@botcord/daemon 0.2.78 → 0.2.80

package/src/__tests__/cloud-gateway-runtime.test.ts

@@ -0,0 +1,127 @@
+import { mkdtempSync, rmSync } from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { afterEach, beforeEach, describe, expect, it } from "vitest";
+import { RUNTIME_FRAME_TYPES, type GatewayInboundFrame } from "@botcord/protocol-core";
+
+import { handleCloudGatewayRuntimeInbound } from "../cloud-gateway-runtime.js";
+import { Gateway, type ChannelAdapter } from "../gateway/index.js";
+
+describe("cloud gateway runtime inbound", () => {
+  let tmpDir: string;
+
+  beforeEach(() => {
+    tmpDir = mkdtempSync(path.join(os.tmpdir(), "cloud-gateway-runtime-"));
+  });
+
+  afterEach(() => {
+    rmSync(tmpDir, { recursive: true, force: true });
+  });
+
+  it("injects a gateway_inbound frame and captures the runtime reply", async () => {
+    const gateway = new Gateway({
+      config: {
+        channels: [],
+        defaultRoute: { runtime: "fake", cwd: tmpDir },
+      },
+      sessionStorePath: path.join(tmpDir, "sessions.json"),
+      createChannel: (cfg) => stubChannel(cfg.id, cfg.type, cfg.accountId),
+      createRuntime: () => ({
+        id: "fake",
+        async run() {
+          return { text: "hello from runtime", newSessionId: "sess_1" };
+        },
+      }),
+      transcriptEnabled: false,
+    });
+    await gateway.start();
+
+    const frame: GatewayInboundFrame = {
+      type: RUNTIME_FRAME_TYPES.GATEWAY_INBOUND,
+      event_id: "evt_1",
+      gateway_id: "gw_tg_1",
+      agent_id: "ag_1",
+      provider: "telegram",
+      message: {
+        id: "telegram:1:2",
+        channel: "gw_tg_1",
+        accountId: "ag_1",
+        conversation: { id: "telegram:user:1", kind: "direct" },
+        sender: { id: "telegram:user:1", kind: "user" },
+        text: "hi",
+        replyTo: null,
+        mentioned: true,
+        receivedAt: Date.now(),
+        trace: { id: "telegram:1:2", streamable: false },
+      },
+    };
+
+    const result = await handleCloudGatewayRuntimeInbound(gateway, frame);
+    await gateway.stop("test");
+
+    expect(result.accepted).toBe(true);
+    expect(result.eventId).toBe("evt_1");
+    expect(result.gatewayId).toBe("gw_tg_1");
+    expect(result.conversationId).toBe("telegram:user:1");
+    expect(result.outbound?.finalText).toBe("hello from runtime");
+  });
+
+  it("rejects frames outside the token scope", async () => {
+    const gateway = new Gateway({
+      config: {
+        channels: [],
+        defaultRoute: { runtime: "fake", cwd: tmpDir },
+      },
+      sessionStorePath: path.join(tmpDir, "sessions.json"),
+      createChannel: (cfg) => stubChannel(cfg.id, cfg.type, cfg.accountId),
+      createRuntime: () => ({
+        id: "fake",
+        async run() {
+          return { text: "unused", newSessionId: "sess_1" };
+        },
+      }),
+      transcriptEnabled: false,
+    });
+
+    const result = await handleCloudGatewayRuntimeInbound(gateway, {
+      type: RUNTIME_FRAME_TYPES.GATEWAY_INBOUND,
+      event_id: "evt_bad",
+      gateway_id: "gw_tg_1",
+      agent_id: "ag_1",
+      provider: "telegram",
+      message: {
+        id: "telegram:1:2",
+        channel: "gw_other",
+        accountId: "ag_1",
+        conversation: { id: "telegram:user:1", kind: "direct" },
+        sender: { id: "telegram:user:1", kind: "user" },
+        text: "hi",
+        replyTo: null,
+        mentioned: true,
+        receivedAt: Date.now(),
+      },
+    });
+
+    expect(result.accepted).toBe(false);
+    expect(result.error?.code).toBe("channel_mismatch");
+  });
+});
+
+function stubChannel(id: string, type: string, accountId: string): ChannelAdapter {
+  return {
+    id,
+    type,
+    async start() {
+      return undefined;
+    },
+    async stop() {
+      return undefined;
+    },
+    async send() {
+      return {};
+    },
+    status() {
+      return { channel: id, accountId, running: true };
+    },
+  };
+}

package/src/__tests__/daemon-singleton.test.ts

@@ -5,8 +5,10 @@ import path from "node:path";
 import { afterEach, beforeEach, describe, expect, it } from "vitest";
 import {
   ensureNoOtherDaemonFromPidFile,
+  parseDaemonProcesses,
   readPid,
   removePidFile,
+  stopOtherDaemonProcessesForRestart,
   stopDaemonFromPidFileForRestart,
   writeCurrentPid,
 } from "../daemon-singleton.js";
@@ -73,6 +75,36 @@ describe("daemon singleton pid helpers", () => {
 
