npm - @dmsdc-ai/aigentry-telepty - Versions diffs - 0.4.4 → 0.4.5 - Mend

@dmsdc-ai/aigentry-telepty 0.4.4 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md +56 -0
package/daemon.js +41 -2
package/package.json +6 -4
package/scripts/postinstall.js +94 -0
package/src/prompt-symbol-registry.js +34 -4
package/src/submit-gate.js +7 -1

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,62 @@ All notable changes to `@dmsdc-ai/aigentry-telepty` are documented here.
 ## [Unreleased]
+## [0.4.5] - 2026-05-26
+### Fixed — Stale-daemon, restart-recovery, force-bypass, codex matcher (tasks #469 #470 #471 #472)
+- **#469 — npm postinstall hook restarts a stale daemon (`scripts/postinstall.js`).**
+  `npm install -g @dmsdc-ai/aigentry-telepty@X` previously overwrote files but
+  never signalled the running `telepty-daemon`, so the daemon kept executing
+  the previously-loaded code (observed: PID 3222 ran 22 days through 4
+  upgrades). The new postinstall script reads `~/.telepty/daemon-state.json`,
+  compares the running daemon's reported version to the just-installed
+  `package.json` version, and on mismatch invokes the existing
+  `cleanupDaemonProcesses()` primitive plus a detached respawn. Skips on
+  `TELEPTY_SKIP_POSTINSTALL=1` and on non-global installs
+  (`npm_config_global!=='true'`).
+- **#470 — daemon restart re-bootstraps existing sessions
+  (`daemon.js` `runStartupBootstrapRestore()`).** After a daemon restart,
+  persisted-and-restored sessions remained `ready:false` indefinitely because
+  the bootstrap prompt-symbol probe only fired on owner-WebSocket reconnect.
+  On startup, each restored gated session whose `ownerPid` is still alive is
+  now actively probed (cmux path) or optimistically marked ready (non-cmux
+  path), with the chosen reason recorded for log attribution. Sessions whose
+  owner process is dead remain unready, matching the prior unready semantics.
+- **#471 — `force: true` bypasses the bootstrap gate (`daemon.js:1969`).**
+  The per-request `force` escape hatch (`cli.js --submit-force`,
+  `TELEPTY_SUBMIT_FORCE_DEFAULT=1` from 0.4.4) was parsed correctly but the
+  bootstrap gate enqueued it and returned 504 long before the force-bypass
+  block at L1998 could run. Surgical 1-line condition edit: gate fires only
+  when `!force`. The force-bypass code path is now exercisable as documented.
+- **#472 — codex prompt-symbol matcher normalized across environments
+  (`src/prompt-symbol-registry.js`).** On real cmux captures the codex `›`
+  glyph tail-renders on the same row as the model-status footer and DECRQM /
+  cursor-position-query fragments (`>4;0m>7u`, `0 q`) leak into the screen
+  buffer, so the prior strict line-leading scan permanently missed and the
+  session stuck at `ready:false`. New tolerant detector: (1) modal-UI
+  anti-pattern guard for resume picker, first-run directory-trust prompt and
+  generic press-enter-to-continue modals (treated as NOT ready); (2)
+  multi-signal match on `"OpenAI Codex (v"` plus `/gpt-[0-9.]+\s+\w+\s+fast/`
+  anywhere on the screen; (3) legacy strict line-leading scan preserved as a
+  back-compat fallback. `awaitPromptSymbol` now emits a single
+  `[bootstrap] <cli> ready via: <reason>` log line on stabilize, paired with
+  the #470 optimistic-ready logging for unified debuggability.
+### Notes — 0.4.5
+- **Tests** — `npm test` passes 416 / 416 (was 411 / 411 in 0.4.4; +5 new
+  cases in `test/release-0.4.5-bugfixes.test.js` covering #469/#470/#471/#472
+  including env-resistance regression guard on the existing noforce test).
+- **Snyk Code SAST** — all newly authored or modified JS files
+  (`scripts/postinstall.js`, `src/prompt-symbol-registry.js`,
+  `src/submit-gate.js`, new `daemon.js` line ranges, and
+  `test/release-0.4.5-bugfixes.test.js`) report 0 findings. The 55
+  pre-existing repo-wide findings in unchanged code are tracked separately as
+  task #474 (security cleanup track) and are not part of this release.
+- **Out of scope, tracked separately** — task #473 (session-ID reuse → stale
+  command metadata) is queued for a 0.4.6 dispatch and is not addressed here.
 ## [0.4.4] - 2026-05-25
 ### Added — TELEPTY_SUBMIT_FORCE_DEFAULT env var (task #453)

