npm - @dotsetlabs/dotclaw - Versions diffs - 1.1.0 - Mend

@dotsetlabs/dotclaw 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/.env.example +54 -0
package/LICENSE +21 -0
package/README.md +111 -0
package/config-examples/groups/global/CLAUDE.md +21 -0
package/config-examples/groups/main/CLAUDE.md +47 -0
package/config-examples/mount-allowlist.json +25 -0
package/config-examples/plugin-http.json +18 -0
package/config-examples/runtime.json +30 -0
package/config-examples/tool-budgets.json +24 -0
package/config-examples/tool-policy.json +51 -0
package/container/.dockerignore +6 -0
package/container/Dockerfile +74 -0
package/container/agent-runner/package-lock.json +92 -0
package/container/agent-runner/package.json +20 -0
package/container/agent-runner/src/agent-config.ts +295 -0
package/container/agent-runner/src/container-protocol.ts +73 -0
package/container/agent-runner/src/daemon.ts +91 -0
package/container/agent-runner/src/index.ts +1428 -0
package/container/agent-runner/src/ipc.ts +321 -0
package/container/agent-runner/src/memory.ts +336 -0
package/container/agent-runner/src/prompt-packs.ts +341 -0
package/container/agent-runner/src/tools.ts +1720 -0
package/container/agent-runner/tsconfig.json +19 -0
package/container/build.sh +23 -0
package/container/skills/agent-browser.md +159 -0
package/dist/admin-commands.d.ts +7 -0
package/dist/admin-commands.d.ts.map +1 -0
package/dist/admin-commands.js +87 -0
package/dist/admin-commands.js.map +1 -0
package/dist/agent-context.d.ts +42 -0
package/dist/agent-context.d.ts.map +1 -0
package/dist/agent-context.js +92 -0
package/dist/agent-context.js.map +1 -0
package/dist/agent-execution.d.ts +68 -0
package/dist/agent-execution.d.ts.map +1 -0
package/dist/agent-execution.js +169 -0
package/dist/agent-execution.js.map +1 -0
package/dist/agent-semaphore.d.ts +2 -0
package/dist/agent-semaphore.d.ts.map +1 -0
package/dist/agent-semaphore.js +52 -0
package/dist/agent-semaphore.js.map +1 -0
package/dist/behavior-config.d.ts +14 -0
package/dist/behavior-config.d.ts.map +1 -0
package/dist/behavior-config.js +52 -0
package/dist/behavior-config.js.map +1 -0
package/dist/cli.d.ts +3 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +626 -0
package/dist/cli.js.map +1 -0
package/dist/config.d.ts +31 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +38 -0
package/dist/config.js.map +1 -0
package/dist/container-protocol.d.ts +72 -0
package/dist/container-protocol.d.ts.map +1 -0
package/dist/container-protocol.js +3 -0
package/dist/container-protocol.js.map +1 -0
package/dist/container-runner.d.ts +59 -0
package/dist/container-runner.d.ts.map +1 -0
package/dist/container-runner.js +813 -0
package/dist/container-runner.js.map +1 -0
package/dist/cost.d.ts +9 -0
package/dist/cost.d.ts.map +1 -0
package/dist/cost.js +11 -0
package/dist/cost.js.map +1 -0
package/dist/dashboard.d.ts +58 -0
package/dist/dashboard.d.ts.map +1 -0
package/dist/dashboard.js +471 -0
package/dist/dashboard.js.map +1 -0
package/dist/db.d.ts +99 -0
package/dist/db.d.ts.map +1 -0
package/dist/db.js +423 -0
package/dist/db.js.map +1 -0
package/dist/error-messages.d.ts +17 -0
package/dist/error-messages.d.ts.map +1 -0
package/dist/error-messages.js +109 -0
package/dist/error-messages.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2072 -0
package/dist/index.js.map +1 -0
package/dist/locks.d.ts +2 -0
package/dist/locks.d.ts.map +1 -0
package/dist/locks.js +26 -0
package/dist/locks.js.map +1 -0
package/dist/logger.d.ts +4 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +15 -0
package/dist/logger.js.map +1 -0
package/dist/maintenance.d.ts +13 -0
package/dist/maintenance.d.ts.map +1 -0
package/dist/maintenance.js +151 -0
package/dist/maintenance.js.map +1 -0
package/dist/memory-embeddings.d.ts +13 -0
package/dist/memory-embeddings.d.ts.map +1 -0
package/dist/memory-embeddings.js +126 -0
package/dist/memory-embeddings.js.map +1 -0
package/dist/memory-recall.d.ts +8 -0
package/dist/memory-recall.d.ts.map +1 -0
package/dist/memory-recall.js +127 -0
package/dist/memory-recall.js.map +1 -0
package/dist/memory-store.d.ts +149 -0
package/dist/memory-store.d.ts.map +1 -0
package/dist/memory-store.js +787 -0
package/dist/memory-store.js.map +1 -0
package/dist/metrics.d.ts +12 -0
package/dist/metrics.d.ts.map +1 -0
package/dist/metrics.js +134 -0
package/dist/metrics.js.map +1 -0
package/dist/model-registry.d.ts +67 -0
package/dist/model-registry.d.ts.map +1 -0
