@poolzin/pool-bot 2026.2.21 → 2026.2.23

package/dist/config/sessions/paths.js

@@ -1,46 +1,172 @@
 import os from "node:os";
 import path from "node:path";
+import { expandHomePrefix, resolveRequiredHomeDir } from "../../infra/home-dir.js";
 import { DEFAULT_AGENT_ID, normalizeAgentId } from "../../routing/session-key.js";
 import { resolveStateDir } from "../paths.js";
-function resolveAgentSessionsDir(agentId, env = process.env, homedir = os.homedir) {
+function resolveAgentSessionsDir(agentId, env = process.env, homedir = () => resolveRequiredHomeDir(env, os.homedir)) {
     const root = resolveStateDir(env, homedir);
     const id = normalizeAgentId(agentId ?? DEFAULT_AGENT_ID);
     return path.join(root, "agents", id, "sessions");
 }
-export function resolveSessionTranscriptsDir(env = process.env, homedir = os.homedir) {
+export function resolveSessionTranscriptsDir(env = process.env, homedir = () => resolveRequiredHomeDir(env, os.homedir)) {
     return resolveAgentSessionsDir(DEFAULT_AGENT_ID, env, homedir);
 }
-export function resolveSessionTranscriptsDirForAgent(agentId, env = process.env, homedir = os.homedir) {
+export function resolveSessionTranscriptsDirForAgent(agentId, env = process.env, homedir = () => resolveRequiredHomeDir(env, os.homedir)) {
     return resolveAgentSessionsDir(agentId, env, homedir);
 }
 export function resolveDefaultSessionStorePath(agentId) {
     return path.join(resolveAgentSessionsDir(agentId), "sessions.json");
 }
-export function resolveSessionTranscriptPath(sessionId, agentId, topicId) {
+export function resolveSessionFilePathOptions(params) {
+    const agentId = params.agentId?.trim();
+    const storePath = params.storePath?.trim();
+    if (storePath) {
+        const sessionsDir = path.dirname(path.resolve(storePath));
+        return agentId ? { sessionsDir, agentId } : { sessionsDir };
+    }
+    if (agentId) {
+        return { agentId };
+    }
+    return undefined;
+}
+export const SAFE_SESSION_ID_RE = /^[a-z0-9][a-z0-9._-]{0,127}$/i;
+export function validateSessionId(sessionId) {
+    const trimmed = sessionId.trim();
+    if (!SAFE_SESSION_ID_RE.test(trimmed)) {
+        throw new Error(`Invalid session ID: ${sessionId}`);
+    }
+    return trimmed;
+}
+function resolveSessionsDir(opts) {
+    const sessionsDir = opts?.sessionsDir?.trim();
+    if (sessionsDir) {
+        return path.resolve(sessionsDir);
+    }
+    return resolveAgentSessionsDir(opts?.agentId);
+}
+function resolvePathFromAgentSessionsDir(agentSessionsDir, candidateAbsPath) {
+    const agentBase = path.resolve(agentSessionsDir);
+    const relative = path.relative(agentBase, candidateAbsPath);
+    if (!relative || relative.startsWith("..") || path.isAbsolute(relative)) {
+        return undefined;
+    }
+    return path.resolve(agentBase, relative);
+}
+function resolveSiblingAgentSessionsDir(baseSessionsDir, agentId) {
+    const resolvedBase = path.resolve(baseSessionsDir);
+    if (path.basename(resolvedBase) !== "sessions") {
+        return undefined;
+    }
+    const baseAgentDir = path.dirname(resolvedBase);
+    const baseAgentsDir = path.dirname(baseAgentDir);
+    if (path.basename(baseAgentsDir) !== "agents") {
+        return undefined;
+    }
+    const rootDir = path.dirname(baseAgentsDir);
+    return path.join(rootDir, "agents", normalizeAgentId(agentId), "sessions");
+}
+function extractAgentIdFromAbsoluteSessionPath(candidateAbsPath) {
+    const normalized = path.normalize(path.resolve(candidateAbsPath));
+    const parts = normalized.split(path.sep).filter(Boolean);
+    const sessionsIndex = parts.lastIndexOf("sessions");
+    if (sessionsIndex < 2 || parts[sessionsIndex - 2] !== "agents") {
+        return undefined;
+    }
+    const agentId = parts[sessionsIndex - 1];
+    return agentId || undefined;
+}
+function resolvePathWithinSessionsDir(sessionsDir, candidate, opts) {
+    const trimmed = candidate.trim();
+    if (!trimmed) {
+        throw new Error("Session file path must not be empty");
+    }
+    const resolvedBase = path.resolve(sessionsDir);
+    // Normalize absolute paths that are within the sessions directory.
+    // Older versions stored absolute sessionFile paths in sessions.json;
+    // convert them to relative so the containment check passes.
+    const normalized = path.isAbsolute(trimmed) ? path.relative(resolvedBase, trimmed) : trimmed;
