npm - @agent-team-foundation/first-tree-hub - Versions diffs - 0.11.4 → 0.12.0 - Mend

@agent-team-foundation/first-tree-hub 0.11.4 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/dist/client-BhCtO2df-BGOu-rRN.mjs ADDED Viewed

@@ -0,0 +1,7 @@
+import "./observability-BAScT_5S-BcW9HgkG.mjs";
+import "./logger-core-BTmvdflj-DjW8FM4T.mjs";
+import "./dist-UOZ6vMUW.mjs";
+import "./errors-CF5evtJt-B0NTIVPt.mjs";
+import "./src-DNBS5Yjj.mjs";
+import { q as listMyPinnedAgents } from "./client-BPUdUaZT-CyCrpCTP.mjs";
+export { listMyPinnedAgents };

package/dist/{dist-BQtAQNRD.mjs → dist-LgF7LHpE.mjs} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { i as __require, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { t as require_src } from "./src-aJMV60mR.mjs";
+import { t as require_src } from "./src-DNBS5Yjj.mjs";
 //#region ../../node_modules/.pnpm/agent-base@7.1.4/node_modules/agent-base/dist/helpers.js
 var require_helpers = /* @__PURE__ */ __commonJSMin(((exports) => {
 	var __createBinding = exports && exports.__createBinding || (Object.create ? (function(o, m, k, k2) {

package/dist/{dist-ClFs4WMj.mjs → dist-UOZ6vMUW.mjs} RENAMED Viewed

@@ -137,195 +137,6 @@ z.object({
 	connected: z.boolean(),
 	lastActiveAt: z.string().nullable()
 });
-const presenceStatusSchema = z.enum(["online", "offline"]);
-const runtimeStateSchema = z.enum([
-	"idle",
-	"working",
-	"blocked",
-	"error"
-]);
-z.enum([
-	"active",
-	"suspended",
-	"evicted"
-]);
-/** Wire-level states a client may report. `evicted` from a stale client is rejected. */
-const clientSessionStateSchema = z.enum(["active", "suspended"]);
-const sessionStateMessageSchema = z.object({
-	chatId: z.string().min(1),
-	state: clientSessionStateSchema
-});
-/** Client-reported runtime state override (client → server, per-agent). */
-const runtimeStateMessageSchema = z.object({ runtimeState: runtimeStateSchema });
-const agentBindRequestSchema = z.object({
-	agentId: z.string().min(1),
-	runtimeType: z.string().max(50),
-	runtimeVersion: z.string().max(50).optional()
-});
-const AGENT_BIND_REJECT_REASONS = {
-	WRONG_CLIENT: "wrong_client",
-	NOT_OWNED: "not_owned",
-	AGENT_SUSPENDED: "agent_suspended",
-	WRONG_ORG: "wrong_org",
-	UNKNOWN_AGENT: "unknown_agent",
-	RUNTIME_PROVIDER_MISMATCH: "runtime_provider_mismatch"
-};
-z.enum([
-	"wrong_client",
-	"not_owned",
-	"agent_suspended",
-	"wrong_org",
-	"unknown_agent",
-	"runtime_provider_mismatch"
-]);
-/** Header used on agent-scoped HTTP calls to select which managed agent the JWT acts as. */
-const AGENT_SELECTOR_HEADER = "x-agent-id";
-z.object({
-	agentId: z.string(),
-	status: presenceStatusSchema,
-	connectedAt: z.string().nullable(),
-	lastSeenAt: z.string(),
-	clientId: z.string().nullable().optional(),
-	runtimeType: z.string().nullable().optional(),
-	runtimeVersion: z.string().nullable().optional(),
-	runtimeState: runtimeStateSchema.nullable().optional(),
-	activeSessions: z.number().int().nullable().optional(),
-	totalSessions: z.number().int().nullable().optional(),
-	runtimeUpdatedAt: z.string().nullable().optional()
-});
-z.object({
-	total: z.number().int(),
-	running: z.number().int(),
-	byState: z.object({
-		idle: z.number().int(),
-		working: z.number().int(),
-		blocked: z.number().int(),
-		error: z.number().int()
-	}),
-	clients: z.number().int()
-});
-const runtimeProviderSchema = z.enum(["claude-code", "codex"]);
-const DEFAULT_RUNTIME_PROVIDER = "claude-code";
-const AGENT_TYPES = {
-	HUMAN: "human",
-	PERSONAL_ASSISTANT: "personal_assistant",
-	AUTONOMOUS_AGENT: "autonomous_agent"
-};
-const agentTypeSchema = z.enum([
-	"human",
-	"personal_assistant",
-	"autonomous_agent"
-]);
-const AGENT_VISIBILITY = {
-	PRIVATE: "private",
-	ORGANIZATION: "organization"
-};
-const agentVisibilitySchema = z.enum(["private", "organization"]);
-const AGENT_STATUSES = {
-	ACTIVE: "active",
-	SUSPENDED: "suspended",
-	DELETED: "deleted"
-};
-const AGENT_SOURCES = {
-	ADMIN_API: "admin-api",
-	PORTAL: "portal"
-};
-const agentSourceSchema = z.enum(["admin-api", "portal"]);
-z.enum(["active", "suspended"]);
-/**
-* Agent-name rules (see docs/agent-naming-design.md §3.1):
-*   - Lowercase ASCII slug, hyphens + underscores allowed.
