@desplega.ai/agent-swarm 1.80.1 → 1.80.3

package/src/tests/error-tracker.test.ts

@@ -6,6 +6,38 @@ import {
   trackErrorFromJson,
 } from "../utils/error-tracker";
 
+describe("SessionErrorTracker — getRateLimitResetAt", () => {
+  test("returns undefined when no rate_limit_event was processed", () => {
+    const tracker = new SessionErrorTracker();
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("returns ISO string after a rejected rate_limit_event", () => {
+    const tracker = new SessionErrorTracker();
+    const futureResetsAtSec = Math.floor(Date.now() / 1000) + 3600;
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: futureResetsAtSec },
+    });
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    expect(() => new Date(result!).toISOString()).not.toThrow();
+  });
+
+  test("returns undefined after only allowed/allowed_warning events", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "allowed", resetsAt: 1779202200 },
+    });
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "allowed_warning", resetsAt: 1779202200 },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+});
+
 describe("SessionErrorTracker", () => {
   test("hasErrors returns false when no errors tracked", () => {
     const tracker = new SessionErrorTracker();
@@ -263,6 +295,18 @@ describe("trackErrorFromJson", () => {
     trackErrorFromJson({ type: "content_block_delta", delta: {} }, tracker);
     expect(tracker.hasErrors()).toBe(false);
   });
+
+  test("rate_limit_event is not treated as an error signal", () => {
+    const tracker = new SessionErrorTracker();
+    trackErrorFromJson(
+      {
+        type: "rate_limit_event",
+        rate_limit_info: { status: "rejected", resetsAt: 1779202200 },
+      },
+      tracker,
+    );
+    expect(tracker.hasErrors()).toBe(false);
+  });
 });
 
 describe("parseStderrForErrors", () => {

package/src/tests/http-api-integration.test.ts

@@ -1586,10 +1586,14 @@ describe("AgentMail Webhooks (with filters)", () => {
     expect(body).toEqual({ received: true });
   });
 
-  test("accepts second allowed inbox domain", async () => {
-    const { status } = await postWebhook(
-      makePayload({ inboxId: "support@y.xyz", from: "bob@b.com" }),
-    );
+  test.each([
+    "message.received",
+    "message.received.unauthenticated",
+  ])("accepts webhook for allowed event type '%s'", async (eventType) => {
+    const { status } = await postWebhook({
+      ...makePayload({ inboxId: "support@y.xyz", from: "bob@b.com" }),
+      event_type: eventType,
+    });
     expect(status).toBe(200);
   });
 

