npm - @agent-team-foundation/first-tree-hub - Versions diffs - 0.6.2 → 0.6.3 - Mend

@agent-team-foundation/first-tree-hub 0.6.2 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/{bootstrap-DW7aIpmE.mjs → bootstrap-DNL1cEwv.mjs} +10 -5
package/dist/cli/index.mjs +98 -103
package/dist/{core-RXUUKkCO.mjs → core-B10jgThe.mjs} +62 -26
package/dist/drizzle/0020_unified_user_token.sql +50 -44
package/dist/{feishu-BZ8pnMrQ.mjs → feishu-BoMJHlOv.mjs} +1 -1
package/dist/index.mjs +3 -3
package/dist/web/assets/{index-BMOr9-X2.js → index-CnLpaSBg.js} +2 -2
package/dist/web/index.html +1 -1
package/package.json +1 -1

package/dist/drizzle/0020_unified_user_token.sql CHANGED Viewed

@@ -6,59 +6,63 @@
 --   1. Drop `agent_tokens` (table + FK cascade).
 --   2. Add `clients.user_id` (nullable) — owning user of the physical client.
 --   3. Add `agents.client_id` (nullable FK) — pin an agent to the client that
---      runs it. `client_id` is backfilled from `agent_presence` and is
---      required for every non-human agent (enforced in the service layer per
---      CLAUDE.md "integrity in service layer"; no DB CHECK/trigger).
+--      runs it. `client_id` is backfilled from `agent_presence`. Rows that
+--      cannot be backfilled stay NULL and bind on first WS connect (see
+--      `api/agent/ws-client.ts` first-bind path). Originally this migration
+--      raised an exception when any non-human agent was unbacked — that
+--      gated startup on a data state the operator usually can't fix until
+--      the server is up. Relaxed to NOTICE so the loop is broken; runtime
+--      enforcement (Rule R-RUN in `services/agent.ts` + `agent-selector.ts`)
+--      still rejects unclaimed agents on the request path.
 --   4. Make `agents.manager_id` NOT NULL after backfilling the first admin
 --      member of each org onto the unmanaged rows.
 --
 -- There is no compatibility layer: operators stop SDK/CLI processes, run
 -- `db:migrate`, then re-login via `first-tree-hub connect`. See the proposal
 -- "unified-user-token.20260417" for the full upgrade runbook.
+--
+-- NOTE: Do NOT wrap this file in BEGIN;/COMMIT;. The Drizzle migrator already
+-- runs every pending migration inside a single outer transaction, so a nested
+-- BEGIN raises WARNING 25001 and the inner COMMIT prematurely closes the
+-- outer transaction — which prevents the migration hash from being recorded
+-- and causes the server to loop through the same failure on every restart.
-BEGIN;
--- ---------------------------------------------------------------------------
--- 1. Drop agent_tokens (FK cascade handles row removal).
--- ---------------------------------------------------------------------------
 DROP TABLE IF EXISTS "agent_tokens";
+--> statement-breakpoint
 -- ---------------------------------------------------------------------------
--- 2. clients.user_id — nullable FK to users(id).
---    Nullable so legacy rows (created before handshake auth) keep existing;
---    the WS handshake claims them on first re-register under a JWT.
+-- clients.user_id — nullable FK to users(id).
+-- Nullable so legacy rows (created before handshake auth) keep existing;
+-- the WS handshake claims them on first re-register under a JWT.
 -- ---------------------------------------------------------------------------
 ALTER TABLE "clients"
   ADD COLUMN IF NOT EXISTS "user_id" text REFERENCES "users"("id") ON DELETE SET NULL;
+--> statement-breakpoint
 CREATE INDEX IF NOT EXISTS "idx_clients_user" ON "clients" ("user_id");
+--> statement-breakpoint
 -- ---------------------------------------------------------------------------
--- 3. agents.client_id — pin an agent to the physical client that runs it.
---    Backfill in two steps:
---      a. Copy the most recent bind from agent_presence, if any.
---      b. For non-human agents with no bind history, attempt to pick the
---         first client in the agent's org. If none exists we intentionally
---         leave the row NULL; the service layer refuses runtime bind while
---         `client_id IS NULL` so operators notice and fix it.
+-- agents.client_id — pin an agent to the physical client that runs it.
 -- ---------------------------------------------------------------------------
 ALTER TABLE "agents"
   ADD COLUMN IF NOT EXISTS "client_id" text REFERENCES "clients"("id") ON DELETE RESTRICT;
+--> statement-breakpoint
--- 3a. Copy last-bound client from agent_presence.