+    if (normalized.startsWith("..") && path.isAbsolute(trimmed)) {
+        const tryAgentFallback = (agentId) => {
+            const normalizedAgentId = normalizeAgentId(agentId);
+            const siblingSessionsDir = resolveSiblingAgentSessionsDir(resolvedBase, normalizedAgentId);
+            if (siblingSessionsDir) {
+                const siblingResolved = resolvePathFromAgentSessionsDir(siblingSessionsDir, trimmed);
+                if (siblingResolved) {
+                    return siblingResolved;
+                }
+            }
+            return resolvePathFromAgentSessionsDir(resolveAgentSessionsDir(normalizedAgentId), trimmed);
+        };
+        const explicitAgentId = opts?.agentId?.trim();
+        if (explicitAgentId) {
+            const resolvedFromAgent = tryAgentFallback(explicitAgentId);
+            if (resolvedFromAgent) {
+                return resolvedFromAgent;
+            }
+        }
+        const extractedAgentId = extractAgentIdFromAbsoluteSessionPath(trimmed);
+        if (extractedAgentId) {
+            const resolvedFromPath = tryAgentFallback(extractedAgentId);
+            if (resolvedFromPath) {
+                return resolvedFromPath;
+            }
+            // The path structurally matches .../agents/<agentId>/sessions/...
+            // Accept it even if the root directory differs from the current env
+            // (e.g., POOLBOT_STATE_DIR changed between session creation and resolution).
+            // The structural pattern provides sufficient containment guarantees.
+            return path.resolve(trimmed);
+        }
+    }
+    if (!normalized || normalized.startsWith("..") || path.isAbsolute(normalized)) {
+        throw new Error("Session file path must be within sessions directory");
+    }
+    return path.resolve(resolvedBase, normalized);
+}
+export function resolveSessionTranscriptPathInDir(sessionId, sessionsDir, topicId) {
+    const safeSessionId = validateSessionId(sessionId);
     const safeTopicId = typeof topicId === "string"
         ? encodeURIComponent(topicId)
         : typeof topicId === "number"
             ? String(topicId)
             : undefined;
-    const fileName = safeTopicId !== undefined ? `${sessionId}-topic-${safeTopicId}.jsonl` : `${sessionId}.jsonl`;
-    return path.join(resolveAgentSessionsDir(agentId), fileName);
+    const fileName = safeTopicId !== undefined
+        ? `${safeSessionId}-topic-${safeTopicId}.jsonl`
+        : `${safeSessionId}.jsonl`;
+    return resolvePathWithinSessionsDir(sessionsDir, fileName);
+}
+export function resolveSessionTranscriptPath(sessionId, agentId, topicId) {
+    return resolveSessionTranscriptPathInDir(sessionId, resolveAgentSessionsDir(agentId), topicId);
 }
 export function resolveSessionFilePath(sessionId, entry, opts) {
+    const sessionsDir = resolveSessionsDir(opts);
     const candidate = entry?.sessionFile?.trim();
-    return candidate ? candidate : resolveSessionTranscriptPath(sessionId, opts?.agentId);
+    if (candidate) {
+        return resolvePathWithinSessionsDir(sessionsDir, candidate, { agentId: opts?.agentId });
+    }
+    return resolveSessionTranscriptPathInDir(sessionId, sessionsDir);
 }
 export function resolveStorePath(store, opts) {
     const agentId = normalizeAgentId(opts?.agentId ?? DEFAULT_AGENT_ID);
-    if (!store)
+    if (!store) {
         return resolveDefaultSessionStorePath(agentId);
+    }
     if (store.includes("{agentId}")) {
         const expanded = store.replaceAll("{agentId}", agentId);
         if (expanded.startsWith("~")) {
-            return path.resolve(expanded.replace(/^~(?=$|[\\/])/, os.homedir()));
+            return path.resolve(expandHomePrefix(expanded, {
+                home: resolveRequiredHomeDir(process.env, os.homedir),
+                env: process.env,
+                homedir: os.homedir,
+            }));
         }
         return path.resolve(expanded);
     }
-    if (store.startsWith("~"))
-        return path.resolve(store.replace(/^~(?=$|[\\/])/, os.homedir()));
+    if (store.startsWith("~")) {
+        return path.resolve(expandHomePrefix(store, {
+            home: resolveRequiredHomeDir(process.env, os.homedir),
+            env: process.env,
+            homedir: os.homedir,
+        }));
+    }
     return path.resolve(store);
 }