-*   - Must start with alphanumeric: `-` / `_` as first char collide with
-*     CLI flag parsing and markdown list syntax.
-*   - 1–64 chars — aligned with `MENTION_REGEX` so any valid name can be
-*     @-mentioned in chat. Older rows created under the previous 1–100
-*     regex are grandfathered; the tight rule only gates new creates.
-*/
-const AGENT_NAME_REGEX = /^[a-z0-9][a-z0-9_-]{0,63}$/;
-const RESERVED_AGENT_NAMES_SET = new Set([
-	"admin",
-	"agent",
-	"first-tree",
-	"hub",
-	"me",
-	"null",
-	"system",
-	"undefined"
-]);
-function isReservedAgentName(name) {
-	return RESERVED_AGENT_NAMES_SET.has(name);
-}
-const createAgentSchema = z.object({
-	name: z.string().min(1).max(64).regex(AGENT_NAME_REGEX, "Must start with a letter or digit and contain only lowercase letters, digits, hyphens (-), and underscores (_). Max 64 chars.").refine((n) => !isReservedAgentName(n), { message: "That agent name is reserved — pick a different one." }).optional(),
-	type: agentTypeSchema,
-	displayName: z.string().min(1).max(200).optional(),
-	delegateMention: z.string().max(100).optional(),
-	organizationId: z.string().min(1).max(100).optional(),
-	source: agentSourceSchema.optional(),
-	visibility: agentVisibilitySchema.optional(),
-	metadata: z.record(z.string(), z.unknown()).optional(),
-	managerId: z.string().optional(),
-	clientId: z.string().min(1).max(100).optional(),
-	runtimeProvider: runtimeProviderSchema.optional()
-});
-const updateAgentSchema = z.object({
-	type: agentTypeSchema.optional(),
-	displayName: z.string().min(1).max(200).optional(),
-	delegateMention: z.string().max(100).nullable().optional(),
-	visibility: agentVisibilitySchema.optional(),
-	metadata: z.record(z.string(), z.unknown()).optional(),
-	managerId: z.string().nullable().optional(),
-	clientId: z.string().min(1).max(100).nullable().optional()
-});
-/**
-* Service-level rebind input. Admin / owner re-binds an agent to a new
-* client and/or a new runtime provider in one atomic operation.
-*
-* `force` bypasses the capability-match check (e.g. when the client is
-* offline and capabilities are stale).
-*/
-const rebindAgentSchema = z.object({
-	clientId: z.string().min(1).max(100),
-	runtimeProvider: runtimeProviderSchema,
-	force: z.boolean().optional()
-});
-z.object({
-	uuid: z.string(),
-	name: z.string().nullable(),
-	organizationId: z.string(),
-	type: agentTypeSchema,
-	displayName: z.string(),
-	delegateMention: z.string().nullable(),
-	inboxId: z.string(),
-	status: z.string(),
-	source: z.string().nullable().optional(),
-	visibility: agentVisibilitySchema,
-	metadata: z.record(z.string(), z.unknown()),
-	managerId: z.string().nullable(),
-	clientId: z.string().nullable(),
-	runtimeProvider: runtimeProviderSchema,
-	presenceStatus: presenceStatusSchema.optional(),
-	createdAt: z.string(),
-	updatedAt: z.string()
-});
-z.object({
-	repo: z.string().nullable(),
-	branch: z.string().nullable()
-});
-/**
-* Server → client WebSocket frame announcing that an agent has just been
-* pinned to the connected client (either created with `clientId` or bound via
-* PATCH NULL → ID). The client can auto-register a local config from this so
-* the operator doesn't have to run `first-tree-hub agent add` manually.
