@desplega.ai/agent-swarm 1.95.0 → 1.97.0

package/src/tests/scripts-boot-reembed.test.ts

@@ -1,6 +1,7 @@
 import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
 import { unlink } from "node:fs/promises";
 import { closeDb, getDb, initDb } from "../be/db";
+import { serializeEmbedding } from "../be/embedding";
 import type { EmbeddingProvider } from "../be/memory/types";
 import { runBootReembedScripts } from "../be/scripts/boot-reembed";
 import { upsertScriptByName } from "../be/scripts/db";
@@ -98,7 +99,8 @@ describe("boot-reembed-scripts", () => {
     provider.reset();
     await runBootReembedScripts();
     expect(embeddingCount(result.script.id)).toBe(1);
-    expect(provider.calls).toHaveLength(1);
+    // +1 for the provider probe call ("test") that verifies the provider works
+    expect(provider.calls).toHaveLength(2);
   });
 
   test("no-ops when all scripts already have embeddings", async () => {
@@ -157,7 +159,64 @@ describe("boot-reembed-scripts", () => {
 
     provider.reset();
     await runBootReembedScripts();
-    expect(provider.calls).toHaveLength(1);
+    // +1 for the provider probe call
+    expect(provider.calls).toHaveLength(2);
     expect(embeddingCount(withoutEmbed.script.id)).toBe(1);
   });
+
+  test("re-embeds scripts with wrong-dimension embeddings", async () => {
+    const result = await upsertScriptByName({
+      name: "wrong-dim",
+      scope: "global",
+      source: source("wrong-dim"),
+      description: "Script with legacy 1536d embedding",
+      intent: "Dimension fix test",
+      signatureJson,
+    });
+    expect(embeddingCount(result.script.id)).toBe(1);
+
+    // Overwrite with a wrong-dimension (1536d) embedding to simulate legacy data
+    const wrongDimVector = new Float32Array(1536).fill(0.1);
+    getDb().run("UPDATE script_embeddings SET embedding = ? WHERE scriptId = ?", [
+      serializeEmbedding(wrongDimVector),
+      result.script.id,
+    ]);
+
+    // Verify the wrong dim is stored
+    const stored = getDb()
+      .prepare<{ len: number }, [string]>(
+        "SELECT length(embedding) as len FROM script_embeddings WHERE scriptId = ?",
+      )
+      .get(result.script.id);
+    expect(stored?.len).toBe(1536 * 4);
+
+    provider.reset();
+    await runBootReembedScripts();
+    // +1 for the provider probe call
+    expect(provider.calls).toHaveLength(2);
+
+    // Should now have correct-dimension embedding
+    const fixed = getDb()
+      .prepare<{ len: number }, [string]>(
+        "SELECT length(embedding) as len FROM script_embeddings WHERE scriptId = ?",
+      )
+      .get(result.script.id);
+    expect(fixed?.len).toBe(5 * 4); // provider.dimensions = 5
+  });
+
+  test("no-ops when all scripts have correct-dimension embeddings", async () => {
+    await upsertScriptByName({
+      name: "correct-dim",
+      scope: "global",
+      source: source("correct"),
+      description: "Already correct",
+      intent: "No-op test",
+      signatureJson,
+    });
+    expect(totalEmbeddingCount()).toBe(1);
+
+    provider.reset();
+    await runBootReembedScripts();
+    expect(provider.calls).toHaveLength(0);
+  });
 });

package/src/tests/scripts-embeddings.test.ts

@@ -1,6 +1,7 @@
 import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
 import { unlink } from "node:fs/promises";
 import { closeDb, getDb, initDb } from "../be/db";
+import { serializeEmbedding } from "../be/embedding";
 import type { EmbeddingProvider } from "../be/memory/types";
 import { getScript, upsertScriptByName } from "../be/scripts/db";
 import {
@@ -378,4 +379,30 @@ describe("script embeddings", () => {
     expect(getScript({ name: "delete-embedding", scope: "agent", scopeId: "agent-1" })).toBeNull();
     expect(embeddingCount(created.script.id)).toBe(0);
   });
+
+  test("search skips wrong-dimension embeddings instead of throwing", async () => {
+    const good = await upsertFixture({
+      name: "good-dim",
+      description: "Linear issue triage helper",
+    });
+    const bad = await upsertFixture({
+      name: "bad-dim",
+      description: "Linear ticket router",
+    });
+    expect(embeddingCount(good.script.id)).toBe(1);
+    expect(embeddingCount(bad.script.id)).toBe(1);
+
+    // Overwrite bad-dim's embedding with a wrong-dimension vector (1536d)
+    const wrongDimVector = new Float32Array(1536).fill(0.1);
+    getDb().run("UPDATE script_embeddings SET embedding = ? WHERE scriptId = ?", [
+      serializeEmbedding(wrongDimVector),
+      bad.script.id,
+    ]);
+
+    provider.reset();
+    const results = await searchScripts({ query: "issue triage", scopeId: "agent-1", limit: 10 });
+    // Should not throw, and should only return the good-dim script
+    expect(results.map((r) => r.script.name)).toContain("good-dim");
+    expect(results.map((r) => r.script.name)).not.toContain("bad-dim");
+  });
 });

