@desplega.ai/agent-swarm 1.74.0 → 1.74.2

package/src/tests/workflow-wait-state-queries.test.ts

@@ -0,0 +1,419 @@
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import {
+  closeDb,
+  createWaitState,
+  createWorkflow,
+  createWorkflowRun,
+  createWorkflowRunStep,
+  getDueWaitStates,
+  getPendingWaitsByEvent,
+  getStuckWaitRuns,
+  getWaitStateById,
+  getWaitStateByStepId,
+  initDb,
+  resolveWaitState,
+  updateWorkflowRun,
+  updateWorkflowRunStep,
+} from "../be/db";
+import type { WorkflowDefinition } from "../types";
+
+const TEST_DB_PATH = "./test-workflow-wait-state-queries.sqlite";
+
+beforeAll(() => {
+  initDb(TEST_DB_PATH);
+});
+
+afterAll(async () => {
+  closeDb();
+  for (const suffix of ["", "-wal", "-shm"]) {
+    await unlink(`${TEST_DB_PATH}${suffix}`).catch(() => {});
+  }
+});
+
+const minimalWorkflowDef: WorkflowDefinition = {
+  nodes: [{ id: "n1", type: "notify", config: { message: "hi" } }],
+};
+
+function makeWorkflow(name: string) {
+  return createWorkflow({
+    name,
+    definition: minimalWorkflowDef,
+  });
+}
+
+function timeIso(offsetMs: number): string {
+  return new Date(Date.now() + offsetMs).toISOString();
+}
+
+describe("createWaitState + getWaitStateById", () => {
+  test("inserts a time-mode row and round-trips", () => {
+    const id = crypto.randomUUID();
+    const runId = crypto.randomUUID();
+    const stepId = crypto.randomUUID();
+    const wakeUpAt = timeIso(60_000);
+
+    const row = createWaitState({
+      id,
+      workflowRunId: runId,
+      workflowRunStepId: stepId,
+      mode: "time",
+      wakeUpAt,
+    });
+
+    expect(row.id).toBe(id);
+    expect(row.mode).toBe("time");
+    expect(row.status).toBe("pending");
+    expect(row.wakeUpAt).toBe(wakeUpAt);
+    expect(row.eventName).toBeNull();
+    expect(row.expiresAt).toBeNull();
+
+    const fetched = getWaitStateById(id);
+    expect(fetched).not.toBeNull();
+    expect(fetched?.id).toBe(id);
+    expect(fetched?.workflowRunId).toBe(runId);
+  });
+
+  test("inserts an event-mode row with object filter", () => {
+    const id = crypto.randomUUID();
+    const stepId = crypto.randomUUID();
+    const filter = { number: 42, "pr.merged": true };
+
+    const row = createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: stepId,
+      mode: "event",
+      eventName: "github.pull_request.merged",
+      eventFilter: filter,
+      expiresAt: timeIso(3_600_000),
+    });
+
+    expect(row.mode).toBe("event");
+    expect(row.eventName).toBe("github.pull_request.merged");
+    expect(row.eventFilter).toEqual(filter);
+  });
+
+  test("inserts an event-mode row with string filter (arrow-fn body)", () => {
+    const id = crypto.randomUUID();
+    const stepId = crypto.randomUUID();
+    const filter = "(p) => p.number > 100";
+
+    const row = createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: stepId,
+      mode: "event",
+      eventName: "github.pull_request.merged",
+      eventFilter: filter,
+    });
+
+    expect(row.eventFilter).toBe(filter);
+  });
+});
+
+describe("getWaitStateByStepId", () => {
+  test("idempotency: a second create on the same stepId is detectable", () => {
+    const stepId = crypto.randomUUID();
+    const runId = crypto.randomUUID();
+    createWaitState({
+      id: crypto.randomUUID(),
+      workflowRunId: runId,
+      workflowRunStepId: stepId,
+      mode: "time",
+      wakeUpAt: timeIso(10_000),
+    });
+
+    const found = getWaitStateByStepId(stepId);
+    expect(found).not.toBeNull();
+    expect(found?.workflowRunStepId).toBe(stepId);
+  });
+
+  test("returns null for unknown stepId", () => {
+    expect(getWaitStateByStepId(crypto.randomUUID())).toBeNull();
+  });
+});
+
+describe("getDueWaitStates", () => {
+  test("returns time-mode waits with wakeUpAt in the past", () => {