-*/
-const agentPinnedMessageSchema = z.object({
-	type: z.literal("agent:pinned"),
-	agentId: z.string(),
-	name: z.string().nullable(),
-	displayName: z.string(),
-	agentType: agentTypeSchema,
-	runtimeProvider: runtimeProviderSchema
-});
 /**
 * Agent runtime configuration.
 *
@@ -500,6 +311,26 @@ const agentRuntimeConfigSchema = z.object({
 	updatedBy: z.string()
 });
 /**
+* Write-side shape with no `.default()` per field.
+*
+* `agentRuntimeConfigPayloadShape` carries `.default()` on every field for the
+* read path (so legacy DB rows parse cleanly). On the PATCH side those defaults
+* are actively harmful: Zod 4's `.partial()` makes a field optional but keeps
+* the inner `ZodDefault`, so a body like `{ mcpServers: [...] }` parses to a
+* fully-populated patch where the omitted fields are filled with their
+* defaults — the service layer's `patch.x ?? current.x` then sees a truthy
+* default and *replaces* the user's saved value with empty. Mirroring the 5
+* fields here without defaults keeps "field absent" → `undefined` in the
+* parsed patch, which is what the merge logic expects.
+*/
+const agentRuntimeConfigPatchShape = z.object({
+	prompt: promptConfigSchema,
+	model: z.string(),
+	mcpServers: z.array(mcpServerSchema),
+	env: z.array(envEntrySchema),
+	gitRepos: z.array(gitRepoSchema)
+}).partial();
+/**
 * Patch payload for PATCH /api/v1/admin/agents/:uuid/config.
 *
 * - `expectedVersion` enforces optimistic locking; mismatch → 409.
@@ -507,9 +338,9 @@ const agentRuntimeConfigSchema = z.object({
 */
 const updateAgentRuntimeConfigSchema = z.object({
 	expectedVersion: z.number().int().positive(),
-	payload: agentRuntimeConfigPayloadShape.partial()
+	payload: agentRuntimeConfigPatchShape
 });
-const dryRunAgentRuntimeConfigSchema = z.object({ payload: agentRuntimeConfigPayloadShape.partial() });
+const dryRunAgentRuntimeConfigSchema = z.object({ payload: agentRuntimeConfigPatchShape });
 z.object({
 	current: agentRuntimeConfigSchema,
 	next: agentRuntimeConfigPayloadSchema,
@@ -538,6 +369,196 @@ function deriveRepoLocalPath(url) {
 	if (!trimmed) return "";
 	return ((trimmed.split(/[?#]/)[0] ?? "").split(/[/:]/).filter(Boolean).pop() ?? "").replace(/\.git$/i, "");
 }
+const presenceStatusSchema = z.enum(["online", "offline"]);
+const runtimeStateSchema = z.enum([
+	"idle",
+	"working",
+	"blocked",
+	"error"
+]);
+z.enum([
+	"active",
+	"suspended",
+	"evicted"
+]);
+/** Wire-level states a client may report. `evicted` from a stale client is rejected. */
+const clientSessionStateSchema = z.enum(["active", "suspended"]);
+const sessionStateMessageSchema = z.object({
+	chatId: z.string().min(1),
+	state: clientSessionStateSchema
+});
+/** Client-reported runtime state override (client → server, per-agent). */
+const runtimeStateMessageSchema = z.object({ runtimeState: runtimeStateSchema });
+const agentBindRequestSchema = z.object({
+	agentId: z.string().min(1),
+	runtimeType: z.string().max(50),
+	runtimeVersion: z.string().max(50).optional()
+});
+const AGENT_BIND_REJECT_REASONS = {
+	WRONG_CLIENT: "wrong_client",
+	NOT_OWNED: "not_owned",
+	AGENT_SUSPENDED: "agent_suspended",
+	WRONG_ORG: "wrong_org",
+	UNKNOWN_AGENT: "unknown_agent",
+	RUNTIME_PROVIDER_MISMATCH: "runtime_provider_mismatch"
+};
+z.enum([
+	"wrong_client",
+	"not_owned",
+	"agent_suspended",
+	"wrong_org",
+	"unknown_agent",
+	"runtime_provider_mismatch"
+]);
+/** Header used on agent-scoped HTTP calls to select which managed agent the JWT acts as. */
+const AGENT_SELECTOR_HEADER = "x-agent-id";
+z.object({
+	agentId: z.string(),
+	status: presenceStatusSchema,
