@misterhuydo/sentinel 1.1.2 → 1.1.4

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-23T08:28:23.743Z",
-  "checkpoint_at": "2026-03-23T08:28:23.744Z",
+  "message": "Auto-checkpoint at 2026-03-23T08:33:20.221Z",
+  "checkpoint_at": "2026-03-23T08:33:20.223Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.1.2",
+  "version": "1.1.4",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/fix_engine.py

@@ -99,42 +99,109 @@ def _validate_patch(patch: str) -> tuple[bool, str]:
     return True, ""
 
 
+_AUTH_ERROR_HINTS = (
+    "not logged in", "please run claude login", "authentication failed",
+    "api key is not set", "invalid x-api-key", "unauthorized", "please authenticate",
+    "unauthenticated", "auth_required", "no auth", "login required",
+)
+
+
+def _is_auth_error(output: str) -> bool:
+    low = output.lower()
+    return any(hint in low for hint in _AUTH_ERROR_HINTS)
+
+
+def _claude_cmd(bin_path: str, prompt: str) -> list[str]:
+    import os as _os
+    try:
+        skip = _os.getuid() != 0
+    except AttributeError:
+        skip = True  # Windows — always pass flag
+    if skip:
+        return [bin_path, "--dangerously-skip-permissions", "--print", prompt]
+    return [bin_path, "--print", prompt]
+
+
+def _run_claude_attempt(bin_path: str, prompt: str, env: dict) -> tuple[str, bool]:
+    """
+    Run claude CLI with the given env. Returns (output, timed_out).
+    Raises FileNotFoundError if binary is missing.
+    """
+    try:
+        result = subprocess.run(
+            _claude_cmd(bin_path, prompt),
+            capture_output=True, text=True, timeout=SUBPROCESS_TIMEOUT, env=env,
+        )
+        return (result.stdout or "") + (result.stderr or ""), False
+    except subprocess.TimeoutExpired:
+        return "", True
+
+
 def generate_fix(
     event: ErrorEvent,
     repo: RepoConfig,
     cfg: SentinelConfig,
     patches_dir: Path,
-) -> tuple[str, Path | None]:
+) -> tuple[str, Path | None, str]:
     """
     Generate a fix for the given error event.
 
     Returns:
-        (status, patch_path)
+        (status, patch_path, marker)
         status: "patch" | "skip" | "error"
+
+    Auth strategy — API key and Claude Pro (OAuth) are interchangeable:
+      Primary  : Claude Pro (OAuth) if claude_pro_for_tasks=True, else API key
+      Fallback : the other method, if primary fails with an auth error
+      On total auth failure: notify Slack admins + email report recipients
     """
-    # Issues have source like "issues/filename" — no rolling log file exists
+    import os as _os
+
+    marker   = f"sentinel-{event.fingerprint[:8]}"
     log_file = Path(cfg.workspace_dir) / "fetched" / f"{event.source}.log"
     if not log_file.exists():
         log_file = None
-    prompt = _build_prompt(event, repo, log_file)
+    prompt = _build_prompt(event, repo, log_file, marker)
 
