@botcord/daemon 0.2.78 → 0.2.79

package/src/__tests__/provision.test.ts

@@ -1736,6 +1736,71 @@ describe("update_agent handler", () => {
     });
   });
 
+  it("updates runtime selectors in credentials and managed route", async () => {
+    await withSandboxHome(async ({ tmp, fs, path: nodePath }) => {
+      mockState.cfg = {
+        defaultRoute: {
+          adapter: "codex",
+          cwd: tmp,
+          extraArgs: ["--skip-git-repo-check"],
+        },
+        routes: [],
+        streamBlocks: true,
+      };
+      const credDir = nodePath.join(tmp, ".botcord", "credentials");
+      fs.mkdirSync(credDir, { recursive: true });
+      fs.writeFileSync(
+        nodePath.join(credDir, "ag_runtime.json"),
+        JSON.stringify({
+          version: 1,
+          hubUrl: "https://hub.example",
+          agentId: "ag_runtime",
+          keyId: "k_runtime",
+          privateKey: Buffer.alloc(32, 24).toString("base64"),
+          savedAt: new Date().toISOString(),
+        }),
+      );
+
+      const gw = makeFakeGateway();
+      const provisioner = createProvisioner({
+        gateway: gw as unknown as Parameters<typeof createProvisioner>[0]["gateway"],
+      });
+      const ack = await provisioner({
+        id: "req_update_runtime",
+        type: CONTROL_FRAME_TYPES.UPDATE_AGENT,
+        params: {
+          agentId: "ag_runtime",
+          runtime: "codex",
+          runtimeModel: "gpt-5.2",
+          reasoningEffort: "high",
+          thinking: true,
+        },
+      });
+
+      expect(ack.ok).toBe(true);
+      expect((ack.result as { changed: boolean }).changed).toBe(true);
+
+      const saved = JSON.parse(
+        fs.readFileSync(nodePath.join(credDir, "ag_runtime.json"), "utf8"),
+      ) as Record<string, unknown>;
+      expect(saved.runtime).toBe("codex");
+      expect(saved.runtimeModel).toBe("gpt-5.2");
+      expect(saved.reasoningEffort).toBe("high");
+      expect(saved.thinking).toBe(true);
+      expect(gw.listManagedRoutes()[0]).toMatchObject({
+        match: { accountId: "ag_runtime" },
+        runtime: "codex",
+        extraArgs: [
+          "--skip-git-repo-check",
+          "--model",
+          "gpt-5.2",
+          "-c",
+          'model_reasoning_effort="high"',
+        ],
+      });
+    });
+  });
+
   it("rejects update_agent without agentId", async () => {
     const gw = makeFakeGateway();
     const provisioner = createProvisioner({

