@dmsdc-ai/aigentry-telepty 0.5.2 → 0.5.4

package/cli.js

@@ -1273,6 +1273,10 @@ async function main() {
     let wsReady = false;
     let reconnectAttempts = 0;
     let reconnectTimer = null;
+    // BUG-C: the daemon mints a per-owner token on each owner claim/reclaim and pushes it here.
+    // We echo it on the teardown DELETE so the daemon can tell our (current-owner) exit apart
+    // from a stale/displaced owner's exit and avoid the shared-fate teardown.
+    let currentOwnerToken = null;
     let lastInjectTextTime = 0;
     const MAX_RECONNECT_DELAY = 30000;
 
@@ -1318,6 +1322,10 @@ async function main() {
       daemonWs.on('message', (message) => {
         try {
           const msg = JSON.parse(message);
+          if (msg.type === 'owner_token') {
+            currentOwnerToken = msg.token || null;
+            return;
+          }
           if (msg.type === 'inject') {
             const chunks = [];
             const rawData = typeof msg.data === 'string' ? msg.data : String(msg.data ?? '');
@@ -1430,7 +1438,12 @@ async function main() {
       // Purge bridge mailbox on clean exit (undelivered messages are stale)
       try { bridgeMailbox.purge(bridgeTarget); } catch {}
       process.stdout.write(`\x1b]0;\x07`);
-      fetchWithAuth(`${DAEMON_URL}/api/sessions/${encodeURIComponent(sessionId)}`, { method: 'DELETE' }).catch(() => {});
+      // BUG-C: carry our owner token so the daemon destroys only on the CURRENT owner's exit;
+      // a stale/displaced owner's DELETE (mismatched token) must not tear down the live owner.
+      const deleteUrl = currentOwnerToken
+        ? `${DAEMON_URL}/api/sessions/${encodeURIComponent(sessionId)}?owner_token=${encodeURIComponent(currentOwnerToken)}`
+        : `${DAEMON_URL}/api/sessions/${encodeURIComponent(sessionId)}`;
+      fetchWithAuth(deleteUrl, { method: 'DELETE' }).catch(() => {});
       if (reconnectTimer) clearTimeout(reconnectTimer);
       try {
         daemonWs.close();

package/daemon.js

@@ -298,9 +298,20 @@ function fireAutoReport(targetId, targetSession, pendingReport, trigger, deps =
   const srcSession = _sessions[srcId];
   if (!srcSession) return;
 
+  // #537 / Bug B: a never-started worker (transient submit failure → claude startup
+  // busy→idle settle at ~4.5s) must NOT be reported TASK_COMPLETE. When a submit was
+  // expected, the elapsed floor and startup-polluted sawWorkingAfterInject are NOT trusted
+  // as proof of processing — require positive submit confirmation (screen-poll verify /
+  // honest force / gate-off). Paths with no submit expected keep the legacy floor/work rule.
+  const strongSubmitConfirmed = !!(
+    pendingReport.submitConfirmedAt ||
+    (pendingReport.submitConfirm && pendingReport.submitConfirm.accepted === true)
+  );
   const confirmed = trigger === 'ready-signal' && pendingReport.submitExpected
     ? false
-    : (elapsedNum >= AUTO_REPORT_MIN_REAL_SECONDS || hasSubmitEvidence);
+    : pendingReport.submitExpected
+      ? strongSubmitConfirmed
+      : (elapsedNum >= AUTO_REPORT_MIN_REAL_SECONDS || hasSubmitEvidence);
   const injTag = pendingReport.injectId ? ` inject=${pendingReport.injectId}` : '';
   const reportMsg = confirmed
     ? `TASK_COMPLETE: ${targetId} is now idle after processing inject (${elapsed}s, via ${trigger}${injTag})`
@@ -1184,6 +1195,19 @@ function terminalLevelSubmit(id, session) {
   return null;
 }
 
