@misterhuydo/sentinel 1.4.42 → 1.4.44

package/.cairn/.hint-lock

@@ -1 +1 @@
-2026-03-25T08:22:19.770Z
+2026-03-25T10:11:02.271Z

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-25T08:23:06.186Z",
-  "checkpoint_at": "2026-03-25T08:23:06.187Z",
+  "message": "Auto-checkpoint at 2026-03-25T10:07:47.873Z",
+  "checkpoint_at": "2026-03-25T10:07:47.874Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.4.42",
+  "version": "1.4.44",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/git_manager.py

@@ -74,6 +74,9 @@ def apply_and_commit(
     if _check_protected_paths(patch_path):
         return "failed", ""
 
+    # Discard any leftover changes from a previous failed fix attempt
+    _git(["checkout", "."], cwd=local_path, env=env)
+
     r = _git(["pull", "--rebase", "origin", repo.branch], cwd=local_path, env=env)
     if r.returncode != 0:
         logger.error("git pull failed for %s:\n%s", repo.repo_name, r.stderr)

package/python/sentinel/sentinel_boss.py

@@ -906,6 +906,31 @@ _TOOLS = [
         ),
         "input_schema": {"type": "object", "properties": {}},
     },
+    {
+        "name": "merge_pr",
+        "description": (
+            "ADMIN ONLY. Merge an open Sentinel PR into the main branch. "
+            "Use when AUTO_PUBLISH=false and you are satisfied with the fix after review. "
+            "Handles rebase conflicts automatically if possible. "
+            "e.g. 'merge the fix for Whydah-TypeLib', 'sync fix abc123 to main', "
+            "'merge the open PR for elprint-sales-core-service'"
+        ),
+        "input_schema": {
+            "type": "object",
+            "properties": {
+                "repo_name": {
+                    "type": "string",
+                    "description": "Repository name (must match a repo in config/repos/)",
+                },
+                "fingerprint": {
+                    "type": "string",
+                    "description": "Optional 8-char fingerprint to target a specific fix PR. "
+                                   "If omitted, merges the most recent open PR for the repo.",
+                },
+            },
+            "required": ["repo_name"],
+        },
+    },
     {
         "name": "set_maintenance",
         "description": (
@@ -2168,7 +2193,7 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
         return json.dumps({"error": "cannot determine user — not clearing"})
 
     # ── Admin-only tools ──────────────────────────────────────────────────────
-    _ADMIN_TOOLS = {"list_all_users", "clear_user_history", "reset_fingerprint", "list_all_errors", "export_db"}
+    _ADMIN_TOOLS = {"list_all_users", "clear_user_history", "reset_fingerprint", "list_all_errors", "export_db", "merge_pr"}
     if name in _ADMIN_TOOLS:
         if not is_admin:
             return json.dumps({"error": "Admin access required. You are not in SLACK_ADMIN_USERS."})
@@ -2178,9 +2203,9 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
             return json.dumps({"users": stats, "total": len(stats)})
 
         if name == "clear_user_history":
-            target = inputs.get("target_user_id", "").strip()
+            target = (inputs.get("user_id") or inputs.get("target_user_id", "")).strip()
             if not target:
-                return json.dumps({"error": "target_user_id is required"})
+                return json.dumps({"error": "user_id is required"})
             store.save_conversation(target, [])
             display = store.get_user_name(target)
             logger.info("Boss admin: cleared history for user %s (%s) by admin %s", target, display, user_id)
@@ -2249,6 +2274,112 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
             except Exception as e:
                 return json.dumps({"error": str(e)})
 