+	connectedAt: z.string().nullable(),
+	lastSeenAt: z.string(),
+	clientId: z.string().nullable().optional(),
+	runtimeType: z.string().nullable().optional(),
+	runtimeVersion: z.string().nullable().optional(),
+	runtimeState: runtimeStateSchema.nullable().optional(),
+	activeSessions: z.number().int().nullable().optional(),
+	totalSessions: z.number().int().nullable().optional(),
+	runtimeUpdatedAt: z.string().nullable().optional()
+});
+z.object({
+	total: z.number().int(),
+	running: z.number().int(),
+	byState: z.object({
+		idle: z.number().int(),
+		working: z.number().int(),
+		blocked: z.number().int(),
+		error: z.number().int()
+	}),
+	clients: z.number().int()
+});
+const runtimeProviderSchema = z.enum(["claude-code", "codex"]);
+const DEFAULT_RUNTIME_PROVIDER = "claude-code";
+const AGENT_TYPES = {
+	HUMAN: "human",
+	PERSONAL_ASSISTANT: "personal_assistant",
+	AUTONOMOUS_AGENT: "autonomous_agent"
+};
+const agentTypeSchema = z.enum([
+	"human",
+	"personal_assistant",
+	"autonomous_agent"
+]);
+const AGENT_VISIBILITY = {
+	PRIVATE: "private",
+	ORGANIZATION: "organization"
+};
+const agentVisibilitySchema = z.enum(["private", "organization"]);
+const AGENT_STATUSES = {
+	ACTIVE: "active",
+	SUSPENDED: "suspended",
+	DELETED: "deleted"
+};
+const AGENT_SOURCES = {
+	ADMIN_API: "admin-api",
+	PORTAL: "portal"
+};
+const agentSourceSchema = z.enum(["admin-api", "portal"]);
+z.enum(["active", "suspended"]);
+/**
+* Agent-name rules (see docs/agent-naming-design.md §3.1):
+*   - Lowercase ASCII slug, hyphens + underscores allowed.
+*   - Must start with alphanumeric: `-` / `_` as first char collide with
+*     CLI flag parsing and markdown list syntax.
+*   - 1–64 chars — aligned with `MENTION_REGEX` so any valid name can be
+*     @-mentioned in chat. Older rows created under the previous 1–100
+*     regex are grandfathered; the tight rule only gates new creates.
+*/
+const AGENT_NAME_REGEX = /^[a-z0-9][a-z0-9_-]{0,63}$/;
+const RESERVED_AGENT_NAMES_SET = new Set([
+	"admin",
+	"agent",
+	"first-tree",
+	"hub",
+	"me",
+	"null",
+	"system",
+	"undefined"
+]);
+function isReservedAgentName(name) {
+	return RESERVED_AGENT_NAMES_SET.has(name);
+}
+const createAgentSchema = z.object({
+	name: z.string().min(1).max(64).regex(AGENT_NAME_REGEX, "Must start with a letter or digit and contain only lowercase letters, digits, hyphens (-), and underscores (_). Max 64 chars.").refine((n) => !isReservedAgentName(n), { message: "That agent name is reserved — pick a different one." }).optional(),
+	type: agentTypeSchema,
+	displayName: z.string().min(1).max(200).optional(),
+	delegateMention: z.string().max(100).optional(),
+	organizationId: z.string().min(1).max(100).optional(),
+	source: agentSourceSchema.optional(),
+	visibility: agentVisibilitySchema.optional(),
+	metadata: z.record(z.string(), z.unknown()).optional(),
+	managerId: z.string().optional(),
+	clientId: z.string().min(1).max(100).optional(),
+	runtimeProvider: runtimeProviderSchema.optional(),
+	gitRepos: z.array(gitRepoSchema).optional()
+});
+const updateAgentSchema = z.object({
+	type: agentTypeSchema.optional(),
+	displayName: z.string().min(1).max(200).optional(),
+	delegateMention: z.string().max(100).nullable().optional(),
+	visibility: agentVisibilitySchema.optional(),
+	metadata: z.record(z.string(), z.unknown()).optional(),
+	managerId: z.string().nullable().optional(),
+	clientId: z.string().min(1).max(100).nullable().optional()
+});
+/**
+* Service-level rebind input. Admin / owner re-binds an agent to a new
+* client and/or a new runtime provider in one atomic operation.