package/dist/model-registry.js +230 -0
package/dist/model-registry.js.map +1 -0
package/dist/mount-security.d.ts +37 -0
package/dist/mount-security.d.ts.map +1 -0
package/dist/mount-security.js +284 -0
package/dist/mount-security.js.map +1 -0
package/dist/paths.d.ts +80 -0
package/dist/paths.d.ts.map +1 -0
package/dist/paths.js +149 -0
package/dist/paths.js.map +1 -0
package/dist/personalization.d.ts +6 -0
package/dist/personalization.d.ts.map +1 -0
package/dist/personalization.js +180 -0
package/dist/personalization.js.map +1 -0
package/dist/progress.d.ts +15 -0
package/dist/progress.d.ts.map +1 -0
package/dist/progress.js +92 -0
package/dist/progress.js.map +1 -0
package/dist/runtime-config.d.ts +227 -0
package/dist/runtime-config.d.ts.map +1 -0
package/dist/runtime-config.js +297 -0
package/dist/runtime-config.js.map +1 -0
package/dist/task-scheduler.d.ts +9 -0
package/dist/task-scheduler.d.ts.map +1 -0
package/dist/task-scheduler.js +195 -0
package/dist/task-scheduler.js.map +1 -0
package/dist/telegram-format.d.ts +3 -0
package/dist/telegram-format.d.ts.map +1 -0
package/dist/telegram-format.js +200 -0
package/dist/telegram-format.js.map +1 -0
package/dist/tool-budgets.d.ts +16 -0
package/dist/tool-budgets.d.ts.map +1 -0
package/dist/tool-budgets.js +83 -0
package/dist/tool-budgets.js.map +1 -0
package/dist/tool-policy.d.ts +18 -0
package/dist/tool-policy.d.ts.map +1 -0
package/dist/tool-policy.js +84 -0
package/dist/tool-policy.js.map +1 -0
package/dist/trace-writer.d.ts +39 -0
package/dist/trace-writer.d.ts.map +1 -0
package/dist/trace-writer.js +27 -0
package/dist/trace-writer.js.map +1 -0
package/dist/types.d.ts +81 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +2 -0
package/dist/types.js.map +1 -0
package/dist/utils.d.ts +4 -0
package/dist/utils.d.ts.map +1 -0
package/dist/utils.js +30 -0
package/dist/utils.js.map +1 -0
package/launchd/com.dotclaw.plist +32 -0
package/package.json +89 -0
package/scripts/autotune.js +53 -0
package/scripts/bootstrap.js +348 -0
package/scripts/configure.js +200 -0
package/scripts/doctor.js +164 -0
package/scripts/init.js +209 -0
package/scripts/install.sh +219 -0
package/systemd/dotclaw.service +22 -0

package/dist/container-runner.js ADDED Viewed

@@ -0,0 +1,813 @@
+/**
+ * Container Runner for DotClaw
+ * Spawns agent execution in Docker container and handles IPC
+ */
+import { spawn, execSync, spawnSync } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+import { CONTAINER_IMAGE, CONTAINER_TIMEOUT, CONTAINER_MAX_OUTPUT_SIZE, CONTAINER_PIDS_LIMIT, CONTAINER_MEMORY, CONTAINER_CPUS, CONTAINER_READONLY_ROOT, CONTAINER_TMPFS_SIZE, CONTAINER_RUN_UID, CONTAINER_RUN_GID, CONTAINER_MODE, CONTAINER_DAEMON_POLL_MS, GROUPS_DIR, CONFIG_DIR, DATA_DIR, ENV_PATH, PROMPT_PACKS_DIR } from './config.js';
+import { PACKAGE_ROOT } from './paths.js';
+import { validateAdditionalMounts } from './mount-security.js';
+import { loadRuntimeConfig } from './runtime-config.js';
+import { OUTPUT_START_MARKER, OUTPUT_END_MARKER } from './container-protocol.js';
+import { logger } from './logger.js';
+const runtime = loadRuntimeConfig();
+// Sentinel markers for robust output parsing (must match agent-runner)
+const CONTAINER_ID_DIR = path.join(DATA_DIR, 'tmp');
+function buildVolumeMounts(group, isMain) {
+    const mounts = [];
+    const envFile = ENV_PATH;
+    if (isMain) {
+        // Main gets the package root mounted (read-only for safety)
+        mounts.push({
+            hostPath: PACKAGE_ROOT,
+            containerPath: '/workspace/project',
+            readonly: true
+        });
+        // Mask .env inside the package root to avoid leaking secrets to the container
+        const packageEnvFile = path.join(PACKAGE_ROOT, '.env');
+        if (fs.existsSync(packageEnvFile)) {
+            const envMaskDir = path.join(DATA_DIR, 'env');
+            const envMaskFile = path.join(envMaskDir, '.env-mask');
+            fs.mkdirSync(envMaskDir, { recursive: true });
+            if (!fs.existsSync(envMaskFile)) {
+                fs.writeFileSync(envMaskFile, '');
+            }
+            mounts.push({
+                hostPath: envMaskFile,
+                containerPath: '/workspace/project/.env',
+                readonly: true
+            });
+        }
+        // Main also gets its group folder as the working directory
+        mounts.push({
+            hostPath: path.join(GROUPS_DIR, group.folder),
