npm - @hellcoder/companion - Versions diffs - 0.96.0 - Mend

@hellcoder/companion 0.96.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

package/bin/cli.ts +168 -0
package/bin/ctl.ts +528 -0
package/bin/generate-token.ts +28 -0
package/dist/apple-touch-icon.png +0 -0
package/dist/assets/AgentsPage-DCFhrJ28.js +13 -0
package/dist/assets/CronManager-EGwLJONv.js +1 -0
package/dist/assets/IntegrationsPage-CTMRnbQS.js +1 -0
package/dist/assets/LinearOAuthSettingsPage-CgQFMIgr.js +1 -0
package/dist/assets/LinearSettingsPage-C9nok1qi.js +1 -0
package/dist/assets/Playground-BV3k0RbV.js +109 -0
package/dist/assets/PromptsPage-CFojqNKP.js +4 -0
package/dist/assets/RunsPage-DUJ1QUSa.js +1 -0
package/dist/assets/SandboxManager-CrVQ-VU_.js +8 -0
package/dist/assets/SettingsPage-D1fPCL19.js +1 -0
package/dist/assets/TailscalePage-D06cyvyC.js +1 -0
package/dist/assets/index-BhUa1e6X.css +1 -0
package/dist/assets/index-DkqeP-R9.js +134 -0
package/dist/assets/sw-register-BibwRdvC.js +1 -0
package/dist/assets/workbox-window.prod.es5-BIl4cyR9.js +2 -0
package/dist/favicon.svg +8 -0
package/dist/fonts/MesloLGSNerdFontMono-Bold.woff2 +0 -0
package/dist/fonts/MesloLGSNerdFontMono-Regular.woff2 +0 -0
package/dist/icon-192.png +0 -0
package/dist/icon-512.png +0 -0
package/dist/index.html +20 -0
package/dist/logo-codex.svg +14 -0
package/dist/logo-docker.svg +4 -0
package/dist/logo.svg +14 -0
package/dist/manifest.json +24 -0
package/dist/sw.js +2 -0
package/package.json +104 -0
package/server/agent-cron-migrator.test.ts +610 -0
package/server/agent-cron-migrator.ts +85 -0
package/server/agent-executor.test.ts +1108 -0
package/server/agent-executor.ts +346 -0
package/server/agent-store.test.ts +588 -0
package/server/agent-store.ts +185 -0
package/server/agent-types.ts +138 -0
package/server/ai-validation-settings.test.ts +128 -0
package/server/ai-validation-settings.ts +35 -0
package/server/ai-validator.test.ts +387 -0
package/server/ai-validator.ts +271 -0
package/server/auth-manager.test.ts +83 -0
package/server/auth-manager.ts +150 -0
package/server/auto-namer.test.ts +252 -0
package/server/auto-namer.ts +78 -0
package/server/backend-adapter.test.ts +38 -0
package/server/backend-adapter.ts +54 -0
package/server/cache-headers.test.ts +98 -0
package/server/cache-headers.ts +61 -0
package/server/claude-adapter.test.ts +1363 -0
package/server/claude-adapter.ts +889 -0
package/server/claude-container-auth.test.ts +44 -0
package/server/claude-container-auth.ts +30 -0
package/server/claude-protocol-contract.test.ts +71 -0
package/server/claude-protocol-drift.test.ts +78 -0
package/server/claude-session-discovery.test.ts +132 -0
package/server/claude-session-discovery.ts +157 -0
package/server/claude-session-history.test.ts +158 -0
package/server/claude-session-history.ts +410 -0
package/server/cli-launcher.test.ts +1343 -0
package/server/cli-launcher.ts +1298 -0
package/server/cli.test.ts +16 -0
package/server/codex-adapter.test.ts +5545 -0
package/server/codex-adapter.ts +3062 -0
package/server/codex-container-auth.test.ts +50 -0
package/server/codex-container-auth.ts +24 -0
package/server/codex-home.test.ts +61 -0
package/server/codex-home.ts +26 -0
package/server/codex-protocol-contract.test.ts +96 -0
package/server/codex-protocol-drift.test.ts +123 -0
package/server/codex-ws-proxy.cjs +226 -0
package/server/commands-discovery.test.ts +179 -0
package/server/commands-discovery.ts +81 -0
package/server/constants.ts +7 -0
package/server/container-manager.test.ts +1211 -0
package/server/container-manager.ts +1053 -0
package/server/cron-scheduler.test.ts +957 -0
package/server/cron-scheduler.ts +243 -0
package/server/cron-store.test.ts +422 -0
