npm - @botcord/daemon - Versions diffs - 0.1.1 - Mend

@botcord/daemon 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/dist/activity-tracker.d.ts +43 -0
package/dist/activity-tracker.js +110 -0
package/dist/adapters/runtimes.d.ts +14 -0
package/dist/adapters/runtimes.js +18 -0
package/dist/agent-discovery.d.ts +81 -0
package/dist/agent-discovery.js +181 -0
package/dist/agent-workspace.d.ts +31 -0
package/dist/agent-workspace.js +221 -0
package/dist/config.d.ts +116 -0
package/dist/config.js +180 -0
package/dist/control-channel.d.ts +99 -0
package/dist/control-channel.js +388 -0
package/dist/cross-room.d.ts +23 -0
package/dist/cross-room.js +55 -0
package/dist/daemon-config-map.d.ts +61 -0
package/dist/daemon-config-map.js +153 -0
package/dist/daemon.d.ts +123 -0
package/dist/daemon.js +349 -0
package/dist/doctor.d.ts +89 -0
package/dist/doctor.js +191 -0
package/dist/gateway/channel-manager.d.ts +54 -0
package/dist/gateway/channel-manager.js +292 -0
package/dist/gateway/channels/botcord.d.ts +93 -0
package/dist/gateway/channels/botcord.js +510 -0
package/dist/gateway/channels/index.d.ts +2 -0
package/dist/gateway/channels/index.js +1 -0
package/dist/gateway/channels/sanitize.d.ts +20 -0
package/dist/gateway/channels/sanitize.js +56 -0
package/dist/gateway/dispatcher.d.ts +73 -0
package/dist/gateway/dispatcher.js +431 -0
package/dist/gateway/gateway.d.ts +87 -0
package/dist/gateway/gateway.js +158 -0
package/dist/gateway/index.d.ts +15 -0
package/dist/gateway/index.js +15 -0
package/dist/gateway/log.d.ts +9 -0
package/dist/gateway/log.js +20 -0
package/dist/gateway/router.d.ts +10 -0
package/dist/gateway/router.js +48 -0
package/dist/gateway/runtimes/claude-code.d.ts +30 -0
package/dist/gateway/runtimes/claude-code.js +162 -0
package/dist/gateway/runtimes/codex.d.ts +83 -0
package/dist/gateway/runtimes/codex.js +272 -0
package/dist/gateway/runtimes/gemini.d.ts +15 -0
package/dist/gateway/runtimes/gemini.js +29 -0
package/dist/gateway/runtimes/ndjson-stream.d.ts +43 -0
package/dist/gateway/runtimes/ndjson-stream.js +169 -0
package/dist/gateway/runtimes/probe.d.ts +17 -0
package/dist/gateway/runtimes/probe.js +54 -0
package/dist/gateway/runtimes/registry.d.ts +59 -0
package/dist/gateway/runtimes/registry.js +94 -0
package/dist/gateway/session-store.d.ts +39 -0
package/dist/gateway/session-store.js +133 -0
package/dist/gateway/types.d.ts +265 -0
package/dist/gateway/types.js +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.js +854 -0
package/dist/log.d.ts +7 -0
package/dist/log.js +44 -0
package/dist/provision.d.ts +88 -0
package/dist/provision.js +749 -0
package/dist/room-context-fetcher.d.ts +18 -0
package/dist/room-context-fetcher.js +101 -0
package/dist/room-context.d.ts +53 -0
package/dist/room-context.js +112 -0
package/dist/sender-classify.d.ts +30 -0
package/dist/sender-classify.js +32 -0
package/dist/snapshot-writer.d.ts +37 -0
package/dist/snapshot-writer.js +84 -0
package/dist/status-render.d.ts +28 -0
package/dist/status-render.js +97 -0
package/dist/system-context.d.ts +57 -0
package/dist/system-context.js +91 -0
package/dist/turn-text.d.ts +36 -0
package/dist/turn-text.js +57 -0
package/dist/user-auth.d.ts +75 -0
package/dist/user-auth.js +245 -0
package/dist/working-memory.d.ts +46 -0
package/dist/working-memory.js +274 -0
package/package.json +39 -0
package/src/__tests__/activity-tracker.test.ts +130 -0
package/src/__tests__/agent-discovery.test.ts +191 -0
package/src/__tests__/agent-workspace.test.ts +147 -0
package/src/__tests__/control-channel.test.ts +327 -0