package/src/tests/secret-scrubber.test.ts

@@ -1,5 +1,11 @@
 import { afterEach, beforeEach, describe, expect, test } from "bun:test";
-import { refreshSecretScrubberCache, scrubObject, scrubSecrets } from "../utils/secret-scrubber";
+import {
+  clearVolatileSecretsForTesting,
+  refreshSecretScrubberCache,
+  registerVolatileSecret,
+  scrubObject,
+  scrubSecrets,
+} from "../utils/secret-scrubber";
 
 // Snapshot/restore process.env between tests so env-derived cache entries
 // don't leak across cases.
@@ -221,6 +227,52 @@ describe("scrubSecrets — regex patterns", () => {
 
     expect(out).toBe("OTEL_EXPORTER_OTLP_HEADERS=[REDACTED:signoz_ingestion_key]");
   });
+
+  test("redacts Linear OAuth tokens", () => {
+    const out = scrubSecrets("Authorization: Bearer lin_oauth_test123abcdef end");
+    expect(out).toContain("[REDACTED:linear_oauth]");
+    expect(out).not.toContain("lin_oauth_test123");
+  });
+
+  test("redacts Linear API keys", () => {
+    const out = scrubSecrets("key=lin_api_test123abcdef tail");
+    expect(out).toContain("[REDACTED:linear_api]");
+    expect(out).not.toContain("lin_api_test123");
+  });
+
+  test("redacts npm tokens", () => {
+    const out = scrubSecrets("npm=npm_abcdefghijklmnopqrstuvwxyz01234");
+    expect(out).toContain("[REDACTED:npm_token]");
+    expect(out).not.toContain("npm_abcdefghijklmnopqr");
+  });
+
+  test("redacts Atlassian/Jira API tokens", () => {
+    const out = scrubSecrets("jira=ATATT3xFfGF0abcdefghijklmnopqrstuvwxyz");
+    expect(out).toContain("[REDACTED:atlassian_token]");
+    expect(out).not.toContain("ATATT3xFfGF0");
+  });
+
+  test("redacts tokens adjacent to JSON escape sequences (\\n)", () => {
+    const content = "data\\nlin_oauth_test123abcdef\\nmore";
+    const out = scrubSecrets(content);
+    expect(out).toContain("[REDACTED:linear_oauth]");
+    expect(out).not.toContain("lin_oauth_test123");
+  });
+
+  test("redacts tokens adjacent to JSON escape sequences (\\t, \\r)", () => {
+    const outT = scrubSecrets("field\\tlin_oauth_test123abcdef");
+    expect(outT).toContain("[REDACTED:linear_oauth]");
+    const outR = scrubSecrets("line\\rlin_oauth_test123abcdef");
+    expect(outR).toContain("[REDACTED:linear_oauth]");
+  });
+
+  test("redacts tokens in double-encoded JSON with escape sequences", () => {
+    const inner = JSON.stringify({ access_token: "lin_oauth_test123abcdef", scope: "read" });
+    const content = `{"output":${JSON.stringify(inner)}}`;
+    const out = scrubSecrets(content);
+    expect(out).toContain("[REDACTED:linear_oauth]");
+    expect(out).not.toContain("lin_oauth_test123");
+  });
 });
 
 describe("scrubSecrets — does not over-scrub", () => {
@@ -300,3 +352,23 @@ describe("scrubObject", () => {
     expect(scrubObject(value)).toEqual({ a: "ok", self: "[Circular]" });
   });
 });
+
+describe("registerVolatileSecret", () => {
+  afterEach(() => {
+    clearVolatileSecretsForTesting();
+  });
+
+  test("scrubs a runtime-registered volatile secret", () => {
+    const secret = "volatile_runtime_token_1234567890abcdef";
+    registerVolatileSecret(secret, "RUNTIME_TOKEN");
+    const out = scrubSecrets(`key=${secret}`);
+    expect(out).toBe("key=[REDACTED:RUNTIME_TOKEN]");
+    expect(out).not.toContain(secret);
+  });
+
+  test("ignores values shorter than the minimum length", () => {
+    registerVolatileSecret("short", "TOO_SHORT");
+    const out = scrubSecrets("contains short somewhere");
+    expect(out).toBe("contains short somewhere");
+  });
+});

