@ouro.bot/cli 0.1.0-alpha.127 → 0.1.0-alpha.129

package/changelog.json

@@ -1,6 +1,21 @@
 {
   "_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
   "versions": [
+    {
+      "version": "0.1.0-alpha.129",
+      "changes": [
+        "Fixed final_answer truth-check false positive: agents with intent=complete can now deliver answers even when delegation suggests going inward.",
+        "Fixed BlueBubbles message deduplication: messages are recorded immediately to prevent duplicate processing on webhook retries.",
+        "Fixed session key normalization: listSessionActivity now compares sanitized keys so the current session is correctly excluded from other-session lists.",
+        "ouro auth with no args now shows auth-specific help instead of full CLI help."
+      ]
+    },
+    {
+      "version": "0.1.0-alpha.128",
+      "changes": [
+        "Error message sanitizer now strips HTML responses (Cloudflare challenge pages, error pages) in addition to JSON."
+      ]
+    },
     {
       "version": "0.1.0-alpha.127",
       "changes": [

package/dist/heart/core.js

@@ -238,8 +238,11 @@ function isExternalStateQuery(toolName, args) {
     return /\bgh\s+(pr|run|api|issue)\b/.test(cmd) || /\bnpm\s+(view|info|show)\b/.test(cmd);
 }
 function getFinalAnswerRetryError(mustResolveBeforeHandoff, intent, sawSteeringFollowUp, delegationDecision, sawSendMessageSelf, sawGoInward, sawQuerySession, currentObligation, innerJob, sawExternalStateQuery) {
-    // 1. Delegation adherence: delegate-inward without evidence of inward action
-    if (delegationDecision?.target === "delegate-inward" && !sawSendMessageSelf && !sawGoInward && !sawQuerySession) {
+    // 1. Delegation adherence: delegate-inward without evidence of inward action.
+    // Only enforce on the FIRST final_answer attempt — if the agent persists with
+    // intent=complete, respect it. The delegation is a suggestion, not a hard gate.
+    // Without this escape, the agent gets stuck in a loop unable to respond.
+    if (delegationDecision?.target === "delegate-inward" && !sawSendMessageSelf && !sawGoInward && !sawQuerySession && intent !== "complete" && intent !== "blocked") {
         (0, runtime_1.emitNervesEvent)({
             event: "engine.delegation_adherence_rejected",
             component: "engine",

package/dist/heart/daemon/daemon-cli.js

@@ -688,8 +688,14 @@ function parseAuthCommand(args) {
             continue;
         }
     }
-    if (!agent)
-        throw new Error(`Usage\n${usage()}`);
+    if (!agent) {
+        throw new Error([
+            "Usage:",
+            "  ouro auth --agent <name> [--provider <provider>]     Set up credentials",
+            "  ouro auth verify --agent <name> [--provider <p>]     Verify credentials work",
+            "  ouro auth switch --agent <name> --provider <p>       Switch active provider",
+        ].join("\n"));
+    }
     return provider ? { kind: "auth.run", agent, provider } : { kind: "auth.run", agent };
 }
 function parseReminderCommand(args) {

package/dist/heart/provider-ping.js

@@ -12,25 +12,33 @@ const auth_flow_1 = require("./daemon/auth-flow");
 const runtime_1 = require("../nerves/runtime");
 const PING_TIMEOUT_MS = 10_000;
 /**
- * Strip raw JSON API response bodies from error messages.
- * SDK errors often include the full response body: "400 {"type":"error","error":...}".
- * Extract just the HTTP status prefix or a short summary.
+ * Strip raw JSON/HTML API response bodies from error messages.
+ * SDK errors often include the full response: "400 {"type":"error",...}" or "403 <html>...".
+ * Extract just the HTTP status and a short human-readable summary.
  */
 function sanitizeErrorMessage(message) {
-    // Match "NNN {json...}" pattern — keep the status code, drop the JSON
-    const match = message.match(/^(\d{3})\s*\{/);
-    if (match) {
-        // Try to extract the inner message from the JSON
+    const statusMatch = message.match(/^(\d{3})\s/);
+    if (!statusMatch)
+        return message;
+    const status = statusMatch[1];
+    const body = message.slice(status.length).trim();
+    // HTML response (Cloudflare challenge, error pages, etc.)
+    if (body.startsWith("<") || body.includes("<!DOCTYPE") || body.includes("<html")) {
+        return `HTTP ${status}`;
+    }
+    // JSON response
+    if (body.startsWith("{")) {
         try {
-            const json = JSON.parse(message.slice(match[1].length).trim());
+            const json = JSON.parse(body);
             const inner = json?.error?.message;
             if (typeof inner === "string" && inner && inner !== "Error") {
-                return `${match[1]} ${inner}`;
+                return `${status} ${inner}`;
             }
         }
-        catch { /* not valid JSON, fall through */ }
-        return `HTTP ${match[1]}`;
+        catch { /* not valid JSON */ }
+        return `HTTP ${status}`;
     }
+    // Already clean (e.g., "401 Provided authentication token is expired.")
     return message;
 }
 function hasEmptyCredentials(provider, config) {

package/dist/heart/session-activity.js

@@ -38,6 +38,7 @@ exports.findFreshestFriendSession = findFreshestFriendSession;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const runtime_1 = require("../nerves/runtime");
+const config_1 = require("./config");
 const DEFAULT_ACTIVE_THRESHOLD_MS = 24 * 60 * 60 * 1000;
 function activityPriority(source) {
     return source === "friend-facing" ? 0 : 1;
@@ -130,7 +131,10 @@ function listSessionActivity(query) {
                 if (!keyFile.endsWith(".json"))
                     continue;
                 const key = keyFile.replace(/\.json$/, "");
-                if (currentSession && friendId === currentSession.friendId && channel === currentSession.channel && key === currentSession.key) {
+                // Compare with sanitizeKey on both sides — session keys from the filesystem
+                // are already sanitized (colons → underscores), but the canonical key from
+                // the pipeline may still have colons (e.g. "chat:any" vs "chat_any").
+                if (currentSession && friendId === currentSession.friendId && channel === currentSession.channel && (0, config_1.sanitizeKey)(key) === (0, config_1.sanitizeKey)(currentSession.key)) {
                     continue;
                 }
                 const sessionPath = path.join(channelPath, keyFile);

package/dist/senses/bluebubbles.js

@@ -579,6 +579,9 @@ async function handleBlueBubblesNormalizedEvent(event, resolvedDeps, source) {
                 });
                 return { handled: true, notifiedAgent: false, kind: event.kind, reason: "already_processed" };
             }
+            // Record EARLY to prevent duplicate processing. BB webhooks can retry
+            // before the first turn completes — recording after the turn is too late.
+            (0, bluebubbles_inbound_log_1.recordBlueBubblesInbound)(agentName, event, source);
             if (source !== "webhook" && sessionLikelyContainsMessage(event, existing?.messages ?? sessionMessages)) {
                 (0, bluebubbles_inbound_log_1.recordBlueBubblesInbound)(agentName, event, "recovery-bootstrap");
                 (0, runtime_1.emitNervesEvent)({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ouro.bot/cli",
-  "version": "0.1.0-alpha.127",
+  "version": "0.1.0-alpha.129",
   "main": "dist/heart/daemon/ouro-entry.js",
   "bin": {
     "cli": "dist/heart/daemon/ouro-bot-entry.js",