npm - @desplega.ai/agent-swarm - Versions diffs - 1.71.2 → 1.72.0 - Mend

@desplega.ai/agent-swarm 1.71.2 → 1.72.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/README.md +3 -2
package/openapi.json +994 -62
package/package.json +2 -1
package/src/be/budget-admission.ts +121 -0
package/src/be/budget-refusal-notify.ts +145 -0
package/src/be/db.ts +488 -5
package/src/be/migrations/044_provider_meta.sql +2 -0
package/src/be/migrations/046_budgets_and_pricing.sql +87 -0
package/src/be/migrations/047_session_costs_cost_source.sql +16 -0
package/src/cli.tsx +22 -1
package/src/commands/claude-managed-setup.ts +687 -0
package/src/commands/codex-login.ts +1 -1
package/src/commands/runner.ts +175 -28
package/src/commands/templates.ts +10 -6
package/src/http/budgets.ts +219 -0
package/src/http/index.ts +6 -0
package/src/http/integrations.ts +134 -0
package/src/http/poll.ts +161 -3
package/src/http/pricing.ts +245 -0
package/src/http/session-data.ts +54 -6
package/src/http/tasks.ts +23 -2
package/src/prompts/base-prompt.ts +103 -73
package/src/prompts/session-templates.ts +43 -0
package/src/providers/claude-adapter.ts +3 -1
package/src/providers/claude-managed-adapter.ts +871 -0
package/src/providers/claude-managed-models.ts +117 -0
package/src/providers/claude-managed-swarm-events.ts +77 -0
package/src/providers/codex-adapter.ts +3 -1
package/src/providers/codex-skill-resolver.ts +10 -0
package/src/providers/codex-swarm-events.ts +20 -161
package/src/providers/devin-adapter.ts +894 -0
package/src/providers/devin-api.ts +207 -0
package/src/providers/devin-playbooks.ts +91 -0
package/src/providers/devin-skill-resolver.ts +113 -0
package/src/providers/index.ts +10 -1
package/src/providers/pi-mono-adapter.ts +3 -1
package/src/providers/swarm-events-shared.ts +262 -0
package/src/providers/types.ts +26 -1
package/src/tests/base-prompt.test.ts +199 -0
package/src/tests/budget-admission.test.ts +339 -0
package/src/tests/budget-claim-gate.test.ts +288 -0
package/src/tests/budget-refusal-notification.test.ts +324 -0
package/src/tests/budgets-routes.test.ts +331 -0
package/src/tests/claude-managed-adapter.test.ts +1301 -0
package/src/tests/claude-managed-setup.test.ts +325 -0
package/src/tests/devin-adapter.test.ts +677 -0
package/src/tests/devin-api.test.ts +339 -0
package/src/tests/integrations-http.test.ts +211 -0
package/src/tests/migration-046-budgets.test.ts +327 -0
package/src/tests/pricing-routes.test.ts +315 -0
package/src/tests/prompt-template-remaining.test.ts +4 -0
package/src/tests/prompt-template-session.test.ts +2 -2
package/src/tests/provider-adapter.test.ts +1 -1
package/src/tests/runner-budget-refused.test.ts +271 -0
package/src/tests/session-costs-codex-recompute.test.ts +386 -0
package/src/tools/poll-task.ts +13 -2
package/src/tools/task-action.ts +92 -2
package/src/tools/templates.ts +29 -0
package/src/types.ts +116 -0
package/src/utils/budget-backoff.ts +34 -0
package/src/utils/credentials.ts +4 -0
package/src/utils/provider-metadata.ts +9 -0

package/src/tests/devin-api.test.ts ADDED Viewed

@@ -0,0 +1,339 @@
+/**
+ * Unit tests for the Devin REST API client (`src/providers/devin-api.ts`).
+ *
+ * A minimal `node:http` mock server returns canned JSON responses based on the
+ * request path and method. The test sets `DEVIN_API_BASE_URL` so the client
+ * hits the mock instead of the real Devin API.
