@loicngr/kobo 1.7.5 → 1.7.6

package/dist/server/services/agent/engines/claude-code/event-mapper.js

@@ -29,6 +29,14 @@ function makeBucket(id, source) {
     const details = used !== undefined && limit !== undefined ? `${String(used)} / ${String(limit)}` : undefined;
     return { id, label, usedPct: Math.max(0, Math.min(100, usedPct)), resetsAt, details };
 }
+const RATE_LIMIT_STATUSES = new Set(['allowed', 'allowed_warning', 'rejected']);
+function extractStatus(info) {
+    const raw = info.status;
+    if (typeof raw === 'string' && RATE_LIMIT_STATUSES.has(raw)) {
+        return raw;
+    }
+    return undefined;
+}
 function normalizeRateLimitInfo(info) {
     const buckets = [];
     if (typeof info.rateLimitType === 'string') {
@@ -50,10 +58,32 @@ function normalizeRateLimitInfo(info) {
                 buckets.push(b);
         }
     }
-    return { buckets };
+    const status = extractStatus(info);
+    return status ? { buckets, status } : { buckets };
 }
+// ── Public API ────────────────────────────────────────────────────────────────
+/**
+ * Canonical "out of quota" surfaces from the Claude SDK and CLI. Centralised
+ * so the three call-sites stay in sync:
+ *  - `result` events with an error subtype (`parsed.error` / `parsed.result`)
+ *  - assistant `message:text` blocks (the SDK occasionally streams the user-
+ *    visible quota notice as plain assistant text instead of a structured
+ *    error result; see workspace `-GyiAYM7X4xTWyZbcHGiR` session #25 for the
+ *    repro that motivated this path)
+ *  - CLI stderr in `engine.ts`
+ *
+ * Patterns are kept loose on purpose to absorb minor wording drift between
+ * Anthropic's surfaces (`rate_limit_exceeded`, `Claude AI usage limit
+ * reached`, `You're out of extra usage`, `quota exceeded`).
+ */
+export const QUOTA_PATTERN = /out of extra usage|rate[_ ]limit|usage limit|quota exceeded/i;
 export function createMapperState() {
-    return { sessionStartedEmitted: false, openMessages: new Map(), sawErrorResult: false };
+    return {
+        sessionStartedEmitted: false,
+        openMessages: new Map(),
+        sawErrorResult: false,
+        quotaErrorEmitted: false,
+    };
 }
 /** Known SDK `result` subtypes that indicate the run failed. */
 export const KNOWN_ERROR_RESULT_SUBTYPES = new Set(['error_max_turns', 'error_during_execution']);
@@ -64,6 +94,36 @@ function isErrorResultSubtype(subtype) {
         return true;
     return subtype.startsWith('error');
 }
+/**
+ * SDK error codes (`SDKAssistantMessageError`) that map to a quota exhaustion
+ * — the user has hit the 5h/7d cap or run out of overage credits.
+ *  - `'rate_limit'`: classic 429 / Anthropic rate-limit reached
+ *  - `'billing_error'`: claude.ai overage credits exhausted
+ */
+export const QUOTA_ASSISTANT_ERRORS = new Set(['rate_limit', 'billing_error']);
+/**
+ * Emit an `error/quota` event exactly once per SDK run, regardless of which
+ * surface detected the quota (stderr, SDK iterator, message:text fallback…).
+ * Also sets `sawErrorResult` so the engine surfaces
+ * `session:ended.reason='error'`, which the orchestrator then maps to a
+ * `quota` status transition via the `category: 'quota'` discriminator.
+ *
+ * Exported so the stderr path in `engine.ts` (which bypasses `mapSdkMessage`)
+ * can share the same one-shot guard. Without this, two quota surfaces in the
+ * same run would call `handleQuota` twice → `retryCount` doubled and the
+ * persisted backoff row overwritten.
+ */
+export function tryEmitQuota(state, emit, message) {
+    if (state.quotaErrorEmitted)
+        return;
+    state.quotaErrorEmitted = true;
+    state.sawErrorResult = true;
+    emit({ kind: 'error', category: 'quota', message });
+}
+/** Internal wrapper for the in-mapper push pattern. */
+function tryEmitQuotaError(state, events, message) {
+    tryEmitQuota(state, (ev) => events.push(ev), message);
+}
 /**
  * Maps a single typed `SDKMessage` to zero or more `AgentEvent`s, mutating
  * `state` as needed.
@@ -80,7 +140,13 @@ export function mapSdkMessage(msg, state) {
     if (type === 'rate_limit_event') {
