.0"
+ }
+ },
+ "node_modules/eventsource-parser": {
+ "version": "3.0.8",
+ "resolved": "https://registry.npmjs.org/eventsource-parser/-/eventsource-parser-3.0.8.tgz",
+ "integrity": "sha512-70QWGkr4snxr0OXLRWsFLeRBIRPuQOvt4s8QYjmUlmlkyTZkRqS7EDVRZtzU3TiyDbXSzaOeF0XUKy8PchzukQ==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=18.0.0"
+ }
+ },
"node_modules/execa": {
"version": "8.0.1",
"resolved": "https://registry.npmjs.org/execa/-/execa-8.0.1.tgz",
@@ -7727,6 +8616,24 @@
"url": "https://opencollective.com/express"
}
},
+ "node_modules/express-rate-limit": {
+ "version": "8.3.2",
+ "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.3.2.tgz",
+ "integrity": "sha512-77VmFeJkO0/rvimEDuUC5H30oqUC4EyOhyGccfqoLebB0oiEYfM7nwPrsDsBL1gsTpwfzX8SFy2MT3TDyRq+bg==",
+ "license": "MIT",
+ "dependencies": {
+ "ip-address": "10.1.0"
+ },
+ "engines": {
+ "node": ">= 16"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/express-rate-limit"
+ },
+ "peerDependencies": {
+ "express": ">= 4.11"
+ }
+ },
"node_modules/express/node_modules/debug": {
"version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -7787,7 +8694,6 @@
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
"integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==",
- "dev": true,
"license": "MIT"
},
"node_modules/fast-glob": {
@@ -7836,7 +8742,6 @@
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/fast-uri/-/fast-uri-3.1.0.tgz",
"integrity": "sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==",
- "dev": true,
"funding": [
{
"type": "github",
@@ -7881,6 +8786,15 @@
"walk-up-path": "^4.0.0"
}
},
+ "node_modules/fd-slicer": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz",
+ "integrity": "sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g==",
+ "license": "MIT",
+ "dependencies": {
+ "pend": "~1.2.0"
+ }
+ },
"node_modules/file-entry-cache": {
"version": "8.0.0",
"resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz",
@@ -8236,6 +9150,15 @@
"url": "https://github.com/sponsors/ljharb"
}
},
+ "node_modules/get-nonce": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/get-nonce/-/get-nonce-1.0.1.tgz",
+ "integrity": "sha512-FJhYRoDaiatfEkUK8HKlicmu/3SGFD51q3itKDGoSTysQJBnfOcxU5GxnhE1E6soB76MbT0MBtnKJuXyAx+96Q==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=6"
+ }
+ },
"node_modules/get-proto": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz",
@@ -8871,6 +9794,15 @@
"integrity": "sha512-PDEfEF102G23vHmPhLyPboFCD+BkMGu+GuJe2d9/eH4FsCwvgBpnc9n0pGE+ffKdph38s6foEZiEjdgHdzp+IA==",
"license": "CC0-1.0"
},
+ "node_modules/hono": {
+ "version": "4.12.14",
+ "resolved": "https://registry.npmjs.org/hono/-/hono-4.12.14.tgz",
+ "integrity": "sha512-am5zfg3yu6sqn5yjKBNqhnTX7Cv+m00ox+7jbaKkrLMRJ4rAdldd1xPd/JzbBWspqaQv6RSTrgFN95EsfhC+7w==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=16.9.0"
+ }
+ },
"node_modules/hosted-git-info": {
"version": "8.1.0",
"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-8.1.0.tgz",
@@ -9238,10 +10170,9 @@
}
},
"node_modules/ip-address": {
- "version": "10.0.1",
- "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz",
- "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==",
- "dev": true,
+ "version": "10.1.0",
+ "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.1.0.tgz",
+ "integrity": "sha512-XXADHxXmvT9+CRxhXg56LJovE+bmWnEWB78LB83VZTprKTmaC5QfruXocxzTZ2Kl0DNwKuBdlIhjL8LeY8Sf8Q==",
"license": "MIT",
"engines": {
"node": ">= 12"
@@ -9680,6 +10611,12 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/is-promise": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-4.0.0.tgz",
+ "integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==",
+ "license": "MIT"
+ },
"node_modules/is-regex": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.2.1.tgz",
@@ -9948,6 +10885,15 @@
"jiti": "bin/jiti.js"
}
},
+ "node_modules/jose": {
+ "version": "6.2.2",
+ "resolved": "https://registry.npmjs.org/jose/-/jose-6.2.2.tgz",
+ "integrity": "sha512-d7kPDd34KO/YnzaDOlikGpOurfF0ByC2sEV4cANCtdqLlTfBlw2p14O/5d/zv40gJPbIQxfES3nSx1/oYNyuZQ==",
+ "license": "MIT",
+ "funding": {
+ "url": "https://github.com/sponsors/panva"
+ }
+ },
"node_modules/js-base64": {
"version": "3.7.7",
"resolved": "https://registry.npmjs.org/js-base64/-/js-base64-3.7.7.tgz",
@@ -10000,6 +10946,19 @@
"dev": true,
"license": "MIT"
},
+ "node_modules/json-schema-to-ts": {
+ "version": "3.1.1",
+ "resolved": "https://registry.npmjs.org/json-schema-to-ts/-/json-schema-to-ts-3.1.1.tgz",
+ "integrity": "sha512-+DWg8jCJG2TEnpy7kOm/7/AxaYoaRbjVB4LFZLySZlWn8exGs3A4OLJR966cVvU26N7X9TWxl+Jsw7dzAqKT6g==",
+ "license": "MIT",
+ "dependencies": {
+ "@babel/runtime": "^7.18.3",
+ "ts-algebra": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=16"
+ }
+ },
"node_modules/json-schema-traverse": {
"version": "0.4.1",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
@@ -10007,6 +10966,12 @@
"dev": true,
"license": "MIT"
},
+ "node_modules/json-schema-typed": {
+ "version": "8.0.2",
+ "resolved": "https://registry.npmjs.org/json-schema-typed/-/json-schema-typed-8.0.2.tgz",
+ "integrity": "sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==",
+ "license": "BSD-2-Clause"
+ },
"node_modules/json-stable-stringify-without-jsonify": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
@@ -12943,6 +13908,12 @@
"dev": true,
"license": "MIT"
},
+ "node_modules/pend": {
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz",
+ "integrity": "sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg==",
+ "license": "MIT"
+ },
"node_modules/perfect-debounce": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-2.0.0.tgz",
@@ -12986,6 +13957,15 @@
"node": ">= 6"
}
},
+ "node_modules/pkce-challenge": {
+ "version": "5.0.1",
+ "resolved": "https://registry.npmjs.org/pkce-challenge/-/pkce-challenge-5.0.1.tgz",
+ "integrity": "sha512-wQ0b/W4Fr01qtpHlqSqspcj3EhBvimsdh0KlHhH8HRZnMsEa0ea2fTULOXOS9ccQr3om+GcGRk4e+isrZWV8qQ==",
+ "license": "MIT",
+ "engines": {
+ "node": ">=16.20.0"
+ }
+ },
"node_modules/pkg-types": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.3.0.tgz",
@@ -13327,7 +14307,6 @@
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
- "dev": true,
"license": "MIT"
},
"node_modules/pump": {
@@ -13569,6 +14548,53 @@
"node": ">=0.10.0"
}
},
+ "node_modules/react-remove-scroll": {
+ "version": "2.7.2",
+ "resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.7.2.tgz",
+ "integrity": "sha512-Iqb9NjCCTt6Hf+vOdNIZGdTiH1QSqr27H/Ek9sv/a97gfueI/5h1s3yRi1nngzMUaOOToin5dI1dXKdXiF+u0Q==",
+ "license": "MIT",
+ "dependencies": {
+ "react-remove-scroll-bar": "^2.3.7",
+ "react-style-singleton": "^2.2.3",
+ "tslib": "^2.1.0",
+ "use-callback-ref": "^1.3.3",
+ "use-sidecar": "^1.1.3"
+ },
+ "engines": {
+ "node": ">=10"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/react-remove-scroll-bar": {
+ "version": "2.3.8",
+ "resolved": "https://registry.npmjs.org/react-remove-scroll-bar/-/react-remove-scroll-bar-2.3.8.tgz",
+ "integrity": "sha512-9r+yi9+mgU33AKcj6IbT9oRCO78WriSj6t/cF8DWBZJ9aOGPOTEDvdUDz1FwKim7QXWwmHqtdHnRJfhAxEG46Q==",
+ "license": "MIT",
+ "dependencies": {
+ "react-style-singleton": "^2.2.2",
+ "tslib": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
"node_modules/react-router": {
"version": "6.30.1",
"resolved": "https://registry.npmjs.org/react-router/-/react-router-6.30.1.tgz",
@@ -13601,6 +14627,28 @@
"react-dom": ">=16.8"
}
},
+ "node_modules/react-style-singleton": {
+ "version": "2.2.3",
+ "resolved": "https://registry.npmjs.org/react-style-singleton/-/react-style-singleton-2.2.3.tgz",
+ "integrity": "sha512-b6jSvxvVnyptAiLjbkWLE/lOnR4lfTtDAl+eUC7RZy+QQWc6wRzIV2CE6xBuMmDxc2qIihtDCZD5NPOFl7fRBQ==",
+ "license": "MIT",
+ "dependencies": {
+ "get-nonce": "^1.0.0",
+ "tslib": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
"node_modules/react-syntax-highlighter": {
"version": "15.6.6",
"resolved": "https://registry.npmjs.org/react-syntax-highlighter/-/react-syntax-highlighter-15.6.6.tgz",
@@ -14080,7 +15128,6 @@
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz",
"integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==",
- "dev": true,
"license": "MIT",
"engines": {
"node": ">=0.10.0"
@@ -14210,6 +15257,32 @@
"fsevents": "~2.3.2"
}
},
+ "node_modules/router": {
+ "version": "2.2.0",
+ "resolved": "https://registry.npmjs.org/router/-/router-2.2.0.tgz",
+ "integrity": "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ==",
+ "license": "MIT",
+ "dependencies": {
+ "debug": "^4.4.0",
+ "depd": "^2.0.0",
+ "is-promise": "^4.0.0",
+ "parseurl": "^1.3.3",
+ "path-to-regexp": "^8.0.0"
+ },
+ "engines": {
+ "node": ">= 18"
+ }
+ },
+ "node_modules/router/node_modules/path-to-regexp": {
+ "version": "8.4.2",
+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.4.2.tgz",
+ "integrity": "sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==",
+ "license": "MIT",
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/express"
+ }
+ },
"node_modules/run-applescript": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/run-applescript/-/run-applescript-7.1.0.tgz",
@@ -15969,6 +17042,12 @@
"url": "https://github.com/sponsors/wooorm"
}
},
+ "node_modules/ts-algebra": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/ts-algebra/-/ts-algebra-2.0.0.tgz",
+ "integrity": "sha512-FPAhNPFMrkwz76P7cdjdmiShwMynZYN6SgOujD1urY4oNm80Ou9oMdmbR45LotcKOXoy7wSmHkRFE6Mxbrhefw==",
+ "license": "MIT"
+ },
"node_modules/ts-api-utils": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.4.0.tgz",
@@ -17067,6 +18146,49 @@
"node": "^12.20.0 || ^14.13.1 || >=16.0.0"
}
},
+ "node_modules/use-callback-ref": {
+ "version": "1.3.3",
+ "resolved": "https://registry.npmjs.org/use-callback-ref/-/use-callback-ref-1.3.3.tgz",
+ "integrity": "sha512-jQL3lRnocaFtu3V00JToYz/4QkNWswxijDaCVNZRiRTO3HQDLsdu1ZtmIUvV4yPp+rvWm5j0y0TG/S61cuijTg==",
+ "license": "MIT",
+ "dependencies": {
+ "tslib": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/use-sidecar": {
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/use-sidecar/-/use-sidecar-1.1.3.tgz",
+ "integrity": "sha512-Fedw0aZvkhynoPYlA5WXrMCAMm+nSWdZt6lzJQ7Ok8S6Q+VsHmHpRWndVRJ8Be0ZbkfPc5LRYH+5XrzXcEeLRQ==",
+ "license": "MIT",
+ "dependencies": {
+ "detect-node-es": "^1.1.0",
+ "tslib": "^2.0.0"
+ },
+ "engines": {
+ "node": ">=10"
+ },
+ "peerDependencies": {
+ "@types/react": "*",
+ "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 || ^19.0.0-rc"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ }
+ }
+ },
"node_modules/use-sync-external-store": {
"version": "1.6.0",
"resolved": "https://registry.npmmirror.com/use-sync-external-store/-/use-sync-external-store-1.6.0.tgz",
@@ -17747,6 +18869,16 @@
"node": ">=8"
}
},
+ "node_modules/yauzl": {
+ "version": "2.10.0",
+ "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz",
+ "integrity": "sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g==",
+ "license": "MIT",
+ "dependencies": {
+ "buffer-crc32": "~0.2.3",
+ "fd-slicer": "~1.1.0"
+ }
+ },
"node_modules/yocto-queue": {
"version": "0.1.0",
"resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
@@ -17795,6 +18927,15 @@
"url": "https://github.com/sponsors/colinhacks"
}
},
+ "node_modules/zod-to-json-schema": {
+ "version": "3.25.2",
+ "resolved": "https://registry.npmjs.org/zod-to-json-schema/-/zod-to-json-schema-3.25.2.tgz",
+ "integrity": "sha512-O/PgfnpT1xKSDeQYSCfRI5Gy3hPf91mKVDuYLUHZJMiDFptvP41MSnWofm8dnCm0256ZNfZIM7DSzuSMAFnjHA==",
+ "license": "ISC",
+ "peerDependencies": {
+ "zod": "^3.25.28 || ^4"
+ }
+ },
"node_modules/zod-validation-error": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/zod-validation-error/-/zod-validation-error-4.0.2.tgz",
diff --git a/package.json b/package.json
index 5be1fd99..ff139ca7 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "@cloudcli-ai/cloudcli",
- "version": "1.29.5",
+ "version": "1.31.5",
"description": "A web-based UI for Claude Code CLI",
"type": "module",
"main": "dist-server/server/index.js",
@@ -65,7 +65,7 @@
"author": "CloudCLI UI Contributors",
"license": "AGPL-3.0-or-later",
"dependencies": {
- "@anthropic-ai/claude-agent-sdk": "^0.2.59",
+ "@anthropic-ai/claude-agent-sdk": "^0.2.116",
"@codemirror/lang-css": "^6.3.1",
"@codemirror/lang-html": "^6.4.9",
"@codemirror/lang-javascript": "^6.2.4",
@@ -76,10 +76,11 @@
"@codemirror/theme-one-dark": "^6.1.2",
"@iarna/toml": "^2.2.5",
"@octokit/rest": "^22.0.0",
- "@openai/codex-sdk": "^0.101.0",
+ "@openai/codex-sdk": "^0.125.0",
"@replit/codemirror-minimap": "^0.5.2",
"@tailwindcss/typography": "^0.5.16",
"@uiw/react-codemirror": "^4.23.13",
+ "@vscode/ripgrep": "^1.17.1",
"@xterm/addon-clipboard": "^0.1.0",
"@xterm/addon-fit": "^0.10.0",
"@xterm/addon-web-links": "^0.11.0",
@@ -90,6 +91,7 @@
"chokidar": "^4.0.3",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
+ "cmdk": "^1.1.1",
"cors": "^2.8.5",
"cross-spawn": "^7.0.3",
"express": "^4.18.2",
@@ -126,9 +128,13 @@
"@commitlint/config-conventional": "^20.5.0",
"@eslint/js": "^9.39.3",
"@release-it/conventional-changelog": "^10.0.5",
+ "@types/better-sqlite3": "^7.6.13",
+ "@types/cross-spawn": "^6.0.6",
+ "@types/express": "^5.0.6",
"@types/node": "^22.19.7",
"@types/react": "^18.2.43",
"@types/react-dom": "^18.2.17",
+ "@types/ws": "^8.18.1",
"@vitejs/plugin-react": "^4.6.0",
"auto-changelog": "^2.5.0",
"autoprefixer": "^10.4.16",
diff --git a/server/claude-sdk.js b/server/claude-sdk.js
index 1489962b..db3a205c 100644
--- a/server/claude-sdk.js
+++ b/server/claude-sdk.js
@@ -24,9 +24,9 @@ import {
notifyRunStopped,
notifyUserIfEnabled
} from './services/notification-orchestrator.js';
-import { claudeAdapter } from './providers/claude/adapter.js';
-import { createNormalizedMessage } from './providers/types.js';
-import { getStatusChecker } from './providers/registry.js';
+import { sessionsService } from './modules/providers/services/sessions.service.js';
+import { providerAuthService } from './modules/providers/services/provider-auth.service.js';
+import { createNormalizedMessage } from './shared/utils.js';
const activeSessions = new Map();
const pendingToolApprovals = new Map();
@@ -149,9 +149,15 @@ function mapCliOptionsToSDK(options = {}) {
const sdkOptions = {};
- if (process.env.CLAUDE_CLI_PATH) {
- sdkOptions.pathToClaudeCodeExecutable = process.env.CLAUDE_CLI_PATH;
- }
+ // Forward all host env vars (e.g. ANTHROPIC_BASE_URL) to the subprocess.
+ // Since SDK 0.2.113, options.env replaces process.env instead of overlaying it.
+ sdkOptions.env = { ...process.env };
+
+ // Use CLAUDE_CLI_PATH if explicitly set, otherwise fall back to 'claude' on PATH.
+ // The SDK 0.2.113+ looks for a bundled native binary optional dep by default;
+ // this fallback ensures users who installed via the official installer still work
+ // even when npm prune --production has removed those optional deps.
+ sdkOptions.pathToClaudeCodeExecutable = process.env.CLAUDE_CLI_PATH || 'claude';
// Map working directory
if (cwd) {
@@ -521,6 +527,12 @@ async function queryClaudeSDK(command, options = {}, ws) {
}]
};
+ // Caveat: in 'auto' and 'bypassPermissions' modes the SDK resolves approval
+ // at the permission-mode step and skips this callback, so interactive tools
+ // (AskUserQuestion, ExitPlanMode) won't reach the UI — the classifier/bypass
+ // auto-approves them and the model acts on a generated answer. Move these
+ // tools to a PreToolUse hook (runs before the mode check) if we need them
+ // to work in those modes.
sdkOptions.canUseTool = async (toolName, input, context) => {
const requiresInteraction = TOOLS_REQUIRING_INTERACTION.has(toolName);
@@ -654,7 +666,7 @@ async function queryClaudeSDK(command, options = {}, ws) {
const sid = capturedSessionId || sessionId || null;
// Use adapter to normalize SDK events into NormalizedMessage[]
- const normalized = claudeAdapter.normalizeMessage(transformedMessage, sid);
+ const normalized = sessionsService.normalizeMessage('claude', transformedMessage, sid);
for (const msg of normalized) {
// Preserve parentToolUseId from SDK wrapper for subagent tool grouping
if (transformedMessage.parentToolUseId && !msg.parentToolUseId) {
@@ -707,7 +719,7 @@ async function queryClaudeSDK(command, options = {}, ws) {
await cleanupTempFiles(tempImagePaths, tempDir);
// Check if Claude CLI is installed for a clearer error message
- const installed = getStatusChecker('claude')?.checkInstalled() ?? true;
+ const installed = await providerAuthService.isProviderInstalled('claude');
const errorContent = !installed
? 'Claude Code is not installed. Please install it first: https://docs.anthropic.com/en/docs/claude-code'
: error.message;
diff --git a/server/cursor-cli.js b/server/cursor-cli.js
index f6193369..66af16ef 100644
--- a/server/cursor-cli.js
+++ b/server/cursor-cli.js
@@ -1,9 +1,9 @@
import { spawn } from 'child_process';
import crossSpawn from 'cross-spawn';
import { notifyRunFailed, notifyRunStopped } from './services/notification-orchestrator.js';
-import { cursorAdapter } from './providers/cursor/adapter.js';
-import { createNormalizedMessage } from './providers/types.js';
-import { getStatusChecker } from './providers/registry.js';
+import { sessionsService } from './modules/providers/services/sessions.service.js';
+import { providerAuthService } from './modules/providers/services/provider-auth.service.js';
+import { createNormalizedMessage } from './shared/utils.js';
// Use cross-spawn on Windows for better command execution
const spawnFunction = process.platform === 'win32' ? crossSpawn : spawn;
@@ -190,7 +190,7 @@ async function spawnCursor(command, options = {}, ws) {
case 'assistant':
// Accumulate assistant message chunks
if (response.message && response.message.content && response.message.content.length > 0) {
- const normalized = cursorAdapter.normalizeMessage(response, capturedSessionId || sessionId || null);
+ const normalized = sessionsService.normalizeMessage('cursor', response, capturedSessionId || sessionId || null);
for (const msg of normalized) ws.send(msg);
}
break;
@@ -220,7 +220,7 @@ async function spawnCursor(command, options = {}, ws) {
}
// If not JSON, send as stream delta via adapter
- const normalized = cursorAdapter.normalizeMessage(line, capturedSessionId || sessionId || null);
+ const normalized = sessionsService.normalizeMessage('cursor', line, capturedSessionId || sessionId || null);
for (const msg of normalized) ws.send(msg);
}
};
@@ -288,7 +288,7 @@ async function spawnCursor(command, options = {}, ws) {
});
// Handle process errors
- cursorProcess.on('error', (error) => {
+ cursorProcess.on('error', async (error) => {
console.error('Cursor CLI process error:', error);
// Clean up process reference on error
@@ -296,7 +296,7 @@ async function spawnCursor(command, options = {}, ws) {
activeCursorProcesses.delete(finalSessionId);
// Check if Cursor CLI is installed for a clearer error message
- const installed = getStatusChecker('cursor')?.checkInstalled() ?? true;
+ const installed = await providerAuthService.isProviderInstalled('cursor');
const errorContent = !installed
? 'Cursor CLI is not installed. Please install it from https://cursor.com'
: error.message;
diff --git a/server/database/db.js b/server/database/db.js
deleted file mode 100644
index f43c894a..00000000
--- a/server/database/db.js
+++ /dev/null
@@ -1,593 +0,0 @@
-import Database from 'better-sqlite3';
-import path from 'path';
-import fs from 'fs';
-import crypto from 'crypto';
-import { findAppRoot, getModuleDir } from '../utils/runtime-paths.js';
-import {
- APP_CONFIG_TABLE_SQL,
- USER_NOTIFICATION_PREFERENCES_TABLE_SQL,
- VAPID_KEYS_TABLE_SQL,
- PUSH_SUBSCRIPTIONS_TABLE_SQL,
- SESSION_NAMES_TABLE_SQL,
- SESSION_NAMES_LOOKUP_INDEX_SQL,
- DATABASE_SCHEMA_SQL
-} from './schema.js';
-
-const __dirname = getModuleDir(import.meta.url);
-// The compiled backend lives under dist-server/server/database, but the install root we log
-// should still point at the project/app root. Resolving it here avoids build-layout drift.
-const APP_ROOT = findAppRoot(__dirname);
-
-// ANSI color codes for terminal output
-const colors = {
- reset: '\x1b[0m',
- bright: '\x1b[1m',
- cyan: '\x1b[36m',
- dim: '\x1b[2m',
-};
-
-const c = {
- info: (text) => `${colors.cyan}${text}${colors.reset}`,
- bright: (text) => `${colors.bright}${text}${colors.reset}`,
- dim: (text) => `${colors.dim}${text}${colors.reset}`,
-};
-
-// Use DATABASE_PATH environment variable if set, otherwise use default location
-const DB_PATH = process.env.DATABASE_PATH || path.join(__dirname, 'auth.db');
-
-// Ensure database directory exists if custom path is provided
-if (process.env.DATABASE_PATH) {
- const dbDir = path.dirname(DB_PATH);
- try {
- if (!fs.existsSync(dbDir)) {
- fs.mkdirSync(dbDir, { recursive: true });
- console.log(`Created database directory: ${dbDir}`);
- }
- } catch (error) {
- console.error(`Failed to create database directory ${dbDir}:`, error.message);
- throw error;
- }
-}
-
-// As part of 1.19.2 we are introducing a new location for auth.db. The below handles exisitng moving legacy database from install directory to new location
-const LEGACY_DB_PATH = path.join(__dirname, 'auth.db');
-if (DB_PATH !== LEGACY_DB_PATH && !fs.existsSync(DB_PATH) && fs.existsSync(LEGACY_DB_PATH)) {
- try {
- fs.copyFileSync(LEGACY_DB_PATH, DB_PATH);
- console.log(`[MIGRATION] Copied database from ${LEGACY_DB_PATH} to ${DB_PATH}`);
- for (const suffix of ['-wal', '-shm']) {
- if (fs.existsSync(LEGACY_DB_PATH + suffix)) {
- fs.copyFileSync(LEGACY_DB_PATH + suffix, DB_PATH + suffix);
- }
- }
- } catch (err) {
- console.warn(`[MIGRATION] Could not copy legacy database: ${err.message}`);
- }
-}
-
-// Create database connection
-const db = new Database(DB_PATH);
-
-// app_config must exist before any other module imports (auth.js reads the JWT secret at load time).
-// runMigrations() also creates this table, but it runs too late for existing installations
-// where auth.js is imported before initializeDatabase() is called.
-db.exec(APP_CONFIG_TABLE_SQL);
-
-// Show app installation path prominently
-const appInstallPath = APP_ROOT;
-console.log('');
-console.log(c.dim('═'.repeat(60)));
-console.log(`${c.info('[INFO]')} App Installation: ${c.bright(appInstallPath)}`);
-console.log(`${c.info('[INFO]')} Database: ${c.dim(path.relative(appInstallPath, DB_PATH))}`);
-if (process.env.DATABASE_PATH) {
- console.log(` ${c.dim('(Using custom DATABASE_PATH from environment)')}`);
-}
-console.log(c.dim('═'.repeat(60)));
-console.log('');
-
-const runMigrations = () => {
- try {
- const tableInfo = db.prepare("PRAGMA table_info(users)").all();
- const columnNames = tableInfo.map(col => col.name);
-
- if (!columnNames.includes('git_name')) {
- console.log('Running migration: Adding git_name column');
- db.exec('ALTER TABLE users ADD COLUMN git_name TEXT');
- }
-
- if (!columnNames.includes('git_email')) {
- console.log('Running migration: Adding git_email column');
- db.exec('ALTER TABLE users ADD COLUMN git_email TEXT');
- }
-
- if (!columnNames.includes('has_completed_onboarding')) {
- console.log('Running migration: Adding has_completed_onboarding column');
- db.exec('ALTER TABLE users ADD COLUMN has_completed_onboarding BOOLEAN DEFAULT 0');
- }
-
- db.exec(USER_NOTIFICATION_PREFERENCES_TABLE_SQL);
- db.exec(VAPID_KEYS_TABLE_SQL);
- db.exec(PUSH_SUBSCRIPTIONS_TABLE_SQL);
- db.exec(APP_CONFIG_TABLE_SQL);
- db.exec(SESSION_NAMES_TABLE_SQL);
- db.exec(SESSION_NAMES_LOOKUP_INDEX_SQL);
-
- console.log('Database migrations completed successfully');
- } catch (error) {
- console.error('Error running migrations:', error.message);
- throw error;
- }
-};
-
-// Initialize database with schema
-const initializeDatabase = async () => {
- try {
- db.exec(DATABASE_SCHEMA_SQL);
- console.log('Database initialized successfully');
- runMigrations();
- } catch (error) {
- console.error('Error initializing database:', error.message);
- throw error;
- }
-};
-
-// User database operations
-const userDb = {
- // Check if any users exist
- hasUsers: () => {
- try {
- const row = db.prepare('SELECT COUNT(*) as count FROM users').get();
- return row.count > 0;
- } catch (err) {
- throw err;
- }
- },
-
- // Create a new user
- createUser: (username, passwordHash) => {
- try {
- const stmt = db.prepare('INSERT INTO users (username, password_hash) VALUES (?, ?)');
- const result = stmt.run(username, passwordHash);
- return { id: result.lastInsertRowid, username };
- } catch (err) {
- throw err;
- }
- },
-
- // Get user by username
- getUserByUsername: (username) => {
- try {
- const row = db.prepare('SELECT * FROM users WHERE username = ? AND is_active = 1').get(username);
- return row;
- } catch (err) {
- throw err;
- }
- },
-
- // Update last login time (non-fatal — logged but not thrown)
- updateLastLogin: (userId) => {
- try {
- db.prepare('UPDATE users SET last_login = CURRENT_TIMESTAMP WHERE id = ?').run(userId);
- } catch (err) {
- console.warn('Failed to update last login:', err.message);
- }
- },
-
- // Get user by ID
- getUserById: (userId) => {
- try {
- const row = db.prepare('SELECT id, username, created_at, last_login FROM users WHERE id = ? AND is_active = 1').get(userId);
- return row;
- } catch (err) {
- throw err;
- }
- },
-
- getFirstUser: () => {
- try {
- const row = db.prepare('SELECT id, username, created_at, last_login FROM users WHERE is_active = 1 LIMIT 1').get();
- return row;
- } catch (err) {
- throw err;
- }
- },
-
- updateGitConfig: (userId, gitName, gitEmail) => {
- try {
- const stmt = db.prepare('UPDATE users SET git_name = ?, git_email = ? WHERE id = ?');
- stmt.run(gitName, gitEmail, userId);
- } catch (err) {
- throw err;
- }
- },
-
- getGitConfig: (userId) => {
- try {
- const row = db.prepare('SELECT git_name, git_email FROM users WHERE id = ?').get(userId);
- return row;
- } catch (err) {
- throw err;
- }
- },
-
- completeOnboarding: (userId) => {
- try {
- const stmt = db.prepare('UPDATE users SET has_completed_onboarding = 1 WHERE id = ?');
- stmt.run(userId);
- } catch (err) {
- throw err;
- }
- },
-
- hasCompletedOnboarding: (userId) => {
- try {
- const row = db.prepare('SELECT has_completed_onboarding FROM users WHERE id = ?').get(userId);
- return row?.has_completed_onboarding === 1;
- } catch (err) {
- throw err;
- }
- }
-};
-
-// API Keys database operations
-const apiKeysDb = {
- // Generate a new API key
- generateApiKey: () => {
- return 'ck_' + crypto.randomBytes(32).toString('hex');
- },
-
- // Create a new API key
- createApiKey: (userId, keyName) => {
- try {
- const apiKey = apiKeysDb.generateApiKey();
- const stmt = db.prepare('INSERT INTO api_keys (user_id, key_name, api_key) VALUES (?, ?, ?)');
- const result = stmt.run(userId, keyName, apiKey);
- return { id: result.lastInsertRowid, keyName, apiKey };
- } catch (err) {
- throw err;
- }
- },
-
- // Get all API keys for a user
- getApiKeys: (userId) => {
- try {
- const rows = db.prepare('SELECT id, key_name, api_key, created_at, last_used, is_active FROM api_keys WHERE user_id = ? ORDER BY created_at DESC').all(userId);
- return rows;
- } catch (err) {
- throw err;
- }
- },
-
- // Validate API key and get user
- validateApiKey: (apiKey) => {
- try {
- const row = db.prepare(`
- SELECT u.id, u.username, ak.id as api_key_id
- FROM api_keys ak
- JOIN users u ON ak.user_id = u.id
- WHERE ak.api_key = ? AND ak.is_active = 1 AND u.is_active = 1
- `).get(apiKey);
-
- if (row) {
- // Update last_used timestamp
- db.prepare('UPDATE api_keys SET last_used = CURRENT_TIMESTAMP WHERE id = ?').run(row.api_key_id);
- }
-
- return row;
- } catch (err) {
- throw err;
- }
- },
-
- // Delete an API key
- deleteApiKey: (userId, apiKeyId) => {
- try {
- const stmt = db.prepare('DELETE FROM api_keys WHERE id = ? AND user_id = ?');
- const result = stmt.run(apiKeyId, userId);
- return result.changes > 0;
- } catch (err) {
- throw err;
- }
- },
-
- // Toggle API key active status
- toggleApiKey: (userId, apiKeyId, isActive) => {
- try {
- const stmt = db.prepare('UPDATE api_keys SET is_active = ? WHERE id = ? AND user_id = ?');
- const result = stmt.run(isActive ? 1 : 0, apiKeyId, userId);
- return result.changes > 0;
- } catch (err) {
- throw err;
- }
- }
-};
-
-// User credentials database operations (for GitHub tokens, GitLab tokens, etc.)
-const credentialsDb = {
- // Create a new credential
- createCredential: (userId, credentialName, credentialType, credentialValue, description = null) => {
- try {
- const stmt = db.prepare('INSERT INTO user_credentials (user_id, credential_name, credential_type, credential_value, description) VALUES (?, ?, ?, ?, ?)');
- const result = stmt.run(userId, credentialName, credentialType, credentialValue, description);
- return { id: result.lastInsertRowid, credentialName, credentialType };
- } catch (err) {
- throw err;
- }
- },
-
- // Get all credentials for a user, optionally filtered by type
- getCredentials: (userId, credentialType = null) => {
- try {
- let query = 'SELECT id, credential_name, credential_type, description, created_at, is_active FROM user_credentials WHERE user_id = ?';
- const params = [userId];
-
- if (credentialType) {
- query += ' AND credential_type = ?';
- params.push(credentialType);
- }
-
- query += ' ORDER BY created_at DESC';
-
- const rows = db.prepare(query).all(...params);
- return rows;
- } catch (err) {
- throw err;
- }
- },
-
- // Get active credential value for a user by type (returns most recent active)
- getActiveCredential: (userId, credentialType) => {
- try {
- const row = db.prepare('SELECT credential_value FROM user_credentials WHERE user_id = ? AND credential_type = ? AND is_active = 1 ORDER BY created_at DESC LIMIT 1').get(userId, credentialType);
- return row?.credential_value || null;
- } catch (err) {
- throw err;
- }
- },
-
- // Delete a credential
- deleteCredential: (userId, credentialId) => {
- try {
- const stmt = db.prepare('DELETE FROM user_credentials WHERE id = ? AND user_id = ?');
- const result = stmt.run(credentialId, userId);
- return result.changes > 0;
- } catch (err) {
- throw err;
- }
- },
-
- // Toggle credential active status
- toggleCredential: (userId, credentialId, isActive) => {
- try {
- const stmt = db.prepare('UPDATE user_credentials SET is_active = ? WHERE id = ? AND user_id = ?');
- const result = stmt.run(isActive ? 1 : 0, credentialId, userId);
- return result.changes > 0;
- } catch (err) {
- throw err;
- }
- }
-};
-
-const DEFAULT_NOTIFICATION_PREFERENCES = {
- channels: {
- inApp: false,
- webPush: false
- },
- events: {
- actionRequired: true,
- stop: true,
- error: true
- }
-};
-
-const normalizeNotificationPreferences = (value) => {
- const source = value && typeof value === 'object' ? value : {};
-
- return {
- channels: {
- inApp: source.channels?.inApp === true,
- webPush: source.channels?.webPush === true
- },
- events: {
- actionRequired: source.events?.actionRequired !== false,
- stop: source.events?.stop !== false,
- error: source.events?.error !== false
- }
- };
-};
-
-const notificationPreferencesDb = {
- getPreferences: (userId) => {
- try {
- const row = db.prepare('SELECT preferences_json FROM user_notification_preferences WHERE user_id = ?').get(userId);
- if (!row) {
- const defaults = normalizeNotificationPreferences(DEFAULT_NOTIFICATION_PREFERENCES);
- db.prepare(
- 'INSERT INTO user_notification_preferences (user_id, preferences_json, updated_at) VALUES (?, ?, CURRENT_TIMESTAMP)'
- ).run(userId, JSON.stringify(defaults));
- return defaults;
- }
-
- let parsed;
- try {
- parsed = JSON.parse(row.preferences_json);
- } catch {
- parsed = DEFAULT_NOTIFICATION_PREFERENCES;
- }
- return normalizeNotificationPreferences(parsed);
- } catch (err) {
- throw err;
- }
- },
-
- updatePreferences: (userId, preferences) => {
- try {
- const normalized = normalizeNotificationPreferences(preferences);
- db.prepare(
- `INSERT INTO user_notification_preferences (user_id, preferences_json, updated_at)
- VALUES (?, ?, CURRENT_TIMESTAMP)
- ON CONFLICT(user_id) DO UPDATE SET
- preferences_json = excluded.preferences_json,
- updated_at = CURRENT_TIMESTAMP`
- ).run(userId, JSON.stringify(normalized));
- return normalized;
- } catch (err) {
- throw err;
- }
- }
-};
-
-const pushSubscriptionsDb = {
- saveSubscription: (userId, endpoint, keysP256dh, keysAuth) => {
- try {
- db.prepare(
- `INSERT INTO push_subscriptions (user_id, endpoint, keys_p256dh, keys_auth)
- VALUES (?, ?, ?, ?)
- ON CONFLICT(endpoint) DO UPDATE SET
- user_id = excluded.user_id,
- keys_p256dh = excluded.keys_p256dh,
- keys_auth = excluded.keys_auth`
- ).run(userId, endpoint, keysP256dh, keysAuth);
- } catch (err) {
- throw err;
- }
- },
-
- getSubscriptions: (userId) => {
- try {
- return db.prepare('SELECT endpoint, keys_p256dh, keys_auth FROM push_subscriptions WHERE user_id = ?').all(userId);
- } catch (err) {
- throw err;
- }
- },
-
- removeSubscription: (endpoint) => {
- try {
- db.prepare('DELETE FROM push_subscriptions WHERE endpoint = ?').run(endpoint);
- } catch (err) {
- throw err;
- }
- },
-
- removeAllForUser: (userId) => {
- try {
- db.prepare('DELETE FROM push_subscriptions WHERE user_id = ?').run(userId);
- } catch (err) {
- throw err;
- }
- }
-};
-
-// Session custom names database operations
-const sessionNamesDb = {
- // Set (insert or update) a custom session name
- setName: (sessionId, provider, customName) => {
- db.prepare(`
- INSERT INTO session_names (session_id, provider, custom_name)
- VALUES (?, ?, ?)
- ON CONFLICT(session_id, provider)
- DO UPDATE SET custom_name = excluded.custom_name, updated_at = CURRENT_TIMESTAMP
- `).run(sessionId, provider, customName);
- },
-
- // Get a single custom session name
- getName: (sessionId, provider) => {
- const row = db.prepare(
- 'SELECT custom_name FROM session_names WHERE session_id = ? AND provider = ?'
- ).get(sessionId, provider);
- return row?.custom_name || null;
- },
-
- // Batch lookup — returns Map
- getNames: (sessionIds, provider) => {
- if (!sessionIds.length) return new Map();
- const placeholders = sessionIds.map(() => '?').join(',');
- const rows = db.prepare(
- `SELECT session_id, custom_name FROM session_names
- WHERE session_id IN (${placeholders}) AND provider = ?`
- ).all(...sessionIds, provider);
- return new Map(rows.map(r => [r.session_id, r.custom_name]));
- },
-
- // Delete a custom session name
- deleteName: (sessionId, provider) => {
- return db.prepare(
- 'DELETE FROM session_names WHERE session_id = ? AND provider = ?'
- ).run(sessionId, provider).changes > 0;
- },
-};
-
-// Apply custom session names from the database (overrides CLI-generated summaries)
-function applyCustomSessionNames(sessions, provider) {
- if (!sessions?.length) return;
- try {
- const ids = sessions.map(s => s.id);
- const customNames = sessionNamesDb.getNames(ids, provider);
- for (const session of sessions) {
- const custom = customNames.get(session.id);
- if (custom) session.summary = custom;
- }
- } catch (error) {
- console.warn(`[DB] Failed to apply custom session names for ${provider}:`, error.message);
- }
-}
-
-// App config database operations
-const appConfigDb = {
- get: (key) => {
- try {
- const row = db.prepare('SELECT value FROM app_config WHERE key = ?').get(key);
- return row?.value || null;
- } catch (err) {
- return null;
- }
- },
-
- set: (key, value) => {
- db.prepare(
- 'INSERT INTO app_config (key, value) VALUES (?, ?) ON CONFLICT(key) DO UPDATE SET value = excluded.value'
- ).run(key, value);
- },
-
- getOrCreateJwtSecret: () => {
- let secret = appConfigDb.get('jwt_secret');
- if (!secret) {
- secret = crypto.randomBytes(64).toString('hex');
- appConfigDb.set('jwt_secret', secret);
- }
- return secret;
- }
-};
-
-// Backward compatibility - keep old names pointing to new system
-const githubTokensDb = {
- createGithubToken: (userId, tokenName, githubToken, description = null) => {
- return credentialsDb.createCredential(userId, tokenName, 'github_token', githubToken, description);
- },
- getGithubTokens: (userId) => {
- return credentialsDb.getCredentials(userId, 'github_token');
- },
- getActiveGithubToken: (userId) => {
- return credentialsDb.getActiveCredential(userId, 'github_token');
- },
- deleteGithubToken: (userId, tokenId) => {
- return credentialsDb.deleteCredential(userId, tokenId);
- },
- toggleGithubToken: (userId, tokenId, isActive) => {
- return credentialsDb.toggleCredential(userId, tokenId, isActive);
- }
-};
-
-export {
- db,
- initializeDatabase,
- userDb,
- apiKeysDb,
- credentialsDb,
- notificationPreferencesDb,
- pushSubscriptionsDb,
- sessionNamesDb,
- applyCustomSessionNames,
- appConfigDb,
- githubTokensDb // Backward compatibility
-};
diff --git a/server/database/schema.js b/server/database/schema.js
deleted file mode 100644
index 21c1b8eb..00000000
--- a/server/database/schema.js
+++ /dev/null
@@ -1,102 +0,0 @@
-export const APP_CONFIG_TABLE_SQL = `CREATE TABLE IF NOT EXISTS app_config (
- key TEXT PRIMARY KEY,
- value TEXT NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP
-);`;
-
-export const USER_NOTIFICATION_PREFERENCES_TABLE_SQL = `CREATE TABLE IF NOT EXISTS user_notification_preferences (
- user_id INTEGER PRIMARY KEY,
- preferences_json TEXT NOT NULL,
- updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-);`;
-
-export const VAPID_KEYS_TABLE_SQL = `CREATE TABLE IF NOT EXISTS vapid_keys (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- public_key TEXT NOT NULL,
- private_key TEXT NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP
-);`;
-
-export const PUSH_SUBSCRIPTIONS_TABLE_SQL = `CREATE TABLE IF NOT EXISTS push_subscriptions (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- user_id INTEGER NOT NULL,
- endpoint TEXT NOT NULL UNIQUE,
- keys_p256dh TEXT NOT NULL,
- keys_auth TEXT NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-);`;
-
-export const SESSION_NAMES_TABLE_SQL = `CREATE TABLE IF NOT EXISTS session_names (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- session_id TEXT NOT NULL,
- provider TEXT NOT NULL DEFAULT 'claude',
- custom_name TEXT NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- UNIQUE(session_id, provider)
-);`;
-
-export const SESSION_NAMES_LOOKUP_INDEX_SQL = `CREATE INDEX IF NOT EXISTS idx_session_names_lookup ON session_names(session_id, provider);`;
-
-export const DATABASE_SCHEMA_SQL = `PRAGMA foreign_keys = ON;
-
-CREATE TABLE IF NOT EXISTS users (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- username TEXT UNIQUE NOT NULL,
- password_hash TEXT NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- last_login DATETIME,
- is_active BOOLEAN DEFAULT 1,
- git_name TEXT,
- git_email TEXT,
- has_completed_onboarding BOOLEAN DEFAULT 0
-);
-
-CREATE INDEX IF NOT EXISTS idx_users_username ON users(username);
-CREATE INDEX IF NOT EXISTS idx_users_active ON users(is_active);
-
-CREATE TABLE IF NOT EXISTS api_keys (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- user_id INTEGER NOT NULL,
- key_name TEXT NOT NULL,
- api_key TEXT UNIQUE NOT NULL,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- last_used DATETIME,
- is_active BOOLEAN DEFAULT 1,
- FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_api_keys_key ON api_keys(api_key);
-CREATE INDEX IF NOT EXISTS idx_api_keys_user_id ON api_keys(user_id);
-CREATE INDEX IF NOT EXISTS idx_api_keys_active ON api_keys(is_active);
-
-CREATE TABLE IF NOT EXISTS user_credentials (
- id INTEGER PRIMARY KEY AUTOINCREMENT,
- user_id INTEGER NOT NULL,
- credential_name TEXT NOT NULL,
- credential_type TEXT NOT NULL,
- credential_value TEXT NOT NULL,
- description TEXT,
- created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
- is_active BOOLEAN DEFAULT 1,
- FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_user_credentials_user_id ON user_credentials(user_id);
-CREATE INDEX IF NOT EXISTS idx_user_credentials_type ON user_credentials(credential_type);
-CREATE INDEX IF NOT EXISTS idx_user_credentials_active ON user_credentials(is_active);
-
-${USER_NOTIFICATION_PREFERENCES_TABLE_SQL}
-
-${VAPID_KEYS_TABLE_SQL}
-
-${PUSH_SUBSCRIPTIONS_TABLE_SQL}
-
-${SESSION_NAMES_TABLE_SQL}
-
-${SESSION_NAMES_LOOKUP_INDEX_SQL}
-
-${APP_CONFIG_TABLE_SQL}
-`;
diff --git a/server/gemini-cli.js b/server/gemini-cli.js
index 62aa5307..2e68a938 100644
--- a/server/gemini-cli.js
+++ b/server/gemini-cli.js
@@ -9,8 +9,8 @@ import os from 'os';
import sessionManager from './sessionManager.js';
import GeminiResponseHandler from './gemini-response-handler.js';
import { notifyRunFailed, notifyRunStopped } from './services/notification-orchestrator.js';
-import { createNormalizedMessage } from './providers/types.js';
-import { getStatusChecker } from './providers/registry.js';
+import { providerAuthService } from './modules/providers/services/provider-auth.service.js';
+import { createNormalizedMessage } from './shared/utils.js';
let activeGeminiProcesses = new Map(); // Track active processes by session ID
@@ -383,7 +383,7 @@ async function spawnGemini(command, options = {}, ws) {
} else {
// code 127 = shell "command not found" — check installation
if (code === 127) {
- const installed = getStatusChecker('gemini')?.checkInstalled() ?? true;
+ const installed = await providerAuthService.isProviderInstalled('gemini');
if (!installed) {
const socketSessionId = typeof ws.getSessionId === 'function' ? ws.getSessionId() : finalSessionId;
ws.send(createNormalizedMessage({ kind: 'error', content: 'Gemini CLI is not installed. Please install it first: https://github.com/google-gemini/gemini-cli', sessionId: socketSessionId, provider: 'gemini' }));
@@ -399,13 +399,13 @@ async function spawnGemini(command, options = {}, ws) {
});
// Handle process errors
- geminiProcess.on('error', (error) => {
+ geminiProcess.on('error', async (error) => {
// Clean up process reference on error
const finalSessionId = capturedSessionId || sessionId || processKey;
activeGeminiProcesses.delete(finalSessionId);
// Check if Gemini CLI is installed for a clearer error message
- const installed = getStatusChecker('gemini')?.checkInstalled() ?? true;
+ const installed = await providerAuthService.isProviderInstalled('gemini');
const errorContent = !installed
? 'Gemini CLI is not installed. Please install it first: https://github.com/google-gemini/gemini-cli'
: error.message;
diff --git a/server/gemini-response-handler.js b/server/gemini-response-handler.js
index 9da1f5cc..b0a17485 100644
--- a/server/gemini-response-handler.js
+++ b/server/gemini-response-handler.js
@@ -1,5 +1,5 @@
// Gemini Response Handler - JSON Stream processing
-import { geminiAdapter } from './providers/gemini/adapter.js';
+import { sessionsService } from './modules/providers/services/sessions.service.js';
class GeminiResponseHandler {
constructor(ws, options = {}) {
@@ -56,7 +56,7 @@ class GeminiResponseHandler {
}
// Normalize via adapter and send all resulting messages
- const normalized = geminiAdapter.normalizeMessage(event, sid);
+ const normalized = sessionsService.normalizeMessage('gemini', event, sid);
for (const msg of normalized) {
this.ws.send(msg);
}
diff --git a/server/index.js b/server/index.js
index 1f1f400a..53927d19 100755
--- a/server/index.js
+++ b/server/index.js
@@ -1,9 +1,76 @@
#!/usr/bin/env node
// Load environment variables before other imports execute
import './load-env.js';
-import fs from 'fs';
+import fs, { promises as fsPromises } from 'fs';
import path from 'path';
+import os from 'os';
+import http from 'http';
+import { spawn } from 'child_process';
+
+import express from 'express';
+import cors from 'cors';
+import mime from 'mime-types';
+
+import { AppError, WORKSPACES_ROOT, validateWorkspacePath } from '@/shared/utils.js';
+import { closeSessionsWatcher, initializeSessionsWatcher } from '@/modules/providers/index.js';
+import { createWebSocketServer } from '@/modules/websocket/index.js';
+
+import { getConnectableHost } from '../shared/networkHosts.js';
+
import { findAppRoot, getModuleDir } from './utils/runtime-paths.js';
+import {
+ queryClaudeSDK,
+ abortClaudeSDKSession,
+ isClaudeSDKSessionActive,
+ getActiveClaudeSDKSessions,
+ resolveToolApproval,
+ getPendingApprovalsForSession,
+ reconnectSessionWriter,
+} from './claude-sdk.js';
+import {
+ spawnCursor,
+ abortCursorSession,
+ isCursorSessionActive,
+ getActiveCursorSessions,
+} from './cursor-cli.js';
+import {
+ queryCodex,
+ abortCodexSession,
+ isCodexSessionActive,
+ getActiveCodexSessions,
+} from './openai-codex.js';
+import {
+ spawnGemini,
+ abortGeminiSession,
+ isGeminiSessionActive,
+ getActiveGeminiSessions,
+} from './gemini-cli.js';
+import sessionManager from './sessionManager.js';
+import {
+ stripAnsiSequences,
+ normalizeDetectedUrl,
+ extractUrlsFromText,
+ shouldAutoOpenUrlFromOutput,
+} from './utils/url-detection.js';
+import gitRoutes from './routes/git.js';
+import authRoutes from './routes/auth.js';
+import cursorRoutes from './routes/cursor.js';
+import taskmasterRoutes from './routes/taskmaster.js';
+import mcpUtilsRoutes from './routes/mcp-utils.js';
+import commandsRoutes from './routes/commands.js';
+import settingsRoutes from './routes/settings.js';
+import agentRoutes from './routes/agent.js';
+import projectModuleRoutes from './modules/projects/projects.routes.js';
+import userRoutes from './routes/user.js';
+import geminiRoutes from './routes/gemini.js';
+import pluginsRoutes from './routes/plugins.js';
+import providerRoutes from './modules/providers/provider.routes.js';
+import { startEnabledPluginServers, stopAllPlugins, getPluginPort } from './utils/plugin-process-manager.js';
+import { initializeDatabase, projectsDb } from './modules/database/index.js';
+import { configureWebPush } from './services/vapid-keys.js';
+import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
+import { IS_PLATFORM } from './constants/config.js';
+import { c } from './utils/colors.js';
const __dirname = getModuleDir(import.meta.url);
// The server source runs from /server, while the compiled output runs from /dist-server/server.
@@ -11,241 +78,46 @@ const __dirname = getModuleDir(import.meta.url);
const APP_ROOT = findAppRoot(__dirname);
const installMode = fs.existsSync(path.join(APP_ROOT, '.git')) ? 'git' : 'npm';
-import { c } from './utils/colors.js';
-
console.log('SERVER_PORT from env:', process.env.SERVER_PORT);
-import express from 'express';
-import { WebSocketServer, WebSocket } from 'ws';
-import os from 'os';
-import http from 'http';
-import cors from 'cors';
-import { promises as fsPromises } from 'fs';
-import { spawn } from 'child_process';
-import pty from 'node-pty';
-import fetch from 'node-fetch';
-import mime from 'mime-types';
-
-import { getProjects, getSessions, renameProject, deleteSession, deleteProject, addProjectManually, extractProjectDirectory, clearProjectDirectoryCache, searchConversations } from './projects.js';
-import { queryClaudeSDK, abortClaudeSDKSession, isClaudeSDKSessionActive, getActiveClaudeSDKSessions, resolveToolApproval, getPendingApprovalsForSession, reconnectSessionWriter } from './claude-sdk.js';
-import { spawnCursor, abortCursorSession, isCursorSessionActive, getActiveCursorSessions } from './cursor-cli.js';
-import { queryCodex, abortCodexSession, isCodexSessionActive, getActiveCodexSessions } from './openai-codex.js';
-import { spawnGemini, abortGeminiSession, isGeminiSessionActive, getActiveGeminiSessions } from './gemini-cli.js';
-import sessionManager from './sessionManager.js';
-import gitRoutes from './routes/git.js';
-import authRoutes from './routes/auth.js';
-import mcpRoutes from './routes/mcp.js';
-import cursorRoutes from './routes/cursor.js';
-import taskmasterRoutes from './routes/taskmaster.js';
-import mcpUtilsRoutes from './routes/mcp-utils.js';
-import commandsRoutes from './routes/commands.js';
-import settingsRoutes from './routes/settings.js';
-import agentRoutes from './routes/agent.js';
-import projectsRoutes, { WORKSPACES_ROOT, validateWorkspacePath } from './routes/projects.js';
-import cliAuthRoutes from './routes/cli-auth.js';
-import userRoutes from './routes/user.js';
-import codexRoutes from './routes/codex.js';
-import geminiRoutes from './routes/gemini.js';
-import pluginsRoutes from './routes/plugins.js';
-import messagesRoutes from './routes/messages.js';
-import { createNormalizedMessage } from './providers/types.js';
-import { startEnabledPluginServers, stopAllPlugins, getPluginPort } from './utils/plugin-process-manager.js';
-import { initializeDatabase, sessionNamesDb, applyCustomSessionNames } from './database/db.js';
-import { configureWebPush } from './services/vapid-keys.js';
-import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
-import { IS_PLATFORM } from './constants/config.js';
-import { getConnectableHost } from '../shared/networkHosts.js';
-
-const VALID_PROVIDERS = ['claude', 'codex', 'cursor', 'gemini'];
-
-// File system watchers for provider project/session folders
-const PROVIDER_WATCH_PATHS = [
- { provider: 'claude', rootPath: path.join(os.homedir(), '.claude', 'projects') },
- { provider: 'cursor', rootPath: path.join(os.homedir(), '.cursor', 'chats') },
- { provider: 'codex', rootPath: path.join(os.homedir(), '.codex', 'sessions') },
- { provider: 'gemini', rootPath: path.join(os.homedir(), '.gemini', 'projects') },
- { provider: 'gemini_sessions', rootPath: path.join(os.homedir(), '.gemini', 'sessions') }
-];
-const WATCHER_IGNORED_PATTERNS = [
- '**/node_modules/**',
- '**/.git/**',
- '**/dist/**',
- '**/build/**',
- '**/*.tmp',
- '**/*.swp',
- '**/.DS_Store'
-];
-const WATCHER_DEBOUNCE_MS = 300;
-let projectsWatchers = [];
-let projectsWatcherDebounceTimer = null;
-const connectedClients = new Set();
-let isGetProjectsRunning = false; // Flag to prevent reentrant calls
-
-// Broadcast progress to all connected WebSocket clients
-function broadcastProgress(progress) {
- const message = JSON.stringify({
- type: 'loading_progress',
- ...progress
- });
- connectedClients.forEach(client => {
- if (client.readyState === WebSocket.OPEN) {
- client.send(message);
- }
- });
-}
-
-// Setup file system watchers for Claude, Cursor, and Codex project/session folders
-async function setupProjectsWatcher() {
- const chokidar = (await import('chokidar')).default;
-
- if (projectsWatcherDebounceTimer) {
- clearTimeout(projectsWatcherDebounceTimer);
- projectsWatcherDebounceTimer = null;
- }
-
- await Promise.all(
- projectsWatchers.map(async (watcher) => {
- try {
- await watcher.close();
- } catch (error) {
- console.error('[WARN] Failed to close watcher:', error);
- }
- })
- );
- projectsWatchers = [];
-
- const debouncedUpdate = (eventType, filePath, provider, rootPath) => {
- if (projectsWatcherDebounceTimer) {
- clearTimeout(projectsWatcherDebounceTimer);
- }
-
- projectsWatcherDebounceTimer = setTimeout(async () => {
- // Prevent reentrant calls
- if (isGetProjectsRunning) {
- return;
- }
-
- try {
- isGetProjectsRunning = true;
-
- // Clear project directory cache when files change
- clearProjectDirectoryCache();
-
- // Get updated projects list
- const updatedProjects = await getProjects(broadcastProgress);
-
- // Notify all connected clients about the project changes
- const updateMessage = JSON.stringify({
- type: 'projects_updated',
- projects: updatedProjects,
- timestamp: new Date().toISOString(),
- changeType: eventType,
- changedFile: path.relative(rootPath, filePath),
- watchProvider: provider
- });
-
- connectedClients.forEach(client => {
- if (client.readyState === WebSocket.OPEN) {
- client.send(updateMessage);
- }
- });
-
- } catch (error) {
- console.error('[ERROR] Error handling project changes:', error);
- } finally {
- isGetProjectsRunning = false;
- }
- }, WATCHER_DEBOUNCE_MS);
- };
-
- for (const { provider, rootPath } of PROVIDER_WATCH_PATHS) {
- try {
- // chokidar v4 emits ENOENT via the "error" event for missing roots and will not auto-recover.