+            containerPath: '/workspace/group',
+            readonly: false
+        });
+        // Global memory/prompts directory (read-only)
+        const globalDir = path.join(GROUPS_DIR, 'global');
+        if (fs.existsSync(globalDir)) {
+            mounts.push({
+                hostPath: globalDir,
+                containerPath: '/workspace/global',
+                readonly: true
+            });
+        }
+    }
+    else {
+        // Other groups only get their own folder
+        mounts.push({
+            hostPath: path.join(GROUPS_DIR, group.folder),
+            containerPath: '/workspace/group',
+            readonly: false
+        });
+        // Global memory directory (read-only for non-main)
+        // Docker bind mounts work with both files and directories
+        const globalDir = path.join(GROUPS_DIR, 'global');
+        if (fs.existsSync(globalDir)) {
+            mounts.push({
+                hostPath: globalDir,
+                containerPath: '/workspace/global',
+                readonly: true
+            });
+        }
+    }
+    // Per-group OpenRouter sessions directory (isolated from other groups)
+    // Each group gets their own session store to prevent cross-group access
+    const groupSessionsDir = path.join(DATA_DIR, 'sessions', group.folder, 'openrouter');
+    fs.mkdirSync(groupSessionsDir, { recursive: true });
+    try {
+        fs.chmodSync(groupSessionsDir, 0o700);
+    }
+    catch {
+        logger.warn({ path: groupSessionsDir }, 'Could not chmod sessions directory');
+    }
+    mounts.push({
+        hostPath: groupSessionsDir,
+        containerPath: '/workspace/session',
+        readonly: false
+    });
+    // Per-group IPC namespace: each group gets its own IPC directory
+    // This prevents cross-group privilege escalation via IPC
+    const groupIpcDir = path.join(DATA_DIR, 'ipc', group.folder);
+    const messagesDir = path.join(groupIpcDir, 'messages');
+    const tasksDir = path.join(groupIpcDir, 'tasks');
+    const requestsDir = path.join(groupIpcDir, 'requests');
+    const responsesDir = path.join(groupIpcDir, 'responses');
+    const agentRequestsDir = path.join(groupIpcDir, 'agent_requests');
+    const agentResponsesDir = path.join(groupIpcDir, 'agent_responses');
+    fs.mkdirSync(messagesDir, { recursive: true });
+    fs.mkdirSync(tasksDir, { recursive: true });
+    fs.mkdirSync(requestsDir, { recursive: true });
+    fs.mkdirSync(responsesDir, { recursive: true });
+    fs.mkdirSync(agentRequestsDir, { recursive: true });
+    fs.mkdirSync(agentResponsesDir, { recursive: true });
+    // Ensure container user can write to IPC directories on Linux
+    // On macOS/Docker Desktop this is handled by file sharing, but on native Linux
+    // the container user needs explicit write permission to the mounted volume
+    // Use try/catch in case directories are owned by a different user (e.g., root)
+    try {
+        fs.chmodSync(groupIpcDir, 0o770);
+        fs.chmodSync(messagesDir, 0o770);
+        fs.chmodSync(tasksDir, 0o770);
+        fs.chmodSync(requestsDir, 0o770);
+        fs.chmodSync(responsesDir, 0o770);
+        fs.chmodSync(agentRequestsDir, 0o770);
+        fs.chmodSync(agentResponsesDir, 0o770);
+    }
+    catch {
+        // Permissions may already be correct, or user needs to fix ownership manually
+        logger.warn({ path: groupIpcDir, dataDir: DATA_DIR }, 'Could not chmod IPC directories - run: sudo chown -R $USER ~/.dotclaw/data/ipc');
+    }
+    mounts.push({
+        hostPath: groupIpcDir,
+        containerPath: '/workspace/ipc',
+        readonly: false
+    });
+    // Shared prompt packs directory (autotune output)
+    if (PROMPT_PACKS_DIR && fs.existsSync(PROMPT_PACKS_DIR)) {
+        mounts.push({
+            hostPath: PROMPT_PACKS_DIR,
+            containerPath: '/workspace/prompts',
+            readonly: true
+        });
+    }
+    // Config directory (read-only) - contains runtime.json and other config files
+    if (fs.existsSync(CONFIG_DIR)) {
+        mounts.push({
+            hostPath: CONFIG_DIR,
+            containerPath: '/workspace/config',
+            readonly: true
+        });
+    }
+    // Data directory (read-only) - contains databases, sessions, etc.
+    // Note: do NOT mount the full data directory into containers.
+    // This prevents cross-group leakage of sessions, IPC, and databases.