package/dist/config/sessions/store.js

@@ -1,9 +1,10 @@
-import JSON5 from "json5";
 import crypto from "node:crypto";
 import fs from "node:fs";
 import path from "node:path";
+import { acquireSessionWriteLock } from "../../agents/session-write-lock.js";
 import { parseByteSize } from "../../cli/parse-bytes.js";
 import { parseDurationMs } from "../../cli/parse-duration.js";
+import { archiveSessionTranscripts, cleanupArchivedSessionTranscripts, } from "../../gateway/session-utils.fs.js";
 import { createSubsystemLogger } from "../../logging/subsystem.js";
 import { deliveryContextFromSession, mergeDeliveryContext, normalizeDeliveryContext, normalizeSessionDeliveryFields, } from "../../utils/delivery-context.js";
 import { getFileMtimeMs, isCacheEnabled, resolveCacheTtlMs } from "../cache-utils.js";
@@ -18,7 +19,7 @@ function isSessionStoreRecord(value) {
 }
 function getSessionStoreTtl() {
     return resolveCacheTtlMs({
-        envValue: process.env.POOLBOT_SESSION_CACHE_TTL_MS || process.env.CLAWDBOT_SESSION_CACHE_TTL_MS,
+        envValue: process.env.POOLBOT_SESSION_CACHE_TTL_MS,
         defaultTtlMs: DEFAULT_SESSION_STORE_TTL_MS,
     });
 }
@@ -84,6 +85,19 @@ function normalizeSessionStore(store) {
 }
 export function clearSessionStoreCacheForTest() {
     SESSION_STORE_CACHE.clear();
+    for (const queue of LOCK_QUEUES.values()) {
+        for (const task of queue.pending) {
+            task.reject(new Error("session store queue cleared for test"));
+        }
+    }
+    LOCK_QUEUES.clear();
+}
+/** Expose lock queue size for tests. */
+export function getSessionStoreLockQueueSizeForTest() {
+    return LOCK_QUEUES.size;
+}
+export async function withSessionStoreLockForTest(storePath, fn, opts = {}) {
+    return await withSessionStoreLock(storePath, fn, opts);
 }
 export function loadSessionStore(storePath, opts = {}) {
     // Check cache first if enabled
@@ -98,19 +112,39 @@ export function loadSessionStore(storePath, opts = {}) {
             invalidateSessionStoreCache(storePath);
         }
     }
-    // Cache miss or disabled - load from disk
+    // Cache miss or disabled - load from disk.
+    // Retry up to 3 times when the file is empty or unparseable.  On Windows the
+    // temp-file + rename write is not fully atomic: a concurrent reader can briefly
+    // observe a 0-byte file (between truncate and write) or a stale/locked state.
+    // A short synchronous backoff (50 ms via `Atomics.wait`) is enough for the
+    // writer to finish.
     let store = {};
     let mtimeMs = getFileMtimeMs(storePath);
-    try {
-        const raw = fs.readFileSync(storePath, "utf-8");
-        const parsed = JSON5.parse(raw);
-        if (isSessionStoreRecord(parsed)) {
-            store = parsed;
+    const maxReadAttempts = process.platform === "win32" ? 3 : 1;
+    const retryBuf = maxReadAttempts > 1 ? new Int32Array(new SharedArrayBuffer(4)) : undefined;
+    for (let attempt = 0; attempt < maxReadAttempts; attempt++) {
+        try {
+            const raw = fs.readFileSync(storePath, "utf-8");
+            if (raw.length === 0 && attempt < maxReadAttempts - 1) {
+                // File is empty — likely caught mid-write; retry after a brief pause.
+                Atomics.wait(retryBuf, 0, 0, 50);
+                continue;
+            }
+            const parsed = JSON.parse(raw);
+            if (isSessionStoreRecord(parsed)) {
+                store = parsed;
+            }
+            mtimeMs = getFileMtimeMs(storePath) ?? mtimeMs;
+            break;
+        }
+        catch {