- // Ensure provider folders exist before creating the watcher so watching stays active.
- await fsPromises.mkdir(rootPath, { recursive: true });
-
- // Initialize chokidar watcher with optimized settings
- const watcher = chokidar.watch(rootPath, {
- ignored: WATCHER_IGNORED_PATTERNS,
- persistent: true,
- ignoreInitial: true, // Don't fire events for existing files on startup
- followSymlinks: false,
- depth: 10, // Reasonable depth limit
- awaitWriteFinish: {
- stabilityThreshold: 100, // Wait 100ms for file to stabilize
- pollInterval: 50
- }
- });
-
- // Set up event listeners
- watcher
- .on('add', (filePath) => debouncedUpdate('add', filePath, provider, rootPath))
- .on('change', (filePath) => debouncedUpdate('change', filePath, provider, rootPath))
- .on('unlink', (filePath) => debouncedUpdate('unlink', filePath, provider, rootPath))
- .on('addDir', (dirPath) => debouncedUpdate('addDir', dirPath, provider, rootPath))
- .on('unlinkDir', (dirPath) => debouncedUpdate('unlinkDir', dirPath, provider, rootPath))
- .on('error', (error) => {
- console.error(`[ERROR] ${provider} watcher error:`, error);
- })
- .on('ready', () => {
- });
-
- projectsWatchers.push(watcher);
- } catch (error) {
- console.error(`[ERROR] Failed to setup ${provider} watcher for ${rootPath}:`, error);
- }
- }
-
- if (projectsWatchers.length === 0) {
- console.error('[ERROR] Failed to setup any provider watchers');
- }
-}
-
-
const app = express();
const server = http.createServer(app);
-const ptySessionsMap = new Map();
-const PTY_SESSION_TIMEOUT = 30 * 60 * 1000;
-const SHELL_URL_PARSE_BUFFER_LIMIT = 32768;
-import { stripAnsiSequences, normalizeDetectedUrl, extractUrlsFromText, shouldAutoOpenUrlFromOutput } from './utils/url-detection.js';
-
-// Single WebSocket server that handles both paths
-const wss = new WebSocketServer({
- server,
- verifyClient: (info) => {
- console.log('WebSocket connection attempt to:', info.req.url);
-
- // Platform mode: always allow connection
- if (IS_PLATFORM) {
- const user = authenticateWebSocket(null); // Will return first user
- if (!user) {
- console.log('[WARN] Platform mode: No user found in database');
- return false;
- }
- info.req.user = user;
- console.log('[OK] Platform mode WebSocket authenticated for user:', user.username);
- return true;
- }
-
- // Normal mode: verify token
- // Extract token from query parameters or headers
- const url = new URL(info.req.url, 'http://localhost');
- const token = url.searchParams.get('token') ||
- info.req.headers.authorization?.split(' ')[1];
-
- // Verify token
- const user = authenticateWebSocket(token);
- if (!user) {
- console.log('[WARN] WebSocket authentication failed');
- return false;
- }
-
- // Store user info in the request for later use
- info.req.user = user;
- console.log('[OK] WebSocket authenticated for user:', user.username);
- return true;
- }
+// Single WebSocket server that handles chat, shell, and plugin proxy paths.
+const wss = createWebSocketServer(server, {
+ verifyClient: {
+ isPlatform: IS_PLATFORM,
+ authenticateWebSocket,
+ },
+ chat: {
+ queryClaudeSDK,
+ spawnCursor,
+ queryCodex,
+ spawnGemini,
+ abortClaudeSDKSession,
+ abortCursorSession,
+ abortCodexSession,
+ abortGeminiSession,
+ resolveToolApproval,
+ isClaudeSDKSessionActive,
+ isCursorSessionActive,
+ isCodexSessionActive,
+ isGeminiSessionActive,
+ reconnectSessionWriter,
+ getPendingApprovalsForSession,
+ getActiveClaudeSDKSessions,
+ getActiveCursorSessions,
+ getActiveCodexSessions,
+ getActiveGeminiSessions,
+ },
+ shell: {
+ getSessionById: (sessionId) => sessionManager.getSession(sessionId),
+ stripAnsiSequences,
+ normalizeDetectedUrl,
+ extractUrlsFromText,
+ shouldAutoOpenUrlFromOutput,
+ },
+ getPluginPort,
});
// Make WebSocket server available to routes
@@ -281,14 +153,11 @@ app.use('/api', validateApiKey);
app.use('/api/auth', authRoutes);
// Projects API Routes (protected)
-app.use('/api/projects', authenticateToken, projectsRoutes);
+app.use('/api/projects', authenticateToken, projectModuleRoutes);
// Git API Routes (protected)
app.use('/api/git', authenticateToken, gitRoutes);
-// MCP API Routes (protected)
-app.use('/api/mcp', authenticateToken, mcpRoutes);
-
// Cursor API Routes (protected)
app.use('/api/cursor', authenticateToken, cursorRoutes);
@@ -304,23 +173,17 @@ app.use('/api/commands', authenticateToken, commandsRoutes);
// Settings API Routes (protected)
app.use('/api/settings', authenticateToken, settingsRoutes);
-// CLI Authentication API Routes (protected)
-app.use('/api/cli', authenticateToken, cliAuthRoutes);
-
// User API Routes (protected)
app.use('/api/user', authenticateToken, userRoutes);
-// Codex API Routes (protected)
-app.use('/api/codex', authenticateToken, codexRoutes);
-
// Gemini API Routes (protected)
app.use('/api/gemini', authenticateToken, geminiRoutes);
// Plugins API Routes (protected)
app.use('/api/plugins', authenticateToken, pluginsRoutes);
-// Unified session messages route (protected)
-app.use('/api/sessions', authenticateToken, messagesRoutes);
+// Unified provider MCP routes (protected)
+app.use('/api/providers', authenticateToken, providerRoutes);
// Agent API Routes (uses API key authentication)
app.use('/api/agent', agentRoutes);
@@ -422,155 +285,6 @@ app.post('/api/system/update', authenticateToken, async (req, res) => {
}
});
-app.get('/api/projects', authenticateToken, async (req, res) => {
- try {
- const projects = await getProjects(broadcastProgress);
- res.json(projects);
- } catch (error) {
- res.status(500).json({ error: error.message });
- }
-});
-
-app.get('/api/projects/:projectName/sessions', authenticateToken, async (req, res) => {
- try {
- const { limit = 5, offset = 0 } = req.query;
- const result = await getSessions(req.params.projectName, parseInt(limit), parseInt(offset));
- applyCustomSessionNames(result.sessions, 'claude');
- res.json(result);
- } catch (error) {
- res.status(500).json({ error: error.message });
- }
-});
-
-// Rename project endpoint
-app.put('/api/projects/:projectName/rename', authenticateToken, async (req, res) => {
- try {
- const { displayName } = req.body;
- await renameProject(req.params.projectName, displayName);
- res.json({ success: true });
- } catch (error) {
- res.status(500).json({ error: error.message });
- }
-});
-
-// Delete session endpoint
-app.delete('/api/projects/:projectName/sessions/:sessionId', authenticateToken, async (req, res) => {
- try {
- const { projectName, sessionId } = req.params;
- console.log(`[API] Deleting session: ${sessionId} from project: ${projectName}`);
- await deleteSession(projectName, sessionId);
- sessionNamesDb.deleteName(sessionId, 'claude');
- console.log(`[API] Session ${sessionId} deleted successfully`);
- res.json({ success: true });
- } catch (error) {
- console.error(`[API] Error deleting session ${req.params.sessionId}:`, error);
- res.status(500).json({ error: error.message });
- }
-});
-
-// Rename session endpoint
-app.put('/api/sessions/:sessionId/rename', authenticateToken, async (req, res) => {
- try {
- const { sessionId } = req.params;
- const safeSessionId = String(sessionId).replace(/[^a-zA-Z0-9._-]/g, '');
- if (!safeSessionId || safeSessionId !== String(sessionId)) {
- return res.status(400).json({ error: 'Invalid sessionId' });
- }
- const { summary, provider } = req.body;
- if (!summary || typeof summary !== 'string' || summary.trim() === '') {
- return res.status(400).json({ error: 'Summary is required' });
- }
- if (summary.trim().length > 500) {
- return res.status(400).json({ error: 'Summary must not exceed 500 characters' });
- }
- if (!provider || !VALID_PROVIDERS.includes(provider)) {
- return res.status(400).json({ error: `Provider must be one of: ${VALID_PROVIDERS.join(', ')}` });
- }
- sessionNamesDb.setName(safeSessionId, provider, summary.trim());
- res.json({ success: true });
- } catch (error) {
- console.error(`[API] Error renaming session ${req.params.sessionId}:`, error);
- res.status(500).json({ error: error.message });
- }
-});
-
-// Delete project endpoint
-// force=true to allow removal even when sessions exist
-// deleteData=true to also delete session/memory files on disk (destructive)
-app.delete('/api/projects/:projectName', authenticateToken, async (req, res) => {
- try {
- const { projectName } = req.params;
- const force = req.query.force === 'true';
- const deleteData = req.query.deleteData === 'true';
- await deleteProject(projectName, force, deleteData);
- res.json({ success: true });
- } catch (error) {
- res.status(500).json({ error: error.message });
- }
-});
-
-// Create project endpoint
-app.post('/api/projects/create', authenticateToken, async (req, res) => {
- try {
- const { path: projectPath } = req.body;
-
- if (!projectPath || !projectPath.trim()) {
- return res.status(400).json({ error: 'Project path is required' });
- }
-
- const project = await addProjectManually(projectPath.trim());
- res.json({ success: true, project });
- } catch (error) {
- console.error('Error creating project:', error);
- res.status(500).json({ error: error.message });
- }
-});
-
-// Search conversations content (SSE streaming)
-app.get('/api/search/conversations', authenticateToken, async (req, res) => {
- const query = typeof req.query.q === 'string' ? req.query.q.trim() : '';
- const parsedLimit = Number.parseInt(String(req.query.limit), 10);
- const limit = Number.isNaN(parsedLimit) ? 50 : Math.max(1, Math.min(parsedLimit, 100));
-
- if (query.length < 2) {
- return res.status(400).json({ error: 'Query must be at least 2 characters' });
- }
-
- res.writeHead(200, {
- 'Content-Type': 'text/event-stream',
- 'Cache-Control': 'no-cache',
- 'Connection': 'keep-alive',
- 'X-Accel-Buffering': 'no',
- });
-
- let closed = false;
- const abortController = new AbortController();
- req.on('close', () => { closed = true; abortController.abort(); });
-
- try {
- await searchConversations(query, limit, ({ projectResult, totalMatches, scannedProjects, totalProjects }) => {
- if (closed) return;
- if (projectResult) {
- res.write(`event: result\ndata: ${JSON.stringify({ projectResult, totalMatches, scannedProjects, totalProjects })}\n\n`);
- } else {
- res.write(`event: progress\ndata: ${JSON.stringify({ totalMatches, scannedProjects, totalProjects })}\n\n`);
- }
- }, abortController.signal);
- if (!closed) {
- res.write(`event: done\ndata: {}\n\n`);
- }
- } catch (error) {
- console.error('Error searching conversations:', error);
- if (!closed) {
- res.write(`event: error\ndata: ${JSON.stringify({ error: 'Search failed' })}\n\n`);
- }
- } finally {
- if (!closed) {
- res.end();
- }
- }
-});
-
const expandWorkspacePath = (inputPath) => {
if (!inputPath) return inputPath;
if (inputPath === '~') {
@@ -704,9 +418,9 @@ app.post('/api/create-folder', authenticateToken, async (req, res) => {
});
// Read file content endpoint
-app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
+app.get('/api/projects/:projectId/file', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { filePath } = req.query;
@@ -715,7 +429,9 @@ app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) =
return res.status(400).json({ error: 'Invalid file path' });
}
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Resolve the absolute project root via the DB-backed helper; the
+ // caller passes the DB-assigned `projectId`, not a folder name.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -744,9 +460,9 @@ app.get('/api/projects/:projectName/file', authenticateToken, async (req, res) =
});
// Serve raw file bytes for previews and downloads.
-app.get('/api/projects/:projectName/files/content', authenticateToken, async (req, res) => {
+app.get('/api/projects/:projectId/files/content', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { path: filePath } = req.query;
@@ -755,7 +471,8 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
return res.status(400).json({ error: 'Invalid file path' });
}
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Projects are now addressed by DB `projectId`, resolved to their path here.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -801,9 +518,9 @@ app.get('/api/projects/:projectName/files/content', authenticateToken, async (re
});
// Save file content endpoint
-app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) => {
+app.put('/api/projects/:projectId/file', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { filePath, content } = req.body;
@@ -816,7 +533,8 @@ app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) =
return res.status(400).json({ error: 'Content is required' });
}
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Projects are now addressed by DB `projectId`, resolved to their path here.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -850,19 +568,16 @@ app.put('/api/projects/:projectName/file', authenticateToken, async (req, res) =
}
});
-app.get('/api/projects/:projectName/files', authenticateToken, async (req, res) => {
+app.get('/api/projects/:projectId/files', authenticateToken, async (req, res) => {
try {
// Using fsPromises from import
- // Use extractProjectDirectory to get the actual project path
- let actualPath;
- try {
- actualPath = await extractProjectDirectory(req.params.projectName);
- } catch (error) {
- console.error('Error extracting project directory:', error);
- // Fallback to simple dash replacement
- actualPath = req.params.projectName.replace(/-/g, '/');
+ // Resolve the project's absolute path through the DB (projectId is the
+ // primary key of the `projects` table after the identifier migration).
+ const actualPath = await projectsDb.getProjectPathById(req.params.projectId);
+ if (!actualPath) {
+ return res.status(404).json({ error: 'Project not found' });
}
// Check if path exists
@@ -927,10 +642,10 @@ function validateFilename(name) {
return { valid: true };
}
-// POST /api/projects/:projectName/files/create - Create new file or directory
-app.post('/api/projects/:projectName/files/create', authenticateToken, async (req, res) => {
+// POST /api/projects/:projectId/files/create - Create new file or directory
+app.post('/api/projects/:projectId/files/create', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { path: parentPath, type, name } = req.body;
// Validate input
@@ -947,8 +662,8 @@ app.post('/api/projects/:projectName/files/create', authenticateToken, async (re
return res.status(400).json({ error: nameValidation.error });
}
- // Get project root
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Resolve the project directory through the DB using the new projectId.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -1004,10 +719,10 @@ app.post('/api/projects/:projectName/files/create', authenticateToken, async (re
}
});
-// PUT /api/projects/:projectName/files/rename - Rename file or directory
-app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req, res) => {
+// PUT /api/projects/:projectId/files/rename - Rename file or directory
+app.put('/api/projects/:projectId/files/rename', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { oldPath, newName } = req.body;
// Validate input
@@ -1020,8 +735,8 @@ app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req
return res.status(400).json({ error: nameValidation.error });
}
- // Get project root
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Resolve the project directory through the DB using the new projectId.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -1081,10 +796,10 @@ app.put('/api/projects/:projectName/files/rename', authenticateToken, async (req
}
});
-// DELETE /api/projects/:projectName/files - Delete file or directory
-app.delete('/api/projects/:projectName/files', authenticateToken, async (req, res) => {
+// DELETE /api/projects/:projectId/files - Delete file or directory
+app.delete('/api/projects/:projectId/files', authenticateToken, async (req, res) => {
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { path: targetPath, type } = req.body;
// Validate input
@@ -1092,8 +807,8 @@ app.delete('/api/projects/:projectName/files', authenticateToken, async (req, re
return res.status(400).json({ error: 'Path is required' });
}
- // Get project root
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Resolve the project directory through the DB using the new projectId.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -1146,7 +861,7 @@ app.delete('/api/projects/:projectName/files', authenticateToken, async (req, re
}
});
-// POST /api/projects/:projectName/files/upload - Upload files
+// POST /api/projects/:projectId/files/upload - Upload files
// Dynamic import of multer for file uploads
const uploadFilesHandler = async (req, res) => {
// Dynamic import of multer
@@ -1185,7 +900,7 @@ const uploadFilesHandler = async (req, res) => {
}
try {
- const { projectName } = req.params;
+ const { projectId } = req.params;
const { targetPath, relativePaths } = req.body;
// Parse relative paths if provided (for folder uploads)
@@ -1199,7 +914,7 @@ const uploadFilesHandler = async (req, res) => {
}
console.log('[DEBUG] File upload request:', {
- projectName,
+ projectId,
targetPath: JSON.stringify(targetPath),
targetPathType: typeof targetPath,
filesCount: req.files?.length,
@@ -1210,8 +925,8 @@ const uploadFilesHandler = async (req, res) => {
return res.status(400).json({ error: 'No files provided' });
}
- // Get project root
- const projectRoot = await extractProjectDirectory(projectName).catch(() => null);
+ // Resolve the project directory through the DB using the new projectId.
+ const projectRoot = await projectsDb.getProjectPathById(projectId);
if (!projectRoot) {
return res.status(404).json({ error: 'Project not found' });
}
@@ -1308,615 +1023,12 @@ const uploadFilesHandler = async (req, res) => {
});
};
-app.post('/api/projects/:projectName/files/upload', authenticateToken, uploadFilesHandler);
+app.post('/api/projects/:projectId/files/upload', authenticateToken, uploadFilesHandler);
-/**
- * Proxy an authenticated client WebSocket to a plugin's internal WS server.
- * Auth is enforced by verifyClient before this function is reached.
- */
-function handlePluginWsProxy(clientWs, pathname) {
- const pluginName = pathname.replace('/plugin-ws/', '');
- if (!pluginName || /[^a-zA-Z0-9_-]/.test(pluginName)) {
- clientWs.close(4400, 'Invalid plugin name');
- return;
- }
-
- const port = getPluginPort(pluginName);
- if (!port) {
- clientWs.close(4404, 'Plugin not running');
- return;
- }
-
- const upstream = new WebSocket(`ws://127.0.0.1:${port}/ws`);
-
- upstream.on('open', () => {
- console.log(`[Plugins] WS proxy connected to "${pluginName}" on port ${port}`);
- });
-
- // Relay messages bidirectionally
- upstream.on('message', (data) => {
- if (clientWs.readyState === WebSocket.OPEN) clientWs.send(data);
- });
- clientWs.on('message', (data) => {
- if (upstream.readyState === WebSocket.OPEN) upstream.send(data);
- });
-
- // Propagate close in both directions
- upstream.on('close', () => { if (clientWs.readyState === WebSocket.OPEN) clientWs.close(); });
- clientWs.on('close', () => { if (upstream.readyState === WebSocket.OPEN) upstream.close(); });
-
- upstream.on('error', (err) => {
- console.error(`[Plugins] WS proxy error for "${pluginName}":`, err.message);
- if (clientWs.readyState === WebSocket.OPEN) clientWs.close(4502, 'Upstream error');
- });
- clientWs.on('error', () => {
- if (upstream.readyState === WebSocket.OPEN) upstream.close();
- });
-}
-
-// WebSocket connection handler that routes based on URL path
-wss.on('connection', (ws, request) => {
- const url = request.url;
- console.log('[INFO] Client connected to:', url);
-
- // Parse URL to get pathname without query parameters
- const urlObj = new URL(url, 'http://localhost');
- const pathname = urlObj.pathname;
-
- if (pathname === '/shell') {
- handleShellConnection(ws);
- } else if (pathname === '/ws') {
- handleChatConnection(ws, request);
- } else if (pathname.startsWith('/plugin-ws/')) {
- handlePluginWsProxy(ws, pathname);
- } else {
- console.log('[WARN] Unknown WebSocket path:', pathname);
- ws.close();
- }
-});
-
-/**
- * WebSocket Writer - Wrapper for WebSocket to match SSEStreamWriter interface
- *
- * Provider files use `createNormalizedMessage()` from `providers/types.js` and
- * adapter `normalizeMessage()` to produce unified NormalizedMessage events.
- * The writer simply serialises and sends.
- */
-class WebSocketWriter {
- constructor(ws, userId = null) {
- this.ws = ws;
- this.sessionId = null;
- this.userId = userId;
- this.isWebSocketWriter = true; // Marker for transport detection
- }
-
- send(data) {
- if (this.ws.readyState === 1) { // WebSocket.OPEN
- this.ws.send(JSON.stringify(data));
- }
- }
-
- updateWebSocket(newRawWs) {
- this.ws = newRawWs;
- }
-
- setSessionId(sessionId) {
- this.sessionId = sessionId;
- }
-
- getSessionId() {
- return this.sessionId;
- }
-}
-
-// Handle chat WebSocket connections
-function handleChatConnection(ws, request) {
- console.log('[INFO] Chat WebSocket connected');
-
- // Add to connected clients for project updates
- connectedClients.add(ws);
-
- // Wrap WebSocket with writer for consistent interface with SSEStreamWriter
- const writer = new WebSocketWriter(ws, request?.user?.id ?? request?.user?.userId ?? null);
-
- ws.on('message', async (message) => {
- try {
- const data = JSON.parse(message);
-
- if (data.type === 'claude-command') {
- console.log('[DEBUG] User message:', data.command || '[Continue/Resume]');
- console.log('📁 Project:', data.options?.projectPath || 'Unknown');
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
-
- // Use Claude Agents SDK
- await queryClaudeSDK(data.command, data.options, writer);
- } else if (data.type === 'cursor-command') {
- console.log('[DEBUG] Cursor message:', data.command || '[Continue/Resume]');
- console.log('📁 Project:', data.options?.cwd || 'Unknown');
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
- console.log('🤖 Model:', data.options?.model || 'default');
- await spawnCursor(data.command, data.options, writer);
- } else if (data.type === 'codex-command') {
- console.log('[DEBUG] Codex message:', data.command || '[Continue/Resume]');
- console.log('📁 Project:', data.options?.projectPath || data.options?.cwd || 'Unknown');
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
- console.log('🤖 Model:', data.options?.model || 'default');
- await queryCodex(data.command, data.options, writer);
- } else if (data.type === 'gemini-command') {
- console.log('[DEBUG] Gemini message:', data.command || '[Continue/Resume]');
- console.log('📁 Project:', data.options?.projectPath || data.options?.cwd || 'Unknown');
- console.log('🔄 Session:', data.options?.sessionId ? 'Resume' : 'New');
- console.log('🤖 Model:', data.options?.model || 'default');
- await spawnGemini(data.command, data.options, writer);
- } else if (data.type === 'cursor-resume') {
- // Backward compatibility: treat as cursor-command with resume and no prompt
- console.log('[DEBUG] Cursor resume session (compat):', data.sessionId);
- await spawnCursor('', {
- sessionId: data.sessionId,
- resume: true,
- cwd: data.options?.cwd
- }, writer);
- } else if (data.type === 'abort-session') {
- console.log('[DEBUG] Abort session request:', data.sessionId);
- const provider = data.provider || 'claude';
- let success;
-
- if (provider === 'cursor') {
- success = abortCursorSession(data.sessionId);
- } else if (provider === 'codex') {
- success = abortCodexSession(data.sessionId);
- } else if (provider === 'gemini') {
- success = abortGeminiSession(data.sessionId);
- } else {
- // Use Claude Agents SDK
- success = await abortClaudeSDKSession(data.sessionId);
- }
-
- writer.send(createNormalizedMessage({ kind: 'complete', exitCode: success ? 0 : 1, aborted: true, success, sessionId: data.sessionId, provider }));
- } else if (data.type === 'claude-permission-response') {
- // Relay UI approval decisions back into the SDK control flow.
- // This does not persist permissions; it only resolves the in-flight request,
- // introduced so the SDK can resume once the user clicks Allow/Deny.
- if (data.requestId) {
- resolveToolApproval(data.requestId, {
- allow: Boolean(data.allow),
- updatedInput: data.updatedInput,
- message: data.message,
- rememberEntry: data.rememberEntry
- });
- }
- } else if (data.type === 'cursor-abort') {
- console.log('[DEBUG] Abort Cursor session:', data.sessionId);
- const success = abortCursorSession(data.sessionId);
- writer.send(createNormalizedMessage({ kind: 'complete', exitCode: success ? 0 : 1, aborted: true, success, sessionId: data.sessionId, provider: 'cursor' }));
- } else if (data.type === 'check-session-status') {
- // Check if a specific session is currently processing
- const provider = data.provider || 'claude';
- const sessionId = data.sessionId;
- let isActive;
-
- if (provider === 'cursor') {
- isActive = isCursorSessionActive(sessionId);
- } else if (provider === 'codex') {
- isActive = isCodexSessionActive(sessionId);
- } else if (provider === 'gemini') {
- isActive = isGeminiSessionActive(sessionId);
- } else {
- // Use Claude Agents SDK
- isActive = isClaudeSDKSessionActive(sessionId);
- if (isActive) {
- // Reconnect the session's writer to the new WebSocket so
- // subsequent SDK output flows to the refreshed client.
- reconnectSessionWriter(sessionId, ws);
- }
- }
-
- writer.send({
- type: 'session-status',
- sessionId,
- provider,
- isProcessing: isActive
- });
- } else if (data.type === 'get-pending-permissions') {
- // Return pending permission requests for a session
- const sessionId = data.sessionId;
- if (sessionId && isClaudeSDKSessionActive(sessionId)) {
- const pending = getPendingApprovalsForSession(sessionId);
- writer.send({
- type: 'pending-permissions-response',
- sessionId,
- data: pending
- });
- }
- } else if (data.type === 'get-active-sessions') {
- // Get all currently active sessions
- const activeSessions = {
- claude: getActiveClaudeSDKSessions(),
- cursor: getActiveCursorSessions(),
- codex: getActiveCodexSessions(),
- gemini: getActiveGeminiSessions()
- };
- writer.send({
- type: 'active-sessions',
- sessions: activeSessions
- });
- }
- } catch (error) {
- console.error('[ERROR] Chat WebSocket error:', error.message);
- writer.send({
- type: 'error',
- error: error.message
- });
- }
- });
-
- ws.on('close', () => {
- console.log('🔌 Chat client disconnected');
- // Remove from connected clients
- connectedClients.delete(ws);
- });
-}
-
-// Handle shell WebSocket connections
-function handleShellConnection(ws) {
- console.log('🐚 Shell client connected');
- let shellProcess = null;
- let ptySessionKey = null;
- let urlDetectionBuffer = '';
- const announcedAuthUrls = new Set();
-
- ws.on('message', async (message) => {
- try {
- const data = JSON.parse(message);
- console.log('📨 Shell message received:', data.type);
-
- if (data.type === 'init') {
- const projectPath = data.projectPath || process.cwd();
- const sessionId = data.sessionId;
- const hasSession = data.hasSession;
- const provider = data.provider || 'claude';
- const initialCommand = data.initialCommand;
- const isPlainShell = data.isPlainShell || (!!initialCommand && !hasSession) || provider === 'plain-shell';
- urlDetectionBuffer = '';
- announcedAuthUrls.clear();
-
- // Login commands (Claude/Cursor auth) should never reuse cached sessions
- const isLoginCommand = initialCommand && (
- initialCommand.includes('setup-token') ||
- initialCommand.includes('cursor-agent login') ||
- initialCommand.includes('auth login')
- );
-
- // Include command hash in session key so different commands get separate sessions
- const commandSuffix = isPlainShell && initialCommand
- ? `_cmd_${Buffer.from(initialCommand).toString('base64').slice(0, 16)}`
- : '';
- ptySessionKey = `${projectPath}_${sessionId || 'default'}${commandSuffix}`;
-
- // Kill any existing login session before starting fresh
- if (isLoginCommand) {
- const oldSession = ptySessionsMap.get(ptySessionKey);
- if (oldSession) {
- console.log('🧹 Cleaning up existing login session:', ptySessionKey);
- if (oldSession.timeoutId) clearTimeout(oldSession.timeoutId);
- if (oldSession.pty && oldSession.pty.kill) oldSession.pty.kill();
- ptySessionsMap.delete(ptySessionKey);
- }
- }
-
- const existingSession = isLoginCommand ? null : ptySessionsMap.get(ptySessionKey);
- if (existingSession) {
- console.log('♻️ Reconnecting to existing PTY session:', ptySessionKey);
- shellProcess = existingSession.pty;
-
- clearTimeout(existingSession.timeoutId);
-
- ws.send(JSON.stringify({
- type: 'output',
- data: `\x1b[36m[Reconnected to existing session]\x1b[0m\r\n`
- }));
-
- if (existingSession.buffer && existingSession.buffer.length > 0) {
- console.log(`📜 Sending ${existingSession.buffer.length} buffered messages`);
- existingSession.buffer.forEach(bufferedData => {
- ws.send(JSON.stringify({
- type: 'output',
- data: bufferedData
- }));
- });
- }
-
- existingSession.ws = ws;
-
- return;
- }
-
- console.log('[INFO] Starting shell in:', projectPath);
- console.log('📋 Session info:', hasSession ? `Resume session ${sessionId}` : (isPlainShell ? 'Plain shell mode' : 'New session'));
- console.log('🤖 Provider:', isPlainShell ? 'plain-shell' : provider);
- if (initialCommand) {
- console.log('⚡ Initial command:', initialCommand);
- }
-
- // First send a welcome message
- let welcomeMsg;
- if (isPlainShell) {
- welcomeMsg = `\x1b[36mStarting terminal in: ${projectPath}\x1b[0m\r\n`;
- } else {
- const providerName = provider === 'cursor' ? 'Cursor' : (provider === 'codex' ? 'Codex' : (provider === 'gemini' ? 'Gemini' : 'Claude'));
- welcomeMsg = hasSession ?
- `\x1b[36mResuming ${providerName} session ${sessionId} in: ${projectPath}\x1b[0m\r\n` :
- `\x1b[36mStarting new ${providerName} session in: ${projectPath}\x1b[0m\r\n`;
- }
-
- ws.send(JSON.stringify({
- type: 'output',
- data: welcomeMsg
- }));
-
- try {
- // Validate projectPath — resolve to absolute and verify it exists
- const resolvedProjectPath = path.resolve(projectPath);
- try {
- const stats = fs.statSync(resolvedProjectPath);
- if (!stats.isDirectory()) {
- throw new Error('Not a directory');
- }
- } catch (pathErr) {
- ws.send(JSON.stringify({ type: 'error', message: 'Invalid project path' }));
- return;
- }
-
- // Validate sessionId — only allow safe characters
- const safeSessionIdPattern = /^[a-zA-Z0-9_.\-:]+$/;
- if (sessionId && !safeSessionIdPattern.test(sessionId)) {
- ws.send(JSON.stringify({ type: 'error', message: 'Invalid session ID' }));
- return;
- }
-
- // Build shell command — use cwd for project path (never interpolate into shell string)
- let shellCommand;
- if (isPlainShell) {
- // Plain shell mode - run the initial command in the project directory
- shellCommand = initialCommand;
- } else if (provider === 'cursor') {
- if (hasSession && sessionId) {
- shellCommand = `cursor-agent --resume="${sessionId}"`;
- } else {
- shellCommand = 'cursor-agent';
- }
- } else if (provider === 'codex') {
- // Use codex command; attempt to resume and fall back to a new session when the resume fails.
- if (hasSession && sessionId) {
- if (os.platform() === 'win32') {
- // PowerShell syntax for fallback
- shellCommand = `codex resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { codex }`;
- } else {
- shellCommand = `codex resume "${sessionId}" || codex`;
- }
- } else {
- shellCommand = 'codex';
- }
- } else if (provider === 'gemini') {
- const command = initialCommand || 'gemini';
- let resumeId = sessionId;
- if (hasSession && sessionId) {
- try {
- // Gemini CLI enforces its own native session IDs, unlike other agents that accept arbitrary string names.
- // The UI only knows about its internal generated `sessionId` (e.g. gemini_1234).
- // We must fetch the mapping from the backend session manager to pass the native `cliSessionId` to the shell.
- const sess = sessionManager.getSession(sessionId);
- if (sess && sess.cliSessionId) {
- resumeId = sess.cliSessionId;
- // Validate the looked-up CLI session ID too
- if (!safeSessionIdPattern.test(resumeId)) {
- resumeId = null;
- }
- }
- } catch (err) {
- console.error('Failed to get Gemini CLI session ID:', err);
- }
- }
-
- if (hasSession && resumeId) {
- shellCommand = `${command} --resume "${resumeId}"`;
- } else {
- shellCommand = command;
- }
- } else {
- // Claude (default provider)
- const command = initialCommand || 'claude';
- if (hasSession && sessionId) {
- if (os.platform() === 'win32') {
- shellCommand = `claude --resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { claude }`;
- } else {
- shellCommand = `claude --resume "${sessionId}" || claude`;
- }
- } else {
- shellCommand = command;
- }
- }
-
- console.log('🔧 Executing shell command:', shellCommand);
-
- // Use appropriate shell based on platform
- const shell = os.platform() === 'win32' ? 'powershell.exe' : 'bash';
- const shellArgs = os.platform() === 'win32' ? ['-Command', shellCommand] : ['-c', shellCommand];
-
- // Use terminal dimensions from client if provided, otherwise use defaults
- const termCols = data.cols || 80;
- const termRows = data.rows || 24;
- console.log('📐 Using terminal dimensions:', termCols, 'x', termRows);
-
- shellProcess = pty.spawn(shell, shellArgs, {
- name: 'xterm-256color',
- cols: termCols,
- rows: termRows,
- cwd: resolvedProjectPath,
- env: {
- ...process.env,
- TERM: 'xterm-256color',
- COLORTERM: 'truecolor',
- FORCE_COLOR: '3'
- }
- });
-
- console.log('🟢 Shell process started with PTY, PID:', shellProcess.pid);
-
- ptySessionsMap.set(ptySessionKey, {
- pty: shellProcess,
- ws: ws,
- buffer: [],
- timeoutId: null,
- projectPath,
- sessionId
- });
-
- // Handle data output
- shellProcess.onData((data) => {
- const session = ptySessionsMap.get(ptySessionKey);
- if (!session) return;
-
- if (session.buffer.length < 5000) {
- session.buffer.push(data);
- } else {
- session.buffer.shift();
- session.buffer.push(data);
- }
-
- if (session.ws && session.ws.readyState === WebSocket.OPEN) {
- let outputData = data;
-
- const cleanChunk = stripAnsiSequences(data);
- urlDetectionBuffer = `${urlDetectionBuffer}${cleanChunk}`.slice(-SHELL_URL_PARSE_BUFFER_LIMIT);
-
- outputData = outputData.replace(
- /OPEN_URL:\s*(https?:\/\/[^\s\x1b\x07]+)/g,
- '[INFO] Opening in browser: $1'
- );
-
- const emitAuthUrl = (detectedUrl, autoOpen = false) => {
- const normalizedUrl = normalizeDetectedUrl(detectedUrl);
- if (!normalizedUrl) return;
-
- const isNewUrl = !announcedAuthUrls.has(normalizedUrl);
- if (isNewUrl) {
- announcedAuthUrls.add(normalizedUrl);
- session.ws.send(JSON.stringify({
- type: 'auth_url',
- url: normalizedUrl,
- autoOpen
- }));
- }
-
- };
-
- const normalizedDetectedUrls = extractUrlsFromText(urlDetectionBuffer)
- .map((url) => normalizeDetectedUrl(url))
- .filter(Boolean);
-
- // Prefer the most complete URL if shorter prefix variants are also present.
- const dedupedDetectedUrls = Array.from(new Set(normalizedDetectedUrls)).filter((url, _, urls) =>
- !urls.some((otherUrl) => otherUrl !== url && otherUrl.startsWith(url))
- );
-
- dedupedDetectedUrls.forEach((url) => emitAuthUrl(url, false));
-
- if (shouldAutoOpenUrlFromOutput(cleanChunk) && dedupedDetectedUrls.length > 0) {
- const bestUrl = dedupedDetectedUrls.reduce((longest, current) =>
- current.length > longest.length ? current : longest
- );
- emitAuthUrl(bestUrl, true);
- }
-
- // Send regular output
- session.ws.send(JSON.stringify({
- type: 'output',
- data: outputData
- }));
- }
- });
-
- // Handle process exit
- shellProcess.onExit((exitCode) => {
- console.log('🔚 Shell process exited with code:', exitCode.exitCode, 'signal:', exitCode.signal);
- const session = ptySessionsMap.get(ptySessionKey);
- if (session && session.ws && session.ws.readyState === WebSocket.OPEN) {
- session.ws.send(JSON.stringify({
- type: 'output',
- data: `\r\n\x1b[33mProcess exited with code ${exitCode.exitCode}${exitCode.signal ? ` (${exitCode.signal})` : ''}\x1b[0m\r\n`
- }));
- }
- if (session && session.timeoutId) {
- clearTimeout(session.timeoutId);
- }
- ptySessionsMap.delete(ptySessionKey);
- shellProcess = null;
- });
-
- } catch (spawnError) {
- console.error('[ERROR] Error spawning process:', spawnError);
- ws.send(JSON.stringify({
- type: 'output',
- data: `\r\n\x1b[31mError: ${spawnError.message}\x1b[0m\r\n`
- }));
- }
-
- } else if (data.type === 'input') {
- // Send input to shell process
- if (shellProcess && shellProcess.write) {
- try {
- shellProcess.write(data.data);
- } catch (error) {
- console.error('Error writing to shell:', error);
- }
- } else {
- console.warn('No active shell process to send input to');
- }
- } else if (data.type === 'resize') {
- // Handle terminal resize
- if (shellProcess && shellProcess.resize) {
- console.log('Terminal resize requested:', data.cols, 'x', data.rows);
- shellProcess.resize(data.cols, data.rows);
- }
- }
- } catch (error) {
- console.error('[ERROR] Shell WebSocket error:', error.message);
- if (ws.readyState === WebSocket.OPEN) {
- ws.send(JSON.stringify({
- type: 'output',
- data: `\r\n\x1b[31mError: ${error.message}\x1b[0m\r\n`
- }));
- }
- }
- });
-
- ws.on('close', () => {
- console.log('🔌 Shell client disconnected');
-
- if (ptySessionKey) {
- const session = ptySessionsMap.get(ptySessionKey);
- if (session) {
- console.log('⏳ PTY session kept alive, will timeout in 30 minutes:', ptySessionKey);
- session.ws = null;
-
- session.timeoutId = setTimeout(() => {
- console.log('⏰ PTY session timeout, killing process:', ptySessionKey);
- if (session.pty && session.pty.kill) {
- session.pty.kill();
- }
- ptySessionsMap.delete(ptySessionKey);
- }, PTY_SESSION_TIMEOUT);
- }
- }
- });
-
- ws.on('error', (error) => {
- console.error('[ERROR] Shell WebSocket error:', error);
- });
-}
-// Image upload endpoint
-app.post('/api/projects/:projectName/upload-images', authenticateToken, async (req, res) => {
+// Image upload endpoint. Accepts the DB-assigned `projectId` (not a folder name)
+// but the current implementation doesn't need to touch the project directory,
+// so we just leave the param rename for consistency with the rest of the API.
+app.post('/api/projects/:projectId/upload-images', authenticateToken, async (req, res) => {
try {
const multer = (await import('multer')).default;
const path = (await import('path')).default;
@@ -2000,10 +1112,11 @@ app.post('/api/projects/:projectName/upload-images', authenticateToken, async (r
}
});
-// Get token usage for a specific session
-app.get('/api/projects/:projectName/sessions/:sessionId/token-usage', authenticateToken, async (req, res) => {
+// Get token usage for a specific session. `projectId` is the DB primary key;
+// the Claude branch below resolves it to an absolute path via the DB.
+app.get('/api/projects/:projectId/sessions/:sessionId/token-usage', authenticateToken, async (req, res) => {
try {
- const { projectName, sessionId } = req.params;
+ const { projectId, sessionId } = req.params;
const { provider = 'claude' } = req.query;
const homeDir = os.homedir();
@@ -2107,13 +1220,13 @@ app.get('/api/projects/:projectName/sessions/:sessionId/token-usage', authentica
}
// Handle Claude sessions (default)
- // Extract actual project path
- let projectPath;
- try {
- projectPath = await extractProjectDirectory(projectName);
- } catch (error) {
- console.error('Error extracting project directory:', error);
- return res.status(500).json({ error: 'Failed to determine project path' });
+ // Resolve the project path through the DB using the caller-supplied
+ // `projectId`. Legacy code here called extractProjectDirectory with a
+ // folder-encoded project name; the migration centralizes that lookup
+ // in the projects table.
+ const projectPath = await projectsDb.getProjectPathById(projectId);
+ if (!projectPath) {
+ return res.status(404).json({ error: 'Project not found' });
}
// Construct the JSONL file path
@@ -2213,6 +1326,30 @@ app.get('*', (req, res) => {
}
});
+// global error middleware must be last
+app.use((err, req, res, next) => {
+ if (err instanceof AppError) {
+ return res.status(err.statusCode).json({
+ success: false,
+ error: {
+ code: err.code,
+ message: err.message,
+ details: err.details,
+ },
+ });
+ }
+
+ console.error(err);
+
+ return res.status(500).json({
+ success: false,
+ error: {
+ code: 'INTERNAL_ERROR',
+ message: 'Internal server error',
+ },
+ });
+});
+
// Helper function to convert permissions to rwx format
function permToRwx(perm) {
const r = perm & 4 ? 'r' : '-';
@@ -2345,7 +1482,7 @@ async function startServer() {
console.log('');
// Start watching the projects folder for changes
- await setupProjectsWatcher();
+ await initializeSessionsWatcher();
// Start server-side plugin processes for enabled plugins
startEnabledPluginServers().catch(err => {
@@ -2353,6 +1490,7 @@ async function startServer() {
});
});
+ await closeSessionsWatcher();
// Clean up plugin processes on shutdown
const shutdownPlugins = async () => {
await stopAllPlugins();
diff --git a/server/middleware/auth.js b/server/middleware/auth.js
index 73749792..c40237b2 100644
--- a/server/middleware/auth.js
+++ b/server/middleware/auth.js
@@ -1,5 +1,5 @@
import jwt from 'jsonwebtoken';
-import { userDb, appConfigDb } from '../database/db.js';
+import { userDb, appConfigDb } from '../modules/database/index.js';
import { IS_PLATFORM } from '../constants/config.js';
// Use env var if set, otherwise auto-generate a unique secret per installation
diff --git a/server/modules/database/connection.ts b/server/modules/database/connection.ts
new file mode 100644
index 00000000..4453b0e3
--- /dev/null
+++ b/server/modules/database/connection.ts
@@ -0,0 +1,143 @@
+/**
+ * Database connection management.
+ *
+ * Owns the single SQLite connection used across all repositories.
+ * Handles path resolution, directory creation, legacy database migration,
+ * and eager app_config bootstrap so the auth middleware can read the
+ * JWT secret before the full schema is applied.
+ *
+ * Consumers should never create their own Database instance — they use
+ * `getConnection()` to obtain the shared singleton.
+ */
+
+import Database from 'better-sqlite3';
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+
+import { APP_CONFIG_TABLE_SCHEMA_SQL } from '@/modules/database/schema.js';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+// ---------------------------------------------------------------------------
+// Path resolution
+// ---------------------------------------------------------------------------
+
+/**
+ * Resolves the database file path from environment or falls back
+ * to the legacy location inside the server/database/ folder.
+ *
+ * Priority:
+ * 1. DATABASE_PATH environment variable (set by cli.js or load-env-vars.js)
+ * 2. Legacy path: server/database/auth.db
+ */
+function resolveDatabasePath(): string {
+ // process.env.DATABASE_PATH is set by load-env-vars.js to either the .env value or a default(~/.cloudcli/auth.db) in the user's home directory.
+ return process.env.DATABASE_PATH || resolveLegacyDatabasePath();
+}
+
+/**
+ * Resolves the legacy database path (always inside server/database/).
+ * Used for the one-time migration to the new external location.
+ */
+function resolveLegacyDatabasePath(): string {
+ const serverDir = path.resolve(__dirname, '..', '..', '..');
+ return path.join(serverDir, 'database', 'auth.db');
+}
+
+// ---------------------------------------------------------------------------
+// Directory & migration helpers
+// ---------------------------------------------------------------------------
+
+function ensureDatabaseDirectory(dbPath: string): void {
+ const dir = path.dirname(dbPath);
+ if (!fs.existsSync(dir)) {
+ fs.mkdirSync(dir, { recursive: true });
+ console.log('Created database directory:', dir);
+ }
+}
+
+/**
+ * If the database was moved to an external location (e.g. ~/.cloudcli/)
+ * but the user still has a legacy auth.db inside the install directory,
+ * copy it to the new location as a one-time migration.
+ */
+function migrateLegacyDatabase(targetPath: string): void {
+ const legacyPath = resolveLegacyDatabasePath();
+
+ if (targetPath === legacyPath) return;
+ if (fs.existsSync(targetPath)) return;
+ if (!fs.existsSync(legacyPath)) return;
+
+ try {
+ fs.copyFileSync(legacyPath, targetPath);
+ console.log('Migrated legacy database', { from: legacyPath, to: targetPath });
+
+
+ // copy the write-ahead log and shared memory files (auth.db-wal, auth.db-shm) if they exist, to preserve any uncommitted transactions
+ for (const suffix of ['-wal', '-shm']) {
+ const src = legacyPath + suffix;
+ if (fs.existsSync(src)) {
+ fs.copyFileSync(src, targetPath + suffix);
+ }
+ }
+ } catch (err: any) {
+ console.error('Could not migrate legacy database', { error: err.message });
+ }
+}
+
+
+// ---------------------------------------------------------------------------
+// Singleton connection
+// ---------------------------------------------------------------------------
+
+let instance: Database.Database | null = null;
+
+/**
+ * Returns the shared database connection, creating it on first call.
+ *
+ * The first invocation:
+ * 1. Resolves the target database path
+ * 2. Ensures the parent directory exists
+ * 3. Migrates from the legacy install-directory path if needed
+ * 4. Opens the SQLite connection
+ * 5. Eagerly creates the app_config table (auth reads JWT secret at import time)
+ * 6. Logs the database location
+ */
+export function getConnection(): Database.Database {
+ if (instance) return instance;
+
+ const dbPath = resolveDatabasePath();
+
+ ensureDatabaseDirectory(dbPath);
+ migrateLegacyDatabase(dbPath);
+
+ instance = new Database(dbPath);
+
+ // app_config must exist immediately — the auth middleware reads
+ // the JWT secret at module-load time, before initializeDatabase() runs.
+ instance.exec(APP_CONFIG_TABLE_SCHEMA_SQL);
+
+ return instance;
+}
+
+/**
+ * Returns the resolved database file path without opening a connection.
+ * Useful for diagnostics and CLI status commands.
+ */
+export function getDatabasePath(): string {
+ return resolveDatabasePath();
+}
+
+/**
+ * Closes the database connection and clears the singleton.
+ * Primarily used for graceful shutdown or testing.
+ */
+export function closeConnection(): void {
+ if (instance) {
+ instance.close();
+ instance = null;
+ console.log('Database connection closed');
+ }
+}
diff --git a/server/modules/database/index.ts b/server/modules/database/index.ts
new file mode 100644
index 00000000..787521ed
--- /dev/null
+++ b/server/modules/database/index.ts
@@ -0,0 +1,12 @@
+export { initializeDatabase } from '@/modules/database/init-db.js';
+export { apiKeysDb } from '@/modules/database/repositories/api-keys.js';
+export { appConfigDb } from '@/modules/database/repositories/app-config.js';
+export { credentialsDb } from '@/modules/database/repositories/credentials.js';
+export { githubTokensDb } from '@/modules/database/repositories/github-tokens.js';
+export { notificationPreferencesDb } from '@/modules/database/repositories/notification-preferences.js';
+export { projectsDb } from '@/modules/database/repositories/projects.db.js';
+export { pushSubscriptionsDb } from '@/modules/database/repositories/push-subscriptions.js';
+export { scanStateDb } from '@/modules/database/repositories/scan-state.db.js';
+export { sessionsDb } from '@/modules/database/repositories/sessions.db.js';
+export { userDb } from '@/modules/database/repositories/users.js';
+export { vapidKeysDb } from '@/modules/database/repositories/vapid-keys.js';
diff --git a/server/modules/database/init-db.ts b/server/modules/database/init-db.ts
new file mode 100644
index 00000000..8dfcc4ee
--- /dev/null
+++ b/server/modules/database/init-db.ts
@@ -0,0 +1,17 @@
+import { getConnection } from "@/modules/database/connection.js";
+import { runMigrations } from "@/modules/database/migrations.js";
+import { INIT_SCHEMA_SQL } from "@/modules/database/schema.js";
+
+// Initialize database with schema
+export const initializeDatabase = async () => {
+ try {
+ const db = getConnection();
+ db.exec(INIT_SCHEMA_SQL);
+ console.log('Database schema applied');
+ runMigrations(db);
+ } catch (err) {
+ const message = err instanceof Error ? err.message : String(err);
+ console.log('Database initialization failed', { error: message });
+ throw err;
+ }
+};
diff --git a/server/modules/database/migrations.ts b/server/modules/database/migrations.ts
new file mode 100644
index 00000000..60debe52
--- /dev/null
+++ b/server/modules/database/migrations.ts
@@ -0,0 +1,443 @@
+import { Database } from 'better-sqlite3';
+
+import {
+ APP_CONFIG_TABLE_SCHEMA_SQL,
+ LAST_SCANNED_AT_SQL,
+ PROJECTS_TABLE_SCHEMA_SQL,
+ PUSH_SUBSCRIPTIONS_TABLE_SCHEMA_SQL,
+ SESSIONS_TABLE_SCHEMA_SQL,
+ USER_NOTIFICATION_PREFERENCES_TABLE_SCHEMA_SQL,
+ VAPID_KEYS_TABLE_SCHEMA_SQL,
+} from '@/modules/database/schema.js';
+
+const SQLITE_UUID_SQL = `
+lower(hex(randomblob(4))) || '-' ||
+lower(hex(randomblob(2))) || '-' ||
+lower(hex(randomblob(2))) || '-' ||
+lower(hex(randomblob(2))) || '-' ||
+lower(hex(randomblob(6)))
+`;
+
+type TableInfoRow = {
+ name: string;
+ pk: number;
+};
+
+const addColumnToTableIfNotExists = (
+ db: Database,
+ tableName: string,
+ columnNames: string[],
+ columnName: string,
+ columnType: string
+) => {
+ if (!columnNames.includes(columnName)) {
+ console.log(`Running migration: Adding ${columnName} column to ${tableName} table`);
+ db.exec(`ALTER TABLE ${tableName} ADD COLUMN ${columnName} ${columnType}`);
+ }
+};
+
+const tableExists = (db: Database, tableName: string): boolean =>
+ Boolean(
+ db
+ .prepare("SELECT name FROM sqlite_master WHERE type = 'table' AND name = ?")
