@desplega.ai/agent-swarm 1.83.1 → 1.83.2

package/src/tests/mcp-user-route.test.ts

@@ -0,0 +1,325 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import {
+  createServer as createHttpServer,
+  type IncomingMessage,
+  type Server,
+  type ServerResponse,
+} from "node:http";
+import type { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
+import { closeDb, createTaskExtended, createUser, getDb, getTaskById, initDb } from "../be/db";
+import { type IdentityActor, mintToken, revokeToken } from "../be/users";
+import { handleCore } from "../http/core";
+import { handleMcp } from "../http/mcp";
+import { handleMcpUser } from "../http/mcp-user";
+
+const TEST_DB_PATH = "./test-mcp-user-route.sqlite";
+const API_KEY = "test-mcp-user-key";
+const ACTOR: IdentityActor = { kind: "operator", id: "test" };
+
+async function removeDbFiles(path: string): Promise<void> {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      await unlink(path + suffix);
+    } catch (error) {
+      if ((error as NodeJS.ErrnoException).code !== "ENOENT") throw error;
+    }
+  }
+}
+
+async function listen(server: Server): Promise<number> {
+  const port = 15173;
+  await new Promise<void>((resolve, reject) => {
+    server.once("error", reject);
+    server.listen(port, "127.0.0.1", () => {
+      server.off("error", reject);
+      resolve();
+    });
+  });
+  const addr = server.address();
+  if (!addr || typeof addr === "string") throw new Error("no port");
+  return addr.port;
+}
+
+function createTestServer(): Server {
+  const transports: Record<string, StreamableHTTPServerTransport> = {};
+  const transportsUser: Record<string, StreamableHTTPServerTransport> = {};
+  const sessionUsers: Record<string, string> = {};
+
+  return createHttpServer(async (req: IncomingMessage, res: ServerResponse) => {
+    const myAgentId = req.headers["x-agent-id"] as string | undefined;
+    if (await handleCore(req, res, myAgentId, API_KEY)) return;
+    if (await handleMcp(req, res, transports)) return;
+    if (await handleMcpUser(req, res, transportsUser, sessionUsers)) return;
+    res.writeHead(404);
+    res.end("Not Found");
+  });
+}
+
+let server: Server;
+let port: number;
+
+beforeAll(async () => {
+  await removeDbFiles(TEST_DB_PATH);
+  initDb(TEST_DB_PATH);
+  server = createTestServer();
+  port = await listen(server);
+});
+
+afterAll(async () => {
+  await new Promise<void>((resolve) => server.close(() => resolve()));
+  closeDb();
+  await removeDbFiles(TEST_DB_PATH);
+});
+
+beforeEach(() => {
+  // Clean slate between tests for deterministic token and task state.
+  const db = getDb();
+  db.run("DELETE FROM user_identity_events");
+  db.run("DELETE FROM user_tokens");
+  db.run("DELETE FROM agent_tasks");
+  db.run("DELETE FROM users");
+});
+
+function endpoint(path = "/mcp-user"): string {
+  return `http://localhost:${port}${path}`;
+}
+
+function parseMcpPayload(text: string): unknown {
+  const trimmed = text.trim();
+  if (!trimmed) return null;
+  if (trimmed.startsWith("event:") || trimmed.startsWith("data:")) {
+    const data = trimmed
+      .split("\n")
+      .filter((line) => line.startsWith("data:"))
+      .map((line) => line.slice("data:".length).trim())
+      .join("\n");
+    return JSON.parse(data);
+  }
+  return JSON.parse(trimmed);
+}
+
+async function mcpPost(
+  token: string | null,
+  body: Record<string, unknown>,
+  sessionId?: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<{ response: Response; payload: unknown; text: string }> {
+  const headers: Record<string, string> = {
+    Accept: "application/json, text/event-stream",
+    "Content-Type": "application/json",
+    ...extraHeaders,
+  };
+  if (token) headers.Authorization = `Bearer ${token}`;
+  if (sessionId) headers["mcp-session-id"] = sessionId;
+
+  const response = await fetch(endpoint(path), {
+    method: "POST",
+    headers,
+    body: JSON.stringify(body),
+  });
+  const text = await response.text();
+  const payload = text ? parseMcpPayload(text) : null;
+  return { response, payload, text };
+}
+
+async function initialize(
+  token: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<string> {
+  const { response, text } = await mcpPost(
+    token,
+    {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    },
+    undefined,
+    path,
+    extraHeaders,
+  );
+  expect(response.status).toBe(200);
+  const sessionId = response.headers.get("mcp-session-id");
+  if (!sessionId) throw new Error(`missing mcp-session-id from initialize response: ${text}`);
+  return sessionId;
+}
+
+async function notifyInitialized(
+  token: string,
+  sessionId: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<void> {
+  const { response } = await mcpPost(