     expect(readPid(pidPath)).toBeNull();
   });
+
+  it("finds botcord daemon start commands in ps output", () => {
+    const out = parseDaemonProcesses(
+      [
+        "  111 node /Users/me/.botcord/daemon/node_modules/.bin/botcord-daemon start --foreground",
+        "  222 node /opt/botcord/daemon/dist/index.js start --foreground",
+        "  333 node /tmp/other.js",
+        `  ${process.pid} node /Users/me/.botcord/daemon/node_modules/.bin/botcord-daemon start --foreground`,
+      ].join("\n"),
+      process.pid,
+    );
+
+    expect(out.map((p) => p.pid)).toEqual([111, 222]);
+  });
+
+  it("terminates extra daemon processes discovered outside the pid file", async () => {
+    const child = spawn(process.execPath, ["-e", "setInterval(() => {}, 1000)"], {
+      stdio: "ignore",
+    });
+    children.push(child);
+    await waitForPid(child);
+
+    await stopOtherDaemonProcessesForRestart({
+      currentPid: process.pid,
+      processes: [{ pid: child.pid!, command: "node /opt/botcord/daemon/dist/index.js start --foreground" }],
+    });
+
+    await waitForExit(child);
+    expect(child.exitCode === null && child.signalCode === null).toBe(false);
+  });
 });
 
 async function waitForPid(child: ChildProcess): Promise<void> {

package/src/__tests__/gateway-control.test.ts

@@ -733,3 +733,139 @@ describe("W4: handleLoginStatus accountId ownership check", () => {
     expect(ack.error?.code).toBe("bad_params");
   });
 });
+
+describe("login_missing vs login_expired", () => {
+  it("wechat upsert with an unknown loginId returns login_missing", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+    });
+
+    const ack = await ctrl.handleUpsert({
+      id: uniqId("wx_missing"),
+      type: "wechat",
+      accountId: "ag_alice",
+      enabled: true,
+      loginId: "wxl_never_created",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_missing");
+    expect(gw.addChannel).not.toHaveBeenCalled();
+  });
+
+  it("feishu upsert with an unknown loginId returns login_missing", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+    });
+
+    const ack = await ctrl.handleUpsert({
+      id: uniqId("fs_missing"),
+      type: "feishu",
+      accountId: "ag_alice",
+      enabled: true,
+      loginId: "fsl_never_created",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_missing");
+    expect(gw.addChannel).not.toHaveBeenCalled();
+  });
+
+  it("recent_senders with an unknown loginId returns login_missing", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+    });
+
+    const ack = await ctrl.handleRecentSenders({
+      provider: "wechat",
+      loginId: "wxl_never_created",
+      accountId: "ag_alice",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_missing");
+  });
+
+  it("wechat upsert with a TTL-expired loginId returns login_expired", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    let nowMs = 1_000_000;
+    const sessions = new LoginSessionStore({ now: () => nowMs, ttlMs: 60_000 });
+    sessions.create({
+      loginId: "wxl_aged",
+      accountId: "ag_alice",
+      provider: "wechat",
+      qrcode: "QR",
+      baseUrl: "https://ilinkai.weixin.qq.com",
+      botToken: "wechat-bot-token-aged",
+    });
+    nowMs += 120_000;
+
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+    });
+
+    const ack = await ctrl.handleUpsert({
+      id: uniqId("wx_expired"),
+      type: "wechat",
+      accountId: "ag_alice",
+      enabled: true,
+      loginId: "wxl_aged",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_expired");
+    // resolve() also evicts — a follow-up call should now report missing.
+    expect(sessions.resolve("wxl_aged").state).toBe("missing");
+  });
+
+  it("feishu upsert with a TTL-expired loginId returns login_expired", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    let nowMs = 2_000_000;
+    const sessions = new LoginSessionStore({ now: () => nowMs, ttlMs: 60_000 });
+    sessions.create({
+      loginId: "fsl_aged",
+      accountId: "ag_alice",
+      provider: "feishu",
+      appId: "cli_xxx",
+      appSecret: "feishu-secret-aged",
+      domain: "feishu",
+    });
+    nowMs += 120_000;
+
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+    });
+
+    const ack = await ctrl.handleUpsert({
+      id: uniqId("fs_expired"),
+      type: "feishu",
+      accountId: "ag_alice",
+      enabled: true,
+      loginId: "fsl_aged",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_expired");
+  });
+});

package/src/__tests__/policy-resolver.test.ts

@@ -65,6 +65,26 @@ describe("PolicyResolver", () => {
     expect(p.mode).toBe("always");
   });
 