package/src/tests/rate-limit-event.test.ts

@@ -0,0 +1,292 @@
+import { describe, expect, test } from "bun:test";
+import { SessionErrorTracker, trackErrorFromJson } from "../utils/error-tracker";
+
+// Verbatim fixture from Linear CAI-1279 (session logs for task b7fbbdb9-4922-41d9-88ec-21febd6c4fec)
+const FIXTURE_REJECTED = {
+  type: "rate_limit_event",
+  rate_limit_info: {
+    status: "rejected",
+    resetsAt: 1779202200, // seconds since epoch — 2026-05-19T14:50:00Z
+    rateLimitType: "five_hour",
+    overageStatus: "rejected",
+    overageDisabledReason: "group_zero_credit_limit",
+    isUsingOverage: false,
+  },
+  uuid: "ff6e5299-429c-4fcb-ab34-0ce4e8fa6202",
+  session_id: "69dbe5a1-1130-45eb-983f-58a7a13c9c3c",
+};
+
+describe("SessionErrorTracker — rate_limit_event processing", () => {
+  test("stashes resetsAt (seconds) correctly as ms — verbatim CAI-1279 fixture", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent(FIXTURE_REJECTED);
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+
+    // resetsAt: 1779202200 sec → 2026-05-19T14:50:00.000Z
+    // But since we clamp to [now+60s, now+6h] and this is a past timestamp,
+    // the value will be clamped to now+60s. What matters is the sec→ms conversion works.
+    // We verify the unit is correct by checking that 1779202200 * 1000 = ms,
+    // which is NOT the same as treating it as ms (would be 1970-01-21).
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    expect(parsedMs).toBeGreaterThanOrEqual(nowMs + 59_000); // clamped to at least now+60s
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 7 * 60 * 60 * 1000); // not absurdly far
+  });
+
+  test("resetsAt treated as seconds, not milliseconds (unit conversion boundary)", () => {
+    const tracker = new SessionErrorTracker();
+    // A future resetsAt value (in seconds) — 1 hour from now
+    const oneHourFromNowSec = Math.floor(Date.now() / 1000) + 3600;
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: {
+        status: "rejected",
+        resetsAt: oneHourFromNowSec,
+      },
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    // Should be ~1h from now (not 1970 if treated as ms, not year 57,000 if multiplied wrong)
+    expect(parsedMs).toBeGreaterThanOrEqual(nowMs + 50 * 60_000); // at least 50 min from now
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 70 * 60_000); // at most 70 min from now
+  });
+
+  test("status: rejected → stashes resetsAt", () => {
+    const tracker = new SessionErrorTracker();
+    const futureResetsAtSec = Math.floor(Date.now() / 1000) + 3600;
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: futureResetsAtSec },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeDefined();
+  });
+
+  test("status: allowed → does NOT stash (no cooldown needed)", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "allowed", resetsAt: 1779202200 },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("status: allowed_warning → does NOT stash", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "allowed_warning", resetsAt: 1779202200 },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("malformed event (missing rate_limit_info) → does NOT stash, no throw", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({ type: "rate_limit_event" });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("malformed event (resetsAt is string) → does NOT stash, no throw", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: "not-a-number" },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("malformed event (resetsAt is negative) → does NOT stash", () => {
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: -1 },
+    });
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+
+  test("resetsAt already in the past → clamped to now+60s (clock skew defense)", () => {
+    const tracker = new SessionErrorTracker();
+    // Use a known-past timestamp (year 2020)
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: 1577836800 }, // 2020-01-01T00:00:00Z
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    expect(parsedMs).toBeGreaterThanOrEqual(nowMs + 59_000);
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 65_000);
+  });
+
+  test("resetsAt absurdly far in future → clamped to now+6h (malformed defense)", () => {
+    const tracker = new SessionErrorTracker();
+    // Year 2099 in seconds
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: 4102444800 }, // 2100-01-01 in seconds
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    const sixHoursMs = 6 * 60 * 60 * 1000;
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + sixHoursMs + 1000); // within 6h (+1s tolerance)
+  });
+
+  test("multiple rate_limit_event lines → last rejected one wins", () => {
+    const tracker = new SessionErrorTracker();
+    const firstResetsAtSec = Math.floor(Date.now() / 1000) + 1800; // 30 min from now
+    const secondResetsAtSec = Math.floor(Date.now() / 1000) + 3600; // 60 min from now
