@desplega.ai/agent-swarm 1.80.0 → 1.80.2

package/src/http/scripts.ts

@@ -0,0 +1,388 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import { z } from "zod";
+import { getAgentById } from "../be/db";
+import { createEvent } from "../be/events";
+import { deleteScript, getScript, upsertScriptByName } from "../be/scripts/db";
+import { searchScripts } from "../be/scripts/embeddings";
+import { extractArgsJsonSchema } from "../be/scripts/extract-schema";
+import { SCRIPT_SDK_TYPES, SCRIPT_STDLIB_TYPES, typecheckScript } from "../be/scripts/typecheck";
+import { extractScriptSignature } from "../scripts-runtime/extract-signature";
+import { runScript } from "../scripts-runtime/loader";
+import {
+  ScriptFsModeSchema,
+  type ScriptRecord,
+  type ScriptScope,
+  ScriptScopeSchema,
+} from "../types";
+import { scrubObject } from "../utils/secret-scrubber";
+import { route } from "./route-def";
+import { json, jsonError } from "./utils";
+
+const scriptNameSchema = z.string().min(1).max(200);
+
+const upsertBodySchema = z.object({
+  name: scriptNameSchema,
+  source: z.string().min(1),
+  description: z.string().default(""),
+  intent: z.string().default(""),
+  scope: ScriptScopeSchema.default("agent"),
+  fsMode: ScriptFsModeSchema.default("none"),
+});
+
+const runBodySchema = z
+  .object({
+    name: scriptNameSchema.optional(),
+    source: z.string().min(1).optional(),
+    args: z.unknown().optional(),
+    intent: z.string().default(""),
+    scope: ScriptScopeSchema.optional(),
+    fsMode: ScriptFsModeSchema.default("none"),
+  })
+  .refine((body) => Boolean(body.name) !== Boolean(body.source), {
+    message: "Provide exactly one of name or source",
+  });
+
+const searchBodySchema = z.object({
+  query: z.string().default(""),
+  scope: ScriptScopeSchema.optional(),
+  limit: z.number().int().min(1).max(100).default(10),
+});
+
+const nameParamsSchema = z.object({ name: scriptNameSchema });
+const scopeQuerySchema = z.object({ scope: ScriptScopeSchema.default("agent") });
+const optionalScopeQuerySchema = z.object({ scope: ScriptScopeSchema.optional() });
+
+const upsertRoute = route({
+  method: "post",
+  path: "/api/scripts/upsert",
+  pattern: ["api", "scripts", "upsert"],
+  operationId: "scripts_upsert",
+  summary: "Create or update a reusable script",
+  description: "Explicit script upserts run a TypeScript typecheck before writing.",
+  tags: ["Scripts"],
+  body: upsertBodySchema,
+  responses: {
+    200: { description: "Script upserted" },
+    400: { description: "Validation or typecheck failure" },
+    403: { description: "Global write requires lead agent" },
+  },
+});
+
+const runRoute = route({
+  method: "post",
+  path: "/api/scripts/run",
+  pattern: ["api", "scripts", "run"],
+  operationId: "scripts_run",
+  summary: "Run a reusable or inline script",
+  description:
+    "Inline source skips typecheck and is auto-saved as a scratch script only on success.",
+  tags: ["Scripts"],
+  body: runBodySchema,
+  responses: {
+    200: { description: "Script run completed" },
+    400: { description: "Validation error" },
+    404: { description: "Script not found" },
+    501: { description: "workspace-rw scripts are not supported in v1" },
+  },
+});
+
+const searchRoute = route({
+  method: "post",
+  path: "/api/scripts/search",
+  pattern: ["api", "scripts", "search"],
+  operationId: "scripts_search",
+  summary: "Search reusable scripts",
+  description: "Phase 3 search is substring-only over script name and metadata.",
+  tags: ["Scripts"],
+  body: searchBodySchema,
+  responses: {
+    200: { description: "Matching scripts" },
+    400: { description: "Validation error" },
+  },
+});
+
+const deleteRoute = route({
+  method: "delete",
+  path: "/api/scripts/{name}",
+  pattern: ["api", "scripts", null],
+  operationId: "scripts_delete",
+  summary: "Delete a reusable script",
+  tags: ["Scripts"],
+  params: nameParamsSchema,
+  query: scopeQuerySchema,
+  responses: {
+    200: { description: "Delete result" },
+    400: { description: "Validation error" },
+    403: { description: "Global delete requires lead agent" },
+  },
+});
+
+const typesRoute = route({
+  method: "get",