+ */
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { createServer, type IncomingMessage, type Server, type ServerResponse } from "node:http";
+import * as devinApi from "../providers/devin-api";
+const TEST_PORT = 13050;
+const TEST_BASE_URL = `http://localhost:${TEST_PORT}`;
+const ORG_ID = "org-test-123";
+const API_KEY = "cog_test_key";
+// Canned responses -----------------------------------------------------------
+const SESSION_RESPONSE = {
+  session_id: "ses-abc-123",
+  url: "https://app.devin.ai/sessions/ses-abc-123",
+  status: "new",
+  created_at: 1700000000,
+  updated_at: 1700000000,
+};
+const PLAYBOOK_RESPONSE = {
+  playbook_id: "pb-xyz-789",
+  title: "test playbook",
+  body: "do the thing",
+};
+// ---------------------------------------------------------------------------
+// Mock HTTP server
+// ---------------------------------------------------------------------------
+let server: Server;
+/** Last request metadata captured by the mock, for assertion purposes. */
+let lastRequest: {
+  method: string;
+  url: string;
+  headers: Record<string, string | string[] | undefined>;
+  body: string;
+} | null = null;
+/** Override the response for the next request (one-shot). */
+let nextResponse: { status: number; body: string } | null = null;
+function readBody(req: IncomingMessage): Promise<string> {
+  return new Promise((resolve) => {
+    const chunks: Buffer[] = [];
+    req.on("data", (chunk: Buffer) => chunks.push(chunk));
+    req.on("end", () => resolve(Buffer.concat(chunks).toString()));
+  });
+}
+function handler(req: IncomingMessage, res: ServerResponse): void {
+  void (async () => {
+    const body = await readBody(req);
+    lastRequest = {
+      method: req.method ?? "GET",
+      url: req.url ?? "/",
+      headers: req.headers as Record<string, string | string[] | undefined>,
+      body,
+    };
+    // One-shot override
+    if (nextResponse) {
+      const nr = nextResponse;
+      nextResponse = null;
+      res.writeHead(nr.status, { "Content-Type": "application/json" });
+      res.end(nr.body);
+      return;
+    }
+    const url = req.url ?? "";
+    const method = req.method ?? "GET";
+    // POST /v3/organizations/:orgId/sessions
+    if (method === "POST" && url.match(/\/v3\/organizations\/[^/]+\/sessions$/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify(SESSION_RESPONSE));
+      return;
+    }
+    // GET /v3/organizations/:orgId/sessions/:sessionId
+    if (method === "GET" && url.match(/\/v3\/organizations\/[^/]+\/sessions\/[^/]+$/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify(SESSION_RESPONSE));
+      return;
+    }
+    // POST /v3/organizations/:orgId/sessions/:sessionId/messages
+    if (method === "POST" && url.match(/\/v3\/organizations\/[^/]+\/sessions\/[^/]+\/messages$/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ ok: true }));
+      return;
+    }
+    // POST /v3/organizations/:orgId/sessions/:sessionId/archive
+    if (method === "POST" && url.match(/\/v3\/organizations\/[^/]+\/sessions\/[^/]+\/archive$/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ ok: true }));
+      return;
+    }
+    // GET /v3/organizations/:orgId/sessions/:sessionId/messages
+    if (method === "GET" && url.match(/\/v3\/organizations\/[^/]+\/sessions\/[^/]+\/messages/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(
+        JSON.stringify({
+          items: [
+            { event_id: "msg-001", source: "user", message: "hello", created_at: 1700000001 },
+            { event_id: "msg-002", source: "devin", message: "hi there", created_at: 1700000002 },
+          ],
+          end_cursor: "cursor-abc",
+          has_next_page: false,
+          total: 2,
+        }),
+      );
+      return;
+    }
+    // POST /v3/organizations/:orgId/playbooks
+    if (method === "POST" && url.match(/\/v3\/organizations\/[^/]+\/playbooks$/)) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify(PLAYBOOK_RESPONSE));
+      return;
+    }
+    res.writeHead(404, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ error: "not found" }));
+  })();
+}
+beforeAll(async () => {
+  process.env.DEVIN_API_BASE_URL = TEST_BASE_URL;
+  await new Promise<void>((resolve) => {
+    server = createServer(handler);
+    server.listen(TEST_PORT, () => resolve());
+  });
+});
+afterAll(() => {
+  server.close();