package/daemon.js CHANGED Viewed

@@ -6,7 +6,7 @@ const crypto = require('crypto');
 const { WebSocketServer } = require('ws');
 const { getConfig } = require('./auth');
 const pkg = require('./package.json');
-const { claimDaemonState, clearDaemonState } = require('./daemon-control');
+const { claimDaemonState, clearDaemonState, isProcessRunning } = require('./daemon-control');
 const { checkEntitlement } = require('./entitlement');
 const terminalBackend = require('./terminal-backend');
 const { FileMailbox } = require('./src/mailbox/index');
@@ -1966,7 +1966,10 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
   console.log(`[SUBMIT] Session ${id} (${session.command})${retries > 0 ? `, retries: ${retries}, pre_delay: ${preDelayMs}ms` : ''}${gateOff ? ' [gate=off]' : ''}`);
-  if (isBootstrapGatedSession(session) && (!isBootstrapReady(session) || hasBootstrapBacklog(session) || session.bootstrapDraining)) {
+  // #471 (0.4.5): force=true must bypass the bootstrap gate. Without `!force`
+  // here the per-request escape hatch (cli.js --submit-force) is enqueued and
+  // 504s before the force-bypass block below ever runs.
+  if (!force && isBootstrapGatedSession(session) && (!isBootstrapReady(session) || hasBootstrapBacklog(session) || session.bootstrapDraining)) {
     const op = enqueueBootstrapOperation(id, session, {
       type: 'submit',
       body: { ...(req.body || {}) }
@@ -2882,8 +2885,44 @@ app.patch('/api/threads/:id', (req, res) => {
 const server = app.listen(PORT, HOST, () => {
   console.log(`🚀 aigentry-telepty daemon listening on http://${HOST}:${PORT}`);
+  runStartupBootstrapRestore();
 });
+// #470 (0.4.5): when the daemon restarts under existing telepty allow workers,
+// persisted sessions are restored at daemon.js:1244 but bootstrapReady stays
+// false until the owner WS reconnects — leaving every survivor session stuck
+// at ready:false indefinitely. Re-probe on startup: for cmux sessions whose
+// owner PID is still alive, run the WS-independent prompt-symbol probe; for
+// non-cmux survivors, optimistically mark ready (the underlying CLI is alive
+// and no probe primitive is available).
+function runStartupBootstrapRestore() {
+  for (const [id, session] of Object.entries(sessions)) {
+    if (!isBootstrapGatedSession(session) || isBootstrapReady(session)) continue;
+    const ownerPid = Number(session.ownerPid);
+    if (!Number.isInteger(ownerPid) || ownerPid <= 0 || !isProcessRunning(ownerPid)) {
+      continue;
+    }
+    if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+      submitGate.awaitPromptSymbol(session, { timeoutMs: 5000 })
+        .then((result) => {
+          if (result && result.ready) {
+            markBootstrapReady(id, session, 'startup_restore');
+          } else {
+            markBootstrapReady(id, session, 'startup_owner_alive');
+            console.log(`[BOOTSTRAP] Optimistic ready for ${id} (ownerPid=${ownerPid}, probe=${result?.reason || 'timeout'})`);
+          }
+        })
+        .catch(() => {
+          markBootstrapReady(id, session, 'startup_owner_alive');
+          console.log(`[BOOTSTRAP] Optimistic ready for ${id} (ownerPid=${ownerPid}, probe=error)`);
+        });
+    } else {
+      markBootstrapReady(id, session, 'startup_owner_alive');
+      console.log(`[BOOTSTRAP] Optimistic ready for ${id} (ownerPid=${ownerPid}, backend=${session.backend || 'unknown'})`);
+    }
+  }
+}
 // --- Mailbox system initialization ---
 const mailbox = new FileMailbox();
 const mailboxNotifier = new UnixSocketNotifier({ coalesceMs: 25 });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@dmsdc-ai/aigentry-telepty",
-  "version": "0.4.4",
+  "version": "0.4.5",
   "main": "daemon.js",
   "bin": {
     "aigentry-telepty": "install.js",
@@ -28,14 +28,16 @@
     "install.sh",
     "install.ps1",
     "mcp-server/",
+    "scripts/postinstall.js",
     "src/",
     "skills/",
     "CHANGELOG.md"
   ],
   "scripts": {
-    "test": "node --test test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js && git diff --exit-code tests/snippet-protocol/v1/",
-    "test:watch": "node --test --watch test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js",
-    "test:ci": "node --test --test-reporter=spec test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js && git diff --exit-code tests/snippet-protocol/v1/",
+    "postinstall": "node scripts/postinstall.js",
+    "test": "node --test test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
+    "test:watch": "node --test --watch test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js",
+    "test:ci": "node --test --test-reporter=spec test/auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
     "regen-fixtures": "node scripts/regen-snippet-fixtures.js"
   },
   "keywords": [