+        if name == "merge_pr":
+            import re as _re
+            import requests as _req
+            repo_name   = inputs.get("repo_name", "").strip()
+            fingerprint = inputs.get("fingerprint", "").strip()
+            github_token = cfg_loader.sentinel.github_token
+            if not github_token:
+                return json.dumps({"error": "GITHUB_TOKEN not configured"})
+
+            # Find the PR in state_store
+            open_prs = store.get_open_prs()
+            candidates = [p for p in open_prs if p.get("repo_name") == repo_name]
+            if fingerprint:
+                candidates = [p for p in candidates if p.get("fingerprint", "").startswith(fingerprint)]
+            if not candidates:
+                return json.dumps({"error": f"No open Sentinel PR found for repo '{repo_name}'"
+                                            + (f" with fingerprint '{fingerprint}'" if fingerprint else "")})
+            fix = candidates[0]  # most recent
+            pr_url = fix.get("pr_url", "")
+            branch = fix.get("branch", "")
+            fp     = fix.get("fingerprint", "")
+
+            # Parse owner/repo and PR number from pr_url
+            m = _re.search(r"github\.com/([^/]+/[^/]+)/pull/(\d+)", pr_url)
+            if not m:
+                return json.dumps({"error": f"Cannot parse PR URL: {pr_url}"})
+            owner_repo = m.group(1)
+            pr_number  = m.group(2)
+            headers = {
+                "Authorization": f"Bearer {github_token}",
+                "Accept": "application/vnd.github+json",
+            }
+
+            # Attempt merge via GitHub API
+            merge_resp = _req.put(
+                f"https://api.github.com/repos/{owner_repo}/pulls/{pr_number}/merge",
+                json={"merge_method": "squash", "commit_title": f"fix(sentinel): merge PR #{pr_number}"},
+                headers=headers, timeout=30,
+            )
+
+            if merge_resp.status_code == 200:
+                # Success
+                sha = merge_resp.json().get("sha", "")[:8]
+                store.record_fix(fp, "applied", branch=branch, pr_url=pr_url,
+                                 repo_name=repo_name, commit_hash=sha)
+                logger.info("Boss merge_pr: merged PR #%s for %s (fp=%s) by admin %s",
+                            pr_number, repo_name, fp[:8], user_id)
+                return json.dumps({
+                    "status": "merged",
+                    "pr": pr_url,
+                    "sha": sha,
+                    "repo": repo_name,
+                    "note": f"PR #{pr_number} merged into main. Branch '{branch}' can now be deleted.",
+                })
+
+            # Conflict — attempt local rebase then retry
+            if merge_resp.status_code in (405, 409):
+                repo_cfg = cfg_loader.repos.get(repo_name)
+                if not repo_cfg or not repo_cfg.local_path:
+                    return json.dumps({"error": f"Merge conflict and no local clone found for '{repo_name}'. Resolve manually: {pr_url}"})
+                import subprocess as _sp
+                from .git_manager import _git_env
+                env = _git_env(repo_cfg)
+                cwd = repo_cfg.local_path
+                base = repo_cfg.branch
+                # fetch + checkout fix branch + rebase
+                _sp.run(["git", "fetch", "origin"], cwd=cwd, env=env, capture_output=True, timeout=60)
+                _sp.run(["git", "checkout", branch], cwd=cwd, env=env, capture_output=True, timeout=30)
+                rb = _sp.run(["git", "rebase", f"origin/{base}"], cwd=cwd, env=env, capture_output=True, timeout=60)
+                if rb.returncode != 0:
+                    _sp.run(["git", "rebase", "--abort"], cwd=cwd, env=env, capture_output=True, timeout=30)
+                    _sp.run(["git", "checkout", base], cwd=cwd, env=env, capture_output=True, timeout=30)
+                    return json.dumps({
+                        "status": "conflict",
+                        "error": "Rebase failed — conflicts must be resolved manually",
+                        "pr": pr_url,
+                        "details": rb.stderr.strip()[:500],
+                    })
+                _sp.run(["git", "push", "--force-with-lease", "origin", branch],
+                        cwd=cwd, env=env, capture_output=True, timeout=60)
+                _sp.run(["git", "checkout", base], cwd=cwd, env=env, capture_output=True, timeout=30)
+                # Retry merge
+                retry_resp = _req.put(
+                    f"https://api.github.com/repos/{owner_repo}/pulls/{pr_number}/merge",
+                    json={"merge_method": "squash", "commit_title": f"fix(sentinel): merge PR #{pr_number}"},
+                    headers=headers, timeout=30,
+                )
+                if retry_resp.status_code == 200:
+                    sha = retry_resp.json().get("sha", "")[:8]
+                    store.record_fix(fp, "applied", branch=branch, pr_url=pr_url,
+                                     repo_name=repo_name, commit_hash=sha)
+                    logger.info("Boss merge_pr: merged (after rebase) PR #%s for %s by admin %s",
+                                pr_number, repo_name, user_id)
+                    return json.dumps({
+                        "status": "merged",
+                        "pr": pr_url,
+                        "sha": sha,
+                        "repo": repo_name,
+                        "note": f"PR #{pr_number} merged after rebase. Branch '{branch}' can now be deleted.",
+                    })
+                return json.dumps({"status": "error", "pr": pr_url,
+                                   "error": f"Retry merge failed ({retry_resp.status_code}): {retry_resp.text[:300]}"})
+
+            return json.dumps({"status": "error", "pr": pr_url,
+                               "error": f"GitHub API returned {merge_resp.status_code}: {merge_resp.text[:300]}"})
+
     return json.dumps({"error": f"unknown tool: {name}"})