+  delete process.env.DEVIN_API_BASE_URL;
+});
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+describe("devin-api: createSession", () => {
+  test("success — returns DevinSessionResponse", async () => {
+    const result = await devinApi.createSession(ORG_ID, API_KEY, {
+      prompt: "hello devin",
+    });
+    expect(result.session_id).toBe("ses-abc-123");
+    expect(result.url).toBe("https://app.devin.ai/sessions/ses-abc-123");
+    expect(result.status).toBe("new");
+  });
+  test("4xx error — throws with status and body", async () => {
+    nextResponse = {
+      status: 422,
+      body: JSON.stringify({ error: "invalid prompt" }),
+    };
+    await expect(devinApi.createSession(ORG_ID, API_KEY, { prompt: "" })).rejects.toThrow(
+      /HTTP 422/,
+    );
+  });
+  test("auth header carries Bearer token", async () => {
+    lastRequest = null;
+    await devinApi.createSession(ORG_ID, API_KEY, { prompt: "check headers" });
+    expect(lastRequest).not.toBeNull();
+    expect(lastRequest!.headers.authorization).toBe(`Bearer ${API_KEY}`);
+  });
+  test("URL includes org ID", async () => {
+    lastRequest = null;
+    await devinApi.createSession(ORG_ID, API_KEY, { prompt: "check url" });
+    expect(lastRequest!.url).toContain(`/v3/organizations/${ORG_ID}/sessions`);
+  });
+});
+describe("devin-api: getSession", () => {
+  test("success — returns session data", async () => {
+    const result = await devinApi.getSession(ORG_ID, API_KEY, "ses-abc-123");
+    expect(result.session_id).toBe("ses-abc-123");
+    expect(result.status).toBe("new");
+  });
+  test("URL includes session ID", async () => {
+    lastRequest = null;
+    await devinApi.getSession(ORG_ID, API_KEY, "ses-poll-test");
+    expect(lastRequest!.url).toContain("/ses-poll-test");
+    expect(lastRequest!.method).toBe("GET");
+  });
+});
+describe("devin-api: sendMessage", () => {
+  test("success — does not throw", async () => {
+    await expect(
+      devinApi.sendMessage(ORG_ID, API_KEY, "ses-abc-123", "approve"),
+    ).resolves.toBeUndefined();
+  });
+  test("sends message in JSON body", async () => {
+    lastRequest = null;
+    await devinApi.sendMessage(ORG_ID, API_KEY, "ses-abc-123", "my message");
+    const body = JSON.parse(lastRequest!.body);
+    expect(body.message).toBe("my message");
+  });
+});
+describe("devin-api: archiveSession", () => {
+  test("success — does not throw", async () => {
+    await expect(devinApi.archiveSession(ORG_ID, API_KEY, "ses-abc-123")).resolves.toBeUndefined();
+  });
+  test("URL includes /archive", async () => {
+    lastRequest = null;
+    await devinApi.archiveSession(ORG_ID, API_KEY, "ses-archive-test");
+    expect(lastRequest!.url).toContain("/ses-archive-test/archive");
+    expect(lastRequest!.method).toBe("POST");
+  });
+});
+describe("devin-api: getSessionMessages", () => {
+  test("success — returns messages with cursor info", async () => {
+    const result = await devinApi.getSessionMessages(ORG_ID, API_KEY, "ses-abc-123");
+    expect(result.items).toHaveLength(2);
+    expect(result.items[0].event_id).toBe("msg-001");
+    expect(result.items[1].source).toBe("devin");
+    expect(result.end_cursor).toBe("cursor-abc");
+    expect(result.has_next_page).toBe(false);
+  });
+  test("URL includes session ID and default pagination", async () => {
+    lastRequest = null;
+    await devinApi.getSessionMessages(ORG_ID, API_KEY, "ses-msg-test");
+    expect(lastRequest!.method).toBe("GET");
+    expect(lastRequest!.url).toContain("/ses-msg-test/messages");
+    expect(lastRequest!.url).toContain("first=200");
+  });
+  test("passes cursor via after param", async () => {
+    lastRequest = null;
+    await devinApi.getSessionMessages(ORG_ID, API_KEY, "ses-abc-123", "cursor-prev");
+    expect(lastRequest!.url).toContain("after=cursor-prev");
+  });
+  test("4xx error — throws with status", async () => {
+    nextResponse = { status: 404, body: JSON.stringify({ error: "session not found" }) };
+    await expect(devinApi.getSessionMessages(ORG_ID, API_KEY, "ses-missing")).rejects.toThrow(
+      /HTTP 404/,
+    );
+  });
+});
+describe("devin-api: createPlaybook", () => {
+  test("success — returns DevinPlaybookResponse", async () => {
+    const result = await devinApi.createPlaybook(ORG_ID, API_KEY, {
+      title: "test playbook",
+      body: "do the thing",