+  path: "/api/scripts/{name}/types",
+  pattern: ["api", "scripts", null, "types"],
+  operationId: "scripts_types",
+  summary: "Get script signature and authoring types",
+  tags: ["Scripts"],
+  params: nameParamsSchema,
+  query: optionalScopeQuerySchema,
+  responses: {
+    200: { description: "Script signature and type blobs" },
+    404: { description: "Script not found" },
+  },
+});
+
+function requireAgent(res: ServerResponse, agentId: string | undefined) {
+  if (!agentId) {
+    jsonError(res, "X-Agent-ID required for scripts API", 400);
+    return null;
+  }
+  const agent = getAgentById(agentId);
+  if (!agent) {
+    jsonError(res, "Agent not found", 404);
+    return null;
+  }
+  return agent;
+}
+
+function signatureJsonFor(source: string): string {
+  return JSON.stringify(extractScriptSignature(source));
+}
+
+function resolveScript(name: string, agentId: string, scope?: ScriptScope): ScriptRecord | null {
+  if (scope === "global") return getScript({ name, scope: "global" });
+  if (scope === "agent") return getScript({ name, scope: "agent", scopeId: agentId });
+  return (
+    getScript({ name, scope: "agent", scopeId: agentId }) ?? getScript({ name, scope: "global" })
+  );
+}
+
+function scratchSlug(intent: string, source: string): string {
+  const base = (intent || "inline-script")
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, "-")
+    .replace(/^-+|-+$/g, "")
+    .slice(0, 48);
+  const hash = new Bun.CryptoHasher("sha256").update(source).digest("hex").slice(0, 8);
+  return `scratch-${base || "inline-script"}-${hash}`;
+}
+
+function emitGlobalUpsertEvent(args: {
+  agentId: string;
+  script: ScriptRecord;
+  isNew: boolean;
+  isPromotion: boolean;
+}) {
+  createEvent({
+    category: "system",
+    event: "script.global_upsert",
+    source: "api",
+    agentId: args.agentId,
+    data: {
+      scriptId: args.script.id,
+      name: args.script.name,
+      version: args.script.version,
+      contentHash: args.script.contentHash,
+      changedByAgentId: args.agentId,
+      isNew: args.isNew,
+      isPromotion: args.isPromotion,
+    },
+  });
+}
+
+export async function handleScripts(
+  req: IncomingMessage,
+  res: ServerResponse,
+  pathSegments: string[],
+  queryParams: URLSearchParams,
+  agentId: string | undefined,
+): Promise<boolean> {
+  if (upsertRoute.match(req.method, pathSegments)) {
+    const parsed = await upsertRoute.parse(req, res, pathSegments, queryParams);
+    if (!parsed) return true;
+    const agent = requireAgent(res, agentId);
+    if (!agent) return true;
+
+    if (parsed.body.scope === "global" && !agent.isLead) {
+      jsonError(res, "Global scripts require a lead agent", 403);
+      return true;
+    }
+
+    const typecheck = typecheckScript(parsed.body.source);
+    if (!typecheck.ok) {
+      json(res, { error: "typecheck_failed", diagnostics: typecheck.diagnostics }, 400);
+      return true;
+    }
+
+    const existingAgentScript =
+      parsed.body.scope === "global"
+        ? getScript({ name: parsed.body.name, scope: "agent", scopeId: agent.id })
+        : null;
+    const argsJsonSchema = await extractArgsJsonSchema(parsed.body.source);
+    const result = await upsertScriptByName({
+      name: parsed.body.name,
+      scope: parsed.body.scope,
+      scopeId: parsed.body.scope === "agent" ? agent.id : null,
+      source: parsed.body.source,
+      description: parsed.body.description,
+      intent: parsed.body.intent,
+      signatureJson: signatureJsonFor(parsed.body.source),
+      argsJsonSchema,
+      fsMode: parsed.body.fsMode,
+      agentId: agent.id,
+      isScratch: false,
+      typeChecked: true,
+    });
+
+    if (parsed.body.scope === "global" && !result.contentDeduped) {
+      emitGlobalUpsertEvent({
+        agentId: agent.id,
+        script: result.script,
+        isNew: result.isNew,
+        isPromotion: Boolean(existingAgentScript),
+      });
+    }
+
+    json(res, {
+      name: result.script.name,
+      version: result.script.version,
+      contentDeduped: result.contentDeduped,
+    });
+    return true;
+  }
+
+  if (runRoute.match(req.method, pathSegments)) {