+    // Environment file directory (keeps credentials out of process listings)
+    // Inject only secrets from .env
+    const envDir = path.join(DATA_DIR, 'env');
+    fs.mkdirSync(envDir, { recursive: true });
+    try {
+        fs.chmodSync(envDir, 0o700);
+    }
+    catch {
+        logger.warn({ path: envDir }, 'Could not chmod env directory');
+    }
+    const envVars = new Map();
+    const setEnvVar = (key, value, source) => {
+        if (!/^[A-Z0-9_]+$/.test(key)) {
+            logger.warn({ key, source }, 'Skipping invalid env var name for container');
+            return;
+        }
+        if (value.includes('\n')) {
+            logger.warn({ key, source }, 'Skipping env var with newline for container');
+            return;
+        }
+        envVars.set(key, value);
+    };
+    if (fs.existsSync(envFile)) {
+        const envContent = fs.readFileSync(envFile, 'utf-8');
+        const secretVars = new Set([
+            'OPENROUTER_API_KEY',
+            'BRAVE_SEARCH_API_KEY'
+        ]);
+        for (const line of envContent.split('\n')) {
+            const trimmed = line.trim();
+            if (!trimmed || trimmed.startsWith('#'))
+                continue;
+            const idx = trimmed.indexOf('=');
+            if (idx === -1)
+                continue;
+            const key = trimmed.slice(0, idx).trim();
+            if (!secretVars.has(key))
+                continue;
+            const value = trimmed.slice(idx + 1);
+            setEnvVar(key, value, 'dotenv');
+        }
+    }
+    if (group.containerConfig?.env) {
+        for (const [key, value] of Object.entries(group.containerConfig.env)) {
+            if (typeof value !== 'string')
+                continue;
+            setEnvVar(key, value, 'containerConfig');
+        }
+    }
+    if (envVars.size > 0) {
+        const mergedLines = Array.from(envVars.entries()).map(([key, value]) => `${key}=${value}`);
+        const envOutPath = path.join(envDir, 'env');
+        fs.writeFileSync(envOutPath, mergedLines.join('\n') + '\n');
+        try {
+            fs.chmodSync(envOutPath, 0o600);
+        }
+        catch {
+            logger.warn({ path: envOutPath }, 'Could not chmod env file');
+        }
+        mounts.push({
+            hostPath: envDir,
+            containerPath: '/workspace/env-dir',
+            readonly: true
+        });
+    }
+    // Additional mounts validated against external allowlist (tamper-proof from containers)
+    if (group.containerConfig?.additionalMounts) {
+        const validatedMounts = validateAdditionalMounts(group.containerConfig.additionalMounts, group.name, isMain);
+        mounts.push(...validatedMounts);
+    }
+    return mounts;
+}
+function buildContainerArgs(mounts, cidFile) {
+    const args = ['run', '-i', '--rm'];
+    // Security hardening
+    args.push('--cap-drop=ALL');
+    args.push('--security-opt=no-new-privileges');
+    args.push(`--pids-limit=${CONTAINER_PIDS_LIMIT}`);
+    if (cidFile) {
+        args.push('--cidfile', cidFile);
+    }
+    const runUid = CONTAINER_RUN_UID ? CONTAINER_RUN_UID.trim() : '';
+    const runGid = CONTAINER_RUN_GID ? CONTAINER_RUN_GID.trim() : '';
+    if (runUid) {
+        args.push('--user', runGid ? `${runUid}:${runGid}` : runUid);
+    }
+    args.push('--env', 'HOME=/tmp');
+    if (CONTAINER_MEMORY) {
+        args.push(`--memory=${CONTAINER_MEMORY}`);
+    }
+    if (CONTAINER_CPUS) {
+        args.push(`--cpus=${CONTAINER_CPUS}`);
+    }
+    if (CONTAINER_READONLY_ROOT) {
+        args.push('--read-only');
+        const tmpfsOptions = ['rw', 'noexec', 'nosuid', `size=${CONTAINER_TMPFS_SIZE}`];
+        if (runUid)
+            tmpfsOptions.push(`uid=${runUid}`);
+        if (runGid)
+            tmpfsOptions.push(`gid=${runGid}`);
+        args.push('--tmpfs', `/tmp:${tmpfsOptions.join(',')}`);
+        args.push('--tmpfs', `/home/node:${tmpfsOptions.join(',')}`);
+    }
+    // Docker: -v with :ro suffix for readonly
+    for (const mount of mounts) {
+        if (mount.readonly) {
+            args.push('-v', `${mount.hostPath}:${mount.containerPath}:ro`);
+        }
+        else {
+            args.push('-v', `${mount.hostPath}:${mount.containerPath}`);
+        }
+    }
+    args.push(CONTAINER_IMAGE);
+    return args;
+}
+function buildDaemonArgs(mounts, containerName, groupFolder) {
+    const args = ['run', '-d', '--rm', '--name', containerName, '--label', `dotclaw.group=${groupFolder}`];
+    // Security hardening
+    args.push('--cap-drop=ALL');
+    args.push('--security-opt=no-new-privileges');
+    args.push(`--pids-limit=${CONTAINER_PIDS_LIMIT}`);
+    const runUid = CONTAINER_RUN_UID ? CONTAINER_RUN_UID.trim() : '';
+    const runGid = CONTAINER_RUN_GID ? CONTAINER_RUN_GID.trim() : '';
+    if (runUid) {
+        args.push('--user', runGid ? `${runUid}:${runGid}` : runUid);
+    }
+    args.push('--env', 'HOME=/tmp');
+    args.push('--env', 'DOTCLAW_DAEMON=1');
+    if (CONTAINER_MEMORY) {
+        args.push(`--memory=${CONTAINER_MEMORY}`);
+    }
+    if (CONTAINER_CPUS) {
+        args.push(`--cpus=${CONTAINER_CPUS}`);
+    }
+    if (CONTAINER_READONLY_ROOT) {
+        args.push('--read-only');
+        const tmpfsOptions = ['rw', 'noexec', 'nosuid', `size=${CONTAINER_TMPFS_SIZE}`];