+    const overdueId = crypto.randomUUID();
+    const futureId = crypto.randomUUID();
+    createWaitState({
+      id: overdueId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "time",
+      wakeUpAt: timeIso(-60_000), // 1 min ago
+    });
+    createWaitState({
+      id: futureId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "time",
+      wakeUpAt: timeIso(60_000), // 1 min from now
+    });
+
+    const due = getDueWaitStates();
+    const dueIds = new Set(due.map((r) => r.id));
+    expect(dueIds.has(overdueId)).toBe(true);
+    expect(dueIds.has(futureId)).toBe(false);
+  });
+
+  test("returns event-mode waits with expiresAt in the past", () => {
+    const overdueId = crypto.randomUUID();
+    createWaitState({
+      id: overdueId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "demo.signal",
+      expiresAt: timeIso(-30_000),
+    });
+
+    const due = getDueWaitStates();
+    expect(due.find((r) => r.id === overdueId)).toBeDefined();
+  });
+
+  test("excludes already-fired or already-timeout rows", () => {
+    const id = crypto.randomUUID();
+    createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "time",
+      wakeUpAt: timeIso(-1_000),
+    });
+    const result = resolveWaitState(id, { status: "fired" });
+    expect(result.updated).toBe(true);
+
+    const due = getDueWaitStates();
+    expect(due.find((r) => r.id === id)).toBeUndefined();
+  });
+
+  test("excludes event waits with no expiresAt (open-ended)", () => {
+    const id = crypto.randomUUID();
+    createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "open.signal",
+      // expiresAt: null — open-ended
+    });
+    const due = getDueWaitStates();
+    expect(due.find((r) => r.id === id)).toBeUndefined();
+  });
+});
+
+describe("getPendingWaitsByEvent", () => {
+  test("returns only matching pending event-mode waits", () => {
+    const matchId = crypto.randomUUID();
+    const otherEventId = crypto.randomUUID();
+    const timeId = crypto.randomUUID();
+
+    createWaitState({
+      id: matchId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "release.cut",
+    });
+    createWaitState({
+      id: otherEventId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "different.signal",
+    });
+    createWaitState({
+      id: timeId,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "time",
+      wakeUpAt: timeIso(60_000),
+    });
+
+    const pending = getPendingWaitsByEvent("release.cut");
+    const ids = new Set(pending.map((r) => r.id));
+    expect(ids.has(matchId)).toBe(true);
+    expect(ids.has(otherEventId)).toBe(false);
+    expect(ids.has(timeId)).toBe(false);
+  });
+
+  test("runId narrows to run-scoped waits", () => {
+    const runA = crypto.randomUUID();
+    const runB = crypto.randomUUID();
+    const aId = crypto.randomUUID();
+    const bId = crypto.randomUUID();
+    createWaitState({
+      id: aId,
+      workflowRunId: runA,
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "scoped.evt",
+    });
+    createWaitState({
+      id: bId,
+      workflowRunId: runB,
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "scoped.evt",
+    });
+
+    const onlyA = getPendingWaitsByEvent("scoped.evt", runA);
+    expect(onlyA.map((r) => r.id)).toEqual([aId]);
+
+    const both = getPendingWaitsByEvent("scoped.evt");
+    const ids = new Set(both.map((r) => r.id));
+    expect(ids.has(aId)).toBe(true);
+    expect(ids.has(bId)).toBe(true);
+  });
+});
+
+describe("resolveWaitState — race-safety", () => {
+  test("first caller wins, second sees updated=false", () => {
+    const id = crypto.randomUUID();
+    createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "time",
+      wakeUpAt: timeIso(-1_000),
+    });
+
+    const a = resolveWaitState(id, { status: "fired", firedPayload: { winner: "A" } });