+// #537 / Bug B: a forced submit is only HONESTLY confirmed when its strategy actually
+// reached the rendered surface. On a cmux-backed session the surface is cmux; a `pty_cr`
+// fallback means `cmux send-key` failed ("Failed to write to socket") and the live CLI
+// never received Enter. Terminal-level strategies (kitty/cmux) are real delivery; a pty_cr
+// fallback on a cmux surface is NOT. Pure + exported so the decision is unit-testable.
+function forceSubmitDeliveredToSurface(session, strategy) {
+  if (!strategy) return false;
+  if (session && session.backend === 'cmux' && session.cmuxWorkspaceId && strategy === 'pty_cr') {
+    return false;
+  }
+  return true;
+}
+
 async function deliverInjectionToSession(id, session, prompt, options = {}) {
   const now = Date.now();
   if (!options.bypassBootstrapQueue && shouldQueueBootstrapOperation(session)) {
@@ -2190,11 +2214,19 @@ app.post('/api/sessions/:id/submit', async (req, res) => {
     }
     const strategy = terminalLevelSubmit(id, session);
     if (strategy) {
+      // #537 / Bug B: force-confirm must reflect ACTUAL delivery. A pty_cr fallback on a
+      // cmux surface means cmux send-key failed and Enter never reached the CLI — record
+      // UNCONFIRMED so the ENFORCE-REPORT gate never labels a never-delivered inject DONE.
+      const deliveredToSurface = forceSubmitDeliveredToSurface(session, strategy);
       if (injectedBody) {
-        markPendingReportSubmitConfirmed(id, { reason: 'force', attempts: 1 });
+        if (deliveredToSurface) {
+          markPendingReportSubmitConfirmed(id, { reason: 'force', attempts: 1 });
+        } else {
+          markPendingReportSubmitUnconfirmed(id, { reason: 'cmux_send_failed', attempts: 1, retryable: true });
+        }
       }
-      emitSubmitBus({ strategy, attempts: 1, gated: false, forced: true });
-      return res.json({ success: true, strategy, attempts: 1, gated: false, forced: true });
+      emitSubmitBus({ strategy, attempts: 1, gated: false, forced: true, submit_confirmed: deliveredToSurface });
+      return res.json({ success: true, strategy, attempts: 1, gated: false, forced: true, submit_confirmed: deliveredToSurface });
     }
     if (injectedBody) {
       markPendingReportSubmitUnconfirmed(id, { reason: 'strategy_failed', attempts: 0, retryable: false });
@@ -2757,6 +2789,18 @@ app.delete('/api/sessions/:id', (req, res) => {
   const session = sessions[resolvedId];
   const id = resolvedId;
   if (session.isClosing) return res.json({ success: true, status: 'closing' });
+  // BUG-C (shared-fate): a wrapped session can be co-bound by a stale/displaced owner bridge
+  // (duplicate --id). A DELETE carrying a token that is NOT the current owner's, while a live
+  // owner ws is still open, is that stale bridge exiting — it must NOT tear down the live owner.
+  // Detach-only (no-op): leave the record and every client untouched. Tokenless callers
+  // (operator `telepty delete`, ghost clean) and matching-token current-owner exits are
+  // unaffected. Forceful kills go through POST /:id/kill (teardownSessionById), not here.
+  const ownerToken = req.query.owner_token;
+  if (session.type === 'wrapped'
+      && ownerToken && session.ownerToken && ownerToken !== session.ownerToken
+      && isOpenWebSocket(session.ownerWs)) {
+    return res.json({ success: true, status: 'stale-detached' });
+  }
   try {
     session.isClosing = true;
     if (session.type === 'wrapped') {
@@ -3476,6 +3520,7 @@ if (require.main === module) {
 // production call sites is unchanged. NOT a public API — internal/test use only.
 module.exports = {
   fireAutoReport,                 // #32: provenance-tagged auto-report (deps DI: now/deliver/...)
+  forceSubmitDeliveredToSurface,  // #537/Bug B: honest force-confirm (pty_cr on cmux = not delivered)
   failBootstrapQueueOnTimeout,    // #31: actionable bootstrap-timeout queue flush
   shouldApplyOwnerAliveFloor,     // #29: owner-alive optimistic-floor decision (deps DI: isProcessRunning/...)
   scheduleBootstrapPromptPoll,    // #29: arms the floor timer (deps DI: setTimeout/...)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dmsdc-ai/aigentry-telepty",
-  "version": "0.5.2",
+  "version": "0.5.4",
   "main": "daemon.js",
   "bin": {
     "aigentry-telepty": "install.js",
@@ -35,9 +35,9 @@
   ],
   "scripts": {
     "postinstall": "node scripts/postinstall.js",
-    "test": "node --test test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
-    "test:watch": "node --test --watch test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js",
-    "test:ci": "node --test --test-reporter=spec test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
+    "test": "node --test test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/enforce-submit-gate.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
+    "test:watch": "node --test --watch test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/enforce-submit-gate.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js",
+    "test:ci": "node --test --test-reporter=spec test/auth.test.js test/http-auth.test.js test/daemon.test.js test/daemon-singleton.test.js test/integration/daemon-launch.test.js test/cli.test.js test/telepty-kill.test.js test/idle-ttl.test.js test/telepty-clean-older-than.test.js test/lifecycle-transport-agnostic.test.js test/skill-installer.test.js test/interactive-terminal.test.js test/runtime-info.test.js test/session-routing.test.js test/session-state.test.js test/session-store-persistence.test.js test/mailbox-lock.test.js test/report-enforcement.test.js test/enforce-report.test.js test/enforce-submit-gate.test.js test/submit-gate.test.js test/prompt-symbol-registry.test.js test/inject-submit-flags.test.js test/inject-submit-force-env.test.js test/host-spec.test.js test/cross-host-inject.test.js test/cross-machine-ssh-routing.test.js test/init.test.js test/win-resolve-executable.test.js test/version-handshake.test.js test/win-kill-process.test.js test/daemon-control-port-owner.test.js test/banner-stderr-jq-safety.test.js test/bridge-supervisor-ipc.test.js test/bridge-j3-shim.test.js test/bridge-e2e.test.js test/release-0.4.5-bugfixes.test.js && git diff --exit-code tests/snippet-protocol/v1/",
     "typecheck": "tsc --noEmit",
     "regen-fixtures": "node scripts/regen-snippet-fixtures.js"
   },

package/src/transport/websocket.js

@@ -1,5 +1,6 @@
 'use strict';
 
+const crypto = require('node:crypto');
 const { WebSocketServer } = require('ws');
 
 function isOpenWebSocket(ws) {
@@ -107,6 +108,13 @@ function installWebSocketTransport(deps) {
         activeSession.ownerWs.terminate();
       }
       activeSession.ownerWs = ws;
+      // BUG-C: mint a fresh per-owner token on every claim/reclaim and push it to this owner.
+      // The token is the exact "are-you-the-current-owner" discriminator the DELETE guard uses
+      // to suppress a stale/displaced owner's teardown (shared-fate fix). Reclaim refreshes it,
+      // so the live current owner always holds the current token while a displaced owner keeps a
+      // stale one.
+      activeSession.ownerToken = crypto.randomUUID();
+      try { ws.send(JSON.stringify({ type: 'owner_token', token: activeSession.ownerToken })); } catch {}
       markSessionConnected(activeSession);
       initializeBootstrapState(activeSession);
       console.log(`[WS] Wrap owner ${isOwnerConnect && activeSession.clients.size > 1 ? 're-' : ''}connected for session ${sessionId} (Total: ${activeSession.clients.size})`);