+        if (runUid)
+            tmpfsOptions.push(`uid=${runUid}`);
+        if (runGid)
+            tmpfsOptions.push(`gid=${runGid}`);
+        args.push('--tmpfs', `/tmp:${tmpfsOptions.join(',')}`);
+        args.push('--tmpfs', `/home/node:${tmpfsOptions.join(',')}`);
+    }
+    for (const mount of mounts) {
+        if (mount.readonly) {
+            args.push('-v', `${mount.hostPath}:${mount.containerPath}:ro`);
+        }
+        else {
+            args.push('-v', `${mount.hostPath}:${mount.containerPath}`);
+        }
+    }
+    args.push(CONTAINER_IMAGE);
+    return args;
+}
+function getDaemonContainerName(groupFolder) {
+    return `dotclaw-agent-${groupFolder}`;
+}
+function isContainerRunning(name) {
+    try {
+        const output = execSync(`docker ps --filter "name=${name}" --format "{{.ID}}"`, { stdio: 'pipe' })
+            .toString()
+            .trim();
+        return output.length > 0;
+    }
+    catch {
+        return false;
+    }
+}
+const DAEMON_HEALTH_CHECK_INTERVAL_MS = 60_000; // Check every 60 seconds
+const DAEMON_HEARTBEAT_MAX_AGE_MS = 30_000; // Consider unhealthy if heartbeat older than 30s
+/**
+ * Check if a daemon container is healthy by reading its heartbeat file
+ */
+export function checkDaemonHealth(groupFolder) {
+    const heartbeatPath = path.join(DATA_DIR, 'ipc', groupFolder, 'heartbeat');
+    try {
+        if (!fs.existsSync(heartbeatPath)) {
+            return { healthy: false };
+        }
+        const content = fs.readFileSync(heartbeatPath, 'utf-8').trim();
+        const lastHeartbeat = parseInt(content, 10);
+        if (!Number.isFinite(lastHeartbeat)) {
+            return { healthy: false };
+        }
+        const ageMs = Date.now() - lastHeartbeat;
+        return {
+            healthy: ageMs < DAEMON_HEARTBEAT_MAX_AGE_MS,
+            lastHeartbeat,
+            ageMs
+        };
+    }
+    catch {
+        return { healthy: false };
+    }
+}
+/**
+ * Restart a daemon container if unhealthy
+ */
+export function restartDaemonContainer(group, isMain) {
+    const containerName = getDaemonContainerName(group.folder);
+    // Stop existing container
+    try {
+        execSync(`docker rm -f ${containerName}`, { stdio: 'ignore' });
+    }
+    catch {
+        // Ignore if container doesn't exist
+    }
+    // Start new container
+    const mounts = buildVolumeMounts(group, isMain);
+    ensureDaemonContainer(mounts, group.folder);
+    logger.info({ groupFolder: group.folder }, 'Daemon container restarted');
+}
+// Track daemon health check state
+let healthCheckInterval = null;
+const unhealthyDaemons = new Map(); // Track consecutive unhealthy checks
+/**
+ * Perform health check on all daemon containers and restart if needed
+ */
+export function performDaemonHealthChecks(getRegisteredGroups, mainGroupFolder) {
+    if (CONTAINER_MODE !== 'daemon')
+        return;
+    const groups = getRegisteredGroups();
+    for (const [, group] of Object.entries(groups)) {
+        const containerName = getDaemonContainerName(group.folder);
+        // Skip if container isn't running (may be intentionally stopped)
+        if (!isContainerRunning(containerName)) {
+            unhealthyDaemons.delete(group.folder);
+            continue;
+        }
+        const health = checkDaemonHealth(group.folder);
+        if (health.healthy) {
+            unhealthyDaemons.delete(group.folder);
+        }
+        else {
+            const consecutiveFailures = (unhealthyDaemons.get(group.folder) || 0) + 1;
+            unhealthyDaemons.set(group.folder, consecutiveFailures);
+            logger.warn({
+                groupFolder: group.folder,
+                consecutiveFailures,
+                ageMs: health.ageMs
+            }, 'Daemon container unhealthy');
+            // Restart after 2 consecutive failures
+            if (consecutiveFailures >= 2) {
+                logger.info({ groupFolder: group.folder }, 'Restarting unhealthy daemon');
+                restartDaemonContainer(group, group.folder === mainGroupFolder);
+                unhealthyDaemons.delete(group.folder);
+            }
+        }
+    }
+}
+/**
+ * Start the daemon health check loop
+ */
+export function startDaemonHealthCheckLoop(getRegisteredGroups, mainGroupFolder) {
+    if (CONTAINER_MODE !== 'daemon')
+        return;
+    if (healthCheckInterval)
+        return;
+    healthCheckInterval = setInterval(() => {
+        performDaemonHealthChecks(getRegisteredGroups, mainGroupFolder);
+    }, DAEMON_HEALTH_CHECK_INTERVAL_MS);
+    logger.info('Daemon health check loop started');
+}
+/**
+ * Stop the daemon health check loop
+ */
+export function stopDaemonHealthCheckLoop() {
+    if (healthCheckInterval) {
+        clearInterval(healthCheckInterval);
+        healthCheckInterval = null;
+    }
+}
+function ensureDaemonContainer(mounts, groupFolder) {
+    const containerName = getDaemonContainerName(groupFolder);
+    if (isContainerRunning(containerName))
+        return;
+    try {
+        execSync(`docker rm -f ${containerName}`, { stdio: 'ignore' });
+    }
+    catch {
+        // ignore if container doesn't exist
+    }
+    const args = buildDaemonArgs(mounts, containerName, groupFolder);