         const info = parsed.rate_limit_info;
         if (info && typeof info === 'object') {
-            events.push({ kind: 'rate_limit', info: normalizeRateLimitInfo(info) });
+            const normalized = normalizeRateLimitInfo(info);
+            events.push({ kind: 'rate_limit', info: normalized });
+            // `status: 'rejected'` from the SDK is the explicit "request blocked,
+            // out of quota" signal — the most reliable structured surface.
+            if (normalized.status === 'rejected') {
+                tryEmitQuotaError(state, events, 'Rate limit rejected by Claude SDK (rate_limit_event)');
+            }
         }
         return events;
     }
@@ -129,6 +195,14 @@ export function mapSdkMessage(msg, state) {
         return events;
     }
     if (type === 'assistant') {
+        // `SDKAssistantMessage.error` is a typed enum that includes 'rate_limit'
+        // and 'billing_error' — explicit, structured quota signals. Surface them
+        // before any text processing so the orchestrator transitions to `quota`
+        // even on otherwise empty assistant turns.
+        const assistantError = typeof parsed.error === 'string' ? parsed.error : undefined;
+        if (assistantError && QUOTA_ASSISTANT_ERRORS.has(assistantError)) {
+            tryEmitQuotaError(state, events, `Assistant message error: ${assistantError}`);
+        }
         const message = parsed.message;
         const messageId = typeof message?.id === 'string' ? message.id : 'unknown';
         const content = Array.isArray(message?.content) ? message?.content : [];
@@ -149,11 +223,19 @@ export function mapSdkMessage(msg, state) {
         for (const block of content) {
             const blockType = block.type;
             if (blockType === 'text' && typeof block.text === 'string') {
-                events.push({ kind: 'message:text', messageId, text: block.text, streaming: true });
+                const text = block.text;
+                events.push({ kind: 'message:text', messageId, text, streaming: true });
                 msgState.sawText = true;
-                if (block.text.includes('[BRAINSTORM_COMPLETE]')) {
+                if (text.includes('[BRAINSTORM_COMPLETE]')) {
                     events.push({ kind: 'session:brainstorm-complete' });
                 }
+                // Last-resort fallback: some SDK runs surface the quota notice as
+                // plain assistant text without setting `assistant.error` or a
+                // `result.error`. The structured signals above cover modern SDK
+                // versions; this regex absorbs older or drifted wordings.
+                if (QUOTA_PATTERN.test(text)) {
+                    tryEmitQuotaError(state, events, text);
+                }
             }
             if (blockType === 'tool_use') {
                 events.push({
@@ -211,12 +293,15 @@ export function mapSdkMessage(msg, state) {
         if (isErrorResultSubtype(subtype)) {
             state.sawErrorResult = true;
             const detail = (typeof parsed.error === 'string' && parsed.error) || (typeof parsed.result === 'string' && parsed.result) || '';
-            // "Claude AI usage limit reached" is Anthropic's 5h/4h cap surface — added
-            // to the regex so the orchestrator transitions the workspace to `quota`
-            // (not `error`) and the auto-loop backoff path engages.
-            const isQuota = /out of extra usage|rate limit|usage limit/i.test(detail);
+            const isQuota = QUOTA_PATTERN.test(detail);
             const message = detail ? `Agent run failed (${subtype}): ${detail}` : `Agent run failed (${subtype})`;
-            events.push({ kind: 'error', category: isQuota ? 'quota' : 'other', message });
+            if (isQuota) {
+                // Coordinate with the structured quota path so we never emit twice.
+                tryEmitQuotaError(state, events, message);
+            }
+            else {
+                events.push({ kind: 'error', category: 'other', message });
+            }
         }
         const usage = parsed.usage;
         if (usage) {