+            // File missing, locked, or transiently corrupt — retry on Windows.
+            if (attempt < maxReadAttempts - 1) {
+                Atomics.wait(retryBuf, 0, 0, 50);
+                continue;
+            }
+            // Final attempt failed; proceed with an empty store.
         }
-        mtimeMs = getFileMtimeMs(storePath) ?? mtimeMs;
-    }
-    catch {
-        // ignore missing/invalid store; we'll recreate it
     }
     // Best-effort migration: message provider → channel naming.
     for (const entry of Object.values(store)) {
@@ -216,6 +250,7 @@ export function pruneStaleEntries(store, overrideMaxAgeMs, opts = {}) {
     let pruned = 0;
     for (const [key, entry] of Object.entries(store)) {
         if (entry?.updatedAt != null && entry.updatedAt < cutoffMs) {
+            opts.onPruned?.({ key, entry });
             delete store[key];
             pruned++;
         }
@@ -376,19 +411,71 @@ async function saveSessionStoreUnlocked(storePath, store, opts) {
         }
         else {
             // Prune stale entries and cap total count before serializing.
-            pruneStaleEntries(store, maintenance.pruneAfterMs);
+            const prunedSessionFiles = new Map();
+            pruneStaleEntries(store, maintenance.pruneAfterMs, {
+                onPruned: ({ entry }) => {
+                    if (!prunedSessionFiles.has(entry.sessionId) || entry.sessionFile) {
+                        prunedSessionFiles.set(entry.sessionId, entry.sessionFile);
+                    }
+                },
+            });
             capEntryCount(store, maintenance.maxEntries);
+            const archivedDirs = new Set();
+            for (const [sessionId, sessionFile] of prunedSessionFiles) {
+                const archived = archiveSessionTranscripts({
+                    sessionId,
+                    storePath,
+                    sessionFile,
+                    reason: "deleted",
+                });
+                for (const archivedPath of archived) {
+                    archivedDirs.add(path.dirname(archivedPath));
+                }
+            }
+            if (archivedDirs.size > 0) {
+                await cleanupArchivedSessionTranscripts({
+                    directories: [...archivedDirs],
+                    olderThanMs: maintenance.pruneAfterMs,
+                    reason: "deleted",
+                });
+            }
             // Rotate the on-disk file if it exceeds the size threshold.
             await rotateSessionFile(storePath, maintenance.rotateBytes);
         }
     }
     await fs.promises.mkdir(path.dirname(storePath), { recursive: true });
     const json = JSON.stringify(store, null, 2);
-    // Windows: avoid atomic rename swaps (can be flaky under concurrent access).
-    // We serialize writers via the session-store lock instead.
+    // Windows: use temp-file + rename for atomic writes, same as other platforms.
+    // Direct `writeFile` truncates the target to 0 bytes before writing, which
+    // allows concurrent `readFileSync` calls (from unlocked `loadSessionStore`)
+    // to observe an empty file and lose the session store contents.
     if (process.platform === "win32") {
+        const tmp = `${storePath}.${process.pid}.${crypto.randomUUID()}.tmp`;
         try {
-            await fs.promises.writeFile(storePath, json, "utf-8");
+            await fs.promises.writeFile(tmp, json, "utf-8");
+            // Retry rename up to 5 times with increasing backoff — rename can fail
+            // on Windows when the target is locked by a concurrent reader.  We do