     logger.info("Invoking Claude Code for %s (fp=%s)", event.source, event.fingerprint)
-    import os as _os
-    env = _os.environ.copy()
-    # Inject API key only when Claude Pro is NOT preferred for tasks
-    # (when claude_pro_for_tasks=True and API key is set, let claude CLI use OAuth/Pro)
-    if cfg.anthropic_api_key and not cfg.claude_pro_for_tasks:
-        env["ANTHROPIC_API_KEY"] = cfg.anthropic_api_key
+
+    base_env  = _os.environ.copy()
+    api_env   = {**base_env, "ANTHROPIC_API_KEY": cfg.anthropic_api_key} if cfg.anthropic_api_key else None
+    oauth_env = base_env  # relies on cached `claude login` session — no key injected
+
+    # Choose primary/fallback order based on config
+    if cfg.claude_pro_for_tasks and cfg.anthropic_api_key:
+        attempts = [("Claude Pro (OAuth)", oauth_env), ("API key", api_env)]
+    elif cfg.claude_pro_for_tasks:
+        attempts = [("Claude Pro (OAuth)", oauth_env)]
+    elif cfg.anthropic_api_key:
+        attempts = [("API key", api_env), ("Claude Pro (OAuth)", oauth_env)]
+    else:
+        attempts = [("Claude Pro (OAuth)", oauth_env)]
+
+    output = ""
     try:
-        result = subprocess.run(
-            ([cfg.claude_code_bin, "--dangerously-skip-permissions", "--print", prompt]
-            if os.getuid() != 0 else
-            [cfg.claude_code_bin, "--print", prompt]),
-            capture_output=True, text=True, timeout=SUBPROCESS_TIMEOUT, env=env,
-        )
-    except subprocess.TimeoutExpired:
-        logger.error("Claude Code timed out for %s", event.fingerprint)
-        return "error", None, ""
+        for label, env in attempts:
+            if env is None:
+                continue
+            logger.info("fix_engine: trying %s for %s", label, event.fingerprint)
+            output, timed_out = _run_claude_attempt(cfg.claude_code_bin, prompt, env)
+            if timed_out:
+                logger.error("Claude Code timed out for %s", event.fingerprint)
+                return "error", None, ""
+            if not _is_auth_error(output):
+                break
+            logger.warning("fix_engine: %s auth error for %s — trying next method", label, event.fingerprint)
+        else:
+            # All attempts failed with auth errors
+            msg = (
+                ":warning: *Sentinel — Fix Engine auth failure*\n"
+                f"Both API key and Claude Pro (OAuth) failed authentication for `{event.fingerprint}`.\n"
+                "• Check that `ANTHROPIC_API_KEY` is valid, or run `claude login` to refresh the OAuth session."
+            )
+            logger.error("fix_engine: all auth methods failed for %s", event.fingerprint)
+            slack_alert(cfg.slack_bot_token, cfg.slack_channel, msg)
+            return "error", None, ""
     except FileNotFoundError:
         msg = (
             f":warning: *Sentinel — Claude CLI not found*\n"
@@ -145,9 +212,7 @@ def generate_fix(
         slack_alert(cfg.slack_bot_token, cfg.slack_channel, msg)
         return "error", None, ""
 
-    output = (result.stdout or "") + (result.stderr or "")
-
-    # Alert Slack immediately on rate-limit / auth failure — never stay silent
+    # Alert Slack immediately on rate-limit — never stay silent
     alert_if_rate_limited(
         cfg.slack_bot_token,
         cfg.slack_channel,

package/python/sentinel/main.py

@@ -549,13 +549,14 @@ def _log_auth_status(cfg: SentinelConfig) -> None:
 
     if has_api_key and pro_for_tasks:
         logger.info(
-            "Claude auth: API key ✓ (Boss) + Claude Pro preferred for Fix Engine/Ask Codebase. "
+            "Claude auth: API key ✓ + Claude Pro (OAuth) ✓ — "
+            "Fix Engine will try Claude Pro first, falls back to API key on auth error. "
             "Run `claude login` if not already authenticated."
         )
     elif has_api_key and not pro_for_tasks:
         logger.info(
-            "Claude auth: API key ✓ (Boss + Fix Engine). "
-            "CLAUDE_PRO_FOR_TASKS=false — all tasks billed to API quota."
+            "Claude auth: API key ✓ — Boss + Fix Engine use API key. "
+            "CLAUDE_PRO_FOR_TASKS=false; falls back to Claude Pro (OAuth) if key auth fails."
         )
     elif not has_api_key and has_claude_bin:
         logger.warning(