package/dist/server/services/agent/orchestrator.js

@@ -4,6 +4,7 @@ import { getDb } from '../../db/index.js';
 import { ensureKoboHome, getCompiledMcpServerPath, getDbPath, getKoboHome, getMcpServerSourcePath, getSettingsPath, getSkillsPath, } from '../../utils/paths.js';
 import { unregisterProcess } from '../../utils/process-tracker.js';
 import * as autoLoopService from '../auto-loop-service.js';
+import * as cronService from '../cron-service.js';
 import * as quotaBackoffService from '../quota-backoff-service.js';
 import { getEffectiveSettings } from '../settings-service.js';
 import { refreshNow } from '../usage/poller.js';
@@ -447,6 +448,46 @@ function handleEvent(workspaceId, agentSessionId, ev) {
             wakeupService.schedule(workspaceId, delay, prompt, reason, agentSessionId);
         }
     }
+    // Same legacy bridge for the SDK's native `CronCreate`. The native tool is
+    // session-only (the cron dies when the agent session exits and is not
+    // persisted to disk), which makes it useless for any real "schedule a
+    // recurring trigger" need. We intercept the tool:call and arm an equivalent
+    // kobo cron in parallel — persistent across restarts, owned by the backend.
+    if (ev.kind === 'tool:call' && ev.name === 'CronCreate') {
+        const input = ev.input;
+        const prompt = typeof input?.prompt === 'string' ? input.prompt : '';
+        // The SDK's exact field name has drifted across versions — try the most
+        // likely candidates. If none match we log the input shape so the user
+        // can extend this list.
+        const expression = (typeof input?.cron === 'string' && input.cron) ||
+            (typeof input?.schedule === 'string' && input.schedule) ||
+            (typeof input?.expression === 'string' && input.expression) ||
+            '';
+        if (prompt && expression) {
+            console.warn(`[orchestrator] Native CronCreate intercepted for workspace '${workspaceId}' — armed equivalent kobo cron. Prefer kobo__cron_create.`);
+            try {
+                cronService.arm(workspaceId, {
+                    expression,
+                    prompt,
+                    label: 'from-native-CronCreate',
+                    agentSessionId,
+                });
+            }
+            catch (err) {
+                console.error('[orchestrator] Failed to mirror native CronCreate as kobo cron:', err);
+            }
+        }
+        else if (prompt || input) {
+            console.warn(`[orchestrator] Native CronCreate intercepted but unrecognised input shape (workspace '${workspaceId}'):`, Object.keys(input ?? {}));
+        }
+    }
+    // Native `CronDelete` and `CronList` are noisy but harmless to ignore.
+    // The native cron is session-only so deletion is moot once the session
+    // ends; the kobo equivalents (kobo__cron_delete / kobo__cron_list) are
+    // the persistent path. Log to track usage and avoid silent confusion.
+    if (ev.kind === 'tool:call' && (ev.name === 'CronDelete' || ev.name === 'CronList')) {
+        console.warn(`[orchestrator] Native ${ev.name} called on workspace '${workspaceId}' — has no effect on kobo crons. Use kobo__${ev.name === 'CronDelete' ? 'cron_delete' : 'cron_list'} instead.`);
+    }
     if (ev.kind === 'skills:discovered') {
         availableSkills = ev.skills;
         try {

package/dist/server/services/auto-loop-service.js

@@ -54,12 +54,17 @@ export function enable(workspaceId) {
     if (row.auto_loop_ready !== 1) {
         throw new Error(`Workspace '${workspaceId}' is not ready for auto-loop (run grooming first)`);
     }
+    // Refuse to enable when there is nothing to spawn — without this, auto_loop
+    // would flip to 1 silently with no iteration running, locking the chat input
+    // (auto-loop banner) without doing any work. The user must add a task or
+    // unmark a done task before re-enabling.
+    const pending = countPendingTasks(workspaceId);
+    if (pending === 0) {
+        throw new Error(`Workspace '${workspaceId}' has no pending tasks; add or unmark a task before enabling auto-loop`);
+    }
     const db = getDb();
     db.prepare('UPDATE workspaces SET auto_loop = 1, no_progress_streak = 0 WHERE id = ?').run(workspaceId);
     emitEphemeral(workspaceId, 'autoloop:enabled', {});
-    const pending = countPendingTasks(workspaceId);
-    if (pending === 0)
-        return;
     if (orchestrator.hasController(workspaceId))
         return;
     // spawnNextIteration throws on initial spawn failure (see flag).