+    });
+    expect(result.playbook_id).toBe("pb-xyz-789");
+    expect(result.title).toBe("test playbook");
+  });
+  test("sends title and body in JSON body", async () => {
+    lastRequest = null;
+    await devinApi.createPlaybook(ORG_ID, API_KEY, {
+      title: "my pb",
+      body: "instructions here",
+    });
+    const body = JSON.parse(lastRequest!.body);
+    expect(body.title).toBe("my pb");
+    expect(body.body).toBe("instructions here");
+  });
+});
+describe("devin-api: error handling", () => {
+  test("5xx response throws with status", async () => {
+    nextResponse = {
+      status: 500,
+      body: JSON.stringify({ error: "internal server error" }),
+    };
+    await expect(devinApi.getSession(ORG_ID, API_KEY, "ses-abc-123")).rejects.toThrow(/HTTP 500/);
+  });
+  test("5xx includes response body in error message", async () => {
+    nextResponse = {
+      status: 503,
+      body: JSON.stringify({ error: "service unavailable" }),
+    };
+    try {
+      await devinApi.createSession(ORG_ID, API_KEY, { prompt: "test" });
+      expect.unreachable("should have thrown");
+    } catch (err) {
+      expect((err as Error).message).toContain("service unavailable");
+      expect((err as Error).message).toContain("503");
+    }
+  });
+  test("error message includes the operation label", async () => {
+    nextResponse = { status: 400, body: "bad request" };
+    try {
+      await devinApi.archiveSession(ORG_ID, API_KEY, "ses-test");
+      expect.unreachable("should have thrown");
+    } catch (err) {
+      expect((err as Error).message).toContain("archiveSession");
+    }
+  });
+});
+describe("devin-api: base URL override", () => {
+  test("DEVIN_API_BASE_URL is respected (requests reach mock server)", async () => {
+    // The fact that all the above tests work at all proves the base URL
+    // override is working — but let's be explicit about it.
+    lastRequest = null;
+    await devinApi.getSession(ORG_ID, API_KEY, "ses-url-test");
+    // The request reached our mock server on TEST_PORT, which only happens
+    // if the base URL was overridden from the default https://api.devin.ai.
+    expect(lastRequest).not.toBeNull();
+    expect(lastRequest!.url).toBe(`/v3/organizations/${ORG_ID}/sessions/ses-url-test`);
+  });
+});

package/src/tests/integrations-http.test.ts ADDED Viewed

@@ -0,0 +1,211 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import { createServer as createHttpServer, type Server } from "node:http";
+import { closeDb, deleteSwarmConfig, getSwarmConfigs, initDb, upsertSwarmConfig } from "../be/db";
+import { type ClaudeManagedTestClient, createIntegrationsHandler } from "../http/integrations";
+import { getPathSegments } from "../http/utils";
+// ---------------------------------------------------------------------------
+// Tests for POST /api/integrations/claude-managed/test
+//
+// Covers:
+//   - Success path — beta.agents.retrieve returns name + model.
+//   - Missing-config path — neither swarm_config nor process.env has the
+//     required keys → ok:false with a hint to run the setup CLI.
+//   - Anthropic API error path — retrieve throws → ok:false with the error
+//     message; HTTP status remains 200 (per the route contract).
+// ---------------------------------------------------------------------------
+const TEST_DB_PATH = "./test-integrations-http.sqlite";
+const TEST_PORT = 13089;
+interface FakeClientLog {
+  retrieveCalls: string[];
+  retrieveResult?: { name?: string | null; model?: string | null };
+  retrieveError?: Error;
+}
+function buildFakeClient(log: FakeClientLog): ClaudeManagedTestClient {
+  return {
+    beta: {
+      agents: {
+        retrieve: async (agentId: string) => {
+          log.retrieveCalls.push(agentId);
+          if (log.retrieveError) throw log.retrieveError;
+          return log.retrieveResult ?? {};
+        },
+      },
+    },
+  };
+}
+function clearManagedConfigRows() {
+  const all = getSwarmConfigs({ scope: "global" });
+  for (const row of all) {
+    if (
+      row.key === "ANTHROPIC_API_KEY" ||
+      row.key === "MANAGED_AGENT_ID" ||
+      row.key === "MANAGED_ENVIRONMENT_ID"
+    ) {
+      deleteSwarmConfig(row.id);
+    }
+  }
+  // Also scrub process.env so resolveConfigValue's fallback doesn't bleed
+  // values from the host environment into the test.