package/scripts/postinstall.js ADDED Viewed

@@ -0,0 +1,94 @@
+#!/usr/bin/env node
+'use strict';
+// #469 (0.4.5): npm postinstall hook — restart a stale telepty-daemon after
+// `npm install -g`. Without this, the running daemon keeps executing the
+// previously-loaded code (verified: a daemon ran 22 days through 4 npm
+// upgrades), so user-facing upgrades quietly no-op until they manually kill
+// the daemon. Wires the existing daemon-shutdown primitive into npm's
+// lifecycle; does not add new shutdown logic.
+const fs = require('fs');
+const os = require('os');
+const path = require('path');
+const { spawn, execSync } = require('child_process');
+const pkg = require('../package.json');
+function shouldSkip() {
+  if (process.env.TELEPTY_SKIP_POSTINSTALL === '1') {
+    return 'TELEPTY_SKIP_POSTINSTALL=1';
+  }
+  // Only act on global installs. Local `npm install` (CI, dev) must not
+  // restart a user's daemon.
+  if (process.env.npm_config_global !== 'true') {
+    return 'non-global install';
+  }
+  return null;
+}
+function readDaemonState() {
+  const statePath = path.join(os.homedir(), '.telepty', 'daemon-state.json');
+  try {
+    return JSON.parse(fs.readFileSync(statePath, 'utf8'));
+  } catch {
+    return null;
+  }
+}
+function resolveTeleptyBin() {
+  try {
+    const cmd = os.platform() === 'win32' ? 'where telepty' : 'which telepty';
+    return execSync(cmd, { encoding: 'utf8' }).split('\n')[0].trim() || 'telepty';
+  } catch {
+    return 'telepty';
+  }
+}
+(function main() {
+  const skip = shouldSkip();
+  if (skip) {
+    console.log(`[telepty postinstall] Skipped (${skip}).`);
+    return;
+  }
+  const state = readDaemonState();
+  if (!state || !Number.isInteger(state.pid) || state.pid <= 0) {
+    console.log('[telepty postinstall] No running daemon detected — nothing to restart.');
+    return;
+  }
+  if (state.version === pkg.version) {
+    console.log(`[telepty postinstall] Running daemon already at ${pkg.version} (pid ${state.pid}). No restart needed.`);
+    return;
+  }
+  console.log(`[telepty postinstall] Detected stale daemon ${state.version || 'unknown'} (pid ${state.pid}); upgrading in-place to ${pkg.version}.`);
+  let stopped = 0;
+  try {
+    // Lazy require so a malformed install of daemon-control.js doesn't abort
+    // postinstall before the skip-check runs.
+    const { cleanupDaemonProcesses } = require('../daemon-control');
+    const result = cleanupDaemonProcesses();
+    stopped = result.stopped.length;
+    if (result.failed.length > 0) {
+      console.warn(`[telepty postinstall] Could not stop ${result.failed.length} daemon process(es).`);
+    }
+  } catch (err) {
+    console.warn(`[telepty postinstall] cleanupDaemonProcesses failed: ${err.message}`);
+  }
+  // launchd/systemd KeepAlive will respawn the daemon automatically on
+  // macOS/root-Linux. For other platforms (Windows, non-root Linux) or when
+  // the user disabled the service, spawn a fresh detached daemon so upgrades
+  // never silently leave the user without one.
+  try {
+    const bin = resolveTeleptyBin();
+    const child = spawn(bin, ['daemon'], { detached: true, stdio: 'ignore' });
+    child.unref();
+    console.log(`[telepty postinstall] Stopped ${stopped} stale daemon(s); spawned fresh ${pkg.version} daemon.`);
+  } catch (err) {
+    console.warn(`[telepty postinstall] Daemon respawn failed: ${err.message} (launchd/systemd may restart it automatically).`);
+  }
+})();