+ .get(tableName)
+ );
+
+const getTableInfo = (db: Database, tableName: string): TableInfoRow[] =>
+ db.prepare(`PRAGMA table_info(${tableName})`).all() as TableInfoRow[];
+
+const migrateLegacySessionNames = (db: Database): void => {
+ const hasLegacySessionNamesTable = tableExists(db, 'session_names');
+ const hasSessionsTable = tableExists(db, 'sessions');
+
+ if (!hasLegacySessionNamesTable) {
+ return;
+ }
+
+ if (hasSessionsTable) {
+ console.log('Running migration: Merging session_names into sessions');
+ db.exec(`
+ INSERT INTO sessions (session_id, provider, custom_name, created_at, updated_at)
+ SELECT
+ session_id,
+ COALESCE(provider, 'claude'),
+ custom_name,
+ COALESCE(created_at, CURRENT_TIMESTAMP),
+ COALESCE(updated_at, CURRENT_TIMESTAMP)
+ FROM session_names
+ WHERE true
+ ON CONFLICT(session_id) DO UPDATE SET
+ provider = excluded.provider,
+ custom_name = COALESCE(excluded.custom_name, sessions.custom_name),
+ created_at = COALESCE(sessions.created_at, excluded.created_at),
+ updated_at = COALESCE(excluded.updated_at, sessions.updated_at)
+ `);
+ db.exec('DROP TABLE session_names');
+ return;
+ }
+
+ console.log('Running migration: Renaming session_names table to sessions');
+ db.exec('ALTER TABLE session_names RENAME TO sessions');
+};
+
+const migrateLegacyWorkspaceTableIntoProjects = (db: Database): void => {
+ db.exec(PROJECTS_TABLE_SCHEMA_SQL);
+
+ if (!tableExists(db, 'workspace_original_paths')) {
+ return;
+ }
+
+ console.log('Running migration: Migrating workspace_original_paths data into projects');
+ db.exec(`
+ INSERT INTO projects (project_id, project_path, custom_project_name, isStarred, isArchived)
+ SELECT
+ CASE
+ WHEN workspace_id IS NULL OR trim(workspace_id) = ''
+ THEN ${SQLITE_UUID_SQL}
+ ELSE workspace_id
+ END,
+ workspace_path,
+ custom_workspace_name,
+ COALESCE(isStarred, 0),
+ 0
+ FROM workspace_original_paths
+ WHERE workspace_path IS NOT NULL AND trim(workspace_path) <> ''
+ ON CONFLICT(project_path) DO UPDATE SET
+ custom_project_name = COALESCE(projects.custom_project_name, excluded.custom_project_name),
+ isStarred = COALESCE(projects.isStarred, excluded.isStarred)
+ `);
+};
+
+const rebuildProjectsTableWithPrimaryKeySchema = (db: Database): void => {
+ const hasProjectsTable = tableExists(db, 'projects');
+ if (!hasProjectsTable) {
+ db.exec(PROJECTS_TABLE_SCHEMA_SQL);
+ return;
+ }
+
+ const projectsTableInfo = getTableInfo(db, 'projects');
+ const columnNames = projectsTableInfo.map((column) => column.name);
+ const hasProjectIdPrimaryKey = projectsTableInfo.some(
+ (column) => column.name === 'project_id' && column.pk === 1,
+ );
+
+ if (hasProjectIdPrimaryKey) {
+ addColumnToTableIfNotExists(db, 'projects', columnNames, 'custom_project_name', 'TEXT DEFAULT NULL');
+ addColumnToTableIfNotExists(db, 'projects', columnNames, 'isStarred', 'BOOLEAN DEFAULT 0');
+ addColumnToTableIfNotExists(db, 'projects', columnNames, 'isArchived', 'BOOLEAN DEFAULT 0');
+ db.exec(`
+ UPDATE projects
+ SET project_id = ${SQLITE_UUID_SQL}
+ WHERE project_id IS NULL OR trim(project_id) = ''
+ `);
+ return;
+ }
+
+ console.log('Running migration: Rebuilding projects table to enforce project_id primary key');
+
+ const projectPathExpression = columnNames.includes('project_path')
+ ? 'project_path'
+ : columnNames.includes('workspace_path')
+ ? 'workspace_path'
+ : 'NULL';
+
+ const customProjectNameExpression = columnNames.includes('custom_project_name')
+ ? 'custom_project_name'
+ : columnNames.includes('custom_workspace_name')
+ ? 'custom_workspace_name'
+ : 'NULL';
+
+ const isStarredExpression = columnNames.includes('isStarred') ? 'COALESCE(isStarred, 0)' : '0';
+
+ const isArchivedExpression = columnNames.includes('isArchived') ? 'COALESCE(isArchived, 0)' : '0';
+
+ const projectIdExpression = columnNames.includes('project_id')
+ ? `CASE
+ WHEN project_id IS NULL OR trim(project_id) = ''
+ THEN ${SQLITE_UUID_SQL}
+ ELSE project_id
+ END`
+ : SQLITE_UUID_SQL;
+
+ db.exec('PRAGMA foreign_keys = OFF');
+ try {
+ db.exec('BEGIN TRANSACTION');
+ db.exec('DROP TABLE IF EXISTS projects__new');
+ db.exec(`
+ CREATE TABLE projects__new (
+ project_id TEXT PRIMARY KEY NOT NULL,
+ project_path TEXT NOT NULL UNIQUE,
+ custom_project_name TEXT DEFAULT NULL,
+ isStarred BOOLEAN DEFAULT 0,
+ isArchived BOOLEAN DEFAULT 0
+ )
+ `);
+ db.exec(`
+ WITH source_rows AS (
+ SELECT
+ ${projectPathExpression} AS project_path,
+ ${customProjectNameExpression} AS custom_project_name,
+ ${isStarredExpression} AS isStarred,
+ ${isArchivedExpression} AS isArchived,
+ ${projectIdExpression} AS candidate_project_id,
+ rowid AS source_rowid
+ FROM projects
+ WHERE ${projectPathExpression} IS NOT NULL AND trim(${projectPathExpression}) <> ''
+ ),
+ deduped_paths AS (
+ SELECT
+ project_path,
+ custom_project_name,
+ isStarred,
+ isArchived,
+ candidate_project_id,
+ source_rowid,
+ ROW_NUMBER() OVER (PARTITION BY project_path ORDER BY source_rowid) AS project_path_rank
+ FROM source_rows
+ ),
+ prepared_rows AS (
+ SELECT
+ CASE
+ WHEN ROW_NUMBER() OVER (PARTITION BY candidate_project_id ORDER BY source_rowid) = 1
+ THEN candidate_project_id
+ ELSE ${SQLITE_UUID_SQL}
+ END AS project_id,
+ project_path,
+ custom_project_name,
+ isStarred,
+ isArchived
+ FROM deduped_paths
+ WHERE project_path_rank = 1
+ )
+ INSERT INTO projects__new (
+ project_id,
+ project_path,
+ custom_project_name,
+ isStarred,
+ isArchived
+ )
+ SELECT
+ project_id,
+ project_path,
+ custom_project_name,
+ isStarred,
+ isArchived
+ FROM prepared_rows
+ `);
+ db.exec('DROP TABLE projects');
+ db.exec('ALTER TABLE projects__new RENAME TO projects');
+ db.exec('COMMIT');
+ } catch (migrationError) {
+ db.exec('ROLLBACK');
+ throw migrationError;
+ } finally {
+ db.exec('PRAGMA foreign_keys = ON');
+ }
+};
+
+const rebuildSessionsTableWithProjectSchema = (db: Database): void => {
+ const hasSessions = tableExists(db, 'sessions');
+ if (!hasSessions) {
+ db.exec(SESSIONS_TABLE_SCHEMA_SQL);
+ return;
+ }
+
+ const sessionsTableInfo = getTableInfo(db, 'sessions');
+ const columnNames = sessionsTableInfo.map((column) => column.name);
+ const primaryKeyColumns = sessionsTableInfo
+ .filter((column) => column.pk > 0)
+ .sort((a, b) => a.pk - b.pk)
+ .map((column) => column.name);
+
+ const shouldRebuild =
+ !columnNames.includes('project_path') ||
+ primaryKeyColumns.length !== 1 ||
+ primaryKeyColumns[0] !== 'session_id' ||
+ !columnNames.includes('provider');
+
+ if (!shouldRebuild) {
+ addColumnToTableIfNotExists(db, 'sessions', columnNames, 'jsonl_path', 'TEXT');
+ addColumnToTableIfNotExists(db, 'sessions', columnNames, 'created_at', 'DATETIME');
+ addColumnToTableIfNotExists(db, 'sessions', columnNames, 'updated_at', 'DATETIME');
+ db.exec('UPDATE sessions SET created_at = COALESCE(created_at, CURRENT_TIMESTAMP)');
+ db.exec('UPDATE sessions SET updated_at = COALESCE(updated_at, CURRENT_TIMESTAMP)');
+ return;
+ }
+
+ console.log('Running migration: Rebuilding sessions table to project-based schema');
+
+ const projectPathExpression = columnNames.includes('project_path')
+ ? 'project_path'
+ : columnNames.includes('workspace_path')
+ ? 'workspace_path'
+ : 'NULL';
+
+ const providerExpression = columnNames.includes('provider')
+ ? "COALESCE(provider, 'claude')"
+ : "'claude'";
+
+ const customNameExpression = columnNames.includes('custom_name')
+ ? 'custom_name'
+ : 'NULL';
+
+ const jsonlPathExpression = columnNames.includes('jsonl_path')
+ ? 'jsonl_path'
+ : 'NULL';
+
+ const createdAtExpression = columnNames.includes('created_at')
+ ? 'COALESCE(created_at, CURRENT_TIMESTAMP)'
+ : 'CURRENT_TIMESTAMP';
+
+ const updatedAtExpression = columnNames.includes('updated_at')
+ ? 'COALESCE(updated_at, CURRENT_TIMESTAMP)'
+ : 'CURRENT_TIMESTAMP';
+
+ db.exec('PRAGMA foreign_keys = OFF');
+ try {
+ db.exec('BEGIN TRANSACTION');
+ db.exec('DROP TABLE IF EXISTS sessions__new');
+ db.exec(`
+ CREATE TABLE sessions__new (
+ session_id TEXT NOT NULL,
+ provider TEXT NOT NULL DEFAULT 'claude',
+ custom_name TEXT,
+ project_path TEXT,
+ jsonl_path TEXT,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ PRIMARY KEY (session_id),
+ FOREIGN KEY (project_path) REFERENCES projects(project_path)
+ ON DELETE SET NULL
+ ON UPDATE CASCADE
+ )
+ `);
+ db.exec(`
+ WITH source_rows AS (
+ SELECT
+ session_id,
+ ${providerExpression} AS provider,
+ ${customNameExpression} AS custom_name,
+ ${projectPathExpression} AS project_path,
+ ${jsonlPathExpression} AS jsonl_path,
+ ${createdAtExpression} AS created_at,
+ ${updatedAtExpression} AS updated_at,
+ rowid AS source_rowid
+ FROM sessions
+ WHERE session_id IS NOT NULL AND trim(session_id) <> ''
+ ),
+ ranked_rows AS (
+ SELECT
+ session_id,
+ provider,
+ custom_name,
+ project_path,
+ jsonl_path,
+ created_at,
+ updated_at,
+ ROW_NUMBER() OVER (
+ PARTITION BY session_id
+ ORDER BY datetime(COALESCE(updated_at, created_at)) DESC, source_rowid DESC
+ ) AS session_rank
+ FROM source_rows
+ )
+ INSERT INTO sessions__new (
+ session_id,
+ provider,
+ custom_name,
+ project_path,
+ jsonl_path,
+ created_at,
+ updated_at
+ )
+ SELECT
+ session_id,
+ provider,
+ custom_name,
+ project_path,
+ jsonl_path,
+ created_at,
+ updated_at
+ FROM ranked_rows
+ WHERE session_rank = 1
+ `);
+ db.exec('DROP TABLE sessions');
+ db.exec('ALTER TABLE sessions__new RENAME TO sessions');
+ db.exec('COMMIT');
+ } catch (migrationError) {
+ db.exec('ROLLBACK');
+ throw migrationError;
+ } finally {
+ db.exec('PRAGMA foreign_keys = ON');
+ }
+};
+
+const ensureProjectsForSessionPaths = (db: Database): void => {
+ if (!tableExists(db, 'sessions')) {
+ return;
+ }
+
+ db.exec(`
+ INSERT INTO projects (project_id, project_path, custom_project_name, isStarred, isArchived)
+ SELECT
+ ${SQLITE_UUID_SQL},
+ project_path,
+ NULL,
+ 0,
+ 0
+ FROM sessions
+ WHERE project_path IS NOT NULL AND trim(project_path) <> ''
+ ON CONFLICT(project_path) DO NOTHING
+ `);
+};
+
+export const runMigrations = (db: Database) => {
+ try {
+ const usersTableInfo = db.prepare('PRAGMA table_info(users)').all() as { name: string }[];
+ const userColumnNames = usersTableInfo.map((column) => column.name);
+
+ addColumnToTableIfNotExists(db, 'users', userColumnNames, 'git_name', 'TEXT');
+ addColumnToTableIfNotExists(db, 'users', userColumnNames, 'git_email', 'TEXT');
+ addColumnToTableIfNotExists(
+ db,
+ 'users',
+ userColumnNames,
+ 'has_completed_onboarding',
+ 'BOOLEAN DEFAULT 0'
+ );
+
+ db.exec(APP_CONFIG_TABLE_SCHEMA_SQL);
+ db.exec(USER_NOTIFICATION_PREFERENCES_TABLE_SCHEMA_SQL);
+ db.exec(VAPID_KEYS_TABLE_SCHEMA_SQL);
+ db.exec(PUSH_SUBSCRIPTIONS_TABLE_SCHEMA_SQL);
+ db.exec('CREATE INDEX IF NOT EXISTS idx_push_subscriptions_user_id ON push_subscriptions(user_id)');
+
+ db.exec(PROJECTS_TABLE_SCHEMA_SQL);
+ rebuildProjectsTableWithPrimaryKeySchema(db);
+
+ migrateLegacyWorkspaceTableIntoProjects(db);
+ rebuildSessionsTableWithProjectSchema(db);
+ migrateLegacySessionNames(db);
+ ensureProjectsForSessionPaths(db);
+
+ db.exec('CREATE INDEX IF NOT EXISTS idx_session_ids_lookup ON sessions(session_id)');
+ db.exec('CREATE INDEX IF NOT EXISTS idx_sessions_project_path ON sessions(project_path)');
+ db.exec('CREATE INDEX IF NOT EXISTS idx_projects_is_starred ON projects(isStarred)');
+ db.exec('CREATE INDEX IF NOT EXISTS idx_projects_is_archived ON projects(isArchived)');
+
+ db.exec('DROP INDEX IF EXISTS idx_session_names_lookup');
+ db.exec('DROP INDEX IF EXISTS idx_sessions_workspace_path');
+ db.exec('DROP INDEX IF EXISTS idx_workspace_original_paths_is_starred');
+ db.exec('DROP INDEX IF EXISTS idx_workspace_original_paths_workspace_id');
+
+ if (tableExists(db, 'workspace_original_paths')) {
+ console.log('Running migration: Dropping legacy workspace_original_paths table');
+ db.exec('DROP TABLE workspace_original_paths');
+ }
+
+ db.exec(LAST_SCANNED_AT_SQL);
+ console.log('Database migrations completed successfully');
+ } catch (error: any) {
+ console.error('Error running migrations:', error.message);
+ throw error;
+ }
+};
diff --git a/server/modules/database/repositories/api-keys.ts b/server/modules/database/repositories/api-keys.ts
new file mode 100644
index 00000000..f2c06f07
--- /dev/null
+++ b/server/modules/database/repositories/api-keys.ts
@@ -0,0 +1,119 @@
+/**
+ * API keys repository.
+ *
+ * Manages API keys used for external/programmatic access to the backend.
+ * Keys are prefixed with `ck_` and tied to a user via foreign key.
+ */
+
+import crypto from 'crypto';
+
+import { getConnection } from '@/modules/database/connection.js';
+
+type ApiKeyRow = {
+ id: number;
+ key_name: string;
+ api_key: string;
+ created_at: string;
+ last_used: string | null;
+ is_active: number;
+};
+
+type CreateApiKeyResult = {
+ id: number | bigint;
+ keyName: string;
+ apiKey: string;
+};
+
+type ValidatedApiKeyUser = {
+ id: number;
+ username: string;
+ api_key_id: number;
+};
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+/** Generates a cryptographically random API key with the `ck_` prefix. */
+function generateApiKey(): string {
+ return 'ck_' + crypto.randomBytes(32).toString('hex');
+}
+
+// ---------------------------------------------------------------------------
+// Queries
+// ---------------------------------------------------------------------------
+
+export const apiKeysDb = {
+ generateApiKey,
+
+ /** Creates a new API key for the given user and returns it for one-time display. */
+ createApiKey(userId: number, keyName: string): CreateApiKeyResult {
+ const db = getConnection();
+ const apiKey = generateApiKey();
+ const result = db
+ .prepare(
+ 'INSERT INTO api_keys (user_id, key_name, api_key) VALUES (?, ?, ?)'
+ )
+ .run(userId, keyName, apiKey);
+ return { id: result.lastInsertRowid, keyName, apiKey };
+ },
+
+ /** Lists all API keys for a user, most recent first. */
+ getApiKeys(userId: number): ApiKeyRow[] {
+ const db = getConnection();
+ return db
+ .prepare(
+ 'SELECT id, key_name, api_key, created_at, last_used, is_active FROM api_keys WHERE user_id = ? ORDER BY created_at DESC'
+ )
+ .all(userId) as ApiKeyRow[];
+ },
+
+ /**
+ * Validates an API key and resolves the owning user.
+ * If the key is valid, its `last_used` timestamp is updated as a side effect.
+ * Returns undefined when the key is invalid or the user is inactive.
+ */
+ validateApiKey(apiKey: string): ValidatedApiKeyUser | undefined {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ `SELECT u.id, u.username, ak.id as api_key_id
+ FROM api_keys ak
+ JOIN users u ON ak.user_id = u.id
+ WHERE ak.api_key = ? AND ak.is_active = 1 AND u.is_active = 1`
+ )
+ .get(apiKey) as ValidatedApiKeyUser | undefined;
+
+ if (row) {
+ db.prepare(
+ 'UPDATE api_keys SET last_used = CURRENT_TIMESTAMP WHERE id = ?'
+ ).run(row.api_key_id);
+ }
+
+ return row;
+ },
+
+ /** Permanently removes an API key. Returns true if a row was deleted. */
+ deleteApiKey(userId: number, apiKeyId: number): boolean {
+ const db = getConnection();
+ const result = db
+ .prepare('DELETE FROM api_keys WHERE id = ? AND user_id = ?')
+ .run(apiKeyId, userId);
+ return result.changes > 0;
+ },
+
+ /** Enables or disables an API key without deleting it. */
+ toggleApiKey(
+ userId: number,
+ apiKeyId: number,
+ isActive: boolean
+ ): boolean {
+ const db = getConnection();
+ const result = db
+ .prepare(
+ 'UPDATE api_keys SET is_active = ? WHERE id = ? AND user_id = ?'
+ )
+ .run(isActive ? 1 : 0, apiKeyId, userId);
+ return result.changes > 0;
+ },
+};
diff --git a/server/modules/database/repositories/app-config.ts b/server/modules/database/repositories/app-config.ts
new file mode 100644
index 00000000..691a1b4e
--- /dev/null
+++ b/server/modules/database/repositories/app-config.ts
@@ -0,0 +1,53 @@
+/**
+ * App config repository.
+ *
+ * Key-value store for application-level configuration that persists
+ * across restarts (JWT secret, feature flags, etc.). Values are always
+ * stored as strings; callers handle parsing.
+ */
+
+import crypto from 'crypto';
+
+import { getConnection } from '@/modules/database/connection.js';
+
+// ---------------------------------------------------------------------------
+// Queries
+// ---------------------------------------------------------------------------
+
+export const appConfigDb = {
+ /** Returns the stored value for a config key, or null if missing. */
+ get(key: string): string | null {
+ try {
+ const db = getConnection();
+ const row = db
+ .prepare('SELECT value FROM app_config WHERE key = ?')
+ .get(key) as { value: string } | undefined;
+ return row?.value ?? null;
+ } catch {
+ // Swallow errors so early-startup reads (e.g. JWT secret) do not crash.
+ return null;
+ }
+ },
+
+ /** Inserts or updates a config key (upsert). */
+ set(key: string, value: string): void {
+ const db = getConnection();
+ db.prepare(
+ 'INSERT INTO app_config (key, value) VALUES (?, ?) ON CONFLICT(key) DO UPDATE SET value = excluded.value'
+ ).run(key, value);
+ },
+
+ /**
+ * Returns the JWT signing secret, generating and persisting one
+ * if it does not already exist. This ensures the secret survives
+ * server restarts while being created automatically on first boot.
+ */
+ getOrCreateJwtSecret(): string {
+ let secret = appConfigDb.get('jwt_secret');
+ if (!secret) {
+ secret = crypto.randomBytes(64).toString('hex');
+ appConfigDb.set('jwt_secret', secret);
+ }
+ return secret;
+ },
+};
diff --git a/server/modules/database/repositories/credentials.ts b/server/modules/database/repositories/credentials.ts
new file mode 100644
index 00000000..8bb11107
--- /dev/null
+++ b/server/modules/database/repositories/credentials.ts
@@ -0,0 +1,106 @@
+/**
+ * User credentials repository.
+ *
+ * Manages external service tokens (GitHub, GitLab, Bitbucket, etc.)
+ * stored per-user. Each credential has a type discriminator so multiple
+ * credential kinds can coexist in the same table.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+import type {
+ CreateCredentialResult,
+ CredentialPublicRow,
+} from '@/shared/types.js';
+
+// ---------------------------------------------------------------------------
+// Queries
+// ---------------------------------------------------------------------------
+
+export const credentialsDb = {
+ /** Stores a new credential and returns a safe (no raw value) result. */
+ createCredential(
+ userId: number,
+ credentialName: string,
+ credentialType: string,
+ credentialValue: string,
+ description: string | null = null
+ ): CreateCredentialResult {
+ const db = getConnection();
+ const result = db
+ .prepare(
+ 'INSERT INTO user_credentials (user_id, credential_name, credential_type, credential_value, description) VALUES (?, ?, ?, ?, ?)'
+ )
+ .run(userId, credentialName, credentialType, credentialValue, description);
+ return {
+ id: result.lastInsertRowid,
+ credentialName,
+ credentialType,
+ };
+ },
+
+ /**
+ * Lists credentials for a user (excluding raw values).
+ * Optionally filters by credential type (e.g. 'github_token').
+ */
+ getCredentials(
+ userId: number,
+ credentialType: string | null = null
+ ): CredentialPublicRow[] {
+ const db = getConnection();
+
+ if (credentialType) {
+ return db
+ .prepare(
+ 'SELECT id, credential_name, credential_type, description, created_at, is_active FROM user_credentials WHERE user_id = ? AND credential_type = ? ORDER BY created_at DESC'
+ )
+ .all(userId, credentialType) as CredentialPublicRow[];
+ }
+
+ return db
+ .prepare(
+ 'SELECT id, credential_name, credential_type, description, created_at, is_active FROM user_credentials WHERE user_id = ? ORDER BY created_at DESC'
+ )
+ .all(userId) as CredentialPublicRow[];
+ },
+
+ /**
+ * Returns the raw credential value for the most recent active
+ * credential of the given type, or null if none exists.
+ */
+ getActiveCredential(
+ userId: number,
+ credentialType: string
+ ): string | null {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ 'SELECT credential_value FROM user_credentials WHERE user_id = ? AND credential_type = ? AND is_active = 1 ORDER BY created_at DESC LIMIT 1'
+ )
+ .get(userId, credentialType) as { credential_value: string } | undefined;
+ return row?.credential_value ?? null;
+ },
+
+ /** Permanently removes a credential. Returns true if a row was deleted. */
+ deleteCredential(userId: number, credentialId: number): boolean {
+ const db = getConnection();
+ const result = db
+ .prepare('DELETE FROM user_credentials WHERE id = ? AND user_id = ?')
+ .run(credentialId, userId);
+ return result.changes > 0;
+ },
+
+ /** Enables or disables a credential without deleting it. */
+ toggleCredential(
+ userId: number,
+ credentialId: number,
+ isActive: boolean
+ ): boolean {
+ const db = getConnection();
+ const result = db
+ .prepare(
+ 'UPDATE user_credentials SET is_active = ? WHERE id = ? AND user_id = ?'
+ )
+ .run(isActive ? 1 : 0, credentialId, userId);
+ return result.changes > 0;
+ },
+};
diff --git a/server/modules/database/repositories/github-tokens.ts b/server/modules/database/repositories/github-tokens.ts
new file mode 100644
index 00000000..475f515b
--- /dev/null
+++ b/server/modules/database/repositories/github-tokens.ts
@@ -0,0 +1,100 @@
+/**
+ * GitHub tokens repository.
+ *
+ * Backward-compatible helper layer over generic credentials storage.
+ * Tokens are stored in `user_credentials` with `credential_type = 'github_token'`.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+import { credentialsDb } from '@/modules/database/repositories/credentials.js';
+import type {
+ CredentialPublicRow,
+ CreateCredentialResult,
+} from '@/shared/types.js';
+
+const GITHUB_TOKEN_TYPE = 'github_token';
+
+type CredentialRow = {
+ id: number;
+ user_id: number;
+ credential_name: string;
+ credential_type: string;
+ credential_value: string;
+ description: string | null;
+ created_at: string;
+ is_active: number;
+};
+
+type GithubTokenLookup = CredentialRow & {
+ github_token: string;
+};
+
+export const githubTokensDb = {
+ /** Creates a GitHub token credential entry. */
+ createGithubToken(
+ userId: number,
+ tokenName: string,
+ githubToken: string,
+ description: string | null = null
+ ): CreateCredentialResult {
+ return credentialsDb.createCredential(
+ userId,
+ tokenName,
+ GITHUB_TOKEN_TYPE,
+ githubToken,
+ description
+ );
+ },
+
+ /** Returns all GitHub tokens (safe shape: no credential value). */
+ getGithubTokens(userId: number): CredentialPublicRow[] {
+ return credentialsDb.getCredentials(userId, GITHUB_TOKEN_TYPE);
+ },
+
+ /** Returns the most recent active GitHub token value for a user. */
+ getActiveGithubToken(userId: number): string | null {
+ return credentialsDb.getActiveCredential(userId, GITHUB_TOKEN_TYPE);
+ },
+
+ /**
+ * Returns a specific active GitHub token row by id/user, including
+ * a `github_token` compatibility field.
+ */
+ getGithubTokenById(userId: number, tokenId: number): GithubTokenLookup | null {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ `SELECT *
+ FROM user_credentials
+ WHERE id = ? AND user_id = ? AND credential_type = ? AND is_active = 1`
+ )
+ .get(tokenId, userId, GITHUB_TOKEN_TYPE) as CredentialRow | undefined;
+
+ if (!row) return null;
+
+ return {
+ ...row,
+ github_token: row.credential_value,
+ };
+ },
+
+ /** Updates active state for a GitHub token. */
+ updateGithubToken(
+ userId: number,
+ tokenId: number,
+ isActive: boolean
+ ): boolean {
+ return credentialsDb.toggleCredential(userId, tokenId, isActive);
+ },
+
+ /** Deletes a GitHub token. */
+ deleteGithubToken(userId: number, tokenId: number): boolean {
+ return credentialsDb.deleteCredential(userId, tokenId);
+ },
+
+ // Legacy alias used by existing routes
+ toggleGithubToken(userId: number, tokenId: number, isActive: boolean): boolean {
+ return githubTokensDb.updateGithubToken(userId, tokenId, isActive);
+ },
+};
+
diff --git a/server/modules/database/repositories/notification-preferences.ts b/server/modules/database/repositories/notification-preferences.ts
new file mode 100644
index 00000000..6ba21976
--- /dev/null
+++ b/server/modules/database/repositories/notification-preferences.ts
@@ -0,0 +1,103 @@
+/**
+ * Notification preferences repository.
+ *
+ * Stores per-user notification channel/event preferences as JSON.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+
+type NotificationPreferences = {
+ channels: {
+ inApp: boolean;
+ webPush: boolean;
+ };
+ events: {
+ actionRequired: boolean;
+ stop: boolean;
+ error: boolean;
+ };
+};
+
+const DEFAULT_NOTIFICATION_PREFERENCES: NotificationPreferences = {
+ channels: {
+ inApp: false,
+ webPush: false,
+ },
+ events: {
+ actionRequired: true,
+ stop: true,
+ error: true,
+ },
+};
+
+function normalizeNotificationPreferences(value: unknown): NotificationPreferences {
+ const source = value && typeof value === 'object' ? (value as Record) : {};
+
+ return {
+ channels: {
+ inApp: source.channels?.inApp === true,
+ webPush: source.channels?.webPush === true,
+ },
+ events: {
+ actionRequired: source.events?.actionRequired !== false,
+ stop: source.events?.stop !== false,
+ error: source.events?.error !== false,
+ },
+ };
+}
+
+export const notificationPreferencesDb = {
+ /** Returns the normalized preferences for a user, creating defaults on first read. */
+ getNotificationPreferences(userId: number): NotificationPreferences {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ 'SELECT preferences_json FROM user_notification_preferences WHERE user_id = ?'
+ )
+ .get(userId) as { preferences_json: string } | undefined;
+
+ if (!row) {
+ const defaults = normalizeNotificationPreferences(DEFAULT_NOTIFICATION_PREFERENCES);
+ db.prepare(
+ 'INSERT INTO user_notification_preferences (user_id, preferences_json, updated_at) VALUES (?, ?, CURRENT_TIMESTAMP)'
+ ).run(userId, JSON.stringify(defaults));
+ return defaults;
+ }
+
+ let parsed: unknown;
+ try {
+ parsed = JSON.parse(row.preferences_json);
+ } catch {
+ parsed = DEFAULT_NOTIFICATION_PREFERENCES;
+ }
+ return normalizeNotificationPreferences(parsed);
+ },
+
+ /** Upserts normalized preferences for a user and returns the stored value. */
+ updateNotificationPreferences(
+ userId: number,
+ preferences: unknown
+ ): NotificationPreferences {
+ const normalized = normalizeNotificationPreferences(preferences);
+ const db = getConnection();
+
+ db.prepare(
+ `INSERT INTO user_notification_preferences (user_id, preferences_json, updated_at)
+ VALUES (?, ?, CURRENT_TIMESTAMP)
+ ON CONFLICT(user_id) DO UPDATE SET
+ preferences_json = excluded.preferences_json,
+ updated_at = CURRENT_TIMESTAMP`
+ ).run(userId, JSON.stringify(normalized));
+
+ return normalized;
+ },
+
+ // Legacy aliases used by existing services/routes
+ getPreferences(userId: number): NotificationPreferences {
+ return notificationPreferencesDb.getNotificationPreferences(userId);
+ },
+ updatePreferences(userId: number, preferences: unknown): NotificationPreferences {
+ return notificationPreferencesDb.updateNotificationPreferences(userId, preferences);
+ },
+};
+
diff --git a/server/modules/database/repositories/projects.db.integration.test.ts b/server/modules/database/repositories/projects.db.integration.test.ts
new file mode 100644
index 00000000..6ccf0c21
--- /dev/null
+++ b/server/modules/database/repositories/projects.db.integration.test.ts
@@ -0,0 +1,72 @@
+import assert from 'node:assert/strict';
+import { mkdtemp, rm } from 'node:fs/promises';
+import { tmpdir } from 'node:os';
+import path from 'node:path';
+import test from 'node:test';
+
+import { closeConnection } from '@/modules/database/connection.js';
+import { initializeDatabase } from '@/modules/database/init-db.js';
+import { projectsDb } from '@/modules/database/repositories/projects.db.js';
+
+async function withIsolatedDatabase(runTest: () => void | Promise): Promise {
+ const previousDatabasePath = process.env.DATABASE_PATH;
+ const tempDirectory = await mkdtemp(path.join(tmpdir(), 'projects-db-'));
+ const databasePath = path.join(tempDirectory, 'auth.db');
+
+ closeConnection();
+ process.env.DATABASE_PATH = databasePath;
+ await initializeDatabase();
+
+ try {
+ await runTest();
+ } finally {
+ closeConnection();
+ if (previousDatabasePath === undefined) {
+ delete process.env.DATABASE_PATH;
+ } else {
+ process.env.DATABASE_PATH = previousDatabasePath;
+ }
+ await rm(tempDirectory, { recursive: true, force: true });
+ }
+}
+
+test('projectsDb.createProjectPath returns created for fresh paths', async () => {
+ await withIsolatedDatabase(() => {
+ const created = projectsDb.createProjectPath('/workspace/new-project');
+
+ assert.equal(created.outcome, 'created');
+ assert.ok(created.project);
+ assert.equal(created.project?.project_path, '/workspace/new-project');
+ assert.equal(created.project?.isArchived, 0);
+ });
+});
+
+test('projectsDb.createProjectPath returns reactivated_archived for archived duplicates', async () => {
+ await withIsolatedDatabase(() => {
+ const initial = projectsDb.createProjectPath('/workspace/archived-project', 'Archived Project');
+ assert.equal(initial.outcome, 'created');
+ assert.ok(initial.project);
+
+ projectsDb.updateProjectIsArchived('/workspace/archived-project', true);
+
+ const reused = projectsDb.createProjectPath('/workspace/archived-project', 'Renamed Project');
+ assert.equal(reused.outcome, 'reactivated_archived');
+ assert.ok(reused.project);
+ assert.equal(reused.project?.project_id, initial.project?.project_id);
+ assert.equal(reused.project?.isArchived, 0);
+ });
+});
+
+test('projectsDb.createProjectPath returns active_conflict for active duplicates', async () => {
+ await withIsolatedDatabase(() => {
+ const initial = projectsDb.createProjectPath('/workspace/active-project');
+ assert.equal(initial.outcome, 'created');
+ assert.ok(initial.project);
+
+ const conflict = projectsDb.createProjectPath('/workspace/active-project');
+ assert.equal(conflict.outcome, 'active_conflict');
+ assert.ok(conflict.project);
+ assert.equal(conflict.project?.project_id, initial.project?.project_id);
+ assert.equal(conflict.project?.isArchived, 0);
+ });
+});
diff --git a/server/modules/database/repositories/projects.db.ts b/server/modules/database/repositories/projects.db.ts
new file mode 100644
index 00000000..c99b8a54
--- /dev/null
+++ b/server/modules/database/repositories/projects.db.ts
@@ -0,0 +1,183 @@
+import { randomUUID } from 'node:crypto';
+import path from 'node:path';
+
+import { getConnection } from '@/modules/database/connection.js';
+import type { CreateProjectPathResult, ProjectRepositoryRow } from '@/shared/types.js';
+import { normalizeProjectPath } from '@/shared/utils.js';
+
+function normalizeProjectDisplayName(projectPath: string, customProjectName: string | null): string {
+ const trimmedCustomName = typeof customProjectName === 'string' ? customProjectName.trim() : '';
+ if (trimmedCustomName.length > 0) {
+ return trimmedCustomName;
+ }
+
+ const directoryName = path.basename(projectPath);
+ return directoryName || projectPath;
+}
+
+export const projectsDb = {
+ createProjectPath(projectPath: string, customProjectName: string | null = null): CreateProjectPathResult {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ const normalizedProjectName = normalizeProjectDisplayName(normalizedProjectPath, customProjectName);
+ const attemptedId = randomUUID();
+ const row = db.prepare(`
+ INSERT INTO projects (project_id, project_path, custom_project_name, isArchived)
+ VALUES (?, ?, ?, 0)
+ ON CONFLICT(project_path) DO UPDATE SET
+ isArchived = 0
+ WHERE projects.isArchived = 1
+ RETURNING project_id, project_path, custom_project_name, isStarred, isArchived
+ `).get(attemptedId, normalizedProjectPath, normalizedProjectName) as ProjectRepositoryRow | undefined;
+
+ if (row) {
+ return {
+ outcome: row.project_id === attemptedId ? 'created' : 'reactivated_archived',
+ project: row,
+ };
+ }
+
+ const existingProject = projectsDb.getProjectPath(normalizedProjectPath);
+ return {
+ outcome: 'active_conflict',
+ project: existingProject,
+ };
+ },
+
+ getProjectPath(projectPath: string): ProjectRepositoryRow | null {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ const row = db.prepare(`
+ SELECT project_id, project_path, custom_project_name, isStarred, isArchived
+ FROM projects
+ WHERE project_path = ?
+ `).get(normalizedProjectPath) as ProjectRepositoryRow | undefined;
+
+ return row ?? null;
+ },
+
+ getProjectById(projectId: string): ProjectRepositoryRow | null {
+ const db = getConnection();
+ const row = db.prepare(`
+ SELECT project_id, project_path, custom_project_name, isStarred, isArchived
+ FROM projects
+ WHERE project_id = ?
+ `).get(projectId) as ProjectRepositoryRow | undefined;
+
+ return row ?? null;
+ },
+
+ /**
+ * Resolve the absolute project directory from a database project_id.
+ *
+ * This is the canonical lookup used after the projectName → projectId migration:
+ * API routes receive the DB-assigned `projectId` and must resolve the real folder
+ * path through this helper before touching the filesystem. Returns `null` when the
+ * project row does not exist so callers can respond with a 404.
+ */
+ getProjectPathById(projectId: string): string | null {
+ const db = getConnection();
+ const row = db.prepare(`
+ SELECT project_path
+ FROM projects
+ WHERE project_id = ?
+ `).get(projectId) as Pick | undefined;
+
+ return row?.project_path ?? null;
+ },
+
+ getProjectPaths(): ProjectRepositoryRow[] {
+ const db = getConnection();
+ return db.prepare(`
+ SELECT project_id, project_path, custom_project_name, isStarred, isArchived
+ FROM projects
+ WHERE isArchived = 0
+ `).all() as ProjectRepositoryRow[];
+ },
+
+ getCustomProjectName(projectPath: string): string | null {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ const row = db.prepare(`
+ SELECT custom_project_name
+ FROM projects
+ WHERE project_path = ?
+ `).get(normalizedProjectPath) as Pick | undefined;
+
+ return row?.custom_project_name ?? null;
+ },
+
+ updateCustomProjectName(projectPath: string, customProjectName: string | null): void {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ db.prepare(`
+ INSERT INTO projects (project_id, project_path, custom_project_name)
+ VALUES (?, ?, ?)
+ ON CONFLICT(project_path) DO UPDATE SET custom_project_name = excluded.custom_project_name
+ `).run(randomUUID(), normalizedProjectPath, customProjectName);
+ },
+
+ updateCustomProjectNameById(projectId: string, customProjectName: string | null): void {
+ const db = getConnection();
+ db.prepare(`
+ UPDATE projects
+ SET custom_project_name = ?
+ WHERE project_id = ?
+ `).run(customProjectName, projectId);
+ },
+
+ updateProjectIsStarred(projectPath: string, isStarred: boolean): void {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ db.prepare(`
+ UPDATE projects
+ SET isStarred = ?
+ WHERE project_path = ?
+ `).run(isStarred ? 1 : 0, normalizedProjectPath);
+ },
+
+ updateProjectIsStarredById(projectId: string, isStarred: boolean): void {
+ const db = getConnection();
+ db.prepare(`
+ UPDATE projects
+ SET isStarred = ?
+ WHERE project_id = ?
+ `).run(isStarred ? 1 : 0, projectId);
+ },
+
+ updateProjectIsArchived(projectPath: string, isArchived: boolean): void {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ db.prepare(`
+ UPDATE projects
+ SET isArchived = ?
+ WHERE project_path = ?
+ `).run(isArchived ? 1 : 0, normalizedProjectPath);
+ },
+
+ updateProjectIsArchivedById(projectId: string, isArchived: boolean): void {
+ const db = getConnection();
+ db.prepare(`
+ UPDATE projects
+ SET isArchived = ?
+ WHERE project_id = ?
+ `).run(isArchived ? 1 : 0, projectId);
+ },
+
+ deleteProjectPath(projectPath: string): void {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ db.prepare(`
+ DELETE FROM projects
+ WHERE project_path = ?
+ `).run(normalizedProjectPath);
+ },
+
+ deleteProjectById(projectId: string): void {
+ const db = getConnection();
+ db.prepare(`
+ DELETE FROM projects
+ WHERE project_id = ?
+ `).run(projectId);
+ },
+};
diff --git a/server/modules/database/repositories/push-subscriptions.ts b/server/modules/database/repositories/push-subscriptions.ts
new file mode 100644
index 00000000..91ef044c
--- /dev/null
+++ b/server/modules/database/repositories/push-subscriptions.ts
@@ -0,0 +1,80 @@
+/**
+ * Push subscriptions repository.
+ *
+ * Persists browser push subscription endpoints and keys per user.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+
+type PushSubscriptionLookupRow = {
+ endpoint: string;
+ keys_p256dh: string;
+ keys_auth: string;
+};
+
+export const pushSubscriptionsDb = {
+ /** Upserts a push subscription endpoint for a user. */
+ createPushSubscription(
+ userId: number,
+ endpoint: string,
+ keysP256dh: string,
+ keysAuth: string
+ ): void {
+ const db = getConnection();
+ db.prepare(
+ `INSERT INTO push_subscriptions (user_id, endpoint, keys_p256dh, keys_auth)
+ VALUES (?, ?, ?, ?)
+ ON CONFLICT(endpoint) DO UPDATE SET
+ user_id = excluded.user_id,
+ keys_p256dh = excluded.keys_p256dh,
+ keys_auth = excluded.keys_auth`
+ ).run(userId, endpoint, keysP256dh, keysAuth);
+ },
+
+ /** Returns all subscriptions for a user. */
+ getPushSubscriptions(userId: number): PushSubscriptionLookupRow[] {
+ const db = getConnection();
+ return db
+ .prepare(
+ 'SELECT endpoint, keys_p256dh, keys_auth FROM push_subscriptions WHERE user_id = ?'
+ )
+ .all(userId) as PushSubscriptionLookupRow[];
+ },
+
+ /** Deletes one subscription by endpoint. */
+ deletePushSubscription(endpoint: string): void {
+ const db = getConnection();
+ db.prepare('DELETE FROM push_subscriptions WHERE endpoint = ?').run(endpoint);
+ },
+
+ /** Deletes all subscriptions for a user. */
+ deletePushSubscriptionsForUser(userId: number): void {
+ const db = getConnection();
+ db.prepare('DELETE FROM push_subscriptions WHERE user_id = ?').run(userId);
+ },
+
+ // Legacy aliases used by existing services/routes
+ saveSubscription(
+ userId: number,
+ endpoint: string,
+ keysP256dh: string,
+ keysAuth: string
+ ): void {
+ pushSubscriptionsDb.createPushSubscription(
+ userId,
+ endpoint,
+ keysP256dh,
+ keysAuth
+ );
+ },
+ getSubscriptions(userId: number): PushSubscriptionLookupRow[] {
+ return pushSubscriptionsDb.getPushSubscriptions(userId);
+ },
+ removeSubscription(endpoint: string): void {
+ pushSubscriptionsDb.deletePushSubscription(endpoint);
+ },
+ removeAllForUser(userId: number): void {
+ pushSubscriptionsDb.deletePushSubscriptionsForUser(userId);
+ },
+};
+
diff --git a/server/modules/database/repositories/scan-state.db.ts b/server/modules/database/repositories/scan-state.db.ts
new file mode 100644
index 00000000..5e93940c
--- /dev/null
+++ b/server/modules/database/repositories/scan-state.db.ts
@@ -0,0 +1,42 @@
+import { getConnection } from '@/modules/database/connection.js';
+
+type ScanStateRow = {
+ last_scanned_at: string;
+};
+
+export const scanStateDb = {
+ getLastScannedAt() {
+ const db = getConnection();
+
+ const row = db
+ .prepare(`SELECT last_scanned_at FROM scan_state WHERE id = 1`)
+ .get() as ScanStateRow;
+
+ if (!row) {
+ return null; // Before any scan, the row is undefined.
+ }
+
+ let lastScannedDate: Date | null = null;
+ const lastScannedStr = row.last_scanned_at;
+
+ if (lastScannedStr) {
+ // SQLite CURRENT_TIMESTAMP returns UTC in "YYYY-MM-DD HH:MM:SS" format.
+ // Replace space with 'T' and append 'Z' to parse reliably in JS across all platforms.
+ lastScannedDate = new Date(lastScannedStr.replace(' ', 'T') + 'Z');
+ }
+
+ return lastScannedDate;
+ },
+
+ updateLastScannedAt(scannedAt: Date = new Date()) {
+ const db = getConnection();
+ const sqliteTimestamp = scannedAt.toISOString().slice(0, 19).replace('T', ' ');
+
+ db.prepare(`
+ INSERT INTO scan_state (id, last_scanned_at)
+ VALUES (1, ?)
+ ON CONFLICT (id)
+ DO UPDATE SET last_scanned_at = excluded.last_scanned_at
+ `).run(sqliteTimestamp);
+ }
+};
diff --git a/server/modules/database/repositories/sessions.db.ts b/server/modules/database/repositories/sessions.db.ts
new file mode 100644
index 00000000..19a96a56
--- /dev/null
+++ b/server/modules/database/repositories/sessions.db.ts
@@ -0,0 +1,174 @@
+import { getConnection } from '@/modules/database/connection.js';
+import { projectsDb } from '@/modules/database/repositories/projects.db.js';
+import { normalizeProjectPath } from '@/shared/utils.js';
+
+type SessionRow = {
+ session_id: string;
+ provider: string;
+ project_path: string | null;
+ jsonl_path: string | null;
+ custom_name: string | null;
+ created_at: string;
+ updated_at: string;
+};
+
+type SessionMetadataLookupRow = Pick<
+ SessionRow,
+ 'session_id' | 'provider' | 'project_path' | 'jsonl_path' | 'custom_name' | 'created_at' | 'updated_at'
+>;
+
+function normalizeTimestamp(value?: string): string | null {
+ if (!value) return null;
+
+ const parsed = new Date(value);
+ if (Number.isNaN(parsed.getTime())) {
+ return null;
+ }
+
+ return parsed.toISOString();
+}
+
+function normalizeProjectPathForProvider(provider: string, projectPath: string): string {
+ void provider;
+ return normalizeProjectPath(projectPath);
+}
+
+export const sessionsDb = {
+ createSession(
+ sessionId: string,
+ provider: string,
+ projectPath: string,
+ customName?: string,
+ createdAt?: string,
+ updatedAt?: string,
+ jsonlPath?: string | null
+ ): string {
+ const db = getConnection();
+ const createdAtValue = normalizeTimestamp(createdAt);
+ const updatedAtValue = normalizeTimestamp(updatedAt);
+ const normalizedProjectPath = normalizeProjectPathForProvider(provider, projectPath);
+
+ // First, ensure the project path is recorded in the projects table,
+ // since it's a foreign key in the sessions table.
+ projectsDb.createProjectPath(normalizedProjectPath);
+
+ db.prepare(
+ `INSERT INTO sessions (session_id, provider, custom_name, project_path, jsonl_path, created_at, updated_at)
+ VALUES (?, ?, ?, ?, ?, COALESCE(?, CURRENT_TIMESTAMP), COALESCE(?, CURRENT_TIMESTAMP))
+ ON CONFLICT(session_id) DO UPDATE SET
+ provider = excluded.provider,
+ updated_at = excluded.updated_at,
+ project_path = excluded.project_path,
+ jsonl_path = excluded.jsonl_path,
+ custom_name = COALESCE(excluded.custom_name, sessions.custom_name)`
+ ).run(
+ sessionId,
+ provider,
+ customName ?? null,
+ normalizedProjectPath,
+ jsonlPath ?? null,
+ createdAtValue,
+ updatedAtValue
+ );
+
+ return sessionId;
+ },
+
+ updateSessionCustomName(sessionId: string, customName: string): void {
+ const db = getConnection();
+ db.prepare(
+ `UPDATE sessions
+ SET custom_name = ?
+ WHERE session_id = ?`
+ ).run(customName, sessionId);
+ },
+
+ getSessionById(sessionId: string): SessionMetadataLookupRow | null {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ `SELECT session_id, provider, project_path, jsonl_path, custom_name, created_at, updated_at
+ FROM sessions
+ WHERE session_id = ?
+ ORDER BY updated_at DESC
+ LIMIT 1`
+ )
+ .get(sessionId) as SessionMetadataLookupRow | undefined;
+
+ return row ?? null;
+ },
+
+ getAllSessions(): SessionRow[] {
+ const db = getConnection();
+ return db
+ .prepare(
+ `SELECT session_id, provider, project_path, jsonl_path, custom_name, created_at, updated_at
+ FROM sessions`
+ )
+ .all() as SessionRow[];
+ },
+
+ getSessionsByProjectPath(projectPath: string): SessionRow[] {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ return db
+ .prepare(
+ `SELECT session_id, provider, project_path, jsonl_path, custom_name, created_at, updated_at
+ FROM sessions
+ WHERE project_path = ?`
+ )
+ .all(normalizedProjectPath) as SessionRow[];
+ },
+
+ getSessionsByProjectPathPage(projectPath: string, limit: number, offset: number): SessionRow[] {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ return db
+ .prepare(
+ `SELECT session_id, provider, project_path, jsonl_path, custom_name, created_at, updated_at
+ FROM sessions
+ WHERE project_path = ?
+ ORDER BY datetime(COALESCE(updated_at, created_at)) DESC, session_id DESC
+ LIMIT ? OFFSET ?`
+ )
+ .all(normalizedProjectPath, limit, offset) as SessionRow[];
+ },
+
+ countSessionsByProjectPath(projectPath: string): number {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ const row = db
+ .prepare(
+ `SELECT COUNT(*) AS count
+ FROM sessions
+ WHERE project_path = ?`
+ )
+ .get(normalizedProjectPath) as { count: number } | undefined;
+
+ return Number(row?.count ?? 0);
+ },
+
+ deleteSessionsByProjectPath(projectPath: string): void {
+ const db = getConnection();
+ const normalizedProjectPath = normalizeProjectPath(projectPath);
+ db.prepare(`DELETE FROM sessions WHERE project_path = ?`).run(normalizedProjectPath);
+ },
+
+ getSessionName(sessionId: string, provider: string): string | null {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ `SELECT custom_name
+ FROM sessions
+ WHERE session_id = ? AND provider = ?`
+ )
+ .get(sessionId, provider) as { custom_name: string | null } | undefined;
+
+ return row?.custom_name ?? null;
+ },
+
+ deleteSessionById(sessionId: string): boolean {
+ const db = getConnection();
+ return db.prepare('DELETE FROM sessions WHERE session_id = ?').run(sessionId).changes > 0;
+ },
+};
diff --git a/server/modules/database/repositories/users.ts b/server/modules/database/repositories/users.ts
new file mode 100644
index 00000000..25bb57bd
--- /dev/null
+++ b/server/modules/database/repositories/users.ts
@@ -0,0 +1,140 @@
+/**
+ * User repository.
+ *
+ * Provides typed CRUD operations for the `users` table.
+ * This is a single-user system, but the schema supports multiple
+ * users for forward compatibility.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+
+type UserRow = {
+ id: number;
+ username: string;
+ password_hash: string;
+ created_at: string;
+ last_login: string | null;
+ is_active: number;
+ git_name: string | null;
+ git_email: string | null;
+ has_completed_onboarding: number;
+};
+
+type UserPublicRow = Pick;
+
+type UserGitConfig = {
+ git_name: string | null;
+ git_email: string | null;
+};
+
+type CreateUserResult = {
+ id: number | bigint;
+ username: string;
+};
+
+// ---------------------------------------------------------------------------
+// Queries
+// ---------------------------------------------------------------------------
+
+export const userDb = {
+ /** Returns true if at least one user exists in the database. */
+ hasUsers(): boolean {
+ const db = getConnection();
+ const row = db.prepare('SELECT COUNT(*) as count FROM users').get() as {
+ count: number;
+ };
+ return row.count > 0;
+ },
+
+ /** Inserts a new user and returns the created ID + username. */
+ createUser(username: string, passwordHash: string): CreateUserResult {
+ const db = getConnection();
+ const result = db
+ .prepare('INSERT INTO users (username, password_hash) VALUES (?, ?)')
+ .run(username, passwordHash);
+ return { id: result.lastInsertRowid, username };
+ },
+
+ /**
+ * Looks up an active user by username.
+ * Returns the full row (including password hash) for auth verification.
+ */
+ getUserByUsername(username: string): UserRow | undefined {
+ const db = getConnection();
+ return db
+ .prepare('SELECT * FROM users WHERE username = ? AND is_active = 1')
+ .get(username) as UserRow | undefined;
+ },
+
+ /** Updates the last_login timestamp. Non-fatal — logs but does not throw. */
+ updateLastLogin(userId: number): void {
+ try {
+ const db = getConnection();
+ db.prepare(
+ 'UPDATE users SET last_login = CURRENT_TIMESTAMP WHERE id = ?'
+ ).run(userId);
+ } catch (err) {
+ const message = err instanceof Error ? err.message : String(err);
+ console.error('Failed to update last login', { error: message });
+ }
+ },
+
+ /** Returns public user fields by ID (no password hash). */
+ getUserById(userId: number): UserPublicRow | undefined {
+ const db = getConnection();
+ return db
+ .prepare(
+ 'SELECT id, username, created_at, last_login FROM users WHERE id = ? AND is_active = 1'
+ )
+ .get(userId) as UserPublicRow | undefined;
+ },
+
+ /** Returns the first active user. Used for single-user mode lookups. */
+ getFirstUser(): UserPublicRow | undefined {
+ const db = getConnection();
+ return db
+ .prepare(
+ 'SELECT id, username, created_at, last_login FROM users WHERE is_active = 1 LIMIT 1'
+ )
+ .get() as UserPublicRow | undefined;
+ },
+
+ /** Stores the user's preferred git name and email. */
+ updateGitConfig(
+ userId: number,
+ gitName: string,
+ gitEmail: string
+ ): void {
+ const db = getConnection();
+ db.prepare('UPDATE users SET git_name = ?, git_email = ? WHERE id = ?').run(
+ gitName,
+ gitEmail,
+ userId
+ );
+ },
+
+ /** Retrieves the user's git identity (name + email). */
+ getGitConfig(userId: number): UserGitConfig | undefined {
+ const db = getConnection();
+ return db
+ .prepare('SELECT git_name, git_email FROM users WHERE id = ?')
+ .get(userId) as UserGitConfig | undefined;
+ },
+
+ /** Marks onboarding as complete for the given user. */
+ completeOnboarding(userId: number): void {
+ const db = getConnection();
+ db.prepare(
+ 'UPDATE users SET has_completed_onboarding = 1 WHERE id = ?'
+ ).run(userId);
+ },
+
+ /** Returns true if the user has finished the onboarding flow. */
+ hasCompletedOnboarding(userId: number): boolean {
+ const db = getConnection();
+ const row = db
+ .prepare('SELECT has_completed_onboarding FROM users WHERE id = ?')
+ .get(userId) as { has_completed_onboarding: number } | undefined;
+ return row?.has_completed_onboarding === 1;
+ },
+};
diff --git a/server/modules/database/repositories/vapid-keys.ts b/server/modules/database/repositories/vapid-keys.ts
new file mode 100644
index 00000000..13faeb34
--- /dev/null
+++ b/server/modules/database/repositories/vapid-keys.ts
@@ -0,0 +1,57 @@
+/**
+ * VAPID keys repository.
+ *
+ * Stores and retrieves the Web Push VAPID key pair.
+ */
+
+import { getConnection } from '@/modules/database/connection.js';
+
+type VapidKeyRow = {
+ public_key: string;
+ private_key: string;
+};
+
+type VapidKeyPair = {
+ publicKey: string;
+ privateKey: string;
+};
+
+export const vapidKeysDb = {
+ /** Returns the latest stored VAPID key pair, or null when unset. */
+ getVapidKeys(): VapidKeyPair | null {
+ const db = getConnection();
+ const row = db
+ .prepare(
+ 'SELECT public_key, private_key FROM vapid_keys ORDER BY id DESC LIMIT 1'
+ )
+ .get() as Pick | undefined;
+
+ if (!row) return null;
+ return {
+ publicKey: row.public_key,
+ privateKey: row.private_key,
+ };
+ },
+
+ /** Persists a new VAPID key pair. */
+ createVapidKeys(publicKey: string, privateKey: string): void {
+ const db = getConnection();
+ db.prepare(
+ 'INSERT INTO vapid_keys (public_key, private_key) VALUES (?, ?)'
+ ).run(publicKey, privateKey);
+ },
+
+ /** Replaces all existing keys with a fresh pair. */
+ updateVapidKeys(publicKey: string, privateKey: string): void {
+ const db = getConnection();
+ db.prepare('DELETE FROM vapid_keys').run();
+ vapidKeysDb.createVapidKeys(publicKey, privateKey);
+ },
+
+ /** Deletes all VAPID key rows. */
+ deleteVapidKeys(): void {
+ const db = getConnection();
+ db.prepare('DELETE FROM vapid_keys').run();
+ },
+};
+
diff --git a/server/modules/database/schema.ts b/server/modules/database/schema.ts
new file mode 100644
index 00000000..7af3d80d
--- /dev/null
+++ b/server/modules/database/schema.ts
@@ -0,0 +1,152 @@
+const USER_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS users (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ username TEXT UNIQUE NOT NULL,
+ password_hash TEXT NOT NULL,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ last_login DATETIME,
+ is_active BOOLEAN DEFAULT 1,
+ git_name TEXT,
+ git_email TEXT,
+ has_completed_onboarding BOOLEAN DEFAULT 0
+);
+`;
+
+export const API_KEYS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS api_keys (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ user_id INTEGER NOT NULL,
+ key_name TEXT NOT NULL,
+ api_key TEXT UNIQUE NOT NULL,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ last_used DATETIME,
+ is_active BOOLEAN DEFAULT 1,
+ FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+);
+`;
+
+export const USER_CREDENTIALS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS user_credentials (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ user_id INTEGER NOT NULL,
+ credential_name TEXT NOT NULL,
+ credential_type TEXT NOT NULL, -- 'github_token', 'gitlab_token', 'bitbucket_token', etc.
+ credential_value TEXT NOT NULL,
+ description TEXT,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ is_active BOOLEAN DEFAULT 1,
+ FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+);
+`;
+
+export const USER_NOTIFICATION_PREFERENCES_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS user_notification_preferences (
+ user_id INTEGER PRIMARY KEY,
+ preferences_json TEXT NOT NULL,
+ updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+);
+`;
+
+export const VAPID_KEYS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS vapid_keys (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ public_key TEXT NOT NULL,
+ private_key TEXT NOT NULL,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+`;
+
+export const PUSH_SUBSCRIPTIONS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS push_subscriptions (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ user_id INTEGER NOT NULL,
+ endpoint TEXT NOT NULL UNIQUE,
+ keys_p256dh TEXT NOT NULL,
+ keys_auth TEXT NOT NULL,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+);
+`;
+
+export const PROJECTS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS projects (
+ project_id TEXT PRIMARY KEY NOT NULL,
+ project_path TEXT NOT NULL UNIQUE,
+ custom_project_name TEXT DEFAULT NULL,
+ isStarred BOOLEAN DEFAULT 0,
+ isArchived BOOLEAN DEFAULT 0
+);
+`;
+
+export const SESSIONS_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS sessions (
+ session_id TEXT NOT NULL,
+ provider TEXT NOT NULL DEFAULT 'claude',
+ custom_name TEXT,
+ project_path TEXT,
+ jsonl_path TEXT,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+ PRIMARY KEY (session_id),
+ FOREIGN KEY (project_path) REFERENCES projects(project_path)
+ ON DELETE SET NULL
+ ON UPDATE CASCADE
+);
+`;
+
+export const LAST_SCANNED_AT_SQL = `
+CREATE TABLE IF NOT EXISTS scan_state (
+ id INTEGER PRIMARY KEY CHECK (id = 1),
+ last_scanned_at TIMESTAMP NULL
+);
+`;
+
+export const APP_CONFIG_TABLE_SCHEMA_SQL = `
+CREATE TABLE IF NOT EXISTS app_config (
+ key TEXT PRIMARY KEY,
+ value TEXT NOT NULL,
+ created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+`;
+
+export const INIT_SCHEMA_SQL = `
+-- Initialize authentication database
+PRAGMA foreign_keys = ON;
+
+${USER_TABLE_SCHEMA_SQL}
+-- Indexes for performance for user lookups
+CREATE INDEX IF NOT EXISTS idx_users_username ON users(username);
+CREATE INDEX IF NOT EXISTS idx_users_active ON users(is_active);
+
+${API_KEYS_TABLE_SCHEMA_SQL}
+CREATE INDEX IF NOT EXISTS idx_api_keys_key ON api_keys(api_key);
+CREATE INDEX IF NOT EXISTS idx_api_keys_user_id ON api_keys(user_id);
+CREATE INDEX IF NOT EXISTS idx_api_keys_active ON api_keys(is_active);
+
+${USER_CREDENTIALS_TABLE_SCHEMA_SQL}
+CREATE INDEX IF NOT EXISTS idx_user_credentials_user_id ON user_credentials(user_id);
+CREATE INDEX IF NOT EXISTS idx_user_credentials_type ON user_credentials(credential_type);
+CREATE INDEX IF NOT EXISTS idx_user_credentials_active ON user_credentials(is_active);
+
+${USER_NOTIFICATION_PREFERENCES_TABLE_SCHEMA_SQL}
+CREATE INDEX IF NOT EXISTS idx_user_notification_preferences_user_id ON user_notification_preferences(user_id);
+
+${VAPID_KEYS_TABLE_SCHEMA_SQL}
+
+${PUSH_SUBSCRIPTIONS_TABLE_SCHEMA_SQL}
+CREATE INDEX IF NOT EXISTS idx_push_subscriptions_user_id ON push_subscriptions(user_id);
+
+${PROJECTS_TABLE_SCHEMA_SQL}
+-- NOTE: These indexes are created in migrations after legacy table-shape repairs.
+-- Creating them here can fail on upgraded installs where projects lacks those columns.
+
+${SESSIONS_TABLE_SCHEMA_SQL}
+CREATE INDEX IF NOT EXISTS idx_session_ids_lookup ON sessions(session_id);
+-- NOTE: This index is created in migrations after sessions is rebuilt to include project_path.
+-- Creating it here can fail on upgraded installs where the legacy sessions table has no project_path.