package/src/attention-policy-fetcher.ts

@@ -0,0 +1,87 @@
+import {
+  BotCordClient,
+  defaultCredentialsFile,
+  loadStoredCredentials,
+  updateCredentialsToken,
+} from "@botcord/protocol-core";
+import type { DaemonAttentionPolicy } from "./gateway/policy-resolver.js";
+
+interface CachedClient {
+  client: BotCordClient;
+  credentialsPath: string;
+}
+
+export interface AttentionPolicyFetcherOptions {
+  credentialPathByAgentId: Map<string, string>;
+  defaultCredentialsPath?: string;
+  hubBaseUrl?: string;
+  log?: {
+    warn: (msg: string, meta?: Record<string, unknown>) => void;
+  };
+}
+
+export type AttentionPolicyFetcher = (args: {
+  agentId: string;
+  roomId?: string | null;
+}) => Promise<DaemonAttentionPolicy | undefined>;
+
+export function createAttentionPolicyFetcher(
+  opts: AttentionPolicyFetcherOptions,
+): AttentionPolicyFetcher {
+  const clients = new Map<string, CachedClient>();
+
+  function getClient(agentId: string): BotCordClient | null {
+    const existing = clients.get(agentId);
+    if (existing) return existing.client;
+
+    const credentialsPath =
+      opts.credentialPathByAgentId.get(agentId) ??
+      opts.defaultCredentialsPath ??
+      defaultCredentialsFile(agentId);
+
+    try {
+      const creds = loadStoredCredentials(credentialsPath);
+      const client = new BotCordClient({
+        hubUrl: opts.hubBaseUrl ?? creds.hubUrl,
+        agentId: creds.agentId,
+        keyId: creds.keyId,
+        privateKey: creds.privateKey,
+        ...(creds.token ? { token: creds.token } : {}),
+        ...(creds.tokenExpiresAt !== undefined
+          ? { tokenExpiresAt: creds.tokenExpiresAt }
+          : {}),
+      });
+      client.onTokenRefresh = (token, expiresAt) => {
+        try {
+          updateCredentialsToken(credentialsPath, token, expiresAt);
+        } catch {
+          // Persistence failures are non-fatal; the next refresh retries.
+        }
+      };
+      clients.set(agentId, { client, credentialsPath });
+      return client;
+    } catch (err) {
+      opts.log?.warn("daemon.attention-policy.client-init-failed", {
+        agentId,
+        credentialsPath,
+        error: err instanceof Error ? err.message : String(err),
+      });
+      return null;
+    }
+  }
+
+  return async ({ agentId, roomId }) => {
+    const client = getClient(agentId);
+    if (!client) return undefined;
+    try {
+      return await client.getAttentionPolicy({ roomId });
+    } catch (err) {
+      opts.log?.warn("daemon.attention-policy.fetch-failed", {
+        agentId,
+        roomId: roomId ?? null,
+        error: err instanceof Error ? err.message : String(err),
+      });
+      return undefined;
+    }
+  };
+}

package/src/cloud-daemon.ts

@@ -32,6 +32,7 @@ import { createDaemonSystemContextBuilder } from "./system-context.js";
 import { readWorkingMemorySnapshot } from "./working-memory.js";
 import { createRoomStaticContextBuilder } from "./room-context.js";
 import { createRoomContextFetcher } from "./room-context-fetcher.js";
+import { createRecentRoomMessagesRecoveryBuilder } from "./room-recovery-context.js";
 import { composeBotCordUserTurn } from "./turn-text.js";
 import { PolicyResolver, type DaemonAttentionPolicy } from "./gateway/policy-resolver.js";
 import { scanMention } from "./mention-scan.js";
@@ -143,6 +144,12 @@ export async function startCloudDaemon(
     fetchRoomInfo: roomContextFetcher,
     log: logger,
   });
+  const buildRuntimeRecoveryContext = createRecentRoomMessagesRecoveryBuilder({
+    credentialPathByAgentId,
+    hubBaseUrl: cloudCfg.hubUrl,
+    limit: 20,
+    log: logger,
+  });
 
   type PerAgentBuilder = (
     msg: GatewayInboundMessage,
@@ -258,6 +265,7 @@ export async function startCloudDaemon(
     turnTimeoutMs: DEFAULT_TURN_TIMEOUT_MS,
     buildSystemContext,
     buildMemoryContext,
+    buildRuntimeRecoveryContext,
     onInbound,
     onTurnComplete,
     composeUserTurn: composeBotCordUserTurn,