+-- Copy last-bound client from agent_presence.
 UPDATE "agents" a
 SET "client_id" = ap."client_id"
 FROM "agent_presence" ap
 WHERE ap."agent_id" = a."uuid"
   AND ap."client_id" IS NOT NULL
   AND a."client_id" IS NULL;
+--> statement-breakpoint
--- 3b. Fail loudly if any non-deleted non-human agent is missing a client_id
---     after 3a. These rows would pass migration but surface at runtime as
---     `WRONG_CLIENT` / `assertClientOwner` 404 — which looks like "installed
---     but broken" to the operator. Mirrors 4c's orphan-count pattern. Admins
---     must either soft-delete the orphans or re-register their client via
---     `first-tree-hub connect` and manually UPDATE before retrying.
+-- Surface (do not block) any non-deleted non-human agent still missing a
+-- client_id after the backfill. They will sit in an "unclaimed" state until
+-- a client connects via WS and the first-bind path in
+-- `api/agent/ws-client.ts` claims them. Runtime guards reject HTTP / WS
+-- requests for those agents in the meantime.
 DO $$
 DECLARE
   unpinned_count integer;
@@ -70,31 +74,33 @@ BEGIN
     AND "status" <> 'deleted';
   IF unpinned_count > 0 THEN
-    RAISE EXCEPTION
+    RAISE NOTICE
       'unified-user-token migration: % non-human agents have no client_id after backfill; '
-      're-register their client via `first-tree-hub connect` (which will update agent_presence) '
-      'or soft-delete the orphan agents, then retry',
+      'they will be claimed on first WS bind (see ws-client.ts first-bind path)',
       unpinned_count;
   END IF;
 END $$;
+--> statement-breakpoint
 CREATE INDEX IF NOT EXISTS "idx_agents_client" ON "agents" ("client_id");
+--> statement-breakpoint
 -- ---------------------------------------------------------------------------
--- 4. agents.manager_id — backfill then enforce NOT NULL.
---    Human agents own their members row, so self-assign via members.
---    Non-human agents get the first admin member in their org.
+-- agents.manager_id — backfill then enforce NOT NULL.
+-- Human agents own their members row, so self-assign via members.
+-- Non-human agents get the first admin member in their org.
 -- ---------------------------------------------------------------------------
--- 4a. Human agents: self-assign to their own member row.
+-- Human agents: self-assign to their own member row.
 UPDATE "agents" a
 SET "manager_id" = m."id"
 FROM "members" m
 WHERE m."agent_id" = a."uuid"
   AND a."manager_id" IS NULL
   AND a."type" = 'human';
+--> statement-breakpoint
--- 4b. Non-human agents: first admin in org, ordered by created_at asc.
+-- Non-human agents: first admin in org, ordered by created_at asc.
 UPDATE "agents" a
 SET "manager_id" = m."id"
 FROM (
@@ -107,9 +113,9 @@ FROM (
 ) m
 WHERE a."organization_id" = m."organization_id"
   AND a."manager_id" IS NULL;
+--> statement-breakpoint
--- 4c. Fail loudly if any agent still lacks a manager. Admin must intervene
---     before the migration can complete.
+-- Fail loudly if any agent still lacks a manager.
 DO $$
 DECLARE
   orphan_count integer;
@@ -126,23 +132,23 @@ BEGIN
       orphan_count;
   END IF;
 END $$;
+--> statement-breakpoint
 ALTER TABLE "agents"
   ALTER COLUMN "manager_id" SET NOT NULL;
+--> statement-breakpoint
--- 4d. Recreate the manager_id FK as DEFERRABLE INITIALLY DEFERRED so the
---     bootstrap path for a new human agent + member row can run inside a
---     single transaction. The two rows reference each other (agents.manager_id
---     → members.id, members.agent_id → agents.uuid); without deferred FKs the
---     first INSERT always fails the sibling constraint. Manager reassignment
---     (member.ts::deleteMember) also benefits: we can move every agent in one
---     pass without fighting constraint order.
+-- Recreate the manager_id FK as DEFERRABLE INITIALLY DEFERRED so the
+-- bootstrap path for a new human agent + member row can run inside a
+-- single transaction. The two rows reference each other (agents.manager_id
+-- → members.id, members.agent_id → agents.uuid); without deferred FKs the
+-- first INSERT always fails the sibling constraint.
 ALTER TABLE "agents"
   DROP CONSTRAINT IF EXISTS "agents_manager_id_fkey";
+--> statement-breakpoint
 ALTER TABLE "agents"
   ADD CONSTRAINT "agents_manager_id_fkey"
   FOREIGN KEY ("manager_id") REFERENCES "members"("id")
   ON DELETE SET NULL
   DEFERRABLE INITIALLY DEFERRED;
-COMMIT;