package/dist/server/services/cron-service.js

@@ -0,0 +1,279 @@
+import { CronExpressionParser } from 'cron-parser';
+import { nanoid } from 'nanoid';
+import { getDb } from '../db/index.js';
+import { slugifyProjectName } from '../utils/project-slug.js';
+import { resolveWorkspaceWorktreePath } from '../utils/worktree-paths.js';
+import * as orchestrator from './agent/orchestrator.js';
+import * as settingsService from './settings-service.js';
+import { emitEphemeral } from './websocket-service.js';
+export const MIN_DELAY_BETWEEN_FIRES_SECONDS = 60;
+// Node `setTimeout` stores the delay as a 32-bit signed int. Anything above
+// 2^31-1 ms (~24.8 days) triggers `TimeoutOverflowWarning` and silently
+// truncates to 1ms — which causes the timer to fire instantly and loop
+// when the real target is years away (e.g. `@yearly` or `0 0 1 1 *`).
+// We cap each setTimeout at this max and re-arm in the callback if the
+// real fire time hasn't been reached yet.
+const MAX_SETTIMEOUT_MS = 2_000_000_000; // ~23 days, with margin under 2^31-1
+const timers = new Map();
+/**
+ * Arm a setTimeout that fires `fireOrSkip(id)` when `fireAt` is reached.
+ * Replaces any existing timer for this id. Handles long horizons by
+ * chaining capped timeouts, since Node's setTimeout overflows past ~24.8
+ * days.
+ */
+function scheduleAt(id, fireAt) {
+    const previous = timers.get(id);
+    if (previous)
+        clearTimeout(previous);
+    const deltaMs = Math.max(0, fireAt.getTime() - Date.now());
+    const cappedMs = Math.min(deltaMs, MAX_SETTIMEOUT_MS);
+    const timer = setTimeout(() => {
+        timers.delete(id);
+        if (Date.now() >= fireAt.getTime()) {
+            fireOrSkip(id);
+        }
+        else {
+            // Long-horizon cron: hop forward another chunk and re-check.
+            scheduleAt(id, fireAt);
+        }
+    }, cappedMs);
+    timer.unref?.();
+    timers.set(id, timer);
+}
+function rowToCron(row) {
+    return {
+        id: row.id,
+        workspaceId: row.workspace_id,
+        expression: row.expression,
+        prompt: row.prompt,
+        label: row.label,
+        agentSessionId: row.agent_session_id,
+        nextFireAt: row.next_fire_at,
+        lastFiredAt: row.last_fired_at,
+        oneShot: row.one_shot === 1,
+        createdAt: row.created_at,
+    };
+}
+/**
+ * Compute the next fire time for an expression strictly after `from`.
+ * Uses cron-parser 5.x API. Throws with a descriptive error if the
+ * expression is invalid. Helpers `@hourly` / `@daily` / `@weekly` /
+ * `@monthly` / `@yearly` are accepted natively.
+ */
+function nextAfter(expression, from) {
+    try {
+        const it = CronExpressionParser.parse(expression, { currentDate: from });
+        return it.next().toDate();
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        throw new Error(`Invalid cron expression: ${expression} — ${msg}`);
+    }
+}
+/**
+ * Validate the expression, persist the row, arm a setTimeout for the next
+ * fire, emit `cron:created`. Throws on invalid expression OR when the next
+ * fire is < MIN_DELAY_BETWEEN_FIRES_SECONDS seconds in the future.
+ */
+export function arm(workspaceId, args) {
+    const now = new Date();
+    const next = nextAfter(args.expression, now);
+    const deltaMs = next.getTime() - now.getTime();
+    if (deltaMs < MIN_DELAY_BETWEEN_FIRES_SECONDS * 1000) {
+        throw new Error(`Cron expression resolves too close to now (minimum ${MIN_DELAY_BETWEEN_FIRES_SECONDS}s); use a longer interval`);
+    }
+    const id = nanoid();
+    const db = getDb();
+    db.prepare(`INSERT INTO pending_crons (id, workspace_id, expression, prompt, label, agent_session_id, next_fire_at, last_fired_at, one_shot, created_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?, NULL, ?, ?)`).run(id, workspaceId, args.expression, args.prompt, args.label ?? null, args.agentSessionId ?? null, next.toISOString(), args.oneShot ? 1 : 0, now.toISOString());
+    scheduleAt(id, next);
+    const cron = rowToCron(db.prepare('SELECT * FROM pending_crons WHERE id = ?').get(id));
+    emitEphemeral(workspaceId, 'cron:created', { cron });
+    return cron;
+}
+/**