package/server/cron-store.ts +148 -0
package/server/cron-types.ts +63 -0
package/server/env-manager.test.ts +268 -0
package/server/env-manager.ts +161 -0
package/server/event-bus-types.ts +64 -0
package/server/event-bus.test.ts +244 -0
package/server/event-bus.ts +124 -0
package/server/execution-store.test.ts +307 -0
package/server/execution-store.ts +170 -0
package/server/fs-utils.ts +15 -0
package/server/git-utils.test.ts +938 -0
package/server/git-utils.ts +421 -0
package/server/github-pr.test.ts +498 -0
package/server/github-pr.ts +379 -0
package/server/image-pull-manager.test.ts +303 -0
package/server/image-pull-manager.ts +279 -0
package/server/index.ts +396 -0
package/server/linear-agent-bridge.test.ts +1157 -0
package/server/linear-agent-bridge.ts +629 -0
package/server/linear-agent.test.ts +473 -0
package/server/linear-agent.ts +479 -0
package/server/linear-cache.test.ts +136 -0
package/server/linear-cache.ts +113 -0
package/server/linear-connections.test.ts +350 -0
package/server/linear-connections.ts +231 -0
package/server/linear-credential-migration.test.ts +337 -0
package/server/linear-credential-migration.ts +63 -0
package/server/linear-oauth-connections-migration.test.ts +268 -0
package/server/linear-oauth-connections.test.ts +365 -0
package/server/linear-oauth-connections.ts +294 -0
package/server/linear-project-manager.test.ts +162 -0
package/server/linear-project-manager.ts +111 -0
package/server/linear-prompt-builder.test.ts +74 -0
package/server/linear-prompt-builder.ts +61 -0
package/server/linear-staging.test.ts +276 -0
package/server/linear-staging.ts +142 -0
package/server/logger.test.ts +393 -0
package/server/logger.ts +259 -0
package/server/metrics-collector.test.ts +413 -0
package/server/metrics-collector.ts +350 -0
package/server/metrics-types.ts +108 -0
package/server/middleware/managed-auth.test.ts +264 -0
package/server/middleware/managed-auth.ts +195 -0
package/server/novnc-proxy.test.ts +333 -0
package/server/novnc-proxy.ts +99 -0
package/server/path-resolver.test.ts +552 -0
package/server/path-resolver.ts +186 -0
package/server/paths.test.ts +31 -0
package/server/paths.ts +11 -0
package/server/pr-poller.test.ts +191 -0
package/server/pr-poller.ts +162 -0
package/server/prompt-manager.test.ts +211 -0
package/server/prompt-manager.ts +211 -0
package/server/protocol/claude-upstream/README.md +19 -0
package/server/protocol/claude-upstream/sdk.d.ts.txt +1943 -0
package/server/protocol/codex-upstream/ClientNotification.ts.txt +5 -0
package/server/protocol/codex-upstream/ClientRequest.ts.txt +60 -0
package/server/protocol/codex-upstream/README.md +18 -0
package/server/protocol/codex-upstream/ServerNotification.ts.txt +41 -0
package/server/protocol/codex-upstream/ServerRequest.ts.txt +16 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallParams.ts.txt +6 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallResponse.ts.txt +6 -0
package/server/protocol-monitor.ts +50 -0
package/server/recorder.test.ts +454 -0
package/server/recorder.ts +374 -0
package/server/recording-hub/compat-validator.test.ts +150 -0
package/server/recording-hub/compat-validator.ts +284 -0
package/server/recording-hub/diagnostics.test.ts +140 -0
package/server/recording-hub/diagnostics.ts +299 -0
package/server/recording-hub/hub-config.test.ts +44 -0
package/server/recording-hub/hub-config.ts +19 -0
package/server/recording-hub/hub-routes.test.ts +417 -0
package/server/recording-hub/hub-routes.ts +236 -0
package/server/recording-hub/hub-store.test.ts +262 -0
package/server/recording-hub/hub-store.ts +265 -0
package/server/recording-hub/replay-adapter.test.ts +294 -0
package/server/recording-hub/replay-adapter.ts +207 -0
package/server/relay-client.test.ts +337 -0