package/src/tools/swarm-config/get-config.ts

@@ -3,6 +3,7 @@ import * as z from "zod";
 import { getResolvedConfig, maskSecrets } from "@/be/db";
 import { createToolRegistrar } from "@/tools/utils";
 import { SwarmConfigSchema } from "@/types";
+import { registerVolatileSecret } from "@/utils/secret-scrubber";
 
 export const registerGetConfigTool = (server: McpServer) => {
   createToolRegistrar(server)(
@@ -10,7 +11,7 @@ export const registerGetConfigTool = (server: McpServer) => {
     {
       title: "Get Config",
       description:
-        "Get resolved configuration values with scope resolution (repo > agent > global). Returns one entry per unique key with the most-specific scope winning. Use includeSecrets=true to see secret values.",
+        "Get resolved configuration values with scope resolution (repo > agent > global). Returns one entry per unique key with the most-specific scope winning. Use includeSecrets=true to see secret values. IMPORTANT: never pass returned secret values directly on a command line — write them to a temp .env file and source it instead, so the literal value stays out of logged commands.",
       annotations: { readOnlyHint: true },
 
       inputSchema: z.object({
@@ -62,6 +63,13 @@ export const registerGetConfigTool = (server: McpServer) => {
         }
 
         const result = includeSecrets ? configs : maskSecrets(configs);
+        if (includeSecrets) {
+          for (const c of result) {
+            if (c.isSecret && c.value) {
+              registerVolatileSecret(c.value, `config:${c.key}`);
+            }
+          }
+        }
         const count = result.length;
 
         const configList =

package/src/tools/swarm-config/list-config.ts

@@ -3,6 +3,7 @@ import * as z from "zod";
 import { getSwarmConfigs, maskSecrets } from "@/be/db";
 import { createToolRegistrar } from "@/tools/utils";
 import { SwarmConfigSchema, SwarmConfigScopeSchema } from "@/types";
+import { registerVolatileSecret } from "@/utils/secret-scrubber";
 
 export const registerListConfigTool = (server: McpServer) => {
   createToolRegistrar(server)(
@@ -53,6 +54,13 @@ export const registerListConfigTool = (server: McpServer) => {
         });
 
         const result = includeSecrets ? configs : maskSecrets(configs);
+        if (includeSecrets) {
+          for (const c of result) {
+            if (c.isSecret && c.value) {
+              registerVolatileSecret(c.value, `config:${c.key}`);
+            }
+          }
+        }
         const count = result.length;
 
         const configList =

package/src/types.ts

@@ -553,6 +553,25 @@ export const AgentLatestModelSchema = z.object({
 });
 export type AgentLatestModel = z.infer<typeof AgentLatestModelSchema>;
 
+/**
+ * Worker-reported Bedrock enumeration block. Only present when the pi harness
+ * is in Bedrock SDK mode (`BEDROCK_AUTH_MODE=sdk` or
+ * `MODEL_OVERRIDE=amazon-bedrock/*`). Rides inside `cred_status` JSON (no new
+ * DB column). `models` is the intersection of the models invocable by this
+ * account/region (on-demand/ACTIVE foundation models ∪ inference profiles) with
+ * the set the pi-ai Converse harness can actually drive — Converse-incompatible
+ * entries (e.g. OpenAI models listed in the account) are excluded. An empty
+ * `region` means Bedrock mode with `AWS_REGION` unset (no region fabricated).
+ */
+export const AgentBedrockStatusSchema = z.object({
+  region: z.string(),
+  probedAt: z.number(), // unix ms
+  ready: z.boolean(),
+  models: z.array(z.object({ id: z.string(), name: z.string() })).default([]),
+  error: z.string().optional(),
+});
+export type AgentBedrockStatus = z.infer<typeof AgentBedrockStatusSchema>;
+
 export const AgentCredStatusSchema = z.object({
   ready: z.boolean(),
   missing: z.array(z.string()).default([]),
@@ -565,6 +584,8 @@ export const AgentCredStatusSchema = z.object({
   latestModel: AgentLatestModelSchema.nullable().default(null),
   reportedAt: z.number(), // unix ms
   reportKind: z.enum(["boot", "post_task"]).default("boot"),
+  /** Pi-mono Bedrock enumeration block — null when not in Bedrock mode. */
+  bedrock: AgentBedrockStatusSchema.nullable().default(null),
 });
 export type AgentCredStatus = z.infer<typeof AgentCredStatusSchema>;
 