+    const b = resolveWaitState(id, { status: "fired", firedPayload: { winner: "B" } });
+
+    expect(a.updated).toBe(true);
+    expect(a.row?.status).toBe("fired");
+    expect(a.row?.firedPayload).toEqual({ winner: "A" });
+
+    expect(b.updated).toBe(false);
+    expect(b.row).toBeNull();
+
+    // Verify final stored state reflects A's payload
+    const final = getWaitStateById(id);
+    expect(final?.firedPayload).toEqual({ winner: "A" });
+    expect(final?.resolvedAt).not.toBeNull();
+  });
+
+  test("transitions to timeout status without payload", () => {
+    const id = crypto.randomUUID();
+    createWaitState({
+      id,
+      workflowRunId: crypto.randomUUID(),
+      workflowRunStepId: crypto.randomUUID(),
+      mode: "event",
+      eventName: "evt",
+      expiresAt: timeIso(-1_000),
+    });
+
+    const r = resolveWaitState(id, { status: "timeout" });
+    expect(r.updated).toBe(true);
+    expect(r.row?.status).toBe("timeout");
+    expect(r.row?.firedPayload).toBeNull();
+  });
+
+  test("returns updated=false for unknown id", () => {
+    const r = resolveWaitState(crypto.randomUUID(), { status: "fired" });
+    expect(r.updated).toBe(false);
+  });
+});
+
+describe("getStuckWaitRuns", () => {
+  // The query JOINs workflow_runs (waiting) → workflow_run_steps (waiting,
+  // nodeType='wait') → wait_states. We build that triple via the public
+  // helpers so the test mirrors what `recoverWaitStates` will see in production.
+  test("returns waits whose run+step are 'waiting' and wait_state is overdue (case b)", () => {
+    const wf = makeWorkflow("stuck-wait-overdue");
+    const run = createWorkflowRun({
+      id: crypto.randomUUID(),
+      workflowId: wf.id,
+    });
+    updateWorkflowRun(run.id, { status: "waiting" });
+
+    const step = createWorkflowRunStep({
+      id: crypto.randomUUID(),
+      runId: run.id,
+      nodeId: "w1",
+      nodeType: "wait",
+    });
+    updateWorkflowRunStep(step.id, { status: "waiting" });
+
+    const overdueId = crypto.randomUUID();
+    createWaitState({
+      id: overdueId,
+      workflowRunId: run.id,
+      workflowRunStepId: step.id,
+      mode: "time",
+      wakeUpAt: timeIso(-60_000),
+    });
+
+    const stuck = getStuckWaitRuns();
+    const stuckIds = new Set(stuck.map((r) => r.waitId));
+    expect(stuckIds.has(overdueId)).toBe(true);
+    const found = stuck.find((r) => r.waitId === overdueId);
+    expect(found?.runId).toBe(run.id);
+    expect(found?.stepId).toBe(step.id);
+    expect(found?.waitMode).toBe("time");
+    expect(found?.waitStatus).toBe("pending");
+  });
+
+  test("returns waits whose status is non-pending while the step is still waiting (case a)", () => {
+    const wf = makeWorkflow("stuck-wait-fired-while-down");
+    const run = createWorkflowRun({
+      id: crypto.randomUUID(),
+      workflowId: wf.id,
+    });
+    updateWorkflowRun(run.id, { status: "waiting" });
+
+    const step = createWorkflowRunStep({
+      id: crypto.randomUUID(),
+      runId: run.id,
+      nodeId: "w2",
+      nodeType: "wait",
+    });
+    updateWorkflowRunStep(step.id, { status: "waiting" });
+
+    const firedId = crypto.randomUUID();
+    createWaitState({
+      id: firedId,
+      workflowRunId: run.id,
+      workflowRunStepId: step.id,
+      mode: "event",
+      eventName: "x",
+    });
+    resolveWaitState(firedId, { status: "fired", firedPayload: { hello: "world" } });
+
+    const stuck = getStuckWaitRuns();
+    const found = stuck.find((r) => r.waitId === firedId);
+    expect(found).toBeDefined();
+    expect(found?.waitStatus).toBe("fired");
+  });
+
+  test("excludes runs that aren't 'waiting' or steps that aren't 'wait' nodeType", () => {
+    const wf = makeWorkflow("stuck-wait-excludes");
+    // Run NOT in waiting state — should be excluded.