+*
+* `force` bypasses the capability-match check (e.g. when the client is
+* offline and capabilities are stale).
+*/
+const rebindAgentSchema = z.object({
+	clientId: z.string().min(1).max(100),
+	runtimeProvider: runtimeProviderSchema,
+	force: z.boolean().optional()
+});
+z.object({
+	uuid: z.string(),
+	name: z.string().nullable(),
+	organizationId: z.string(),
+	type: agentTypeSchema,
+	displayName: z.string(),
+	delegateMention: z.string().nullable(),
+	inboxId: z.string(),
+	status: z.string(),
+	source: z.string().nullable().optional(),
+	visibility: agentVisibilitySchema,
+	metadata: z.record(z.string(), z.unknown()),
+	managerId: z.string().nullable(),
+	clientId: z.string().nullable(),
+	runtimeProvider: runtimeProviderSchema,
+	presenceStatus: presenceStatusSchema.optional(),
+	createdAt: z.string(),
+	updatedAt: z.string()
+});
+z.object({
+	repo: z.string().nullable(),
+	branch: z.string().nullable()
+});
+/**
+* Server → client WebSocket frame announcing that an agent has just been
+* pinned to the connected client (either created with `clientId` or bound via
+* PATCH NULL → ID). The client can auto-register a local config from this so
+* the operator doesn't have to run `first-tree-hub agent add` manually.
+*/
+const agentPinnedMessageSchema = z.object({
+	type: z.literal("agent:pinned"),
+	agentId: z.string(),
+	name: z.string().nullable(),
+	displayName: z.string(),
+	agentType: agentTypeSchema,
+	runtimeProvider: runtimeProviderSchema
+});
 const loginSchema = z.object({
 	username: z.string().min(1),
 	password: z.string().min(1)
@@ -825,7 +846,9 @@ const messageFormatSchema = z.enum([
 	"card",
 	"reference",
 	"file",
-	"task"
+	"task",
+	"question",
+	"question_answer"
 ]);
 const sendMessageSchema = z.object({
 	format: messageFormatSchema.default("text"),
@@ -1054,6 +1077,43 @@ const createOrgFromMeSchema = z.object({
 	name: z.string().min(2).max(50).regex(/^[a-z0-9][a-z0-9-]*$/),
 	displayName: z.string().min(1).max(200)
 });
+/**
+* Body for `PATCH /me/onboarding`. v1 only mutates `dismissed` — true to
+* hide the onboarding stepper (server stamps `users.onboarding_dismissed_at
+* = NOW()`), false to restore it. See docs/new-user-onboarding-design.md
+* §8.4.
+*/
+const patchOnboardingSchema = z.object({ dismissed: z.boolean().optional() });
+/**
+* Body for `POST /me/onboarding/events`. The web SPA reports key
+* milestones so the server can log them as a single funnel-trackable
+* stream alongside server-emitted events (`team_created`, `dismissed`).
+*
+* Server emits:
+*   - `team_created`           — at OAuth callback when joinPath === "solo"
+*   - `dismissed`              — when PATCH /me/onboarding flips dismissed
+*
+* Web reports:
+*   - `team_renamed`           — Step 1 user changed the auto-named team
+*   - `agent_created`          — Step 2 successfully created the agent
+*   - `tree_chat_started`      — Step 3 [Yes, set it up] succeeded
+*   - `tree_intro_dismissed`   — Step 3 [I'll do it later] clicked
+*/
+const onboardingEventNameSchema = z.enum([
+	"team_renamed",
+	"agent_created",
+	"tree_chat_started",
+	"tree_intro_dismissed"
+]);
+const onboardingEventSchema = z.object({
+	event: onboardingEventNameSchema,
+	attrs: z.record(z.string(), z.union([
+		z.string(),
+		z.number(),
+		z.boolean(),
+		z.null()
+	])).optional()
+});
 z.object({
 	id: z.string(),
 	organizationId: z.string(),
@@ -1159,12 +1219,26 @@ const githubDevCallbackQuerySchema = z.object({
 *   2. Add a key to `ORG_SETTINGS_NAMESPACES`.
 *   3. Done. No DB migration, no new API route.