package/server/relay-client.ts +320 -0
package/server/replay.test.ts +200 -0
package/server/replay.ts +78 -0
package/server/routes/agent-routes.test.ts +1400 -0
package/server/routes/agent-routes.ts +409 -0
package/server/routes/cron-routes.test.ts +881 -0
package/server/routes/cron-routes.ts +103 -0
package/server/routes/env-routes.test.ts +383 -0
package/server/routes/env-routes.ts +95 -0
package/server/routes/fs-routes.test.ts +1198 -0
package/server/routes/fs-routes.ts +605 -0
package/server/routes/git-routes.test.ts +813 -0
package/server/routes/git-routes.ts +97 -0
package/server/routes/linear-agent-routes.test.ts +721 -0
package/server/routes/linear-agent-routes.ts +304 -0
package/server/routes/linear-connection-routes.test.ts +927 -0
package/server/routes/linear-connection-routes.ts +244 -0
package/server/routes/linear-oauth-connection-routes.test.ts +406 -0
package/server/routes/linear-oauth-connection-routes.ts +129 -0
package/server/routes/linear-routes.test.ts +1510 -0
package/server/routes/linear-routes.ts +953 -0
package/server/routes/metrics-routes.test.ts +103 -0
package/server/routes/metrics-routes.ts +13 -0
package/server/routes/prompt-routes.ts +67 -0
package/server/routes/sandbox-routes.test.ts +513 -0
package/server/routes/sandbox-routes.ts +127 -0
package/server/routes/settings-routes.ts +270 -0
package/server/routes/skills-routes.test.ts +690 -0
package/server/routes/skills-routes.ts +100 -0
package/server/routes/system-routes.test.ts +637 -0
package/server/routes/system-routes.ts +228 -0
package/server/routes/tailscale-routes.test.ts +176 -0
package/server/routes/tailscale-routes.ts +22 -0
package/server/routes.test.ts +4655 -0
package/server/routes.ts +1277 -0
package/server/sandbox-manager.test.ts +378 -0
package/server/sandbox-manager.ts +168 -0
package/server/service.test.ts +1419 -0
package/server/service.ts +718 -0
package/server/session-creation-service.test.ts +661 -0
package/server/session-creation-service.ts +473 -0
package/server/session-git-info.ts +104 -0
package/server/session-linear-issues.test.ts +118 -0
package/server/session-linear-issues.ts +88 -0
package/server/session-names.test.ts +94 -0
package/server/session-names.ts +67 -0
package/server/session-orchestrator.test.ts +1784 -0
package/server/session-orchestrator.ts +973 -0
package/server/session-state-machine.test.ts +606 -0
package/server/session-state-machine.ts +207 -0
package/server/session-store.test.ts +290 -0
package/server/session-store.ts +146 -0
package/server/session-types.ts +509 -0
package/server/settings-manager.test.ts +275 -0
package/server/settings-manager.ts +173 -0
package/server/tailscale-manager.test.ts +553 -0
package/server/tailscale-manager.ts +451 -0
package/server/terminal-manager.ts +240 -0
package/server/update-checker.test.ts +306 -0
package/server/update-checker.ts +197 -0
package/server/usage-limits.test.ts +536 -0
package/server/usage-limits.ts +225 -0
package/server/worktree-tracker.test.ts +243 -0
package/server/worktree-tracker.ts +84 -0
package/server/ws-auth.test.ts +59 -0
package/server/ws-auth.ts +41 -0
package/server/ws-bridge-browser-ingest.test.ts +272 -0
package/server/ws-bridge-browser-ingest.ts +72 -0
package/server/ws-bridge-browser.ts +112 -0
package/server/ws-bridge-cli-ingest.test.ts +302 -0
package/server/ws-bridge-cli-ingest.ts +81 -0
package/server/ws-bridge-codex.test.ts +1837 -0
package/server/ws-bridge-codex.ts +266 -0
package/server/ws-bridge-controls.test.ts +124 -0
package/server/ws-bridge-controls.ts +20 -0
package/server/ws-bridge-persist.test.ts +296 -0
package/server/ws-bridge-persist.ts +66 -0
package/server/ws-bridge-publish.test.ts +234 -0