package/src/cloud-gateway-runtime.ts

@@ -0,0 +1,171 @@
+import {
+  RUNTIME_FRAME_TYPES,
+  type GatewayInboundFrame,
+} from "@botcord/protocol-core";
+
+import type {
+  ChannelAdapter,
+  ChannelSendContext,
+  ChannelSendResult,
+  ChannelStatusSnapshot,
+  Gateway,
+  GatewayInboundMessage,
+  GatewayLogger,
+} from "./gateway/index.js";
+
+export interface CloudGatewayRuntimeResult {
+  accepted: boolean;
+  eventId: string;
+  gatewayId: string;
+  agentId: string;
+  conversationId: string;
+  turnId: string;
+  outbound?: {
+    finalText: string;
+    providerMessageId?: string | null;
+  };
+  error?: {
+    code: string;
+    message: string;
+  };
+}
+
+/**
+ * Execute one ingress-originated runtime frame through the normal Gateway
+ * dispatcher while keeping provider I/O outside the cloud sandbox.
+ *
+ * The temporary channel is scoped to this call and implements only the
+ * dispatcher-facing send/status surface. Its send() method captures the
+ * final runtime reply; the Hub relay converts that into
+ * gateway_outbound_complete for gateway-ingress, which then calls the real
+ * provider API.
+ */
+export async function handleCloudGatewayRuntimeInbound(
+  gateway: Gateway,
+  frame: GatewayInboundFrame,
+  log?: GatewayLogger,
+): Promise<CloudGatewayRuntimeResult> {
+  if (frame.type !== RUNTIME_FRAME_TYPES.GATEWAY_INBOUND) {
+    return rejected(frame, "bad_frame_type", `unsupported frame type "${frame.type}"`);
+  }
+  if (!frame.gateway_id || !frame.agent_id || !frame.event_id) {
+    return rejected(frame, "bad_frame", "gateway_id, agent_id and event_id are required");
+  }
+  if (frame.message.accountId !== frame.agent_id) {
+    return rejected(frame, "account_mismatch", "message.accountId does not match frame.agent_id");
+  }
+  if (frame.message.channel !== frame.gateway_id) {
+    return rejected(frame, "channel_mismatch", "message.channel does not match frame.gateway_id");
+  }
+
+  let accepted = false;
+  let outboundText: string | null = null;
+  let providerMessageId: string | null | undefined;
+  const channel = createRuntimeRelayChannel({
+    id: frame.gateway_id,
+    provider: frame.provider,
+    accountId: frame.agent_id,
+    onSend: async (ctx) => {
+      outboundText = ctx.message.text ?? "";
+      providerMessageId = ctx.message.traceId ?? null;
+      return { providerMessageId };
+    },
+  });
+
+  const message: GatewayInboundMessage = {
+    ...frame.message,
+    raw: {
+      source_type: "cloud_gateway_ingress",
+      provider: frame.provider,
+      event_id: frame.event_id,
+      gateway_id: frame.gateway_id,
+    },
+  };
+
+  try {
+    await gateway.injectInboundThrough(message, channel, {
+      accept: async () => {
+        accepted = true;
+      },
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log?.warn("cloud gateway runtime dispatch failed", {
+      eventId: frame.event_id,
+      gatewayId: frame.gateway_id,
+      agentId: frame.agent_id,
+      error: message,
+    });
+    return rejected(frame, "dispatch_failed", message);
+  }
+
+  return {
+    accepted,
+    eventId: frame.event_id,
+    gatewayId: frame.gateway_id,
+    agentId: frame.agent_id,
+    conversationId: frame.message.conversation.id,
+    turnId: `turn_${frame.event_id}`,
+    ...(outboundText !== null
+      ? {
+          outbound: {
+            finalText: outboundText,
+            providerMessageId: providerMessageId ?? null,
+          },
+        }
+      : {}),
+    ...(!accepted
+      ? { error: { code: "not_accepted", message: "dispatcher did not accept inbound" } }
+      : {}),
+  };
+}
+
+function createRuntimeRelayChannel(opts: {
+  id: string;
+  provider: string;
+  accountId: string;
+  onSend: (ctx: ChannelSendContext) => Promise<ChannelSendResult>;
+}): ChannelAdapter {
+  let lastSendAt: number | undefined;
+  return {
+    id: opts.id,
+    type: opts.provider,
+    async start() {
+      return undefined;
+    },
+    async stop() {
+      return undefined;
+    },
+    async send(ctx) {
+      lastSendAt = Date.now();
+      return opts.onSend(ctx);
+    },
+    status(): ChannelStatusSnapshot {
+      return {
+        channel: opts.id,
+        accountId: opts.accountId,
+        running: true,
+        connected: true,
+        authorized: true,
+        provider: opts.provider as ChannelStatusSnapshot["provider"],
+        ...(lastSendAt ? { lastSendAt } : {}),
+      };
+    },
+  };
+}
+
+function rejected(
+  frame: Partial<GatewayInboundFrame>,
+  code: string,
+  message: string,
+): CloudGatewayRuntimeResult {
+  return {
+    accepted: false,
+    eventId: frame.event_id ?? "",
+    gatewayId: frame.gateway_id ?? "",
+    agentId: frame.agent_id ?? "",
+    conversationId: frame.message?.conversation.id ?? "",
+    turnId: frame.event_id ? `turn_${frame.event_id}` : "turn_unknown",
+    error: { code, message },
+  };
+}