+    const run = createWorkflowRun({ id: crypto.randomUUID(), workflowId: wf.id });
+    // Leave run.status default (running)
+    const step = createWorkflowRunStep({
+      id: crypto.randomUUID(),
+      runId: run.id,
+      nodeId: "w3",
+      nodeType: "wait",
+    });
+    updateWorkflowRunStep(step.id, { status: "waiting" });
+
+    const id = crypto.randomUUID();
+    createWaitState({
+      id,
+      workflowRunId: run.id,
+      workflowRunStepId: step.id,
+      mode: "time",
+      wakeUpAt: timeIso(-60_000),
+    });
+
+    const stuck = getStuckWaitRuns();
+    expect(stuck.find((r) => r.waitId === id)).toBeUndefined();
+  });
+});

package/src/tests/workflow-wait-time.test.ts

@@ -0,0 +1,255 @@
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import * as db from "../be/db";
+import {
+  closeDb,
+  createWorkflow,
+  deleteWorkflow,
+  getDueWaitStates,
+  getWaitStateByStepId,
+  getWorkflowRun,
+  getWorkflowRunStepsByRunId,
+  initDb,
+} from "../be/db";
+import type { Workflow, WorkflowDefinition } from "../types";
+import { startWorkflowExecution } from "../workflows/engine";
+import { InProcessEventBus } from "../workflows/event-bus";
+import type { ExecutorDependencies } from "../workflows/executors/base";
+import { createExecutorRegistry } from "../workflows/executors/registry";
+import { resumeWaitState } from "../workflows/resume";
+
+const TEST_DB_PATH = "./test-workflow-wait-time.sqlite";
+
+const eventBus = new InProcessEventBus();
+const deps: ExecutorDependencies = {
+  db: db as typeof import("../be/db"),
+  eventBus,
+  interpolate: (t: string) => t,
+};
+
+const createdWorkflowIds: string[] = [];
+
+function makeWorkflow(name: string, def: WorkflowDefinition): Workflow {
+  const wf = createWorkflow({ name: `${name}-${Date.now()}-${Math.random()}`, definition: def });
+  createdWorkflowIds.push(wf.id);
+  return wf;
+}
+
+beforeAll(async () => {
+  try {
+    await unlink(TEST_DB_PATH);
+  } catch {
+    // ignore
+  }
+  initDb(TEST_DB_PATH);
+});
+
+afterAll(async () => {
+  for (const id of createdWorkflowIds) {
+    try {
+      deleteWorkflow(id);
+    } catch {
+      // already deleted
+    }
+  }
+  closeDb();
+  for (const suffix of ["", "-wal", "-shm"]) {
+    await unlink(`${TEST_DB_PATH}${suffix}`).catch(() => {});
+  }
+});
+
+describe("WaitExecutor — time mode end-to-end", () => {
+  test("workflow with a time-wait node pauses, then resumes via the poll path", async () => {
+    const registry = createExecutorRegistry(deps);
+
+    // Tiny duration so the wait_state is overdue immediately. We don't rely
+    // on the 5s wait poller in the test — instead we drive the resume path
+    // directly via the same code path the poller would call.
+    const def: WorkflowDefinition = {
+      nodes: [
+        {
+          id: "w1",
+          type: "wait",
+          config: { mode: "time", durationMs: 50 },
+          next: { default: "done" },
+        },
+        {
+          id: "done",
+          type: "notify",
+          config: { channel: "swarm", template: "wait finished" },
+        },
+      ],
+    };
+    const wf = makeWorkflow("wait-time-end-to-end", def);
+    const runId = await startWorkflowExecution(wf, {}, registry);
+
+    // Wait should be paused — run + step both 'waiting'.