+    const parsed = await runRoute.parse(req, res, pathSegments, queryParams);
+    if (!parsed) return true;
+    const agent = requireAgent(res, agentId);
+    if (!agent) return true;
+
+    let source = parsed.body.source;
+    let fsMode = parsed.body.fsMode;
+    if (parsed.body.name) {
+      const script = resolveScript(parsed.body.name, agent.id, parsed.body.scope);
+      if (!script) {
+        jsonError(res, "Script not found", 404);
+        return true;
+      }
+      source = script.source;
+      fsMode = script.fsMode;
+    }
+
+    if (fsMode === "workspace-rw") {
+      jsonError(res, "workspace-rw scripts are not supported by /api/scripts/run in v1", 501);
+      return true;
+    }
+
+    const output = await runScript({
+      source: source as string,
+      args: parsed.body.args,
+      fsMode,
+      agentId: agent.id,
+    });
+
+    let autoSaved: { slug: string; reason: string } | undefined;
+    if (parsed.body.source && !output.error && output.exitCode === 0) {
+      const slug = scratchSlug(parsed.body.intent, parsed.body.source);
+      await upsertScriptByName({
+        name: slug,
+        scope: "agent",
+        scopeId: agent.id,
+        source: parsed.body.source,
+        description: `Scratch script: ${parsed.body.intent || slug}`,
+        intent: parsed.body.intent || "Inline script auto-saved after successful run",
+        signatureJson: signatureJsonFor(parsed.body.source),
+        fsMode: "none",
+        agentId: agent.id,
+        isScratch: true,
+        typeChecked: false,
+        changeReason: "Auto-saved successful inline run",
+      });
+      autoSaved = { slug, reason: "successful_inline_run" };
+    }
+
+    json(
+      res,
+      scrubObject({
+        result: output.result,
+        autoSaved,
+        truncated: output.truncated,
+        durationMs: output.durationMs,
+        stdout: output.stdout,
+        stderr: output.stderr,
+        exitCode: output.exitCode,
+        error: output.error,
+      }),
+    );
+    return true;
+  }
+
+  if (searchRoute.match(req.method, pathSegments)) {
+    const parsed = await searchRoute.parse(req, res, pathSegments, queryParams);
+    if (!parsed) return true;
+    const agent = requireAgent(res, agentId);
+    if (!agent) return true;
+
+    const matches = await searchScripts({
+      query: parsed.body.query,
+      scope: parsed.body.scope,
+      scopeId: agent.id,
+      limit: parsed.body.limit,
+    });
+
+    json(res, {
+      results: matches.map(({ script, score }) => ({
+        name: script.name,
+        signature: JSON.parse(script.signatureJson),
+        argsJsonSchema: script.argsJsonSchema
+          ? (JSON.parse(script.argsJsonSchema) as unknown)
+          : null,
+        description: script.description,
+        score,
+      })),
+    });
+    return true;
+  }
+
+  if (typesRoute.match(req.method, pathSegments)) {
+    const parsed = await typesRoute.parse(req, res, pathSegments, queryParams);
+    if (!parsed) return true;
+    const agent = requireAgent(res, agentId);
+    if (!agent) return true;
+
+    const script = resolveScript(parsed.params.name, agent.id, parsed.query.scope);
+    if (!script) {
+      jsonError(res, "Script not found", 404);
+      return true;
+    }
+    json(res, {
+      signature: JSON.parse(script.signatureJson),
+      argsJsonSchema: script.argsJsonSchema ? (JSON.parse(script.argsJsonSchema) as unknown) : null,
+      sdkTypes: SCRIPT_SDK_TYPES,
+      stdlibTypes: SCRIPT_STDLIB_TYPES,
+    });
+    return true;
+  }
+
+  if (deleteRoute.match(req.method, pathSegments)) {
+    const parsed = await deleteRoute.parse(req, res, pathSegments, queryParams);
+    if (!parsed) return true;
+    const agent = requireAgent(res, agentId);
+    if (!agent) return true;
+
+    if (parsed.query.scope === "global" && !agent.isLead) {
+      jsonError(res, "Global scripts require a lead agent", 403);
+      return true;
+    }
+
+    const deleted = deleteScript({
+      name: parsed.params.name,
+      scope: parsed.query.scope,
+      scopeId: parsed.query.scope === "agent" ? agent.id : null,
+    });
+    json(res, { deleted });
+    return true;
+  }
+
+  return false;
+}