package/server/ws-bridge-publish.ts +79 -0
package/server/ws-bridge-replay.test.ts +44 -0
package/server/ws-bridge-replay.ts +61 -0
package/server/ws-bridge-types.ts +106 -0
package/server/ws-bridge.test.ts +4777 -0
package/server/ws-bridge.ts +1279 -0

package/server/ws-bridge-browser-ingest.test.ts ADDED Viewed

@@ -0,0 +1,272 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import {
+  parseBrowserMessage,
+  deduplicateBrowserMessage,
+  IDEMPOTENT_BROWSER_MESSAGE_TYPES,
+} from "./ws-bridge-browser-ingest.js";
+import type { Session } from "./ws-bridge-types.js";
+import { SessionStateMachine } from "./session-state-machine.js";
+function makeDedupSession(): Session {
+  return {
+    id: "test-session",
+    backendType: "claude",
+    backendAdapter: null,
+    browserSockets: new Set(),
+    state: {} as any,
+    pendingPermissions: new Map(),
+    messageHistory: [],
+    pendingMessages: [],
+    nextEventSeq: 1,
+    eventBuffer: [],
+    lastAckSeq: 0,
+    processedClientMessageIds: [],
+    processedClientMessageIdSet: new Set(),
+    lastCliActivityTs: Date.now(),
+    stateMachine: new SessionStateMachine("test-session"),
+  };
+}
+// ─── parseBrowserMessage ──────────────────────────────────────────────────────
+describe("parseBrowserMessage", () => {
+  it("parses valid JSON into BrowserOutgoingMessage", () => {
+    const raw = '{"type":"user_message","content":"hello"}';
+    const msg = parseBrowserMessage(raw);
+    expect(msg).toEqual({ type: "user_message", content: "hello" });
+  });
+  it("returns null for malformed JSON", () => {
+    // Suppress the console.warn from parseBrowserMessage
+    vi.spyOn(console, "warn").mockImplementation(() => {});
+    expect(parseBrowserMessage("{invalid")).toBeNull();
+    vi.restoreAllMocks();
+  });
+  it("returns null for empty string", () => {
+    vi.spyOn(console, "warn").mockImplementation(() => {});
+    expect(parseBrowserMessage("")).toBeNull();
+    vi.restoreAllMocks();
+  });
+  it("handles Buffer input", () => {
+    const raw = Buffer.from('{"type":"interrupt"}', "utf-8");
+    const msg = parseBrowserMessage(raw);
+    expect(msg).toEqual({ type: "interrupt" });
+  });
+  it("handles complex message types", () => {
+    const raw = JSON.stringify({
+      type: "permission_response",
+      request_id: "req-1",
+      behavior: "allow",
+      client_msg_id: "cmid-1",
+    });
+    const msg = parseBrowserMessage(raw);
+    expect(msg).toEqual({
+      type: "permission_response",
+      request_id: "req-1",
+      behavior: "allow",
+      client_msg_id: "cmid-1",
+    });
+  });
+});
+// ─── deduplicateBrowserMessage ────────────────────────────────────────────────
+describe("deduplicateBrowserMessage", () => {
+  let session: Session;
+  let persistFn: ReturnType<typeof vi.fn<(session: Session) => void>>;
+  beforeEach(() => {
+    session = makeDedupSession();
+    persistFn = vi.fn<(session: Session) => void>();
+  });
+  it("returns false for first occurrence of a message with client_msg_id", () => {
+    const msg = { type: "user_message" as const, content: "hello", client_msg_id: "id-1" };
+    const result = deduplicateBrowserMessage(
+      msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn,
+    );
+    expect(result).toBe(false);
+  });
+  it("returns true for duplicate message with same client_msg_id", () => {
+    const msg = { type: "user_message" as const, content: "hello", client_msg_id: "id-1" };
+    // First call: not a duplicate
+    deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn);
+    // Second call: duplicate
+    const result = deduplicateBrowserMessage(
+      msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn,
+    );