+
+${LAST_SCANNED_AT_SQL}
+
+${APP_CONFIG_TABLE_SCHEMA_SQL}
+`;
diff --git a/server/modules/projects/index.ts b/server/modules/projects/index.ts
new file mode 100644
index 00000000..2adbf7a5
--- /dev/null
+++ b/server/modules/projects/index.ts
@@ -0,0 +1,6 @@
+export {
+ generateDisplayName,
+ getProjectsWithSessions,
+} from './services/projects-with-sessions-fetch.service.js';
+export { updateProjectDisplayName } from './services/project-management.service.js';
+export { deleteOrArchiveProject, deleteSessionJsonlFilesForProjectPath } from './services/project-delete.service.js';
diff --git a/server/modules/projects/projects.routes.ts b/server/modules/projects/projects.routes.ts
new file mode 100644
index 00000000..a1c94352
--- /dev/null
+++ b/server/modules/projects/projects.routes.ts
@@ -0,0 +1,247 @@
+import express from 'express';
+
+import { createProject, updateProjectDisplayName } from '@/modules/projects/services/project-management.service.js';
+import { startCloneProject } from '@/modules/projects/services/project-clone.service.js';
+import { getProjectTaskMaster } from '@/modules/projects/services/projects-has-taskmaster.service.js';
+import { AppError, asyncHandler } from '@/shared/utils.js';
+import { getProjectSessionsPage, getProjectsWithSessions } from '@/modules/projects/services/projects-with-sessions-fetch.service.js';
+import { deleteOrArchiveProject } from '@/modules/projects/services/project-delete.service.js';
+import { applyLegacyStarredProjectIds, toggleProjectStar } from '@/modules/projects/services/project-star.service.js';
+
+const router = express.Router();
+
+type AuthenticatedUser = {
+ id?: number | string;
+};
+
+function readQueryStringValue(value: unknown): string {
+ if (typeof value === 'string') {
+ return value;
+ }
+
+ if (Array.isArray(value) && typeof value[0] === 'string') {
+ return value[0];
+ }
+
+ return '';
+}
+
+function readOptionalNumericQueryValue(value: unknown): number | null {
+ const rawValue = readQueryStringValue(value).trim();
+ if (!rawValue) {
+ return null;
+ }
+
+ const parsedValue = Number.parseInt(rawValue, 10);
+ return Number.isNaN(parsedValue) ? null : parsedValue;
+}
+
+function parseNonNegativeIntQuery(value: unknown, name: string, fallback: number): number {
+ const rawValue = readQueryStringValue(value).trim();
+ if (!rawValue) {
+ return fallback;
+ }
+
+ const parsedValue = Number.parseInt(rawValue, 10);
+ if (Number.isNaN(parsedValue) || parsedValue < 0) {
+ throw new AppError(`${name} must be a non-negative integer`, {
+ code: 'INVALID_QUERY_PARAMETER',
+ statusCode: 400,
+ });
+ }
+
+ return parsedValue;
+}
+
+function resolveRouteErrorMessage(error: unknown): string {
+ if (error instanceof AppError) {
+ return error.message;
+ }
+
+ if (error instanceof Error && error.message) {
+ return error.message;
+ }
+
+ return 'Failed to clone repository';
+}
+
+router.get(
+ '/',
+ asyncHandler(async (_req, res) => {
+ const projects = await getProjectsWithSessions();
+ res.json(projects);
+ }),
+);
+
+router.get(
+ '/:projectId/sessions',
+ asyncHandler(async (req, res) => {
+ const projectId = typeof req.params.projectId === 'string' ? req.params.projectId : '';
+ const limit = parseNonNegativeIntQuery(req.query.limit, 'limit', 20);
+ const offset = parseNonNegativeIntQuery(req.query.offset, 'offset', 0);
+ const sessionsPage = await getProjectSessionsPage(projectId, { limit, offset });
+ res.json(sessionsPage);
+ }),
+);
+
+router.post(
+ '/create-project',
+ asyncHandler(async (req, res) => {
+ const requestBody = req.body as Record;
+ const projectPath = typeof requestBody.path === 'string' ? requestBody.path : '';
+ const customName = typeof requestBody.customName === 'string' ? requestBody.customName : null;
+
+ if (requestBody.workspaceType !== undefined) {
+ throw new AppError('workspaceType is no longer supported. Use the single create-project flow.', {
+ code: 'LEGACY_WORKSPACE_TYPE_UNSUPPORTED',
+ statusCode: 400,
+ });
+ }
+
+ if (requestBody.githubUrl || requestBody.githubTokenId || requestBody.newGithubToken) {
+ throw new AppError('Repository cloning is not supported on create-project', {
+ code: 'CLONE_NOT_SUPPORTED_ON_CREATE_PROJECT',
+ statusCode: 400,
+ details: 'Use /api/projects/clone-progress for cloning workflows',
+ });
+ }
+
+ const projectCreationResult = await createProject({
+ projectPath,
+ customName,
+ });
+
+ res.json({
+ success: true,
+ project: projectCreationResult.project,
+ message:
+ projectCreationResult.outcome === 'reactivated_archived'
+ ? 'Archived project path reused successfully'
+ : 'Project created successfully',
+ });
+ }),
+);
+
+/**
+ * One-time (or idempotent) migration: apply legacy `localStorage` starred projectIds to the DB, then clear client storage.
+ */
+router.post(
+ '/migrate-legacy-stars',
+ asyncHandler(async (req, res) => {
+ const projectIds = Array.isArray((req.body as { projectIds?: unknown })?.projectIds)
+ ? ((req.body as { projectIds: unknown[] }).projectIds as unknown[]).map((x) => String(x))
+ : [];
+ const { updated } = applyLegacyStarredProjectIds(projectIds);
+ res.json({ success: true, updated });
+ }),
+);
+
+router.get('/clone-progress', async (req, res) => {
+ res.setHeader('Content-Type', 'text/event-stream');
+ res.setHeader('Cache-Control', 'no-cache');
+ res.setHeader('Connection', 'keep-alive');
+ res.flushHeaders();
+
+ const sendEvent = (type: string, data: Record) => {
+ if (res.writableEnded) {
+ return;
+ }
+
+ res.write(`data: ${JSON.stringify({ type, ...data })}\n\n`);
+ };
+
+ let cloneOperation: Awaited> | null = null;
+ const closeListener = () => {
+ cloneOperation?.cancel();
+ };
+ req.on('close', closeListener);
+
+ try {
+ const queryParams = req.query as Record;
+ const workspacePath = readQueryStringValue(queryParams.path);
+ const githubUrl = readQueryStringValue(queryParams.githubUrl);
+ const githubTokenId = readOptionalNumericQueryValue(queryParams.githubTokenId);
+ const newGithubToken = readQueryStringValue(queryParams.newGithubToken) || null;
+
+ const authenticatedUser = (req as typeof req & { user?: AuthenticatedUser }).user;
+ const userId = authenticatedUser?.id;
+ if (userId === undefined || userId === null) {
+ throw new AppError('Authenticated user is required', {
+ code: 'AUTHENTICATION_REQUIRED',
+ statusCode: 401,
+ });
+ }
+
+ cloneOperation = await startCloneProject(
+ {
+ workspacePath,
+ githubUrl,
+ githubTokenId,
+ newGithubToken,
+ userId,
+ },
+ {
+ onProgress: (message) => {
+ sendEvent('progress', { message });
+ },
+ onComplete: ({ project, message }) => {
+ sendEvent('complete', { project, message });
+ },
+ },
+ );
+
+ await cloneOperation.waitForCompletion;
+ } catch (error) {
+ sendEvent('error', { message: resolveRouteErrorMessage(error) });
+ } finally {
+ req.off('close', closeListener);
+ if (!res.writableEnded) {
+ res.end();
+ }
+ }
+});
+
+router.get(
+ '/:projectId/taskmaster',
+ asyncHandler(async (req, res) => {
+ const projectId = typeof req.params.projectId === 'string' ? req.params.projectId : '';
+ const taskMasterDetails = await getProjectTaskMaster(projectId);
+ res.json(taskMasterDetails);
+ }),
+);
+
+router.put('/:projectId/rename', (req, res) => {
+ try {
+ const projectId = typeof req.params.projectId === 'string' ? req.params.projectId : '';
+ const { displayName } = req.body as { displayName?: unknown };
+ updateProjectDisplayName(projectId, displayName);
+ res.json({ success: true });
+ } catch (error) {
+ res.status(500).json({ error: error instanceof Error ? error.message : 'Failed to rename project' });
+ }
+});
+
+router.post(
+ '/:projectId/toggle-star',
+ asyncHandler(async (req, res) => {
+ const projectId = typeof req.params.projectId === 'string' ? req.params.projectId : '';
+ const { isStarred } = toggleProjectStar(projectId);
+ res.json({ success: true, isStarred });
+ }),
+);
+
+/**
+ * - `force` not set / false: archive project in DB only (`isArchived` = 1; hidden from active list).
+ * - `force=true`: remove DB row, delete session rows for that path, remove all `*.jsonl` under the Claude project dir.
+ */
+router.delete(
+ '/:projectId',
+ asyncHandler(async (req, res) => {
+ const projectId = typeof req.params.projectId === 'string' ? req.params.projectId : '';
+ const force = req.query.force === 'true';
+ await deleteOrArchiveProject(projectId, force);
+ res.json({ success: true });
+ }),
+);
+
+export default router;
diff --git a/server/modules/projects/services/project-clone.service.ts b/server/modules/projects/services/project-clone.service.ts
new file mode 100644
index 00000000..1a91b879
--- /dev/null
+++ b/server/modules/projects/services/project-clone.service.ts
@@ -0,0 +1,321 @@
+import { spawn } from 'node:child_process';
+import { access, mkdir, rm } from 'node:fs/promises';
+import path from 'node:path';
+
+import { githubTokensDb } from '@/modules/database/index.js';
+import { createProject } from '@/modules/projects/services/project-management.service.js';
+import type { WorkspacePathValidationResult } from '@/shared/types.js';
+import { AppError, validateWorkspacePath } from '@/shared/utils.js';
+
+type CloneProjectInput = {
+ workspacePath: string;
+ githubUrl: string;
+ githubTokenId?: number | null;
+ newGithubToken?: string | null;
+ userId: number | string;
+};
+
+type CloneCompletePayload = {
+ project: Record;
+ message: string;
+};
+
+type CloneProjectEventHandlers = {
+ onProgress: (message: string) => void;
+ onComplete: (payload: CloneCompletePayload) => void;
+};
+
+type GitCloneProcess = {
+ stdout: NodeJS.ReadableStream | null;
+ stderr: NodeJS.ReadableStream | null;
+ on(event: 'close', listener: (code: number | null) => void): void;
+ on(event: 'error', listener: (error: NodeJS.ErrnoException) => void): void;
+ kill(): void;
+};
+
+type CloneProjectDependencies = {
+ validatePath: (requestedPath: string) => Promise;
+ ensureDirectory: (directoryPath: string) => Promise;
+ pathExists: (targetPath: string) => Promise;
+ removePath: (targetPath: string) => Promise;
+ getGithubTokenById: (
+ tokenId: number,
+ userId: number,
+ ) => Promise<{ github_token: string } | null>;
+ spawnGitClone: (cloneUrl: string, clonePath: string) => GitCloneProcess;
+ registerProject: (projectPath: string, customName: string) => Promise<{ project: Record }>;
+ logError: (message: string, error: unknown) => void;
+};
+
+export type CloneProjectOperation = {
+ waitForCompletion: Promise;
+ cancel: () => void;
+};
+
+async function defaultPathExists(targetPath: string): Promise {
+ try {
+ await access(targetPath);
+ return true;
+ } catch (error) {
+ if ((error as NodeJS.ErrnoException).code === 'ENOENT') {
+ return false;
+ }
+
+ throw error;
+ }
+}
+
+function sanitizeGitError(message: string, token: string | null): string {
+ if (!message || !token) {
+ return message;
+ }
+
+ const escapedToken = token.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+ return message.replace(new RegExp(escapedToken, 'g'), '***');
+}
+
+function resolveCloneFailureMessage(lastError: string, sanitizedError: string): string {
+ if (lastError.includes('Authentication failed') || lastError.includes('could not read Username')) {
+ return 'Authentication failed. Please check your credentials.';
+ }
+
+ if (lastError.includes('Repository not found')) {
+ return 'Repository not found. Please check the URL and ensure you have access.';
+ }
+
+ if (lastError.includes('already exists')) {
+ return 'Directory already exists';
+ }
+
+ if (sanitizedError) {
+ return sanitizedError;
+ }
+
+ return 'Git clone failed';
+}
+
+function resolveErrorMessage(error: unknown): string {
+ if (error instanceof AppError) {
+ return error.message;
+ }
+
+ if (error instanceof Error && error.message) {
+ return error.message;
+ }
+
+ return 'Unexpected error';
+}
+
+const defaultDependencies: CloneProjectDependencies = {
+ validatePath: validateWorkspacePath,
+ ensureDirectory: async (directoryPath: string): Promise => {
+ await mkdir(directoryPath, { recursive: true });
+ },
+ pathExists: defaultPathExists,
+ removePath: async (targetPath: string): Promise => {
+ await rm(targetPath, { recursive: true, force: true });
+ },
+ getGithubTokenById: async (
+ tokenId: number,
+ userId: number,
+ ): Promise<{ github_token: string } | null> => {
+ const tokenRow = githubTokensDb.getGithubTokenById(userId, tokenId) as
+ | { github_token: string }
+ | null;
+ return tokenRow;
+ },
+ spawnGitClone: (cloneUrl: string, clonePath: string): GitCloneProcess =>
+ spawn('git', ['clone', '--progress', '--', cloneUrl, clonePath], {
+ stdio: ['ignore', 'pipe', 'pipe'],
+ env: {
+ ...process.env,
+ GIT_TERMINAL_PROMPT: '0',
+ },
+ }) as unknown as GitCloneProcess,
+ registerProject: async (
+ projectPath: string,
+ customName: string,
+ ): Promise<{ project: Record }> =>
+ createProject({
+ projectPath,
+ customName,
+ }) as Promise<{ project: Record }>,
+ logError: (message: string, error: unknown): void => {
+ console.error(message, error);
+ },
+};
+
+export async function startCloneProject(
+ input: CloneProjectInput,
+ handlers: CloneProjectEventHandlers,
+ dependencies: CloneProjectDependencies = defaultDependencies,
+): Promise {
+ const normalizedWorkspacePath = input.workspacePath.trim();
+ const normalizedGithubUrl = input.githubUrl.trim();
+
+ if (!normalizedWorkspacePath) {
+ throw new AppError('workspacePath and githubUrl are required', {
+ code: 'WORKSPACE_PATH_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ if (!normalizedGithubUrl) {
+ throw new AppError('workspacePath and githubUrl are required', {
+ code: 'GITHUB_URL_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ if (normalizedGithubUrl.startsWith('-')) {
+ throw new AppError('Invalid githubUrl', {
+ code: 'INVALID_GITHUB_URL',
+ statusCode: 400,
+ });
+ }
+
+ const pathValidation = await dependencies.validatePath(normalizedWorkspacePath);
+ if (!pathValidation.valid || !pathValidation.resolvedPath) {
+ throw new AppError(pathValidation.error || 'Invalid workspace path', {
+ code: 'INVALID_PROJECT_PATH',
+ statusCode: 400,
+ });
+ }
+
+ const absolutePath = pathValidation.resolvedPath;
+ await dependencies.ensureDirectory(absolutePath);
+
+ let githubToken: string | null = null;
+ if (typeof input.githubTokenId === 'number') {
+ const numericUserId =
+ typeof input.userId === 'number' ? input.userId : Number.parseInt(String(input.userId), 10);
+ if (Number.isNaN(numericUserId)) {
+ throw new AppError('Authenticated user is required', {
+ code: 'AUTHENTICATION_REQUIRED',
+ statusCode: 401,
+ });
+ }
+
+ const token = await dependencies.getGithubTokenById(input.githubTokenId, numericUserId);
+ if (!token) {
+ throw new AppError('GitHub token not found', {
+ code: 'GITHUB_TOKEN_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ githubToken = token.github_token;
+ } else if (input.newGithubToken && input.newGithubToken.trim().length > 0) {
+ githubToken = input.newGithubToken.trim();
+ }
+
+ const sanitizedGithubUrl = normalizedGithubUrl.replace(/\/+$/, '').replace(/\.git$/, '');
+ const repoName = sanitizedGithubUrl.split('/').pop() || 'repository';
+ const clonePath = path.join(absolutePath, repoName);
+
+ if (await dependencies.pathExists(clonePath)) {
+ throw new AppError(
+ `Directory "${repoName}" already exists. Please choose a different location or remove the existing directory.`,
+ {
+ code: 'CLONE_TARGET_ALREADY_EXISTS',
+ statusCode: 409,
+ },
+ );
+ }
+
+ let cloneUrl = normalizedGithubUrl;
+ if (githubToken) {
+ try {
+ const url = new URL(normalizedGithubUrl);
+ url.username = githubToken;
+ url.password = '';
+ cloneUrl = url.toString();
+ } catch {
+ // SSH URLs cannot be represented by URL constructor and are used as-is.
+ }
+ }
+
+ handlers.onProgress(`Cloning into '${repoName}'...`);
+ const gitProcess = dependencies.spawnGitClone(cloneUrl, clonePath);
+ let lastError = '';
+
+ gitProcess.stdout?.on('data', (data: Buffer | string) => {
+ const message = data.toString().trim();
+ if (message) {
+ handlers.onProgress(message);
+ }
+ });
+
+ gitProcess.stderr?.on('data', (data: Buffer | string) => {
+ const message = data.toString().trim();
+ lastError = message;
+ if (message) {
+ handlers.onProgress(message);
+ }
+ });
+
+ const waitForCompletion = new Promise((resolve, reject) => {
+ gitProcess.on('close', async (code) => {
+ if (code === 0) {
+ try {
+ const createdProject = await dependencies.registerProject(clonePath, repoName);
+ handlers.onComplete({
+ project: createdProject.project,
+ message: 'Repository cloned successfully',
+ });
+ resolve();
+ } catch (error) {
+ reject(
+ new AppError(`Clone succeeded but failed to add project: ${resolveErrorMessage(error)}`, {
+ code: 'CLONE_PROJECT_REGISTRATION_FAILED',
+ statusCode: 500,
+ }),
+ );
+ }
+ return;
+ }
+
+ const sanitizedError = sanitizeGitError(lastError, githubToken);
+ const errorMessage = resolveCloneFailureMessage(lastError, sanitizedError);
+
+ try {
+ await dependencies.removePath(clonePath);
+ } catch (cleanupError) {
+ dependencies.logError('Failed to clean up after clone failure:', cleanupError);
+ }
+
+ reject(
+ new AppError(errorMessage, {
+ code: 'GIT_CLONE_FAILED',
+ statusCode: 500,
+ }),
+ );
+ });
+
+ gitProcess.on('error', (error) => {
+ if (error.code === 'ENOENT') {
+ reject(
+ new AppError('Git is not installed or not in PATH', {
+ code: 'GIT_NOT_FOUND',
+ statusCode: 500,
+ }),
+ );
+ return;
+ }
+
+ reject(
+ new AppError(error.message, {
+ code: 'GIT_EXECUTION_FAILED',
+ statusCode: 500,
+ }),
+ );
+ });
+ });
+
+ return {
+ waitForCompletion,
+ cancel: () => {
+ gitProcess.kill();
+ },
+ };
+}
diff --git a/server/modules/projects/services/project-delete.service.ts b/server/modules/projects/services/project-delete.service.ts
new file mode 100644
index 00000000..a743b4b6
--- /dev/null
+++ b/server/modules/projects/services/project-delete.service.ts
@@ -0,0 +1,75 @@
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+
+import { projectsDb, sessionsDb } from '@/modules/database/index.js';
+import { AppError } from '@/shared/utils.js';
+
+function uniqueJsonlPathsFromSessions(
+ sessions: Array<{ jsonl_path: string | null }>,
+): string[] {
+ const seen = new Set();
+ const result: string[] = [];
+
+ for (const row of sessions) {
+ const raw = row.jsonl_path?.trim();
+ if (!raw) {
+ continue;
+ }
+ const absolute = path.isAbsolute(raw) ? path.normalize(raw) : path.resolve(raw);
+ if (seen.has(absolute)) {
+ continue;
+ }
+ seen.add(absolute);
+ result.push(absolute);
+ }
+
+ return result;
+}
+
+async function unlinkJsonlIfExists(filePath: string): Promise {
+ try {
+ await fs.unlink(filePath);
+ } catch (error) {
+ const code = (error as NodeJS.ErrnoException).code;
+ if (code === 'ENOENT') {
+ return;
+ }
+ console.warn(`[project-delete] Failed to remove ${filePath}:`, (error as Error).message);
+ }
+}
+
+/**
+ * Loads all session rows for the project path and removes each distinct `jsonl_path` file on disk.
+ */
+export async function deleteSessionJsonlFilesForProjectPath(projectPath: string): Promise {
+ const sessions = sessionsDb.getSessionsByProjectPath(projectPath);
+ const paths = uniqueJsonlPathsFromSessions(sessions);
+
+ for (const filePath of paths) {
+ await unlinkJsonlIfExists(filePath);
+ }
+}
+
+/**
+ * - **Soft delete** (`force` false): set `isArchived` on the `projects` row (hide from the active list; DB only).
+ * - **Force** (`force` true): for each session row for that `project_path`, delete the file at `jsonl_path`
+ * (when set), then remove session rows and the `projects` row.
+ */
+export async function deleteOrArchiveProject(projectId: string, force: boolean): Promise {
+ const row = projectsDb.getProjectById(projectId);
+ if (!row) {
+ throw new AppError(`Unknown projectId: ${projectId}`, {
+ code: 'PROJECT_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ if (!force) {
+ projectsDb.updateProjectIsArchivedById(projectId, true);
+ return;
+ }
+
+ await deleteSessionJsonlFilesForProjectPath(row.project_path);
+ sessionsDb.deleteSessionsByProjectPath(row.project_path);
+ projectsDb.deleteProjectById(projectId);
+}
diff --git a/server/modules/projects/services/project-management.service.ts b/server/modules/projects/services/project-management.service.ts
new file mode 100644
index 00000000..9dbe857e
--- /dev/null
+++ b/server/modules/projects/services/project-management.service.ts
@@ -0,0 +1,150 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+
+import { projectsDb } from '@/modules/database/index.js';
+import type {
+ CreateProjectPathResult,
+ ProjectRepositoryRow,
+ WorkspacePathValidationResult,
+} from '@/shared/types.js';
+import { AppError, normalizeProjectPath, validateWorkspacePath } from '@/shared/utils.js';
+
+type CreateProjectInput = {
+ projectPath: string;
+ customName?: string | null;
+};
+
+type CreateProjectDependencies = {
+ validatePath: (projectPath: string) => Promise;
+ ensureWorkspaceDirectory: (projectPath: string) => Promise;
+ persistProjectPath: (projectPath: string, customName: string | null) => CreateProjectPathResult;
+ getProjectByPath: (projectPath: string) => ProjectRepositoryRow | null;
+};
+
+type ProjectApiView = {
+ projectId: string;
+ path: string;
+ fullPath: string;
+ displayName: string;
+ customName: string | null;
+ isArchived: boolean;
+ isStarred: boolean;
+ sessions: [];
+ cursorSessions: [];
+ codexSessions: [];
+ geminiSessions: [];
+ sessionMeta: {
+ hasMore: false;
+ total: 0;
+ };
+};
+
+type CreateProjectServiceResult = {
+ outcome: 'created' | 'reactivated_archived';
+ project: ProjectApiView;
+};
+
+const defaultDependencies: CreateProjectDependencies = {
+ validatePath: validateWorkspacePath,
+ ensureWorkspaceDirectory: async (projectPath: string): Promise => {
+ await fs.mkdir(projectPath, { recursive: true });
+ const directoryStats = await fs.stat(projectPath);
+ if (!directoryStats.isDirectory()) {
+ throw new AppError('Path exists but is not a directory', {
+ code: 'PROJECT_PATH_NOT_DIRECTORY',
+ statusCode: 400,
+ });
+ }
+ },
+ persistProjectPath: (projectPath: string, customName: string | null): CreateProjectPathResult =>
+ projectsDb.createProjectPath(projectPath, customName),
+ getProjectByPath: (projectPath: string): ProjectRepositoryRow | null =>
+ projectsDb.getProjectPath(projectPath),
+};
+
+function resolveDisplayName(customName: string | null | undefined, projectPath: string): string {
+ const trimmedCustomName = typeof customName === 'string' ? customName.trim() : '';
+ if (trimmedCustomName.length > 0) {
+ return trimmedCustomName;
+ }
+
+ return path.basename(projectPath) || projectPath;
+}
+
+function mapProjectRowToApiView(projectRow: ProjectRepositoryRow): ProjectApiView {
+ return {
+ projectId: projectRow.project_id,
+ path: projectRow.project_path,
+ fullPath: projectRow.project_path,
+ displayName: resolveDisplayName(projectRow.custom_project_name, projectRow.project_path),
+ customName: projectRow.custom_project_name,
+ isArchived: Boolean(projectRow.isArchived),
+ isStarred: Boolean(projectRow.isStarred),
+ sessions: [],
+ cursorSessions: [],
+ codexSessions: [],
+ geminiSessions: [],
+ sessionMeta: {
+ hasMore: false,
+ total: 0,
+ },
+ };
+}
+
+export async function createProject(
+ input: CreateProjectInput,
+ dependencies: CreateProjectDependencies = defaultDependencies,
+): Promise {
+ const normalizedPath = normalizeProjectPath(input.projectPath || '');
+ if (!normalizedPath) {
+ throw new AppError('path is required', {
+ code: 'PROJECT_PATH_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ const pathValidation = await dependencies.validatePath(normalizedPath);
+ if (!pathValidation.valid || !pathValidation.resolvedPath) {
+ throw new AppError('Invalid project path', {
+ code: 'INVALID_PROJECT_PATH',
+ statusCode: 400,
+ details: pathValidation.error ?? 'Path validation failed',
+ });
+ }
+
+ const resolvedProjectPath = normalizeProjectPath(pathValidation.resolvedPath);
+ await dependencies.ensureWorkspaceDirectory(resolvedProjectPath);
+
+ const normalizedCustomName = resolveDisplayName(input.customName ?? null, resolvedProjectPath);
+ const persistedProject = dependencies.persistProjectPath(resolvedProjectPath, normalizedCustomName);
+
+ if (persistedProject.outcome === 'active_conflict') {
+ throw new AppError('Project path already exists and is active', {
+ code: 'PROJECT_ALREADY_EXISTS',
+ statusCode: 409,
+ details: `Project path already exists: ${resolvedProjectPath}`,
+ });
+ }
+
+ const projectRow = persistedProject.project ?? dependencies.getProjectByPath(resolvedProjectPath);
+ if (!projectRow) {
+ throw new AppError('Failed to resolve project after creation', {
+ code: 'PROJECT_CREATE_FAILED',
+ statusCode: 500,
+ });
+ }
+
+ // Archived rows intentionally remain archived when reused, as requested.
+ return {
+ outcome: persistedProject.outcome,
+ project: mapProjectRowToApiView(projectRow),
+ };
+}
+
+/**
+ * Sets `projects.custom_project_name` for the given `projectId` (or clears it when empty).
+ */
+export function updateProjectDisplayName(projectId: string, newDisplayName: unknown): void {
+ const trimmed = typeof newDisplayName === 'string' ? newDisplayName.trim() : '';
+ projectsDb.updateCustomProjectNameById(projectId, trimmed.length > 0 ? trimmed : null);
+}
diff --git a/server/modules/projects/services/project-star.service.ts b/server/modules/projects/services/project-star.service.ts
new file mode 100644
index 00000000..2c7f11ac
--- /dev/null
+++ b/server/modules/projects/services/project-star.service.ts
@@ -0,0 +1,78 @@
+import { projectsDb } from '@/modules/database/index.js';
+import { AppError } from '@/shared/utils.js';
+
+type ToggleProjectStarResult = {
+ isStarred: boolean;
+};
+
+type ApplyLegacyStarredProjectIdsResult = {
+ updated: number;
+};
+
+function normalizeProjectId(projectId: string): string {
+ return projectId.trim();
+}
+
+function uniqueProjectIds(projectIds: string[]): string[] {
+ const uniqueIds = new Set();
+ for (const projectId of projectIds) {
+ const normalizedProjectId = normalizeProjectId(projectId);
+ if (!normalizedProjectId) {
+ continue;
+ }
+ uniqueIds.add(normalizedProjectId);
+ }
+ return [...uniqueIds];
+}
+
+/**
+ * Applies legacy `localStorage` stars keyed by DB `projectId` onto `projects.isStarred`.
+ *
+ * The operation is idempotent: already-starred projects are ignored, unknown ids are skipped.
+ */
+export function applyLegacyStarredProjectIds(projectIds: string[]): ApplyLegacyStarredProjectIdsResult {
+ const normalizedProjectIds = uniqueProjectIds(projectIds);
+ let updated = 0;
+
+ for (const projectId of normalizedProjectIds) {
+ const project = projectsDb.getProjectById(projectId);
+ if (!project) {
+ continue;
+ }
+
+ if (Boolean(project.isStarred)) {
+ continue;
+ }
+
+ projectsDb.updateProjectIsStarredById(projectId, true);
+ updated += 1;
+ }
+
+ return { updated };
+}
+
+/**
+ * Flips `projects.isStarred` for one project and returns the new state.
+ */
+export function toggleProjectStar(projectId: string): ToggleProjectStarResult {
+ const normalizedProjectId = normalizeProjectId(projectId);
+ if (!normalizedProjectId) {
+ throw new AppError('projectId is required', {
+ code: 'PROJECT_ID_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ const project = projectsDb.getProjectById(normalizedProjectId);
+ if (!project) {
+ throw new AppError('Project not found', {
+ code: 'PROJECT_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ const nextStarredState = !Boolean(project.isStarred);
+ projectsDb.updateProjectIsStarredById(normalizedProjectId, nextStarredState);
+
+ return { isStarred: nextStarredState };
+}
diff --git a/server/modules/projects/services/projects-has-taskmaster.service.ts b/server/modules/projects/services/projects-has-taskmaster.service.ts
new file mode 100644
index 00000000..ee1d6c6c
--- /dev/null
+++ b/server/modules/projects/services/projects-has-taskmaster.service.ts
@@ -0,0 +1,248 @@
+import { access, readFile, stat } from 'node:fs/promises';
+import path from 'node:path';
+
+import { projectsDb } from '@/modules/database/index.js';
+import { AppError } from '@/shared/utils.js';
+
+type TaskMasterTask = {
+ status?: string;
+ subtasks?: Array<{
+ status?: string;
+ }>;
+};
+
+type TaskMasterMetadata =
+ | {
+ taskCount: number;
+ subtaskCount: number;
+ completed: number;
+ pending: number;
+ inProgress: number;
+ review: number;
+ completionPercentage: number;
+ lastModified: string;
+ }
+ | {
+ error: string;
+ }
+ | null;
+
+type TaskMasterDetectionResult = {
+ hasTaskmaster: boolean;
+ hasEssentialFiles?: boolean;
+ files?: Record;
+ metadata?: TaskMasterMetadata;
+ path?: string;
+ reason?: string;
+};
+
+type NormalizedTaskMasterInfo = {
+ hasTaskmaster: boolean;
+ hasEssentialFiles: boolean;
+ metadata: TaskMasterMetadata;
+ status: 'configured' | 'not-configured';
+};
+
+type GetProjectTaskMasterByIdResult = {
+ projectId: string;
+ projectPath: string;
+ taskmaster: NormalizedTaskMasterInfo;
+};
+
+type GetProjectTaskMasterDependencies = {
+ resolveProjectPathById: (projectId: string) => string | null;
+ detectTaskMasterFolder: (projectPath: string) => Promise;
+};
+
+type GetProjectTaskMasterResolver = (projectId: string) => Promise;
+
+function extractTasksFromJson(tasksData: unknown): TaskMasterTask[] {
+ if (!tasksData || typeof tasksData !== 'object') {
+ return [];
+ }
+
+ const legacyTasks = (tasksData as { tasks?: unknown }).tasks;
+ if (Array.isArray(legacyTasks)) {
+ return legacyTasks as TaskMasterTask[];
+ }
+
+ const taggedTaskCollections: TaskMasterTask[] = [];
+ for (const tagValue of Object.values(tasksData)) {
+ if (!tagValue || typeof tagValue !== 'object') {
+ continue;
+ }
+
+ const tagTasks = (tagValue as { tasks?: unknown }).tasks;
+ if (Array.isArray(tagTasks)) {
+ taggedTaskCollections.push(...(tagTasks as TaskMasterTask[]));
+ }
+ }
+
+ return taggedTaskCollections;
+}
+
+async function detectTaskMasterFolder(projectPath: string): Promise {
+ try {
+ const taskMasterPath = path.join(projectPath, '.taskmaster');
+
+ try {
+ const taskMasterStats = await stat(taskMasterPath);
+ if (!taskMasterStats.isDirectory()) {
+ return {
+ hasTaskmaster: false,
+ reason: '.taskmaster exists but is not a directory',
+ };
+ }
+ } catch (error) {
+ const fileError = error as NodeJS.ErrnoException;
+ if (fileError.code === 'ENOENT') {
+ return {
+ hasTaskmaster: false,
+ reason: '.taskmaster directory not found',
+ };
+ }
+
+ throw fileError;
+ }
+
+ const keyFiles = ['tasks/tasks.json', 'config.json'];
+ const fileStatus: Record = {};
+ let hasEssentialFiles = true;
+
+ for (const fileName of keyFiles) {
+ const absoluteFilePath = path.join(taskMasterPath, fileName);
+ try {
+ await access(absoluteFilePath);
+ fileStatus[fileName] = true;
+ } catch {
+ fileStatus[fileName] = false;
+ if (fileName === 'tasks/tasks.json') {
+ hasEssentialFiles = false;
+ }
+ }
+ }
+
+ let taskMetadata: TaskMasterMetadata = null;
+ if (fileStatus['tasks/tasks.json']) {
+ const tasksPath = path.join(taskMasterPath, 'tasks/tasks.json');
+ try {
+ const tasksContent = await readFile(tasksPath, 'utf8');
+ const parsedTasksJson = JSON.parse(tasksContent) as unknown;
+ const tasks = extractTasksFromJson(parsedTasksJson);
+
+ const stats = tasks.reduce(
+ (accumulator, currentTask) => {
+ accumulator.total += 1;
+ const normalizedTaskStatus = currentTask.status || 'pending';
+ accumulator.byStatus[normalizedTaskStatus] = (accumulator.byStatus[normalizedTaskStatus] || 0) + 1;
+
+ if (Array.isArray(currentTask.subtasks)) {
+ for (const subtask of currentTask.subtasks) {
+ accumulator.subtotalTasks += 1;
+ const normalizedSubtaskStatus = subtask.status || 'pending';
+ accumulator.subtaskByStatus[normalizedSubtaskStatus] =
+ (accumulator.subtaskByStatus[normalizedSubtaskStatus] || 0) + 1;
+ }
+ }
+
+ return accumulator;
+ },
+ {
+ total: 0,
+ subtotalTasks: 0,
+ byStatus: {} as Record,
+ subtaskByStatus: {} as Record,
+ },
+ );
+
+ const tasksStat = await stat(tasksPath);
+ taskMetadata = {
+ taskCount: stats.total,
+ subtaskCount: stats.subtotalTasks,
+ completed: stats.byStatus.done || 0,
+ pending: stats.byStatus.pending || 0,
+ inProgress: stats.byStatus['in-progress'] || 0,
+ review: stats.byStatus.review || 0,
+ completionPercentage: stats.total > 0 ? Math.round(((stats.byStatus.done || 0) / stats.total) * 100) : 0,
+ lastModified: tasksStat.mtime.toISOString(),
+ };
+ } catch (parseError) {
+ console.warn('Failed to parse tasks.json:', (parseError as Error).message);
+ taskMetadata = {
+ error: 'Failed to parse tasks.json',
+ };
+ }
+ }
+
+ return {
+ hasTaskmaster: true,
+ hasEssentialFiles,
+ files: fileStatus,
+ metadata: taskMetadata,
+ path: taskMasterPath,
+ };
+ } catch (error) {
+ console.error('Error detecting TaskMaster folder:', error);
+ return {
+ hasTaskmaster: false,
+ reason: `Error checking directory: ${(error as Error).message}`,
+ };
+ }
+}
+
+function normalizeTaskMasterInfo(taskMasterResult: TaskMasterDetectionResult | null = null): NormalizedTaskMasterInfo {
+ const hasTaskmaster = Boolean(taskMasterResult?.hasTaskmaster);
+ const hasEssentialFiles = Boolean(taskMasterResult?.hasEssentialFiles);
+
+ return {
+ hasTaskmaster,
+ hasEssentialFiles,
+ metadata: taskMasterResult?.metadata ?? null,
+ status: hasTaskmaster && hasEssentialFiles ? 'configured' : 'not-configured',
+ };
+}
+
+const defaultDependencies: GetProjectTaskMasterDependencies = {
+ resolveProjectPathById: (projectId: string): string | null => projectsDb.getProjectPathById(projectId),
+ detectTaskMasterFolder,
+};
+
+export async function getProjectTaskMasterById(
+ projectId: string,
+ dependencies: GetProjectTaskMasterDependencies = defaultDependencies,
+): Promise {
+ const projectPath = dependencies.resolveProjectPathById(projectId);
+ if (!projectPath) {
+ return null;
+ }
+
+ const taskMasterResult = await dependencies.detectTaskMasterFolder(projectPath);
+ return {
+ projectId,
+ projectPath,
+ taskmaster: normalizeTaskMasterInfo(taskMasterResult),
+ };
+}
+
+export async function getProjectTaskMaster(
+ projectId: string,
+ resolveById: GetProjectTaskMasterResolver = getProjectTaskMasterById,
+): Promise {
+ const normalizedProjectId = projectId.trim();
+ if (!normalizedProjectId) {
+ throw new AppError('projectId is required', {
+ code: 'PROJECT_ID_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ const taskMasterDetails = await resolveById(normalizedProjectId);
+ if (!taskMasterDetails) {
+ throw new AppError('Project not found', {
+ code: 'PROJECT_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ return taskMasterDetails;
+}
diff --git a/server/modules/projects/services/projects-with-sessions-fetch.service.ts b/server/modules/projects/services/projects-with-sessions-fetch.service.ts
new file mode 100644
index 00000000..4d473a21
--- /dev/null
+++ b/server/modules/projects/services/projects-with-sessions-fetch.service.ts
@@ -0,0 +1,285 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+
+import { projectsDb, sessionsDb } from '@/modules/database/index.js';
+import { sessionSynchronizerService } from '@/modules/providers/index.js';
+import { WS_OPEN_STATE, connectedClients } from '@/modules/websocket/index.js';
+import type { RealtimeClientConnection } from '@/shared/types.js';
+import { AppError } from '@/shared/utils.js';
+
+type SessionSummary = {
+ id: string;
+ summary: string;
+ messageCount: number;
+ lastActivity: string;
+};
+
+type SessionsByProvider = Record<'claude' | 'cursor' | 'codex' | 'gemini', SessionSummary[]>;
+
+type SessionRepositoryRow = {
+ provider: string;
+ session_id: string;
+ custom_name?: string | null;
+ updated_at?: string | null;
+ created_at?: string | null;
+};
+
+export type ProjectListItem = {
+ projectId: string;
+ path: string;
+ displayName: string;
+ fullPath: string;
+ isStarred: boolean;
+ sessions: SessionSummary[];
+ cursorSessions: SessionSummary[];
+ codexSessions: SessionSummary[];
+ geminiSessions: SessionSummary[];
+ sessionMeta: {
+ hasMore: boolean;
+ total: number;
+ };
+};
+
+type ProgressUpdate = {
+ phase: 'loading' | 'complete';
+ current: number;
+ total: number;
+ currentProject?: string;
+};
+
+type GetProjectsWithSessionsOptions = {
+ skipSynchronization?: boolean;
+ sessionsLimit?: number;
+ sessionsOffset?: number;
+};
+
+type SessionPaginationOptions = {
+ limit?: number;
+ offset?: number;
+};
+
+type ProjectSessionsPageResult = {
+ sessionsByProvider: SessionsByProvider;
+ total: number;
+ hasMore: boolean;
+};
+
+export type ProjectSessionsPageApiView = {
+ projectId: string;
+ sessions: SessionSummary[];
+ cursorSessions: SessionSummary[];
+ codexSessions: SessionSummary[];
+ geminiSessions: SessionSummary[];
+ sessionMeta: {
+ hasMore: boolean;
+ total: number;
+ };
+};
+
+const DEFAULT_PROJECT_SESSIONS_PAGE_SIZE = 20;
+const MAX_PROJECT_SESSIONS_PAGE_SIZE = 200;
+
+/**
+ * Generate better display name from path.
+ */
+export async function generateDisplayName(projectName: string, actualProjectDir: string | null = null): Promise {
+ // Use actual project directory if provided, otherwise decode from project name.
+ const projectPath = actualProjectDir || projectName.replace(/-/g, '/');
+
+ // Try to read package.json from the project path.
+ try {
+ const packageJsonPath = path.join(projectPath, 'package.json');
+ const packageData = await fs.readFile(packageJsonPath, 'utf8');
+ const packageJson = JSON.parse(packageData) as { name?: string };
+
+ // Return the name from package.json if it exists.
+ if (packageJson.name) {
+ return packageJson.name;
+ }
+ } catch {
+ // Fall back to path-based naming if package.json doesn't exist or can't be read.
+ }
+
+ // If it starts with /, it's an absolute path.
+ if (projectPath.startsWith('/')) {
+ const parts = projectPath.split('/').filter(Boolean);
+ // Return only the last folder name.
+ return parts[parts.length - 1] || projectPath;
+ }
+
+ return projectPath;
+}
+
+function normalizeSessionPagination(options: SessionPaginationOptions = {}): { limit: number; offset: number } {
+ const rawLimit = Number.isFinite(options.limit) ? Math.floor(Number(options.limit)) : DEFAULT_PROJECT_SESSIONS_PAGE_SIZE;
+ const rawOffset = Number.isFinite(options.offset) ? Math.floor(Number(options.offset)) : 0;
+
+ return {
+ limit: Math.min(Math.max(1, rawLimit), MAX_PROJECT_SESSIONS_PAGE_SIZE),
+ offset: Math.max(0, rawOffset),
+ };
+}
+
+function mapSessionRowToSummary(row: SessionRepositoryRow): SessionSummary {
+ return {
+ id: row.session_id,
+ summary: row.custom_name || '',
+ messageCount: 0,
+ lastActivity: row.updated_at ?? row.created_at ?? new Date().toISOString(),
+ };
+}
+
+function bucketSessionRowsByProvider(rows: SessionRepositoryRow[]): SessionsByProvider {
+ const byProvider: SessionsByProvider = {
+ claude: [],
+ cursor: [],
+ codex: [],
+ gemini: [],
+ };
+
+ for (const row of rows) {
+ const provider = row.provider as keyof SessionsByProvider;
+ const bucket = byProvider[provider];
+ if (!bucket) {
+ continue;
+ }
+
+ bucket.push(mapSessionRowToSummary(row));
+ }
+
+ return byProvider;
+}
+
+/**
+ * Reads one paginated project session slice from the DB and groups rows by provider.
+ */
+function readProjectSessionsPageByPath(
+ projectPath: string,
+ options: SessionPaginationOptions = {},
+): ProjectSessionsPageResult {
+ const pagination = normalizeSessionPagination(options);
+ const rows = sessionsDb.getSessionsByProjectPathPage(
+ projectPath,
+ pagination.limit,
+ pagination.offset,
+ ) as SessionRepositoryRow[];
+ const total = sessionsDb.countSessionsByProjectPath(projectPath);
+
+ return {
+ sessionsByProvider: bucketSessionRowsByProvider(rows),
+ total,
+ hasMore: pagination.offset + rows.length < total,
+ };
+}
+
+// Broadcast progress to all connected WebSocket clients
+function broadcastProgress(progress: ProgressUpdate) {
+ const message = JSON.stringify({
+ type: 'loading_progress',
+ ...progress,
+ });
+
+ connectedClients.forEach((client: RealtimeClientConnection) => {
+ if (client.readyState === WS_OPEN_STATE) {
+ client.send(message);
+ }
+ });
+}
+
+/**
+ * Reads all projects from DB and returns provider-bucketed session summaries.
+ */
+export async function getProjectsWithSessions(
+ options: GetProjectsWithSessionsOptions = {}
+): Promise {
+ if (!options.skipSynchronization) {
+ await sessionSynchronizerService.synchronizeSessions();
+ }
+
+ const projectRows = projectsDb.getProjectPaths() as Array<{
+ project_id: string;
+ project_path: string;
+ custom_project_name?: string | null;
+ isStarred?: number;
+ }>;
+ const totalProjects = projectRows.length;
+ const projects: ProjectListItem[] = [];
+ let processedProjects = 0;
+
+ for (const row of projectRows) {
+ processedProjects += 1;
+
+ const projectId = row.project_id;
+ const projectPath = row.project_path;
+
+ broadcastProgress({
+ phase: 'loading',
+ current: processedProjects,
+ total: totalProjects,
+ currentProject: projectPath,
+ });
+
+ const displayName =
+ row.custom_project_name && row.custom_project_name.trim().length > 0
+ ? row.custom_project_name
+ : await generateDisplayName(path.basename(projectPath) || projectPath, projectPath);
+
+ const sessionsPage = readProjectSessionsPageByPath(projectPath, {
+ limit: options.sessionsLimit,
+ offset: options.sessionsOffset,
+ });
+
+ projects.push({
+ projectId,
+ path: projectPath,
+ displayName,
+ fullPath: projectPath,
+ isStarred: Boolean(row.isStarred),
+ sessions: sessionsPage.sessionsByProvider.claude,
+ cursorSessions: sessionsPage.sessionsByProvider.cursor,
+ codexSessions: sessionsPage.sessionsByProvider.codex,
+ geminiSessions: sessionsPage.sessionsByProvider.gemini,
+ sessionMeta: {
+ hasMore: sessionsPage.hasMore,
+ total: sessionsPage.total,
+ },
+ });
+ }
+
+ broadcastProgress({
+ phase: 'complete',
+ current: totalProjects,
+ total: totalProjects,
+ });
+
+ return projects;
+}
+
+/**
+ * Loads one paginated session slice for a specific project id.
+ */
+export async function getProjectSessionsPage(
+ projectId: string,
+ options: SessionPaginationOptions = {},
+): Promise {
+ const projectRow = projectsDb.getProjectById(projectId);
+ if (!projectRow) {
+ throw new AppError(`Project "${projectId}" was not found.`, {
+ code: 'PROJECT_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ const sessionsPage = readProjectSessionsPageByPath(projectRow.project_path, options);
+ return {
+ projectId: projectRow.project_id,
+ sessions: sessionsPage.sessionsByProvider.claude,
+ cursorSessions: sessionsPage.sessionsByProvider.cursor,
+ codexSessions: sessionsPage.sessionsByProvider.codex,
+ geminiSessions: sessionsPage.sessionsByProvider.gemini,
+ sessionMeta: {
+ hasMore: sessionsPage.hasMore,
+ total: sessionsPage.total,
+ },
+ };
+}
diff --git a/server/modules/projects/tests/project-clone.service.test.ts b/server/modules/projects/tests/project-clone.service.test.ts
new file mode 100644
index 00000000..85c807d8
--- /dev/null
+++ b/server/modules/projects/tests/project-clone.service.test.ts
@@ -0,0 +1,183 @@
+import assert from 'node:assert/strict';
+import { EventEmitter } from 'node:events';
+import path from 'node:path';
+import { PassThrough } from 'node:stream';
+import test from 'node:test';
+
+import { startCloneProject } from '@/modules/projects/services/project-clone.service.js';
+import { AppError } from '@/shared/utils.js';
+
+type TestDependencies = Parameters[2];
+
+function buildDependencies(overrides: Partial> = {}): NonNullable {
+ return {
+ validatePath: async () => ({ valid: true, resolvedPath: '/workspace/root' }),
+ ensureDirectory: async () => undefined,
+ pathExists: async () => false,
+ removePath: async () => undefined,
+ getGithubTokenById: async () => ({ github_token: 'token-value' }),
+ spawnGitClone: () => {
+ throw new Error('spawnGitClone should be overridden in this test');
+ },
+ registerProject: async () => ({ project: { projectId: 'project-1' } }),
+ logError: () => undefined,
+ ...overrides,
+ };
+}
+
+function createMockGitProcess() {
+ const emitter = new EventEmitter() as EventEmitter & {
+ stdout: PassThrough;
+ stderr: PassThrough;
+ kill: () => void;
+ };
+
+ emitter.stdout = new PassThrough();
+ emitter.stderr = new PassThrough();
+ emitter.kill = () => {
+ emitter.emit('close', null);
+ };
+
+ return emitter;
+}
+
+test('startCloneProject rejects when workspace path is missing', async () => {
+ await assert.rejects(
+ async () =>
+ startCloneProject(
+ {
+ workspacePath: '',
+ githubUrl: 'https://github.com/example/repo',
+ userId: 1,
+ },
+ {
+ onProgress: () => undefined,
+ onComplete: () => undefined,
+ },
+ buildDependencies(),
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'WORKSPACE_PATH_REQUIRED');
+ return true;
+ },
+ );
+});
+
+test('startCloneProject rejects when github URL is missing', async () => {
+ await assert.rejects(
+ async () =>
+ startCloneProject(
+ {
+ workspacePath: '/workspace/root',
+ githubUrl: '',
+ userId: 1,
+ },
+ {
+ onProgress: () => undefined,
+ onComplete: () => undefined,
+ },
+ buildDependencies(),
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'GITHUB_URL_REQUIRED');
+ return true;
+ },
+ );
+});
+
+test('startCloneProject rejects github URL values that begin with option prefixes', async () => {
+ await assert.rejects(
+ async () =>
+ startCloneProject(
+ {
+ workspacePath: '/workspace/root',
+ githubUrl: '--upload-pack=malicious',
+ userId: 1,
+ },
+ {
+ onProgress: () => undefined,
+ onComplete: () => undefined,
+ },
+ buildDependencies(),
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'INVALID_GITHUB_URL');
+ return true;
+ },
+ );
+});
+
+test('startCloneProject rejects when selected github token does not exist', async () => {
+ await assert.rejects(
+ async () =>
+ startCloneProject(
+ {
+ workspacePath: '/workspace/root',
+ githubUrl: 'https://github.com/example/repo',
+ githubTokenId: 12,
+ userId: 1,
+ },
+ {
+ onProgress: () => undefined,
+ onComplete: () => undefined,
+ },
+ buildDependencies({
+ getGithubTokenById: async () => null,
+ }),
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'GITHUB_TOKEN_NOT_FOUND');
+ return true;
+ },
+ );
+});
+
+test('startCloneProject completes and emits complete payload when git exits successfully', async () => {
+ const gitProcess = createMockGitProcess();
+ const progressMessages: string[] = [];
+ let completePayload: { project: Record; message: string } | null = null;
+ let capturedProjectPath = '';
+ let capturedCustomName = '';
+
+ const operation = await startCloneProject(
+ {
+ workspacePath: '/workspace/root',
+ githubUrl: 'https://github.com/example/repo.git',
+ userId: 1,
+ },
+ {
+ onProgress: (message) => {
+ progressMessages.push(message);
+ },
+ onComplete: (payload: { project: Record; message: string }) => {
+ completePayload = payload;
+ },
+ },
+ buildDependencies({
+ spawnGitClone: () => gitProcess as any,
+ registerProject: async (projectPath, customName) => {
+ capturedProjectPath = projectPath;
+ capturedCustomName = customName;
+ return { project: { projectId: 'project-1', path: projectPath } };
+ },
+ }),
+ );
+
+ gitProcess.emit('close', 0);
+ await operation.waitForCompletion;
+
+ assert.ok(progressMessages.some((message) => message.includes("Cloning into 'repo'")));
+ assert.equal(capturedCustomName, 'repo');
+ assert.equal(path.basename(capturedProjectPath), 'repo');
+ assert.notEqual(completePayload, null);
+ const resolvedCompletePayload = completePayload as unknown as {
+ project: Record;
+ message: string;
+ };
+ assert.equal(resolvedCompletePayload.message, 'Repository cloned successfully');
+ assert.equal((resolvedCompletePayload.project.projectId as string) || '', 'project-1');
+});
diff --git a/server/modules/projects/tests/project-management.service.test.ts b/server/modules/projects/tests/project-management.service.test.ts
new file mode 100644
index 00000000..3b0e47bb
--- /dev/null
+++ b/server/modules/projects/tests/project-management.service.test.ts
@@ -0,0 +1,117 @@
+import assert from 'node:assert/strict';
+import test from 'node:test';
+
+import { createProject } from '@/modules/projects/services/project-management.service.js';
+import { AppError } from '@/shared/utils.js';
+
+const projectRow = {
+ project_id: 'project-1',
+ project_path: '/workspace/my-project',
+ custom_project_name: 'my-project',
+ isStarred: 0,
+ isArchived: 0,
+};
+
+test('createProject throws when project path is missing', async () => {
+ await assert.rejects(
+ async () => createProject({ projectPath: '' }),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'PROJECT_PATH_REQUIRED');
+ assert.equal(error.statusCode, 400);
+ return true;
+ },
+ );
+});
+
+test('createProject throws when path validation fails', async () => {
+ await assert.rejects(
+ async () =>
+ createProject(
+ { projectPath: '/invalid/path' },
+ {
+ validatePath: async () => ({ valid: false, error: 'blocked path' }),
+ ensureWorkspaceDirectory: async () => undefined,
+ persistProjectPath: () => ({ outcome: 'created', project: projectRow }),
+ getProjectByPath: () => projectRow,
+ },
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'INVALID_PROJECT_PATH');
+ assert.equal(error.statusCode, 400);
+ assert.equal(error.details, 'blocked path');
+ return true;
+ },
+ );
+});
+
+test('createProject throws conflict when active project path already exists', async () => {
+ await assert.rejects(
+ async () =>
+ createProject(
+ { projectPath: '/workspace/my-project' },
+ {
+ validatePath: async () => ({ valid: true, resolvedPath: '/workspace/my-project' }),
+ ensureWorkspaceDirectory: async () => undefined,
+ persistProjectPath: () => ({ outcome: 'active_conflict', project: projectRow }),
+ getProjectByPath: () => projectRow,
+ },
+ ),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'PROJECT_ALREADY_EXISTS');
+ assert.equal(error.statusCode, 409);
+ assert.equal(error.details, 'Project path already exists: /workspace/my-project');
+ return true;
+ },
+ );
+});
+
+test('createProject falls back to directory name when custom name is not provided', async () => {
+ let capturedCustomName: string | null = null;
+
+ const result = await createProject(
+ { projectPath: '/workspace/my-project', customName: '' },
+ {
+ validatePath: async () => ({ valid: true, resolvedPath: '/workspace/my-project' }),
+ ensureWorkspaceDirectory: async () => undefined,
+ persistProjectPath: (_projectPath, customName) => {
+ capturedCustomName = customName;
+ return {
+ outcome: 'created',
+ project: {
+ ...projectRow,
+ custom_project_name: customName,
+ },
+ };
+ },
+ getProjectByPath: () => projectRow,
+ },
+ );
+
+ assert.equal(capturedCustomName, 'my-project');
+ assert.equal(result.outcome, 'created');
+ assert.equal(result.project.displayName, 'my-project');
+});
+
+test('createProject returns archived reuse outcome when archived row is reused', async () => {
+ const result = await createProject(
+ { projectPath: '/workspace/my-project' },
+ {
+ validatePath: async () => ({ valid: true, resolvedPath: '/workspace/my-project' }),
+ ensureWorkspaceDirectory: async () => undefined,
+ persistProjectPath: () => ({
+ outcome: 'reactivated_archived',
+ project: {
+ ...projectRow,
+ isArchived: 1,
+ },
+ }),
+ getProjectByPath: () => projectRow,
+ },
+ );
+
+ assert.equal(result.outcome, 'reactivated_archived');
+ assert.equal(result.project.isArchived, true);
+});
diff --git a/server/modules/projects/tests/project-star.service.test.ts b/server/modules/projects/tests/project-star.service.test.ts
new file mode 100644
index 00000000..ea594c86
--- /dev/null
+++ b/server/modules/projects/tests/project-star.service.test.ts
@@ -0,0 +1,123 @@
+import assert from 'node:assert/strict';
+import test from 'node:test';
+
+import { projectsDb } from '@/modules/database/index.js';
+import { applyLegacyStarredProjectIds, toggleProjectStar } from '@/modules/projects/services/project-star.service.js';
+import { AppError } from '@/shared/utils.js';
+
+type ProjectRow = {
+ project_id: string;
+ project_path: string;
+ custom_project_name: string | null;
+ isStarred: number;
+ isArchived: number;
+};
+
+test('toggleProjectStar throws when projectId is missing', () => {
+ assert.throws(
+ () => toggleProjectStar(' '),
+ (error: unknown) =>
+ error instanceof AppError
+ && error.code === 'PROJECT_ID_REQUIRED'
+ && error.statusCode === 400,
+ );
+});
+
+test('toggleProjectStar throws when project does not exist', () => {
+ const originalGetProjectById = projectsDb.getProjectById;
+ try {
+ projectsDb.getProjectById = () => null;
+ assert.throws(
+ () => toggleProjectStar('project-1'),
+ (error: unknown) =>
+ error instanceof AppError
+ && error.code === 'PROJECT_NOT_FOUND'
+ && error.statusCode === 404,
+ );
+ } finally {
+ projectsDb.getProjectById = originalGetProjectById;
+ }
+});
+
+test('toggleProjectStar flips star state and persists it', () => {
+ const originalGetProjectById = projectsDb.getProjectById;
+ const originalUpdateProjectIsStarredById = projectsDb.updateProjectIsStarredById;
+
+ let capturedProjectId = '';
+ let capturedState = false;
+
+ try {
+ projectsDb.getProjectById = () =>
+ ({
+ project_id: 'project-1',
+ project_path: '/workspace/project-1',
+ custom_project_name: 'project-1',
+ isStarred: 0,
+ isArchived: 0,
+ }) as ProjectRow;
+ projectsDb.updateProjectIsStarredById = (projectId: string, isStarred: boolean) => {
+ capturedProjectId = projectId;
+ capturedState = isStarred;
+ };
+
+ const result = toggleProjectStar('project-1');
+
+ assert.equal(result.isStarred, true);
+ assert.equal(capturedProjectId, 'project-1');
+ assert.equal(capturedState, true);
+ } finally {
+ projectsDb.getProjectById = originalGetProjectById;
+ projectsDb.updateProjectIsStarredById = originalUpdateProjectIsStarredById;
+ }
+});
+
+test('applyLegacyStarredProjectIds stars only valid, unstarred projects', () => {
+ const originalGetProjectById = projectsDb.getProjectById;
+ const originalUpdateProjectIsStarredById = projectsDb.updateProjectIsStarredById;
+
+ const updatedProjectIds: string[] = [];
+
+ try {
+ projectsDb.getProjectById = (projectId: string) => {
+ if (projectId === 'project-a') {
+ return {
+ project_id: 'project-a',
+ project_path: '/workspace/project-a',
+ custom_project_name: 'A',
+ isStarred: 0,
+ isArchived: 0,
+ } as ProjectRow;
+ }
+
+ if (projectId === 'project-b') {
+ return {
+ project_id: 'project-b',
+ project_path: '/workspace/project-b',
+ custom_project_name: 'B',
+ isStarred: 1,
+ isArchived: 0,
+ } as ProjectRow;
+ }
+
+ return null;
+ };
+ projectsDb.updateProjectIsStarredById = (projectId: string) => {
+ updatedProjectIds.push(projectId);
+ };
+
+ const result = applyLegacyStarredProjectIds([
+ 'project-a',
+ 'project-b',
+ 'missing-project',
+ 'project-a',
+ '',
+ ' ',
+ ]);
+
+ assert.equal(result.updated, 1);
+ assert.deepEqual(updatedProjectIds, ['project-a']);
+ } finally {
+ projectsDb.getProjectById = originalGetProjectById;
+ projectsDb.updateProjectIsStarredById = originalUpdateProjectIsStarredById;
+ }
+});
diff --git a/server/modules/projects/tests/projects-has-taskmaster.service.test.ts b/server/modules/projects/tests/projects-has-taskmaster.service.test.ts
new file mode 100644
index 00000000..f7e8863d
--- /dev/null
+++ b/server/modules/projects/tests/projects-has-taskmaster.service.test.ts
@@ -0,0 +1,105 @@
+import assert from 'node:assert/strict';
+import test from 'node:test';
+
+import {
+ getProjectTaskMaster,
+ getProjectTaskMasterById,
+} from '@/modules/projects/services/projects-has-taskmaster.service.js';
+import { AppError } from '@/shared/utils.js';
+
+test('getProjectTaskMasterById returns null when project path is missing', async () => {
+ const result = await getProjectTaskMasterById('project-1', {
+ resolveProjectPathById: () => null,
+ detectTaskMasterFolder: async () => {
+ throw new Error('detectTaskMasterFolder should not be called when path is missing');
+ },
+ });
+
+ assert.equal(result, null);
+});
+
+test('getProjectTaskMasterById returns configured status when taskmaster exists with essential files', async () => {
+ const result = await getProjectTaskMasterById('project-1', {
+ resolveProjectPathById: () => '/workspace/project-1',
+ detectTaskMasterFolder: async () => ({
+ hasTaskmaster: true,
+ hasEssentialFiles: true,
+ metadata: {
+ taskCount: 3,
+ subtaskCount: 0,
+ completed: 1,
+ pending: 2,
+ inProgress: 0,
+ review: 0,
+ completionPercentage: 33,
+ lastModified: '2026-01-01T00:00:00.000Z',
+ },
+ }),
+ });
+
+ assert.ok(result);
+ assert.equal(result.projectId, 'project-1');
+ assert.equal(result.projectPath, '/workspace/project-1');
+ assert.equal(result.taskmaster.hasTaskmaster, true);
+ assert.equal(result.taskmaster.hasEssentialFiles, true);
+ assert.equal(result.taskmaster.status, 'configured');
+ assert.deepEqual(result.taskmaster.metadata, {
+ taskCount: 3,
+ subtaskCount: 0,
+ completed: 1,
+ pending: 2,
+ inProgress: 0,
+ review: 0,
+ completionPercentage: 33,
+ lastModified: '2026-01-01T00:00:00.000Z',
+ });
+});
+
+test('getProjectTaskMasterById returns not-configured status when taskmaster is missing', async () => {
+ const result = await getProjectTaskMasterById('project-1', {
+ resolveProjectPathById: () => '/workspace/project-1',
+ detectTaskMasterFolder: async () => ({
+ hasTaskmaster: false,
+ }),
+ });
+
+ assert.ok(result);
+ assert.equal(result.taskmaster.hasTaskmaster, false);
+ assert.equal(result.taskmaster.hasEssentialFiles, false);
+ assert.equal(result.taskmaster.status, 'not-configured');
+ assert.equal(result.taskmaster.metadata, null);
+});
+
+test('getProjectTaskMaster throws when project id is missing', async () => {
+ await assert.rejects(
+ async () =>
+ getProjectTaskMaster('', async () => ({
+ projectId: 'project-1',
+ projectPath: '/workspace/project-1',
+ taskmaster: {
+ hasTaskmaster: true,
+ hasEssentialFiles: true,
+ metadata: null,
+ status: 'configured',
+ },
+ })),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'PROJECT_ID_REQUIRED');
+ assert.equal(error.statusCode, 400);
+ return true;
+ },
+ );
+});
+
+test('getProjectTaskMaster throws when project does not exist', async () => {
+ await assert.rejects(
+ async () => getProjectTaskMaster('project-that-does-not-exist', async () => null),
+ (error: unknown) => {
+ assert.ok(error instanceof AppError);
+ assert.equal(error.code, 'PROJECT_NOT_FOUND');
+ assert.equal(error.statusCode, 404);
+ return true;
+ },
+ );
+});
diff --git a/server/modules/providers/index.ts b/server/modules/providers/index.ts
new file mode 100644
index 00000000..28287299
--- /dev/null
+++ b/server/modules/providers/index.ts
@@ -0,0 +1,4 @@
+export { sessionSynchronizerService } from './services/session-synchronizer.service.js';
+
+export { initializeSessionsWatcher } from './services/sessions-watcher.service.js';
+export { closeSessionsWatcher } from './services/sessions-watcher.service.js';
\ No newline at end of file
diff --git a/server/modules/providers/list/claude/claude-auth.provider.ts b/server/modules/providers/list/claude/claude-auth.provider.ts
new file mode 100644
index 00000000..1194ae1d
--- /dev/null
+++ b/server/modules/providers/list/claude/claude-auth.provider.ts
@@ -0,0 +1,123 @@
+import { readFile } from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+
+import spawn from 'cross-spawn';
+
+import type { IProviderAuth } from '@/shared/interfaces.js';
+import type { ProviderAuthStatus } from '@/shared/types.js';
+import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
+
+type ClaudeCredentialsStatus = {
+ authenticated: boolean;
+ email: string | null;
+ method: string | null;
+ error?: string;
+};
+
+export class ClaudeProviderAuth implements IProviderAuth {
+ /**
+ * Checks whether the Claude Code CLI is available on this host.