+    token,
+    { jsonrpc: "2.0", method: "notifications/initialized" },
+    sessionId,
+    path,
+    extraHeaders,
+  );
+  expect([200, 202]).toContain(response.status);
+}
+
+describe("/mcp-user auth and tool surface", () => {
+  test("request to /mcp-user with no token returns 401", async () => {
+    const { response } = await mcpPost(null, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request to /mcp-user with a revoked token returns 401", async () => {
+    const user = createUser({ name: "Revoked User" });
+    const token = mintToken(user.id, "revoked", ACTOR);
+    revokeToken(token.tokenId, ACTOR);
+
+    const { response } = await mcpPost(token.plaintext, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request to /mcp-user with a suspended user's valid token returns 401", async () => {
+    const user = createUser({ name: "Suspended User", status: "suspended" });
+    const token = mintToken(user.id, "suspended", ACTOR);
+
+    const { response } = await mcpPost(token.plaintext, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request with a different user token than the opening session returns 401", async () => {
+    const userA = createUser({ name: "Session A" });
+    const userB = createUser({ name: "Session B" });
+    const tokenA = mintToken(userA.id, "a", ACTOR).plaintext;
+    const tokenB = mintToken(userB.id, "b", ACTOR).plaintext;
+    const sessionId = await initialize(tokenA);
+
+    const { response } = await mcpPost(
+      tokenB,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+    );
+
+    expect(response.status).toBe(401);
+  });
+
+  test("valid active-user token initializes and tools/list returns exactly the 5 task tools", async () => {
+    const user = createUser({ name: "Active User" });
+    const token = mintToken(user.id, "active", ACTOR).plaintext;
+    const sessionId = await initialize(token);
+    await notifyInitialized(token, sessionId);
+
+    const { response, payload } = await mcpPost(
+      token,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { tools: Array<{ name: string }> } };
+    const names = result.result.tools.map((tool) => tool.name).sort();
+    expect(names).toEqual(
+      ["cancel-task", "get-task-details", "get-tasks", "send-task", "task-action"].sort(),
+    );
+  });
+
+  test("send-task over /mcp-user records requestedByUserId and get-tasks returns only that user's tasks", async () => {
+    const user = createUser({ name: "Task Requester" });
+    const otherUser = createUser({ name: "Other Task Requester" });
+    const token = mintToken(user.id, "task", ACTOR).plaintext;
+    const sessionId = await initialize(token);
+    await notifyInitialized(token, sessionId);
+
+    const { response, payload } = await mcpPost(
+      token,
+      {
+        jsonrpc: "2.0",
+        id: 3,
+        method: "tools/call",
+        params: { name: "send-task", arguments: { task: "user mcp task" } },
+      },
+      sessionId,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { structuredContent: { task: { id: string } } } };
+    const taskId = result.result.structuredContent.task.id;
+    expect(getTaskById(taskId)?.requestedByUserId).toBe(user.id);
+    const foreignTask = createTaskExtended("foreign user mcp task", {
+      requestedByUserId: otherUser.id,
+    });
+    createTaskExtended("owner-only task");
+
+    const listResponse = await mcpPost(
+      token,
+      {
+        jsonrpc: "2.0",
+        id: 4,
+        method: "tools/call",
+        params: { name: "get-tasks", arguments: { includeFull: true, limit: 50 } },
+      },
+      sessionId,
+    );
+
+    expect(listResponse.response.status).toBe(200);
+    const listResult = listResponse.payload as {
+      result: { structuredContent: { tasks: Array<{ id: string; task?: string }> } };
+    };
+    const ids = listResult.result.structuredContent.tasks.map((task) => task.id);
+    expect(ids).toContain(taskId);
+    expect(ids).not.toContain(foreignTask.id);
+    expect(listResult.result.structuredContent.tasks).toHaveLength(1);
+  });
+
+  test("owner /mcp path still initializes with swarm API key", async () => {
+    const ownerHeaders = { "X-Agent-ID": "00000000-0000-4000-8000-000000000001" };
+    const sessionId = await initialize(API_KEY, "/mcp", ownerHeaders);
+    await notifyInitialized(API_KEY, sessionId, "/mcp", ownerHeaders);
+
+    const { response, payload } = await mcpPost(
+      API_KEY,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+      "/mcp",
+      ownerHeaders,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { tools: Array<{ name: string }> } };
+    const names = result.result.tools.map((tool) => tool.name);
+    expect(names).toContain("send-task");
+  });
+});