package/src/linear/outbound.ts

@@ -49,6 +49,10 @@ async function handleTaskCreated(data: unknown): Promise<void> {
   );
 }
 
+// Cap parameter length to avoid oversized Linear GraphQL payloads. Linear renders this in the
+// AgentSession panel; 2000 chars is plenty for a progress update.
+const PROGRESS_PARAMETER_MAX = 2000;
+
 async function handleTaskProgress(data: unknown): Promise<void> {
   const { taskId, progress } = data as { taskId: string; progress?: string };
   if (!taskId || !progress) return;
@@ -56,8 +60,11 @@ async function handleTaskProgress(data: unknown): Promise<void> {
   const sessionId = taskSessionMap.get(taskId);
   if (!sessionId) return;
 
-  // Use 'action' activity type — Linear renders it as a structured tool invocation card
-  postAgentSessionAction(sessionId, progress).catch((err) => {
+  // Post as `action` activity (renders as a structured card in Linear's AgentSession panel).
+  // Per Linear's agentActivityCreate spec, `action` requires BOTH `action` AND `parameter`;
+  // the original bug here was passing `progress` as `action` with `parameter` undefined.
+  const parameter = progress.slice(0, PROGRESS_PARAMETER_MAX);
+  postAgentSessionAction(sessionId, "Progress update", parameter).catch((err) => {
     console.error(`[Linear Outbound] Failed to post progress action for task ${taskId}:`, err);
   });
 }

package/src/otel.ts

@@ -48,6 +48,11 @@ export function isOtelEnabled(): boolean {
   return enabled;
 }
 
+export function isPollTracingEnabled(): boolean {
+  const v = (process.env.OTEL_TRACE_POLL ?? "").toLowerCase();
+  return v === "1" || v === "true" || v === "yes" || v === "on";
+}
+
 export async function initOtel(serviceRole = process.env.AGENT_ROLE || "api"): Promise<void> {
   if (!enabled || initialized) return;
   initialized = true;

package/src/providers/claude-adapter.ts

@@ -458,6 +458,7 @@ class ClaudeSession implements ProviderSession {
       cost: lastCost,
       isError: (exitCode ?? 1) !== 0,
       failureReason,
+      rateLimitResetAt: this.errorTracker.getRateLimitResetAt(),
     };
   }
 
@@ -541,8 +542,29 @@ class ClaudeSession implements ProviderSession {
       // Tool use from assistant messages — emit tool_start for auto-progress
       if (json.type === "assistant" && json.message) {
         const message = json.message as {
-          content?: Array<{ type: string; name?: string; id?: string; input?: unknown }>;
+          content?: Array<{
+            type: string;
+            name?: string;
+            id?: string;
+            input?: unknown;
+            text?: string;
+          }>;
         };
+
+        // Emit a `message` event BEFORE any tool_start events for this turn.
+        // The runner uses this as an "assistant turn boundary" to implicit-close
+        // any worker.tool spans left open by the previous turn (the Claude CLI
+        // doesn't emit per-tool completion events for harness-side tools like
+        // Bash/Read/Edit, so without this boundary their spans would stay open
+        // until session shutdown and report inflated duration_ms).
+        const text = Array.isArray(message.content)
+          ? message.content
+              .filter((b) => b.type === "text" && typeof b.text === "string")
+              .map((b) => b.text as string)
+              .join("")
+          : "";
+        this.emit({ type: "message", role: "assistant", content: text });
+
         if (message.content) {
           for (const block of message.content) {
             if (block.type === "tool_use" && block.name) {

package/src/providers/types.ts

@@ -116,6 +116,14 @@ export interface ProviderResult {
   errorCategory?: string;
   /** Human-readable failure reason built from error tracking. */
   failureReason?: string;
+  /**
+   * ISO timestamp of the rate limit reset time, parsed from a structured
+   * `rate_limit_event` line in the Claude CLI stream. Only set by the Claude
+   * adapter when a `status: "rejected"` event is present. Already clamped to
+   * [now+60s, now+6h] at the source. The runner uses this as tier-1 of the
+   * three-tier cooldown resolver.
+   */
+  rateLimitResetAt?: string;
 }
 