 */
+const httpsRepoUrlSchema = z.string().url().refine((value) => {
+	try {
+		return new URL(value).protocol === "https:";
+	} catch {
+		return false;
+	}
+}, { message: "Repo URL must use HTTPS." }).refine((value) => {
+	try {
+		const url = new URL(value);
+		return url.username.length === 0 && url.password.length === 0;
+	} catch {
+		return false;
+	}
+}, { message: "Repo URL must not include credentials." });
 const orgContextTreeStorageSchema = z.object({
-	repo: z.string().url().optional(),
+	repo: httpsRepoUrlSchema.optional(),
 	branch: z.string().default("main")
 });
 const orgContextTreeInputSchema = z.object({
-	repo: z.string().url().min(1).nullish(),
+	repo: httpsRepoUrlSchema.nullish(),
 	branch: z.string().min(1).nullish()
 });
 const orgContextTreeOutputSchema = z.object({
@@ -1177,16 +1251,36 @@ const orgGithubIntegrationOutputSchema = z.object({
 	webhookSecretConfigured: z.boolean(),
 	webhookUrl: z.string()
 });
+const orgSourceReposStorageSchema = z.object({ repos: z.array(z.object({
+	url: httpsRepoUrlSchema,
+	defaultBranch: z.string().optional()
+})).default([]) });
+const orgSourceReposInputSchema = z.object({ repos: z.array(z.object({
+	url: httpsRepoUrlSchema,
+	defaultBranch: z.string().min(1).optional()
+})).optional() });
+const orgSourceReposOutputSchema = z.object({ repos: z.array(z.object({
+	url: z.string(),
+	defaultBranch: z.string().optional()
+})) });
 const ORG_SETTINGS_NAMESPACES = {
 	context_tree: {
 		storage: orgContextTreeStorageSchema,
 		input: orgContextTreeInputSchema,
-		output: orgContextTreeOutputSchema
+		output: orgContextTreeOutputSchema,
+		readPolicy: "member"
 	},
 	github_integration: {
 		storage: orgGithubIntegrationStorageSchema,
 		input: orgGithubIntegrationInputSchema,
-		output: orgGithubIntegrationOutputSchema
+		output: orgGithubIntegrationOutputSchema,
+		readPolicy: "admin"
+	},
+	source_repos: {
+		storage: orgSourceReposStorageSchema,
+		input: orgSourceReposInputSchema,
+		output: orgSourceReposOutputSchema,
+		readPolicy: "member"
 	}
 };
 const ORG_SETTINGS_NAMESPACE_KEYS = Object.keys(ORG_SETTINGS_NAMESPACES);
@@ -1228,6 +1322,87 @@ z.object({
 	organizationId: z.string(),
 	agents: z.record(z.string(), z.array(pulseBucketSchema).length(32))
 });
+/**
+* Structured ask-user payloads bridged from the Claude Agent SDK
+* `AskUserQuestion` tool to Hub messages.
+*
+* Shape mirrors the SDK 0.2.84 input/output verbatim so the client
+* runtime adapter can pass `updatedInput` straight through. See
+* verify scripts under `packages/client/tmp-verify/` for the live
+* matrix this was validated against.
+*
+* Lifecycle:
+*  1. Agent emits a `format: "question"` message — its `content` is a
+*     `QuestionMessageContent` carrying `correlationId` + `questions[]`.
+*  2. User picks options in the Web UI and POSTs answers; server writes
+*     a `format: "question_answer"` message — its `content` is a
+*     `QuestionAnswerMessageContent` referencing the same `correlationId`.
+*  3. Client runtime resolves the in-flight `canUseTool` promise with the
+*     answers, and the SDK feeds them back to the model.
+*
+* `pending → answered → superseded` runtime status lives in a separate
+* server table (`pending_questions`) and is not part of the message —
+* messages are immutable once written.
+*/
+/**
+* Single option inside a question. `preview` is rich content rendered above
+* the label — the SDK's tool input emits it as `string | undefined` (the
+* field is omitted when the model didn't generate any preview content), so
+* we accept undefined / null / string and normalise downstream renderers
+* to treat all three the same way.
+*/
+const questionOptionSchema = z.object({
+	label: z.string().min(1),
+	description: z.string(),
+	preview: z.string().nullable().optional()
+});
+/**
+* One question. `header` is a chip-style short tag. The SDK schema docs
+* describe ≤12 chars but in practice the model occasionally emits
+* slightly longer headers; we keep the rule loose (≤24) so a stylistic
+* regression doesn't fail-closed at canUseTool and abandon the entire
+* tool call. The UI truncates visually if needed.