+
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: firstResetsAtSec },
+    });
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: secondResetsAtSec },
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    // Should reflect the SECOND event (~60 min), not the first (~30 min)
+    expect(parsedMs).toBeGreaterThanOrEqual(nowMs + 55 * 60_000);
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 65 * 60_000);
+  });
+
+  test("allowed event between two rejected events → last rejected wins", () => {
+    const tracker = new SessionErrorTracker();
+    const firstSec = Math.floor(Date.now() / 1000) + 1800;
+    const secondSec = Math.floor(Date.now() / 1000) + 3600;
+
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: firstSec },
+    });
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "allowed", resetsAt: 9999999999 }, // should be ignored
+    });
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: secondSec },
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    // Should reflect the third (second rejected) event (~60 min)
+    expect(parsedMs).toBeGreaterThanOrEqual(nowMs + 55 * 60_000);
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 65 * 60_000);
+  });
+
+  test("no rate_limit_event at all → getRateLimitResetAt returns undefined", () => {
+    const tracker = new SessionErrorTracker();
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+  });
+});
+
+describe("trackErrorFromJson — rate_limit_event routing", () => {
+  test("routes rate_limit_event to processRateLimitEvent, stashes reset time", () => {
+    const tracker = new SessionErrorTracker();
+    const futureResetsAtSec = Math.floor(Date.now() / 1000) + 3600;
+
+    trackErrorFromJson(
+      {
+        type: "rate_limit_event",
+        rate_limit_info: { status: "rejected", resetsAt: futureResetsAtSec },
+      },
+      tracker,
+    );
+
+    expect(tracker.getRateLimitResetAt()).toBeDefined();
+    // rate_limit_event itself is NOT an error signal — it's informational
+    expect(tracker.hasErrors()).toBe(false);
+  });
+
+  test("rate_limit_event with allowed status → no reset stashed, no errors", () => {
+    const tracker = new SessionErrorTracker();
+    trackErrorFromJson(
+      {
+        type: "rate_limit_event",
+        rate_limit_info: { status: "allowed", resetsAt: 1779202200 },
+      },
+      tracker,
+    );
+
+    expect(tracker.getRateLimitResetAt()).toBeUndefined();
+    expect(tracker.hasErrors()).toBe(false);
+  });
+
+  test("rate_limit_event does not block subsequent event processing", () => {
+    const tracker = new SessionErrorTracker();
+    const futureResetsAtSec = Math.floor(Date.now() / 1000) + 3600;
+
+    trackErrorFromJson(
+      {
+        type: "rate_limit_event",
+        rate_limit_info: { status: "rejected", resetsAt: futureResetsAtSec },
+      },
+      tracker,
+    );
+    trackErrorFromJson(
+      { type: "result", is_error: true, result: "Your group's usage limit is set to $0" },
+      tracker,
+    );
+
+    expect(tracker.getRateLimitResetAt()).toBeDefined();
+    expect(tracker.hasErrors()).toBe(true);
+  });
+});
+
+describe("three-tier resolver logic (unit test via clamp helper)", () => {
+  // Mirrors the clampResetTime inline helper in runner.ts
+  function clampResetTime(isoString: string): string {
+    const nowMs = Date.now();
+    const minMs = nowMs + 60_000;
+    const maxMs = nowMs + 6 * 60 * 60 * 1000;
+    const candidateMs = new Date(isoString).getTime();
+    return new Date(Math.min(Math.max(candidateMs, minMs), maxMs)).toISOString();
+  }
+
+  test("tier 1: rateLimitResetAt from structured event → used directly (after clamp)", () => {
+    const futureResetsAtSec = Math.floor(Date.now() / 1000) + 3600;
+    const tracker = new SessionErrorTracker();
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: futureResetsAtSec },
+    });
+
+    const rateLimitResetAt = tracker.getRateLimitResetAt();
+    expect(rateLimitResetAt).toBeDefined();
+
+    // Simulate tier-1 branch: result.rateLimitResetAt is set
+    const rateLimitedUntil = clampResetTime(rateLimitResetAt!);
+    expect(rateLimitedUntil).toBeDefined();
+    const resolvedMs = new Date(rateLimitedUntil).getTime();
+    const nowMs = Date.now();
+    expect(resolvedMs).toBeGreaterThanOrEqual(nowMs + 59_000);
+  });
+
+  test("tier 3 fallback: no structured event, no parseable message → 5-min default", () => {
+    // Simulate: rateLimitResetAt is undefined, parseRateLimitResetTime returns undefined
+    const defaultCooldownMs = 5 * 60 * 1000;
+    const rateLimitedUntil = new Date(Date.now() + defaultCooldownMs).toISOString();
+
+    const resolvedMs = new Date(rateLimitedUntil).getTime();
+    const nowMs = Date.now();
+    expect(resolvedMs).toBeGreaterThanOrEqual(nowMs + 4 * 60_000);
+    expect(resolvedMs).toBeLessThanOrEqual(nowMs + 6 * 60_000);
+  });
+});