+    expect(result).toBe(true);
+  });
+  it("returns false for messages without client_msg_id", () => {
+    const msg = { type: "user_message" as const, content: "hello" };
+    // No client_msg_id — never considered duplicate
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+  });
+  it("returns false for messages with empty client_msg_id", () => {
+    const msg = { type: "user_message" as const, content: "hello", client_msg_id: "" };
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+  });
+  it("returns false for non-idempotent message types even with client_msg_id", () => {
+    // session_subscribe and session_ack are not in IDEMPOTENT_BROWSER_MESSAGE_TYPES
+    const msg = { type: "session_subscribe" as const, last_seq: 0, client_msg_id: "id-1" } as any;
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+    // Same message again — still not deduplicated because type is not idempotent
+    expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+  });
+  it("calls persistFn when remembering a new client_msg_id", () => {
+    const msg = { type: "interrupt" as const, client_msg_id: "id-1" };
+    deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn);
+    expect(persistFn).toHaveBeenCalledWith(session);
+  });
+  it("does not call persistFn for duplicate messages", () => {
+    const msg = { type: "interrupt" as const, client_msg_id: "id-1" };
+    deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn);
+    persistFn.mockClear();
+    // Second call — duplicate, should not persist
+    deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn);
+    expect(persistFn).not.toHaveBeenCalled();
+  });
+  it("deduplicates within each idempotent message type", () => {
+    // Verify each idempotent type is individually deduped by client_msg_id
+    const types = Array.from(IDEMPOTENT_BROWSER_MESSAGE_TYPES);
+    for (const type of types) {
+      const msg = { type, client_msg_id: `${type}-id` } as any;
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(true);
+    }
+  });
+  it("deduplicates across different idempotent message types with same client_msg_id", () => {
+    // A shared client_msg_id should be deduplicated regardless of which
+    // idempotent type sends it — the dedup namespace is type-agnostic.
+    const sharedId = "shared-cross-type-id";
+    const msg1 = { type: "user_message" as const, content: "hello", client_msg_id: sharedId };
+    expect(deduplicateBrowserMessage(msg1, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+    // Same client_msg_id from a different idempotent type — should be filtered
+    const msg2 = { type: "interrupt" as const, client_msg_id: sharedId };
+    expect(deduplicateBrowserMessage(msg2, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(true);
+  });
+  it("enforces window cap by evicting oldest client_msg_ids", () => {
+    const windowSize = 3;
+    // Fill window with 3 IDs
+    for (let i = 0; i < 3; i++) {
+      const msg = { type: "user_message" as const, content: "", client_msg_id: `id-${i}` };
+      deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, windowSize, persistFn);
+    }
+    // Add a 4th — should evict id-0
+    const msg4 = { type: "user_message" as const, content: "", client_msg_id: "id-3" };
+    deduplicateBrowserMessage(msg4, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, windowSize, persistFn);
+    // id-0 should no longer be considered a duplicate (evicted)
+    const msg0 = { type: "user_message" as const, content: "", client_msg_id: "id-0" };
+    expect(deduplicateBrowserMessage(msg0, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, windowSize, persistFn)).toBe(false);
+    // id-1 should still be a duplicate...