+*/
+const questionItemSchema = z.object({
+	question: z.string().min(1),
+	header: z.string().min(1).max(24),
+	options: z.array(questionOptionSchema).min(2).max(4),
+	multiSelect: z.boolean()
+});
+/** Session-level preview format hint. Mirrors `toolConfig.askUserQuestion.previewFormat`. */
+const questionPreviewFormatSchema = z.enum(["html", "markdown"]).nullable();
+/**
+* Content payload for a message whose `format === "question"`.
+*
+* `correlationId` ties the question to its eventual answer message AND to the
+* server-side `pending_questions` row; client runtime uses it to resolve the
+* waiting `canUseTool` promise. Reuse the SDK `tool_use_id` when available so
+* a single id flows end-to-end.
+*/
+const questionMessageContentSchema = z.object({
+	correlationId: z.string().min(1),
+	questions: z.array(questionItemSchema).min(1).max(4),
+	previewFormat: questionPreviewFormatSchema,
+	allowFreeText: z.boolean()
+});
+/**
+* Content payload for a message whose `format === "question_answer"`.
+*
+* `answers` is keyed by `QuestionItem.question` text. For `multiSelect` questions
+* the value is a `, `-joined string of selected labels (matches SDK convention).
+* For free-text answers the value is the user's raw input.
+*/
+const questionAnswerMessageContentSchema = z.object({
+	correlationId: z.string().min(1),
+	answers: z.record(z.string().min(1), z.string())
+});
+/** Submit-answer request body for `POST /api/admin/questions/:correlationId/answer`. */
+const submitQuestionAnswerSchema = z.object({ answers: z.record(z.string().min(1), z.string()) });
+z.enum([
+	"pending",
+	"answered",
+	"superseded"
+]);
 const sessionEventKind = z.enum([
 	"tool_call",
 	"error",
@@ -1521,4 +1696,4 @@ z.object({
 	capabilities: serverCapabilitiesSchema.optional()
 }).passthrough();
 //#endregion
-export { loginSchema as $, createAgentSchema as A, githubCallbackQuerySchema as B, agentTypeSchema as C, updateMemberSchema as Ct, contextTreeSnapshotSchema as D, connectTokenExchangeSchema as E, wsAuthFrameSchema as Et, createTaskSchema as F, inboxDeliverFrameSchema as G, githubStartQuerySchema as H, defaultRuntimeConfigPayload as I, isRedactedEnvValue as J, inboxPollQuerySchema as K, delegateFeishuUserSchema as L, createMeChatSchema as M, createMemberSchema as N, createAdapterConfigSchema as O, createOrgFromMeSchema as P, listMeChatsQuerySchema as Q, dryRunAgentRuntimeConfigSchema as R, agentRuntimeConfigPayloadSchema as S, updateClientCapabilitiesSchema as St, clientRegisterSchema as T, updateTaskStatusSchema as Tt, imageInlineContentSchema as U, githubDevCallbackQuerySchema as V, inboxAckFrameSchema as W, joinByInvitationSchema as X, isReservedAgentName as Y, linkTaskChatSchema as Z, addParticipantSchema as _, taskListQuerySchema as _t, AGENT_STATUSES as a, runtimeStateMessageSchema as at, agentBindRequestSchema as b, updateAgentSchema as bt, DEFAULT_RUNTIME_PROVIDER as c, selfServiceFeishuBotSchema as ct, TASK_CREATOR_TYPES as d, sessionCompletionMessageSchema as dt, messageSourceSchema as et, TASK_HEALTH_SIGNALS as f, sessionEventMessageSchema as ft, addMeChatParticipantsSchema as g, stripCode as gt, WS_AUTH_FRAME_TIMEOUT_MS as h, sessionStateMessageSchema as ht, AGENT_SOURCES as i, refreshTokenSchema as it, createChatSchema as j, createAdapterMappingSchema as k, MENTION_REGEX as l, sendMessageSchema as lt, TASK_TERMINAL_STATUSES as m, sessionReconcileRequestSchema as mt, AGENT_NAME_REGEX as n, paginationQuerySchema as nt, AGENT_TYPES as o, safeRedirectPath as ot, TASK_STATUSES as p, sessionEventSchema as pt, isOrgSettingNamespace as q, AGENT_SELECTOR_HEADER as r, rebindAgentSchema as rt, AGENT_VISIBILITY as s, scanMentionTokens as st, AGENT_BIND_REJECT_REASONS as t, notificationQuerySchema as tt, ORG_SETTINGS_NAMESPACES as u, sendToAgentSchema as ut, adminCreateTaskSchema as v, updateAdapterConfigSchema as vt, clientCapabilitiesSchema as w, updateOrganizationSchema as wt, agentPinnedMessageSchema as x, updateChatSchema as xt, adminUpdateTaskSchema as y, updateAgentRuntimeConfigSchema as yt, extractMentions as z };