package/src/__tests__/cross-room.test.ts +116 -0
package/src/__tests__/daemon-config-map.test.ts +416 -0
package/src/__tests__/daemon.test.ts +300 -0
package/src/__tests__/device-code.test.ts +152 -0
package/src/__tests__/doctor.test.ts +218 -0
package/src/__tests__/protocol-core-reexport.test.ts +24 -0
package/src/__tests__/provision.test.ts +922 -0
package/src/__tests__/room-context.test.ts +233 -0
package/src/__tests__/runtime-discovery.test.ts +173 -0
package/src/__tests__/snapshot-writer.test.ts +141 -0
package/src/__tests__/status-render.test.ts +137 -0
package/src/__tests__/system-context.test.ts +315 -0
package/src/__tests__/turn-text.test.ts +116 -0
package/src/__tests__/user-auth.test.ts +125 -0
package/src/__tests__/working-memory.test.ts +240 -0
package/src/activity-tracker.ts +140 -0
package/src/adapters/runtimes.ts +30 -0
package/src/agent-discovery.ts +262 -0
package/src/agent-workspace.ts +247 -0
package/src/config.ts +290 -0
package/src/control-channel.ts +455 -0
package/src/cross-room.ts +89 -0
package/src/daemon-config-map.ts +200 -0
package/src/daemon.ts +478 -0
package/src/doctor.ts +282 -0
package/src/gateway/__tests__/.gitkeep +0 -0
package/src/gateway/__tests__/botcord-channel.test.ts +480 -0
package/src/gateway/__tests__/channel-manager.test.ts +475 -0
package/src/gateway/__tests__/claude-code-adapter.test.ts +318 -0
package/src/gateway/__tests__/codex-adapter.test.ts +350 -0
package/src/gateway/__tests__/dispatcher.test.ts +1159 -0
package/src/gateway/__tests__/gateway-add-channel.test.ts +180 -0
package/src/gateway/__tests__/gateway-managed-routes.test.ts +181 -0
package/src/gateway/__tests__/gateway.test.ts +222 -0
package/src/gateway/__tests__/router.test.ts +247 -0
package/src/gateway/__tests__/sanitize.test.ts +193 -0
package/src/gateway/__tests__/session-store.test.ts +235 -0
package/src/gateway/channel-manager.ts +349 -0
package/src/gateway/channels/botcord.ts +605 -0
package/src/gateway/channels/index.ts +6 -0
package/src/gateway/channels/sanitize.ts +68 -0
package/src/gateway/dispatcher.ts +554 -0
package/src/gateway/gateway.ts +211 -0
package/src/gateway/index.ts +29 -0
package/src/gateway/log.ts +30 -0
package/src/gateway/router.ts +60 -0
package/src/gateway/runtimes/claude-code.ts +180 -0
package/src/gateway/runtimes/codex.ts +312 -0
package/src/gateway/runtimes/gemini.ts +43 -0
package/src/gateway/runtimes/ndjson-stream.ts +225 -0
package/src/gateway/runtimes/probe.ts +73 -0
package/src/gateway/runtimes/registry.ts +143 -0
package/src/gateway/session-store.ts +157 -0
package/src/gateway/types.ts +325 -0
package/src/index.ts +961 -0
package/src/log.ts +47 -0
package/src/provision.ts +879 -0
package/src/room-context-fetcher.ts +124 -0
package/src/room-context.ts +167 -0
package/src/sender-classify.ts +46 -0
package/src/snapshot-writer.ts +103 -0
package/src/status-render.ts +132 -0
package/src/system-context.ts +162 -0
package/src/turn-text.ts +93 -0
package/src/user-auth.ts +295 -0
package/src/working-memory.ts +352 -0

package/src/gateway/__tests__/claude-code-adapter.test.ts ADDED Viewed

@@ -0,0 +1,318 @@
+import { afterAll, describe, expect, it } from "vitest";
+import { mkdtempSync, rmSync, writeFileSync, chmodSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { ClaudeCodeAdapter } from "../runtimes/claude-code.js";
+// The adapter spawns whatever binary we point it at; we point it at a small
+// Node script so we control stdout/stderr/exit precisely without needing the
+// real `claude` CLI.