package/src/tests/opencode-adapter.test.ts

@@ -141,6 +141,81 @@ describe("OpencodeSession — SSE→ProviderEvent mapping", () => {
     expect(result.failureReason).toContain("provider overloaded");
   });
 
+  test("prompt Model not found refreshes OpenRouter cache and retries once", async () => {
+    const emitted: ProviderEvent[] = [];
+    const refreshCalls: Array<{ model?: string; configFilePath: string; dataHomePath: string }> =
+      [];
+    const fakeSessionId = "sess-abc-123";
+    let promptCalls = 0;
+    let resolveSecondPrompt!: () => void;
+    const secondPromptSent = new Promise<void>((resolve) => {
+      resolveSecondPrompt = resolve;
+    });
+
+    const fakeClient = {
+      session: {
+        create: async () => ({ data: { id: fakeSessionId }, error: undefined }),
+        prompt: async (args: unknown) => {
+          lastPromptArgs = args;
+          promptCalls += 1;
+          if (promptCalls === 1) {
+            throw new Error(
+              "Model not found: openrouter/x-ai/grok-4.3. Did you mean: x-ai/grok-4.3?",
+            );
+          }
+          resolveSecondPrompt();
+          return { data: {}, error: undefined };
+        },
+      },
+      event: {
+        subscribe: async () => ({
+          stream: (async function* (): AsyncGenerator<OpencodeEvent> {
+            await secondPromptSent;
+            yield { type: "session.idle", properties: { sessionID: fakeSessionId } };
+          })(),
+        }),
+      },
+    };
+    const fakeServer = { url: "http://127.0.0.1:12345", close: mock(() => {}) };
+
+    mock.module("@opencode-ai/sdk", () => ({
+      createOpencode: async () => ({ client: fakeClient, server: fakeServer }),
+    }));
+
+    const { OpencodeAdapter, _setOpenRouterModelCacheRefreshForTests } = await import(
+      "../providers/opencode-adapter"
+    );
+    _setOpenRouterModelCacheRefreshForTests(
+      async (opencodeConfig, configFilePath, dataHomePath) => {
+        refreshCalls.push({ model: opencodeConfig.model, configFilePath, dataHomePath });
+      },
+    );
+    try {
+      const adapter = new OpencodeAdapter();
+      const session = await adapter.createSession(
+        testConfig({ model: "openrouter/x-ai/grok-4.3", taskId: "task-refresh" }),
+      );
+      session.onEvent((e) => emitted.push(e));
+
+      const result = await session.waitForCompletion();
+
+      expect(result.isError).toBe(false);
+      expect(promptCalls).toBe(2);
+      expect(refreshCalls).toEqual([
+        {
+          model: "openrouter/x-ai/grok-4.3",
+          configFilePath: "/tmp/opencode-task-refresh.json",
+          dataHomePath: "/tmp/opencode-data-task-refresh",
+        },
+      ]);
+      expect(emitted.some((e) => e.type === "progress" && e.message.includes("refreshing"))).toBe(
+        true,
+      );
+    } finally {
+      _setOpenRouterModelCacheRefreshForTests(null);
+    }
+  });
+
   test("permission.updated → emits error (headless cannot approve)", async () => {
     const events: OpencodeEvent[] = [
       {