+    const result = spawnSync('docker', args, { stdio: 'ignore' });
+    if (result.status !== 0) {
+        logger.error({ groupFolder, status: result.status }, 'Failed to start daemon container');
+        throw new Error(`Failed to start daemon container for ${groupFolder}`);
+    }
+}
+export function warmGroupContainer(group, isMain) {
+    if (CONTAINER_MODE !== 'daemon')
+        return;
+    const mounts = buildVolumeMounts(group, isMain);
+    ensureDaemonContainer(mounts, group.folder);
+}
+function writeAgentRequest(groupFolder, payload) {
+    const id = `agent-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+    const requestsDir = path.join(DATA_DIR, 'ipc', groupFolder, 'agent_requests');
+    const responsesDir = path.join(DATA_DIR, 'ipc', groupFolder, 'agent_responses');
+    fs.mkdirSync(requestsDir, { recursive: true });
+    fs.mkdirSync(responsesDir, { recursive: true });
+    const requestPath = path.join(requestsDir, `${id}.json`);
+    const responsePath = path.join(responsesDir, `${id}.json`);
+    const tempPath = `${requestPath}.tmp`;
+    fs.writeFileSync(tempPath, JSON.stringify({ id, input: payload }, null, 2));
+    fs.renameSync(tempPath, requestPath);
+    return { id, requestPath, responsePath };
+}
+async function waitForAgentResponse(responsePath, timeoutMs, abortSignal) {
+    const start = Date.now();
+    while (Date.now() - start < timeoutMs) {
+        if (abortSignal?.aborted) {
+            throw new Error('Agent run preempted');
+        }
+        if (fs.existsSync(responsePath)) {
+            const raw = fs.readFileSync(responsePath, 'utf-8');
+            fs.unlinkSync(responsePath);
+            try {
+                return JSON.parse(raw);
+            }
+            catch (err) {
+                throw new Error(`Failed to parse daemon response: ${err instanceof Error ? err.message : String(err)}`);
+            }
+        }
+        await new Promise(resolve => setTimeout(resolve, CONTAINER_DAEMON_POLL_MS));
+    }
+    throw new Error(`Daemon response timeout after ${timeoutMs}ms`);
+}
+function readContainerId(cidFile) {
+    try {
+        const id = fs.readFileSync(cidFile, 'utf-8').trim();
+        return id ? id : null;
+    }
+    catch {
+        return null;
+    }
+}
+function removeContainerById(containerId, reason) {
+    if (!containerId)
+        return;
+    logger.warn({ containerId, reason }, 'Removing container');
+    spawn('docker', ['rm', '-f', containerId], { stdio: 'ignore' });
+}
+export async function runContainerAgent(group, input, options) {
+    if (CONTAINER_MODE === 'daemon') {
+        return runContainerAgentDaemon(group, input, options);
+    }
+    const startTime = Date.now();
+    const groupDir = path.join(GROUPS_DIR, group.folder);
+    fs.mkdirSync(groupDir, { recursive: true });
+    const mounts = buildVolumeMounts(group, input.isMain);
+    fs.mkdirSync(CONTAINER_ID_DIR, { recursive: true });
+    const cidFile = path.join(CONTAINER_ID_DIR, `container-${Date.now()}-${Math.random().toString(36).slice(2, 8)}.cid`);
+    try {
+        fs.rmSync(cidFile, { force: true });
+    }
+    catch {
+        // ignore cleanup failure
+    }
+    const containerArgs = buildContainerArgs(mounts, cidFile);
+    logger.debug({
+        group: group.name,
+        mounts: mounts.map(m => `${m.hostPath} -> ${m.containerPath}${m.readonly ? ' (ro)' : ''}`),
+        containerArgs: containerArgs.join(' ')
+    }, 'Container mount configuration');
+    logger.info({
+        group: group.name,
+        mountCount: mounts.length,
+        isMain: input.isMain
+    }, 'Spawning container agent');
+    const logsDir = path.join(GROUPS_DIR, group.folder, 'logs');
+    fs.mkdirSync(logsDir, { recursive: true });
+    return new Promise((resolve) => {
+        const container = spawn('docker', containerArgs, {
+            stdio: ['pipe', 'pipe', 'pipe']
+        });
+        let stdout = '';
+        let stderr = '';
+        let stdoutTruncated = false;
+        let stderrTruncated = false;
+        let resolved = false;
+        container.stdin.write(JSON.stringify(input));
+        container.stdin.end();
+        container.stdout.on('data', (data) => {
+            if (stdoutTruncated)
+                return;
+            const chunk = data.toString();
+            const remaining = CONTAINER_MAX_OUTPUT_SIZE - stdout.length;
+            if (chunk.length > remaining) {
+                stdout += chunk.slice(0, remaining);
+                stdoutTruncated = true;
+                logger.warn({ group: group.name, size: stdout.length }, 'Container stdout truncated due to size limit');
+            }
+            else {
+                stdout += chunk;
+            }
+        });
+        container.stderr.on('data', (data) => {
+            const chunk = data.toString();
+            const lines = chunk.trim().split('\n');
+            for (const line of lines) {
+                if (line)
+                    logger.debug({ container: group.folder }, line);
+            }
+            if (stderrTruncated)
+                return;
+            const remaining = CONTAINER_MAX_OUTPUT_SIZE - stderr.length;
+            if (chunk.length > remaining) {