+const tmpRoot = mkdtempSync(path.join(os.tmpdir(), "gateway-claude-"));
+function makeScript(name: string, body: string): string {
+  const p = path.join(tmpRoot, name);
+  writeFileSync(p, `#!/usr/bin/env node\n${body}\n`, { mode: 0o755 });
+  chmodSync(p, 0o755);
+  return p;
+}
+afterAll(() => {
+  rmSync(tmpRoot, { recursive: true, force: true });
+});
+function runAdapter(script: string, sessionId: string | null = null) {
+  const adapter = new ClaudeCodeAdapter({ binary: script });
+  const ctrl = new AbortController();
+  return adapter.run({
+    text: "hi",
+    sessionId,
+    accountId: "ag_test",
+    cwd: tmpRoot,
+    signal: ctrl.signal,
+    trustLevel: "owner",
+  });
+}
+describe("ClaudeCodeAdapter", () => {
+  it("parses session_id from system init + concatenates assistant text", async () => {
+    const script = makeScript(
+      "happy.js",
+      `
+const lines = [
+  {type:"system", subtype:"init", session_id:"sid-123"},
+  {type:"assistant", message:{content:[{type:"text", text:"hello "},{type:"text", text:"world"}]}},
+  {type:"result", subtype:"success", session_id:"sid-123", total_cost_usd:0.0042, result:"hello world"},
+];
+for (const l of lines) process.stdout.write(JSON.stringify(l) + "\\n");
+process.exit(0);
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.newSessionId).toBe("sid-123");
+    expect(res.text).toBe("hello world");
+    expect(res.costUsd).toBeCloseTo(0.0042);
+    expect(res.error).toBeUndefined();
+  });
+  it("recognizes tool_use block via onBlock callback", async () => {
+    const script = makeScript(
+      "tooluse.js",
+      `
+const lines = [
+  {type:"system", subtype:"init", session_id:"sid-2"},
+  {type:"assistant", message:{content:[{type:"tool_use", id:"tu1", name:"Bash", input:{}}]}},
+  {type:"assistant", message:{content:[{type:"text", text:"done"}]}},
+  {type:"result", subtype:"success", session_id:"sid-2", result:"done"},
+];
+for (const l of lines) process.stdout.write(JSON.stringify(l) + "\\n");
+`,
+    );
+    const adapter = new ClaudeCodeAdapter({ binary: script });
+    const ctrl = new AbortController();
+    const seen: string[] = [];
+    const res = await adapter.run({
+      text: "x",
+      sessionId: null,
+      accountId: "ag_test",
+      cwd: tmpRoot,
+      signal: ctrl.signal,
+      trustLevel: "owner",
+      onBlock: (b) => seen.push(b.kind),
+    });
+    expect(res.text).toBe("done");
+    expect(seen).toContain("tool_use");
+    expect(seen).toContain("assistant_text");
+    expect(seen).toContain("system");
+  });
+  it("skips non-JSON stdout lines and still returns result", async () => {
+    const script = makeScript(
+      "nonjson.js",
+      `
+process.stdout.write("this is not json\\n");
+process.stdout.write(JSON.stringify({type:"system", subtype:"init", session_id:"sid-3"}) + "\\n");
+process.stdout.write("   \\n"); // blank line ignored
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_id:"sid-3", result:"ok"}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.newSessionId).toBe("sid-3");
+    expect(res.text).toBe("ok");
+    expect(res.error).toBeUndefined();
+  });
+  it("surfaces error from non-zero exit + stderr", async () => {
+    const script = makeScript(
+      "boom.js",
+      `
+process.stderr.write("claude: auth failure\\n");
+process.exit(2);
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.error).toBeDefined();
+    expect(res.error).toMatch(/code 2/);
+    expect(res.error).toMatch(/auth failure/);
+  });
+  it("wipes newSessionId on non-success result so dispatcher can drop the stale entry", async () => {
+    // Mirrors what Claude Code emits when `--resume <missing-uuid>` is used:
+    // a fresh `session_id` for the just-spawned empty session, plus a non-success
+    // result subtype. Persisting that new id would trap us into re-resuming a
+    // useless UUID every turn.