package/src/tests/pi-mono-adapter.test.ts

@@ -1,7 +1,7 @@
 import { afterAll, beforeAll, describe, expect, test } from "bun:test";
 import { existsSync, mkdirSync, readFileSync, rmSync, symlinkSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
-import { PiMonoAdapter, resolveModel } from "../providers/pi-mono-adapter";
+import { createPiRuntimeAuth, PiMonoAdapter, resolveModel } from "../providers/pi-mono-adapter";
 
 describe("PiMonoAdapter", () => {
   test("name is 'pi'", () => {
@@ -177,6 +177,26 @@ describe("resolveModel — OpenRouter reroute for anthropic shortnames", () => {
   });
 });
 
+describe("createPiRuntimeAuth", () => {
+  test("threads resolved OpenRouter key into pi runtime auth without process.env", async () => {
+    const { modelRegistry } = createPiRuntimeAuth({ OPENROUTER_API_KEY: "sk-or-runtime" });
+
+    await expect(modelRegistry.getApiKeyForProvider("openrouter")).resolves.toBe("sk-or-runtime");
+  });
+
+  test("supports all pi env-backed providers", async () => {
+    const { modelRegistry } = createPiRuntimeAuth({
+      ANTHROPIC_API_KEY: "sk-ant-runtime",
+      OPENAI_API_KEY: "sk-openai-runtime",
+      GOOGLE_API_KEY: "sk-google-runtime",
+    });
+
+    await expect(modelRegistry.getApiKeyForProvider("anthropic")).resolves.toBe("sk-ant-runtime");
+    await expect(modelRegistry.getApiKeyForProvider("openai")).resolves.toBe("sk-openai-runtime");
+    await expect(modelRegistry.getApiKeyForProvider("google")).resolves.toBe("sk-google-runtime");
+  });
+});
+
 describe("Pi-mono event normalization", () => {
   test("message_update with text content produces raw_log-style data", () => {
     // Simulates what PiMonoSession.handleAgentEvent does

package/src/tests/rate-limit-event.test.ts

@@ -1,5 +1,11 @@
 import { describe, expect, test } from "bun:test";
-import { SessionErrorTracker, trackErrorFromJson } from "../utils/error-tracker";
+import {
+  isRateLimitMessage,
+  MAX_RATE_LIMIT_RESET_MS,
+  parseStderrForErrors,
+  SessionErrorTracker,
+  trackErrorFromJson,
+} from "../utils/error-tracker";
 
 // Verbatim fixture from Linear CAI-1279 (session logs for task b7fbbdb9-4922-41d9-88ec-21febd6c4fec)
 const FIXTURE_REJECTED = {
@@ -25,7 +31,7 @@ describe("SessionErrorTracker — rate_limit_event processing", () => {
     expect(result).toBeDefined();
 
     // resetsAt: 1779202200 sec → 2026-05-19T14:50:00.000Z
-    // But since we clamp to [now+60s, now+6h] and this is a past timestamp,
+    // But since we clamp to [now+60s, now+7d] and this is a past timestamp,
     // the value will be clamped to now+60s. What matters is the sec→ms conversion works.
     // We verify the unit is correct by checking that 1779202200 * 1000 = ms,
     // which is NOT the same as treating it as ms (would be 1970-01-21).
@@ -125,7 +131,7 @@ describe("SessionErrorTracker — rate_limit_event processing", () => {
     expect(parsedMs).toBeLessThanOrEqual(nowMs + 65_000);
   });
 