package/src/tests/scripts-http.test.ts

@@ -347,4 +347,57 @@ describe("/api/scripts HTTP", () => {
     expect(await del.json()).toEqual({ deleted: true });
     expect(getScript({ name: "lookup-helper", scope: "agent", scopeId: workerId })).toBeNull();
   });
+
+  test("script_query_types returns argsJsonSchema for a script with argsSchema export", async () => {
+    const source = `
+      import { z } from "zod";
+      export const argsSchema = z.object({
+        repo: z.string(),
+        limit: z.number().default(10),
+      });
+      export default async (args: z.infer<typeof argsSchema>) => ({ repo: args.repo });
+    `;
+    await upsert({ name: "schema-script", source });
+
+    const types = await dispatch("/api/scripts/schema-script/types", { agentId: workerId });
+    expect(types.status).toBe(200);
+    const body = (await types.json()) as { argsJsonSchema: unknown };
+    expect(body.argsJsonSchema).not.toBeNull();
+    expect(typeof body.argsJsonSchema).toBe("object");
+    // JSON Schema should describe the repo and limit properties
+    const schema = body.argsJsonSchema as { properties?: Record<string, unknown> };
+    expect(schema.properties).toHaveProperty("repo");
+    expect(schema.properties).toHaveProperty("limit");
+  });
+
+  test("script_query_types returns argsJsonSchema: null for a script without argsSchema", async () => {
+    await upsert({ name: "no-schema-script", source: validSource(3) });
+
+    const types = await dispatch("/api/scripts/no-schema-script/types", { agentId: workerId });
+    expect(types.status).toBe(200);
+    const body = (await types.json()) as { argsJsonSchema: unknown };
+    expect(body.argsJsonSchema).toBeNull();
+  });
+
+  test("script_search includes argsJsonSchema in results", async () => {
+    const source = `
+      import { z } from "zod";
+      export const argsSchema = z.object({ query: z.string() });
+      export default async (args: z.infer<typeof argsSchema>) => ({ result: args.query });
+    `;
+    await upsert({ name: "search-with-schema", source, description: "search result helper" });
+
+    const search = await dispatch("/api/scripts/search", {
+      method: "POST",
+      agentId: workerId,
+      body: JSON.stringify({ query: "search result helper", limit: 5 }),
+    });
+    expect(search.status).toBe(200);
+    const body = (await search.json()) as {
+      results: Array<{ name: string; argsJsonSchema: unknown }>;
+    };
+    const result = body.results.find((r) => r.name === "search-with-schema");
+    expect(result).toBeDefined();
+    expect(result?.argsJsonSchema).not.toBeNull();
+  });
 });

package/src/tests/scripts-runtime.test.ts

@@ -286,4 +286,59 @@ describe("runScript", () => {
       await Bun.$`rm -rf ${tmpdir}`;
     }
   });
+
+  test("argsSchema rejects invalid args with a formatted Zod error", async () => {
+    const output = await runScript({
+      agentId: "agent-1",
+      args: {},
+      resources,
+      source: `
+        import { z } from "zod";
+        export const argsSchema = z.object({
+          repo: z.string(),
+        });
+        export default async (args: z.infer<typeof argsSchema>) => ({ repo: args.repo });
+      `,
+    });
+
+    expect(output.error).toBeDefined();
+    expect(output.exitCode).not.toBe(0);
+    expect(output.stderr).toContain("argsSchema validation failed");
+    expect(output.stderr).toContain("repo");
+  });
+
+  test("argsSchema applies .default() values when fields are omitted", async () => {
+    const output = await runScript({
+      agentId: "agent-1",
+      args: { repo: "owner/name" },
+      resources,
+      source: `
+        import { z } from "zod";
+        export const argsSchema = z.object({
+          repo: z.string(),
+          limit: z.number().default(10),
+        });
+        export default async (args: z.infer<typeof argsSchema>) => ({ repo: args.repo, limit: args.limit });
+      `,
+    });
+
+    expect(output.error).toBeUndefined();
+    expect(output.result).toEqual({ repo: "owner/name", limit: 10 });
+    expect(output.exitCode).toBe(0);
+  });
+
+  test("script without argsSchema still works (backward-compat)", async () => {
+    const output = await runScript({
+      agentId: "agent-1",
+      args: { value: 42 },
+      resources,
+      source: `
+        export default async (args: { value: number }) => ({ doubled: args.value * 2 });
+      `,
+    });
+
+    expect(output.error).toBeUndefined();
+    expect(output.result).toEqual({ doubled: 84 });
+    expect(output.exitCode).toBe(0);
+  });
 });