+            // NOT fall back to writeFile or copyFile because both use CREATE_ALWAYS
+            // on Windows, which truncates the target to 0 bytes before writing —
+            // reintroducing the exact race this fix addresses.  If all attempts
+            // fail, the temp file is cleaned up and the next save cycle (which is
+            // serialized by the write lock) will succeed.
+            for (let i = 0; i < 5; i++) {
+                try {
+                    await fs.promises.rename(tmp, storePath);
+                    break;
+                }
+                catch {
+                    if (i < 4) {
+                        await new Promise((r) => setTimeout(r, 50 * (i + 1)));
+                    }
+                    // Final attempt failed — skip this save.  The write lock ensures
+                    // the next save will retry with fresh data.  Log for diagnostics.
+                    if (i === 4) {
+                        console.warn(`[session-store] rename failed after 5 attempts: ${storePath}`);
+                    }
+                }
+            }
         }
         catch (err) {
             const code = err && typeof err === "object" && "code" in err
@@ -399,6 +486,9 @@ async function saveSessionStoreUnlocked(storePath, store, opts) {
             }
             throw err;
         }
+        finally {
+            await fs.promises.rm(tmp, { force: true }).catch(() => undefined);
+        }
         return;
     }
     const tmp = `${storePath}.${process.pid}.${crypto.randomUUID()}.tmp`;
@@ -451,67 +541,97 @@ export async function updateSessionStore(storePath, mutator, opts) {
         return result;
     });
 }
-async function withSessionStoreLock(storePath, fn, opts = {}) {
-    const timeoutMs = opts.timeoutMs ?? 10_000;
-    const pollIntervalMs = opts.pollIntervalMs ?? 25;
-    const staleMs = opts.staleMs ?? 30_000;
-    const lockPath = `${storePath}.lock`;
-    const startedAt = Date.now();
-    await fs.promises.mkdir(path.dirname(storePath), { recursive: true });
-    while (true) {
-        try {
-            const handle = await fs.promises.open(lockPath, "wx");
-            try {
-                await handle.writeFile(JSON.stringify({ pid: process.pid, startedAt: Date.now() }), "utf-8");
-            }
-            catch {
-                // best-effort
+const LOCK_QUEUES = new Map();
+function lockTimeoutError(storePath) {
+    return new Error(`timeout waiting for session store lock: ${storePath}`);
+}
+function getOrCreateLockQueue(storePath) {
+    const existing = LOCK_QUEUES.get(storePath);
+    if (existing) {
+        return existing;
+    }
+    const created = { running: false, pending: [] };
+    LOCK_QUEUES.set(storePath, created);
+    return created;
+}
+async function drainSessionStoreLockQueue(storePath) {
+    const queue = LOCK_QUEUES.get(storePath);
+    if (!queue || queue.running) {
+        return;
+    }
+    queue.running = true;
+    try {
+        while (queue.pending.length > 0) {
+            const task = queue.pending.shift();
+            if (!task) {
+                continue;
             }
-            await handle.close();
-            break;
-        }
-        catch (err) {
-            const code = err && typeof err === "object" && "code" in err
-                ? String(err.code)
-                : null;
-            if (code === "ENOENT") {
-                // Store directory may be deleted/recreated in tests while writes are in-flight.
-                // Best-effort: recreate the parent dir and retry until timeout.