+                stderr += chunk.slice(0, remaining);
+                stderrTruncated = true;
+                logger.warn({ group: group.name, size: stderr.length }, 'Container stderr truncated due to size limit');
+            }
+            else {
+                stderr += chunk;
+            }
+        });
+        const cleanupCid = () => {
+            try {
+                fs.rmSync(cidFile, { force: true });
+            }
+            catch {
+                // ignore cleanup failure
+            }
+        };
+        const stopContainer = (reason) => {
+            const containerId = readContainerId(cidFile);
+            if (containerId) {
+                removeContainerById(containerId, reason);
+            }
+        };
+        const timeoutMs = group.containerConfig?.timeout || CONTAINER_TIMEOUT;
+        const timeout = setTimeout(() => {
+            logger.error({ group: group.name }, 'Container timeout, killing');
+            stopContainer('timeout');
+            container.kill('SIGKILL');
+            if (resolved)
+                return;
+            resolved = true;
+            resolve({
+                status: 'error',
+                result: null,
+                error: `Container timed out after ${timeoutMs}ms`
+            });
+        }, timeoutMs);
+        const abortSignal = options?.abortSignal;
+        const abortHandler = () => {
+            if (resolved)
+                return;
+            resolved = true;
+            logger.warn({ group: group.name }, 'Container run preempted');
+            stopContainer('preempted');
+            container.kill('SIGKILL');
+            clearTimeout(timeout);
+            cleanupCid();
+            resolve({
+                status: 'error',
+                result: null,
+                error: 'Container run preempted'
+            });
+        };
+        if (abortSignal) {
+            if (abortSignal.aborted) {
+                abortHandler();
+            }
+            else {
+                abortSignal.addEventListener('abort', abortHandler, { once: true });
+            }
+        }
+        container.on('close', (code) => {
+            if (resolved)
+                return;
+            resolved = true;
+            clearTimeout(timeout);
+            if (abortSignal) {
+                abortSignal.removeEventListener('abort', abortHandler);
+            }
+            cleanupCid();
+            const duration = Date.now() - startTime;
+            const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+            const logFile = path.join(logsDir, `container-${timestamp}.log`);
+            const isVerbose = runtime.host.logLevel === 'debug' || runtime.host.logLevel === 'trace';
+            const logLines = [
+                `=== Container Run Log ===`,
+                `Timestamp: ${new Date().toISOString()}`,
+                `Group: ${group.name}`,
+                `IsMain: ${input.isMain}`,
+                `Duration: ${duration}ms`,
+                `Exit Code: ${code}`,
+                `Stdout Truncated: ${stdoutTruncated}`,
+                `Stderr Truncated: ${stderrTruncated}`,
+                ``
+            ];
+            if (isVerbose) {
+                logLines.push(`=== Input ===`, JSON.stringify(input, null, 2), ``, `=== Container Args ===`, containerArgs.join(' '), ``, `=== Mounts ===`, mounts.map(m => `${m.hostPath} -> ${m.containerPath}${m.readonly ? ' (ro)' : ''}`).join('\n'), ``, `=== Stderr${stderrTruncated ? ' (TRUNCATED)' : ''} ===`, stderr, ``, `=== Stdout${stdoutTruncated ? ' (TRUNCATED)' : ''} ===`, stdout);
+            }
+            else {
+                logLines.push(`=== Input Summary ===`, `Prompt length: ${input.prompt.length} chars`, `Session ID: ${input.sessionId || 'new'}`, ``, `=== Mounts ===`, mounts.map(m => `${m.containerPath}${m.readonly ? ' (ro)' : ''}`).join('\n'), ``);
+                if (code !== 0) {
+                    logLines.push(`=== Stderr (last 500 chars) ===`, stderr.slice(-500), ``);
+                }
+            }
+            fs.writeFileSync(logFile, logLines.join('\n'));
+            logger.debug({ logFile, verbose: isVerbose }, 'Container log written');
+            if (code !== 0) {
+                logger.error({
+                    group: group.name,
+                    code,
+                    duration,
+                    stderr: stderr.slice(-500),
+                    logFile
+                }, 'Container exited with error');
+                resolve({
+                    status: 'error',
+                    result: null,
+                    error: `Container exited with code ${code}: ${stderr.slice(-200)}`
+                });
+                return;
+            }
+            try {
+                // Extract JSON between sentinel markers for robust parsing
+                const startIdx = stdout.indexOf(OUTPUT_START_MARKER);
+                const endIdx = stdout.indexOf(OUTPUT_END_MARKER);
+                let jsonLine;
+                if (startIdx !== -1 && endIdx !== -1 && endIdx > startIdx) {
+                    jsonLine = stdout.slice(startIdx + OUTPUT_START_MARKER.length, endIdx).trim();
+                }
+                else {
+                    // Fallback: last non-empty line (backwards compatibility)