+ * Remove a single cron by id. Idempotent — returns false if no row matched.
+ * Emits `cron:cancelled` only when a row was actually deleted.
+ */
+export function cancel(id, reason) {
+    const db = getDb();
+    const row = db.prepare('SELECT workspace_id FROM pending_crons WHERE id = ?').get(id);
+    if (!row)
+        return false;
+    db.prepare('DELETE FROM pending_crons WHERE id = ?').run(id);
+    const previous = timers.get(id);
+    if (previous) {
+        clearTimeout(previous);
+        timers.delete(id);
+    }
+    emitEphemeral(row.workspace_id, 'cron:cancelled', { id, reason });
+    return true;
+}
+/**
+ * Remove every cron for a workspace. Returns the number of rows deleted.
+ * Used by archive + delete cascades.
+ */
+export function cancelAllForWorkspace(workspaceId, reason) {
+    const db = getDb();
+    const rows = db.prepare('SELECT id FROM pending_crons WHERE workspace_id = ?').all(workspaceId);
+    let deleted = 0;
+    for (const r of rows) {
+        if (cancel(r.id, reason))
+            deleted++;
+    }
+    return deleted;
+}
+export function getCron(id) {
+    const db = getDb();
+    const row = db.prepare('SELECT * FROM pending_crons WHERE id = ?').get(id);
+    return row ? rowToCron(row) : null;
+}
+export function listForWorkspace(workspaceId) {
+    const db = getDb();
+    const rows = db
+        .prepare('SELECT * FROM pending_crons WHERE workspace_id = ? ORDER BY next_fire_at ASC')
+        .all(workspaceId);
+    return rows.map(rowToCron);
+}
+export function listAll() {
+    const db = getDb();
+    const rows = db.prepare('SELECT * FROM pending_crons ORDER BY next_fire_at ASC').all();
+    return rows.map(rowToCron);
+}
+/**
+ * Internal — invoked by setTimeout when a cron's `next_fire_at` elapses.
+ * Either fires (calls orchestrator.startAgent with resume=true) or skips
+ * (when a controller is already active for the workspace), then recomputes
+ * the next occurrence and re-arms a fresh setTimeout. Best-effort: any
+ * unexpected error is logged and the cron is preserved when possible.
+ */
+function fireOrSkip(id) {
+    try {
+        timers.delete(id);
+        const db = getDb();
+        const row = db.prepare('SELECT * FROM pending_crons WHERE id = ?').get(id);
+        if (!row)
+            return; // cancelled in flight
+        const wsRow = db
+            .prepare(`SELECT project_path, working_branch, worktree_path, model, agent_permission_mode, reasoning_effort, archived_at
+           FROM workspaces WHERE id = ?`)
+            .get(row.workspace_id);
+        if (!wsRow || wsRow.archived_at !== null) {
+            cancel(id, wsRow ? 'archive' : 'deleted');
+            return;
+        }
+        let status = 'skipped-active';
+        if (!orchestrator.hasController(row.workspace_id)) {
+            status = 'fired';
+            try {
+                const globalSettings = settingsService.getGlobalSettings();
+                const projectSettings = settingsService.getProjectSettings(wsRow.project_path);
+                const projectSlug = globalSettings.worktreesPrefixByProject
+                    ? slugifyProjectName(projectSettings?.displayName ?? '', wsRow.project_path)
+                    : undefined;
+                const worktreePath = wsRow.worktree_path ??
+                    resolveWorkspaceWorktreePath(wsRow.project_path, wsRow.working_branch, globalSettings.worktreesPath, projectSlug);
+                const stored = wsRow.agent_permission_mode;
+                const agentPermissionMode = stored === 'plan' || stored === 'strict' || stored === 'interactive' ? stored : 'bypass';
+                // agent_session_id encodes the cron's mode: non-NULL means "resume
+                // that session" (pinned at create time); NULL means "fresh session
+                // every fire" (clean context, no conversation continuity).
+                const resumeMode = row.agent_session_id !== null;
+                orchestrator.startAgent(row.workspace_id, worktreePath, row.prompt, wsRow.model, resumeMode, agentPermissionMode, row.agent_session_id ?? undefined, wsRow.reasoning_effort);
+            }
+            catch (err) {
