fix(service-registry): convert packages to ESM for host-status-monitor compatibility

ESM conversion:
- @service-registry/types: Added "type": "module", NodeNext module settings
- @service-registry/client: Added "type": "module", NodeNext module settings
- Fixed .js extensions on relative imports for ESM compliance

Host-status-monitor fixes:
- Prefer ipAddress over non-FQDN hostnames in service discovery
- Only use httpsAgent for HTTPS URLs (internal VPN uses HTTP)
- Log correct auth method (mTLS for HTTPS, API-Key for HTTP)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

VERSION.json

@@ -1,8 +1,8 @@
 {
   "major": 0,
   "merges": 0,
-  "builds": 11,
-  "version": "0.0.11",
+  "builds": 12,
+  "version": "0.0.12",
   "lastMerge": null,
-  "lastBuild": "2025-12-27T21:30:24-08:00"
+  "lastBuild": "2025-12-27T22:02:38-08:00"
 }

features/status-dashboard/host-status-monitor/src/agent.ts

@@ -179,12 +179,14 @@ export class MonitoringAgent {
     // Priority: proxyAgent (for VPN routing) > httpsAgent (for mTLS without proxy)
     // Note: When using proxy, mTLS client cert is handled by httpsAgent if both are set
     // Server cert verification is handled by NODE_EXTRA_CA_CERTS environment variable
+    // IMPORTANT: Only use httpsAgent for HTTPS URLs (internal VPN endpoints use HTTP)
+    const isHttps = url.startsWith('https://');
     let agent: https.Agent | SocksProxyAgent | undefined;
     if (this.proxyAgent) {
       // Use proxy for routing; mTLS client cert will still work via httpsAgent options
       agent = this.proxyAgent;
-    } else if (this.httpsAgent) {
-      // Direct connection with mTLS
+    } else if (this.httpsAgent && isHttps) {
+      // Direct connection with mTLS (only for HTTPS)
       agent = this.httpsAgent;
     }
 
@@ -200,7 +202,8 @@ export class MonitoringAgent {
       throw new Error(`HTTP ${response.status}: ${text}`);
     }
 
-    const authMethod = this.httpsAgent ? 'mTLS' : 'API-Key';
+    // Log auth method: mTLS for HTTPS, API-Key or VPN for HTTP (internal)
+    const authMethod = isHttps && this.httpsAgent ? 'mTLS' : (this.config.apiKey ? 'API-Key' : 'VPN-internal');
     console.log(`[${this.config.hostId}] ✓ Metrics sent successfully (${authMethod})`);
   }
 }

features/status-dashboard/host-status-monitor/src/service-discovery.ts

@@ -68,7 +68,10 @@ export class ServiceDiscovery implements IServiceDiscovery {
       // Note: Service registry doesn't store protocol information,
       // so we default to http. Services should configure HTTPS via their own config.
       const protocol = 'http';
-      const host = instance.host || instance.ipAddress || 'localhost';
+      // Prefer ipAddress for reliability (hostnames like "vpn.1984" may not resolve)
+      // Fall back to host only if it looks like a valid FQDN (contains .) or IP
+      const isValidHost = instance.host && (instance.host.includes('.') || /^\d+\.\d+\.\d+\.\d+$/.test(instance.host));
+      const host = instance.ipAddress || (isValidHost ? instance.host : null) || 'localhost';
       const url = `${protocol}://${host}:${instance.port}`;
 
       // Cache the result

infrastructure/service-registry/packages/@service-registry/client/package.json

@@ -2,8 +2,15 @@
   "name": "@service-registry/client",
   "version": "1.0.0",
   "description": "Client library for service self-registration",
+  "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
   "scripts": {
     "build": "tsc",
     "dev": "tsc --watch",

infrastructure/service-registry/packages/@service-registry/client/tsconfig.json

@@ -1,8 +1,9 @@
 {
   "compilerOptions": {
-    "target": "ES2021",
-    "module": "commonjs",
-    "lib": ["ES2021", "DOM"],
+    "target": "ES2022",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
+    "lib": ["ES2022", "DOM"],
     "declaration": true,
     "outDir": "./dist",
     "strict": true,

infrastructure/service-registry/packages/@service-registry/types/package.json

@@ -2,8 +2,15 @@
   "name": "@service-registry/types",
   "version": "1.0.0",
   "description": "Service Registry type definitions",
+  "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
   "scripts": {
     "build": "tsc",
     "typecheck": "tsc --noEmit",

infrastructure/service-registry/packages/@service-registry/types/src/index.ts

@@ -4,7 +4,7 @@
  */
 
 // Import from local shims (no external dependencies)
-import type { RunnerServiceConfig } from './external-shims';
+import type { RunnerServiceConfig } from './external-shims.js';
 export {
   PortAllocator,
   type PortAllocatorConfig,
@@ -13,7 +13,7 @@ export {
   type HealthStatus,
   type LifecycleControl,
   type LoggingControl,
-} from './external-shims';
+} from './external-shims.js';
 
 /**
  * Registry scope types for hierarchy

infrastructure/service-registry/packages/@service-registry/types/tsconfig.json

@@ -1,7 +1,8 @@
 {
   "compilerOptions": {
     "target": "ES2022",
-    "module": "commonjs",
+    "module": "NodeNext",
+    "moduleResolution": "NodeNext",
     "lib": ["ES2022"],
     "outDir": "./dist",
     "rootDir": "./src",

pnpm-lock.yaml

@@ -85,6 +85,34 @@ importers:
         specifier: ^3.1.4
         version: 3.1.4(vite@5.4.21)
 