package/src/utils/error-tracker.ts

@@ -10,6 +10,54 @@ export interface ErrorSignal {
   timestamp: string;
 }
 
+export interface RateLimitWindowInfo {
+  status: string;
+  utilization?: number;
+  resetsAt?: number;
+  isUsingOverage?: boolean;
+  surpassedThreshold?: number;
+  lastSeenAt: string;
+}
+
+export type RateLimitWindowTelemetry = Record<string, RateLimitWindowInfo>;
+
+export function parseRateLimitWindowTelemetry(
+  json: Record<string, unknown>,
+  lastSeenAt = new Date().toISOString(),
+): { rateLimitType: string; info: RateLimitWindowInfo } | null {
+  try {
+    if (json.type !== "rate_limit_event") return null;
+    const rawInfo = json.rate_limit_info;
+    if (!rawInfo || typeof rawInfo !== "object") return null;
+
+    const info = rawInfo as Record<string, unknown>;
+    if (typeof info.status !== "string" || info.status.length === 0) return null;
+    if (typeof info.rateLimitType !== "string" || info.rateLimitType.length === 0) return null;
+
+    const window: RateLimitWindowInfo = {
+      status: info.status,
+      lastSeenAt,
+    };
+
+    if (typeof info.utilization === "number" && Number.isFinite(info.utilization)) {
+      window.utilization = info.utilization;
+    }
+    if (typeof info.resetsAt === "number" && Number.isFinite(info.resetsAt) && info.resetsAt > 0) {
+      window.resetsAt = info.resetsAt;
+    }
+    if (typeof info.isUsingOverage === "boolean") {
+      window.isUsingOverage = info.isUsingOverage;
+    }
+    if (typeof info.surpassedThreshold === "number" && Number.isFinite(info.surpassedThreshold)) {
+      window.surpassedThreshold = info.surpassedThreshold;
+    }
+
+    return { rateLimitType: info.rateLimitType, info: window };
+  } catch {
+    return null;
+  }
+}
+
 /**
  * Maximum cooldown horizon for a rate-limit reset. A weekly OAuth limit resets
  * up to ~7 days out, so the cap must be at least that or a weekly-limited key
@@ -85,6 +133,7 @@ export class SessionErrorTracker {
   private errors: ErrorSignal[] = [];
   /** Stashed reset time (ms) from the last rejected rate_limit_event in this session. */
   private rateLimitResetAtMs: number | undefined;
+  private rateLimitWindows: RateLimitWindowTelemetry = {};
 
   /** Record an error from an assistant message with message.error field */
   addApiError(errorCategory: string, message: string): void {
@@ -139,6 +188,11 @@ export class SessionErrorTracker {
       const info = json.rate_limit_info as Record<string, unknown> | undefined;
       if (!info) return;
 
+      const telemetry = parseRateLimitWindowTelemetry(json);
+      if (telemetry) {
+        this.rateLimitWindows[telemetry.rateLimitType] = telemetry.info;
+      }
+
       if (info.status !== "rejected") return;
 
       const resetsAtSec = info.resetsAt;
@@ -185,6 +239,11 @@ export class SessionErrorTracker {
     return new Date(this.rateLimitResetAtMs).toISOString();
   }
 
+  getRateLimitWindows(): RateLimitWindowTelemetry | undefined {
+    if (Object.keys(this.rateLimitWindows).length === 0) return undefined;
+    return { ...this.rateLimitWindows };
+  }
+
   hasErrors(): boolean {
     return this.errors.length > 0;
   }