 /** Behavioral traits that govern prompt assembly and feature gating. */

package/src/scripts-runtime/ctx.ts

@@ -0,0 +1,23 @@
+import { stdlib } from "./stdlib";
+import type { SwarmConfig } from "./swarm-config";
+import { createSwarmSdk } from "./swarm-sdk";
+
+export type RuntimeCtx = {
+  swarm: Record<string, unknown> & { config: SwarmConfig };
+  stdlib: typeof stdlib;
+  logger: {
+    log: (...args: unknown[]) => void;
+    warn: (...args: unknown[]) => void;
+    error: (...args: unknown[]) => void;
+  };
+};
+
+export function buildCtx({ swarmConfig }: { swarmConfig: SwarmConfig }): RuntimeCtx {
+  const swarm = createSwarmSdk(swarmConfig) as Record<string, unknown> & { config: SwarmConfig };
+  swarm.config = swarmConfig;
+  return {
+    swarm,
+    stdlib,
+    logger: console,
+  };
+}

package/src/scripts-runtime/eval-harness.ts

@@ -0,0 +1,63 @@
+import { buildCtx } from "./ctx";
+import type { SwarmConfigPayload } from "./executors/types";
+import { SwarmConfig } from "./swarm-config";
+
+function requiredEnv(name: string): string {
+  const value = process.env[name];
+  if (!value) throw new Error(`Missing required env ${name}`);
+  return value;
+}
+
+try {
+  const stdin = await Bun.stdin.text();
+  if (!stdin.trim()) {
+    console.error("Swarm script config payload was empty");
+    process.exit(2);
+  }
+
+  const payload = JSON.parse(stdin) as SwarmConfigPayload;
+  const swarmConfig = new SwarmConfig(payload);
+  const rawArgs = JSON.parse(await Bun.file(requiredEnv("SWARM_SCRIPT_ARGS_FILE")).text());
+  // Accept both shapes: callers may pass an already-serialized JSON string.
+  const parsedArgs = typeof rawArgs === "string" ? JSON.parse(rawArgs) : rawArgs;
+  const ctx = buildCtx({ swarmConfig });
+
+  const sourceText = await Bun.file(requiredEnv("SWARM_SCRIPT_SOURCE_FILE")).text();
+  const userModulePath = `${requiredEnv("SWARM_SCRIPT_TMPDIR")}/user-script.ts`;
+  await Bun.write(userModulePath, sourceText);
+
+  const mod = await import(userModulePath);
+  if (typeof mod.default !== "function") {
+    throw new Error("Swarm script must export a default function");
+  }
+
+  let validatedArgs = parsedArgs;
+  if (mod.argsSchema && typeof mod.argsSchema === "object" && "parse" in mod.argsSchema) {
+    try {
+      // biome-ignore lint/suspicious/noExplicitAny: argsSchema is a Zod schema at runtime
+      validatedArgs = (mod.argsSchema as any).parse(parsedArgs);
+    } catch (err) {
+      // Format ZodError issues into a readable message
+      if (
+        err &&
+        typeof err === "object" &&
+        "issues" in err &&
+        Array.isArray((err as { issues: unknown[] }).issues)
+      ) {
+        const issues = (
+          err as { issues: Array<{ path: (string | number)[]; message: string }> }
+        ).issues
+          .map((i) => `  ${i.path.length ? i.path.join(".") : "(root)"}: ${i.message}`)
+          .join("\n");
+        throw new Error(`argsSchema validation failed:\n${issues}`);
+      }
+      throw err;
+    }
+  }
+
+  const result = await mod.default(validatedArgs, ctx);
+  await Bun.write(requiredEnv("SWARM_SCRIPT_RESULT_FILE"), JSON.stringify(result ?? null));
+} catch (error) {
+  console.error(error instanceof Error ? error.stack || error.message : String(error));
+  process.exit(1);
+}