+ */
+ private checkInstalled(): boolean {
+ const cliPath = process.env.CLAUDE_CLI_PATH || 'claude';
+ try {
+ spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
+ return true;
+ } catch {
+ return false;
+ }
+ }
+
+ /**
+ * Returns Claude installation and credential status using Claude Code's auth priority.
+ */
+ async getStatus(): Promise {
+ const installed = this.checkInstalled();
+
+ if (!installed) {
+ return {
+ installed,
+ provider: 'claude',
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Claude Code CLI is not installed',
+ };
+ }
+
+ const credentials = await this.checkCredentials();
+
+ return {
+ installed,
+ provider: 'claude',
+ authenticated: credentials.authenticated,
+ email: credentials.authenticated ? credentials.email || 'Authenticated' : credentials.email,
+ method: credentials.method,
+ error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
+ };
+ }
+
+ /**
+ * Reads Claude settings env values that the CLI can use even when the server process env is empty.
+ */
+ private async loadSettingsEnv(): Promise> {
+ try {
+ const settingsPath = path.join(os.homedir(), '.claude', 'settings.json');
+ const content = await readFile(settingsPath, 'utf8');
+ const settings = readObjectRecord(JSON.parse(content));
+ return readObjectRecord(settings?.env) ?? {};
+ } catch {
+ return {};
+ }
+ }
+
+ /**
+ * Checks Claude credentials in the same priority order used by Claude Code.
+ */
+ private async checkCredentials(): Promise {
+ if (process.env.ANTHROPIC_API_KEY?.trim()) {
+ return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
+ }
+
+ const settingsEnv = await this.loadSettingsEnv();
+ if (readOptionalString(settingsEnv.ANTHROPIC_API_KEY)) {
+ return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
+ }
+
+ if (readOptionalString(settingsEnv.ANTHROPIC_AUTH_TOKEN)) {
+ return { authenticated: true, email: 'Configured via settings.json', method: 'api_key' };
+ }
+
+ try {
+ const credPath = path.join(os.homedir(), '.claude', '.credentials.json');
+ const content = await readFile(credPath, 'utf8');
+ const creds = readObjectRecord(JSON.parse(content)) ?? {};
+ const oauth = readObjectRecord(creds.claudeAiOauth);
+ const accessToken = readOptionalString(oauth?.accessToken);
+
+ if (accessToken) {
+ const expiresAt = typeof oauth?.expiresAt === 'number' ? oauth.expiresAt : undefined;
+ const email = readOptionalString(creds.email) ?? readOptionalString(creds.user) ?? null;
+ if (!expiresAt || Date.now() < expiresAt) {
+ return {
+ authenticated: true,
+ email,
+ method: 'credentials_file',
+ };
+ }
+
+ return {
+ authenticated: false,
+ email,
+ method: 'credentials_file',
+ error: 'OAuth token has expired. Please re-authenticate with claude login',
+ };
+ }
+
+ return { authenticated: false, email: null, method: null };
+ } catch {
+ return { authenticated: false, email: null, method: null };
+ }
+ }
+}
diff --git a/server/modules/providers/list/claude/claude-mcp.provider.ts b/server/modules/providers/list/claude/claude-mcp.provider.ts
new file mode 100644
index 00000000..fb4b4ac5
--- /dev/null
+++ b/server/modules/providers/list/claude/claude-mcp.provider.ts
@@ -0,0 +1,135 @@
+import os from 'node:os';
+import path from 'node:path';
+
+import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
+import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import {
+ AppError,
+ readJsonConfig,
+ readObjectRecord,
+ readOptionalString,
+ readStringArray,
+ readStringRecord,
+ writeJsonConfig,
+} from '@/shared/utils.js';
+
+export class ClaudeMcpProvider extends McpProvider {
+ constructor() {
+ super('claude', ['user', 'local', 'project'], ['stdio', 'http', 'sse']);
+ }
+
+ protected async readScopedServers(scope: McpScope, workspacePath: string): Promise> {
+ if (scope === 'project') {
+ const filePath = path.join(workspacePath, '.mcp.json');
+ const config = await readJsonConfig(filePath);
+ return readObjectRecord(config.mcpServers) ?? {};
+ }
+
+ const filePath = path.join(os.homedir(), '.claude.json');
+ const config = await readJsonConfig(filePath);
+ if (scope === 'user') {
+ return readObjectRecord(config.mcpServers) ?? {};
+ }
+
+ const projects = readObjectRecord(config.projects) ?? {};
+ const projectConfig = readObjectRecord(projects[workspacePath]) ?? {};
+ return readObjectRecord(projectConfig.mcpServers) ?? {};
+ }
+
+ protected async writeScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ servers: Record,
+ ): Promise {
+ if (scope === 'project') {
+ const filePath = path.join(workspacePath, '.mcp.json');
+ const config = await readJsonConfig(filePath);
+ config.mcpServers = servers;
+ await writeJsonConfig(filePath, config);
+ return;
+ }
+
+ const filePath = path.join(os.homedir(), '.claude.json');
+ const config = await readJsonConfig(filePath);
+ if (scope === 'user') {
+ config.mcpServers = servers;
+ await writeJsonConfig(filePath, config);
+ return;
+ }
+
+ const projects = readObjectRecord(config.projects) ?? {};
+ const projectConfig = readObjectRecord(projects[workspacePath]) ?? {};
+ projectConfig.mcpServers = servers;
+ projects[workspacePath] = projectConfig;
+ config.projects = projects;
+ await writeJsonConfig(filePath, config);
+ }
+
+ protected buildServerConfig(input: UpsertProviderMcpServerInput): Record {
+ if (input.transport === 'stdio') {
+ if (!input.command?.trim()) {
+ throw new AppError('command is required for stdio MCP servers.', {
+ code: 'MCP_COMMAND_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ type: 'stdio',
+ command: input.command,
+ args: input.args ?? [],
+ env: input.env ?? {},
+ };
+ }
+
+ if (!input.url?.trim()) {
+ throw new AppError('url is required for http/sse MCP servers.', {
+ code: 'MCP_URL_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ type: input.transport,
+ url: input.url,
+ headers: input.headers ?? {},
+ };
+ }
+
+ protected normalizeServerConfig(
+ scope: McpScope,
+ name: string,
+ rawConfig: unknown,
+ ): ProviderMcpServer | null {
+ if (!rawConfig || typeof rawConfig !== 'object') {
+ return null;
+ }
+
+ const config = rawConfig as Record;
+ if (typeof config.command === 'string') {
+ return {
+ provider: 'claude',
+ name,
+ scope,
+ transport: 'stdio',
+ command: config.command,
+ args: readStringArray(config.args),
+ env: readStringRecord(config.env),
+ };
+ }
+
+ if (typeof config.url === 'string') {
+ const transport = readOptionalString(config.type) === 'sse' ? 'sse' : 'http';
+ return {
+ provider: 'claude',
+ name,
+ scope,
+ transport,
+ url: config.url,
+ headers: readStringRecord(config.headers),
+ };
+ }
+
+ return null;
+ }
+}
diff --git a/server/modules/providers/list/claude/claude-session-synchronizer.provider.ts b/server/modules/providers/list/claude/claude-session-synchronizer.provider.ts
new file mode 100644
index 00000000..7d089a2d
--- /dev/null
+++ b/server/modules/providers/list/claude/claude-session-synchronizer.provider.ts
@@ -0,0 +1,110 @@
+import os from 'node:os';
+import path from 'node:path';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import {
+ buildLookupMap,
+ extractFirstValidJsonlData,
+ findFilesRecursivelyCreatedAfter,
+ normalizeSessionName,
+ readFileTimestamps,
+} from '@/shared/utils.js';
+import type { IProviderSessionSynchronizer } from '@/shared/interfaces.js';
+
+type ParsedSession = {
+ sessionId: string;
+ projectPath: string;
+ sessionName?: string;
+};
+
+/**
+ * Session indexer for Claude transcript artifacts.
+ */
+export class ClaudeSessionSynchronizer implements IProviderSessionSynchronizer {
+ private readonly provider = 'claude' as const;
+ private readonly claudeHome = path.join(os.homedir(), '.claude');
+
+ /**
+ * Scans ~/.claude/projects and upserts discovered sessions into DB.
+ */
+ async synchronize(since?: Date): Promise {
+ const nameMap = await buildLookupMap(path.join(this.claudeHome, 'history.jsonl'), 'sessionId', 'display');
+ const files = await findFilesRecursivelyCreatedAfter(
+ path.join(this.claudeHome, 'projects'),
+ '.jsonl',
+ since ?? null
+ );
+
+ let processed = 0;
+ for (const filePath of files) {
+ const parsed = await this.processSessionFile(filePath, nameMap);
+ if (!parsed) {
+ continue;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ processed += 1;
+ }
+
+ return processed;
+ }
+
+ /**
+ * Parses and upserts one Claude session JSONL file.
+ */
+ async synchronizeFile(filePath: string): Promise {
+ if (!filePath.endsWith('.jsonl')) {
+ return null;
+ }
+
+ const nameMap = await buildLookupMap(path.join(this.claudeHome, 'history.jsonl'), 'sessionId', 'display');
+ const parsed = await this.processSessionFile(filePath, nameMap);
+ if (!parsed) {
+ return null;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ return sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ }
+
+ /**
+ * Extracts session metadata from one Claude JSONL session file.
+ */
+ private async processSessionFile(
+ filePath: string,
+ nameMap: Map
+ ): Promise {
+ return extractFirstValidJsonlData(filePath, (rawData) => {
+ const data = rawData as Record;
+ const sessionId = typeof data.sessionId === 'string' ? data.sessionId : undefined;
+ const projectPath = typeof data.cwd === 'string' ? data.cwd : undefined;
+
+ if (!sessionId || !projectPath) {
+ return null;
+ }
+
+ return {
+ sessionId,
+ projectPath,
+ sessionName: normalizeSessionName(nameMap.get(sessionId), 'Untitled Claude Session'),
+ };
+ });
+ }
+}
diff --git a/server/modules/providers/list/claude/claude-sessions.provider.ts b/server/modules/providers/list/claude/claude-sessions.provider.ts
new file mode 100644
index 00000000..ffd358f3
--- /dev/null
+++ b/server/modules/providers/list/claude/claude-sessions.provider.ts
@@ -0,0 +1,475 @@
+import fs from 'node:fs';
+import fsp from 'node:fs/promises';
+import path from 'node:path';
+import readline from 'node:readline';
+
+import type { IProviderSessions } from '@/shared/interfaces.js';
+import type { AnyRecord, FetchHistoryOptions, FetchHistoryResult, NormalizedMessage } from '@/shared/types.js';
+import { createNormalizedMessage, generateMessageId, readObjectRecord } from '@/shared/utils.js';
+import { sessionsDb } from '@/modules/database/index.js';
+
+const PROVIDER = 'claude';
+
+type ClaudeToolResult = {
+ content: unknown;
+ isError: boolean;
+ subagentTools?: unknown;
+ toolUseResult?: unknown;
+};
+
+type ClaudeHistoryResult =
+ | AnyRecord[]
+ | {
+ messages?: AnyRecord[];
+ total?: number;
+ hasMore?: boolean;
+ };
+
+type ClaudeHistoryMessagesResult =
+ | AnyRecord[]
+ | {
+ messages: AnyRecord[];
+ total: number;
+ hasMore: boolean;
+ offset?: number;
+ limit?: number | null;
+ };
+
+async function parseAgentTools(filePath: string): Promise {
+ const tools: AnyRecord[] = [];
+
+ try {
+ const fileStream = fs.createReadStream(filePath);
+ const rl = readline.createInterface({
+ input: fileStream,
+ crlfDelay: Infinity,
+ });
+
+ for await (const line of rl) {
+ if (!line.trim()) {
+ continue;
+ }
+
+ try {
+ const entry = JSON.parse(line) as AnyRecord;
+
+ if (entry.message?.role === 'assistant' && Array.isArray(entry.message?.content)) {
+ for (const part of entry.message.content as AnyRecord[]) {
+ if (part.type === 'tool_use') {
+ tools.push({
+ toolId: part.id,
+ toolName: part.name,
+ toolInput: part.input,
+ timestamp: entry.timestamp,
+ });
+ }
+ }
+ }
+
+ if (entry.message?.role === 'user' && Array.isArray(entry.message?.content)) {
+ for (const part of entry.message.content as AnyRecord[]) {
+ if (part.type !== 'tool_result') {
+ continue;
+ }
+
+ const tool = tools.find((candidate) => candidate.toolId === part.tool_use_id);
+ if (!tool) {
+ continue;
+ }
+
+ tool.toolResult = {
+ content: typeof part.content === 'string'
+ ? part.content
+ : Array.isArray(part.content)
+ ? part.content
+ .map((contentPart: AnyRecord) => contentPart?.text || '')
+ .join('\n')
+ : JSON.stringify(part.content),
+ isError: Boolean(part.is_error),
+ };
+ }
+ }
+ } catch {
+ // Skip malformed lines that can happen during concurrent writes.
+ }
+ }
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.warn(`Error parsing agent file ${filePath}:`, message);
+ }
+
+ return tools;
+}
+
+async function getSessionMessages(
+ sessionId: string,
+ limit: number | null,
+ offset: number,
+): Promise {
+ try {
+ const jsonLPath = sessionsDb.getSessionById(sessionId)?.jsonl_path;
+
+ if (!jsonLPath) {
+ return { messages: [], total: 0, hasMore: false };
+ }
+
+ const projectDir = path.dirname(jsonLPath);
+ const files = await fsp.readdir(projectDir);
+ const agentFiles = files.filter((file) => file.endsWith('.jsonl') && file.startsWith('agent-'));
+
+ const messages: AnyRecord[] = [];
+ const agentToolsCache = new Map();
+
+ const fileStream = fs.createReadStream(jsonLPath);
+ const rl = readline.createInterface({
+ input: fileStream,
+ crlfDelay: Infinity,
+ });
+
+ for await (const line of rl) {
+ if (!line.trim()) {
+ continue;
+ }
+
+ try {
+ const entry = JSON.parse(line) as AnyRecord;
+ if (entry.sessionId === sessionId) {
+ messages.push(entry);
+ }
+ } catch {
+ // Skip malformed JSONL lines that can happen during concurrent writes.
+ }
+ }
+
+ const agentIds = new Set();
+ for (const message of messages) {
+ const agentId = message.toolUseResult?.agentId;
+ if (agentId) {
+ agentIds.add(String(agentId));
+ }
+ }
+
+ for (const agentId of agentIds) {
+ const agentFileName = `agent-${agentId}.jsonl`;
+ if (!agentFiles.includes(agentFileName)) {
+ continue;
+ }
+
+ const agentFilePath = path.join(projectDir, agentFileName);
+ const tools = await parseAgentTools(agentFilePath);
+ agentToolsCache.set(agentId, tools);
+ }
+
+ for (const message of messages) {
+ const agentId = message.toolUseResult?.agentId;
+ if (!agentId) {
+ continue;
+ }
+
+ const agentTools = agentToolsCache.get(String(agentId));
+ if (agentTools && agentTools.length > 0) {
+ message.subagentTools = agentTools;
+ }
+ }
+
+ const sortedMessages = messages.sort(
+ (a, b) => new Date(a.timestamp || 0).getTime() - new Date(b.timestamp || 0).getTime(),
+ );
+ const total = sortedMessages.length;
+
+ if (limit === null) {
+ return sortedMessages;
+ }
+
+ const startIndex = Math.max(0, total - offset - limit);
+ const endIndex = total - offset;
+ const paginatedMessages = sortedMessages.slice(startIndex, endIndex);
+ const hasMore = startIndex > 0;
+
+ return {
+ messages: paginatedMessages,
+ total,
+ hasMore,
+ offset,
+ limit,
+ };
+ } catch (error) {
+ console.error(`Error reading messages for session ${sessionId}:`, error);
+ return limit === null ? [] : { messages: [], total: 0, hasMore: false };
+ }
+}
+
+/**
+ * Claude writes internal command and system reminder entries into history.
+ * Those are useful for the CLI but should not appear in the user-facing chat.
+ */
+const INTERNAL_CONTENT_PREFIXES = [
+ '',
+ '',
+ '',
+ '',
+ '',
+ 'Caveat:',
+ 'This session is being continued from a previous',
+ '[Request interrupted',
+] as const;
+
+function isInternalContent(content: string): boolean {
+ return INTERNAL_CONTENT_PREFIXES.some((prefix) => content.startsWith(prefix));
+}
+
+export class ClaudeSessionsProvider implements IProviderSessions {
+ /**
+ * Normalizes one Claude JSONL entry or live SDK stream event into the shared
+ * message shape consumed by REST and WebSocket clients.
+ */
+ normalizeMessage(rawMessage: unknown, sessionId: string | null): NormalizedMessage[] {
+ const raw = readObjectRecord(rawMessage);
+ if (!raw) {
+ return [];
+ }
+
+ if (raw.type === 'content_block_delta' && raw.delta?.text) {
+ return [createNormalizedMessage({ kind: 'stream_delta', content: raw.delta.text, sessionId, provider: PROVIDER })];
+ }
+ if (raw.type === 'content_block_stop') {
+ return [createNormalizedMessage({ kind: 'stream_end', sessionId, provider: PROVIDER })];
+ }
+
+ const messages: NormalizedMessage[] = [];
+ const ts = raw.timestamp || new Date().toISOString();
+ const baseId = raw.uuid || generateMessageId('claude');
+
+ if (raw.message?.role === 'user' && raw.message?.content) {
+ if (Array.isArray(raw.message.content)) {
+ for (let partIndex = 0; partIndex < raw.message.content.length; partIndex++) {
+ const part = raw.message.content[partIndex];
+ if (part.type === 'tool_result') {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_tr_${part.tool_use_id}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: part.tool_use_id,
+ content: typeof part.content === 'string' ? part.content : JSON.stringify(part.content),
+ isError: Boolean(part.is_error),
+ subagentTools: raw.subagentTools,
+ toolUseResult: raw.toolUseResult,
+ }));
+ } else if (part.type === 'text') {
+ const text = part.text || '';
+ if (text && !isInternalContent(text)) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_text_${partIndex}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'user',
+ content: text,
+ }));
+ }
+ }
+ }
+
+ if (messages.length === 0) {
+ const textParts = raw.message.content
+ .filter((part: AnyRecord) => part.type === 'text')
+ .map((part: AnyRecord) => part.text)
+ .filter(Boolean)
+ .join('\n');
+ if (textParts && !isInternalContent(textParts)) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_text`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'user',
+ content: textParts,
+ }));
+ }
+ }
+ } else if (typeof raw.message.content === 'string') {
+ const text = raw.message.content;
+ if (text && !isInternalContent(text)) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'user',
+ content: text,
+ }));
+ }
+ }
+ return messages;
+ }
+
+ if (raw.type === 'thinking' && raw.message?.content) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: raw.message.content,
+ }));
+ return messages;
+ }
+
+ if (raw.type === 'tool_use' && raw.toolName) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.toolName,
+ toolInput: raw.toolInput,
+ toolId: raw.toolCallId || baseId,
+ }));
+ return messages;
+ }
+
+ if (raw.type === 'tool_result') {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: raw.toolCallId || '',
+ content: raw.output || '',
+ isError: false,
+ }));
+ return messages;
+ }
+
+ if (raw.message?.role === 'assistant' && raw.message?.content) {
+ if (Array.isArray(raw.message.content)) {
+ let partIndex = 0;
+ for (const part of raw.message.content) {
+ if (part.type === 'text' && part.text) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_${partIndex}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'assistant',
+ content: part.text,
+ }));
+ } else if (part.type === 'tool_use') {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_${partIndex}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: part.name,
+ toolInput: part.input,
+ toolId: part.id,
+ }));
+ } else if (part.type === 'thinking' && part.thinking) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_${partIndex}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: part.thinking,
+ }));
+ }
+ partIndex++;
+ }
+ } else if (typeof raw.message.content === 'string') {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'assistant',
+ content: raw.message.content,
+ }));
+ }
+ return messages;
+ }
+
+ return messages;
+ }
+
+ /**
+ * Loads Claude JSONL history for a project/session and returns normalized
+ * messages, preserving the existing pagination behavior from projects.js.
+ */
+ async fetchHistory(
+ sessionId: string,
+ options: FetchHistoryOptions = {},
+ ): Promise {
+ const { limit = null, offset = 0 } = options;
+
+ let result: ClaudeHistoryResult;
+ try {
+ result = await getSessionMessages(sessionId, limit, offset);
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.warn(`[ClaudeProvider] Failed to load session ${sessionId}:`, message);
+ return { messages: [], total: 0, hasMore: false, offset: 0, limit: null };
+ }
+
+ const rawMessages = Array.isArray(result) ? result : (result.messages || []);
+ const total = Array.isArray(result) ? rawMessages.length : (result.total || 0);
+ const hasMore = Array.isArray(result) ? false : Boolean(result.hasMore);
+
+ const toolResultMap = new Map();
+ for (const raw of rawMessages) {
+ if (raw.message?.role === 'user' && Array.isArray(raw.message?.content)) {
+ for (const part of raw.message.content) {
+ if (part.type === 'tool_result' && part.tool_use_id) {
+ toolResultMap.set(part.tool_use_id, {
+ content: part.content,
+ isError: Boolean(part.is_error),
+ subagentTools: raw.subagentTools,
+ toolUseResult: raw.toolUseResult,
+ });
+ }
+ }
+ }
+ }
+
+ const normalized: NormalizedMessage[] = [];
+ for (const raw of rawMessages) {
+ normalized.push(...this.normalizeMessage(raw, sessionId));
+ }
+
+ for (const msg of normalized) {
+ if (msg.kind === 'tool_use' && msg.toolId && toolResultMap.has(msg.toolId)) {
+ const toolResult = toolResultMap.get(msg.toolId);
+ if (!toolResult) {
+ continue;
+ }
+
+ msg.toolResult = {
+ content: typeof toolResult.content === 'string'
+ ? toolResult.content
+ : JSON.stringify(toolResult.content),
+ isError: toolResult.isError,
+ toolUseResult: toolResult.toolUseResult,
+ };
+ msg.subagentTools = toolResult.subagentTools;
+ }
+ }
+
+ return {
+ messages: normalized,
+ total,
+ hasMore,
+ offset,
+ limit,
+ };
+ }
+}
diff --git a/server/modules/providers/list/claude/claude.provider.ts b/server/modules/providers/list/claude/claude.provider.ts
new file mode 100644
index 00000000..eeec1eb4
--- /dev/null
+++ b/server/modules/providers/list/claude/claude.provider.ts
@@ -0,0 +1,17 @@
+import { AbstractProvider } from '@/modules/providers/shared/base/abstract.provider.js';
+import { ClaudeProviderAuth } from '@/modules/providers/list/claude/claude-auth.provider.js';
+import { ClaudeMcpProvider } from '@/modules/providers/list/claude/claude-mcp.provider.js';
+import { ClaudeSessionSynchronizer } from '@/modules/providers/list/claude/claude-session-synchronizer.provider.js';
+import { ClaudeSessionsProvider } from '@/modules/providers/list/claude/claude-sessions.provider.js';
+import type { IProviderAuth, IProviderSessionSynchronizer, IProviderSessions } from '@/shared/interfaces.js';
+
+export class ClaudeProvider extends AbstractProvider {
+ readonly mcp = new ClaudeMcpProvider();
+ readonly auth: IProviderAuth = new ClaudeProviderAuth();
+ readonly sessions: IProviderSessions = new ClaudeSessionsProvider();
+ readonly sessionSynchronizer: IProviderSessionSynchronizer = new ClaudeSessionSynchronizer();
+
+ constructor() {
+ super('claude');
+ }
+}
diff --git a/server/modules/providers/list/codex/codex-auth.provider.ts b/server/modules/providers/list/codex/codex-auth.provider.ts
new file mode 100644
index 00000000..e938e70d
--- /dev/null
+++ b/server/modules/providers/list/codex/codex-auth.provider.ts
@@ -0,0 +1,100 @@
+import { readFile } from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+
+import spawn from 'cross-spawn';
+
+import type { IProviderAuth } from '@/shared/interfaces.js';
+import type { ProviderAuthStatus } from '@/shared/types.js';
+import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
+
+type CodexCredentialsStatus = {
+ authenticated: boolean;
+ email: string | null;
+ method: string | null;
+ error?: string;
+};
+
+export class CodexProviderAuth implements IProviderAuth {
+ /**
+ * Checks whether Codex is available to the server runtime.
+ */
+ private checkInstalled(): boolean {
+ try {
+ spawn.sync('codex', ['--version'], { stdio: 'ignore', timeout: 5000 });
+ return true;
+ } catch {
+ return false;
+ }
+ }
+
+ /**
+ * Returns Codex SDK availability and credential status.
+ */
+ async getStatus(): Promise {
+ const installed = this.checkInstalled();
+ const credentials = await this.checkCredentials();
+
+ return {
+ installed,
+ provider: 'codex',
+ authenticated: credentials.authenticated,
+ email: credentials.email,
+ method: credentials.method,
+ error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
+ };
+ }
+
+ /**
+ * Reads Codex auth.json and checks OAuth tokens or an API key fallback.
+ */
+ private async checkCredentials(): Promise {
+ try {
+ const authPath = path.join(os.homedir(), '.codex', 'auth.json');
+ const content = await readFile(authPath, 'utf8');
+ const auth = readObjectRecord(JSON.parse(content)) ?? {};
+ const tokens = readObjectRecord(auth.tokens) ?? {};
+ const idToken = readOptionalString(tokens.id_token);
+ const accessToken = readOptionalString(tokens.access_token);
+
+ if (idToken || accessToken) {
+ return {
+ authenticated: true,
+ email: idToken ? this.readEmailFromIdToken(idToken) : 'Authenticated',
+ method: 'credentials_file',
+ };
+ }
+
+ if (readOptionalString(auth.OPENAI_API_KEY)) {
+ return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
+ }
+
+ return { authenticated: false, email: null, method: null, error: 'No valid tokens found' };
+ } catch (error) {
+ const code = (error as NodeJS.ErrnoException).code;
+ return {
+ authenticated: false,
+ email: null,
+ method: null,
+ error: code === 'ENOENT' ? 'Codex not configured' : error instanceof Error ? error.message : 'Failed to read Codex auth',
+ };
+ }
+ }
+
+ /**
+ * Extracts the user email from a Codex id_token when a readable JWT payload exists.
+ */
+ private readEmailFromIdToken(idToken: string): string {
+ try {
+ const parts = idToken.split('.');
+ if (parts.length >= 2) {
+ const payload = readObjectRecord(JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf8')));
+ return readOptionalString(payload?.email) ?? readOptionalString(payload?.user) ?? 'Authenticated';
+ }
+ } catch {
+ // Fall back to a generic authenticated marker if the token payload is not readable.
+ }
+
+ return 'Authenticated';
+ }
+}
diff --git a/server/modules/providers/list/codex/codex-mcp.provider.ts b/server/modules/providers/list/codex/codex-mcp.provider.ts
new file mode 100644
index 00000000..1aeef5d1
--- /dev/null
+++ b/server/modules/providers/list/codex/codex-mcp.provider.ts
@@ -0,0 +1,135 @@
+import { mkdir, readFile, writeFile } from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+
+import TOML from '@iarna/toml';
+
+import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
+import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import {
+ AppError,
+ readObjectRecord,
+ readOptionalString,
+ readStringArray,
+ readStringRecord,
+} from '@/shared/utils.js';
+
+const readTomlConfig = async (filePath: string): Promise> => {
+ try {
+ const content = await readFile(filePath, 'utf8');
+ const parsed = TOML.parse(content) as Record;
+ return readObjectRecord(parsed) ?? {};
+ } catch (error) {
+ const code = (error as NodeJS.ErrnoException).code;
+ if (code === 'ENOENT') {
+ return {};
+ }
+ throw error;
+ }
+};
+
+const writeTomlConfig = async (filePath: string, data: Record): Promise => {
+ await mkdir(path.dirname(filePath), { recursive: true });
+ const toml = TOML.stringify(data as never);
+ await writeFile(filePath, toml, 'utf8');
+};
+
+export class CodexMcpProvider extends McpProvider {
+ constructor() {
+ super('codex', ['user', 'project'], ['stdio', 'http']);
+ }
+
+ protected async readScopedServers(scope: McpScope, workspacePath: string): Promise> {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.codex', 'config.toml')
+ : path.join(workspacePath, '.codex', 'config.toml');
+ const config = await readTomlConfig(filePath);
+ return readObjectRecord(config.mcp_servers) ?? {};
+ }
+
+ protected async writeScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ servers: Record,
+ ): Promise {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.codex', 'config.toml')
+ : path.join(workspacePath, '.codex', 'config.toml');
+ const config = await readTomlConfig(filePath);
+ config.mcp_servers = servers;
+ await writeTomlConfig(filePath, config);
+ }
+
+ protected buildServerConfig(input: UpsertProviderMcpServerInput): Record {
+ if (input.transport === 'stdio') {
+ if (!input.command?.trim()) {
+ throw new AppError('command is required for stdio MCP servers.', {
+ code: 'MCP_COMMAND_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ command: input.command,
+ args: input.args ?? [],
+ env: input.env ?? {},
+ env_vars: input.envVars ?? [],
+ cwd: input.cwd,
+ };
+ }
+
+ if (!input.url?.trim()) {
+ throw new AppError('url is required for http MCP servers.', {
+ code: 'MCP_URL_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ url: input.url,
+ bearer_token_env_var: input.bearerTokenEnvVar,
+ http_headers: input.headers ?? {},
+ env_http_headers: input.envHttpHeaders ?? {},
+ };
+ }
+
+ protected normalizeServerConfig(
+ scope: McpScope,
+ name: string,
+ rawConfig: unknown,
+ ): ProviderMcpServer | null {
+ if (!rawConfig || typeof rawConfig !== 'object') {
+ return null;
+ }
+
+ const config = rawConfig as Record;
+ if (typeof config.command === 'string') {
+ return {
+ provider: 'codex',
+ name,
+ scope,
+ transport: 'stdio',
+ command: config.command,
+ args: readStringArray(config.args),
+ env: readStringRecord(config.env),
+ cwd: readOptionalString(config.cwd),
+ envVars: readStringArray(config.env_vars),
+ };
+ }
+
+ if (typeof config.url === 'string') {
+ return {
+ provider: 'codex',
+ name,
+ scope,
+ transport: 'http',
+ url: config.url,
+ headers: readStringRecord(config.http_headers),
+ bearerTokenEnvVar: readOptionalString(config.bearer_token_env_var),
+ envHttpHeaders: readStringRecord(config.env_http_headers),
+ };
+ }
+
+ return null;
+ }
+}
diff --git a/server/modules/providers/list/codex/codex-session-synchronizer.provider.ts b/server/modules/providers/list/codex/codex-session-synchronizer.provider.ts
new file mode 100644
index 00000000..bd1edc0c
--- /dev/null
+++ b/server/modules/providers/list/codex/codex-session-synchronizer.provider.ts
@@ -0,0 +1,119 @@
+import os from 'node:os';
+import path from 'node:path';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import {
+ buildLookupMap,
+ extractFirstValidJsonlData,
+ findFilesRecursivelyCreatedAfter,
+ normalizeSessionName,
+ readFileTimestamps,
+} from '@/shared/utils.js';
+import type { IProviderSessionSynchronizer } from '@/shared/interfaces.js';
+
+type ParsedSession = {
+ sessionId: string;
+ projectPath: string;
+ sessionName?: string;
+};
+
+/**
+ * Session indexer for Codex transcript artifacts.
+ */
+export class CodexSessionSynchronizer implements IProviderSessionSynchronizer {
+ private readonly provider = 'codex' as const;
+ private readonly codexHome = path.join(os.homedir(), '.codex');
+
+ /**
+ * Scans ~/.codex/sessions and upserts discovered sessions into DB.
+ */
+ async synchronize(since?: Date): Promise {
+ const nameMap = await buildLookupMap(path.join(this.codexHome, 'session_index.jsonl'), 'id', 'thread_name');
+ const files = await findFilesRecursivelyCreatedAfter(
+ path.join(this.codexHome, 'sessions'),
+ '.jsonl',
+ since ?? null
+ );
+
+ let processed = 0;
+ for (const filePath of files) {
+ const parsed = await this.processSessionFile(filePath, nameMap);
+ if (!parsed) {
+ continue;
+ }
+
+ const existingSession = sessionsDb.getSessionById(parsed.sessionId);
+ if (existingSession) {
+ // If session name is untitled and we now have a name, update it
+ if (existingSession.custom_name === 'Untitled Codex Session' && parsed.sessionName && parsed.sessionName !== 'Untitled Codex Session') {
+ sessionsDb.updateSessionCustomName(parsed.sessionId, parsed.sessionName);
+ }
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ processed += 1;
+ }
+
+ return processed;
+ }
+
+ /**
+ * Parses and upserts one Codex session JSONL file.
+ */
+ async synchronizeFile(filePath: string): Promise {
+ if (!filePath.endsWith('.jsonl')) {
+ return null;
+ }
+
+ const nameMap = await buildLookupMap(path.join(this.codexHome, 'session_index.jsonl'), 'id', 'thread_name');
+ const parsed = await this.processSessionFile(filePath, nameMap);
+ if (!parsed) {
+ return null;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ return sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ }
+
+ /**
+ * Extracts session metadata from one Codex JSONL session file.
+ */
+ private async processSessionFile(
+ filePath: string,
+ nameMap: Map
+ ): Promise {
+ return extractFirstValidJsonlData(filePath, (rawData) => {
+ const data = rawData as Record;
+ const payload = data.payload as Record | undefined;
+ const sessionId = typeof payload?.id === 'string' ? payload.id : undefined;
+ const projectPath = typeof payload?.cwd === 'string' ? payload.cwd : undefined;
+
+ if (!sessionId || !projectPath) {
+ return null;
+ }
+
+ return {
+ sessionId,
+ projectPath,
+ sessionName: normalizeSessionName(nameMap.get(sessionId), 'Untitled Codex Session'),
+ };
+ });
+ }
+}
diff --git a/server/modules/providers/list/codex/codex-sessions.provider.ts b/server/modules/providers/list/codex/codex-sessions.provider.ts
new file mode 100644
index 00000000..a7fe8129
--- /dev/null
+++ b/server/modules/providers/list/codex/codex-sessions.provider.ts
@@ -0,0 +1,564 @@
+import fsSync from 'node:fs';
+import readline from 'node:readline';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import type { IProviderSessions } from '@/shared/interfaces.js';
+import type { AnyRecord, FetchHistoryOptions, FetchHistoryResult, NormalizedMessage } from '@/shared/types.js';
+import { createNormalizedMessage, generateMessageId, readObjectRecord } from '@/shared/utils.js';
+
+const PROVIDER = 'codex';
+
+type CodexHistoryResult =
+ | AnyRecord[]
+ | {
+ messages?: AnyRecord[];
+ total?: number;
+ hasMore?: boolean;
+ offset?: number;
+ limit?: number | null;
+ tokenUsage?: unknown;
+ };
+
+function isVisibleCodexUserMessage(payload: AnyRecord | null | undefined): boolean {
+ if (!payload || payload.type !== 'user_message') {
+ return false;
+ }
+
+ if (payload.kind && payload.kind !== 'plain') {
+ return false;
+ }
+
+ return typeof payload.message === 'string' && payload.message.trim().length > 0;
+}
+
+function extractCodexTextContent(content: unknown): string {
+ if (!Array.isArray(content)) {
+ return typeof content === 'string' ? content : '';
+ }
+
+ return content
+ .map((item) => {
+ if (!item || typeof item !== 'object') {
+ return '';
+ }
+
+ const record = item as AnyRecord;
+ if (
+ (record.type === 'input_text' || record.type === 'output_text' || record.type === 'text')
+ && typeof record.text === 'string'
+ ) {
+ return record.text;
+ }
+
+ return '';
+ })
+ .filter(Boolean)
+ .join('\n');
+}
+
+async function getCodexSessionMessages(
+ sessionId: string,
+ limit: number | null = null,
+ offset = 0,
+): Promise {
+ try {
+ const sessionFilePath = sessionsDb.getSessionById(sessionId)?.jsonl_path;
+
+ if (!sessionFilePath) {
+ console.warn(`Codex session file not found for session ${sessionId}`);
+ return { messages: [], total: 0, hasMore: false };
+ }
+
+ const messages: AnyRecord[] = [];
+ let tokenUsage: AnyRecord | null = null;
+ const fileStream = fsSync.createReadStream(sessionFilePath);
+ const rl = readline.createInterface({
+ input: fileStream,
+ crlfDelay: Infinity,
+ });
+
+ for await (const line of rl) {
+ if (!line.trim()) {
+ continue;
+ }
+
+ try {
+ const entry = JSON.parse(line) as AnyRecord;
+
+ if (entry.type === 'event_msg' && entry.payload?.type === 'token_count' && entry.payload?.info) {
+ const info = entry.payload.info as AnyRecord;
+ if (info.total_token_usage) {
+ const usage = info.total_token_usage as AnyRecord;
+ tokenUsage = {
+ used: usage.total_tokens || 0,
+ total: info.model_context_window || 200000,
+ };
+ }
+ }
+
+ if (entry.type === 'event_msg' && isVisibleCodexUserMessage(entry.payload as AnyRecord)) {
+ messages.push({
+ type: 'user',
+ timestamp: entry.timestamp,
+ message: {
+ role: 'user',
+ content: entry.payload.message,
+ },
+ });
+ }
+
+ if (
+ entry.type === 'response_item' &&
+ entry.payload?.type === 'message' &&
+ entry.payload.role === 'assistant'
+ ) {
+ const textContent = extractCodexTextContent(entry.payload.content);
+ if (textContent.trim()) {
+ messages.push({
+ type: 'assistant',
+ timestamp: entry.timestamp,
+ message: {
+ role: 'assistant',
+ content: textContent,
+ },
+ });
+ }
+ }
+
+ if (entry.type === 'response_item' && entry.payload?.type === 'reasoning') {
+ const summaryText = Array.isArray(entry.payload.summary)
+ ? entry.payload.summary
+ .map((item: AnyRecord) => item?.text)
+ .filter(Boolean)
+ .join('\n')
+ : '';
+
+ if (summaryText.trim()) {
+ messages.push({
+ type: 'thinking',
+ timestamp: entry.timestamp,
+ message: {
+ role: 'assistant',
+ content: summaryText,
+ },
+ });
+ }
+ }
+
+ if (entry.type === 'response_item' && entry.payload?.type === 'function_call') {
+ let toolName = entry.payload.name;
+ let toolInput = entry.payload.arguments;
+
+ if (toolName === 'shell_command') {
+ toolName = 'Bash';
+ try {
+ const args = JSON.parse(entry.payload.arguments) as AnyRecord;
+ toolInput = JSON.stringify({ command: args.command });
+ } catch {
+ // Keep original arguments when parsing fails.
+ }
+ }
+
+ messages.push({
+ type: 'tool_use',
+ timestamp: entry.timestamp,
+ toolName,
+ toolInput,
+ toolCallId: entry.payload.call_id,
+ });
+ }
+
+ if (entry.type === 'response_item' && entry.payload?.type === 'function_call_output') {
+ messages.push({
+ type: 'tool_result',
+ timestamp: entry.timestamp,
+ toolCallId: entry.payload.call_id,
+ output: entry.payload.output,
+ });
+ }
+
+ if (entry.type === 'response_item' && entry.payload?.type === 'custom_tool_call') {
+ const toolName = entry.payload.name || 'custom_tool';
+ const input = entry.payload.input || '';
+
+ if (toolName === 'apply_patch') {
+ const fileMatch = String(input).match(/\*\*\* Update File: (.+)/);
+ const filePath = fileMatch ? fileMatch[1].trim() : 'unknown';
+ const lines = String(input).split('\n');
+ const oldLines: string[] = [];
+ const newLines: string[] = [];
+
+ for (const lineContent of lines) {
+ if (lineContent.startsWith('-') && !lineContent.startsWith('---')) {
+ oldLines.push(lineContent.slice(1));
+ } else if (lineContent.startsWith('+') && !lineContent.startsWith('+++')) {
+ newLines.push(lineContent.slice(1));
+ }
+ }
+
+ messages.push({
+ type: 'tool_use',
+ timestamp: entry.timestamp,
+ toolName: 'Edit',
+ toolInput: JSON.stringify({
+ file_path: filePath,
+ old_string: oldLines.join('\n'),
+ new_string: newLines.join('\n'),
+ }),
+ toolCallId: entry.payload.call_id,
+ });
+ } else {
+ messages.push({
+ type: 'tool_use',
+ timestamp: entry.timestamp,
+ toolName,
+ toolInput: input,
+ toolCallId: entry.payload.call_id,
+ });
+ }
+ }
+
+ if (entry.type === 'response_item' && entry.payload?.type === 'custom_tool_call_output') {
+ messages.push({
+ type: 'tool_result',
+ timestamp: entry.timestamp,
+ toolCallId: entry.payload.call_id,
+ output: entry.payload.output || '',
+ });
+ }
+ } catch {
+ // Skip malformed lines.
+ }
+ }
+
+ messages.sort(
+ (a, b) => new Date(a.timestamp || 0).getTime() - new Date(b.timestamp || 0).getTime(),
+ );
+ const total = messages.length;
+
+ if (limit !== null) {
+ const startIndex = Math.max(0, total - offset - limit);
+ const endIndex = total - offset;
+ const paginatedMessages = messages.slice(startIndex, endIndex);
+ const hasMore = startIndex > 0;
+
+ return {
+ messages: paginatedMessages,
+ total,
+ hasMore,
+ offset,
+ limit,
+ tokenUsage,
+ };
+ }
+
+ return { messages, tokenUsage };
+ } catch (error) {
+ console.error(`Error reading Codex session messages for ${sessionId}:`, error);
+ return { messages: [], total: 0, hasMore: false };
+ }
+}
+
+export class CodexSessionsProvider implements IProviderSessions {
+ /**
+ * Normalizes a persisted Codex JSONL entry.
+ *
+ * Live Codex SDK events are transformed before they reach normalizeMessage(),
+ * while history entries already use a compact message/tool shape from projects.js.
+ */
+ private normalizeHistoryEntry(raw: AnyRecord, sessionId: string | null): NormalizedMessage[] {
+ const ts = raw.timestamp || new Date().toISOString();
+ const baseId = raw.uuid || generateMessageId('codex');
+
+ if (raw.type === 'thinking' || raw.isReasoning) {
+ const thinkingContent = typeof raw.message?.content === 'string'
+ ? raw.message.content
+ : '';
+ if (!thinkingContent.trim()) {
+ return [];
+ }
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: thinkingContent,
+ })];
+ }
+
+ if (raw.message?.role === 'user') {
+ const content = typeof raw.message.content === 'string'
+ ? raw.message.content
+ : Array.isArray(raw.message.content)
+ ? raw.message.content
+ .map((part: string | AnyRecord) => typeof part === 'string' ? part : part?.text || '')
+ .filter(Boolean)
+ .join('\n')
+ : String(raw.message.content || '');
+ if (!content.trim()) {
+ return [];
+ }
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'user',
+ content,
+ })];
+ }
+
+ if (raw.message?.role === 'assistant') {
+ const content = typeof raw.message.content === 'string'
+ ? raw.message.content
+ : Array.isArray(raw.message.content)
+ ? raw.message.content
+ .map((part: string | AnyRecord) => typeof part === 'string' ? part : part?.text || '')
+ .filter(Boolean)
+ .join('\n')
+ : '';
+ if (!content.trim()) {
+ return [];
+ }
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'assistant',
+ content,
+ })];
+ }
+
+ if (raw.type === 'tool_use' || raw.toolName) {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.toolName || 'Unknown',
+ toolInput: raw.toolInput,
+ toolId: raw.toolCallId || baseId,
+ })];
+ }
+
+ if (raw.type === 'tool_result') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: raw.toolCallId || '',
+ content: raw.output || '',
+ isError: Boolean(raw.isError),
+ })];
+ }
+
+ return [];
+ }
+
+ /**
+ * Normalizes either a Codex history entry or a transformed live SDK event.
+ */
+ normalizeMessage(rawMessage: unknown, sessionId: string | null): NormalizedMessage[] {
+ const raw = readObjectRecord(rawMessage);
+ if (!raw) {
+ return [];
+ }
+
+ if (raw.message?.role) {
+ return this.normalizeHistoryEntry(raw, sessionId);
+ }
+
+ const ts = raw.timestamp || new Date().toISOString();
+ const baseId = raw.uuid || generateMessageId('codex');
+
+ if (raw.type === 'item') {
+ switch (raw.itemType) {
+ case 'agent_message':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: 'assistant',
+ content: raw.message?.content || '',
+ })];
+ case 'reasoning':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: raw.message?.content || '',
+ })];
+ case 'command_execution':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: 'Bash',
+ toolInput: { command: raw.command },
+ toolId: baseId,
+ output: raw.output,
+ exitCode: raw.exitCode,
+ status: raw.status,
+ })];
+ case 'file_change':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: 'FileChanges',
+ toolInput: raw.changes,
+ toolId: baseId,
+ status: raw.status,
+ })];
+ case 'mcp_tool_call':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.tool || 'MCP',
+ toolInput: raw.arguments,
+ toolId: baseId,
+ server: raw.server,
+ result: raw.result,
+ error: raw.error,
+ status: raw.status,
+ })];
+ case 'web_search':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: 'WebSearch',
+ toolInput: { query: raw.query },
+ toolId: baseId,
+ })];
+ case 'todo_list':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: 'TodoList',
+ toolInput: { items: raw.items },
+ toolId: baseId,
+ })];
+ case 'error':
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'error',
+ content: raw.message?.content || 'Unknown error',
+ })];
+ default:
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.itemType || 'Unknown',
+ toolInput: raw.item || raw,
+ toolId: baseId,
+ })];
+ }
+ }
+
+ if (raw.type === 'turn_complete') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'complete',
+ })];
+ }
+ if (raw.type === 'turn_failed') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'error',
+ content: raw.error?.message || 'Turn failed',
+ })];
+ }
+
+ return [];
+ }
+
+ /**
+ * Loads Codex JSONL history and keeps token usage metadata when projects.js
+ * provides it.
+ */
+ async fetchHistory(
+ sessionId: string,
+ options: FetchHistoryOptions = {},
+ ): Promise {
+ const { limit = null, offset = 0 } = options;
+
+ let result: CodexHistoryResult;
+ try {
+ result = await getCodexSessionMessages(sessionId, limit, offset);
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.warn(`[CodexProvider] Failed to load session ${sessionId}:`, message);
+ return { messages: [], total: 0, hasMore: false, offset: 0, limit: null };
+ }
+
+ const rawMessages = Array.isArray(result) ? result : (result.messages || []);
+ const total = Array.isArray(result) ? rawMessages.length : (result.total || 0);
+ const hasMore = Array.isArray(result) ? false : Boolean(result.hasMore);
+ const tokenUsage = Array.isArray(result) ? undefined : result.tokenUsage;
+
+ const normalized: NormalizedMessage[] = [];
+ for (const raw of rawMessages) {
+ normalized.push(...this.normalizeHistoryEntry(raw, sessionId));
+ }
+
+ const toolResultMap = new Map();
+ for (const msg of normalized) {
+ if (msg.kind === 'tool_result' && msg.toolId) {
+ toolResultMap.set(msg.toolId, msg);
+ }
+ }
+ for (const msg of normalized) {
+ if (msg.kind === 'tool_use' && msg.toolId && toolResultMap.has(msg.toolId)) {
+ const toolResult = toolResultMap.get(msg.toolId);
+ if (toolResult) {
+ msg.toolResult = { content: toolResult.content, isError: toolResult.isError };
+ }
+ }
+ }
+
+ return {
+ messages: normalized,
+ total,
+ hasMore,
+ offset,
+ limit,
+ tokenUsage,
+ };
+ }
+}
diff --git a/server/modules/providers/list/codex/codex.provider.ts b/server/modules/providers/list/codex/codex.provider.ts
new file mode 100644
index 00000000..593297bc
--- /dev/null
+++ b/server/modules/providers/list/codex/codex.provider.ts
@@ -0,0 +1,17 @@
+import { AbstractProvider } from '@/modules/providers/shared/base/abstract.provider.js';
+import { CodexProviderAuth } from '@/modules/providers/list/codex/codex-auth.provider.js';
+import { CodexMcpProvider } from '@/modules/providers/list/codex/codex-mcp.provider.js';
+import { CodexSessionSynchronizer } from '@/modules/providers/list/codex/codex-session-synchronizer.provider.js';
+import { CodexSessionsProvider } from '@/modules/providers/list/codex/codex-sessions.provider.js';
+import type { IProviderAuth, IProviderSessionSynchronizer, IProviderSessions } from '@/shared/interfaces.js';
+
+export class CodexProvider extends AbstractProvider {
+ readonly mcp = new CodexMcpProvider();
+ readonly auth: IProviderAuth = new CodexProviderAuth();
+ readonly sessions: IProviderSessions = new CodexSessionsProvider();
+ readonly sessionSynchronizer: IProviderSessionSynchronizer = new CodexSessionSynchronizer();
+
+ constructor() {
+ super('codex');
+ }
+}
diff --git a/server/modules/providers/list/cursor/cursor-auth.provider.ts b/server/modules/providers/list/cursor/cursor-auth.provider.ts
new file mode 100644
index 00000000..7cc035a9
--- /dev/null
+++ b/server/modules/providers/list/cursor/cursor-auth.provider.ts
@@ -0,0 +1,143 @@
+import spawn from 'cross-spawn';
+
+import type { IProviderAuth } from '@/shared/interfaces.js';
+import type { ProviderAuthStatus } from '@/shared/types.js';
+
+type CursorLoginStatus = {
+ authenticated: boolean;
+ email: string | null;
+ method: string | null;
+ error?: string;
+};
+
+export class CursorProviderAuth implements IProviderAuth {
+ /**
+ * Checks whether the cursor-agent CLI is available on this host.
+ */
+ private checkInstalled(): boolean {
+ try {
+ spawn.sync('cursor-agent', ['--version'], { stdio: 'ignore', timeout: 5000 });
+ return true;
+ } catch {
+ return false;
+ }
+ }
+
+ /**
+ * Returns Cursor CLI installation and login status.
+ */
+ async getStatus(): Promise {
+ const installed = this.checkInstalled();
+
+ if (!installed) {
+ return {
+ installed,
+ provider: 'cursor',
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Cursor CLI is not installed',
+ };
+ }
+
+ const login = await this.checkCursorLogin();
+
+ return {
+ installed,
+ provider: 'cursor',
+ authenticated: login.authenticated,
+ email: login.email,
+ method: login.method,
+ error: login.authenticated ? undefined : login.error || 'Not logged in',
+ };
+ }
+
+ /**
+ * Runs cursor-agent status and parses the login marker from stdout.