package/dist/{feishu-BZ8pnMrQ.mjs → feishu-BoMJHlOv.mjs} RENAMED Viewed

@@ -173,7 +173,7 @@ const updateAgentSchema = z.object({
 	visibility: agentVisibilitySchema.optional(),
 	metadata: z.record(z.string(), z.unknown()).optional(),
 	managerId: z.string().nullable().optional(),
-	clientId: z.string().optional()
+	clientId: z.string().min(1).max(100).nullable().optional()
 });
 z.object({
 	uuid: z.string(),

package/dist/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-import { a as resolveAccessToken, n as ensureFreshAccessToken, o as resolveServerUrl, r as ensureFreshAdminToken } from "./bootstrap-DW7aIpmE.mjs";
-import { A as SdkError, C as ensurePostgres, D as createOwner, E as ClientRuntime, O as hasUser, S as status, T as stopPostgres, _ as checkServerHealth, a as formatCheckReport, b as printResults, c as onboardCreate, d as checkAgentConfigs, f as checkClientConfig, g as checkServerConfig, h as checkNodeVersion, i as promptMissingFields, k as FirstTreeHubSDK, m as checkDocker, n as isInteractive, p as checkDatabase, r as promptAddAgent, s as onboardCheck, t as startServer, u as runMigrations, v as checkServerReachable, w as isDockerAvailable, x as blank, y as checkWebSocket } from "./core-RXUUKkCO.mjs";
-import { n as bindFeishuUser, t as bindFeishuBot } from "./feishu-BZ8pnMrQ.mjs";
+import { a as resolveAccessToken, n as ensureFreshAccessToken, o as resolveServerUrl, r as ensureFreshAdminToken } from "./bootstrap-DNL1cEwv.mjs";
+import { A as SdkError, C as ensurePostgres, D as createOwner, E as ClientRuntime, O as hasUser, S as status, T as stopPostgres, _ as checkServerHealth, a as formatCheckReport, b as printResults, c as onboardCreate, d as checkAgentConfigs, f as checkClientConfig, g as checkServerConfig, h as checkNodeVersion, i as promptMissingFields, k as FirstTreeHubSDK, m as checkDocker, n as isInteractive, p as checkDatabase, r as promptAddAgent, s as onboardCheck, t as startServer, u as runMigrations, v as checkServerReachable, w as isDockerAvailable, x as blank, y as checkWebSocket } from "./core-B10jgThe.mjs";
+import { n as bindFeishuUser, t as bindFeishuBot } from "./feishu-BoMJHlOv.mjs";
 export { ClientRuntime, FirstTreeHubSDK, SdkError, bindFeishuBot, bindFeishuUser, blank, checkAgentConfigs, checkClientConfig, checkDatabase, checkDocker, checkNodeVersion, checkServerConfig, checkServerHealth, checkServerReachable, checkWebSocket, createOwner, ensureFreshAccessToken, ensureFreshAdminToken, ensurePostgres, formatCheckReport, hasUser, isDockerAvailable, isInteractive, onboardCheck, onboardCreate, printResults, promptAddAgent, promptMissingFields, resolveAccessToken, resolveServerUrl, runMigrations, startServer, status, stopPostgres };