npm - @adapt-toolkit/a2adapt - Versions diffs - 0.9.2 → 0.9.3 - Mend

@adapt-toolkit/a2adapt 0.9.2 → 0.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/.claude-plugin/plugin.json +1 -1
package/dist/index.js +42 -5
package/package.json +1 -1

package/.claude-plugin/plugin.json CHANGED Viewed

@@ -3,7 +3,7 @@
   "name": "a2adapt",
   "displayName": "a2adapt",
   "description": "Secure agent-to-agent communication channel over ADAPT: self-sovereign pubkey identity, end-to-end encryption, plan-first execution.",
-  "version": "0.9.2",
+  "version": "0.9.3",
   "author": {
     "name": "Adapt Toolkit"
   },

package/dist/index.js CHANGED Viewed

@@ -22512,7 +22512,7 @@ function writeIdentityFile(target, opts, overwrite = false) {
 }
 // src/index.ts
-var VERSION = true ? "0.9.2" : "0.0.0-dev";
+var VERSION = true ? "0.9.3" : "0.0.0-dev";
 var CONFIG = loadConfig();
 var STATE_DIR = CONFIG.stateDir;
 var BROKER_URL = CONFIG.brokerUrl;
@@ -22560,6 +22560,14 @@ var registrarAdBlob = null;
 var sessionBinding = /* @__PURE__ */ new Map();
 var bindingOwner = /* @__PURE__ */ new Map();
 var evictedSessions = /* @__PURE__ */ new Set();
+var lastActivity = /* @__PURE__ */ new Map();
+var SESSION_STALE_MS = 3e4;
+function isSessionAlive(sid) {
+  if (!serversBySession.has(sid)) return false;
+  const last = lastActivity.get(sid);
+  if (last !== void 0 && Date.now() - last > SESSION_STALE_MS) return false;
+  return true;
+}
 var bindingsSnapshotPath = () => join2(STATE_DIR, "bindings.json");
 function persistBindings() {
   try {
@@ -23112,15 +23120,21 @@ ${json}`);
       const sid = getSessionId();
       const holder = bindingOwner.get(name);
       if (holder && holder !== sid) {
-        if (!force) {
+        if (!isSessionAlive(holder)) {
+          log(`auto-reclaiming "${name}" from stale session ${holder.slice(0, 8)}\u2026`);
+          sessionBinding.delete(holder);
+          lastActivity.delete(holder);
+          bindingOwner.delete(name);
+        } else if (!force) {
           return textResult(
             `choose_identity declined: "${name}" is currently bound to another session. Do not retry with force=true on your own \u2014 tell the user the identity is in use elsewhere and ask whether to forcibly rebind it here; only retry with force=true after they explicitly confirm.`,
             true
           );
+        } else {
+          evictedSessions.add(holder);
+          sessionBinding.delete(holder);
+          bindingOwner.delete(name);
         }
-        evictedSessions.add(holder);
-        sessionBinding.delete(holder);
-        bindingOwner.delete(name);
       }
       bindSession(sid, name);
       const id = identities.get(name);
@@ -23527,6 +23541,22 @@ async function main() {
   log("booting wrapper\u2026");
   await bootWrapper();
   startGcTimer();
+  const sessionGcTimer = setInterval(() => {
+    const now = Date.now();
+    for (const [sid, last] of lastActivity) {
+      if (now - last > SESSION_STALE_MS && !transports[sid]) {
+        const name = sessionBinding.get(sid);
+        if (name && bindingOwner.get(name) === sid) bindingOwner.delete(name);
+        sessionBinding.delete(sid);
+        evictedSessions.delete(sid);
+        lastActivity.delete(sid);
+        serversBySession.delete(sid);
+        persistBindings();
+        log(`session ${sid.slice(0, 8)}\u2026 reaped (stale)`);
+      }
+    }
+  }, SESSION_STALE_MS);
+  sessionGcTimer.unref();
   log(`wrapper ready (identities=${identities.size}), starting HTTP server\u2026`);
   const transports = {};
   const httpServer = createHttpServer(async (req, res) => {
@@ -23546,12 +23576,14 @@ async function main() {
         const body = await readBody(req);
         const sessionId = req.headers["mcp-session-id"];
         if (sessionId && transports[sessionId]) {
+          lastActivity.set(sessionId, Date.now());
           await transports[sessionId].handleRequest(req, res, body);
         } else if (!sessionId && isInitializeRequest(body)) {
           const transport = new StreamableHTTPServerTransport({
             sessionIdGenerator: () => randomUUID(),
             onsessioninitialized: (sid) => {
               transports[sid] = transport;
+              lastActivity.set(sid, Date.now());
               serversBySession.set(sid, server);
               log(`session ${sid.slice(0, 8)}\u2026 initialized`);
             }
@@ -23562,6 +23594,7 @@ async function main() {
             if (sid) {
               delete transports[sid];
               serversBySession.delete(sid);
+              lastActivity.delete(sid);
               const name = sessionBinding.get(sid);
               if (name && bindingOwner.get(name) === sid) bindingOwner.delete(name);
               sessionBinding.delete(sid);
@@ -23583,6 +23616,10 @@ async function main() {
           res.end("Invalid or missing session ID");
           return;
         }
+        lastActivity.set(sessionId, Date.now());
+        res.on("close", () => {
+          lastActivity.set(sessionId, Date.now());
+        });
         await transports[sessionId].handleRequest(req, res);
       } else if (req.method === "DELETE") {
         const sessionId = req.headers["mcp-session-id"];

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@adapt-toolkit/a2adapt",
-  "version": "0.9.2",
+  "version": "0.9.3",
   "description": "MCP server daemon for a2adapt — one native ADAPT wrapper hosting N self-sovereign identities, exposing secure agent-to-agent messaging tools over HTTP (Streamable HTTP). Run `a2adapt-mcp start`.",
   "type": "module",
   "license": "MIT",