+export { loginSchema as $, createAgentSchema as A, updateTaskStatusSchema as At, githubCallbackQuerySchema as B, agentTypeSchema as C, updateAdapterConfigSchema as Ct, contextTreeSnapshotSchema as D, updateClientCapabilitiesSchema as Dt, connectTokenExchangeSchema as E, updateChatSchema as Et, createTaskSchema as F, inboxDeliverFrameSchema as G, githubStartQuerySchema as H, defaultRuntimeConfigPayload as I, isRedactedEnvValue as J, inboxPollQuerySchema as K, delegateFeishuUserSchema as L, createMeChatSchema as M, createMemberSchema as N, createAdapterConfigSchema as O, updateMemberSchema as Ot, createOrgFromMeSchema as P, listMeChatsQuerySchema as Q, dryRunAgentRuntimeConfigSchema as R, agentRuntimeConfigPayloadSchema as S, taskListQuerySchema as St, clientRegisterSchema as T, updateAgentSchema as Tt, imageInlineContentSchema as U, githubDevCallbackQuerySchema as V, inboxAckFrameSchema as W, joinByInvitationSchema as X, isReservedAgentName as Y, linkTaskChatSchema as Z, addParticipantSchema as _, sessionEventSchema as _t, AGENT_STATUSES as a, questionAnswerMessageContentSchema as at, agentBindRequestSchema as b, stripCode as bt, DEFAULT_RUNTIME_PROVIDER as c, refreshTokenSchema as ct, TASK_CREATOR_TYPES as d, scanMentionTokens as dt, messageSourceSchema as et, TASK_HEALTH_SIGNALS as f, selfServiceFeishuBotSchema as ft, addMeChatParticipantsSchema as g, sessionEventMessageSchema as gt, WS_AUTH_FRAME_TIMEOUT_MS as h, sessionCompletionMessageSchema as ht, AGENT_SOURCES as i, patchOnboardingSchema as it, createChatSchema as j, wsAuthFrameSchema as jt, createAdapterMappingSchema as k, updateOrganizationSchema as kt, MENTION_REGEX as l, runtimeStateMessageSchema as lt, TASK_TERMINAL_STATUSES as m, sendToAgentSchema as mt, AGENT_NAME_REGEX as n, onboardingEventSchema as nt, AGENT_TYPES as o, questionMessageContentSchema as ot, TASK_STATUSES as p, sendMessageSchema as pt, isOrgSettingNamespace as q, AGENT_SELECTOR_HEADER as r, paginationQuerySchema as rt, AGENT_VISIBILITY as s, rebindAgentSchema as st, AGENT_BIND_REJECT_REASONS as t, notificationQuerySchema as tt, ORG_SETTINGS_NAMESPACES as u, safeRedirectPath as ut, adminCreateTaskSchema as v, sessionReconcileRequestSchema as vt, clientCapabilitiesSchema as w, updateAgentRuntimeConfigSchema as wt, agentPinnedMessageSchema as x, submitQuestionAnswerSchema as xt, adminUpdateTaskSchema as y, sessionStateMessageSchema as yt, extractMentions as z };

package/dist/drizzle/0033_onboarding_dismissed_at.sql ADDED Viewed

@@ -0,0 +1,13 @@
+-- Onboarding stepper dismissal flag. Decoupled from the server-side
+-- `onboardingStep` enum so the stepper keeps rendering across all three
+-- UI steps (server-side onboardingStep flips to `completed` at the end of
+-- Step 2; Step 3 is purely client-driven and the stepper must keep
+-- showing during the tree-init chat).
+--
+-- See docs/new-user-onboarding-design.md §8.
+--
+-- NULL  → stepper renders
+-- value → user clicked the `✕`; stepper unmounts. Irreversible from UI v1.
+ALTER TABLE "users"
+  ADD COLUMN IF NOT EXISTS "onboarding_dismissed_at" timestamp with time zone;