+ */
+ private checkCursorLogin(): Promise {
+ return new Promise((resolve) => {
+ let processCompleted = false;
+ let childProcess: ReturnType | undefined;
+
+ const timeout = setTimeout(() => {
+ if (!processCompleted) {
+ processCompleted = true;
+ childProcess?.kill();
+ resolve({
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Command timeout',
+ });
+ }
+ }, 5000);
+
+ try {
+ childProcess = spawn('cursor-agent', ['status']);
+ } catch {
+ clearTimeout(timeout);
+ processCompleted = true;
+ resolve({
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Cursor CLI not found or not installed',
+ });
+ return;
+ }
+
+ let stdout = '';
+ let stderr = '';
+
+ childProcess.stdout?.on('data', (data: Buffer) => {
+ stdout += data.toString();
+ });
+
+ childProcess.stderr?.on('data', (data: Buffer) => {
+ stderr += data.toString();
+ });
+
+ childProcess.on('close', (code) => {
+ if (processCompleted) {
+ return;
+ }
+ processCompleted = true;
+ clearTimeout(timeout);
+
+ if (code === 0) {
+ const emailMatch = stdout.match(/Logged in as ([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})/i);
+ if (emailMatch?.[1]) {
+ resolve({ authenticated: true, email: emailMatch[1], method: 'cli' });
+ return;
+ }
+
+ if (stdout.includes('Logged in')) {
+ resolve({ authenticated: true, email: 'Logged in', method: 'cli' });
+ return;
+ }
+
+ resolve({ authenticated: false, email: null, method: null, error: 'Not logged in' });
+ return;
+ }
+
+ resolve({ authenticated: false, email: null, method: null, error: stderr || 'Not logged in' });
+ });
+
+ childProcess.on('error', () => {
+ if (processCompleted) {
+ return;
+ }
+ processCompleted = true;
+ clearTimeout(timeout);
+
+ resolve({
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Cursor CLI not found or not installed',
+ });
+ });
+ });
+ }
+}
diff --git a/server/modules/providers/list/cursor/cursor-mcp.provider.ts b/server/modules/providers/list/cursor/cursor-mcp.provider.ts
new file mode 100644
index 00000000..007add53
--- /dev/null
+++ b/server/modules/providers/list/cursor/cursor-mcp.provider.ts
@@ -0,0 +1,108 @@
+import os from 'node:os';
+import path from 'node:path';
+
+import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
+import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import {
+ AppError,
+ readJsonConfig,
+ readObjectRecord,
+ readOptionalString,
+ readStringArray,
+ readStringRecord,
+ writeJsonConfig,
+} from '@/shared/utils.js';
+
+export class CursorMcpProvider extends McpProvider {
+ constructor() {
+ super('cursor', ['user', 'project'], ['stdio', 'http']);
+ }
+
+ protected async readScopedServers(scope: McpScope, workspacePath: string): Promise> {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.cursor', 'mcp.json')
+ : path.join(workspacePath, '.cursor', 'mcp.json');
+ const config = await readJsonConfig(filePath);
+ return readObjectRecord(config.mcpServers) ?? {};
+ }
+
+ protected async writeScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ servers: Record,
+ ): Promise {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.cursor', 'mcp.json')
+ : path.join(workspacePath, '.cursor', 'mcp.json');
+ const config = await readJsonConfig(filePath);
+ config.mcpServers = servers;
+ await writeJsonConfig(filePath, config);
+ }
+
+ protected buildServerConfig(input: UpsertProviderMcpServerInput): Record {
+ if (input.transport === 'stdio') {
+ if (!input.command?.trim()) {
+ throw new AppError('command is required for stdio MCP servers.', {
+ code: 'MCP_COMMAND_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ command: input.command,
+ args: input.args ?? [],
+ env: input.env ?? {},
+ cwd: input.cwd,
+ };
+ }
+
+ if (!input.url?.trim()) {
+ throw new AppError('url is required for http MCP servers.', {
+ code: 'MCP_URL_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ url: input.url,
+ headers: input.headers ?? {},
+ };
+ }
+
+ protected normalizeServerConfig(
+ scope: McpScope,
+ name: string,
+ rawConfig: unknown,
+ ): ProviderMcpServer | null {
+ if (!rawConfig || typeof rawConfig !== 'object') {
+ return null;
+ }
+
+ const config = rawConfig as Record;
+ if (typeof config.command === 'string') {
+ return {
+ provider: 'cursor',
+ name,
+ scope,
+ transport: 'stdio',
+ command: config.command,
+ args: readStringArray(config.args),
+ env: readStringRecord(config.env),
+ cwd: readOptionalString(config.cwd),
+ };
+ }
+
+ if (typeof config.url === 'string') {
+ return {
+ provider: 'cursor',
+ name,
+ scope,
+ transport: 'http',
+ url: config.url,
+ headers: readStringRecord(config.headers),
+ };
+ }
+
+ return null;
+ }
+}
diff --git a/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.ts b/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.ts
new file mode 100644
index 00000000..4be02dee
--- /dev/null
+++ b/server/modules/providers/list/cursor/cursor-session-synchronizer.provider.ts
@@ -0,0 +1,176 @@
+import crypto from 'node:crypto';
+import fs from 'node:fs';
+import fsp from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+import readline from 'node:readline';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import {
+ extractFirstValidJsonlData,
+ findFilesRecursivelyCreatedAfter,
+ normalizeSessionName,
+ readFileTimestamps,
+} from '@/shared/utils.js';
+import type { IProviderSessionSynchronizer } from '@/shared/interfaces.js';
+
+type ParsedSession = {
+ sessionId: string;
+ projectPath: string;
+ sessionName?: string;
+};
+
+/**
+ * Returns directory entries or an empty list when the folder is missing.
+ */
+async function listDirectoryEntriesSafe(
+ directoryPath: string
+): Promise {
+ try {
+ return await fsp.readdir(directoryPath, { withFileTypes: true });
+ } catch {
+ return [];
+ }
+}
+
+/**
+ * Session indexer for Cursor transcript artifacts.
+ */
+export class CursorSessionSynchronizer implements IProviderSessionSynchronizer {
+ private readonly provider = 'cursor' as const;
+ private readonly cursorHome = path.join(os.homedir(), '.cursor');
+
+ /**
+ * Scans Cursor chats and upserts discovered sessions into DB.
+ */
+ async synchronize(since?: Date): Promise {
+ const projectsDir = path.join(this.cursorHome, 'projects');
+ const projectEntries = await listDirectoryEntriesSafe(projectsDir);
+ const seenProjectPaths = new Set();
+
+ let processed = 0;
+ for (const entry of projectEntries) {
+ if (!entry.isDirectory()) {
+ continue;
+ }
+
+ const workerLogPath = path.join(projectsDir, entry.name, 'worker.log');
+ const projectPath = await this.extractProjectPathFromWorkerLog(workerLogPath);
+ if (!projectPath || seenProjectPaths.has(projectPath)) {
+ continue;
+ }
+
+ seenProjectPaths.add(projectPath);
+ const projectHash = this.md5(projectPath);
+ const chatsDir = path.join(this.cursorHome, 'chats', projectHash);
+ const files = await findFilesRecursivelyCreatedAfter(chatsDir, '.jsonl', since ?? null);
+
+ for (const filePath of files) {
+ const parsed = await this.processSessionFile(filePath);
+ if (!parsed) {
+ continue;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ processed += 1;
+ }
+ }
+
+ return processed;
+ }
+
+ /**
+ * Parses and upserts one Cursor session JSONL file.
+ */
+ async synchronizeFile(filePath: string): Promise {
+ if (!filePath.endsWith('.jsonl')) {
+ return null;
+ }
+
+ const parsed = await this.processSessionFile(filePath);
+ if (!parsed) {
+ return null;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ return sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ }
+
+ /**
+ * Produces the same project hash Cursor uses in chat directory names.
+ */
+ private md5(input: string): string {
+ return crypto.createHash('md5').update(input).digest('hex');
+ }
+
+ /**
+ * Extracts project path from Cursor worker.log.
+ */
+ private async extractProjectPathFromWorkerLog(filePath: string): Promise {
+ try {
+ const fileStream = fs.createReadStream(filePath, { encoding: 'utf8' });
+ const lineReader = readline.createInterface({ input: fileStream, crlfDelay: Infinity });
+
+ for await (const line of lineReader) {
+ const match = line.match(/workspacePath=(.*)$/);
+ const projectPath = match?.[1]?.trim();
+ if (projectPath) {
+ lineReader.close();
+ fileStream.close();
+ return projectPath;
+ }
+ }
+ } catch {
+ // Missing worker logs are valid for partial or incomplete session data.
+ }
+
+ return null;
+ }
+
+ /**
+ * Extracts session metadata from one Cursor JSONL session file.
+ */
+ private async processSessionFile(filePath: string): Promise {
+ const sessionId = path.basename(filePath, '.jsonl');
+ const grandparentDir = path.dirname(path.dirname(filePath));
+ const workerLogPath = path.join(grandparentDir, 'worker.log');
+ const projectPath = await this.extractProjectPathFromWorkerLog(workerLogPath);
+
+ if (!projectPath) {
+ return null;
+ }
+
+ return extractFirstValidJsonlData(filePath, (rawData) => {
+ const data = rawData as Record;
+ if (data.role !== 'user') {
+ return null;
+ }
+
+ const text = typeof data.message?.content?.[0]?.text === 'string' ? data.message.content[0].text : '';
+ const firstLine = text.replace(/<\/?user_query>/g, '').trim().split('\n')[0];
+
+ return {
+ sessionId,
+ projectPath,
+ sessionName: normalizeSessionName(firstLine, 'Untitled Cursor Session'),
+ };
+ });
+ }
+}
diff --git a/server/modules/providers/list/cursor/cursor-sessions.provider.ts b/server/modules/providers/list/cursor/cursor-sessions.provider.ts
new file mode 100644
index 00000000..e276ba8c
--- /dev/null
+++ b/server/modules/providers/list/cursor/cursor-sessions.provider.ts
@@ -0,0 +1,421 @@
+import crypto from 'node:crypto';
+import os from 'node:os';
+import path from 'node:path';
+
+import type { IProviderSessions } from '@/shared/interfaces.js';
+import type { AnyRecord, FetchHistoryOptions, FetchHistoryResult, NormalizedMessage } from '@/shared/types.js';
+import { createNormalizedMessage, generateMessageId, readObjectRecord } from '@/shared/utils.js';
+
+const PROVIDER = 'cursor';
+
+type CursorDbBlob = {
+ rowid: number;
+ id: string;
+ data?: Buffer;
+};
+
+type CursorJsonBlob = CursorDbBlob & {
+ parsed: AnyRecord;
+};
+
+type CursorMessageBlob = {
+ id: string;
+ sequence: number;
+ rowid: number;
+ content: AnyRecord;
+};
+
+function sanitizeCursorSessionId(sessionId: string): string {
+ const normalized = sessionId.trim();
+ if (!normalized) {
+ throw new Error('Cursor session id is required.');
+ }
+
+ if (
+ normalized.includes('..')
+ || normalized.includes(path.posix.sep)
+ || normalized.includes(path.win32.sep)
+ || normalized !== path.basename(normalized)
+ ) {
+ throw new Error(`Invalid cursor session id "${sessionId}".`);
+ }
+
+ return normalized;
+}
+
+export class CursorSessionsProvider implements IProviderSessions {
+ /**
+ * Loads Cursor's SQLite blob DAG and returns message blobs in conversation
+ * order. Cursor history is stored as content-addressed blobs rather than JSONL.
+ */
+ private async loadCursorBlobs(sessionId: string, projectPath: string): Promise {
+ // Lazy-import better-sqlite3 so the module doesn't fail if it's unavailable
+ const { default: Database } = await import('better-sqlite3');
+
+ const cwdId = crypto.createHash('md5').update(projectPath || process.cwd()).digest('hex');
+ const safeSessionId = sanitizeCursorSessionId(sessionId);
+ const baseChatsPath = path.join(os.homedir(), '.cursor', 'chats', cwdId);
+ const storeDbPath = path.join(baseChatsPath, safeSessionId, 'store.db');
+ const resolvedBaseChatsPath = path.resolve(baseChatsPath);
+ const resolvedStoreDbPath = path.resolve(storeDbPath);
+ const relativeStorePath = path.relative(resolvedBaseChatsPath, resolvedStoreDbPath);
+ if (relativeStorePath.startsWith('..') || path.isAbsolute(relativeStorePath)) {
+ throw new Error(`Invalid cursor session path for "${sessionId}".`);
+ }
+
+ const db = new Database(resolvedStoreDbPath, { readonly: true, fileMustExist: true });
+
+ try {
+ const allBlobs = db.prepare<[], CursorDbBlob>('SELECT rowid, id, data FROM blobs').all();
+
+ const blobMap = new Map();
+ const parentRefs = new Map();
+ const childRefs = new Map();
+ const jsonBlobs: CursorJsonBlob[] = [];
+
+ for (const blob of allBlobs) {
+ blobMap.set(blob.id, blob);
+
+ if (blob.data && blob.data[0] === 0x7B) {
+ try {
+ const parsed = JSON.parse(blob.data.toString('utf8')) as AnyRecord;
+ jsonBlobs.push({ ...blob, parsed });
+ } catch {
+ // Cursor can include binary or partial blobs; only JSON blobs become messages.
+ }
+ }
+ }
+
+ for (const blob of allBlobs) {
+ if (!blob.data || blob.data[0] === 0x7B) {
+ continue;
+ }
+
+ const parents: string[] = [];
+ let i = 0;
+ while (i < blob.data.length - 33) {
+ if (blob.data[i] === 0x0A && blob.data[i + 1] === 0x20) {
+ const parentHash = blob.data.slice(i + 2, i + 34).toString('hex');
+ if (blobMap.has(parentHash)) {
+ parents.push(parentHash);
+ }
+ i += 34;
+ } else {
+ i++;
+ }
+ }
+
+ if (parents.length > 0) {
+ parentRefs.set(blob.id, parents);
+ for (const parentId of parents) {
+ if (!childRefs.has(parentId)) {
+ childRefs.set(parentId, []);
+ }
+ childRefs.get(parentId)?.push(blob.id);
+ }
+ }
+ }
+
+ const visited = new Set();
+ const sorted: CursorDbBlob[] = [];
+ const visit = (nodeId: string): void => {
+ if (visited.has(nodeId)) {
+ return;
+ }
+ visited.add(nodeId);
+ for (const parentId of parentRefs.get(nodeId) || []) {
+ visit(parentId);
+ }
+ const blob = blobMap.get(nodeId);
+ if (blob) {
+ sorted.push(blob);
+ }
+ };
+
+ for (const blob of allBlobs) {
+ if (!parentRefs.has(blob.id)) {
+ visit(blob.id);
+ }
+ }
+ for (const blob of allBlobs) {
+ visit(blob.id);
+ }
+
+ const messageOrder = new Map();
+ let orderIndex = 0;
+ for (const blob of sorted) {
+ if (blob.data && blob.data[0] !== 0x7B) {
+ for (const jsonBlob of jsonBlobs) {
+ try {
+ const idBytes = Buffer.from(jsonBlob.id, 'hex');
+ if (blob.data.includes(idBytes) && !messageOrder.has(jsonBlob.id)) {
+ messageOrder.set(jsonBlob.id, orderIndex++);
+ }
+ } catch {
+ // Ignore malformed blob ids that cannot be decoded as hex.
+ }
+ }
+ }
+ }
+
+ const sortedJsonBlobs = jsonBlobs.sort((a, b) => {
+ const aOrder = messageOrder.get(a.id) ?? Number.MAX_SAFE_INTEGER;
+ const bOrder = messageOrder.get(b.id) ?? Number.MAX_SAFE_INTEGER;
+ return aOrder !== bOrder ? aOrder - bOrder : a.rowid - b.rowid;
+ });
+
+ const messages: CursorMessageBlob[] = [];
+ for (let idx = 0; idx < sortedJsonBlobs.length; idx++) {
+ const blob = sortedJsonBlobs[idx];
+ const parsed = blob.parsed;
+ const role = parsed?.role || parsed?.message?.role;
+ if (role === 'system') {
+ continue;
+ }
+ messages.push({
+ id: blob.id,
+ sequence: idx + 1,
+ rowid: blob.rowid,
+ content: parsed,
+ });
+ }
+
+ return messages;
+ } finally {
+ db.close();
+ }
+ }
+
+ /**
+ * Normalizes live Cursor CLI NDJSON events. Persisted Cursor history is
+ * normalized from SQLite blobs in fetchHistory().
+ */
+ normalizeMessage(rawMessage: unknown, sessionId: string | null): NormalizedMessage[] {
+ const raw = readObjectRecord(rawMessage);
+ if (raw?.type === 'assistant' && raw.message?.content?.[0]?.text) {
+ return [createNormalizedMessage({
+ kind: 'stream_delta',
+ content: raw.message.content[0].text,
+ sessionId,
+ provider: PROVIDER,
+ })];
+ }
+
+ if (typeof rawMessage === 'string' && rawMessage.trim()) {
+ return [createNormalizedMessage({
+ kind: 'stream_delta',
+ content: rawMessage,
+ sessionId,
+ provider: PROVIDER,
+ })];
+ }
+
+ return [];
+ }
+
+ /**
+ * Fetches and paginates Cursor session history from its project-scoped store.db.
+ */
+ async fetchHistory(
+ sessionId: string,
+ options: FetchHistoryOptions = {},
+ ): Promise {
+ const { projectPath = '', limit = null, offset = 0 } = options;
+
+ try {
+ const blobs = await this.loadCursorBlobs(sessionId, projectPath);
+ const allNormalized = this.normalizeCursorBlobs(blobs, sessionId);
+ const total = allNormalized.length;
+
+ if (limit !== null) {
+ const start = offset;
+ const page = limit === 0
+ ? []
+ : allNormalized.slice(start, start + limit);
+ const hasMore = limit === 0
+ ? start < total
+ : start + limit < total;
+ return {
+ messages: page,
+ total,
+ hasMore,
+ offset,
+ limit,
+ };
+ }
+
+ return {
+ messages: allNormalized,
+ total,
+ hasMore: false,
+ offset: 0,
+ limit: null,
+ };
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.warn(`[CursorProvider] Failed to load session ${sessionId}:`, message);
+ return { messages: [], total: 0, hasMore: false, offset: 0, limit: null };
+ }
+ }
+
+ /**
+ * Converts Cursor SQLite message blobs into normalized messages and attaches
+ * matching tool results to their tool_use entries.
+ */
+ private normalizeCursorBlobs(blobs: CursorMessageBlob[], sessionId: string | null): NormalizedMessage[] {
+ const messages: NormalizedMessage[] = [];
+ const toolUseMap = new Map();
+ const baseTime = Date.now();
+
+ for (let i = 0; i < blobs.length; i++) {
+ const blob = blobs[i];
+ const content = blob.content;
+ const ts = new Date(baseTime + (blob.sequence ?? i) * 100).toISOString();
+ const baseId = blob.id || generateMessageId('cursor');
+
+ try {
+ if (!content?.role || !content?.content) {
+ if (content?.message?.role && content?.message?.content) {
+ if (content.message.role === 'system') {
+ continue;
+ }
+ const role = content.message.role === 'user' ? 'user' : 'assistant';
+ let text = '';
+ if (Array.isArray(content.message.content)) {
+ text = content.message.content
+ .map((part: string | AnyRecord) => typeof part === 'string' ? part : part?.text || '')
+ .filter(Boolean)
+ .join('\n');
+ } else if (typeof content.message.content === 'string') {
+ text = content.message.content;
+ }
+ if (text?.trim()) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role,
+ content: text,
+ sequence: blob.sequence,
+ rowid: blob.rowid,
+ }));
+ }
+ }
+ continue;
+ }
+
+ if (content.role === 'system') {
+ continue;
+ }
+
+ if (content.role === 'tool') {
+ const toolItems = Array.isArray(content.content) ? content.content : [];
+ for (const item of toolItems) {
+ if (item?.type !== 'tool-result') {
+ continue;
+ }
+ const toolCallId = item.toolCallId || content.id;
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_tr`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: toolCallId,
+ content: item.result || '',
+ isError: false,
+ }));
+ }
+ continue;
+ }
+
+ const role = content.role === 'user' ? 'user' : 'assistant';
+
+ if (Array.isArray(content.content)) {
+ for (let partIdx = 0; partIdx < content.content.length; partIdx++) {
+ const part = content.content[partIdx];
+
+ if (part?.type === 'text' && part?.text) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role,
+ content: part.text,
+ sequence: blob.sequence,
+ rowid: blob.rowid,
+ }));
+ } else if (part?.type === 'reasoning' && part?.text) {
+ messages.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: part.text,
+ }));
+ } else if (part?.type === 'tool-call' || part?.type === 'tool_use') {
+ const rawToolName = part.toolName || part.name || 'Unknown Tool';
+ const toolName = rawToolName === 'ApplyPatch' ? 'Edit' : rawToolName;
+ const toolId = part.toolCallId || part.id || `tool_${i}_${partIdx}`;
+ const message = createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName,
+ toolInput: part.args || part.input,
+ toolId,
+ });
+ messages.push(message);
+ toolUseMap.set(toolId, message);
+ }
+ }
+ } else if (typeof content.content === 'string' && content.content.trim()) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role,
+ content: content.content,
+ sequence: blob.sequence,
+ rowid: blob.rowid,
+ }));
+ }
+ } catch (error) {
+ console.warn('Error normalizing cursor blob:', error);
+ }
+ }
+
+ for (const msg of messages) {
+ if (msg.kind === 'tool_result' && msg.toolId && toolUseMap.has(msg.toolId)) {
+ const toolUse = toolUseMap.get(msg.toolId);
+ if (toolUse) {
+ toolUse.toolResult = {
+ content: msg.content,
+ isError: msg.isError,
+ };
+ }
+ }
+ }
+
+ messages.sort((a, b) => {
+ if (a.sequence !== undefined && b.sequence !== undefined) {
+ return a.sequence - b.sequence;
+ }
+ if (a.rowid !== undefined && b.rowid !== undefined) {
+ return a.rowid - b.rowid;
+ }
+ return new Date(a.timestamp).getTime() - new Date(b.timestamp).getTime();
+ });
+
+ return messages;
+ }
+}
diff --git a/server/modules/providers/list/cursor/cursor.provider.ts b/server/modules/providers/list/cursor/cursor.provider.ts
new file mode 100644
index 00000000..72edf80c
--- /dev/null
+++ b/server/modules/providers/list/cursor/cursor.provider.ts
@@ -0,0 +1,17 @@
+import { AbstractProvider } from '@/modules/providers/shared/base/abstract.provider.js';
+import { CursorProviderAuth } from '@/modules/providers/list/cursor/cursor-auth.provider.js';
+import { CursorMcpProvider } from '@/modules/providers/list/cursor/cursor-mcp.provider.js';
+import { CursorSessionSynchronizer } from '@/modules/providers/list/cursor/cursor-session-synchronizer.provider.js';
+import { CursorSessionsProvider } from '@/modules/providers/list/cursor/cursor-sessions.provider.js';
+import type { IProviderAuth, IProviderSessionSynchronizer, IProviderSessions } from '@/shared/interfaces.js';
+
+export class CursorProvider extends AbstractProvider {
+ readonly mcp = new CursorMcpProvider();
+ readonly auth: IProviderAuth = new CursorProviderAuth();
+ readonly sessions: IProviderSessions = new CursorSessionsProvider();
+ readonly sessionSynchronizer: IProviderSessionSynchronizer = new CursorSessionSynchronizer();
+
+ constructor() {
+ super('cursor');
+ }
+}
diff --git a/server/modules/providers/list/gemini/gemini-auth.provider.ts b/server/modules/providers/list/gemini/gemini-auth.provider.ts
new file mode 100644
index 00000000..60b0749e
--- /dev/null
+++ b/server/modules/providers/list/gemini/gemini-auth.provider.ts
@@ -0,0 +1,151 @@
+import { readFile } from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+
+import spawn from 'cross-spawn';
+
+import type { IProviderAuth } from '@/shared/interfaces.js';
+import type { ProviderAuthStatus } from '@/shared/types.js';
+import { readObjectRecord, readOptionalString } from '@/shared/utils.js';
+
+type GeminiCredentialsStatus = {
+ authenticated: boolean;
+ email: string | null;
+ method: string | null;
+ error?: string;
+};
+
+export class GeminiProviderAuth implements IProviderAuth {
+ /**
+ * Checks whether the Gemini CLI is available on this host.
+ */
+ private checkInstalled(): boolean {
+ const cliPath = process.env.GEMINI_PATH || 'gemini';
+ try {
+ spawn.sync(cliPath, ['--version'], { stdio: 'ignore', timeout: 5000 });
+ return true;
+ } catch {
+ return false;
+ }
+ }
+
+ /**
+ * Returns Gemini CLI installation and credential status.
+ */
+ async getStatus(): Promise {
+ const installed = this.checkInstalled();
+
+ if (!installed) {
+ return {
+ installed,
+ provider: 'gemini',
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Gemini CLI is not installed',
+ };
+ }
+
+ const credentials = await this.checkCredentials();
+
+ return {
+ installed,
+ provider: 'gemini',
+ authenticated: credentials.authenticated,
+ email: credentials.email,
+ method: credentials.method,
+ error: credentials.authenticated ? undefined : credentials.error || 'Not authenticated',
+ };
+ }
+
+ /**
+ * Checks Gemini credentials from API key env vars or local OAuth credential files.
+ */
+ private async checkCredentials(): Promise {
+ if (process.env.GEMINI_API_KEY?.trim()) {
+ return { authenticated: true, email: 'API Key Auth', method: 'api_key' };
+ }
+
+ try {
+ const credsPath = path.join(os.homedir(), '.gemini', 'oauth_creds.json');
+ const content = await readFile(credsPath, 'utf8');
+ const creds = readObjectRecord(JSON.parse(content)) ?? {};
+ const accessToken = readOptionalString(creds.access_token);
+
+ if (!accessToken) {
+ return {
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'No valid tokens found in oauth_creds',
+ };
+ }
+
+ const refreshToken = readOptionalString(creds.refresh_token);
+ const tokenInfo = await this.getTokenInfoEmail(accessToken);
+ if (tokenInfo.valid) {
+ return {
+ authenticated: true,
+ email: tokenInfo.email || 'OAuth Session',
+ method: 'credentials_file',
+ };
+ }
+
+ if (!refreshToken) {
+ return {
+ authenticated: false,
+ email: null,
+ method: 'credentials_file',
+ error: 'Access token invalid and no refresh token found',
+ };
+ }
+
+ return {
+ authenticated: true,
+ email: await this.getActiveAccountEmail() || 'OAuth Session',
+ method: 'credentials_file',
+ };
+ } catch {
+ return {
+ authenticated: false,
+ email: null,
+ method: null,
+ error: 'Gemini CLI not configured',
+ };
+ }
+ }
+
+ /**
+ * Validates a Gemini OAuth access token and returns an email when Google reports one.
+ */
+ private async getTokenInfoEmail(accessToken: string): Promise<{ valid: boolean; email: string | null }> {
+ try {
+ const tokenRes = await fetch(`https://oauth2.googleapis.com/tokeninfo?access_token=${accessToken}`);
+ if (!tokenRes.ok) {
+ return { valid: false, email: null };
+ }
+
+ const tokenInfo = readObjectRecord(await tokenRes.json());
+ return {
+ valid: true,
+ email: readOptionalString(tokenInfo?.email) ?? null,
+ };
+ } catch {
+ return { valid: false, email: null };
+ }
+ }
+
+ /**
+ * Reads Gemini's active local Google account as an offline fallback for display.
+ */
+ private async getActiveAccountEmail(): Promise {
+ try {
+ const accPath = path.join(os.homedir(), '.gemini', 'google_accounts.json');
+ const accContent = await readFile(accPath, 'utf8');
+ const accounts = readObjectRecord(JSON.parse(accContent));
+ return readOptionalString(accounts?.active) ?? null;
+ } catch {
+ return null;
+ }
+ }
+}
diff --git a/server/modules/providers/list/gemini/gemini-mcp.provider.ts b/server/modules/providers/list/gemini/gemini-mcp.provider.ts
new file mode 100644
index 00000000..b86b8f2d
--- /dev/null
+++ b/server/modules/providers/list/gemini/gemini-mcp.provider.ts
@@ -0,0 +1,110 @@
+import os from 'node:os';
+import path from 'node:path';
+
+import { McpProvider } from '@/modules/providers/shared/mcp/mcp.provider.js';
+import type { McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import {
+ AppError,
+ readJsonConfig,
+ readObjectRecord,
+ readOptionalString,
+ readStringArray,
+ readStringRecord,
+ writeJsonConfig,
+} from '@/shared/utils.js';
+
+export class GeminiMcpProvider extends McpProvider {
+ constructor() {
+ super('gemini', ['user', 'project'], ['stdio', 'http', 'sse']);
+ }
+
+ protected async readScopedServers(scope: McpScope, workspacePath: string): Promise> {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.gemini', 'settings.json')
+ : path.join(workspacePath, '.gemini', 'settings.json');
+ const config = await readJsonConfig(filePath);
+ return readObjectRecord(config.mcpServers) ?? {};
+ }
+
+ protected async writeScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ servers: Record,
+ ): Promise {
+ const filePath = scope === 'user'
+ ? path.join(os.homedir(), '.gemini', 'settings.json')
+ : path.join(workspacePath, '.gemini', 'settings.json');
+ const config = await readJsonConfig(filePath);
+ config.mcpServers = servers;
+ await writeJsonConfig(filePath, config);
+ }
+
+ protected buildServerConfig(input: UpsertProviderMcpServerInput): Record {
+ if (input.transport === 'stdio') {
+ if (!input.command?.trim()) {
+ throw new AppError('command is required for stdio MCP servers.', {
+ code: 'MCP_COMMAND_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ command: input.command,
+ args: input.args ?? [],
+ env: input.env ?? {},
+ cwd: input.cwd,
+ };
+ }
+
+ if (!input.url?.trim()) {
+ throw new AppError('url is required for http/sse MCP servers.', {
+ code: 'MCP_URL_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return {
+ type: input.transport,
+ url: input.url,
+ headers: input.headers ?? {},
+ };
+ }
+
+ protected normalizeServerConfig(
+ scope: McpScope,
+ name: string,
+ rawConfig: unknown,
+ ): ProviderMcpServer | null {
+ if (!rawConfig || typeof rawConfig !== 'object') {
+ return null;
+ }
+
+ const config = rawConfig as Record;
+ if (typeof config.command === 'string') {
+ return {
+ provider: 'gemini',
+ name,
+ scope,
+ transport: 'stdio',
+ command: config.command,
+ args: readStringArray(config.args),
+ env: readStringRecord(config.env),
+ cwd: readOptionalString(config.cwd),
+ };
+ }
+
+ if (typeof config.url === 'string') {
+ const transport = readOptionalString(config.type) === 'sse' ? 'sse' : 'http';
+ return {
+ provider: 'gemini',
+ name,
+ scope,
+ transport,
+ url: config.url,
+ headers: readStringRecord(config.headers),
+ };
+ }
+
+ return null;
+ }
+}
diff --git a/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.ts b/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.ts
new file mode 100644
index 00000000..52c62e9b
--- /dev/null
+++ b/server/modules/providers/list/gemini/gemini-session-synchronizer.provider.ts
@@ -0,0 +1,401 @@
+import crypto from 'node:crypto';
+import os from 'node:os';
+import path from 'node:path';
+import { readFile } from 'node:fs/promises';
+
+import { projectsDb, sessionsDb } from '@/modules/database/index.js';
+import {
+ findFilesRecursivelyCreatedAfter,
+ normalizeProjectPath,
+ normalizeSessionName,
+ readFileTimestamps,
+} from '@/shared/utils.js';
+import type { IProviderSessionSynchronizer } from '@/shared/interfaces.js';
+import type { AnyRecord } from '@/shared/types.js';
+
+type ParsedSession = {
+ sessionId: string;
+ projectPath: string;
+ sessionName?: string;
+};
+
+type GeminiJsonlMetadata = {
+ sessionId: string;
+ projectPath?: string;
+ projectHash?: string;
+ firstUserMessage?: string;
+};
+
+/**
+ * Session indexer for Gemini transcript artifacts.
+ */
+export class GeminiSessionSynchronizer implements IProviderSessionSynchronizer {
+ private readonly provider = 'gemini' as const;
+ private readonly geminiHome = path.join(os.homedir(), '.gemini');
+
+ /**
+ * Scans Gemini legacy JSON and new JSONL artifacts and upserts sessions into DB.
+ */
+ async synchronize(since?: Date): Promise {
+ const projectHashLookup = this.buildProjectHashLookup();
+
+ const legacySessionFiles = await findFilesRecursivelyCreatedAfter(
+ path.join(this.geminiHome, 'sessions'),
+ '.json',
+ since ?? null
+ );
+ const legacyTempFiles = await findFilesRecursivelyCreatedAfter(
+ path.join(this.geminiHome, 'tmp'),
+ '.json',
+ since ?? null
+ );
+ const jsonlSessionFiles = await findFilesRecursivelyCreatedAfter(
+ path.join(this.geminiHome, 'sessions'),
+ '.jsonl',
+ since ?? null
+ );
+ const jsonlTempFiles = await findFilesRecursivelyCreatedAfter(
+ path.join(this.geminiHome, 'tmp'),
+ '.jsonl',
+ since ?? null
+ );
+
+ // Process legacy JSON first, then JSONL. If both exist for a session id,
+ // the JSONL artifact becomes the canonical jsonl_path via upsert.
+ const files = [
+ ...legacySessionFiles,
+ ...legacyTempFiles,
+ ...jsonlSessionFiles,
+ ...jsonlTempFiles,
+ ];
+
+ let processed = 0;
+ for (const filePath of files) {
+ if (this.shouldSkipTempArtifact(filePath)) {
+ continue;
+ }
+
+ const parsed = filePath.endsWith('.jsonl')
+ ? await this.processJsonlSessionFile(filePath, projectHashLookup)
+ : await this.processLegacySessionFile(filePath);
+ if (!parsed) {
+ continue;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ processed += 1;
+ }
+
+ return processed;
+ }
+
+ /**
+ * Parses and upserts one Gemini legacy JSON or JSONL artifact.
+ */
+ async synchronizeFile(filePath: string): Promise {
+ if (!filePath.endsWith('.json') && !filePath.endsWith('.jsonl')) {
+ return null;
+ }
+
+ if (this.shouldSkipTempArtifact(filePath)) {
+ return null;
+ }
+
+ const parsed = filePath.endsWith('.jsonl')
+ ? await this.processJsonlSessionFile(filePath, this.buildProjectHashLookup())
+ : await this.processLegacySessionFile(filePath);
+ if (!parsed) {
+ return null;
+ }
+
+ const timestamps = await readFileTimestamps(filePath);
+ return sessionsDb.createSession(
+ parsed.sessionId,
+ this.provider,
+ parsed.projectPath,
+ parsed.sessionName,
+ timestamps.createdAt,
+ timestamps.updatedAt,
+ filePath
+ );
+ }
+
+ /**
+ * Extracts session metadata from one Gemini legacy JSON artifact.
+ */
+ private async processLegacySessionFile(filePath: string): Promise {
+ try {
+ const content = await readFile(filePath, 'utf8');
+ const data = JSON.parse(content) as AnyRecord;
+
+ const sessionId =
+ typeof data.sessionId === 'string'
+ ? data.sessionId
+ : typeof data.id === 'string'
+ ? data.id
+ : undefined;
+ if (!sessionId) {
+ return null;
+ }
+
+ const workspaceProjectPath = await this.resolveProjectPathFromChatWorkspace(filePath);
+ const projectPath = typeof data.projectPath === 'string' && data.projectPath.trim().length > 0
+ ? data.projectPath
+ : workspaceProjectPath;
+ if (!projectPath) {
+ return null;
+ }
+
+ const messages = Array.isArray(data.messages) ? data.messages : [];
+ const firstMessage = messages[0] as AnyRecord | undefined;
+ let rawName: string | undefined;
+
+ if (Array.isArray(firstMessage?.content) && typeof firstMessage.content[0]?.text === 'string') {
+ rawName = firstMessage.content[0].text;
+ } else if (typeof firstMessage?.content === 'string') {
+ rawName = firstMessage.content;
+ }
+
+ return {
+ sessionId,
+ projectPath,
+ sessionName: normalizeSessionName(rawName, 'New Gemini Chat'),
+ };
+ } catch {
+ return null;
+ }
+ }
+
+ /**
+ * Extracts session metadata from one Gemini JSONL artifact.
+ */
+ private async processJsonlSessionFile(
+ filePath: string,
+ projectHashLookup: Map
+ ): Promise {
+ const metadata = await this.extractJsonlMetadata(filePath);
+ if (!metadata) {
+ return null;
+ }
+
+ let projectPath = typeof metadata.projectPath === 'string' ? metadata.projectPath.trim() : '';
+ if (!projectPath) {
+ const workspaceProjectPath = await this.resolveProjectPathFromChatWorkspace(filePath);
+ if (workspaceProjectPath) {
+ projectPath = workspaceProjectPath;
+ }
+ }
+ if (!projectPath && typeof metadata.projectHash === 'string') {
+ projectPath = projectHashLookup.get(metadata.projectHash.trim().toLowerCase()) ?? '';
+ }
+ if (!projectPath) {
+ return null;
+ }
+
+ // Once we resolve a project hash/path pair, keep it in-memory for this sync run.
+ if (typeof metadata.projectHash === 'string' && metadata.projectHash.trim()) {
+ projectHashLookup.set(metadata.projectHash.trim().toLowerCase(), projectPath);
+ }
+
+ return {
+ sessionId: metadata.sessionId,
+ projectPath,
+ sessionName: normalizeSessionName(metadata.firstUserMessage, 'New Gemini Chat'),
+ };
+ }
+
+ /**
+ * Reads first useful metadata from Gemini JSONL files.
+ */
+ private async extractJsonlMetadata(filePath: string): Promise {
+ try {
+ const content = await readFile(filePath, 'utf8');
+ const lines = content.split('\n');
+
+ let sessionId: string | undefined;
+ let projectPath: string | undefined;
+ let projectHash: string | undefined;
+ let firstUserMessage: string | undefined;
+
+ for (const line of lines) {
+ const trimmed = line.trim();
+ if (!trimmed) {
+ continue;
+ }
+
+ let parsed: AnyRecord;
+ try {
+ parsed = JSON.parse(trimmed) as AnyRecord;
+ } catch {
+ continue;
+ }
+
+ if (!sessionId && typeof parsed.sessionId === 'string') {
+ sessionId = parsed.sessionId;
+ }
+ if (!projectPath && typeof parsed.projectPath === 'string') {
+ projectPath = parsed.projectPath;
+ }
+ if (!projectHash && typeof parsed.projectHash === 'string') {
+ projectHash = parsed.projectHash;
+ }
+
+ if (!firstUserMessage && parsed.type === 'user') {
+ firstUserMessage = this.extractGeminiTextContent(parsed.content);
+ }
+
+ if (sessionId && (projectPath || projectHash) && firstUserMessage) {
+ break;
+ }
+ }
+
+ if (!sessionId) {
+ return null;
+ }
+
+ return {
+ sessionId,
+ projectPath,
+ projectHash,
+ firstUserMessage,
+ };
+ } catch {
+ return null;
+ }
+ }
+
+ /**
+ * Tries to resolve project root from Gemini tmp chat workspaces.
+ */
+ private async resolveProjectPathFromChatWorkspace(filePath: string): Promise {
+ if (!filePath.includes(`${path.sep}chats${path.sep}`)) {
+ return '';
+ }
+
+ const chatsDir = path.dirname(filePath);
+ const workspaceDir = path.dirname(chatsDir);
+ const projectRootPath = path.join(workspaceDir, '.project_root');
+
+ try {
+ const rootContent = await readFile(projectRootPath, 'utf8');
+ return rootContent.trim();
+ } catch {
+ return '';
+ }
+ }
+
+ /**
+ * Builds a hash->path lookup for Gemini JSONL metadata that stores projectHash.
+ */
+ private buildProjectHashLookup(): Map {
+ const lookup = new Map();
+ const knownPaths = new Set();
+
+ for (const project of projectsDb.getProjectPaths()) {
+ if (typeof project.project_path === 'string' && project.project_path.trim()) {
+ knownPaths.add(project.project_path.trim());
+ }
+ }
+
+ for (const session of sessionsDb.getAllSessions()) {
+ if (session.provider === this.provider && typeof session.project_path === 'string' && session.project_path.trim()) {
+ knownPaths.add(session.project_path.trim());
+ }
+ }
+
+ for (const knownPath of knownPaths) {
+ this.addProjectHashCandidates(lookup, knownPath);
+ }
+
+ return lookup;
+ }
+
+ /**
+ * Adds likely Gemini hash variants for one project path.
+ */
+ private addProjectHashCandidates(lookup: Map, projectPath: string): void {
+ const trimmed = projectPath.trim();
+ if (!trimmed) {
+ return;
+ }
+
+ const normalized = normalizeProjectPath(trimmed);
+ const resolved = path.resolve(trimmed);
+ const resolvedNormalized = normalizeProjectPath(resolved);
+
+ const candidates = new Set([
+ trimmed,
+ normalized,
+ resolved,
+ resolvedNormalized,
+ ]);
+
+ if (process.platform === 'win32') {
+ for (const candidate of [...candidates]) {
+ candidates.add(candidate.toLowerCase());
+ }
+ }
+
+ for (const candidate of candidates) {
+ if (!candidate) {
+ continue;
+ }
+
+ const hash = this.sha256(candidate);
+ if (!lookup.has(hash)) {
+ lookup.set(hash, trimmed);
+ }
+ }
+ }
+
+ /**
+ * Returns first user text from Gemini content payload shapes.
+ */
+ private extractGeminiTextContent(content: unknown): string | undefined {
+ if (typeof content === 'string' && content.trim().length > 0) {
+ return content;
+ }
+
+ if (!Array.isArray(content)) {
+ return undefined;
+ }
+
+ for (const part of content) {
+ if (typeof part === 'string' && part.trim().length > 0) {
+ return part;
+ }
+
+ if (part && typeof part === 'object' && typeof (part as AnyRecord).text === 'string') {
+ const text = (part as AnyRecord).text;
+ if (text.trim().length > 0) {
+ return text;
+ }
+ }
+ }
+
+ return undefined;
+ }
+
+ /**
+ * Keeps tmp scanning scoped to chat artifacts only.
+ */
+ private shouldSkipTempArtifact(filePath: string): boolean {
+ return (
+ filePath.startsWith(path.join(this.geminiHome, 'tmp'))
+ && !filePath.includes(`${path.sep}chats${path.sep}`)
+ );
+ }
+
+ private sha256(value: string): string {
+ return crypto.createHash('sha256').update(value).digest('hex');
+ }
+}
diff --git a/server/modules/providers/list/gemini/gemini-sessions.provider.ts b/server/modules/providers/list/gemini/gemini-sessions.provider.ts
new file mode 100644
index 00000000..606a1f17
--- /dev/null
+++ b/server/modules/providers/list/gemini/gemini-sessions.provider.ts
@@ -0,0 +1,541 @@
+import fsSync from 'node:fs';
+import fs from 'node:fs/promises';
+import readline from 'node:readline';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import type { IProviderSessions } from '@/shared/interfaces.js';
+import type { AnyRecord, FetchHistoryOptions, FetchHistoryResult, NormalizedMessage } from '@/shared/types.js';
+import { createNormalizedMessage, generateMessageId, readObjectRecord } from '@/shared/utils.js';
+
+const PROVIDER = 'gemini';
+
+type GeminiHistoryResult = {
+ messages: AnyRecord[];
+ tokenUsage?: unknown;
+};
+
+function mapGeminiRole(value: unknown): 'user' | 'assistant' | null {
+ if (value === 'user') {
+ return 'user';
+ }
+
+ if (value === 'gemini' || value === 'assistant') {
+ return 'assistant';
+ }
+
+ return null;
+}
+
+function extractGeminiTextContent(content: unknown): string {
+ if (typeof content === 'string') {
+ return content;
+ }
+
+ if (!Array.isArray(content)) {
+ return '';
+ }
+
+ return content
+ .map((part) => {
+ if (typeof part === 'string') {
+ return part;
+ }
+ if (!part || typeof part !== 'object') {
+ return '';
+ }
+
+ const record = part as AnyRecord;
+ if (typeof record.text === 'string') {
+ return record.text;
+ }
+
+ return '';
+ })
+ .filter(Boolean)
+ .join('\n');
+}
+
+function extractGeminiThoughts(thoughts: unknown): string {
+ if (!Array.isArray(thoughts)) {
+ return '';
+ }
+
+ return thoughts
+ .map((item) => {
+ if (!item || typeof item !== 'object') {
+ return '';
+ }
+
+ const record = item as AnyRecord;
+ const subject = typeof record.subject === 'string' ? record.subject.trim() : '';
+ const description = typeof record.description === 'string' ? record.description.trim() : '';
+
+ if (subject && description) {
+ return `${subject}: ${description}`;
+ }
+
+ return description || subject;
+ })
+ .filter(Boolean)
+ .join('\n');
+}
+
+function buildGeminiTokenUsage(tokens: unknown): AnyRecord | undefined {
+ if (!tokens || typeof tokens !== 'object') {
+ return undefined;
+ }
+
+ const record = tokens as AnyRecord;
+ const input = Number(record.input || 0);
+ const output = Number(record.output || 0);
+ const cached = Number(record.cached || 0);
+ const thoughts = Number(record.thoughts || 0);
+ const tool = Number(record.tool || 0);
+
+ const totalFromFields = input + output + cached + thoughts + tool;
+ const total = Number(record.total || totalFromFields || 0);
+
+ return {
+ used: total,
+ total: total,
+ breakdown: {
+ input,
+ output,
+ cached,
+ thoughts,
+ tool,
+ },
+ };
+}
+
+async function getGeminiLegacySessionMessages(sessionFilePath: string): Promise {
+ try {
+ const data = await fs.readFile(sessionFilePath, 'utf8');
+ const session = JSON.parse(data) as AnyRecord;
+ const sourceMessages = Array.isArray(session.messages) ? session.messages : [];
+
+ const messages: AnyRecord[] = [];
+ for (const msg of sourceMessages) {
+ const role = mapGeminiRole(msg.type ?? msg.role);
+ if (!role) {
+ continue;
+ }
+
+ messages.push({
+ type: 'message',
+ uuid: typeof msg.id === 'string' ? msg.id : undefined,
+ message: { role, content: msg.content },
+ timestamp: msg.timestamp || null,
+ });
+ }
+
+ return { messages };
+ } catch {
+ return { messages: [] };
+ }
+}
+
+async function getGeminiJsonlSessionMessages(sessionFilePath: string): Promise {
+ const messages: AnyRecord[] = [];
+ let tokenUsage: AnyRecord | undefined;
+
+ try {
+ const fileStream = fsSync.createReadStream(sessionFilePath);
+ const lineReader = readline.createInterface({
+ input: fileStream,
+ crlfDelay: Infinity,
+ });
+
+ for await (const line of lineReader) {
+ const trimmed = line.trim();
+ if (!trimmed) {
+ continue;
+ }
+
+ let entry: AnyRecord;
+ try {
+ entry = JSON.parse(trimmed) as AnyRecord;
+ } catch {
+ continue;
+ }
+
+ // Metadata/update lines (e.g. {$set:{lastUpdated:...}}) do not represent chat messages.
+ if (entry.$set) {
+ continue;
+ }
+
+ const role = mapGeminiRole(entry.type);
+ if (role) {
+ const textContent = extractGeminiTextContent(entry.content);
+ if (textContent.trim()) {
+ messages.push({
+ type: 'message',
+ uuid: typeof entry.id === 'string' ? entry.id : undefined,
+ message: { role, content: textContent },
+ timestamp: entry.timestamp || null,
+ });
+ }
+
+ const thinkingContent = extractGeminiThoughts(entry.thoughts);
+ if (thinkingContent.trim()) {
+ messages.push({
+ type: 'thinking',
+ uuid: typeof entry.id === 'string' ? `${entry.id}_thinking` : undefined,
+ message: { role: 'assistant', content: thinkingContent },
+ timestamp: entry.timestamp || null,
+ isReasoning: true,
+ });
+ }
+
+ if (role === 'assistant') {
+ const usage = buildGeminiTokenUsage(entry.tokens);
+ if (usage) {
+ tokenUsage = usage;
+ }
+ }
+
+ continue;
+ }
+
+ if (entry.type === 'tool_use') {
+ messages.push({
+ type: 'tool_use',
+ uuid: typeof entry.id === 'string' ? entry.id : undefined,
+ timestamp: entry.timestamp || null,
+ toolName: entry.tool_name || entry.name || 'Tool',
+ toolInput: entry.parameters ?? entry.input ?? entry.arguments ?? '',
+ toolCallId: entry.tool_id || entry.toolCallId || entry.id,
+ });
+ continue;
+ }
+
+ if (entry.type === 'tool_result') {
+ messages.push({
+ type: 'tool_result',
+ uuid: typeof entry.id === 'string' ? entry.id : undefined,
+ timestamp: entry.timestamp || null,
+ toolCallId: entry.tool_id || entry.toolCallId || entry.id || '',
+ output: entry.output ?? entry.result ?? '',
+ isError: Boolean(entry.error) || entry.status === 'error',
+ });
+ }
+ }
+ } catch {
+ return { messages: [] };
+ }
+
+ messages.sort(
+ (a, b) => new Date(a.timestamp || 0).getTime() - new Date(b.timestamp || 0).getTime(),
+ );
+
+ return { messages, tokenUsage };
+}
+
+async function getGeminiCliSessionMessages(sessionId: string): Promise {
+ const sessionFilePath = sessionsDb.getSessionById(sessionId)?.jsonl_path;
+ if (!sessionFilePath) {
+ return { messages: [] };
+ }
+
+ if (sessionFilePath.endsWith('.jsonl')) {
+ return getGeminiJsonlSessionMessages(sessionFilePath);
+ }
+
+ return getGeminiLegacySessionMessages(sessionFilePath);
+}
+
+export class GeminiSessionsProvider implements IProviderSessions {
+ /**
+ * Normalizes live Gemini stream-json events into the shared message shape.
+ *
+ * Gemini history uses a different session file shape, so fetchHistory handles
+ * that separately after loading raw persisted messages.
+ */
+ normalizeMessage(rawMessage: unknown, sessionId: string | null): NormalizedMessage[] {
+ const raw = readObjectRecord(rawMessage);
+ if (!raw) {
+ return [];
+ }
+
+ const ts = raw.timestamp || new Date().toISOString();
+ const baseId = raw.uuid || generateMessageId('gemini');
+
+ if (raw.type === 'message' && raw.role === 'assistant') {
+ const content = raw.content || '';
+ const messages: NormalizedMessage[] = [];
+ if (content) {
+ messages.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'stream_delta',
+ content,
+ }));
+ }
+ if (raw.delta !== true) {
+ messages.push(createNormalizedMessage({
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'stream_end',
+ }));
+ }
+ return messages;
+ }
+
+ if (raw.type === 'tool_use') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.tool_name,
+ toolInput: raw.parameters || {},
+ toolId: raw.tool_id || baseId,
+ })];
+ }
+
+ if (raw.type === 'tool_result') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: raw.tool_id || '',
+ content: raw.output === undefined ? '' : String(raw.output),
+ isError: raw.status === 'error',
+ })];
+ }
+
+ if (raw.type === 'result') {
+ const messages = [createNormalizedMessage({
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'stream_end',
+ })];
+ if (raw.stats?.total_tokens) {
+ messages.push(createNormalizedMessage({
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'status',
+ text: 'Complete',
+ tokens: raw.stats.total_tokens,
+ canInterrupt: false,
+ }));
+ }
+ return messages;
+ }
+
+ if (raw.type === 'error') {
+ return [createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'error',
+ content: raw.error || raw.message || 'Unknown Gemini streaming error',
+ })];
+ }
+
+ return [];
+ }
+
+ /**
+ * Loads Gemini history from Gemini CLI session files on disk.
+ */
+ async fetchHistory(
+ sessionId: string,
+ options: FetchHistoryOptions = {},
+ ): Promise {
+ const { limit = null, offset = 0 } = options;
+
+ let result: GeminiHistoryResult;
+ try {
+ result = await getGeminiCliSessionMessages(sessionId);
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.warn(`[GeminiProvider] Failed to load session ${sessionId}:`, message);
+ return { messages: [], total: 0, hasMore: false, offset: 0, limit: null };
+ }
+
+ const rawMessages = result.messages;
+ const normalized: NormalizedMessage[] = [];
+
+ for (let i = 0; i < rawMessages.length; i++) {
+ const raw = rawMessages[i];
+ const ts = raw.timestamp || new Date().toISOString();
+ const baseId = raw.uuid || generateMessageId('gemini');
+
+ if (raw.type === 'thinking' || raw.isReasoning) {
+ const thinkingContent = typeof raw.message?.content === 'string'
+ ? raw.message.content
+ : typeof raw.content === 'string'
+ ? raw.content
+ : '';
+
+ if (thinkingContent.trim()) {
+ normalized.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'thinking',
+ content: thinkingContent,
+ }));
+ }
+ continue;
+ }
+
+ if (raw.type === 'tool_use' || raw.toolName) {
+ normalized.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: raw.toolName || 'Tool',
+ toolInput: raw.toolInput,
+ toolId: raw.toolCallId || baseId,
+ }));
+ continue;
+ }
+
+ if (raw.type === 'tool_result') {
+ normalized.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: raw.toolCallId || '',
+ content: raw.output === undefined ? '' : String(raw.output),
+ isError: Boolean(raw.isError),
+ }));
+ continue;
+ }
+
+ const role = raw.message?.role || raw.role;
+ const content = raw.message?.content || raw.content;
+ if (!role || !content) {
+ continue;
+ }
+
+ const normalizedRole = role === 'user' ? 'user' : 'assistant';
+
+ if (Array.isArray(content)) {
+ for (let partIdx = 0; partIdx < content.length; partIdx++) {
+ const part = content[partIdx] as AnyRecord | string;
+
+ if (typeof part === 'string' && part.trim()) {
+ normalized.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: normalizedRole,
+ content: part,
+ }));
+ continue;
+ }
+
+ if (!part || typeof part !== 'object') {
+ continue;
+ }
+
+ if ((part.type === 'text' || !part.type) && typeof part.text === 'string' && part.text.trim()) {
+ normalized.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: normalizedRole,
+ content: part.text,
+ }));
+ } else if (part.type === 'tool_use') {
+ normalized.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_use',
+ toolName: part.name,
+ toolInput: part.input,
+ toolId: part.id || generateMessageId('gemini_tool'),
+ }));
+ } else if (part.type === 'tool_result') {
+ normalized.push(createNormalizedMessage({
+ id: `${baseId}_${partIdx}`,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'tool_result',
+ toolId: part.tool_use_id || '',
+ content: part.content === undefined ? '' : String(part.content),
+ isError: Boolean(part.is_error),
+ }));
+ }
+ }
+ } else if (typeof content === 'string' && content.trim()) {
+ normalized.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: normalizedRole,
+ content,
+ }));
+ } else {
+ const textContent = extractGeminiTextContent(content);
+ if (textContent.trim()) {
+ normalized.push(createNormalizedMessage({
+ id: baseId,
+ sessionId,
+ timestamp: ts,
+ provider: PROVIDER,
+ kind: 'text',
+ role: normalizedRole,
+ content: textContent,
+ }));
+ }
+ }
+ }
+
+ const toolResultMap = new Map();
+ for (const msg of normalized) {
+ if (msg.kind === 'tool_result' && msg.toolId) {
+ toolResultMap.set(msg.toolId, msg);
+ }
+ }
+ for (const msg of normalized) {
+ if (msg.kind === 'tool_use' && msg.toolId && toolResultMap.has(msg.toolId)) {
+ const toolResult = toolResultMap.get(msg.toolId);
+ if (toolResult) {
+ msg.toolResult = { content: toolResult.content, isError: toolResult.isError };
+ }
+ }
+ }
+
+ const start = Math.max(0, offset);
+ const pageLimit = limit === null ? null : Math.max(0, limit);
+ const messages = pageLimit === null
+ ? normalized.slice(start)
+ : normalized.slice(start, start + pageLimit);
+
+ return {
+ messages,
+ total: normalized.length,
+ hasMore: pageLimit === null ? false : start + pageLimit < normalized.length,
+ offset: start,
+ limit: pageLimit,
+ tokenUsage: result.tokenUsage,
+ };
+ }
+}
diff --git a/server/modules/providers/list/gemini/gemini.provider.ts b/server/modules/providers/list/gemini/gemini.provider.ts
new file mode 100644
index 00000000..2fb8a7c2
--- /dev/null
+++ b/server/modules/providers/list/gemini/gemini.provider.ts
@@ -0,0 +1,17 @@
+import { AbstractProvider } from '@/modules/providers/shared/base/abstract.provider.js';
+import { GeminiProviderAuth } from '@/modules/providers/list/gemini/gemini-auth.provider.js';
+import { GeminiMcpProvider } from '@/modules/providers/list/gemini/gemini-mcp.provider.js';
+import { GeminiSessionSynchronizer } from '@/modules/providers/list/gemini/gemini-session-synchronizer.provider.js';
+import { GeminiSessionsProvider } from '@/modules/providers/list/gemini/gemini-sessions.provider.js';
+import type { IProviderAuth, IProviderSessionSynchronizer, IProviderSessions } from '@/shared/interfaces.js';
+
+export class GeminiProvider extends AbstractProvider {
+ readonly mcp = new GeminiMcpProvider();
+ readonly auth: IProviderAuth = new GeminiProviderAuth();
+ readonly sessions: IProviderSessions = new GeminiSessionsProvider();
+ readonly sessionSynchronizer: IProviderSessionSynchronizer = new GeminiSessionSynchronizer();
+
+ constructor() {
+ super('gemini');
+ }
+}
diff --git a/server/modules/providers/provider.registry.ts b/server/modules/providers/provider.registry.ts
new file mode 100644
index 00000000..2f959b22
--- /dev/null
+++ b/server/modules/providers/provider.registry.ts
@@ -0,0 +1,36 @@
+import { ClaudeProvider } from '@/modules/providers/list/claude/claude.provider.js';
+import { CodexProvider } from '@/modules/providers/list/codex/codex.provider.js';
+import { CursorProvider } from '@/modules/providers/list/cursor/cursor.provider.js';
+import { GeminiProvider } from '@/modules/providers/list/gemini/gemini.provider.js';
+import type { IProvider } from '@/shared/interfaces.js';
+import type { LLMProvider } from '@/shared/types.js';
+import { AppError } from '@/shared/utils.js';
+
+const providers: Record = {
+ claude: new ClaudeProvider(),
+ codex: new CodexProvider(),
+ cursor: new CursorProvider(),
+ gemini: new GeminiProvider(),
+};
+
+/**
+ * Central registry for resolving concrete provider implementations by id.