package/src/daemon.ts

@@ -39,6 +39,7 @@ import { createDaemonSystemContextBuilder } from "./system-context.js";
 import { readWorkingMemorySnapshot } from "./working-memory.js";
 import { createRoomStaticContextBuilder } from "./room-context.js";
 import { createRoomContextFetcher } from "./room-context-fetcher.js";
+import { createRecentRoomMessagesRecoveryBuilder } from "./room-recovery-context.js";
 import {
   buildLoopRiskPrompt,
   loopRiskSessionKey,
@@ -50,6 +51,7 @@ import { UserAuthManager } from "./user-auth.js";
 import { PolicyResolver, type DaemonAttentionPolicy } from "./gateway/policy-resolver.js";
 import { scanMention } from "./mention-scan.js";
 import { createDiagnosticBundle, uploadDiagnosticBundle } from "./diagnostics.js";
+import { createAttentionPolicyFetcher } from "./attention-policy-fetcher.js";
 
 /**
  * Default hard cap for a single runtime turn. Long-running coding/research
@@ -364,6 +366,13 @@ export async function startDaemon(opts: DaemonRuntimeOptions): Promise<DaemonHan
     fetchRoomInfo: roomContextFetcher,
     log: logger,
   });
+  const buildRuntimeRecoveryContext = createRecentRoomMessagesRecoveryBuilder({
+    credentialPathByAgentId,
+    ...(opts.credentialsPath ? { defaultCredentialsPath: opts.credentialsPath } : {}),
+    ...(opts.hubBaseUrl ? { hubBaseUrl: opts.hubBaseUrl } : {}),
+    limit: 20,
+    log: logger,
+  });
 
   // Cache one system-context builder per configured agentId. The gateway
   // calls this with each inbound message and we pick the right builder by
@@ -442,13 +451,20 @@ export async function startDaemon(opts: DaemonRuntimeOptions): Promise<DaemonHan
     });
   };
 
-  // Per-agent attention policy cache (PR3, design §4.2 / §5). Seeded from
-  // the optional `defaultAttention` / `attentionKeywords` carried by
-  // `provision_agent`, refreshed in-place by the `policy_updated` control
-  // frame. PR2 will plug per-room overrides into `fetchEffective`; PR3
-  // leaves it absent so the resolver collapses to per-agent state.
+  // Per-agent attention policy cache (design §4.2 / §5). It is seeded from
+  // `provision_agent` / `policy_updated` frames when available and falls back
+  // to Hub on cold misses, so daemon restarts preserve dashboard policy.
+  const fetchAttentionPolicy = createAttentionPolicyFetcher({
+    credentialPathByAgentId,
+    defaultCredentialsPath: opts.credentialsPath,
+    hubBaseUrl: opts.hubBaseUrl,
+    log: logger,
+  });
   const policyResolver = new PolicyResolver({
-    fetchGlobal: async (_agentId: string) => undefined,
+    fetchGlobal: async (agentId: string) =>
+      fetchAttentionPolicy({ agentId, roomId: null }),
+    fetchEffective: async (agentId: string, roomId: string) =>
+      fetchAttentionPolicy({ agentId, roomId }),
   });
 