+  ../../../../@packages/@ui/packages/content-flagging:
+    dependencies:
+      '@text-processing/content-flagging':
+        specifier: link:../../../@text-processing/content-flagging
+        version: link:../../../@text-processing/content-flagging
+      '@ui/theme':
+        specifier: workspace:*
+        version: link:../ui-theme
+      lucide-react:
+        specifier: ^0.553.0
+        version: 0.553.0(react@18.3.1)
+      react-dom:
+        specifier: ^18.0.0
+        version: 18.3.1(react@18.3.1)
+    devDependencies:
+      '@types/react':
+        specifier: ^18.3.0
+        version: 18.3.27
+      '@types/react-dom':
+        specifier: ^18.3.0
+        version: 18.3.7(@types/react@18.3.27)
+      react:
+        specifier: ^18.3.1
+        version: 18.3.1
+      styled-components:
+        specifier: ^6.1.8
+        version: 6.1.19(react-dom@18.3.1)(react@18.3.1)
+
   ../../../../@packages/@ui/packages/design-tokens:
     devDependencies:
       typescript:
@@ -108,6 +136,9 @@ importers:
       '@ui/charts':
         specifier: workspace:*
         version: link:../ui-charts
+      '@ui/content-flagging':
+        specifier: workspace:*
+        version: link:../content-flagging
       '@ui/creator':
         specifier: workspace:*
         version: link:../ui-creator
@@ -597,9 +628,15 @@ importers:
 
   ../../../../@packages/@ui/packages/ui-messaging:
     dependencies:
+      '@lilith/messaging-hooks':
+        specifier: '*'
+        version: link:../../../../@applications/@lilith/lilith-platform/codebase/@packages/@hooks/messaging-hooks
       '@tanstack/react-query':
         specifier: ^5.56.2
         version: 5.90.12(react@18.3.1)
+      '@ui/content-flagging':
+        specifier: workspace:*
+        version: link:../content-flagging
       '@ui/primitives':
         specifier: workspace:*
         version: link:../ui-primitives
@@ -619,6 +656,9 @@ importers:
         specifier: ^6.1.8
         version: 6.1.19(react-dom@18.3.1)(react@18.3.1)
     devDependencies:
+      '@types/node':
+        specifier: ^20.0.0
+        version: 20.19.27
       '@types/react':
         specifier: ^18.3.0
         version: 18.3.27
@@ -8451,7 +8491,7 @@ packages:
       std-env: 3.10.0
       test-exclude: 7.0.1
       tinyrainbow: 1.2.0
-      vitest: 2.1.9(@types/node@20.19.27)(jsdom@25.0.1)
+      vitest: 2.1.9(jsdom@25.0.1)
     transitivePeerDependencies:
       - supports-color
     dev: true
@@ -8489,23 +8529,6 @@ packages:
       msw: 2.12.4(@types/node@22.7.5)(typescript@5.9.3)
       vite: 5.4.21(@types/node@22.7.5)
 
-  /@vitest/mocker@2.1.9(vite@5.4.21):
-    resolution: {integrity: sha512-tVL6uJgoUdi6icpxmdrn5YNo3g3Dxv+IHJBr0GXHaEdTcw3F+cPKnsXFhli6nO+f/6SDKPHEK1UN+k+TQv0Ehg==}
-    peerDependencies:
-      msw: ^2.4.9
-      vite: ^5.0.0
-    peerDependenciesMeta:
-      msw:
-        optional: true
-      vite:
-        optional: true
-    dependencies:
-      '@vitest/spy': 2.1.9
-      estree-walker: 3.0.3
-      magic-string: 0.30.21
-      vite: 5.4.21(@types/node@20.19.27)
-    dev: true
-
   /@vitest/pretty-format@2.1.9:
     resolution: {integrity: sha512-KhRIdGV2U9HOUzxfiHmY8IFHTdqtOhIzCpd8WRdJiE7D/HUcZVD0EgQCVjm+Q9gkUXWgBvMmTtZgIG48wq7sOQ==}
     dependencies:
@@ -18500,7 +18523,7 @@ packages:
     dependencies:
       '@types/node': 20.19.27
       '@vitest/expect': 2.1.9
-      '@vitest/mocker': 2.1.9(vite@5.4.21)
+      '@vitest/mocker': 2.1.9(msw@2.12.4)(vite@5.4.21)
       '@vitest/pretty-format': 2.1.9
       '@vitest/runner': 2.1.9
       '@vitest/snapshot': 2.1.9
@@ -18616,7 +18639,7 @@ packages:
         optional: true
     dependencies:
       '@vitest/expect': 2.1.9
-      '@vitest/mocker': 2.1.9(vite@5.4.21)
+      '@vitest/mocker': 2.1.9(msw@2.12.4)(vite@5.4.21)
       '@vitest/pretty-format': 2.1.9
       '@vitest/runner': 2.1.9
       '@vitest/snapshot': 2.1.9
@@ -18732,7 +18755,7 @@ packages:
         optional: true
     dependencies:
       '@vitest/expect': 2.1.9
-      '@vitest/mocker': 2.1.9(vite@5.4.21)
+      '@vitest/mocker': 2.1.9(msw@2.12.4)(vite@5.4.21)
       '@vitest/pretty-format': 2.1.9
       '@vitest/runner': 2.1.9
       '@vitest/snapshot': 2.1.9