+ */
+export const providerRegistry = {
+ listProviders(): IProvider[] {
+ return Object.values(providers);
+ },
+
+ resolveProvider(provider: string): IProvider {
+ const key = provider as LLMProvider;
+ const resolvedProvider = providers[key];
+ if (!resolvedProvider) {
+ throw new AppError(`Unsupported provider "${provider}".`, {
+ code: 'UNSUPPORTED_PROVIDER',
+ statusCode: 400,
+ });
+ }
+
+ return resolvedProvider;
+ },
+};
diff --git a/server/modules/providers/provider.routes.ts b/server/modules/providers/provider.routes.ts
new file mode 100644
index 00000000..af6d16d6
--- /dev/null
+++ b/server/modules/providers/provider.routes.ts
@@ -0,0 +1,425 @@
+import express, { type Request, type Response } from 'express';
+
+import { providerAuthService } from '@/modules/providers/services/provider-auth.service.js';
+import { providerMcpService } from '@/modules/providers/services/mcp.service.js';
+import { sessionConversationsSearchService } from '@/modules/providers/services/session-conversations-search.service.js';
+import { sessionsService } from '@/modules/providers/services/sessions.service.js';
+import type { LLMProvider, McpScope, McpTransport, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import { AppError, asyncHandler, createApiSuccessResponse } from '@/shared/utils.js';
+
+const router = express.Router();
+
+const readPathParam = (value: unknown, name: string): string => {
+ if (typeof value === 'string') {
+ return value;
+ }
+
+ if (Array.isArray(value) && typeof value[0] === 'string') {
+ return value[0];
+ }
+
+ throw new AppError(`${name} path parameter is invalid.`, {
+ code: 'INVALID_PATH_PARAMETER',
+ statusCode: 400,
+ });
+};
+
+const normalizeProviderParam = (value: unknown): string =>
+ readPathParam(value, 'provider').trim().toLowerCase();
+
+const SESSION_ID_PATTERN = /^[a-zA-Z0-9._-]{1,120}$/;
+
+const parseSessionId = (value: unknown): string => {
+ const sessionId = readPathParam(value, 'sessionId').trim();
+ if (!SESSION_ID_PATTERN.test(sessionId)) {
+ throw new AppError('Invalid sessionId.', {
+ code: 'INVALID_SESSION_ID',
+ statusCode: 400,
+ });
+ }
+
+ return sessionId;
+};
+
+const readOptionalQueryString = (value: unknown): string | undefined => {
+ if (typeof value !== 'string') {
+ return undefined;
+ }
+
+ const normalized = value.trim();
+ return normalized.length > 0 ? normalized : undefined;
+};
+
+const parseOptionalBooleanQuery = (value: unknown, name: string): boolean | undefined => {
+ if (value === undefined) {
+ return undefined;
+ }
+
+ const normalized = readOptionalQueryString(value);
+ if (!normalized) {
+ return undefined;
+ }
+
+ if (normalized === 'true') {
+ return true;
+ }
+ if (normalized === 'false') {
+ return false;
+ }
+
+ throw new AppError(`${name} must be "true" or "false".`, {
+ code: 'INVALID_QUERY_PARAMETER',
+ statusCode: 400,
+ });
+};
+
+const parseMcpScope = (value: unknown): McpScope | undefined => {
+ if (value === undefined) {
+ return undefined;
+ }
+
+ const normalized = readOptionalQueryString(value);
+ if (!normalized) {
+ return undefined;
+ }
+
+ if (normalized === 'user' || normalized === 'local' || normalized === 'project') {
+ return normalized;
+ }
+
+ throw new AppError(`Unsupported MCP scope "${normalized}".`, {
+ code: 'INVALID_MCP_SCOPE',
+ statusCode: 400,
+ });
+};
+
+const parseMcpTransport = (value: unknown): McpTransport => {
+ const normalized = readOptionalQueryString(value);
+ if (!normalized) {
+ throw new AppError('transport is required.', {
+ code: 'MCP_TRANSPORT_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ if (normalized === 'stdio' || normalized === 'http' || normalized === 'sse') {
+ return normalized;
+ }
+
+ throw new AppError(`Unsupported MCP transport "${normalized}".`, {
+ code: 'INVALID_MCP_TRANSPORT',
+ statusCode: 400,
+ });
+};
+
+const parseMcpUpsertPayload = (payload: unknown): UpsertProviderMcpServerInput => {
+ if (!payload || typeof payload !== 'object') {
+ throw new AppError('Request body must be an object.', {
+ code: 'INVALID_REQUEST_BODY',
+ statusCode: 400,
+ });
+ }
+
+ const body = payload as Record;
+ const name = readOptionalQueryString(body.name);
+ if (!name) {
+ throw new AppError('name is required.', {
+ code: 'MCP_NAME_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ const transport = parseMcpTransport(body.transport);
+ const scope = parseMcpScope(body.scope);
+ const workspacePath = readOptionalQueryString(body.workspacePath);
+
+ return {
+ name,
+ transport,
+ scope,
+ workspacePath,
+ command: readOptionalQueryString(body.command),
+ args: Array.isArray(body.args) ? body.args.filter((entry): entry is string => typeof entry === 'string') : undefined,
+ env: typeof body.env === 'object' && body.env !== null
+ ? Object.fromEntries(
+ Object.entries(body.env as Record).filter(
+ (entry): entry is [string, string] => typeof entry[1] === 'string',
+ ),
+ )
+ : undefined,
+ cwd: readOptionalQueryString(body.cwd),
+ url: readOptionalQueryString(body.url),
+ headers: typeof body.headers === 'object' && body.headers !== null
+ ? Object.fromEntries(
+ Object.entries(body.headers as Record).filter(
+ (entry): entry is [string, string] => typeof entry[1] === 'string',
+ ),
+ )
+ : undefined,
+ envVars: Array.isArray(body.envVars)
+ ? body.envVars.filter((entry): entry is string => typeof entry === 'string')
+ : undefined,
+ bearerTokenEnvVar: readOptionalQueryString(body.bearerTokenEnvVar),
+ envHttpHeaders: typeof body.envHttpHeaders === 'object' && body.envHttpHeaders !== null
+ ? Object.fromEntries(
+ Object.entries(body.envHttpHeaders as Record).filter(
+ (entry): entry is [string, string] => typeof entry[1] === 'string',
+ ),
+ )
+ : undefined,
+ };
+};
+
+const parseProvider = (value: unknown): LLMProvider => {
+ const normalized = normalizeProviderParam(value);
+ if (normalized === 'claude' || normalized === 'codex' || normalized === 'cursor' || normalized === 'gemini') {
+ return normalized;
+ }
+
+ throw new AppError(`Unsupported provider "${normalized}".`, {
+ code: 'UNSUPPORTED_PROVIDER',
+ statusCode: 400,
+ });
+};
+
+const parseSessionRenameSummary = (payload: unknown): string => {
+ if (!payload || typeof payload !== 'object') {
+ throw new AppError('Request body must be an object.', {
+ code: 'INVALID_REQUEST_BODY',
+ statusCode: 400,
+ });
+ }
+
+ const body = payload as Record;
+ const summary = typeof body.summary === 'string' ? body.summary.trim() : '';
+ if (!summary) {
+ throw new AppError('Summary is required.', {
+ code: 'INVALID_SESSION_SUMMARY',
+ statusCode: 400,
+ });
+ }
+
+ if (summary.length > 500) {
+ throw new AppError('Summary must not exceed 500 characters.', {
+ code: 'INVALID_SESSION_SUMMARY',
+ statusCode: 400,
+ });
+ }
+
+ return summary;
+};
+
+const parseSessionSearchQuery = (value: unknown): string => {
+ const query = readOptionalQueryString(value) ?? '';
+ if (query.length < 2) {
+ throw new AppError('Query must be at least 2 characters', {
+ code: 'INVALID_SEARCH_QUERY',
+ statusCode: 400,
+ });
+ }
+
+ return query;
+};
+
+const parseSessionSearchLimit = (value: unknown): number => {
+ const raw = readOptionalQueryString(value);
+ if (!raw) {
+ return 50;
+ }
+
+ const parsed = Number.parseInt(raw, 10);
+ if (Number.isNaN(parsed)) {
+ throw new AppError('limit must be a valid integer.', {
+ code: 'INVALID_QUERY_PARAMETER',
+ statusCode: 400,
+ });
+ }
+
+ return Math.max(1, Math.min(parsed, 100));
+};
+
+router.get(
+ '/:provider/auth/status',
+ asyncHandler(async (req: Request, res: Response) => {
+ const provider = parseProvider(req.params.provider);
+ const status = await providerAuthService.getProviderAuthStatus(provider);
+ res.json(createApiSuccessResponse(status));
+ }),
+);
+
+// ----------------- MCP routes -----------------
+router.get(
+ '/:provider/mcp/servers',
+ asyncHandler(async (req: Request, res: Response) => {
+ const provider = parseProvider(req.params.provider);
+ const workspacePath = readOptionalQueryString(req.query.workspacePath);
+ const scope = parseMcpScope(req.query.scope);
+
+ if (scope) {
+ const servers = await providerMcpService.listProviderMcpServersForScope(provider, scope, { workspacePath });
+ res.json(createApiSuccessResponse({ provider, scope, servers }));
+ return;
+ }
+
+ const groupedServers = await providerMcpService.listProviderMcpServers(provider, { workspacePath });
+ res.json(createApiSuccessResponse({ provider, scopes: groupedServers }));
+ }),
+);
+
+router.post(
+ '/:provider/mcp/servers',
+ asyncHandler(async (req: Request, res: Response) => {
+ const provider = parseProvider(req.params.provider);
+ const payload = parseMcpUpsertPayload(req.body);
+ const server = await providerMcpService.upsertProviderMcpServer(provider, payload);
+ res.status(201).json(createApiSuccessResponse({ server }));
+ }),
+);
+
+router.delete(
+ '/:provider/mcp/servers/:name',
+ asyncHandler(async (req: Request, res: Response) => {
+ const provider = parseProvider(req.params.provider);
+ const scope = parseMcpScope(req.query.scope);
+ const workspacePath = readOptionalQueryString(req.query.workspacePath);
+ const result = await providerMcpService.removeProviderMcpServer(provider, {
+ name: readPathParam(req.params.name, 'name'),
+ scope,
+ workspacePath,
+ });
+ res.json(createApiSuccessResponse(result));
+ }),
+);
+
+router.post(
+ '/mcp/servers/global',
+ asyncHandler(async (req: Request, res: Response) => {
+ const payload = parseMcpUpsertPayload(req.body);
+ if (payload.scope === 'local') {
+ throw new AppError('Global MCP add supports only "user" or "project" scopes.', {
+ code: 'INVALID_GLOBAL_MCP_SCOPE',
+ statusCode: 400,
+ });
+ }
+
+ const results = await providerMcpService.addMcpServerToAllProviders({
+ ...payload,
+ scope: payload.scope === 'user' ? 'user' : 'project',
+ });
+ res.status(201).json(createApiSuccessResponse({ results }));
+ }),
+);
+
+// ----------------- Session routes -----------------
+router.delete(
+ '/sessions/:sessionId',
+ asyncHandler(async (req: Request, res: Response) => {
+ const sessionId = parseSessionId(req.params.sessionId);
+ const deletedFromDisk = parseOptionalBooleanQuery(req.query.deletedFromDisk, 'deletedFromDisk') ?? false;
+ const result = await sessionsService.deleteSessionById(sessionId, deletedFromDisk);
+ res.json(createApiSuccessResponse(result));
+ }),
+);
+
+router.put(
+ '/sessions/:sessionId',
+ asyncHandler(async (req: Request, res: Response) => {
+ const sessionId = parseSessionId(req.params.sessionId);
+ const summary = parseSessionRenameSummary(req.body);
+ const result = sessionsService.renameSessionById(sessionId, summary);
+ res.json(createApiSuccessResponse(result));
+ }),
+);
+
+router.get(
+ '/sessions/:sessionId/messages',
+ asyncHandler(async (req: Request, res: Response) => {
+ const sessionId = parseSessionId(req.params.sessionId);
+ const limitRaw = readOptionalQueryString(req.query.limit);
+ const offsetRaw = readOptionalQueryString(req.query.offset);
+
+ let limit: number | null = null;
+ if (limitRaw !== undefined) {
+ const parsedLimit = Number.parseInt(limitRaw, 10);
+ if (Number.isNaN(parsedLimit) || parsedLimit < 0) {
+ throw new AppError('limit must be a non-negative integer.', {
+ code: 'INVALID_QUERY_PARAMETER',
+ statusCode: 400,
+ });
+ }
+ limit = parsedLimit;
+ }
+
+ let offset = 0;
+ if (offsetRaw !== undefined) {
+ const parsedOffset = Number.parseInt(offsetRaw, 10);
+ if (Number.isNaN(parsedOffset) || parsedOffset < 0) {
+ throw new AppError('offset must be a non-negative integer.', {
+ code: 'INVALID_QUERY_PARAMETER',
+ statusCode: 400,
+ });
+ }
+ offset = parsedOffset;
+ }
+
+ const result = await sessionsService.fetchHistory(sessionId, {
+ limit,
+ offset,
+ });
+ res.json(result);
+ }),
+);
+
+router.get('/search/sessions', asyncHandler(async (req: Request, res: Response) => {
+ const query = parseSessionSearchQuery(req.query.q);
+ const limit = parseSessionSearchLimit(req.query.limit);
+
+ res.writeHead(200, {
+ 'Content-Type': 'text/event-stream',
+ 'Cache-Control': 'no-cache',
+ Connection: 'keep-alive',
+ 'X-Accel-Buffering': 'no',
+ });
+
+ let closed = false;
+ const abortController = new AbortController();
+ req.on('close', () => {
+ closed = true;
+ abortController.abort();
+ });
+
+ try {
+ await sessionConversationsSearchService.search({
+ query,
+ limit,
+ signal: abortController.signal,
+ onProgress: ({ projectResult, totalMatches, scannedProjects, totalProjects }) => {
+ if (closed) {
+ return;
+ }
+
+ if (projectResult) {
+ res.write(`event: result\ndata: ${JSON.stringify({ projectResult, totalMatches, scannedProjects, totalProjects })}\n\n`);
+ return;
+ }
+
+ res.write(`event: progress\ndata: ${JSON.stringify({ totalMatches, scannedProjects, totalProjects })}\n\n`);
+ },
+ });
+
+ if (!closed) {
+ res.write('event: done\ndata: {}\n\n');
+ }
+ } catch (error) {
+ console.error('Error searching conversations:', error);
+ if (!closed) {
+ res.write(`event: error\ndata: ${JSON.stringify({ error: 'Search failed' })}\n\n`);
+ }
+ } finally {
+ if (!closed) {
+ res.end();
+ }
+ }
+}));
+
+export default router;
diff --git a/server/modules/providers/services/mcp.service.ts b/server/modules/providers/services/mcp.service.ts
new file mode 100644
index 00000000..bffb52de
--- /dev/null
+++ b/server/modules/providers/services/mcp.service.ts
@@ -0,0 +1,94 @@
+import os from 'node:os';
+
+import { providerRegistry } from '@/modules/providers/provider.registry.js';
+import type { LLMProvider, McpScope, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import { AppError } from '@/shared/utils.js';
+
+/** Cursor MCP is not supported on Windows hosts (no Cursor CLI integration). */
+function includeProviderInGlobalMcp(providerId: LLMProvider): boolean {
+ if (providerId === 'cursor' && os.platform() === 'win32') {
+ return false;
+ }
+
+ return true;
+}
+
+
+export const providerMcpService = {
+ /**
+ * Lists MCP servers for one provider grouped by supported scopes.
+ */
+ async listProviderMcpServers(
+ providerName: string,
+ options?: { workspacePath?: string },
+ ): Promise> {
+ const provider = providerRegistry.resolveProvider(providerName);
+ return provider.mcp.listServers(options);
+ },
+
+ /**
+ * Lists MCP servers for one provider scope.
+ */
+ async listProviderMcpServersForScope(
+ providerName: string,
+ scope: McpScope,
+ options?: { workspacePath?: string },
+ ): Promise {
+ const provider = providerRegistry.resolveProvider(providerName);
+ return provider.mcp.listServersForScope(scope, options);
+ },
+
+ /**
+ * Adds or updates one provider MCP server.
+ */
+ async upsertProviderMcpServer(
+ providerName: string,
+ input: UpsertProviderMcpServerInput,
+ ): Promise {
+ const provider = providerRegistry.resolveProvider(providerName);
+ return provider.mcp.upsertServer(input);
+ },
+
+ /**
+ * Removes one provider MCP server.
+ */
+ async removeProviderMcpServer(
+ providerName: string,
+ input: { name: string; scope?: McpScope; workspacePath?: string },
+ ): Promise<{ removed: boolean; provider: LLMProvider; name: string; scope: McpScope }> {
+ const provider = providerRegistry.resolveProvider(providerName);
+ return provider.mcp.removeServer(input);
+ },
+
+ /**
+ * Adds one HTTP/stdio MCP server to every provider.
+ */
+ async addMcpServerToAllProviders(
+ input: Omit & { scope?: Exclude },
+ ): Promise> {
+ if (input.transport !== 'stdio' && input.transport !== 'http') {
+ throw new AppError('Global MCP add supports only "stdio" and "http".', {
+ code: 'INVALID_GLOBAL_MCP_TRANSPORT',
+ statusCode: 400,
+ });
+ }
+
+ const scope = input.scope ?? 'project';
+ const results: Array<{ provider: LLMProvider; created: boolean; error?: string }> = [];
+ const providers = providerRegistry.listProviders().filter((p) => includeProviderInGlobalMcp(p.id));
+ for (const provider of providers) {
+ try {
+ await provider.mcp.upsertServer({ ...input, scope });
+ results.push({ provider: provider.id, created: true });
+ } catch (error) {
+ results.push({
+ provider: provider.id,
+ created: false,
+ error: error instanceof Error ? error.message : 'Unknown error',
+ });
+ }
+ }
+
+ return results;
+ },
+};
diff --git a/server/modules/providers/services/provider-auth.service.ts b/server/modules/providers/services/provider-auth.service.ts
new file mode 100644
index 00000000..e763aaed
--- /dev/null
+++ b/server/modules/providers/services/provider-auth.service.ts
@@ -0,0 +1,26 @@
+import { providerRegistry } from '@/modules/providers/provider.registry.js';
+import type { LLMProvider, ProviderAuthStatus } from '@/shared/types.js';
+
+export const providerAuthService = {
+ /**
+ * Resolves a provider and returns its installation/authentication status.
+ */
+ async getProviderAuthStatus(providerName: string): Promise {
+ const provider = providerRegistry.resolveProvider(providerName);
+ return provider.auth.getStatus();
+ },
+
+ /**
+ * Returns whether a provider runtime appears installed.
+ * Falls back to true if status lookup itself fails so callers preserve the
+ * original runtime error instead of replacing it with a status-check failure.
+ */
+ async isProviderInstalled(providerName: LLMProvider): Promise {
+ try {
+ const status = await this.getProviderAuthStatus(providerName);
+ return status.installed;
+ } catch {
+ return true;
+ }
+ },
+};
diff --git a/server/modules/providers/services/session-conversations-search.service.ts b/server/modules/providers/services/session-conversations-search.service.ts
new file mode 100644
index 00000000..afc8bdac
--- /dev/null
+++ b/server/modules/providers/services/session-conversations-search.service.ts
@@ -0,0 +1,1167 @@
+import fsSync, { promises as fs } from 'node:fs';
+import path from 'node:path';
+import readline from 'node:readline';
+
+import { spawn } from 'cross-spawn';
+import { rgPath } from '@vscode/ripgrep';
+
+import { projectsDb, sessionsDb } from '@/modules/database/index.js';
+
+type AnyRecord = Record;
+type SearchableProvider = 'claude' | 'codex' | 'gemini';
+
+type SearchSnippetHighlight = {
+ start: number;
+ end: number;
+};
+
+type SessionConversationMatch = {
+ role: string;
+ snippet: string;
+ highlights: SearchSnippetHighlight[];
+ timestamp: string | null;
+ provider: SearchableProvider;
+ messageUuid?: string | null;
+};
+
+type SessionConversationResult = {
+ sessionId: string;
+ provider: SearchableProvider;
+ sessionSummary: string;
+ matches: SessionConversationMatch[];
+};
+
+type ProjectConversationResult = {
+ projectId: string | null;
+ projectName: string;
+ projectDisplayName: string;
+ sessions: SessionConversationResult[];
+};
+
+export type SessionConversationSearchProgressUpdate = {
+ projectResult: ProjectConversationResult | null;
+ totalMatches: number;
+ scannedProjects: number;
+ totalProjects: number;
+};
+
+type SearchSessionConversationsInput = {
+ query: string;
+ limit: number;
+ signal?: AbortSignal;
+ onProgress?: (update: SessionConversationSearchProgressUpdate) => void;
+};
+
+type SessionRepositoryRow = ReturnType[number];
+type SearchableSessionRow = SessionRepositoryRow & {
+ provider: SearchableProvider;
+ jsonl_path: string;
+};
+
+type SearchRuntime = {
+ matchesQuery: (text: string) => boolean;
+ buildSnippet: (text: string) => { snippet: string; highlights: SearchSnippetHighlight[] };
+ limit: number;
+ totalMatches: number;
+ isAborted: () => boolean;
+ matchedSessionKeys: Set;
+ claudeSessionsByFileKey: Map;
+ claudeFileResultsCache: Map>;
+};
+
+type SearchablePathEntry = {
+ normalizedPath: string;
+ absolutePath: string;
+};
+
+type ProjectBucket = {
+ key: string;
+ projectId: string | null;
+ projectName: string;
+ projectDisplayName: string;
+ sessions: SearchableSessionRow[];
+};
+
+const SUPPORTED_PROVIDERS = new Set(['claude', 'codex', 'gemini']);
+const MAX_MATCHES_PER_SESSION = 2;
+const RIPGREP_FILE_CHUNK_SIZE = 40;
+const RIPGREP_CHUNK_CONCURRENCY = 6;
+const UNKNOWN_PROJECT_KEY = '__unknown_project__';
+
+const INTERNAL_CONTENT_PREFIXES = [
+ '',
+ '',
+ '',
+ '',
+ '',
+ 'Caveat:',
+ 'This session is being continued from a previous',
+ 'Invalid API key',
+ '[Request interrupted',
+] as const;
+
+/**
+ * Codex includes extra internal metadata tags that should not surface as
+ * user-facing searchable conversation content.
+ */
+const CODEX_INTERNAL_CONTENT_PREFIXES = [
+ '',
+ '',
+] as const;
+
+function normalizeComparablePath(inputPath: string): string {
+ if (!inputPath || typeof inputPath !== 'string') {
+ return '';
+ }
+
+ const withoutLongPathPrefix = inputPath.startsWith('\\\\?\\')
+ ? inputPath.slice(4)
+ : inputPath;
+ const normalized = path.normalize(withoutLongPathPrefix.trim());
+ if (!normalized) {
+ return '';
+ }
+
+ const resolved = path.resolve(normalized);
+ return process.platform === 'win32' ? resolved.toLowerCase() : resolved;
+}
+
+function chunkArray(items: TItem[], size: number): TItem[][] {
+ if (size <= 0) {
+ return [items];
+ }
+
+ const chunks: TItem[][] = [];
+ for (let idx = 0; idx < items.length; idx += size) {
+ chunks.push(items.slice(idx, idx + size));
+ }
+ return chunks;
+}
+
+function getSessionKey(session: Pick): string {
+ return `${session.provider}:${session.session_id}`;
+}
+
+function makeProjectKey(projectPath: string | null): string {
+ const normalized = typeof projectPath === 'string' ? projectPath.trim() : '';
+ return normalized.length > 0 ? normalized : UNKNOWN_PROJECT_KEY;
+}
+
+function toSummaryText(customName: string | null, fallback: string | null | undefined, emptyLabel: string): string {
+ const trimmedCustomName = typeof customName === 'string' ? customName.trim() : '';
+ if (trimmedCustomName) {
+ return trimmedCustomName;
+ }
+
+ const trimmedFallback = typeof fallback === 'string' ? fallback.trim() : '';
+ if (!trimmedFallback) {
+ return emptyLabel;
+ }
+
+ return trimmedFallback.length > 50 ? `${trimmedFallback.slice(0, 50)}...` : trimmedFallback;
+}
+
+function isInternalContent(content: string): boolean {
+ return INTERNAL_CONTENT_PREFIXES.some((prefix) => content.startsWith(prefix));
+}
+
+function isInternalCodexContent(content: string): boolean {
+ const normalized = content.trimStart();
+ return CODEX_INTERNAL_CONTENT_PREFIXES.some((prefix) => normalized.startsWith(prefix));
+}
+
+function escapeRegex(value: string): string {
+ return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+function createWordMatcher(
+ rawQuery: string,
+ words: string[],
+): Pick {
+ const normalizedQuery = rawQuery.trim().replace(/\s+/g, ' ');
+ const requireExactPhrase = words.length > 1 && normalizedQuery.length > 0;
+ const wordPatterns = words.map((word) => new RegExp(`(? escapeRegex(word)).join('\\s+');
+ const phraseRegex = new RegExp(phrasePattern, 'iu');
+
+ const allWordsMatch = (textLower: string): boolean =>
+ wordPatterns.every((pattern) => pattern.test(textLower));
+
+ const matchesQuery = (text: string): boolean => {
+ if (typeof text !== 'string' || text.length === 0) {
+ return false;
+ }
+
+ if (requireExactPhrase) {
+ return phraseRegex.test(text);
+ }
+
+ if (phraseRegex.test(text)) {
+ return true;
+ }
+
+ if (words.length === 1) {
+ return allWordsMatch(text.toLowerCase());
+ }
+
+ return allWordsMatch(text.toLowerCase());
+ };
+
+ const buildSnippet = (
+ text: string,
+ snippetLen = 150,
+ ): { snippet: string; highlights: SearchSnippetHighlight[] } => {
+ const textLower = text.toLowerCase();
+ let firstIndex = -1;
+ let firstWordLen = 0;
+ let phraseStart = -1;
+ let phraseLength = 0;
+
+ const phraseMatch = phraseRegex.exec(text);
+ if (phraseMatch) {
+ phraseStart = phraseMatch.index;
+ phraseLength = phraseMatch[0].length;
+ firstIndex = phraseStart;
+ firstWordLen = phraseLength;
+ }
+
+ if (firstIndex === -1) {
+ for (const word of words) {
+ const regex = new RegExp(`(? 0 ? '...' : '';
+ const suffix = end < text.length ? '...' : '';
+ const snippetBody = text.slice(start, end).replace(/\n/g, ' ');
+ const snippet = `${prefix}${snippetBody}${suffix}`;
+
+ const snippetLower = snippet.toLowerCase();
+ const highlights: SearchSnippetHighlight[] = [];
+
+ if (phraseStart >= start && phraseStart + phraseLength <= end) {
+ const phraseOffset = prefix.length + (phraseStart - start);
+ highlights.push({
+ start: phraseOffset,
+ end: phraseOffset + phraseLength,
+ });
+ }
+
+ if (!requireExactPhrase) {
+ for (const word of words) {
+ const regex = new RegExp(`(? left.start - right.start);
+ const merged: SearchSnippetHighlight[] = [];
+ for (const highlight of highlights) {
+ const previous = merged[merged.length - 1];
+ if (previous && highlight.start <= previous.end) {
+ previous.end = Math.max(previous.end, highlight.end);
+ } else {
+ merged.push({ ...highlight });
+ }
+ }
+
+ return { snippet, highlights: merged };
+ };
+
+ return { matchesQuery, buildSnippet };
+}
+
+function extractClaudeText(content: unknown): string {
+ if (typeof content === 'string') {
+ return content;
+ }
+
+ if (!Array.isArray(content)) {
+ return '';
+ }
+
+ return content
+ .filter((part: AnyRecord) => part?.type === 'text' && typeof part?.text === 'string')
+ .map((part: AnyRecord) => String(part.text))
+ .join(' ');
+}
+
+function extractCodexText(content: unknown): string {
+ if (typeof content === 'string') {
+ return content;
+ }
+
+ if (!Array.isArray(content)) {
+ return '';
+ }
+
+ return content
+ .map((item) => {
+ if (!item || typeof item !== 'object') {
+ return '';
+ }
+
+ const record = item as AnyRecord;
+ if (
+ (record.type === 'input_text' || record.type === 'output_text' || record.type === 'text')
+ && typeof record.text === 'string'
+ ) {
+ return record.text;
+ }
+
+ return '';
+ })
+ .filter(Boolean)
+ .join(' ');
+}
+
+function extractGeminiText(content: unknown): string {
+ if (typeof content === 'string') {
+ return content;
+ }
+
+ if (!Array.isArray(content)) {
+ return '';
+ }
+
+ return content
+ .filter((part: AnyRecord) => typeof part?.text === 'string')
+ .map((part: AnyRecord) => String(part.text))
+ .join(' ');
+}
+
+function normalizeSearchableSessions(rows: SessionRepositoryRow[]): SearchableSessionRow[] {
+ const normalizedRows: SearchableSessionRow[] = [];
+
+ for (const row of rows) {
+ const provider = row.provider as SearchableProvider;
+ if (!SUPPORTED_PROVIDERS.has(provider)) {
+ continue;
+ }
+
+ const rawJsonlPath = typeof row.jsonl_path === 'string' ? row.jsonl_path.trim() : '';
+ if (!rawJsonlPath) {
+ continue;
+ }
+
+ const absoluteJsonlPath = path.resolve(rawJsonlPath);
+ if (!fsSync.existsSync(absoluteJsonlPath)) {
+ continue;
+ }
+
+ normalizedRows.push({
+ ...row,
+ provider,
+ jsonl_path: absoluteJsonlPath,
+ });
+ }
+
+ return normalizedRows;
+}
+
+function buildProjectBuckets(searchableSessions: SearchableSessionRow[]): ProjectBucket[] {
+ const projectBuckets = new Map();
+ const projectMetadataCache = new Map();
+
+ for (const session of searchableSessions) {
+ const key = makeProjectKey(session.project_path);
+ if (!projectBuckets.has(key)) {
+ if (!projectMetadataCache.has(key)) {
+ if (key === UNKNOWN_PROJECT_KEY) {
+ projectMetadataCache.set(key, {
+ projectId: null,
+ projectDisplayName: 'Unknown Project',
+ });
+ } else {
+ const projectRow = projectsDb.getProjectPath(key);
+ const customProjectName = typeof projectRow?.custom_project_name === 'string'
+ ? projectRow.custom_project_name.trim()
+ : '';
+ const displayName = customProjectName || path.basename(key) || key;
+
+ projectMetadataCache.set(key, {
+ projectId: projectRow?.project_id ?? null,
+ projectDisplayName: displayName,
+ });
+ }
+ }
+
+ const metadata = projectMetadataCache.get(key) as { projectId: string | null; projectDisplayName: string };
+ projectBuckets.set(key, {
+ key,
+ projectId: metadata.projectId,
+ projectName: key,
+ projectDisplayName: metadata.projectDisplayName,
+ sessions: [],
+ });
+ }
+
+ const bucket = projectBuckets.get(key) as ProjectBucket;
+ bucket.sessions.push(session);
+ }
+
+ const buckets = Array.from(projectBuckets.values());
+ for (const bucket of buckets) {
+ bucket.sessions.sort((left, right) => {
+ const leftTs = new Date(left.updated_at || left.created_at || 0).getTime();
+ const rightTs = new Date(right.updated_at || right.created_at || 0).getTime();
+ return rightTs - leftTs;
+ });
+ }
+
+ return buckets;
+}
+
+/**
+ * Executes ripgrep with the file list explicitly provided from sessionsDb jsonl paths.
+ *
+ * This avoids recursive directory walks and uses a fixed known candidate list.
+ */
+async function runRipgrepFilesWithMatches(
+ pattern: string,
+ filePaths: string[],
+ signal?: AbortSignal,
+): Promise> {
+ if (!pattern || filePaths.length === 0 || signal?.aborted) {
+ return new Set();
+ }
+
+ return new Promise((resolve, reject) => {
+ const args = [
+ '--files-with-matches',
+ '--no-messages',
+ '--ignore-case',
+ '--fixed-strings',
+ '--',
+ pattern,
+ ...filePaths,
+ ];
+ const rg = spawn(rgPath, args, {
+ stdio: ['ignore', 'pipe', 'pipe'],
+ windowsHide: true,
+ });
+
+ const stdoutChunks: Buffer[] = [];
+ const stderrChunks: Buffer[] = [];
+ let aborted = false;
+
+ const abortListener = () => {
+ aborted = true;
+ rg.kill();
+ };
+
+ if (signal) {
+ signal.addEventListener('abort', abortListener, { once: true });
+ }
+
+ rg.stdout.on('data', (chunk: Buffer) => {
+ stdoutChunks.push(chunk);
+ });
+
+ rg.stderr.on('data', (chunk: Buffer) => {
+ stderrChunks.push(chunk);
+ });
+
+ rg.on('error', (error) => {
+ if (signal) {
+ signal.removeEventListener('abort', abortListener);
+ }
+
+ if (aborted || signal?.aborted) {
+ resolve(new Set());
+ return;
+ }
+
+ reject(error);
+ });
+
+ rg.on('close', (code) => {
+ if (signal) {
+ signal.removeEventListener('abort', abortListener);
+ }
+
+ if (aborted || signal?.aborted) {
+ resolve(new Set());
+ return;
+ }
+
+ if (code !== 0 && code !== 1) {
+ const stderr = Buffer.concat(stderrChunks).toString('utf8').trim();
+ reject(new Error(`ripgrep failed with code ${String(code)}: ${stderr}`));
+ return;
+ }
+
+ const stdout = Buffer.concat(stdoutChunks).toString('utf8');
+ const matchedPaths = new Set();
+
+ for (const line of stdout.split(/\r?\n/)) {
+ const trimmed = line.trim();
+ if (!trimmed) {
+ continue;
+ }
+
+ matchedPaths.add(normalizeComparablePath(trimmed));
+ }
+
+ resolve(matchedPaths);
+ });
+ });
+}
+
+async function findMatchedFileKeys(
+ searchablePathEntries: SearchablePathEntry[],
+ rawQuery: string,
+ words: string[],
+ signal?: AbortSignal,
+): Promise> {
+ if (searchablePathEntries.length === 0 || words.length === 0 || signal?.aborted) {
+ return new Set();
+ }
+
+ const normalizedQuery = rawQuery.trim().replace(/\s+/g, ' ');
+ const requireExactPhrase = words.length > 1 && normalizedQuery.length > 0;
+
+ if (requireExactPhrase) {
+ let matchedForPhrase = searchablePathEntries.slice();
+
+ // Keep ripgrep as an over-approximation for exact phrase mode by requiring
+ // each word to appear somewhere in the file, then defer strict phrase
+ // validation to the in-memory matcher.
+ for (const word of words) {
+ if (signal?.aborted) {
+ return new Set();
+ }
+
+ const matchedForWord = new Set();
+ const fileChunks = chunkArray(
+ matchedForPhrase.map((entry) => entry.absolutePath),
+ RIPGREP_FILE_CHUNK_SIZE,
+ );
+
+ let nextChunkIndex = 0;
+ const workerCount = Math.min(RIPGREP_CHUNK_CONCURRENCY, fileChunks.length);
+ const workers = Array.from({ length: workerCount }, async () => {
+ while (nextChunkIndex < fileChunks.length && !signal?.aborted) {
+ const currentIndex = nextChunkIndex;
+ nextChunkIndex += 1;
+ const chunkMatches = await runRipgrepFilesWithMatches(word, fileChunks[currentIndex], signal);
+ for (const matchedPath of chunkMatches) {
+ matchedForWord.add(matchedPath);
+ }
+ }
+ });
+
+ await Promise.all(workers);
+ if (signal?.aborted) {
+ return new Set();
+ }
+
+ matchedForPhrase = matchedForPhrase.filter((entry) => matchedForWord.has(entry.normalizedPath));
+ if (matchedForPhrase.length === 0) {
+ break;
+ }
+ }
+
+ return new Set(matchedForPhrase.map((entry) => entry.normalizedPath));
+ }
+
+ let remainingEntries = searchablePathEntries.slice();
+
+ // Run one ripgrep pass per term and intersect by keeping only files that
+ // matched every query word.
+ for (const word of words) {
+ if (signal?.aborted) {
+ return new Set();
+ }
+
+ const matchedForWord = new Set();
+ const fileChunks = chunkArray(
+ remainingEntries.map((entry) => entry.absolutePath),
+ RIPGREP_FILE_CHUNK_SIZE,
+ );
+
+ let nextChunkIndex = 0;
+ const workerCount = Math.min(RIPGREP_CHUNK_CONCURRENCY, fileChunks.length);
+
+ const workers = Array.from({ length: workerCount }, async () => {
+ while (nextChunkIndex < fileChunks.length && !signal?.aborted) {
+ const currentIndex = nextChunkIndex;
+ nextChunkIndex += 1;
+ const chunkMatches = await runRipgrepFilesWithMatches(word, fileChunks[currentIndex], signal);
+ for (const matchedPath of chunkMatches) {
+ matchedForWord.add(matchedPath);
+ }
+ }
+ });
+
+ await Promise.all(workers);
+ if (signal?.aborted) {
+ return new Set();
+ }
+
+ remainingEntries = remainingEntries.filter((entry) => matchedForWord.has(entry.normalizedPath));
+ if (remainingEntries.length === 0) {
+ break;
+ }
+ }
+
+ return new Set(remainingEntries.map((entry) => entry.normalizedPath));
+}
+
+function addSessionMatch(
+ runtime: SearchRuntime,
+ matches: SessionConversationMatch[],
+ match: SessionConversationMatch,
+): void {
+ if (runtime.totalMatches >= runtime.limit || matches.length >= MAX_MATCHES_PER_SESSION) {
+ return;
+ }
+
+ matches.push(match);
+ runtime.totalMatches += 1;
+}
+
+async function parseClaudeSessionMatches(
+ session: SearchableSessionRow,
+ runtime: SearchRuntime,
+): Promise {
+ const fileKey = normalizeComparablePath(session.jsonl_path);
+ if (!fileKey) {
+ return null;
+ }
+
+ if (!runtime.claudeFileResultsCache.has(fileKey)) {
+ const sessionsForFile = runtime.claudeSessionsByFileKey.get(fileKey) || [];
+ const matchedSessionsForFile = sessionsForFile.filter((candidate) =>
+ runtime.matchedSessionKeys.has(getSessionKey(candidate)),
+ );
+
+ const targetSessions = matchedSessionsForFile.length > 0
+ ? matchedSessionsForFile
+ : [session];
+
+ const targetSessionIds = new Set(targetSessions.map((candidate) => candidate.session_id));
+ const customNameBySessionId = new Map();
+ for (const candidate of targetSessions) {
+ customNameBySessionId.set(candidate.session_id, candidate.custom_name ?? null);
+ }
+
+ type ClaudeSessionSearchState = {
+ matches: SessionConversationMatch[];
+ pendingSummaries: Map;
+ fallbackUserText: string | null;
+ fallbackAssistantText: string | null;
+ resolvedSummary: string | null;
+ };
+
+ const sessionStateById = new Map();
+ const getSessionState = (sessionId: string): ClaudeSessionSearchState => {
+ if (!sessionStateById.has(sessionId)) {
+ sessionStateById.set(sessionId, {
+ matches: [],
+ pendingSummaries: new Map(),
+ fallbackUserText: null,
+ fallbackAssistantText: null,
+ resolvedSummary: null,
+ });
+ }
+ return sessionStateById.get(sessionId) as ClaudeSessionSearchState;
+ };
+
+ let currentSessionId: string | null = null;
+
+ try {
+ const fileStream = fsSync.createReadStream(session.jsonl_path);
+ const rl = readline.createInterface({ input: fileStream, crlfDelay: Infinity });
+
+ for await (const line of rl) {
+ if (runtime.totalMatches >= runtime.limit || runtime.isAborted()) {
+ break;
+ }
+ if (!line.trim()) {
+ continue;
+ }
+
+ let entry: AnyRecord;
+ try {
+ entry = JSON.parse(line) as AnyRecord;
+ } catch {
+ continue;
+ }
+
+ if (entry.sessionId) {
+ currentSessionId = String(entry.sessionId);
+ }
+ const entrySessionId = entry.sessionId
+ ? String(entry.sessionId)
+ : currentSessionId;
+ if (!entrySessionId || !targetSessionIds.has(entrySessionId)) {
+ continue;
+ }
+
+ const state = getSessionState(entrySessionId);
+
+ if (entry.type === 'summary' && entry.summary) {
+ const summaryValue = String(entry.summary);
+ if (entry.sessionId) {
+ state.resolvedSummary = summaryValue;
+ } else if (entry.leafUuid) {
+ state.pendingSummaries.set(String(entry.leafUuid), summaryValue);
+ }
+ }
+
+ if (!state.resolvedSummary && entry.parentUuid) {
+ const pendingSummary = state.pendingSummaries.get(String(entry.parentUuid));
+ if (pendingSummary) {
+ state.resolvedSummary = pendingSummary;
+ }
+ }
+
+ if (!entry.message?.content || entry.isApiErrorMessage) {
+ continue;
+ }
+
+ const role = entry.message.role;
+ if (role !== 'user' && role !== 'assistant') {
+ continue;
+ }
+
+ const text = extractClaudeText(entry.message.content);
+ if (!text || isInternalContent(text)) {
+ continue;
+ }
+
+ if (role === 'user') {
+ state.fallbackUserText = text;
+ } else {
+ state.fallbackAssistantText = text;
+ }
+
+ if (!runtime.matchesQuery(text)) {
+ continue;
+ }
+
+ const { snippet, highlights } = runtime.buildSnippet(text);
+ addSessionMatch(runtime, state.matches, {
+ role,
+ snippet,
+ highlights,
+ timestamp: entry.timestamp ? String(entry.timestamp) : null,
+ provider: 'claude',
+ messageUuid: entry.uuid ? String(entry.uuid) : null,
+ });
+ }
+ } catch {
+ runtime.claudeFileResultsCache.set(fileKey, new Map());
+ return null;
+ }
+
+ const fileResults = new Map();
+ for (const [sessionId, state] of sessionStateById.entries()) {
+ if (state.matches.length === 0) {
+ continue;
+ }
+
+ fileResults.set(sessionId, {
+ sessionId,
+ provider: 'claude',
+ sessionSummary: toSummaryText(
+ customNameBySessionId.get(sessionId) ?? null,
+ state.resolvedSummary || state.fallbackUserText || state.fallbackAssistantText,
+ 'New Session',
+ ),
+ matches: state.matches,
+ });
+ }
+
+ runtime.claudeFileResultsCache.set(fileKey, fileResults);
+ }
+
+ return runtime.claudeFileResultsCache.get(fileKey)?.get(session.session_id) ?? null;
+}
+
+function isVisibleCodexUserMessage(payload: AnyRecord | null | undefined): boolean {
+ if (!payload || payload.type !== 'user_message') {
+ return false;
+ }
+
+ if (payload.kind && payload.kind !== 'plain') {
+ return false;
+ }
+
+ return typeof payload.message === 'string' && payload.message.trim().length > 0;
+}
+
+async function parseCodexSessionMatches(
+ session: SearchableSessionRow,
+ runtime: SearchRuntime,
+): Promise {
+ const matches: SessionConversationMatch[] = [];
+ let latestUserMessageText: string | null = null;
+ const seenMessageFingerprints = new Set();
+
+ try {
+ const fileStream = fsSync.createReadStream(session.jsonl_path);
+ const rl = readline.createInterface({ input: fileStream, crlfDelay: Infinity });
+
+ for await (const line of rl) {
+ if (runtime.totalMatches >= runtime.limit || runtime.isAborted()) {
+ break;
+ }
+ if (!line.trim()) {
+ continue;
+ }
+
+ let entry: AnyRecord;
+ try {
+ entry = JSON.parse(line) as AnyRecord;
+ } catch {
+ continue;
+ }
+
+ let text: string | null = null;
+ let role: 'user' | 'assistant' | null = null;
+
+ if (entry.type === 'event_msg' && isVisibleCodexUserMessage(entry.payload as AnyRecord)) {
+ text = String(entry.payload.message);
+ role = 'user';
+ } else if (
+ entry.type === 'event_msg'
+ && entry.payload?.type === 'agent_reasoning'
+ && typeof entry.payload?.text === 'string'
+ ) {
+ text = String(entry.payload.text);
+ role = 'assistant';
+ } else if (entry.type === 'response_item' && entry.payload?.type === 'message') {
+ const payload = entry.payload as AnyRecord;
+ if (payload.role === 'user') {
+ text = extractCodexText(payload.content);
+ role = 'user';
+ } else if (payload.role === 'assistant') {
+ text = extractCodexText(payload.content);
+ role = 'assistant';
+ }
+ } else if (entry.type === 'response_item' && entry.payload?.type === 'reasoning') {
+ const summaryText = Array.isArray(entry.payload.summary)
+ ? entry.payload.summary
+ .map((item: AnyRecord) => (typeof item?.text === 'string' ? item.text : ''))
+ .filter(Boolean)
+ .join('\n')
+ : '';
+
+ if (summaryText.trim()) {
+ text = summaryText;
+ role = 'assistant';
+ }
+ }
+
+ if (!text || !role) {
+ continue;
+ }
+ if (isInternalCodexContent(text)) {
+ continue;
+ }
+ if (role === 'user') {
+ latestUserMessageText = text;
+ }
+
+ const fingerprint = `${role}:${text.trim().toLowerCase()}`;
+ if (seenMessageFingerprints.has(fingerprint)) {
+ continue;
+ }
+ seenMessageFingerprints.add(fingerprint);
+
+ if (!runtime.matchesQuery(text)) {
+ continue;
+ }
+
+ const { snippet, highlights } = runtime.buildSnippet(text);
+ addSessionMatch(runtime, matches, {
+ role,
+ snippet,
+ highlights,
+ timestamp: entry.timestamp ? String(entry.timestamp) : null,
+ provider: 'codex',
+ });
+ }
+ } catch {
+ return null;
+ }
+
+ if (matches.length === 0) {
+ return null;
+ }
+
+ return {
+ sessionId: session.session_id,
+ provider: 'codex',
+ sessionSummary: toSummaryText(session.custom_name, latestUserMessageText, 'Codex Session'),
+ matches,
+ };
+}
+
+async function parseGeminiSessionMatches(
+ session: SearchableSessionRow,
+ runtime: SearchRuntime,
+): Promise {
+ let data: string;
+ try {
+ data = await fs.readFile(session.jsonl_path, 'utf8');
+ } catch {
+ return null;
+ }
+
+ let parsed: AnyRecord;
+ try {
+ parsed = JSON.parse(data) as AnyRecord;
+ } catch {
+ return null;
+ }
+
+ const sourceMessages = Array.isArray(parsed.messages) ? parsed.messages as AnyRecord[] : [];
+ if (sourceMessages.length === 0) {
+ return null;
+ }
+
+ const matches: SessionConversationMatch[] = [];
+ let firstUserText: string | null = null;
+
+ for (const msg of sourceMessages) {
+ if (runtime.totalMatches >= runtime.limit || runtime.isAborted()) {
+ break;
+ }
+
+ const role = msg.type === 'user'
+ ? 'user'
+ : (msg.type === 'gemini' || msg.type === 'assistant')
+ ? 'assistant'
+ : null;
+ if (!role) {
+ continue;
+ }
+
+ const text = extractGeminiText(msg.content);
+ if (!text) {
+ continue;
+ }
+
+ if (role === 'user' && !firstUserText) {
+ firstUserText = text;
+ }
+
+ if (!runtime.matchesQuery(text)) {
+ continue;
+ }
+
+ const { snippet, highlights } = runtime.buildSnippet(text);
+ addSessionMatch(runtime, matches, {
+ role,
+ snippet,
+ highlights,
+ timestamp: msg.timestamp ? String(msg.timestamp) : null,
+ provider: 'gemini',
+ });
+ }
+
+ if (matches.length === 0) {
+ return null;
+ }
+
+ return {
+ sessionId: session.session_id,
+ provider: 'gemini',
+ sessionSummary: toSummaryText(session.custom_name, firstUserText, 'Gemini Session'),
+ matches,
+ };
+}
+
+async function parseSessionMatches(
+ session: SearchableSessionRow,
+ runtime: SearchRuntime,
+): Promise {
+ if (session.provider === 'claude') {
+ return parseClaudeSessionMatches(session, runtime);
+ }
+ if (session.provider === 'codex') {
+ return parseCodexSessionMatches(session, runtime);
+ }
+ return parseGeminiSessionMatches(session, runtime);
+}
+
+export async function searchConversations(
+ query: string,
+ limit = 50,
+ onProjectResult: ((update: SessionConversationSearchProgressUpdate) => void) | null = null,
+ signal: AbortSignal | null = null,
+): Promise<{ results: ProjectConversationResult[]; totalMatches: number; query: string }> {
+ const safeQuery = typeof query === 'string' ? query.trim() : '';
+ const safeLimit = Math.max(1, Math.min(Number.isFinite(limit) ? limit : 50, 200));
+ const words = safeQuery.toLowerCase().split(/\s+/).filter((word) => word.length > 0);
+
+ if (words.length === 0) {
+ return { results: [], totalMatches: 0, query: safeQuery };
+ }
+
+ const isAborted = () => signal?.aborted === true;
+ if (isAborted()) {
+ return { results: [], totalMatches: 0, query: safeQuery };
+ }
+
+ const searchableSessions = normalizeSearchableSessions(sessionsDb.getAllSessions());
+ if (searchableSessions.length === 0) {
+ return { results: [], totalMatches: 0, query: safeQuery };
+ }
+
+ const sessionsByPathKey = new Map();
+ const searchablePathEntries: SearchablePathEntry[] = [];
+
+ for (const session of searchableSessions) {
+ const normalizedPath = normalizeComparablePath(session.jsonl_path);
+ if (!normalizedPath) {
+ continue;
+ }
+
+ if (!sessionsByPathKey.has(normalizedPath)) {
+ sessionsByPathKey.set(normalizedPath, []);
+ searchablePathEntries.push({
+ normalizedPath,
+ absolutePath: session.jsonl_path,
+ });
+ }
+
+ const pathSessions = sessionsByPathKey.get(normalizedPath) as SearchableSessionRow[];
+ pathSessions.push(session);
+ }
+
+ const matchedFileKeys = await findMatchedFileKeys(
+ searchablePathEntries,
+ safeQuery,
+ words,
+ signal ?? undefined,
+ );
+ if (isAborted() || matchedFileKeys.size === 0) {
+ return { results: [], totalMatches: 0, query: safeQuery };
+ }
+
+ const matchedSessionKeys = new Set();
+ for (const fileKey of matchedFileKeys) {
+ const sessions = sessionsByPathKey.get(fileKey);
+ if (!sessions) {
+ continue;
+ }
+
+ for (const session of sessions) {
+ matchedSessionKeys.add(getSessionKey(session));
+ }
+ }
+
+ const projectBuckets = buildProjectBuckets(searchableSessions);
+ const totalProjects = projectBuckets.length;
+ const results: ProjectConversationResult[] = [];
+ let scannedProjects = 0;
+
+ const runtime: SearchRuntime = {
+ ...createWordMatcher(safeQuery, words),
+ limit: safeLimit,
+ totalMatches: 0,
+ isAborted,
+ matchedSessionKeys,
+ claudeSessionsByFileKey: new Map(),
+ claudeFileResultsCache: new Map>(),
+ };
+
+ for (const [fileKey, sessions] of sessionsByPathKey.entries()) {
+ const claudeSessions = sessions.filter((session) => session.provider === 'claude');
+ if (claudeSessions.length > 0) {
+ runtime.claudeSessionsByFileKey.set(fileKey, claudeSessions);
+ }
+ }
+
+ for (const bucket of projectBuckets) {
+ if (runtime.totalMatches >= runtime.limit || runtime.isAborted()) {
+ break;
+ }
+
+ const projectResult: ProjectConversationResult = {
+ projectId: bucket.projectId,
+ projectName: bucket.projectName,
+ projectDisplayName: bucket.projectDisplayName,
+ sessions: [],
+ };
+
+ for (const session of bucket.sessions) {
+ if (runtime.totalMatches >= runtime.limit || runtime.isAborted()) {
+ break;
+ }
+ if (!matchedSessionKeys.has(getSessionKey(session))) {
+ continue;
+ }
+
+ const sessionResult = await parseSessionMatches(session, runtime);
+ if (sessionResult) {
+ projectResult.sessions.push(sessionResult);
+ }
+ }
+
+ scannedProjects += 1;
+ if (projectResult.sessions.length > 0) {
+ results.push(projectResult);
+ onProjectResult?.({
+ projectResult,
+ totalMatches: runtime.totalMatches,
+ scannedProjects,
+ totalProjects,
+ });
+ } else if (onProjectResult && scannedProjects % 10 === 0) {
+ onProjectResult({
+ projectResult: null,
+ totalMatches: runtime.totalMatches,
+ scannedProjects,
+ totalProjects,
+ });
+ }
+ }
+
+ return {
+ results,
+ totalMatches: runtime.totalMatches,
+ query: safeQuery,
+ };
+}
+
+/**
+ * Application service for session-conversation search.
+ *
+ * Provider routes call this service so route handlers stay focused on
+ * request parsing/response formatting, while search execution remains
+ * centralized in one place.
+ */
+export const sessionConversationsSearchService = {
+ /**
+ * Streams progress updates while the search scans provider session logs.
+ */
+ async search(input: SearchSessionConversationsInput): Promise {
+ await searchConversations(
+ input.query,
+ input.limit,
+ input.onProgress ?? null,
+ input.signal ?? null,
+ );
+ },
+};
diff --git a/server/modules/providers/services/session-synchronizer.service.ts b/server/modules/providers/services/session-synchronizer.service.ts
new file mode 100644
index 00000000..47c37091
--- /dev/null
+++ b/server/modules/providers/services/session-synchronizer.service.ts
@@ -0,0 +1,74 @@
+import { scanStateDb } from '@/modules/database/index.js';
+import { providerRegistry } from '@/modules/providers/provider.registry.js';
+import type { LLMProvider } from '@/shared/types.js';
+
+type SessionSynchronizeResult = {
+ processedByProvider: Record;
+ failures: string[];
+};
+
+/**
+ * Orchestrates provider-specific session indexers and indexed-session lifecycle operations.
+ */
+export const sessionSynchronizerService = {
+ /**
+ * Runs all provider synchronizers and updates scan_state.last_scanned_at.
+ */
+ async synchronizeSessions(): Promise {
+ const lastScanAt = scanStateDb.getLastScannedAt();
+ const scanBoundary = new Date();
+ const processedByProvider: Record = {
+ claude: 0,
+ codex: 0,
+ cursor: 0,
+ gemini: 0,
+ };
+ const failures: string[] = [];
+
+ const results = await Promise.allSettled(
+ providerRegistry.listProviders().map(async (provider) => ({
+ provider: provider.id,
+ processed: await provider.sessionSynchronizer.synchronize(lastScanAt ?? undefined),
+ }))
+ );
+
+ for (const result of results) {
+ if (result.status === 'fulfilled') {
+ processedByProvider[result.value.provider] = result.value.processed;
+ continue;
+ }
+
+ const reason = result.reason instanceof Error ? result.reason.message : String(result.reason);
+ failures.push(reason);
+ }
+
+ if (failures.length === 0) {
+ scanStateDb.updateLastScannedAt(scanBoundary);
+ } else {
+ console.warn(
+ `[Sessions] Skipping scan_state cursor advance because ${failures.length} provider sync(s) failed.`,
+ );
+ }
+
+ return {
+ processedByProvider,
+ failures,
+ };
+ },
+
+ /**
+ * Indexes one provider artifact file without running a full provider rescan.