+                console.error(`[cron-service] startAgent at fire time failed for cron '${id}':`, err);
+            }
+        }
+        const now = new Date();
+        let nextFire;
+        try {
+            nextFire = nextAfter(row.expression, now);
+        }
+        catch (err) {
+            // Defensive — the expression validated at create time, so reaching here
+            // means cron-parser changed its acceptance rules between the original
+            // arm and this fire. Cancel as 'completed' (the cron self-terminates)
+            // rather than 'user' which would imply the user requested it.
+            console.error(`[cron-service] failed to recompute next fire for cron '${id}':`, err);
+            cancel(id, 'completed');
+            return;
+        }
+        // One-shot crons cancel themselves after a real fire (not on skip-active —
+        // the user expects the cron to actually run once, so a skipped tick must
+        // be retried at the next occurrence). Recurring crons re-arm normally.
+        if (status === 'fired' && row.one_shot === 1) {
+            db.prepare(`UPDATE pending_crons SET last_fired_at = ? WHERE id = ?`).run(now.toISOString(), id);
+            emitEphemeral(row.workspace_id, 'cron:fired', {
+                id,
+                status,
+                nextFireAt: null,
+                lastFiredAt: now.toISOString(),
+                oneShotConsumed: true,
+            });
+            cancel(id, 'completed');
+            return;
+        }
+        db.prepare(`UPDATE pending_crons SET next_fire_at = ?, last_fired_at = ? WHERE id = ?`).run(nextFire.toISOString(), now.toISOString(), id);
+        scheduleAt(id, nextFire);
+        emitEphemeral(row.workspace_id, 'cron:fired', {
+            id,
+            status,
+            nextFireAt: nextFire.toISOString(),
+            lastFiredAt: now.toISOString(),
+        });
+    }
+    catch (err) {
+        console.error(`[cron-service] fireOrSkip uncaught error for cron '${id}':`, err);
+        timers.delete(id);
+    }
+}
+/**
+ * Re-arm timers for rows persisted across restart. Skip-missed semantics:
+ * if the stored next_fire_at is in the past, recompute next() based on the
+ * current time and update the row before arming (mirror of POSIX crontab —
+ * no catchup spam after server downtime).
+ *
+ * Rows pointing at deleted/archived workspaces are removed without firing.
+ */
+export function restoreOnBoot() {
+    try {
+        // Boot semantics: clear any existing in-memory timers before rearming.
+        for (const t of timers.values())
+            clearTimeout(t);
+        timers.clear();
+        const db = getDb();
+        const rows = db.prepare('SELECT * FROM pending_crons').all();
+        const now = new Date();
+        for (const row of rows) {
+            try {
+                const wsRow = db.prepare('SELECT archived_at FROM workspaces WHERE id = ?').get(row.workspace_id);
+                if (!wsRow || wsRow.archived_at !== null) {
+                    db.prepare('DELETE FROM pending_crons WHERE id = ?').run(row.id);
+                    continue;
+                }
+                const storedDate = new Date(row.next_fire_at);
+                let nextFireAt;
+                if (storedDate.getTime() <= now.getTime()) {
+                    // Skip-missed semantics — no catchup spam after downtime.
+                    const next = nextAfter(row.expression, now);
+                    nextFireAt = next.toISOString();
+                }
+                else {
+                    // Future row: normalise the persisted ISO format.
+                    nextFireAt = storedDate.toISOString();
+                }
+                db.prepare('UPDATE pending_crons SET next_fire_at = ? WHERE id = ?').run(nextFireAt, row.id);
+                scheduleAt(row.id, new Date(nextFireAt));
+            }
+            catch (err) {
+                console.error(`[cron-service] restoreOnBoot row failed for cron '${row.id}':`, err);
+            }
+        }
+    }
+    catch (err) {
+        console.error('[cron-service] restoreOnBoot failed:', err);
+    }
+}
+/** @internal test-only */
+export const _timers = timers;