+  delete process.env.ANTHROPIC_API_KEY;
+  delete process.env.MANAGED_AGENT_ID;
+  delete process.env.MANAGED_ENVIRONMENT_ID;
+}
+describe("POST /api/integrations/claude-managed/test", () => {
+  let server: Server;
+  const baseUrl = `http://localhost:${TEST_PORT}`;
+  const log: FakeClientLog = { retrieveCalls: [] };
+  const savedEnv = {
+    ANTHROPIC_API_KEY: process.env.ANTHROPIC_API_KEY,
+    MANAGED_AGENT_ID: process.env.MANAGED_AGENT_ID,
+    MANAGED_ENVIRONMENT_ID: process.env.MANAGED_ENVIRONMENT_ID,
+  };
+  beforeAll(async () => {
+    initDb(TEST_DB_PATH);
+    const handler = createIntegrationsHandler({
+      buildClient: () => buildFakeClient(log),
+    });
+    server = createHttpServer(async (req, res) => {
+      const pathSegments = getPathSegments(req.url || "");
+      const handled = await handler(req, res, pathSegments);
+      if (!handled) {
+        res.writeHead(404);
+        res.end("not found");
+      }
+    });
+    await new Promise<void>((resolve) => {
+      server.listen(TEST_PORT, () => resolve());
+    });
+  });
+  afterAll(async () => {
+    server.close();
+    closeDb();
+    await unlink(TEST_DB_PATH).catch(() => {});
+    await unlink(`${TEST_DB_PATH}-wal`).catch(() => {});
+    await unlink(`${TEST_DB_PATH}-shm`).catch(() => {});
+    // Restore original env so other test files aren't affected.
+    for (const [k, v] of Object.entries(savedEnv)) {
+      if (v === undefined) delete process.env[k];
+      else process.env[k] = v;
+    }
+  });
+  beforeEach(() => {
+    log.retrieveCalls = [];
+    log.retrieveResult = undefined;
+    log.retrieveError = undefined;
+    clearManagedConfigRows();
+  });
+  test("success path — returns ok:true with agent name + model", async () => {
+    upsertSwarmConfig({
+      scope: "global",
+      key: "ANTHROPIC_API_KEY",
+      value: "sk-ant-test",
+      isSecret: true,
+    });
+    upsertSwarmConfig({
+      scope: "global",
+      key: "MANAGED_AGENT_ID",
+      value: "agent_abc123",
+      isSecret: false,
+    });
+    log.retrieveResult = { name: "swarm-worker", model: "claude-sonnet-4-6" };
+    const res = await fetch(`${baseUrl}/api/integrations/claude-managed/test`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: "{}",
+    });
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body).toEqual({
+      ok: true,
+      agentName: "swarm-worker",
+      model: "claude-sonnet-4-6",
+    });
+    expect(log.retrieveCalls).toEqual(["agent_abc123"]);
+  });
+  test("missing-config path — returns ok:false with helpful error", async () => {
+    // No swarm_config rows, no env. resolveConfigValue should return null
+    // for both keys and short-circuit before calling Anthropic.
+    const res = await fetch(`${baseUrl}/api/integrations/claude-managed/test`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: "{}",
+    });
+    expect(res.status).toBe(200);
+    const body = (await res.json()) as { ok: boolean; error: string };
+    expect(body.ok).toBe(false);
+    expect(body.error).toContain("ANTHROPIC_API_KEY");
+    expect(body.error).toContain("MANAGED_AGENT_ID");
+    expect(body.error).toContain("claude-managed-setup");
+    // No SDK call should have been attempted.
+    expect(log.retrieveCalls).toHaveLength(0);
+  });
+  test("Anthropic API error — returns ok:false with the error message, HTTP 200", async () => {
+    upsertSwarmConfig({
+      scope: "global",
+      key: "ANTHROPIC_API_KEY",
+      value: "sk-ant-test",
+      isSecret: true,
+    });
+    upsertSwarmConfig({
+      scope: "global",
+      key: "MANAGED_AGENT_ID",
+      value: "agent_does_not_exist",
+      isSecret: false,
+    });
+    log.retrieveError = new Error("404 not_found_error: agent not found");
+    const res = await fetch(`${baseUrl}/api/integrations/claude-managed/test`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: "{}",
+    });
+    expect(res.status).toBe(200);
+    const body = (await res.json()) as { ok: boolean; error: string };
+    expect(body.ok).toBe(false);
+    expect(body.error).toContain("agent not found");
+    expect(log.retrieveCalls).toEqual(["agent_does_not_exist"]);
+  });
+  test("env-fallback path — uses process.env when swarm_config row missing", async () => {
+    process.env.ANTHROPIC_API_KEY = "sk-ant-fromenv";
+    process.env.MANAGED_AGENT_ID = "agent_env_fallback";
+    log.retrieveResult = { name: "from-env", model: "claude-sonnet-4-6" };
+    const res = await fetch(`${baseUrl}/api/integrations/claude-managed/test`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: "{}",
+    });
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body).toEqual({
+      ok: true,
+      agentName: "from-env",
+      model: "claude-sonnet-4-6",
+    });
+    expect(log.retrieveCalls).toEqual(["agent_env_fallback"]);
+  });
+});