package/python/sentinel/sentinel_boss.py

@@ -1722,6 +1722,80 @@ async def _handle_with_cli(
     return reply, is_done
 
 
+# ── History serialization helpers ────────────────────────────────────────────
+
+def _serialize_content(content) -> list:
+    """Convert Anthropic SDK response content (Pydantic objects) to plain dicts.
+
+    The SDK returns TextBlock / ToolUseBlock instances.  json.dumps(..., default=str)
+    turns them into useless strings like "TextBlock(type='text', text='...')".
+    This converts them to proper dicts so history round-trips through SQLite safely.
+    """
+    if not isinstance(content, list):
+        return content
+    result = []
+    for block in content:
+        if isinstance(block, dict):
+            result.append(block)
+        elif hasattr(block, "model_dump"):
+            result.append(block.model_dump())
+        elif hasattr(block, "dict"):
+            result.append(block.dict())
+        elif hasattr(block, "type"):
+            if block.type == "text":
+                result.append({"type": "text", "text": getattr(block, "text", "")})
+            elif block.type == "tool_use":
+                result.append({
+                    "type":  "tool_use",
+                    "id":    getattr(block, "id", ""),
+                    "name":  getattr(block, "name", ""),
+                    "input": getattr(block, "input", {}),
+                })
+        else:
+            result.append({"type": "text", "text": str(block)})
+    return result
+
+
+def _clean_history(history: list) -> list:
+    """Remove turns that would cause a 400 from the Anthropic API.
+
+    Strips orphaned tool_use blocks (assistant turn with tool_use but no
+    following tool_result turn) and consecutive same-role turns that result
+    from a previous session that crashed mid-tool-loop.
+    """
+    cleaned = []
+    i = 0
+    while i < len(history):
+        turn = history[i]
+        role    = turn.get("role", "")
+        content = turn.get("content", [])
+
+        # Drop assistant turns that contain tool_use if the next turn isn't tool_result
+        if role == "assistant" and isinstance(content, list):
+            has_tool_use = any(
+                (isinstance(b, dict) and b.get("type") == "tool_use")
+                for b in content
+            )
+            if has_tool_use:
+                next_turn = history[i + 1] if i + 1 < len(history) else None
+                next_content = (next_turn or {}).get("content", [])
+                has_result = isinstance(next_content, list) and any(
+                    (isinstance(b, dict) and b.get("type") == "tool_result")
+                    for b in next_content
+                )
+                if not has_result:
+                    i += 1   # skip orphaned tool_use turn
+                    continue
+
+        # Drop consecutive same-role turns (keep the last one)
+        if cleaned and cleaned[-1].get("role") == role:
+            cleaned[-1] = turn
+        else:
+            cleaned.append(turn)
+        i += 1
+    return cleaned
+
+
 # ── API-key path (structured tools, full agentic loop) ────────────────────────
 
 async def _handle_with_api(
@@ -1769,13 +1843,15 @@ async def _handle_with_api(
         user_content = attach_blocks + [{"type": "text", "text": message}]
     else:
         user_content = message
-    history.append({"role": "user", "content": user_content})
-    messages = list(history)
+
+    # Work on a local copy — only commit to history on success to prevent
+    # cascading 400s if the API rejects a malformed/corrupted history.
+    messages = list(history) + [{"role": "user", "content": user_content}]
 
     while True:
         response = client.messages.create(
             model="claude-opus-4-6",
-            max_tokens=1024,
+            max_tokens=2048,
             system=system,
             tools=_TOOLS,
             messages=messages,
@@ -1799,10 +1875,12 @@ async def _handle_with_api(
             # Heuristic override: if reply ends with a question, Claude is waiting for input
             if is_done and re.search(r'\?\s*$', reply):
                 is_done = False
-            history.append({"role": "assistant", "content": response.content})
+            # Commit to history only on success — serialize SDK objects to plain dicts
+            history.append({"role": "user", "content": user_content})
+            history.append({"role": "assistant", "content": _serialize_content(response.content)})
             return reply, is_done
 
-        messages.append({"role": "assistant", "content": response.content})
+        messages.append({"role": "assistant", "content": _serialize_content(response.content)})
         tool_results = []
         for tc in tool_blocks:
             result = await _run_tool(tc.name, tc.input, cfg_loader, store, slack_client=slack_client, user_id=user_id, channel=channel, is_admin=is_admin)

package/python/sentinel/slack_bot.py

@@ -23,7 +23,7 @@ from dataclasses import dataclass, field
 from pathlib import Path
 from typing import Optional
 
-from .sentinel_boss import handle_message
+from .sentinel_boss import handle_message, _clean_history
 
 logger = logging.getLogger(__name__)
 
@@ -370,9 +370,10 @@ _MAX_HISTORY_TURNS = 20   # keep last 20 exchanges (~40 messages) to stay well w
 async def _run_turn(session: _Session, message: str, client, cfg_loader, store, attachments: list | None = None, is_admin: bool = False) -> None:
     channel = session.channel
 
-    # Load persisted history from DB on the first turn of a new session
+    # Load persisted history from DB on the first turn of a new session.
+    # Clean it to strip any orphaned tool_use turns from a previous crashed session.
     if not session.history_loaded:
-        session.history = store.load_conversation(session.user_id)
+        session.history = _clean_history(store.load_conversation(session.user_id))
         session.history_loaded = True
 
     # Trim history to avoid context overflow on long conversations