+                    const lines = stdout.trim().split('\n');
+                    jsonLine = lines[lines.length - 1];
+                }
+                const output = JSON.parse(jsonLine);
+                logger.info({
+                    group: group.name,
+                    duration,
+                    status: output.status,
+                    hasResult: !!output.result
+                }, 'Container completed');
+                resolve(output);
+            }
+            catch (err) {
+                logger.error({
+                    group: group.name,
+                    stdout: stdout.slice(-500),
+                    error: err
+                }, 'Failed to parse container output');
+                resolve({
+                    status: 'error',
+                    result: null,
+                    error: `Failed to parse container output: ${err instanceof Error ? err.message : String(err)}`
+                });
+            }
+        });
+        container.on('error', (err) => {
+            if (resolved)
+                return;
+            resolved = true;
+            clearTimeout(timeout);
+            if (abortSignal) {
+                abortSignal.removeEventListener('abort', abortHandler);
+            }
+            cleanupCid();
+            logger.error({ group: group.name, error: err }, 'Container spawn error');
+            resolve({
+                status: 'error',
+                result: null,
+                error: `Container spawn error: ${err.message}`
+            });
+        });
+    });
+}
+async function runContainerAgentDaemon(group, input, options) {
+    const startTime = Date.now();
+    const groupDir = path.join(GROUPS_DIR, group.folder);
+    fs.mkdirSync(groupDir, { recursive: true });
+    const mounts = buildVolumeMounts(group, input.isMain);
+    ensureDaemonContainer(mounts, group.folder);
+    const { responsePath, requestPath } = writeAgentRequest(group.folder, input);
+    const timeoutMs = group.containerConfig?.timeout || CONTAINER_TIMEOUT;
+    const abortSignal = options?.abortSignal;
+    const containerName = getDaemonContainerName(group.folder);
+    const abortHandler = () => {
+        logger.warn({ group: group.name }, 'Daemon run preempted');
+        try {
+            if (fs.existsSync(requestPath))
+                fs.unlinkSync(requestPath);
+        }
+        catch {
+            // ignore cleanup failure
+        }
+        spawn('docker', ['rm', '-f', containerName], { stdio: 'ignore' });
+    };
+    if (abortSignal) {
+        if (abortSignal.aborted) {
+            abortHandler();
+            return {
+                status: 'error',
+                result: null,
+                error: 'Daemon run preempted'
+            };
+        }
+        abortSignal.addEventListener('abort', abortHandler, { once: true });
+    }
+    try {
+        const output = await waitForAgentResponse(responsePath, timeoutMs, abortSignal);
+        return {
+            ...output,
+            latency_ms: output.latency_ms ?? (Date.now() - startTime)
+        };
+    }
+    catch (err) {
+        const errorMessage = err instanceof Error ? err.message : String(err);
+        logger.error({ group: group.name, error: errorMessage }, 'Daemon agent error');
+        try {
+            if (fs.existsSync(requestPath))
+                fs.unlinkSync(requestPath);
+        }
+        catch {
+            // ignore cleanup failure
+        }
+        try {
+            spawn('docker', ['rm', '-f', containerName], { stdio: 'ignore' });
+        }
+        catch {
+            // ignore cleanup failure
+        }
+        return {
+            status: 'error',
+            result: null,
+            error: errorMessage
+        };
+    }
+    finally {
+        if (abortSignal) {
+            abortSignal.removeEventListener('abort', abortHandler);
+        }
+    }
+}
+export function writeTasksSnapshot(groupFolder, isMain, tasks) {
+    // Write filtered tasks to the group's IPC directory
+    const groupIpcDir = path.join(DATA_DIR, 'ipc', groupFolder);
+    fs.mkdirSync(groupIpcDir, { recursive: true });
+    // Main sees all tasks, others only see their own
+    const filteredTasks = isMain
+        ? tasks
+        : tasks.filter(t => t.groupFolder === groupFolder);
+    const tasksFile = path.join(groupIpcDir, 'current_tasks.json');
+    fs.writeFileSync(tasksFile, JSON.stringify(filteredTasks, null, 2));
+}
+/**
+ * Write available groups snapshot for the container to read.
+ * Only main group can see all available groups (for activation).
+ * Non-main groups only see their own registration status.
+ */
+export function writeGroupsSnapshot(groupFolder, isMain, groups) {
+    const groupIpcDir = path.join(DATA_DIR, 'ipc', groupFolder);
+    fs.mkdirSync(groupIpcDir, { recursive: true });
+    // Main sees all groups; others see nothing (they can't activate groups)
+    const visibleGroups = isMain ? groups : [];
+    const groupsFile = path.join(groupIpcDir, 'available_groups.json');
+    fs.writeFileSync(groupsFile, JSON.stringify({
+        groups: visibleGroups,
+        lastSync: new Date().toISOString()
+    }, null, 2));
+}
+//# sourceMappingURL=container-runner.js.map