+    const script = makeScript(
+      "resume-miss.js",
+      `
+process.stderr.write("No conversation found\\n");
+process.stdout.write(JSON.stringify({
+  type:"result",
+  subtype:"error_during_execution",
+  session_id:"sid-useless",
+  is_error:true,
+  errors:["No conversation found with session ID: 00000000-0000-0000-0000-000000000000"]
+}) + "\\n");
+process.exit(1);
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.newSessionId).toBe("");
+    expect(res.error).toBeDefined();
+  });
+  it("picks up result.result even if assistant text is empty", async () => {
+    const script = makeScript(
+      "resultonly.js",
+      `
+process.stdout.write(JSON.stringify({type:"system", subtype:"init", session_id:"sid-4"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_id:"sid-4", total_cost_usd:0.01, result:"final-only"}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.text).toBe("final-only");
+    expect(res.costUsd).toBe(0.01);
+    expect(res.newSessionId).toBe("sid-4");
+  });
+  it("returns a deletion signal for session ids that could be parsed as flags", async () => {
+    const script = makeScript(
+      "should-not-spawn.js",
+      `
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", result:"spawned"}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script, "--bad");
+    expect(res.newSessionId).toBe("");
+    expect(res.error).toMatch(/invalid sessionId/);
+    expect(res.text).toBe("");
+  });
+  it("passes a valid session id through --resume", async () => {
+    const script = makeScript(
+      "resume-argv.js",
+      `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"system", subtype:"init", session_id:"sid-next"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_id:"sid-next", result: JSON.stringify(argv)}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script, "00000000-0000-4000-8000-000000000000");
+    const argv = JSON.parse(res.text) as string[];
+    const idx = argv.indexOf("--resume");
+    expect(idx).toBeGreaterThanOrEqual(0);
+    expect(argv[idx + 1]).toBe("00000000-0000-4000-8000-000000000000");
+  });
+  it("allows non-ASCII historical session titles through --resume", async () => {
+    const script = makeScript(
+      "resume-title-argv.js",
+      `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"system", subtype:"init", session_id:"sid-next"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_id:"sid-next", result: JSON.stringify(argv)}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script, "会话标题");
+    const argv = JSON.parse(res.text) as string[];
+    const idx = argv.indexOf("--resume");
+    expect(idx).toBeGreaterThanOrEqual(0);
+    expect(argv[idx + 1]).toBe("会话标题");
+  });
+  describe("trustLevel → --permission-mode", () => {
+    // The adapter's argv is not directly inspectable, so we have the spawned
+    // script echo its own argv back through a JSON event and assert on it.
+    const echoScript = () =>
+      makeScript(
+        "echo-argv.js",
+        `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"system", subtype:"init", session_id:"sid-echo"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"result", subtype:"success", session_id:"sid-echo", result: JSON.stringify(argv)}) + "\\n");
+`,
+      );
+    it("owner → --permission-mode acceptEdits", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "owner",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      const modeIdx = argv.indexOf("--permission-mode");
+      expect(modeIdx).toBeGreaterThanOrEqual(0);
+      expect(argv[modeIdx + 1]).toBe("acceptEdits");
+    });
+    it("public → --permission-mode default", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      const modeIdx = argv.indexOf("--permission-mode");
+      expect(modeIdx).toBeGreaterThanOrEqual(0);
+      expect(argv[modeIdx + 1]).toBe("default");
+    });
+    it("trusted → --permission-mode default", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "trusted",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      const modeIdx = argv.indexOf("--permission-mode");
+      expect(modeIdx).toBeGreaterThanOrEqual(0);
+      expect(argv[modeIdx + 1]).toBe("default");
+    });
+    it("systemContext → --append-system-prompt <text>", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "owner",
+        systemContext: "MEMORY=remember_this",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      const idx = argv.indexOf("--append-system-prompt");
+      expect(idx).toBeGreaterThanOrEqual(0);
+      expect(argv[idx + 1]).toBe("MEMORY=remember_this");
+    });
+    it("omits --append-system-prompt when systemContext is undefined", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "owner",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).not.toContain("--append-system-prompt");
+    });
+    it("extraArgs --permission-mode overrides trustLevel", async () => {
+      const adapter = new ClaudeCodeAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["--permission-mode", "plan"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      // Only one --permission-mode should appear (the override).