package/src/prompt-symbol-registry.js CHANGED Viewed

@@ -33,19 +33,49 @@ const ENTRIES = {
       return { found: false };
     },
   },
-  // codex renders idle as " › <placeholder>" (column 2). Status footer
-  // ("gpt-5.5 …" or "gpt-5 …") sits 1–2 lines below.
+  // #472 (0.4.5): codex previously matched on a strict line-leading "^ › "
+  // shape; on real cmux captures the '›' tail-renders on the same row as the
+  // model-status footer and DECRQM/cursor-pos fragments leak in, so that
+  // strict matcher misses. Multi-signal tolerant matcher: picker anti-pattern
+  // first (resume-picker UI must NOT be considered ready), then a tolerant
+  // (a + b) signal pair, then the legacy strict scan as a back-compat
+  // fallback. Reason field surfaces which signal fired for log-attribution.
   codex: {
     symbol: '›',
     byteSeq: Buffer.from([0xE2, 0x80, 0xBA]),
     detect(screen) {
-      const lines = String(screen == null ? '' : screen).split('\n');
+      const text = String(screen == null ? '' : screen);
+      // Step 1: modal-UI anti-pattern. Resume picker, first-run directory
+      // trust prompt, and generic "Press enter to continue" modals are all
+      // pre-prompt UIs where Enter would not submit a user message. Treat
+      // any of them as NOT ready.
+      if (
+        /Resume a previous session/.test(text) ||
+        /^Filter:/m.test(text) ||
+        /Do you trust the contents/i.test(text) ||
+        /Press enter to continue/i.test(text)
+      ) {
+        return { found: false, reason: 'codex_modal_ui' };
+      }
+      // Step 2: multi-signal tolerant. The codex boot box contains
+      // "OpenAI Codex (v<version>)" and the status row contains
+      // "gpt-<ver> <profile> fast". Both present anywhere on the captured
+      // screen → ready, regardless of where the literal '›' rendered.
+      if (/OpenAI Codex \(v/.test(text) && /gpt-[0-9.]+\s+\w+\s+fast/.test(text)) {
+        return { found: true, reason: 'codex_multi_signal' };
+      }
+      // Step 3: legacy strict line-leading scan — preserved for back-compat
+      // on clean cmux captures where the original matcher already worked.
+      const lines = text.split('\n');
       for (let i = lines.length - 1; i >= 0; i--) {
         const line = lines[i];
         if (!/^ › /.test(line)) continue;
         const footer = (lines[i + 1] || '') + '\n' + (lines[i + 2] || '');
         if (/gpt-\d/.test(footer)) {
-          return { found: true, line_index: i, col: 2 };
+          return { found: true, line_index: i, col: 2, reason: 'codex_strict_line' };
         }
       }
       return { found: false };

package/src/submit-gate.js CHANGED Viewed

@@ -227,7 +227,13 @@ async function awaitPromptSymbol(session, opts = {}) {
         if (lastSeenAt === null) {
           lastSeenAt = now();
         } else if (now() - lastSeenAt >= stabilityMs) {
-          return { ready: true, last_seen_at: lastSeenAt, waited_ms: now() - start };
+          // #472 (0.4.5): tag the success reason for debuggability — pairs
+          // with daemon.js startup-restore optimistic-ready logging so we
+          // can attribute every bootstrap_ready flip to a concrete signal.
+          if (match.reason && typeof console !== 'undefined' && console.log) {
+            console.log(`[bootstrap] ${session.command} ready via: ${match.reason}`);
+          }
+          return { ready: true, last_seen_at: lastSeenAt, waited_ms: now() - start, reason: match.reason };
         }
       } else {
         // symbol disappeared — reset the stability streak