+  it.each(["telegram:user:42", "wechat:user:alice", "feishu:user:ou_alice"])(
+    "forces third-party direct chat %s to mode=always",
+    async (conversationId) => {
+      const resolver = new PolicyResolver({ fetchGlobal: async () => undefined });
+      resolver.put("ag_a", null, { mode: "mention_only", keywords: [] });
+      const p = await resolver.resolve("ag_a", conversationId);
+      expect(p.mode).toBe("always");
+    },
+  );
+
+  it.each(["telegram:group:-1001", "feishu:chat:oc_team"])(
+    "does not force third-party group chat %s to mode=always",
+    async (conversationId) => {
+      const resolver = new PolicyResolver({ fetchGlobal: async () => undefined });
+      resolver.put("ag_a", null, { mode: "mention_only", keywords: [] });
+      const p = await resolver.resolve("ag_a", conversationId);
+      expect(p.mode).toBe("mention_only");
+    },
+  );
+
   it("falls back to defaults when fetch throws", async () => {
     const resolver = new PolicyResolver({
       fetchGlobal: async () => {

package/src/__tests__/provision.test.ts

@@ -1736,6 +1736,71 @@ describe("update_agent handler", () => {
     });
   });
 
+  it("updates runtime selectors in credentials and managed route", async () => {
+    await withSandboxHome(async ({ tmp, fs, path: nodePath }) => {
+      mockState.cfg = {
+        defaultRoute: {
+          adapter: "codex",
+          cwd: tmp,
+          extraArgs: ["--skip-git-repo-check"],
+        },
+        routes: [],
+        streamBlocks: true,
+      };
+      const credDir = nodePath.join(tmp, ".botcord", "credentials");
+      fs.mkdirSync(credDir, { recursive: true });
+      fs.writeFileSync(
+        nodePath.join(credDir, "ag_runtime.json"),
+        JSON.stringify({
+          version: 1,
+          hubUrl: "https://hub.example",
+          agentId: "ag_runtime",
+          keyId: "k_runtime",
+          privateKey: Buffer.alloc(32, 24).toString("base64"),
+          savedAt: new Date().toISOString(),
+        }),
+      );
+
+      const gw = makeFakeGateway();
+      const provisioner = createProvisioner({
+        gateway: gw as unknown as Parameters<typeof createProvisioner>[0]["gateway"],
+      });
+      const ack = await provisioner({
+        id: "req_update_runtime",
+        type: CONTROL_FRAME_TYPES.UPDATE_AGENT,
+        params: {
+          agentId: "ag_runtime",
+          runtime: "codex",
+          runtimeModel: "gpt-5.2",
+          reasoningEffort: "high",
+          thinking: true,
+        },
+      });
+
+      expect(ack.ok).toBe(true);
+      expect((ack.result as { changed: boolean }).changed).toBe(true);
+
+      const saved = JSON.parse(
+        fs.readFileSync(nodePath.join(credDir, "ag_runtime.json"), "utf8"),
+      ) as Record<string, unknown>;
+      expect(saved.runtime).toBe("codex");
+      expect(saved.runtimeModel).toBe("gpt-5.2");
+      expect(saved.reasoningEffort).toBe("high");
+      expect(saved.thinking).toBe(true);
+      expect(gw.listManagedRoutes()[0]).toMatchObject({
+        match: { accountId: "ag_runtime" },
+        runtime: "codex",
+        extraArgs: [
+          "--skip-git-repo-check",
+          "--model",
+          "gpt-5.2",
+          "-c",
+          'model_reasoning_effort="high"',
+        ],
+      });
+    });
+  });
+
   it("rejects update_agent without agentId", async () => {
     const gw = makeFakeGateway();
     const provisioner = createProvisioner({

package/src/__tests__/status-render.test.ts

@@ -18,6 +18,18 @@ describe("renderStatus", () => {
     expect(out).toContain("stopped");
   });
 
+  it("reports daemon processes even when the pid file is missing", () => {
+    const out = renderStatus({
+      pid: null,
+      alive: false,
+      daemonProcesses: [{ pid: 1342 }, { pid: 1527 }],
+    });
+
+    expect(out).toContain("daemon: no pid file");
+    expect(out).toContain("warning: 2 daemon processes detected without pid file");
+    expect(out).toContain("pids: 1342, 1527");
+  });
+
   it("prints pid + agent + config when only PID state is known (no snapshot)", () => {
     const out = renderStatus(
       {
@@ -95,6 +107,17 @@ describe("renderStatus", () => {
     expect(out).toContain("agent:  ag_solo");
   });
 