+      const modes = argv.filter((a) => a === "--permission-mode");
+      expect(modes.length).toBe(1);
+      const modeIdx = argv.indexOf("--permission-mode");
+      expect(argv[modeIdx + 1]).toBe("plan");
+    });
+  });
+});

package/src/gateway/__tests__/codex-adapter.test.ts ADDED Viewed

@@ -0,0 +1,350 @@
+import { afterAll, beforeAll, describe, expect, it } from "vitest";
+import {
+  chmodSync,
+  existsSync,
+  mkdtempSync,
+  readFileSync,
+  rmSync,
+  writeFileSync,
+} from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { CodexAdapter } from "../runtimes/codex.js";
+import { agentCodexHomeDir } from "../../agent-workspace.js";
+// The adapter spawns whatever binary we point it at; we point it at a small
+// Node script so we control stdout/stderr/exit precisely without needing the
+// real `codex` CLI.
+const tmpRoot = mkdtempSync(path.join(os.tmpdir(), "gateway-codex-"));
+// Isolate per-agent workspace writes — agent-workspace.ts resolves paths via
+// `os.homedir()`, which on POSIX follows `process.env.HOME`. Redirecting it
+// to `tmpRoot` keeps these tests from scribbling on `~/.botcord/`.
+const originalHome = process.env.HOME;
+const agentHomeRoot = mkdtempSync(path.join(os.tmpdir(), "gateway-codex-home-"));
+beforeAll(() => {
+  process.env.HOME = agentHomeRoot;
+});
+afterAll(() => {
+  if (originalHome === undefined) delete process.env.HOME;
+  else process.env.HOME = originalHome;
+  rmSync(tmpRoot, { recursive: true, force: true });
+  rmSync(agentHomeRoot, { recursive: true, force: true });
+});
+function makeScript(name: string, body: string): string {
+  const p = path.join(tmpRoot, name);
+  writeFileSync(p, `#!/usr/bin/env node\n${body}\n`, { mode: 0o755 });
+  chmodSync(p, 0o755);
+  return p;
+}
+function runAdapter(script: string, sessionId: string | null = null) {
+  const adapter = new CodexAdapter({ binary: script });
+  const ctrl = new AbortController();
+  return adapter.run({
+    text: "hi",
+    sessionId,
+    accountId: "ag_test",
+    cwd: tmpRoot,
+    signal: ctrl.signal,
+    trustLevel: "owner",
+  });
+}
+describe("CodexAdapter", () => {
+  it("parses final agent_message text and persists thread_id as newSessionId", async () => {
+    const script = makeScript(
+      "happy.js",
+      `
+const lines = [
+  {type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcdef"},
+  {type:"turn.started"},
+  {type:"item.completed", item:{id:"i0", type:"agent_message", text:"hello from codex"}},
+  {type:"turn.completed", usage:{input_tokens:1, output_tokens:2}},
+];
+for (const l of lines) process.stdout.write(JSON.stringify(l) + "\\n");
+process.exit(0);
+`,
+    );
+    const res = await runAdapter(script);
+    // Resume is now safe (systemContext lives in AGENTS.md, not transcript),
+    // so thread_id IS persisted for the next turn.