+    const run = getWorkflowRun(runId);
+    expect(run?.status).toBe("waiting");
+    const steps = getWorkflowRunStepsByRunId(runId);
+    const w1Step = steps.find((s) => s.nodeId === "w1");
+    expect(w1Step?.status).toBe("waiting");
+    expect(w1Step?.nodeType).toBe("wait"); // recovery query uses this
+
+    // The wait_state row exists and is pending.
+    const waitState = getWaitStateByStepId(w1Step!.id);
+    expect(waitState).not.toBeNull();
+    expect(waitState?.status).toBe("pending");
+    expect(waitState?.mode).toBe("time");
+
+    // Wait long enough that wakeUpAt is in the past, then drive the same
+    // resume path the poller would use.
+    await new Promise((r) => setTimeout(r, 80));
+
+    const due = getDueWaitStates();
+    expect(due.find((d) => d.id === waitState!.id)).toBeDefined();
+
+    await resumeWaitState(waitState!.id, "fired", undefined, registry);
+
+    // After resume: wait_state fired, step completed via 'default' port,
+    // notify ran, run completed.
+    const afterWait = getWaitStateByStepId(w1Step!.id);
+    expect(afterWait?.status).toBe("fired");
+    expect(afterWait?.resolvedAt).not.toBeNull();
+
+    const afterRun = getWorkflowRun(runId);
+    expect(afterRun?.status).toBe("completed");
+
+    const afterSteps = getWorkflowRunStepsByRunId(runId);
+    const w1After = afterSteps.find((s) => s.nodeId === "w1");
+    expect(w1After?.status).toBe("completed");
+    expect(w1After?.nextPort).toBe("default");
+
+    const doneStep = afterSteps.find((s) => s.nodeId === "done");
+    expect(doneStep?.status).toBe("completed");
+  });
+
+  test("idempotency: double-resume is a no-op (race-safe)", async () => {
+    const registry = createExecutorRegistry(deps);
+
+    const def: WorkflowDefinition = {
+      nodes: [
+        {
+          id: "w1",
+          type: "wait",
+          config: { mode: "time", durationMs: 30 },
+          next: { default: "done" },
+        },
+        { id: "done", type: "notify", config: { channel: "swarm", template: "ok" } },
+      ],
+    };
+    const wf = makeWorkflow("wait-time-idempotent", def);
+    const runId = await startWorkflowExecution(wf, {}, registry);
+
+    const steps = getWorkflowRunStepsByRunId(runId);
+    const w1Step = steps.find((s) => s.nodeId === "w1");
+    const waitState = getWaitStateByStepId(w1Step!.id);
+
+    await new Promise((r) => setTimeout(r, 50));
+
+    // First resume — should advance the run.
+    await resumeWaitState(waitState!.id, "fired", undefined, registry);
+    let run = getWorkflowRun(runId);
+    expect(run?.status).toBe("completed");
+
+    // Second resume — must NOT throw, must NOT undo state.
+    await resumeWaitState(waitState!.id, "fired", undefined, registry);
+    run = getWorkflowRun(runId);
+    expect(run?.status).toBe("completed");
+  });
+
+  test("re-execute on existing pending wait_state returns async marker (idempotent execute)", async () => {
+    const registry = createExecutorRegistry(deps);
+    const waitExecutor = registry.get("wait");
+
+    // Simulate running execute twice with the same stepId without resolving
+    // the wait. The second call should detect the existing pending row and
+    // return the async marker rather than inserting a duplicate.
+    const meta = {
+      runId: crypto.randomUUID(),
+      stepId: crypto.randomUUID(),
+      nodeId: "w1",
+      workflowId: crypto.randomUUID(),
+      dryRun: false,
+    };
+    const config = { mode: "time", durationMs: 60_000 };
+
+    const r1 = await waitExecutor.run({ config, context: {}, meta });
+    expect(r1.status).toBe("success");
+    expect((r1 as unknown as { async?: boolean }).async).toBe(true);
+
+    const stateAfter1 = getWaitStateByStepId(meta.stepId);
+    expect(stateAfter1).not.toBeNull();
+
+    const r2 = await waitExecutor.run({ config, context: {}, meta });
+    expect(r2.status).toBe("success");
+    expect((r2 as unknown as { async?: boolean }).async).toBe(true);
+
+    // Still exactly one wait_state row — second execute didn't insert.