package/dist/server/services/wakeup-service.js

@@ -5,7 +5,7 @@ import * as orchestrator from './agent/orchestrator.js';
 import * as settingsService from './settings-service.js';
 import { emitEphemeral } from './websocket-service.js';
 const MIN_DELAY_SECONDS = 60;
-const MAX_DELAY_SECONDS = 3600;
+const MAX_DELAY_SECONDS = 21600;
 const STALE_WAKEUP_GRACE_MS = 5 * 60 * 1000;
 const AUTONOMOUS_LOOP_SENTINEL = '<<autonomous-loop-dynamic>>';
 const AUTONOMOUS_LOOP_FALLBACK_PROMPT = 'Continue where you left off.';

package/dist/server/services/workspace-service.js

@@ -3,6 +3,7 @@ import { getDb } from '../db/index.js';
 import { resolveWorkspaceWorktreePath } from '../utils/worktree-paths.js';
 import * as orchestrator from './agent/orchestrator.js';
 import * as autoLoopService from './auto-loop-service.js';
+import * as cronService from './cron-service.js';
 import * as quotaBackoffService from './quota-backoff-service.js';
 import * as wakeupService from './wakeup-service.js';
 import { emitEphemeral } from './websocket-service.js';
@@ -363,6 +364,15 @@ export function deleteWorkspace(id) {
     catch (err) {
         console.error('[workspace-service] cancel quota backoff on delete failed:', err);
     }
+    // Cancel every pending cron BEFORE the FK cascade removes the rows so
+    // in-memory setTimeout timers are cleared. Best-effort: failure must not
+    // block delete.
+    try {
+        cronService.cancelAllForWorkspace(id, 'deleted');
+    }
+    catch (err) {
+        console.error('[workspace-service] cancel crons on delete failed:', err);
+    }
     // Drop the cached rate_limit.info so memory doesn't leak on workspace
     // churn. The Map has no FK to clean up for it automatically.
     orchestrator.forgetRateLimitInfo(id);
@@ -463,6 +473,14 @@ export function archiveWorkspace(id) {
     catch (err) {
         console.error('[workspace-service] cancel quota backoff on archive failed:', err);
     }
+    // Cancel every pending cron — archived workspaces must not fire scheduled
+    // prompts. Best-effort: failure here must not block archive.
+    try {
+        cronService.cancelAllForWorkspace(id, 'archive');
+    }
+    catch (err) {
+        console.error('[workspace-service] cancel crons on archive failed:', err);
+    }
     // Disable auto-loop — archived workspaces should not keep looping.
     // Idempotent: no-op if auto_loop was already 0.
     autoLoopService.disable(id, 'user-action');

package/dist/server/utils/git-ops.js

@@ -583,7 +583,14 @@ export function getUnpushedChangedFiles(repoPath, branchName, remote = 'origin')
 export function getFileAtRef(repoPath, ref, filePath) {
     const resolvedRef = resolveBase(repoPath, ref);
     try {
-        return git(repoPath, ['show', `${resolvedRef}:${filePath}`]);
+        // Bypass the `git()` helper here: it `.trimEnd()`s the output, which would
+        // strip trailing newlines from the original file content and produce a
+        // false diff against `getFileContent`'s untrimmed `readFileSync` output
+        // (last line marked added/removed even when identical).
+        return execFileSync('git', ['show', `${resolvedRef}:${filePath}`], {
+            cwd: repoPath,
+            encoding: 'utf-8',
+        });
     }
     catch {
         return null;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@loicngr/kobo",
-  "version": "1.7.5",
+  "version": "1.7.6",
   "description": "Kōbō — multi-workspace agent manager for Claude Code. Orchestrates isolated git worktrees with dev servers, Notion integration, and MCP tools.",
   "type": "module",
   "license": "GPL-3.0-or-later",
@@ -70,6 +70,7 @@
     "@hono/node-server": "^1.19.13",
     "@modelcontextprotocol/sdk": "^1.29.0",
     "better-sqlite3": "^12.8.0",
+    "cron-parser": "^5.5.0",
     "hono": "^4.12.12",
     "nanoid": "^5.1.7",
     "node-pty": "^1.1.0",