+    expect(res.newSessionId).toBe("01234567-89ab-7def-8123-456789abcdef");
+    expect(res.text).toBe("hello from codex");
+    expect(res.error).toBeUndefined();
+  });
+  it("emits tool_use StreamBlock for command_execution items", async () => {
+    const script = makeScript(
+      "toolblock.js",
+      `
+const lines = [
+  {type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde0"},
+  {type:"item.started", item:{id:"i0", type:"command_execution", command:"ls"}},
+  {type:"item.completed", item:{id:"i1", type:"agent_message", text:"done"}},
+];
+for (const l of lines) process.stdout.write(JSON.stringify(l) + "\\n");
+`,
+    );
+    const adapter = new CodexAdapter({ binary: script });
+    const ctrl = new AbortController();
+    const seen: string[] = [];
+    const res = await adapter.run({
+      text: "x",
+      sessionId: null,
+      accountId: "ag_test",
+      cwd: tmpRoot,
+      signal: ctrl.signal,
+      trustLevel: "owner",
+      onBlock: (b) => seen.push(b.kind),
+    });
+    expect(res.text).toBe("done");
+    expect(seen).toContain("tool_use");
+    expect(seen).toContain("assistant_text");
+    expect(seen).toContain("system");
+  });
+  it("no sessionId → `exec` subcommand (no resume)", async () => {
+    const script = makeScript(
+      "fresh-argv.js",
+      `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde1"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:"agent_message", text:JSON.stringify(argv)}}) + "\\n");
+`,
+    );
+    const res = await runAdapter(script, null);
+    const argv = JSON.parse(res.text) as string[];
+    expect(argv[0]).toBe("exec");
+    expect(argv[1]).not.toBe("resume");
+  });
+  it("with sessionId → `exec resume <uuid>` subcommand", async () => {
+    const script = makeScript(
+      "resume-argv.js",
+      `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde2"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:"agent_message", text:JSON.stringify(argv)}}) + "\\n");
+`,
+    );
+    const uuid = "01234567-89ab-7def-8123-456789abcdef";
+    const res = await runAdapter(script, uuid);
+    const argv = JSON.parse(res.text) as string[];
+    expect(argv[0]).toBe("exec");
+    expect(argv[1]).toBe("resume");
+    expect(argv[2]).toBe(uuid);
+    // Sandbox policy uses `-c` overrides (resume doesn't accept `-s`).
+    expect(argv).not.toContain("-s");
+  });
+  it("rejects non-UUID sessionId before spawn", async () => {
+    const script = makeScript("noop.js", "process.exit(0);");
+    const adapter = new CodexAdapter({ binary: script });
+    const ctrl = new AbortController();
+    await expect(
+      adapter.run({
+        text: "x",
+        sessionId: "--not-a-uuid",
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "owner",
+      }),
+    ).rejects.toThrow(/invalid sessionId/);
+  });
+  it("writes systemContext to <CODEX_HOME>/AGENTS.md atomically before spawn", async () => {
+    // Capture CODEX_HOME seen by the child so we can verify the adapter's env.
+    const script = makeScript(
+      "echo-codex-home.js",
+      `
+const home = process.env.CODEX_HOME ?? "";
+process.stdout.write(JSON.stringify({type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde3"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:"agent_message", text: home}}) + "\\n");
+`,
+    );
+    const adapter = new CodexAdapter({ binary: script });
+    const ctrl = new AbortController();
+    const res = await adapter.run({
+      text: "do the thing",
+      sessionId: null,
+      accountId: "ag_codex_test",
+      cwd: tmpRoot,
+      signal: ctrl.signal,
+      trustLevel: "owner",
+      systemContext: "MEMORY: remember X\nDIGEST: room Y was active",
+    });
+    const expectedHome = agentCodexHomeDir("ag_codex_test");
+    expect(res.text).toBe(expectedHome);
+    const agentsMd = path.join(expectedHome, "AGENTS.md");
+    expect(existsSync(agentsMd)).toBe(true);
+    const body = readFileSync(agentsMd, "utf8");
+    expect(body).toContain("MEMORY: remember X");
+    expect(body).toContain("DIGEST: room Y was active");
+    // No tmp leftovers from the atomic rename.