+ */
+ async synchronizeProviderFile(
+ provider: LLMProvider,
+ filePath: string
+ ): Promise<{ provider: LLMProvider; indexed: boolean; sessionId: string | null }> {
+ const resolvedProvider = providerRegistry.resolveProvider(provider);
+ const sessionId = await resolvedProvider.sessionSynchronizer.synchronizeFile(filePath);
+ return {
+ provider,
+ indexed: Boolean(sessionId),
+ sessionId,
+ };
+ },
+};
diff --git a/server/modules/providers/services/sessions-watcher.service.ts b/server/modules/providers/services/sessions-watcher.service.ts
new file mode 100644
index 00000000..3a7348ed
--- /dev/null
+++ b/server/modules/providers/services/sessions-watcher.service.ts
@@ -0,0 +1,283 @@
+import os from 'node:os';
+import path from 'node:path';
+import { promises as fsPromises } from 'node:fs';
+
+import chokidar, { type FSWatcher } from 'chokidar';
+
+import { sessionSynchronizerService } from '@/modules/providers/services/session-synchronizer.service.js';
+import { WS_OPEN_STATE, connectedClients } from '@/modules/websocket/index.js';
+import type { LLMProvider } from '@/shared/types.js';
+import { getProjectsWithSessions } from '@/modules/projects/index.js';
+
+type WatcherEventType = 'add' | 'change';
+
+const PROVIDER_WATCH_PATHS: Array<{ provider: LLMProvider; rootPath: string }> = [
+ {
+ provider: 'claude',
+ rootPath: path.join(os.homedir(), '.claude', 'projects'),
+ },
+ {
+ provider: 'cursor',
+ rootPath: path.join(os.homedir(), '.cursor', 'chats'),
+ },
+ {
+ provider: 'codex',
+ rootPath: path.join(os.homedir(), '.codex', 'sessions'),
+ },
+ {
+ provider: 'gemini',
+ rootPath: path.join(os.homedir(), '.gemini', 'sessions'),
+ },
+ {
+ provider: 'gemini',
+ rootPath: path.join(os.homedir(), '.gemini', 'tmp'),
+ },
+];
+
+const WATCHER_IGNORED_PATTERNS = [
+ '**/node_modules/**',
+ '**/.git/**',
+ '**/dist/**',
+ '**/build/**',
+ '**/*.tmp',
+ '**/*.swp',
+ '**/.DS_Store',
+];
+
+const PROJECTS_UPDATE_DEBOUNCE_MS = 500;
+const PROJECTS_UPDATE_MAX_WAIT_MS = 2_000;
+
+const watchers: FSWatcher[] = [];
+
+type PendingWatcherUpdate = {
+ providers: Set;
+ changeTypes: Set;
+ updatedSessionIds: Set;
+};
+
+let pendingWatcherUpdate: PendingWatcherUpdate | null = null;
+let pendingWatcherUpdateStartedAt: number | null = null;
+let pendingWatcherFlushTimer: ReturnType | null = null;
+let watcherRefreshInFlight = false;
+let watcherRescheduleAfterRefresh = false;
+
+/**
+ * Filters watcher events to provider-specific session artifact file types.
+ */
+function isWatcherTargetFile(provider: LLMProvider, filePath: string): boolean {
+ if (provider === 'gemini') {
+ return filePath.endsWith('.json') || filePath.endsWith('.jsonl');
+ }
+
+ return filePath.endsWith('.jsonl');
+}
+
+function clearPendingWatcherFlushTimer(): void {
+ if (pendingWatcherFlushTimer) {
+ clearTimeout(pendingWatcherFlushTimer);
+ pendingWatcherFlushTimer = null;
+ }
+}
+
+function schedulePendingWatcherFlush(): void {
+ if (!pendingWatcherUpdate) {
+ return;
+ }
+
+ const now = Date.now();
+ if (pendingWatcherUpdateStartedAt === null) {
+ pendingWatcherUpdateStartedAt = now;
+ }
+
+ const elapsed = now - pendingWatcherUpdateStartedAt;
+ const remainingMaxWait = Math.max(0, PROJECTS_UPDATE_MAX_WAIT_MS - elapsed);
+ const delay = Math.min(PROJECTS_UPDATE_DEBOUNCE_MS, remainingMaxWait);
+
+ clearPendingWatcherFlushTimer();
+ pendingWatcherFlushTimer = setTimeout(() => {
+ void flushPendingWatcherUpdate();
+ }, delay);
+}
+
+function queuePendingWatcherUpdate(
+ eventType: WatcherEventType,
+ provider: LLMProvider,
+ updatedSessionId: string | null
+): void {
+ if (!pendingWatcherUpdate) {
+ pendingWatcherUpdate = {
+ providers: new Set(),
+ changeTypes: new Set(),
+ updatedSessionIds: new Set(),
+ };
+ }
+
+ pendingWatcherUpdate.providers.add(provider);
+ pendingWatcherUpdate.changeTypes.add(eventType);
+ if (updatedSessionId) {
+ pendingWatcherUpdate.updatedSessionIds.add(updatedSessionId);
+ }
+
+ schedulePendingWatcherFlush();
+}
+
+async function flushPendingWatcherUpdate(): Promise {
+ clearPendingWatcherFlushTimer();
+
+ if (!pendingWatcherUpdate) {
+ return;
+ }
+
+ if (watcherRefreshInFlight) {
+ watcherRescheduleAfterRefresh = true;
+ return;
+ }
+
+ const queuedUpdate = pendingWatcherUpdate;
+ pendingWatcherUpdate = null;
+ pendingWatcherUpdateStartedAt = null;
+ watcherRefreshInFlight = true;
+
+ try {
+ const updatedProjects = await getProjectsWithSessions({ skipSynchronization: true });
+ const changeTypes = Array.from(queuedUpdate.changeTypes);
+ const watchProviders = Array.from(queuedUpdate.providers);
+ const updatedSessionIds = Array.from(queuedUpdate.updatedSessionIds);
+
+ // Backward-compatible fields stay populated with the first queued values.
+ const updateMessage = JSON.stringify({
+ type: 'projects_updated',
+ projects: updatedProjects,
+ timestamp: new Date().toISOString(),
+ changeType: changeTypes[0] ?? 'change',
+ updatedSessionId: updatedSessionIds[0] ?? undefined,
+ watchProvider: watchProviders[0] ?? undefined,
+ changeTypes,
+ updatedSessionIds,
+ watchProviders,
+ batched: true,
+ });
+
+ connectedClients.forEach(client => {
+ if (client.readyState === WS_OPEN_STATE) {
+ client.send(updateMessage);
+ }
+ });
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error('Session watcher refresh failed while broadcasting projects_updated', { error: message });
+ } finally {
+ watcherRefreshInFlight = false;
+
+ if (pendingWatcherUpdate || watcherRescheduleAfterRefresh) {
+ watcherRescheduleAfterRefresh = false;
+ schedulePendingWatcherFlush();
+ }
+ }
+}
+
+/**
+ * Handles file watcher updates and triggers provider file-level synchronization.
+ */
+async function onUpdate(
+ eventType: WatcherEventType,
+ filePath: string,
+ provider: LLMProvider
+): Promise {
+ if (!isWatcherTargetFile(provider, filePath)) {
+ return;
+ }
+
+ try {
+ const result = await sessionSynchronizerService.synchronizeProviderFile(provider, filePath);
+ if (!result.indexed) {
+ return;
+ }
+
+ console.log(`Session synchronization triggered by ${eventType} event for provider "${provider}"`, {
+ filePath,
+ sessionId: result.sessionId,
+ });
+ queuePendingWatcherUpdate(eventType, provider, result.sessionId);
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error(`Session watcher sync failed for provider "${provider}"`, {
+ eventType,
+ filePath,
+ error: message,
+ });
+ }
+}
+
+/**
+ * Starts provider filesystem watchers and performs initial DB synchronization.
+ */
+export async function initializeSessionsWatcher(): Promise {
+ console.log('Setting up session watchers');
+
+ const initialSync = await sessionSynchronizerService.synchronizeSessions();
+ console.log('Initial session synchronization complete', {
+ processedByProvider: initialSync.processedByProvider,
+ failures: initialSync.failures,
+ });
+
+ for (const { provider, rootPath } of PROVIDER_WATCH_PATHS) {
+ try {
+ await fsPromises.mkdir(rootPath, { recursive: true });
+
+ const watcher = chokidar.watch(rootPath, {
+ ignored: WATCHER_IGNORED_PATTERNS,
+ persistent: true,
+ ignoreInitial: true,
+ followSymlinks: false,
+ depth: 6,
+ usePolling: true,
+ interval: 6_000,
+ binaryInterval: 6_000,
+ });
+
+ watcher
+ .on('add', (filePath: string) => {
+ void onUpdate('add', filePath, provider);
+ })
+ .on('change', (filePath: string) => {
+ void onUpdate('change', filePath, provider);
+ })
+ .on('error', (error: unknown) => {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error(`Session watcher error for provider "${provider}"`, { error: message });
+ });
+
+ watchers.push(watcher);
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error(`Failed to initialize session watcher for provider "${provider}"`, {
+ rootPath,
+ error: message,
+ });
+ }
+ }
+}
+
+/**
+ * Stops all active provider session watchers.
+ */
+export async function closeSessionsWatcher(): Promise {
+ clearPendingWatcherFlushTimer();
+
+ await Promise.all(
+ watchers.map(async (watcher) => {
+ try {
+ await watcher.close();
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error('Failed to close session watcher', { error: message });
+ }
+ })
+ );
+ watchers.length = 0;
+ pendingWatcherUpdate = null;
+ pendingWatcherUpdateStartedAt = null;
+ watcherRefreshInFlight = false;
+ watcherRescheduleAfterRefresh = false;
+}
diff --git a/server/modules/providers/services/sessions.service.ts b/server/modules/providers/services/sessions.service.ts
new file mode 100644
index 00000000..32572e95
--- /dev/null
+++ b/server/modules/providers/services/sessions.service.ts
@@ -0,0 +1,130 @@
+import fsp from 'node:fs/promises';
+
+import { sessionsDb } from '@/modules/database/index.js';
+import { providerRegistry } from '@/modules/providers/provider.registry.js';
+import type {
+ FetchHistoryOptions,
+ FetchHistoryResult,
+ LLMProvider,
+ NormalizedMessage,
+} from '@/shared/types.js';
+import { AppError } from '@/shared/utils.js';
+
+/**
+ * Removes one file if it exists.
+ */
+async function removeFileIfExists(filePath: string): Promise {
+ try {
+ await fsp.unlink(filePath);
+ return true;
+ } catch (error) {
+ const code = (error as NodeJS.ErrnoException).code;
+ if (code === 'ENOENT') {
+ return false;
+ }
+ throw error;
+ }
+}
+
+/**
+ * Application service for provider-backed session message operations.
+ *
+ * Callers pass a provider id and this service resolves the concrete provider
+ * class, keeping normalization/history call sites decoupled from implementation
+ * file layout.
+ */
+export const sessionsService = {
+ /**
+ * Lists provider ids that can load session history and normalize live messages.
+ */
+ listProviderIds(): LLMProvider[] {
+ return providerRegistry.listProviders().map((provider) => provider.id);
+ },
+
+ /**
+ * Normalizes one provider-native event into frontend session message events.
+ */
+ normalizeMessage(
+ providerName: string,
+ raw: unknown,
+ sessionId: string | null,
+ ): NormalizedMessage[] {
+ return providerRegistry.resolveProvider(providerName).sessions.normalizeMessage(raw, sessionId);
+ },
+
+ /**
+ * Fetches persisted history by session id.
+ *
+ * Provider and provider-specific lookup hints are resolved from the indexed
+ * session metadata in the database.
+ */
+ fetchHistory(
+ sessionId: string,
+ options: Pick = {},
+ ): Promise {
+ const session = sessionsDb.getSessionById(sessionId);
+ if (!session) {
+ throw new AppError(`Session "${sessionId}" was not found.`, {
+ code: 'SESSION_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ const provider = session.provider as LLMProvider;
+ return providerRegistry.resolveProvider(provider).sessions.fetchHistory(sessionId, {
+ limit: options.limit ?? null,
+ offset: options.offset ?? 0,
+ projectPath: session.project_path ?? '',
+ });
+ },
+
+ /**
+ * Deletes one persisted session row by id.
+ *
+ * When `deletedFromDisk` is true and a session `jsonl_path` exists, the path
+ * is deleted from disk before the DB row is removed.
+ */
+ async deleteSessionById(
+ sessionId: string,
+ deletedFromDisk = false,
+ ): Promise<{ sessionId: string; deletedFromDisk: boolean }> {
+ const session = sessionsDb.getSessionById(sessionId);
+ if (!session) {
+ throw new AppError(`Session "${sessionId}" was not found.`, {
+ code: 'SESSION_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ let removedFromDisk = false;
+ if (deletedFromDisk && session.jsonl_path) {
+ removedFromDisk = await removeFileIfExists(session.jsonl_path);
+ }
+
+ const deleted = sessionsDb.deleteSessionById(sessionId);
+ if (!deleted) {
+ throw new AppError(`Session "${sessionId}" was not found.`, {
+ code: 'SESSION_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ return { sessionId, deletedFromDisk: removedFromDisk };
+ },
+
+ /**
+ * Renames one session by id without requiring the caller to pass provider.
+ */
+ renameSessionById(sessionId: string, summary: string): { sessionId: string; summary: string } {
+ const session = sessionsDb.getSessionById(sessionId);
+ if (!session) {
+ throw new AppError(`Session "${sessionId}" was not found.`, {
+ code: 'SESSION_NOT_FOUND',
+ statusCode: 404,
+ });
+ }
+
+ sessionsDb.updateSessionCustomName(sessionId, summary);
+ return { sessionId, summary };
+ },
+};
diff --git a/server/modules/providers/shared/base/abstract.provider.ts b/server/modules/providers/shared/base/abstract.provider.ts
new file mode 100644
index 00000000..c674364d
--- /dev/null
+++ b/server/modules/providers/shared/base/abstract.provider.ts
@@ -0,0 +1,27 @@
+import type {
+ IProvider,
+ IProviderAuth,
+ IProviderMcp,
+ IProviderSessionSynchronizer,
+ IProviderSessions,
+} from '@/shared/interfaces.js';
+import type { LLMProvider } from '@/shared/types.js';
+
+/**
+ * Shared provider base.
+ *
+ * Concrete providers must expose auth/MCP handlers and implement message
+ * normalization/history loading because those behaviors depend on native
+ * SDK/CLI formats.
+ */
+export abstract class AbstractProvider implements IProvider {
+ readonly id: LLMProvider;
+ abstract readonly mcp: IProviderMcp;
+ abstract readonly auth: IProviderAuth;
+ abstract readonly sessions: IProviderSessions;
+ abstract readonly sessionSynchronizer: IProviderSessionSynchronizer;
+
+ protected constructor(id: LLMProvider) {
+ this.id = id;
+ }
+}
diff --git a/server/modules/providers/shared/mcp/mcp.provider.ts b/server/modules/providers/shared/mcp/mcp.provider.ts
new file mode 100644
index 00000000..96cc7f25
--- /dev/null
+++ b/server/modules/providers/shared/mcp/mcp.provider.ts
@@ -0,0 +1,151 @@
+import path from 'node:path';
+
+import type { IProviderMcp } from '@/shared/interfaces.js';
+import type { LLMProvider, McpScope, McpTransport, ProviderMcpServer, UpsertProviderMcpServerInput } from '@/shared/types.js';
+import { AppError } from '@/shared/utils.js';
+
+const resolveWorkspacePath = (workspacePath?: string): string =>
+ path.resolve(workspacePath ?? process.cwd());
+
+const normalizeServerName = (name: string): string => {
+ const normalized = name.trim();
+ if (!normalized) {
+ throw new AppError('MCP server name is required.', {
+ code: 'MCP_SERVER_NAME_REQUIRED',
+ statusCode: 400,
+ });
+ }
+
+ return normalized;
+};
+
+/**
+ * Shared MCP provider for provider-specific config readers/writers.
+ */
+export abstract class McpProvider implements IProviderMcp {
+ protected readonly provider: LLMProvider;
+ protected readonly supportedScopes: McpScope[];
+ protected readonly supportedTransports: McpTransport[];
+
+ protected constructor(
+ provider: LLMProvider,
+ supportedScopes: McpScope[],
+ supportedTransports: McpTransport[],
+ ) {
+ this.provider = provider;
+ this.supportedScopes = supportedScopes;
+ this.supportedTransports = supportedTransports;
+ }
+
+ async listServers(options?: { workspacePath?: string }): Promise> {
+ const grouped: Record = {
+ user: [],
+ local: [],
+ project: [],
+ };
+
+ for (const scope of this.supportedScopes) {
+ grouped[scope] = await this.listServersForScope(scope, options);
+ }
+
+ return grouped;
+ }
+
+ async listServersForScope(
+ scope: McpScope,
+ options?: { workspacePath?: string },
+ ): Promise {
+ if (!this.supportedScopes.includes(scope)) {
+ return [];
+ }
+
+ const workspacePath = resolveWorkspacePath(options?.workspacePath);
+ const scopedServers = await this.readScopedServers(scope, workspacePath);
+ return Object.entries(scopedServers)
+ .map(([name, rawConfig]) => this.normalizeServerConfig(scope, name, rawConfig))
+ .filter((entry): entry is ProviderMcpServer => entry !== null);
+ }
+
+ async upsertServer(input: UpsertProviderMcpServerInput): Promise {
+ const scope = input.scope ?? 'project';
+ this.assertScopeAndTransport(scope, input.transport);
+
+ const workspacePath = resolveWorkspacePath(input.workspacePath);
+ const normalizedName = normalizeServerName(input.name);
+ const scopedServers = await this.readScopedServers(scope, workspacePath);
+ scopedServers[normalizedName] = this.buildServerConfig(input);
+ await this.writeScopedServers(scope, workspacePath, scopedServers);
+
+ return {
+ provider: this.provider,
+ name: normalizedName,
+ scope,
+ transport: input.transport,
+ command: input.command,
+ args: input.args,
+ env: input.env,
+ cwd: input.cwd,
+ url: input.url,
+ headers: input.headers,
+ envVars: input.envVars,
+ bearerTokenEnvVar: input.bearerTokenEnvVar,
+ envHttpHeaders: input.envHttpHeaders,
+ };
+ }
+
+ async removeServer(
+ input: { name: string; scope?: McpScope; workspacePath?: string },
+ ): Promise<{ removed: boolean; provider: LLMProvider; name: string; scope: McpScope }> {
+ const scope = input.scope ?? 'project';
+ this.assertScope(scope);
+
+ const workspacePath = resolveWorkspacePath(input.workspacePath);
+ const normalizedName = normalizeServerName(input.name);
+ const scopedServers = await this.readScopedServers(scope, workspacePath);
+ const removed = Object.prototype.hasOwnProperty.call(scopedServers, normalizedName);
+ if (removed) {
+ delete scopedServers[normalizedName];
+ await this.writeScopedServers(scope, workspacePath, scopedServers);
+ }
+
+ return { removed, provider: this.provider, name: normalizedName, scope };
+ }
+
+ protected abstract readScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ ): Promise>;
+
+ protected abstract writeScopedServers(
+ scope: McpScope,
+ workspacePath: string,
+ servers: Record,
+ ): Promise;
+
+ protected abstract buildServerConfig(input: UpsertProviderMcpServerInput): Record;
+
+ protected abstract normalizeServerConfig(
+ scope: McpScope,
+ name: string,
+ rawConfig: unknown,
+ ): ProviderMcpServer | null;
+
+ protected assertScope(scope: McpScope): void {
+ if (!this.supportedScopes.includes(scope)) {
+ throw new AppError(`Provider "${this.provider}" does not support "${scope}" MCP scope.`, {
+ code: 'MCP_SCOPE_NOT_SUPPORTED',
+ statusCode: 400,
+ });
+ }
+ }
+
+ protected assertScopeAndTransport(scope: McpScope, transport: McpTransport): void {
+ this.assertScope(scope);
+ if (!this.supportedTransports.includes(transport)) {
+ throw new AppError(`Provider "${this.provider}" does not support "${transport}" MCP transport.`, {
+ code: 'MCP_TRANSPORT_NOT_SUPPORTED',
+ statusCode: 400,
+ });
+ }
+ }
+}
diff --git a/server/modules/providers/tests/mcp.test.ts b/server/modules/providers/tests/mcp.test.ts
new file mode 100644
index 00000000..a64914d6
--- /dev/null
+++ b/server/modules/providers/tests/mcp.test.ts
@@ -0,0 +1,293 @@
+import assert from 'node:assert/strict';
+import fs from 'node:fs/promises';
+import os from 'node:os';
+import path from 'node:path';
+import test from 'node:test';
+
+import TOML from '@iarna/toml';
+
+import { providerMcpService } from '@/modules/providers/services/mcp.service.js';
+import { AppError } from '@/shared/utils.js';
+
+const patchHomeDir = (nextHomeDir: string) => {
+ const original = os.homedir;
+ (os as any).homedir = () => nextHomeDir;
+ return () => {
+ (os as any).homedir = original;
+ };
+};
+
+const readJson = async (filePath: string): Promise> => {
+ const content = await fs.readFile(filePath, 'utf8');
+ return JSON.parse(content) as Record;
+};
+
+/**
+ * This test covers Claude MCP support for all scopes (user/local/project) and all transports (stdio/http/sse),
+ * including add, update/list, and remove operations.
+ */
+test('providerMcpService handles claude MCP scopes/transports with file-backed persistence', { concurrency: false }, async () => {
+ const tempRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'llm-mcp-claude-'));
+ const workspacePath = path.join(tempRoot, 'workspace');
+ await fs.mkdir(workspacePath, { recursive: true });
+
+ const restoreHomeDir = patchHomeDir(tempRoot);
+ try {
+ await providerMcpService.upsertProviderMcpServer('claude', {
+ name: 'claude-user-stdio',
+ scope: 'user',
+ transport: 'stdio',
+ command: 'npx',
+ args: ['-y', 'my-server'],
+ env: { API_KEY: 'secret' },
+ });
+
+ await providerMcpService.upsertProviderMcpServer('claude', {
+ name: 'claude-local-http',
+ scope: 'local',
+ transport: 'http',
+ url: 'https://example.com/mcp',
+ headers: { Authorization: 'Bearer token' },
+ workspacePath,
+ });
+
+ await providerMcpService.upsertProviderMcpServer('claude', {
+ name: 'claude-project-sse',
+ scope: 'project',
+ transport: 'sse',
+ url: 'https://example.com/sse',
+ headers: { 'X-API-Key': 'abc' },
+ workspacePath,
+ });
+
+ const grouped = await providerMcpService.listProviderMcpServers('claude', { workspacePath });
+ assert.ok(grouped.user.some((server) => server.name === 'claude-user-stdio' && server.transport === 'stdio'));
+ assert.ok(grouped.local.some((server) => server.name === 'claude-local-http' && server.transport === 'http'));
+ assert.ok(grouped.project.some((server) => server.name === 'claude-project-sse' && server.transport === 'sse'));
+
+ // update behavior is the same upsert route with same name
+ await providerMcpService.upsertProviderMcpServer('claude', {
+ name: 'claude-project-sse',
+ scope: 'project',
+ transport: 'sse',
+ url: 'https://example.com/sse-updated',
+ headers: { 'X-API-Key': 'updated' },
+ workspacePath,
+ });
+
+ const projectConfig = await readJson(path.join(workspacePath, '.mcp.json'));
+ const projectServers = projectConfig.mcpServers as Record;
+ const projectServer = projectServers['claude-project-sse'] as Record;
+ assert.equal(projectServer.url, 'https://example.com/sse-updated');
+
+ const removeResult = await providerMcpService.removeProviderMcpServer('claude', {
+ name: 'claude-local-http',
+ scope: 'local',
+ workspacePath,
+ });
+ assert.equal(removeResult.removed, true);
+ } finally {
+ restoreHomeDir();
+ await fs.rm(tempRoot, { recursive: true, force: true });
+ }
+});
+
+/**
+ * This test covers Codex MCP support for user/project scopes, stdio/http formats,
+ * and validation for unsupported scope/transport combinations.
+ */
+test('providerMcpService handles codex MCP TOML config and capability validation', { concurrency: false }, async () => {
+ const tempRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'llm-mcp-codex-'));
+ const workspacePath = path.join(tempRoot, 'workspace');
+ await fs.mkdir(workspacePath, { recursive: true });
+
+ const restoreHomeDir = patchHomeDir(tempRoot);
+ try {
+ await providerMcpService.upsertProviderMcpServer('codex', {
+ name: 'codex-user-stdio',
+ scope: 'user',
+ transport: 'stdio',
+ command: 'python',
+ args: ['server.py'],
+ env: { API_KEY: 'x' },
+ envVars: ['API_KEY'],
+ cwd: '/tmp',
+ });
+
+ await providerMcpService.upsertProviderMcpServer('codex', {
+ name: 'codex-project-http',
+ scope: 'project',
+ transport: 'http',
+ url: 'https://codex.example.com/mcp',
+ headers: { 'X-Custom-Header': 'value' },
+ envHttpHeaders: { 'X-API-Key': 'MY_API_KEY_ENV' },
+ bearerTokenEnvVar: 'MY_API_TOKEN',
+ workspacePath,
+ });
+
+ const userTomlPath = path.join(tempRoot, '.codex', 'config.toml');
+ const userConfig = TOML.parse(await fs.readFile(userTomlPath, 'utf8')) as Record;
+ const userServers = userConfig.mcp_servers as Record;
+ const userStdio = userServers['codex-user-stdio'] as Record;
+ assert.equal(userStdio.command, 'python');
+
+ const projectTomlPath = path.join(workspacePath, '.codex', 'config.toml');
+ const projectConfig = TOML.parse(await fs.readFile(projectTomlPath, 'utf8')) as Record;
+ const projectServers = projectConfig.mcp_servers as Record;
+ const projectHttp = projectServers['codex-project-http'] as Record;
+ assert.equal(projectHttp.url, 'https://codex.example.com/mcp');
+
+ await assert.rejects(
+ providerMcpService.upsertProviderMcpServer('codex', {
+ name: 'codex-local',
+ scope: 'local',
+ transport: 'stdio',
+ command: 'node',
+ }),
+ (error: unknown) =>
+ error instanceof AppError &&
+ error.code === 'MCP_SCOPE_NOT_SUPPORTED' &&
+ error.statusCode === 400,
+ );
+
+ await assert.rejects(
+ providerMcpService.upsertProviderMcpServer('codex', {
+ name: 'codex-sse',
+ scope: 'project',
+ transport: 'sse',
+ url: 'https://example.com/sse',
+ workspacePath,
+ }),
+ (error: unknown) =>
+ error instanceof AppError &&
+ error.code === 'MCP_TRANSPORT_NOT_SUPPORTED' &&
+ error.statusCode === 400,
+ );
+ } finally {
+ restoreHomeDir();
+ await fs.rm(tempRoot, { recursive: true, force: true });
+ }
+});
+
+/**
+ * This test covers Gemini/Cursor MCP JSON formats and user/project scope persistence.
+ */
+test('providerMcpService handles gemini and cursor MCP JSON config formats', { concurrency: false }, async () => {
+ const tempRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'llm-mcp-gc-'));
+ const workspacePath = path.join(tempRoot, 'workspace');
+ await fs.mkdir(workspacePath, { recursive: true });
+
+ const restoreHomeDir = patchHomeDir(tempRoot);
+ try {
+ await providerMcpService.upsertProviderMcpServer('gemini', {
+ name: 'gemini-stdio',
+ scope: 'user',
+ transport: 'stdio',
+ command: 'node',
+ args: ['server.js'],
+ env: { TOKEN: '$TOKEN' },
+ cwd: './server',
+ });
+
+ await providerMcpService.upsertProviderMcpServer('gemini', {
+ name: 'gemini-http',
+ scope: 'project',
+ transport: 'http',
+ url: 'https://gemini.example.com/mcp',
+ headers: { Authorization: 'Bearer token' },
+ workspacePath,
+ });
+
+ await providerMcpService.upsertProviderMcpServer('cursor', {
+ name: 'cursor-stdio',
+ scope: 'project',
+ transport: 'stdio',
+ command: 'npx',
+ args: ['-y', 'mcp-server'],
+ env: { API_KEY: 'value' },
+ workspacePath,
+ });
+
+ await providerMcpService.upsertProviderMcpServer('cursor', {
+ name: 'cursor-http',
+ scope: 'user',
+ transport: 'http',
+ url: 'http://localhost:3333/mcp',
+ headers: { API_KEY: 'value' },
+ });
+
+ const geminiUserConfig = await readJson(path.join(tempRoot, '.gemini', 'settings.json'));
+ const geminiUserServer = (geminiUserConfig.mcpServers as Record)['gemini-stdio'] as Record;
+ assert.equal(geminiUserServer.command, 'node');
+ assert.equal(geminiUserServer.type, undefined);
+
+ const geminiProjectConfig = await readJson(path.join(workspacePath, '.gemini', 'settings.json'));
+ const geminiProjectServer = (geminiProjectConfig.mcpServers as Record)['gemini-http'] as Record;
+ assert.equal(geminiProjectServer.type, 'http');
+
+ const cursorUserConfig = await readJson(path.join(tempRoot, '.cursor', 'mcp.json'));
+ const cursorHttpServer = (cursorUserConfig.mcpServers as Record)['cursor-http'] as Record;
+ assert.equal(cursorHttpServer.url, 'http://localhost:3333/mcp');
+ assert.equal(cursorHttpServer.type, undefined);
+ } finally {
+ restoreHomeDir();
+ await fs.rm(tempRoot, { recursive: true, force: true });
+ }
+});
+
+/**
+ * This test covers the global MCP adder requirement: only http/stdio are allowed and
+ * one payload is written to all providers.
+ */
+test('providerMcpService global adder writes to all providers and rejects unsupported transports', { concurrency: false }, async () => {
+ const tempRoot = await fs.mkdtemp(path.join(os.tmpdir(), 'llm-mcp-global-'));
+ const workspacePath = path.join(tempRoot, 'workspace');
+ await fs.mkdir(workspacePath, { recursive: true });
+
+ const restoreHomeDir = patchHomeDir(tempRoot);
+ try {
+ const globalResult = await providerMcpService.addMcpServerToAllProviders({
+ name: 'global-http',
+ scope: 'project',
+ transport: 'http',
+ url: 'https://global.example.com/mcp',
+ workspacePath,
+ });
+
+ const expectCursorGlobal = process.platform !== 'win32';
+ assert.equal(globalResult.length, expectCursorGlobal ? 4 : 3);
+ assert.ok(globalResult.every((entry) => entry.created === true));
+
+ const claudeProject = await readJson(path.join(workspacePath, '.mcp.json'));
+ assert.ok((claudeProject.mcpServers as Record)['global-http']);
+
+ const codexProject = TOML.parse(await fs.readFile(path.join(workspacePath, '.codex', 'config.toml'), 'utf8')) as Record;
+ assert.ok((codexProject.mcp_servers as Record)['global-http']);
+
+ const geminiProject = await readJson(path.join(workspacePath, '.gemini', 'settings.json'));
+ assert.ok((geminiProject.mcpServers as Record)['global-http']);
+
+ if (expectCursorGlobal) {
+ const cursorProject = await readJson(path.join(workspacePath, '.cursor', 'mcp.json'));
+ assert.ok((cursorProject.mcpServers as Record)['global-http']);
+ }
+
+ await assert.rejects(
+ providerMcpService.addMcpServerToAllProviders({
+ name: 'global-sse',
+ scope: 'project',
+ transport: 'sse',
+ url: 'https://example.com/sse',
+ workspacePath,
+ }),
+ (error: unknown) =>
+ error instanceof AppError &&
+ error.code === 'INVALID_GLOBAL_MCP_TRANSPORT' &&
+ error.statusCode === 400,
+ );
+ } finally {
+ restoreHomeDir();
+ await fs.rm(tempRoot, { recursive: true, force: true });
+ }
+});
+
diff --git a/server/modules/websocket/README.md b/server/modules/websocket/README.md
new file mode 100644
index 00000000..12db6349
--- /dev/null
+++ b/server/modules/websocket/README.md
@@ -0,0 +1,267 @@
+# WebSocket Module
+
+This module owns the server-side WebSocket gateway used by:
+
+1. Chat streaming (`/ws`)
+2. Interactive terminal sessions (`/shell`)
+3. Plugin WebSocket passthrough (`/plugin-ws/:pluginName`)
+
+It is intentionally structured as **small services** plus a **barrel export** in `index.ts`.
+
+## Public API
+
+`server/modules/websocket/index.ts` exports:
+
+1. `createWebSocketServer(server, dependencies)`
+Creates and wires the shared `ws` server.
+2. `connectedClients` and `WS_OPEN_STATE`
+Shared chat client registry and open-state constant used by other modules.
+
+## Why Dependency Injection Is Used
+
+The module receives runtime-specific functions from `server/index.js` instead of importing legacy runtime files directly.
+
+Benefits:
+
+1. Keeps module boundaries clean (`server/modules/*` architecture rule).
+2. Makes each service easier to test in isolation.
+3. Keeps WebSocket transport concerns separate from provider runtime concerns.
+
+## Service Map
+
+| File | Responsibility |
+|---|---|
+| `services/websocket-server.service.ts` | Creates `WebSocketServer`, binds `verifyClient`, routes connection by pathname |
+| `services/websocket-auth.service.ts` | Authenticates upgrade requests and attaches `request.user` |
+| `services/chat-websocket.service.ts` | Handles `/ws` chat protocol and provider command/session control messages |
+| `services/shell-websocket.service.ts` | Handles `/shell` PTY lifecycle, reconnect buffering, auth URL detection |
+| `services/plugin-websocket-proxy.service.ts` | Bridges client socket to plugin socket |
+| `services/websocket-writer.service.ts` | Adapts raw WebSocket to writer interface (`send`, `setSessionId`, `getSessionId`) |
+| `services/websocket-state.service.ts` | Holds shared chat client set and open-state constant |
+
+## High-Level Architecture
+
+```mermaid
+flowchart LR
+ A[HTTP Server] --> B[createWebSocketServer]
+ B --> C[verifyWebSocketClient]
+ B --> D{Pathname}
+ D -->|/ws| E[handleChatConnection]
+ D -->|/shell| F[handleShellConnection]
+ D -->|/plugin-ws/:name| G[handlePluginWsProxy]
+ D -->|other| H[close()]
+
+ E --> I[connectedClients Set]
+ E --> J[WebSocketWriter]
+ F --> K[ptySessionsMap]
+ G --> L[Upstream Plugin ws://127.0.0.1:port/ws]
+
+ I --> M[projects.service broadcastProgress]
+ I --> N[sessions-watcher.service projects_updated]
+```
+
+## Connection Handshake + Routing
+
+```mermaid
+sequenceDiagram
+ participant Client
+ participant WSS as WebSocketServer
+ participant Auth as verifyWebSocketClient
+ participant Router as connection router
+ participant Chat as /ws handler
+ participant Shell as /shell handler
+ participant Proxy as /plugin-ws handler
+
+ Client->>WSS: Upgrade Request
+ WSS->>Auth: verifyClient(info)
+ alt Platform mode
+ Auth->>Auth: authenticateWebSocket(null)
+ Auth->>Auth: attach request.user
+ else OSS mode
+ Auth->>Auth: read token from ?token or Authorization
+ Auth->>Auth: authenticateWebSocket(token)
+ Auth->>Auth: attach request.user
+ end
+
+ alt Auth failed
+ Auth-->>WSS: false (reject handshake)
+ else Auth ok
+ Auth-->>WSS: true
+ WSS->>Router: on("connection", ws, request)
+ alt pathname == /ws
+ Router->>Chat: handleChatConnection(ws, request, deps.chat)
+ else pathname == /shell
+ Router->>Shell: handleShellConnection(ws, deps.shell)
+ else pathname startsWith /plugin-ws/
+ Router->>Proxy: handlePluginWsProxy(ws, pathname, getPluginPort)
+ else unknown
+ Router->>Router: ws.close()
+ end
+ end
+```
+
+## `/ws` Chat Flow
+
+When a chat socket connects:
+
+1. Add socket to `connectedClients`.
+2. Build `WebSocketWriter` (captures `userId` from authenticated request).
+3. Parse each incoming message with `parseIncomingJsonObject`.
+4. Dispatch by `data.type`.
+5. On close, remove socket from `connectedClients`.
+
+### Chat Message Dispatch
+
+```mermaid
+flowchart TD
+ A[Incoming WS message] --> B[parseIncomingJsonObject]
+ B -->|invalid| C[send {type:error}]
+ B -->|ok| D{data.type}
+
+ D -->|claude-command| E[queryClaudeSDK]
+ D -->|cursor-command| F[spawnCursor]
+ D -->|codex-command| G[queryCodex]
+ D -->|gemini-command| H[spawnGemini]
+ D -->|cursor-resume| I[spawnCursor resume]
+ D -->|abort-session| J[abort by provider]
+ D -->|claude-permission-response| K[resolveToolApproval]
+ D -->|cursor-abort| L[abortCursorSession]
+ D -->|check-session-status| M[is*SessionActive + optional reconnectSessionWriter]
+ D -->|get-pending-permissions| N[getPendingApprovalsForSession]
+ D -->|get-active-sessions| O[getActive*Sessions]
+```
+
+### Chat Notes
+
+1. `abort-session` returns a normalized `complete` message with `aborted: true`.
+2. `check-session-status` returns `{ type: "session-status", isProcessing }`.
+3. Claude status checks can reconnect output stream to the new socket via `reconnectSessionWriter`.
+
+## `/shell` Terminal Flow
+
+The shell handler manages persistent PTY sessions keyed by:
+
+`_[_cmd_]`
+
+This enables reconnect behavior and isolates command-specific plain-shell sessions.
+
+### Shell Lifecycle
+
+```mermaid
+stateDiagram-v2
+ [*] --> WaitingInit
+ WaitingInit --> ValidateInit: message.type == init
+ ValidateInit --> ReconnectExisting: session key exists and not login reset
+ ValidateInit --> SpawnNewPTY: valid path + valid sessionId
+ ValidateInit --> EmitError: invalid payload/path/sessionId
+
+ ReconnectExisting --> Running: attach ws, replay buffer
+ SpawnNewPTY --> Running: pty.spawn + wire onData/onExit
+
+ Running --> Running: input -> pty.write
+ Running --> Running: resize -> pty.resize
+ Running --> Running: onData -> buffer + output + auth_url detection
+ Running --> Exited: onExit
+ Running --> Detached: ws close
+
+ Detached --> Running: reconnect before timeout
+ Detached --> Killed: timeout reached -> pty.kill
+ Exited --> [*]
+ Killed --> [*]
+ EmitError --> WaitingInit
+```
+
+### Shell Behaviors in Detail
+
+1. `init`:
+Reads `projectPath`, `sessionId`, `provider`, `hasSession`, `initialCommand`, `isPlainShell`.
+2. Login reset:
+For login-like commands, existing keyed PTY session is killed and recreated.
+3. Validation:
+Path must exist and be a directory; `sessionId` must match safe pattern.
+4. Command build:
+Provider-specific command construction with resume semantics.
+5. PTY output buffering:
+Stores up to 5000 chunks for replay on reconnect.
+6. URL detection:
+Strips ANSI, accumulates text buffer, extracts URLs, emits `auth_url` once per normalized URL, supports `autoOpen`.
+7. Close behavior:
+Socket disconnect does not instantly kill PTY; session is kept alive and terminated on timeout.
+
+## `/plugin-ws/:pluginName` Proxy Flow
+
+```mermaid
+sequenceDiagram
+ participant Client
+ participant Proxy as handlePluginWsProxy
+ participant PM as getPluginPort
+ participant Upstream as Plugin WS
+
+ Client->>Proxy: Connect /plugin-ws/:name
+ Proxy->>Proxy: Validate pluginName regex
+ alt Invalid name
+ Proxy-->>Client: close(4400, "Invalid plugin name")
+ else Valid
+ Proxy->>PM: getPluginPort(name)
+ alt Plugin not running
+ Proxy-->>Client: close(4404, "Plugin not running")
+ else Port found
+ Proxy->>Upstream: new WebSocket(ws://127.0.0.1:port/ws)
+ Client-->>Upstream: relay messages bidirectionally
+ Upstream-->>Client: relay messages bidirectionally
+ Upstream-->>Client: close propagation
+ Client-->>Upstream: close propagation
+ Upstream-->>Client: close(4502, "Upstream error") on upstream error
+ end
+ end
+```
+
+## Shared Client Registry and Broadcasts
+
+Only chat sockets (`/ws`) are tracked in `connectedClients`.
+
+That shared set is consumed by:
+
+1. `modules/projects/services/projects-with-sessions-fetch.service.ts`
+Broadcasts `loading_progress` while project snapshots are being built.
+2. `modules/providers/services/sessions-watcher.service.ts`
+Broadcasts `projects_updated` when provider session artifacts change.
+
+This design centralizes cross-module realtime fanout without requiring route-local references to WebSocket internals.
+
+## Writer Adapter (`WebSocketWriter`)
+
+`WebSocketWriter` normalizes chat transport behavior to match existing writer-style interfaces used elsewhere.
+
+Methods:
+
+1. `send(data)`
+JSON-serializes and sends only if socket is open.
+2. `setSessionId(sessionId)` / `getSessionId()`
+Supports provider session bookkeeping and resume flows.
+3. `updateWebSocket(newRawWs)`
+Allows active session stream redirection on reconnect.
+
+## Error Handling and Close Codes
+
+Current explicit close codes in this module:
+
+1. `4400`: Invalid plugin name
+2. `4404`: Plugin not running
+3. `4502`: Upstream plugin WebSocket error
+
+Other errors:
+
+1. Chat handler catches and emits `{ type: "error", error }`.
+2. Shell handler catches and writes terminal-visible error output.
+3. Unknown websocket paths are closed immediately.
+
+## Extending This Module
+
+To add a new websocket route:
+
+1. Add a new handler service under `services/`.
+2. Extend `WebSocketServerDependencies` in `websocket-server.service.ts` if needed.
+3. Add a new pathname branch in the router.
+4. Wire dependency injection from `server/index.js`.
+5. Keep `index.ts` as barrel-only export surface.
diff --git a/server/modules/websocket/index.ts b/server/modules/websocket/index.ts
new file mode 100644
index 00000000..da65ee82
--- /dev/null
+++ b/server/modules/websocket/index.ts
@@ -0,0 +1,2 @@
+export { WS_OPEN_STATE, connectedClients } from './services/websocket-state.service.js';
+export { createWebSocketServer } from './services/websocket-server.service.js';
diff --git a/server/modules/websocket/services/chat-websocket.service.ts b/server/modules/websocket/services/chat-websocket.service.ts
new file mode 100644
index 00000000..95fabe55
--- /dev/null
+++ b/server/modules/websocket/services/chat-websocket.service.ts
@@ -0,0 +1,271 @@
+import type { WebSocket } from 'ws';
+
+import { connectedClients } from '@/modules/websocket/services/websocket-state.service.js';
+import { WebSocketWriter } from '@/modules/websocket/services/websocket-writer.service.js';
+import type {
+ AnyRecord,
+ AuthenticatedWebSocketRequest,
+ LLMProvider,
+} from '@/shared/types.js';
+import { createNormalizedMessage, parseIncomingJsonObject } from '@/shared/utils.js';
+
+type ChatIncomingMessage = AnyRecord & {
+ type?: string;
+ command?: string;
+ options?: AnyRecord;
+ provider?: string;
+ sessionId?: string;
+ requestId?: string;
+ allow?: unknown;
+ updatedInput?: unknown;
+ message?: unknown;
+ rememberEntry?: unknown;
+};
+
+const DEFAULT_PROVIDER: LLMProvider = 'claude';
+
+type ChatWebSocketDependencies = {
+ queryClaudeSDK: (command: string, options: unknown, writer: WebSocketWriter) => Promise;
+ spawnCursor: (command: string, options: unknown, writer: WebSocketWriter) => Promise;
+ queryCodex: (command: string, options: unknown, writer: WebSocketWriter) => Promise;
+ spawnGemini: (command: string, options: unknown, writer: WebSocketWriter) => Promise;
+ abortClaudeSDKSession: (sessionId: string) => Promise;
+ abortCursorSession: (sessionId: string) => boolean;
+ abortCodexSession: (sessionId: string) => boolean;
+ abortGeminiSession: (sessionId: string) => boolean;
+ resolveToolApproval: (
+ requestId: string,
+ payload: {
+ allow: boolean;
+ updatedInput?: unknown;
+ message?: string;
+ rememberEntry?: unknown;
+ }
+ ) => void;
+ isClaudeSDKSessionActive: (sessionId: string) => boolean;
+ isCursorSessionActive: (sessionId: string) => boolean;
+ isCodexSessionActive: (sessionId: string) => boolean;
+ isGeminiSessionActive: (sessionId: string) => boolean;
+ reconnectSessionWriter: (sessionId: string, ws: WebSocket) => boolean;
+ getPendingApprovalsForSession: (sessionId: string) => unknown[];
+ getActiveClaudeSDKSessions: () => unknown;
+ getActiveCursorSessions: () => unknown;
+ getActiveCodexSessions: () => unknown;
+ getActiveGeminiSessions: () => unknown;
+};
+
+/**
+ * Normalizes potentially invalid provider names coming from websocket payloads.
+ */
+function readProvider(value: unknown): LLMProvider {
+ if (value === 'claude' || value === 'cursor' || value === 'codex' || value === 'gemini') {
+ return value;
+ }
+
+ return DEFAULT_PROVIDER;
+}
+
+/**
+ * Extracts the authenticated request user id in the formats currently produced
+ * by platform and OSS auth code paths.
+ */
+function readRequestUserId(
+ request: AuthenticatedWebSocketRequest | undefined
+): string | number | null {
+ const user = request?.user;
+ if (!user) {
+ return null;
+ }
+
+ if (typeof user.id === 'string' || typeof user.id === 'number') {
+ return user.id;
+ }
+
+ if (typeof user.userId === 'string' || typeof user.userId === 'number') {
+ return user.userId;
+ }
+
+ return null;
+}
+
+/**
+ * Handles authenticated chat websocket messages used by the main chat panel.
+ */
+export function handleChatConnection(
+ ws: WebSocket,
+ request: AuthenticatedWebSocketRequest,
+ dependencies: ChatWebSocketDependencies
+): void {
+ console.log('[INFO] Chat WebSocket connected');
+ connectedClients.add(ws);
+
+ const writer = new WebSocketWriter(ws, readRequestUserId(request));
+
+ ws.on('message', async (rawMessage) => {
+ try {
+ const parsed = parseIncomingJsonObject(rawMessage);
+ if (!parsed) {
+ throw new Error('Invalid websocket payload');
+ }
+
+ const data = parsed as ChatIncomingMessage;
+ const messageType = data.type;
+ if (!messageType) {
+ throw new Error('Message type is required');
+ }
+
+ if (messageType === 'claude-command') {
+ await dependencies.queryClaudeSDK(data.command ?? '', data.options, writer);
+ return;
+ }
+
+ if (messageType === 'cursor-command') {
+ await dependencies.spawnCursor(data.command ?? '', data.options, writer);
+ return;
+ }
+
+ if (messageType === 'codex-command') {
+ await dependencies.queryCodex(data.command ?? '', data.options, writer);
+ return;
+ }
+
+ if (messageType === 'gemini-command') {
+ await dependencies.spawnGemini(data.command ?? '', data.options, writer);
+ return;
+ }
+
+ if (messageType === 'cursor-resume') {
+ await dependencies.spawnCursor(
+ '',
+ {
+ sessionId: data.sessionId,
+ resume: true,
+ cwd: data.options?.cwd,
+ },
+ writer
+ );
+ return;
+ }
+
+ if (messageType === 'abort-session') {
+ const provider = readProvider(data.provider);
+ const sessionId = typeof data.sessionId === 'string' ? data.sessionId : '';
+ let success = false;
+
+ if (provider === 'cursor') {
+ success = dependencies.abortCursorSession(sessionId);
+ } else if (provider === 'codex') {
+ success = dependencies.abortCodexSession(sessionId);
+ } else if (provider === 'gemini') {
+ success = dependencies.abortGeminiSession(sessionId);
+ } else {
+ success = await dependencies.abortClaudeSDKSession(sessionId);
+ }
+
+ writer.send(
+ createNormalizedMessage({
+ kind: 'complete',
+ exitCode: success ? 0 : 1,
+ aborted: true,
+ success,
+ sessionId,
+ provider,
+ })
+ );
+ return;
+ }
+
+ if (messageType === 'claude-permission-response') {
+ if (typeof data.requestId === 'string' && data.requestId.length > 0) {
+ dependencies.resolveToolApproval(data.requestId, {
+ allow: Boolean(data.allow),
+ updatedInput: data.updatedInput,
+ message: typeof data.message === 'string' ? data.message : undefined,
+ rememberEntry: data.rememberEntry,
+ });
+ }
+ return;
+ }
+
+ if (messageType === 'cursor-abort') {
+ const sessionId = typeof data.sessionId === 'string' ? data.sessionId : '';
+ const success = dependencies.abortCursorSession(sessionId);
+ writer.send(
+ createNormalizedMessage({
+ kind: 'complete',
+ exitCode: success ? 0 : 1,
+ aborted: true,
+ success,
+ sessionId,
+ provider: 'cursor',
+ })
+ );
+ return;
+ }
+
+ if (messageType === 'check-session-status') {
+ const provider = readProvider(data.provider);
+ const sessionId = typeof data.sessionId === 'string' ? data.sessionId : '';
+ let isActive = false;
+
+ if (provider === 'cursor') {
+ isActive = dependencies.isCursorSessionActive(sessionId);
+ } else if (provider === 'codex') {
+ isActive = dependencies.isCodexSessionActive(sessionId);
+ } else if (provider === 'gemini') {
+ isActive = dependencies.isGeminiSessionActive(sessionId);
+ } else {
+ isActive = dependencies.isClaudeSDKSessionActive(sessionId);
+ if (isActive) {
+ dependencies.reconnectSessionWriter(sessionId, ws);
+ }
+ }
+
+ writer.send({
+ type: 'session-status',
+ sessionId,
+ provider,
+ isProcessing: isActive,
+ });
+ return;
+ }
+
+ if (messageType === 'get-pending-permissions') {
+ const sessionId = typeof data.sessionId === 'string' ? data.sessionId : '';
+ if (sessionId && dependencies.isClaudeSDKSessionActive(sessionId)) {
+ const pending = dependencies.getPendingApprovalsForSession(sessionId);
+ writer.send({
+ type: 'pending-permissions-response',
+ sessionId,
+ data: pending,
+ });
+ }
+ return;
+ }
+
+ if (messageType === 'get-active-sessions') {
+ writer.send({
+ type: 'active-sessions',
+ sessions: {
+ claude: dependencies.getActiveClaudeSDKSessions(),
+ cursor: dependencies.getActiveCursorSessions(),
+ codex: dependencies.getActiveCodexSessions(),
+ gemini: dependencies.getActiveGeminiSessions(),
+ },
+ });
+ }
+ } catch (error) {
+ const message = error instanceof Error ? error.message : String(error);
+ console.error('[ERROR] Chat WebSocket error:', message);
+ writer.send({
+ type: 'error',
+ error: message,
+ });
+ }
+ });
+
+ ws.on('close', () => {
+ console.log('[INFO] Chat client disconnected');
+ connectedClients.delete(ws);
+ });
+}
diff --git a/server/modules/websocket/services/plugin-websocket-proxy.service.ts b/server/modules/websocket/services/plugin-websocket-proxy.service.ts
new file mode 100644
index 00000000..491fd540
--- /dev/null
+++ b/server/modules/websocket/services/plugin-websocket-proxy.service.ts
@@ -0,0 +1,65 @@
+import { WebSocket } from 'ws';
+
+/**
+ * Proxies an authenticated client websocket to a plugin websocket endpoint.
+ */
+export function handlePluginWsProxy(
+ clientWs: WebSocket,
+ pathname: string,
+ getPluginPort: (pluginName: string) => number | null
+): void {
+ const pluginName = pathname.replace('/plugin-ws/', '');
+ if (!pluginName || /[^a-zA-Z0-9_-]/.test(pluginName)) {
+ clientWs.close(4400, 'Invalid plugin name');
+ return;
+ }
+
+ const port = getPluginPort(pluginName);
+ if (!port) {
+ clientWs.close(4404, 'Plugin not running');
+ return;
+ }
+
+ const upstream = new WebSocket(`ws://127.0.0.1:${port}/ws`);
+
+ upstream.on('open', () => {
+ console.log(`[Plugins] WS proxy connected to "${pluginName}" on port ${port}`);
+ });
+
+ upstream.on('message', (data) => {
+ if (clientWs.readyState === WebSocket.OPEN) {
+ clientWs.send(data);
+ }
+ });
+
+ clientWs.on('message', (data) => {
+ if (upstream.readyState === WebSocket.OPEN) {
+ upstream.send(data);
+ }
+ });
+
+ upstream.on('close', () => {
+ if (clientWs.readyState === WebSocket.OPEN) {
+ clientWs.close();
+ }
+ });
+
+ clientWs.on('close', () => {
+ if (upstream.readyState === WebSocket.OPEN) {
+ upstream.close();
+ }
+ });
+
+ upstream.on('error', (error) => {
+ console.error(`[Plugins] WS proxy error for "${pluginName}":`, error.message);
+ if (clientWs.readyState === WebSocket.OPEN) {
+ clientWs.close(4502, 'Upstream error');
+ }
+ });
+
+ clientWs.on('error', () => {
+ if (upstream.readyState === WebSocket.OPEN) {
+ upstream.close();
+ }
+ });
+}
diff --git a/server/modules/websocket/services/shell-websocket.service.ts b/server/modules/websocket/services/shell-websocket.service.ts
new file mode 100644
index 00000000..9bf7046b
--- /dev/null
+++ b/server/modules/websocket/services/shell-websocket.service.ts
@@ -0,0 +1,453 @@
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+
+import pty, { type IPty } from 'node-pty';
+import { WebSocket, type RawData } from 'ws';
+
+import { parseIncomingJsonObject } from '@/shared/utils.js';
+
+type ShellIncomingMessage = {
+ type?: string;
+ data?: string;
+ cols?: number;
+ rows?: number;
+ projectPath?: string;
+ sessionId?: string;
+ hasSession?: boolean;
+ provider?: string;
+ initialCommand?: string;
+ isPlainShell?: boolean;
+};
+
+type PtySessionEntry = {
+ pty: IPty;
+ ws: WebSocket | null;
+ buffer: string[];
+ timeoutId: NodeJS.Timeout | null;
+ projectPath: string;
+ sessionId: string | null;
+};
+
+const ptySessionsMap = new Map();
+const PTY_SESSION_TIMEOUT = 30 * 60 * 1000;
+const SHELL_URL_PARSE_BUFFER_LIMIT = 32768;
+
+type ShellWebSocketDependencies = {
+ getSessionById: (sessionId: string) => { cliSessionId?: string } | null | undefined;
+ stripAnsiSequences: (content: string) => string;
+ normalizeDetectedUrl: (url: string) => string | null;
+ extractUrlsFromText: (content: string) => string[];
+ shouldAutoOpenUrlFromOutput: (content: string) => boolean;
+};
+
+/**
+ * Reads a string field from untyped payloads and falls back when absent.
+ */
+function readString(value: unknown, fallback = ''): string {
+ return typeof value === 'string' ? value : fallback;
+}
+
+/**
+ * Reads a boolean field from untyped payloads and falls back when absent.
+ */
+function readBoolean(value: unknown, fallback = false): boolean {
+ return typeof value === 'boolean' ? value : fallback;
+}
+
+/**
+ * Reads a finite number field from untyped payloads and falls back when absent.
+ */
+function readNumber(value: unknown, fallback: number): number {
+ return typeof value === 'number' && Number.isFinite(value) ? value : fallback;
+}
+
+/**
+ * Parses incoming websocket shell messages and keeps processing safe when
+ * malformed payloads are received.
+ */
+function parseShellMessage(rawMessage: RawData): ShellIncomingMessage | null {
+ const payload = parseIncomingJsonObject(rawMessage);
+ if (!payload) {
+ return null;
+ }
+
+ return payload as ShellIncomingMessage;
+}
+
+/**
+ * Resolves provider command line for plain shell and agent-backed shell modes.
+ */
+function buildShellCommand(
+ message: ShellIncomingMessage,
+ dependencies: ShellWebSocketDependencies
+): string {
+ const hasSession = readBoolean(message.hasSession);
+ const sessionId = readString(message.sessionId);
+ const initialCommand = readString(message.initialCommand);
+ const provider = readString(message.provider, 'claude');
+ const safeSessionIdPattern = /^[a-zA-Z0-9_.\-:]+$/;
+ const isPlainShell =
+ readBoolean(message.isPlainShell) ||
+ (!!initialCommand && !hasSession) ||
+ provider === 'plain-shell';
+
+ if (isPlainShell) {
+ return initialCommand;
+ }
+
+ if (provider === 'cursor') {
+ if (hasSession && sessionId) {
+ return `cursor-agent --resume="${sessionId}"`;
+ }
+ return 'cursor-agent';
+ }
+
+ if (provider === 'codex') {
+ if (hasSession && sessionId) {
+ if (os.platform() === 'win32') {
+ return `codex resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { codex }`;
+ }
+ return `codex resume "${sessionId}" || codex`;
+ }
+ return 'codex';
+ }
+
+ if (provider === 'gemini') {
+ const command = initialCommand || 'gemini';
+ let resumeId = sessionId;
+ if (hasSession && sessionId) {
+ try {
+ const existingSession = dependencies.getSessionById(sessionId);
+ if (existingSession && existingSession.cliSessionId) {
+ resumeId = existingSession.cliSessionId;
+ if (!safeSessionIdPattern.test(resumeId)) {
+ resumeId = '';
+ }
+ }
+ } catch (error) {
+ console.error('Failed to get Gemini CLI session ID:', error);
+ }
+ }
+
+ if (hasSession && resumeId) {
+ return `${command} --resume "${resumeId}"`;
+ }
+ return command;
+ }
+
+ const command = initialCommand || 'claude';
+ if (hasSession && sessionId) {
+ if (os.platform() === 'win32') {
+ return `claude --resume "${sessionId}"; if ($LASTEXITCODE -ne 0) { claude }`;
+ }
+ return `claude --resume "${sessionId}" || claude`;
+ }
+ return command;
+}
+
+/**
+ * Handles websocket connections used by the standalone shell terminal UI.
+ */
+export function handleShellConnection(
+ ws: WebSocket,
+ dependencies: ShellWebSocketDependencies
+): void {
+ console.log('[INFO] Shell websocket connected');
+
+ let shellProcess: IPty | null = null;
+ let ptySessionKey: string | null = null;
+ let urlDetectionBuffer = '';
+ const announcedAuthUrls = new Set