-                await fs.promises
-                    .mkdir(path.dirname(storePath), { recursive: true })
-                    .catch(() => undefined);
-                await new Promise((r) => setTimeout(r, pollIntervalMs));
+            const remainingTimeoutMs = task.timeoutMs ?? Number.POSITIVE_INFINITY;
+            if (task.timeoutMs != null && remainingTimeoutMs <= 0) {
+                task.reject(lockTimeoutError(storePath));
                 continue;
             }
-            if (code !== "EEXIST") {
-                throw err;
+            let lock;
+            let result;
+            let failed;
+            let hasFailure = false;
+            try {
+                lock = await acquireSessionWriteLock({
+                    sessionFile: storePath,
+                    timeoutMs: remainingTimeoutMs,
+                    staleMs: task.staleMs,
+                });
+                result = await task.fn();
             }
-            const now = Date.now();
-            if (now - startedAt > timeoutMs) {
-                throw new Error(`timeout acquiring session store lock: ${lockPath}`, { cause: err });
+            catch (err) {
+                hasFailure = true;
+                failed = err;
             }
-            // Best-effort stale lock eviction (e.g. crashed process).
-            try {
-                const st = await fs.promises.stat(lockPath);
-                const ageMs = now - st.mtimeMs;
-                if (ageMs > staleMs) {
-                    await fs.promises.unlink(lockPath);
-                    continue;
-                }
+            finally {
+                await lock?.release().catch(() => undefined);
             }
-            catch {
-                // ignore
+            if (hasFailure) {
+                task.reject(failed);
+                continue;
             }
-            await new Promise((r) => setTimeout(r, pollIntervalMs));
+            task.resolve(result);
         }
     }
-    try {
-        return await fn();
-    }
     finally {
-        await fs.promises.unlink(lockPath).catch(() => undefined);
+        queue.running = false;
+        if (queue.pending.length === 0) {
+            LOCK_QUEUES.delete(storePath);
+        }
+        else {
+            queueMicrotask(() => {
+                void drainSessionStoreLockQueue(storePath);
+            });
+        }
     }
 }
+async function withSessionStoreLock(storePath, fn, opts = {}) {
+    if (!storePath || typeof storePath !== "string") {
+        throw new Error(`withSessionStoreLock: storePath must be a non-empty string, got ${JSON.stringify(storePath)}`);
+    }
+    const timeoutMs = opts.timeoutMs ?? 10_000;
+    const staleMs = opts.staleMs ?? 30_000;
+    // `pollIntervalMs` is retained for API compatibility with older lock options.
+    void opts.pollIntervalMs;
+    const hasTimeout = timeoutMs > 0 && Number.isFinite(timeoutMs);
+    const queue = getOrCreateLockQueue(storePath);
+    const promise = new Promise((resolve, reject) => {
+        const task = {
+            fn: async () => await fn(),
+            resolve: (value) => resolve(value),
+            reject,
+            timeoutMs: hasTimeout ? timeoutMs : undefined,
+            staleMs,
+        };
+        queue.pending.push(task);
+        void drainSessionStoreLockQueue(storePath);
+    });
+    return await promise;
+}
 export async function updateSessionStoreEntry(params) {
     const { storePath, sessionKey, update } = params;
     return await withSessionStoreLock(storePath, async () => {