+    // But adding id-0 back means window is now [id-2, id-3, id-0], so id-1 is evicted
+  });
+  describe("reconnect scenarios", () => {
+    it("filters resent user_message after browser reconnect", () => {
+      // Browser sends user_message with client_msg_id, disconnects, reconnects,
+      // and resends the same message. Should be filtered.
+      const msg = { type: "user_message" as const, content: "hello", client_msg_id: "msg-1" };
+      // Original send
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+      // After reconnect: same message resent
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(true);
+    });
+    it("filters resent permission_response after browser reconnect", () => {
+      const msg = {
+        type: "permission_response" as const,
+        request_id: "req-1",
+        behavior: "allow" as const,
+        client_msg_id: "perm-1",
+      };
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(true);
+    });
+    it("two browsers with same client_msg_id — second is filtered", () => {
+      // If two browsers somehow send the same client_msg_id (e.g., copied tab),
+      // the second should be filtered to ensure idempotency.
+      const msg = { type: "user_message" as const, content: "hello", client_msg_id: "shared-id" };
+      // Browser A sends
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+      // Browser B sends same client_msg_id
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(true);
+    });
+    it("dedup survives server restart via processedClientMessageIds persistence", () => {
+      // This tests the critical path: browser sends message → server persists
+      // processedClientMessageIds → server restarts → session restored from disk
+      // → browser retransmits same message → dedup fires.
+      //
+      // Step 1: Process a message (simulates pre-restart state)
+      const msg = { type: "user_message" as const, content: "hello", client_msg_id: "restart-id-1" };
+      expect(deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, session, 100, persistFn)).toBe(false);
+      // Step 2: Simulate server restart — create a new session restored from disk.
+      // restoreFromDisk reconstructs processedClientMessageIdSet from the persisted
+      // processedClientMessageIds array (see WsBridge.restoreFromDisk).
+      const restoredSession = makeDedupSession();
+      restoredSession.processedClientMessageIds = [...session.processedClientMessageIds];
+      restoredSession.processedClientMessageIdSet = new Set(session.processedClientMessageIds);
+      // Step 3: Browser retransmits the same message after reconnecting
+      const result = deduplicateBrowserMessage(msg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, restoredSession, 100, persistFn);
+      expect(result).toBe(true); // Should be deduplicated
+      // Step 4: A new message should still pass through
+      const newMsg = { type: "user_message" as const, content: "world", client_msg_id: "restart-id-2" };
+      expect(deduplicateBrowserMessage(newMsg, IDEMPOTENT_BROWSER_MESSAGE_TYPES, restoredSession, 100, persistFn)).toBe(false);
+    });
+  });
+});
+// ─── IDEMPOTENT_BROWSER_MESSAGE_TYPES ─────────────────────────────────────────
+describe("IDEMPOTENT_BROWSER_MESSAGE_TYPES", () => {
+  it("contains the expected message types", () => {
+    const expected = [
+      "user_message", "permission_response", "interrupt", "set_model",
+      "set_permission_mode", "mcp_get_status", "mcp_toggle", "mcp_reconnect",
+      "mcp_set_servers", "set_ai_validation",
+    ];
+    for (const type of expected) {
+      expect(IDEMPOTENT_BROWSER_MESSAGE_TYPES.has(type)).toBe(true);
+    }
+  });
+  it("does not contain session_subscribe or session_ack", () => {
+    // These are session management messages, not idempotent user actions
+    expect(IDEMPOTENT_BROWSER_MESSAGE_TYPES.has("session_subscribe")).toBe(false);
+    expect(IDEMPOTENT_BROWSER_MESSAGE_TYPES.has("session_ack")).toBe(false);
+  });
+});

package/server/ws-bridge-browser-ingest.ts ADDED Viewed

@@ -0,0 +1,72 @@
+import type { BrowserOutgoingMessage } from "./session-types.js";
+import type { Session } from "./ws-bridge-types.js";
+import {
+  isDuplicateClientMessage,
+  rememberClientMessage,
+} from "./ws-bridge-replay.js";
+// ─── Browser Ingest Pipeline ────────────────────────────────────────────────
+// Pure functions for parsing and deduplicating browser WebSocket messages.