+  it("warns when extra daemon processes are detected", () => {
+    const out = renderStatus({
+      pid: 42,
+      alive: true,
+      daemonProcesses: [{ pid: 1001 }, { pid: 1002 }],
+    });
+
+    expect(out).toContain("warning: 2 additional daemon processes detected");
+    expect(out).toContain("extra pids: 1001, 1002");
+  });
+
   it("surfaces ⚠ stale when snapshotAgeMs exceeds the threshold", () => {
     const out = renderStatus(
       {

package/src/attention-policy-fetcher.ts

@@ -0,0 +1,87 @@
+import {
+  BotCordClient,
+  defaultCredentialsFile,
+  loadStoredCredentials,
+  updateCredentialsToken,
+} from "@botcord/protocol-core";
+import type { DaemonAttentionPolicy } from "./gateway/policy-resolver.js";
+
+interface CachedClient {
+  client: BotCordClient;
+  credentialsPath: string;
+}
+
+export interface AttentionPolicyFetcherOptions {
+  credentialPathByAgentId: Map<string, string>;
+  defaultCredentialsPath?: string;
+  hubBaseUrl?: string;
+  log?: {
+    warn: (msg: string, meta?: Record<string, unknown>) => void;
+  };
+}
+
+export type AttentionPolicyFetcher = (args: {
+  agentId: string;
+  roomId?: string | null;
+}) => Promise<DaemonAttentionPolicy | undefined>;
+
+export function createAttentionPolicyFetcher(
+  opts: AttentionPolicyFetcherOptions,
+): AttentionPolicyFetcher {
+  const clients = new Map<string, CachedClient>();
+
+  function getClient(agentId: string): BotCordClient | null {
+    const existing = clients.get(agentId);
+    if (existing) return existing.client;
+
+    const credentialsPath =
+      opts.credentialPathByAgentId.get(agentId) ??
+      opts.defaultCredentialsPath ??
+      defaultCredentialsFile(agentId);
+
+    try {
+      const creds = loadStoredCredentials(credentialsPath);
+      const client = new BotCordClient({
+        hubUrl: opts.hubBaseUrl ?? creds.hubUrl,
+        agentId: creds.agentId,
+        keyId: creds.keyId,
+        privateKey: creds.privateKey,
+        ...(creds.token ? { token: creds.token } : {}),
+        ...(creds.tokenExpiresAt !== undefined
+          ? { tokenExpiresAt: creds.tokenExpiresAt }
+          : {}),
+      });
+      client.onTokenRefresh = (token, expiresAt) => {
+        try {
+          updateCredentialsToken(credentialsPath, token, expiresAt);
+        } catch {
+          // Persistence failures are non-fatal; the next refresh retries.
+        }
+      };
+      clients.set(agentId, { client, credentialsPath });
+      return client;
+    } catch (err) {
+      opts.log?.warn("daemon.attention-policy.client-init-failed", {
+        agentId,
+        credentialsPath,
+        error: err instanceof Error ? err.message : String(err),
+      });
+      return null;
+    }
+  }
+
+  return async ({ agentId, roomId }) => {
+    const client = getClient(agentId);
+    if (!client) return undefined;
+    try {
+      return await client.getAttentionPolicy({ roomId });
+    } catch (err) {
+      opts.log?.warn("daemon.attention-policy.fetch-failed", {
+        agentId,
+        roomId: roomId ?? null,
+        error: err instanceof Error ? err.message : String(err),
+      });
+      return undefined;
+    }
+  };
+}

package/src/cloud-daemon.ts

@@ -32,6 +32,7 @@ import { createDaemonSystemContextBuilder } from "./system-context.js";
 import { readWorkingMemorySnapshot } from "./working-memory.js";
 import { createRoomStaticContextBuilder } from "./room-context.js";
 import { createRoomContextFetcher } from "./room-context-fetcher.js";
+import { createRecentRoomMessagesRecoveryBuilder } from "./room-recovery-context.js";
 import { composeBotCordUserTurn } from "./turn-text.js";
 import { PolicyResolver, type DaemonAttentionPolicy } from "./gateway/policy-resolver.js";
 import { scanMention } from "./mention-scan.js";
@@ -143,6 +144,12 @@ export async function startCloudDaemon(
     fetchRoomInfo: roomContextFetcher,
     log: logger,
   });
+  const buildRuntimeRecoveryContext = createRecentRoomMessagesRecoveryBuilder({
+    credentialPathByAgentId,
+    hubBaseUrl: cloudCfg.hubUrl,
+    limit: 20,
+    log: logger,
+  });
 
   type PerAgentBuilder = (
     msg: GatewayInboundMessage,
@@ -258,6 +265,7 @@ export async function startCloudDaemon(
     turnTimeoutMs: DEFAULT_TURN_TIMEOUT_MS,
     buildSystemContext,
     buildMemoryContext,
+    buildRuntimeRecoveryContext,
     onInbound,
     onTurnComplete,
     composeUserTurn: composeBotCordUserTurn,