+    const stateAfter2 = getWaitStateByStepId(meta.stepId);
+    expect(stateAfter2?.id).toBe(stateAfter1!.id);
+  });
+
+  test("config validation rejects mode='time' with durationMs <= 0", async () => {
+    const registry = createExecutorRegistry(deps);
+    const waitExecutor = registry.get("wait");
+    const meta = {
+      runId: crypto.randomUUID(),
+      stepId: crypto.randomUUID(),
+      nodeId: "w1",
+      workflowId: crypto.randomUUID(),
+      dryRun: false,
+    };
+
+    const result = await waitExecutor.run({
+      config: { mode: "time", durationMs: 0 },
+      context: {},
+      meta,
+    });
+    expect(result.status).toBe("failed");
+  });
+
+  test("config validation rejects unknown mode", async () => {
+    const registry = createExecutorRegistry(deps);
+    const waitExecutor = registry.get("wait");
+    const meta = {
+      runId: crypto.randomUUID(),
+      stepId: crypto.randomUUID(),
+      nodeId: "w1",
+      workflowId: crypto.randomUUID(),
+      dryRun: false,
+    };
+
+    const result = await waitExecutor.run({
+      config: { mode: "bogus", durationMs: 100 },
+      context: {},
+      meta,
+    });
+    expect(result.status).toBe("failed");
+  });
+
+  test("event-mode execute now wired (Phase 3) — returns async marker, persists wait_state", async () => {
+    const registry = createExecutorRegistry(deps);
+    const waitExecutor = registry.get("wait");
+    const meta = {
+      runId: crypto.randomUUID(),
+      stepId: crypto.randomUUID(),
+      nodeId: "w1",
+      workflowId: crypto.randomUUID(),
+      dryRun: false,
+    };
+
+    const result = await waitExecutor.run({
+      config: { mode: "event", eventName: "demo.signal" },
+      context: {},
+      meta,
+    });
+    expect(result.status).toBe("success");
+    expect((result as unknown as { async?: boolean }).async).toBe(true);
+
+    const persisted = getWaitStateByStepId(meta.stepId);
+    expect(persisted?.mode).toBe("event");
+    expect(persisted?.eventName).toBe("demo.signal");
+    expect(persisted?.eventScope).toBe("run");
+  });
+});

package/src/tools/tracker/tracker-status.ts

@@ -1,6 +1,7 @@
 import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import * as z from "zod";
 import { getOAuthApp, getOAuthTokens } from "@/be/db-queries/oauth";
+import { ensureToken } from "@/oauth/ensure-token";
 import { createToolRegistrar } from "@/tools/utils";
 
 export const registerTrackerStatusTool = (server: McpServer) => {
@@ -9,7 +10,7 @@ export const registerTrackerStatusTool = (server: McpServer) => {
     {
       title: "Tracker Status",
       description:
-        "Show all connected trackers and their OAuth status (token expiry, workspace info).",
+        "Show all connected trackers and their OAuth status (token expiry, workspace info). Proactively refreshes near-expiry tokens before reporting, so the returned `tokenExpiresAt` reflects the row that subsequent API calls (and direct DB reads) will see.",
       annotations: { readOnlyHint: true },
 
       outputSchema: z.object({
@@ -27,6 +28,11 @@ export const registerTrackerStatusTool = (server: McpServer) => {
     },
     async (_requestInfo, _meta) => {
       const providers = ["linear", "jira"] as const;
+      // Refresh near-expiry tokens before reading so agents that subsequently
+      // read oauth_tokens directly (e.g. via the read-only db-query MCP) see a
+      // not-yet-expired access token. ensureToken is no-op when no refresh
+      // token is stored and swallows refresh failures internally.
+      await Promise.all(providers.map((provider) => ensureToken(provider)));
       const trackers = providers.map((provider) => {
         const app = getOAuthApp(provider);
         const tokens = getOAuthTokens(provider);