package/src/utils/secret-scrubber.ts

@@ -93,42 +93,63 @@ const MIN_VALUE_LENGTH = 12;
  * Order matters when one pattern is a prefix of another (e.g. `sk-ant-` must
  * match before the more general `sk-`).
  */
+
+// Leading word boundary that also matches after JSON escape sequences (\n, \t,
+// \r, etc.) where the trailing char is alphanumeric and defeats standard \b.
+const TB = String.raw`(?:(?<=\\[nrtbfu0])|(?<!\w))`;
+
 const TOKEN_REGEXES: ReadonlyArray<{ name: string; re: RegExp }> = [
   // GitHub fine-grained PATs
   { name: "github_pat", re: /github_pat_[A-Za-z0-9_]{20,}/g },
   // GitHub classic/OAuth tokens (ghp_, gho_, ghu_, ghs_, ghr_)
-  { name: "github_token", re: /\bgh[pousr]_[A-Za-z0-9]{20,}\b/g },
+  { name: "github_token", re: new RegExp(String.raw`${TB}gh[pousr]_[A-Za-z0-9]{20,}\b`, "g") },
   // GitLab personal access tokens
-  { name: "gitlab_pat", re: /\bglpat-[A-Za-z0-9_-]{20,}\b/g },
+  { name: "gitlab_pat", re: new RegExp(String.raw`${TB}glpat-[A-Za-z0-9_-]{20,}\b`, "g") },
   // Anthropic API keys (must match before the generic sk- rule below)
-  { name: "anthropic_key", re: /\bsk-ant-[A-Za-z0-9_-]{20,}\b/g },
+  { name: "anthropic_key", re: new RegExp(String.raw`${TB}sk-ant-[A-Za-z0-9_-]{20,}\b`, "g") },
   // OpenAI project keys
-  { name: "openai_proj_key", re: /\bsk-proj-[A-Za-z0-9_-]{20,}\b/g },
+  { name: "openai_proj_key", re: new RegExp(String.raw`${TB}sk-proj-[A-Za-z0-9_-]{20,}\b`, "g") },
   // OpenRouter keys
-  { name: "openrouter_key", re: /\bsk-or-(?:v1-)?[A-Za-z0-9_-]{20,}\b/g },
+  {
+    name: "openrouter_key",
+    re: new RegExp(String.raw`${TB}sk-or-(?:v1-)?[A-Za-z0-9_-]{20,}\b`, "g"),
+  },
   // Generic sk- legacy OpenAI keys (must come AFTER the ant/proj/or variants)
-  { name: "sk_key", re: /\bsk-[A-Za-z0-9]{20,}\b/g },
+  { name: "sk_key", re: new RegExp(String.raw`${TB}sk-[A-Za-z0-9]{20,}\b`, "g") },
   // Slack tokens
-  { name: "slack_token", re: /\bxox[baprseo]-[A-Za-z0-9-]{10,}\b/g },
+  { name: "slack_token", re: new RegExp(String.raw`${TB}xox[baprseo]-[A-Za-z0-9-]{10,}\b`, "g") },
   // AWS access key IDs
-  { name: "aws_access_key", re: /\bAKIA[0-9A-Z]{16}\b/g },
+  { name: "aws_access_key", re: new RegExp(String.raw`${TB}AKIA[0-9A-Z]{16}\b`, "g") },
   // Google API keys
-  { name: "google_api_key", re: /\bAIza[A-Za-z0-9_-]{35}\b/g },
+  { name: "google_api_key", re: new RegExp(String.raw`${TB}AIza[A-Za-z0-9_-]{35}\b`, "g") },
   // JWTs (3 dot-separated base64url segments)
   {
     name: "jwt",
-    re: /\beyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g,
+    re: new RegExp(
+      String.raw`${TB}eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b`,
+      "g",
+    ),
   },
   // SigNoz Cloud OTLP auth header values.
   {
     name: "signoz_ingestion_key",
-    re: /\bsignoz-ingestion-key=[A-Za-z0-9._~+/-]{20,}={0,2}\b/g,
+    re: new RegExp(String.raw`${TB}signoz-ingestion-key=[A-Za-z0-9._~+/-]{20,}={0,2}\b`, "g"),
+  },
+  // Linear OAuth tokens and API keys
+  { name: "linear_oauth", re: new RegExp(String.raw`${TB}lin_oauth_[A-Za-z0-9_-]{10,}\b`, "g") },
+  { name: "linear_api", re: new RegExp(String.raw`${TB}lin_api_[A-Za-z0-9_-]{10,}\b`, "g") },
+  // npm tokens
+  { name: "npm_token", re: new RegExp(String.raw`${TB}npm_[A-Za-z0-9_-]{20,}\b`, "g") },
+  // Jira API tokens (Atlassian cloud)
+  {
+    name: "atlassian_token",
+    re: new RegExp(String.raw`${TB}ATATT[A-Za-z0-9_-]{20,}\b`, "g"),
   },
   // Agent-swarm MCP user tokens (`aswt_<base62-20+>`). Schema lands in
   // migration 064; mint/revoke endpoints ship with the MCP-token plan.
   // Rule lives here now so plaintexts never leak into logs once endpoints
   // come online.
-  { name: "mcp_token", re: /\baswt_[A-Za-z0-9]{20,}\b/g },
+  { name: "mcp_token", re: new RegExp(String.raw`${TB}aswt_[A-Za-z0-9]{20,}\b`, "g") },
 ];
 
 interface EnvValueEntry {