+// Extracted from WsBridge.handleBrowserMessage and routeBrowserMessage
+// to enable isolated testing of idempotent message scenarios.
+/** Message types that support client_msg_id-based deduplication. */
+export const IDEMPOTENT_BROWSER_MESSAGE_TYPES: ReadonlySet<string> = new Set([
+  "user_message",
+  "permission_response",
+  "interrupt",
+  "set_model",
+  "set_permission_mode",
+  "mcp_get_status",
+  "mcp_toggle",
+  "mcp_reconnect",
+  "mcp_set_servers",
+  "set_ai_validation",
+]);
+/**
+ * Parse a raw browser WebSocket message into a typed BrowserOutgoingMessage.
+ * Returns null if parsing fails (malformed JSON).
+ */
+export function parseBrowserMessage(raw: string | Buffer): BrowserOutgoingMessage | null {
+  const data = typeof raw === "string" ? raw : raw.toString("utf-8");
+  try {
+    return JSON.parse(data) as BrowserOutgoingMessage;
+  } catch {
+    console.warn(`[ws-bridge] Failed to parse browser message: ${data.substring(0, 200)}`);
+    return null;
+  }
+}
+/**
+ * Check if a browser message is a duplicate based on client_msg_id.
+ * Returns true if the message should be skipped.
+ *
+ * Only checks messages whose type is in `idempotentTypes` and that have
+ * a non-empty `client_msg_id` field. For non-idempotent types or messages
+ * without client_msg_id, always returns false.
+ *
+ * If not a duplicate, remembers the client_msg_id for future dedup checks.
+ */
+export function deduplicateBrowserMessage(
+  msg: BrowserOutgoingMessage,
+  idempotentTypes: ReadonlySet<string>,
+  session: Session,
+  processedIdLimit: number,
+  persistFn: (session: Session) => void,
+): boolean {
+  if (
+    !idempotentTypes.has(msg.type)
+    || !("client_msg_id" in msg)
+    || !msg.client_msg_id
+  ) {
+    return false;
+  }
+  if (isDuplicateClientMessage(session, msg.client_msg_id)) {
+    return true;
+  }
+  rememberClientMessage(session, msg.client_msg_id, processedIdLimit, persistFn);
+  return false;
+}

package/server/ws-bridge-browser.ts ADDED Viewed

@@ -0,0 +1,112 @@
+import type { ServerWebSocket } from "bun";
+import type { BrowserSocketData, Session, SocketData } from "./ws-bridge-types.js";
+import type {
+  BrowserIncomingMessage,
+  ReplayableBrowserIncomingMessage,
+} from "./session-types.js";
+/**
+ * Infer the CLI's current status from server-side session state.
+ * Used as a ground-truth correction after event replay to prevent
+ * stale "running"/"generating" state when `result` was pruned from
+ * the event buffer.