-  test("resetsAt absurdly far in future → clamped to now+6h (malformed defense)", () => {
+  test("resetsAt absurdly far in future → clamped to now+7d (malformed defense)", () => {
     const tracker = new SessionErrorTracker();
     // Year 2099 in seconds
     tracker.processRateLimitEvent({
@@ -137,8 +143,25 @@ describe("SessionErrorTracker — rate_limit_event processing", () => {
     expect(result).toBeDefined();
     const parsedMs = new Date(result!).getTime();
     const nowMs = Date.now();
-    const sixHoursMs = 6 * 60 * 60 * 1000;
-    expect(parsedMs).toBeLessThanOrEqual(nowMs + sixHoursMs + 1000); // within 6h (+1s tolerance)
+    const sevenDaysMs = MAX_RATE_LIMIT_RESET_MS;
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + sevenDaysMs + 1000); // within 7d (+1s tolerance)
+  });
+
+  test("legitimate weekly reset (~2 days out) is honored, not clamped to 6h", () => {
+    const tracker = new SessionErrorTracker();
+    const twoDaysFromNowSec = Math.floor(Date.now() / 1000) + 2 * 24 * 60 * 60;
+    tracker.processRateLimitEvent({
+      type: "rate_limit_event",
+      rate_limit_info: { status: "rejected", resetsAt: twoDaysFromNowSec, rateLimitType: "weekly" },
+    });
+
+    const result = tracker.getRateLimitResetAt();
+    expect(result).toBeDefined();
+    const parsedMs = new Date(result!).getTime();
+    const nowMs = Date.now();
+    // The real reset is ~2 days out — must be honored, not capped at 6h.
+    expect(parsedMs).toBeGreaterThan(nowMs + 6 * 60 * 60 * 1000);
+    expect(parsedMs).toBeLessThanOrEqual(nowMs + 2 * 24 * 60 * 60 * 1000 + 1000);
   });
 
   test("multiple rate_limit_event lines → last rejected one wins", () => {
@@ -255,7 +278,7 @@ describe("three-tier resolver logic (unit test via clamp helper)", () => {
   function clampResetTime(isoString: string): string {
     const nowMs = Date.now();
     const minMs = nowMs + 60_000;
-    const maxMs = nowMs + 6 * 60 * 60 * 1000;
+    const maxMs = nowMs + MAX_RATE_LIMIT_RESET_MS;
     const candidateMs = new Date(isoString).getTime();
     return new Date(Math.min(Math.max(candidateMs, minMs), maxMs)).toISOString();
   }
@@ -290,3 +313,43 @@ describe("three-tier resolver logic (unit test via clamp helper)", () => {
     expect(resolvedMs).toBeLessThanOrEqual(nowMs + 6 * 60_000);
   });
 });
+
+describe("isRateLimitMessage — shared matcher (runner gate + stderr parser)", () => {
+  test.each([
+    "You've hit your weekly limit · resets May 28, 5pm (UTC)",
+    "hit your 5-hour limit",
+    "hit your limit",
+    "Claude usage limit reached",
+    "hit your daily limit",
+    "rate limit exceeded",
+    "rate_limit error",
+    "429 Too Many Requests",
+    "Error: too many requests, slow down",
+    "[rate-limit] codex prefix",
+    "[usage-limit] codex prefix",
+  ])("matches rate-limit signal: %s", (msg) => {
+    expect(isRateLimitMessage(msg)).toBe(true);
+  });
+
+  test.each([
+    "No conversation found with session ID abc",
+    "Max turns exceeded",
+    "Authentication failed: invalid token",
+    "Error during execution: file not found",
+    "Read 4290 bytes from stream",
+  ])("does NOT match non-rate-limit text: %s", (msg) => {
+    expect(isRateLimitMessage(msg)).toBe(false);
+  });
+
+  test("parseStderrForErrors flags a weekly-limit stderr line as an error", () => {
+    const tracker = new SessionErrorTracker();
+    parseStderrForErrors("You've hit your weekly limit · resets May 28, 5pm (UTC)", tracker);
+    expect(tracker.hasErrors()).toBe(true);
+  });
+
+  test("parseStderrForErrors still flags a bare 429 stderr line", () => {
+    const tracker = new SessionErrorTracker();
+    parseStderrForErrors("HTTP 429 returned by upstream", tracker);
+    expect(tracker.hasErrors()).toBe(true);
+  });
+});