   // Display-name lookup for the mention text-fallback. Populated from boot
@@ -528,6 +544,7 @@ export async function startDaemon(opts: DaemonRuntimeOptions): Promise<DaemonHan
     turnTimeoutMs: DEFAULT_TURN_TIMEOUT_MS,
     buildSystemContext,
     buildMemoryContext,
+    buildRuntimeRecoveryContext,
     onInbound,
     onOutbound,
     onRuntimeCircuitBreakerChange: pushLiveRuntimeSnapshot,

package/src/gateway/__tests__/botcord-channel.test.ts

@@ -925,6 +925,103 @@ describe("createBotCordChannel — streamBlock()", () => {
     }
   });
 
+  it("normalizes current DeepSeek item.delta assistant text", async () => {
+    const fetchSpy = vi.fn().mockResolvedValue(new Response(null, { status: 204 }));
+    const realFetch = globalThis.fetch;
+    globalThis.fetch = fetchSpy as unknown as typeof fetch;
+    try {
+      const client = makeClient({
+        getHubUrl: vi.fn().mockReturnValue("https://hub.example.com"),
+      });
+      const channel = createBotCordChannel({
+        id: "botcord-main",
+        accountId: "ag_self",
+        agentId: "ag_self",
+        client,
+        hubBaseUrl: "https://hub.example.com",
+      });
+      await channel.streamBlock!({
+        traceId: "m_trace",
+        accountId: "ag_self",
+        conversationId: "rm_oc_1",
+        block: {
+          kind: "assistant_text",
+          seq: 6,
+          raw: {
+            event: "item.delta",
+            payload: { thread_id: "thr_1", turn_id: "turn_1", kind: "agent_message", delta: "hello" },
+          },
+        },
+        log: silentLog,
+      });
+      const [, init] = fetchSpy.mock.calls[0];
+      const body = JSON.parse(init.body as string);
+      expect(body.block).toEqual({
+        kind: "assistant",
+        seq: 6,
+        payload: { text: "hello" },
+      });
+    } finally {
+      globalThis.fetch = realFetch;
+    }
+  });
+
+  it("normalizes current DeepSeek item.started tool input", () => {
+    expect(
+      __normalizeBlockForHubForTests(
+        {
+          kind: "tool_use",
+          seq: 7,
+          raw: {
+            event: "item.started",
+            payload: {
+              item: { id: "item_tool", kind: "tool_call", status: "in_progress" },
+              tool: { id: "call_1", name: "web_search", input: { query: "上海天气" } },
+            },
+          },
+        },
+        7,
+      ),
+    ).toEqual({
+      kind: "tool_call",
+      seq: 7,
+      payload: {
+        id: "call_1",
+        name: "web_search",
+        params: { query: "上海天气" },
+        status: "in_progress",
+      },
+    });
+  });
+
+  it("normalizes current DeepSeek agent_reasoning details", () => {
+    expect(
+      __normalizeBlockForHubForTests(
+        {
+          kind: "thinking",
+          seq: 8,
+          raw: {
+            event: "item.completed",
+            payload: {
+              item: {
+                id: "item_reasoning",
+                kind: "agent_reasoning",
+                status: "completed",
+                summary: "I should answer briefly.",
+                detail: "I should answer briefly.",
+              },
+            },
+          },
+        },
+        8,
+      ),
+    ).toEqual({
+      kind: "thinking",
+      seq: 8,
+      payload: { details: "I should answer briefly." },
+    });
+  });
+
   it("marks DeepSeek terminal events for owner-chat stream cleanup", async () => {
     const fetchSpy = vi.fn().mockResolvedValue(new Response(null, { status: 204 }));
     const realFetch = globalThis.fetch;