+ */
+function inferCliStatus(session: Session): "idle" | "running" | "compacting" | null {
+  if (session.state.is_compacting) return "compacting";
+  const last = session.messageHistory[session.messageHistory.length - 1];
+  if (!last) return "idle";
+  // `result` means the last turn completed → idle
+  if (last.type === "result") return "idle";
+  // `assistant` means CLI sent a response and is executing tools or streaming → running
+  if (last.type === "assistant") return "running";
+  // For other types (user_message, system_event), default to idle
+  return "idle";
+}
+export function handleSessionSubscribe(
+  session: Session,
+  ws: ServerWebSocket<SocketData> | undefined,
+  lastSeq: number,
+  sendToBrowser: (ws: ServerWebSocket<SocketData>, msg: BrowserIncomingMessage) => void,
+  isHistoryBackedEvent: (msg: ReplayableBrowserIncomingMessage) => boolean,
+): void {
+  if (!ws) return;
+  const data = ws.data as BrowserSocketData;
+  data.subscribed = true;
+  const lastAckSeq = Number.isFinite(lastSeq) ? Math.max(0, Math.floor(lastSeq)) : 0;
+  data.lastAckSeq = lastAckSeq;
+  if (lastAckSeq === 0 && session.messageHistory.length > 0) {
+    sendToBrowser(ws, {
+      type: "message_history",
+      messages: session.messageHistory,
+    });
+  }
+  if (session.eventBuffer.length === 0) return;
+  if (lastAckSeq >= session.nextEventSeq - 1) return;
+  const earliest = session.eventBuffer[0]?.seq ?? session.nextEventSeq;
+  const hasGap = lastAckSeq > 0 && lastAckSeq < earliest - 1;
+  if (hasGap) {
+    if (session.messageHistory.length > 0) {
+      sendToBrowser(ws, {
+        type: "message_history",
+        messages: session.messageHistory,
+      });
+    }
+    const transientMissed = session.eventBuffer
+      .filter((evt) => evt.seq > lastAckSeq && !isHistoryBackedEvent(evt.message));
+    if (transientMissed.length > 0) {
+      sendToBrowser(ws, {
+        type: "event_replay",
+        events: transientMissed,
+      });
+    }
+    // Send ground-truth status after replay to correct stale streaming state
+    sendToBrowser(ws, { type: "status_change", status: inferCliStatus(session) });
+    // Send authoritative session_phase so replayed transient phases don't leave stale cliConnected
+    sendToBrowser(ws, {
+      type: "session_phase",
+      phase: session.stateMachine.phase,
+      previousPhase: session.stateMachine.phase,
+    });
+    return;
+  }
+  const sentFullHistory = lastAckSeq === 0 && session.messageHistory.length > 0;
+  const missed = session.eventBuffer.filter(
+    (evt) => evt.seq > lastAckSeq && (!sentFullHistory || !isHistoryBackedEvent(evt.message)),
+  );
+  if (missed.length === 0) return;
+  sendToBrowser(ws, {
+    type: "event_replay",
+    events: missed,
+  });
+  // Send ground-truth status after replay to correct stale streaming state
+  sendToBrowser(ws, { type: "status_change", status: inferCliStatus(session) });
+  // Send authoritative session_phase so replayed transient phases don't leave stale cliConnected
+  sendToBrowser(ws, {
+    type: "session_phase",
+    phase: session.stateMachine.phase,
+    previousPhase: session.stateMachine.phase,
+  });
+}
+export function handleSessionAck(
+  session: Session,
+  ws: ServerWebSocket<SocketData> | undefined,
+  lastSeq: number,
+  persistSession: (session: Session) => void,
+): void {
+  const normalized = Number.isFinite(lastSeq) ? Math.max(0, Math.floor(lastSeq)) : 0;
+  if (ws) {
+    const data = ws.data as BrowserSocketData;
+    const prior = typeof data.lastAckSeq === "number" ? data.lastAckSeq : 0;
+    data.lastAckSeq = Math.max(prior, normalized);
+  }
+  if (normalized > session.lastAckSeq) {
+    session.lastAckSeq = normalized;
+    persistSession(session);
+  }
+}