+    const stray = path.join(expectedHome, `.AGENTS.md.${process.pid}.tmp`);
+    expect(existsSync(stray)).toBe(false);
+  });
+  it("does NOT prepend systemContext to the positional prompt", async () => {
+    const script = makeScript(
+      "echo-prompt.js",
+      `
+const argv = process.argv.slice(2);
+const dashIdx = argv.indexOf("--");
+const prompt = dashIdx >= 0 ? argv.slice(dashIdx + 1).join(" ") : "";
+process.stdout.write(JSON.stringify({type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde4"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:"agent_message", text: prompt}}) + "\\n");
+`,
+    );
+    const adapter = new CodexAdapter({ binary: script });
+    const ctrl = new AbortController();
+    const res = await adapter.run({
+      text: "do the thing",
+      sessionId: null,
+      accountId: "ag_test",
+      cwd: tmpRoot,
+      signal: ctrl.signal,
+      trustLevel: "owner",
+      systemContext: "MEMORY: remember X",
+    });
+    expect(res.text).toBe("do the thing");
+    expect(res.text).not.toContain("MEMORY:");
+    expect(res.text).not.toContain("---");
+  });
+  it("returns early when signal is already aborted", async () => {
+    const script = makeScript("noop.js", "process.exit(0);");
+    const adapter = new CodexAdapter({ binary: script });
+    const ctrl = new AbortController();
+    ctrl.abort();
+    const res = await adapter.run({
+      text: "x",
+      sessionId: null,
+      accountId: "ag_test",
+      cwd: tmpRoot,
+      signal: ctrl.signal,
+      trustLevel: "owner",
+    });
+    expect(res.text).toBe("");
+    expect(res.error).toMatch(/aborted before spawn/);
+  });
+  it("surfaces turn.completed failure message as error", async () => {
+    const script = makeScript(
+      "failed.js",
+      `
+const lines = [
+  {type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcde5"},
+  {type:"turn.completed", turn:{status:"failed", error:{message:"rate limited"}}},
+];
+for (const l of lines) process.stdout.write(JSON.stringify(l) + "\\n");
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.error).toMatch(/rate limited/);
+  });
+  it("surfaces non-zero exit + stderr as error", async () => {
+    const script = makeScript(
+      "boom.js",
+      `
+process.stderr.write("codex: auth required\\n");
+process.exit(3);
+`,
+    );
+    const res = await runAdapter(script);
+    expect(res.error).toBeDefined();
+    expect(res.error).toMatch(/code 3/);
+    expect(res.error).toMatch(/auth required/);
+  });
+  describe("trustLevel → sandbox defaults (expressed as `-c` so `resume` accepts them)", () => {
+    // Echo argv back via the same `thread.started` / `agent_message` shape
+    // so we can assert on the flags the adapter chose.
+    const echoScript = () =>
+      makeScript(
+        "echo-argv.js",
+        `
+const argv = process.argv.slice(2);
+process.stdout.write(JSON.stringify({type:"thread.started", thread_id:"01234567-89ab-7def-8123-456789abcdea"}) + "\\n");
+process.stdout.write(JSON.stringify({type:"item.completed", item:{id:"i0", type:"agent_message", text: JSON.stringify(argv)}}) + "\\n");
+`,
+      );
+    it("owner → sandbox_mode=\"danger-full-access\" + approval_policy=\"never\"", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "owner",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).toContain('sandbox_mode="danger-full-access"');
+      expect(argv).toContain('approval_policy="never"');
+      expect(argv).not.toContain("--dangerously-bypass-approvals-and-sandbox");
+      expect(argv).not.toContain("-s");
+    });
+    it("public → sandbox_mode=\"workspace-write\" + approval_policy=\"on-request\"", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).toContain('sandbox_mode="workspace-write"');
+      expect(argv).toContain('approval_policy="on-request"');
+      expect(argv).not.toContain("--dangerously-bypass-approvals-and-sandbox");
+    });
+    it("trusted → sandbox_mode=\"workspace-write\" + approval_policy=\"on-request\"", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "trusted",
+      });
+      const argv = JSON.parse(res.text) as string[];
+      expect(argv).toContain('sandbox_mode="workspace-write"');
+      expect(argv).toContain('approval_policy="on-request"');
+    });
+    it("extraArgs `-s read-only` suppresses the default sandbox `-c`s", async () => {
+      const adapter = new CodexAdapter({ binary: echoScript() });
+      const ctrl = new AbortController();
+      const res = await adapter.run({
+        text: "x",
+        sessionId: null,
+        accountId: "ag_test",
+        cwd: tmpRoot,
+        signal: ctrl.signal,
+        trustLevel: "public",
+        extraArgs: ["-s", "read-only"],
+      });
+      const argv = JSON.parse(res.text) as string[];
+      // Only the operator-supplied `-s` appears; our defaults are suppressed.
+      expect(argv.filter((a) => a === "-s").length).toBe(1);
+      expect(argv[argv.indexOf("-s") + 1]).toBe("read-only");
+      expect(argv).not.toContain('sandbox_mode="workspace-write"');
+      expect(argv).not.toContain('sandbox_mode="danger-full-access"');
+    });
+  });
+});