package/src/tests/resume-session.test.ts

@@ -0,0 +1,93 @@
+import { describe, expect, test } from "bun:test";
+import { resolveResumeSession } from "../commands/resume-session";
+
+describe("resolveResumeSession", () => {
+  test("allows local Claude resume for UUID session ids", () => {
+    const resolution = resolveResumeSession("claude", [
+      {
+        source: "task",
+        sessionId: "69dbe5a1-1130-45eb-983f-58a7a13c9c3c",
+        provider: "claude",
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBe("69dbe5a1-1130-45eb-983f-58a7a13c9c3c");
+    expect(resolution.source).toBe("task");
+    expect(resolution.provider).toBe("claude");
+    expect(resolution.skipped).toEqual([]);
+  });
+
+  test("rejects non-UUID ids for local Claude resume", () => {
+    const resolution = resolveResumeSession("claude", [
+      {
+        source: "task",
+        sessionId: "ses_19c145de3ffeD9qLlntj8SRO28",
+        provider: "claude",
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBeUndefined();
+    expect(resolution.skipped).toHaveLength(1);
+    expect(resolution.skipped[0]?.reason).toBe("Claude CLI --resume requires a UUID session id");
+  });
+
+  test("normalizes legacy managed Claude rows to claude-managed", () => {
+    const resolution = resolveResumeSession("claude-managed", [
+      {
+        source: "parent",
+        sessionId: "sesn_resume_xyz",
+        provider: "claude",
+        providerMeta: { managed: true },
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBe("sesn_resume_xyz");
+    expect(resolution.source).toBe("parent");
+    expect(resolution.provider).toBe("claude-managed");
+  });
+
+  test("skips mismatched provider sessions and falls back to parent", () => {
+    const resolution = resolveResumeSession("claude", [
+      {
+        source: "task",
+        sessionId: "thread-codex",
+        provider: "codex",
+      },
+      {
+        source: "parent",
+        sessionId: "69dbe5a1-1130-45eb-983f-58a7a13c9c3c",
+        provider: "claude",
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBe("69dbe5a1-1130-45eb-983f-58a7a13c9c3c");
+    expect(resolution.source).toBe("parent");
+    expect(resolution.skipped).toHaveLength(1);
+    expect(resolution.skipped[0]?.reason).toContain("does not match current provider");
+  });
+
+  test("rejects legacy unknown non-UUID Claude session ids", () => {
+    const resolution = resolveResumeSession("claude", [
+      {
+        source: "task",
+        sessionId: "ses_19c145de3ffeD9qLlntj8SRO28",
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBeUndefined();
+    expect(resolution.skipped[0]?.reason).toBe("legacy Claude resume requires a UUID session id");
+  });
+
+  test("does not resume providers without runner resume support", () => {
+    const resolution = resolveResumeSession("pi", [
+      {
+        source: "task",
+        sessionId: "pi-session",
+        provider: "pi",
+      },
+    ]);
+
+    expect(resolution.resumeSessionId).toBeUndefined();
+    expect(resolution.skipped[0]?.reason).toBe("provider pi does not support runner resume");
+  });
+});