package/dist/config/sessions/types.js

@@ -2,10 +2,24 @@ import crypto from "node:crypto";
 export function mergeSessionEntry(existing, patch) {
     const sessionId = patch.sessionId ?? existing?.sessionId ?? crypto.randomUUID();
     const updatedAt = Math.max(existing?.updatedAt ?? 0, patch.updatedAt ?? 0, Date.now());
-    if (!existing)
+    if (!existing) {
         return { ...patch, sessionId, updatedAt };
+    }
     return { ...existing, ...patch, sessionId, updatedAt };
 }
+export function resolveFreshSessionTotalTokens(entry) {
+    const total = entry?.totalTokens;
+    if (typeof total !== "number" || !Number.isFinite(total) || total < 0) {
+        return undefined;
+    }
+    if (entry?.totalTokensFresh === false) {
+        return undefined;
+    }
+    return total;
+}
+export function isSessionTotalTokensFresh(entry) {
+    return resolveFreshSessionTotalTokens(entry) !== undefined;
+}
 export const DEFAULT_RESET_TRIGGER = "/new";
 export const DEFAULT_RESET_TRIGGERS = ["/new", "/reset"];
 export const DEFAULT_IDLE_MINUTES = 60;

package/dist/config/sessions.js

@@ -7,3 +7,4 @@ export * from "./sessions/session-key.js";
 export * from "./sessions/store.js";
 export * from "./sessions/types.js";
 export * from "./sessions/transcript.js";
+export * from "./sessions/delivery-info.js";

package/dist/config/telegram-custom-commands.js

@@ -1,10 +1,11 @@
 export const TELEGRAM_COMMAND_NAME_PATTERN = /^[a-z0-9_]{1,32}$/;
 export function normalizeTelegramCommandName(value) {
     const trimmed = value.trim();
-    if (!trimmed)
+    if (!trimmed) {
         return "";
+    }
     const withoutSlash = trimmed.startsWith("/") ? trimmed.slice(1) : trimmed;
-    return withoutSlash.trim().toLowerCase();
+    return withoutSlash.trim().toLowerCase().replace(/-/g, "_");
 }
 export function normalizeTelegramCommandDescription(value) {
     return value.trim();

package/dist/config/types.js

@@ -13,6 +13,7 @@ export * from "./types.googlechat.js";
 export * from "./types.gateway.js";
 export * from "./types.hooks.js";
 export * from "./types.imessage.js";
+export * from "./types.irc.js";
 export * from "./types.messages.js";
 export * from "./types.models.js";
 export * from "./types.node-host.js";
@@ -27,3 +28,4 @@ export * from "./types.telegram.js";
 export * from "./types.tts.js";
 export * from "./types.tools.js";
 export * from "./types.whatsapp.js";
+export * from "./types.memory.js";

package/dist/config/zod-schema.agent-defaults.js

@@ -1,5 +1,5 @@
 import { z } from "zod";
-import { HeartbeatSchema, MemorySearchSchema, SandboxBrowserSchema, SandboxDockerSchema, SandboxPruneSchema, } from "./zod-schema.agent-runtime.js";
+import { HeartbeatSchema, AgentSandboxSchema, AgentModelSchema, MemorySearchSchema, } from "./zod-schema.agent-runtime.js";
 import { BlockStreamingChunkSchema, BlockStreamingCoalesceSchema, CliBackendSchema, HumanDelaySchema, } from "./zod-schema.core.js";
 export const AgentDefaultsSchema = z
     .object({
@@ -32,6 +32,7 @@ export const AgentDefaultsSchema = z
     repoRoot: z.string().optional(),
     skipBootstrap: z.boolean().optional(),
     bootstrapMaxChars: z.number().int().positive().optional(),
+    bootstrapTotalMaxChars: z.number().int().positive().optional(),
     userTimezone: z.string().optional(),
     timeFormat: z.union([z.literal("auto"), z.literal("12"), z.literal("24")]).optional(),
     envelopeTimezone: z.string().optional(),
@@ -111,6 +112,7 @@ export const AgentDefaultsSchema = z
     humanDelay: HumanDelaySchema.optional(),
     timeoutSeconds: z.number().int().positive().optional(),
     mediaMaxMb: z.number().positive().optional(),
+    imageMaxDimensionPx: z.number().int().positive().optional(),
     typingIntervalSeconds: z.number().int().positive().optional(),
     typingMode: z
         .union([
@@ -138,37 +140,14 @@ export const AgentDefaultsSchema = z
             .min(1)
             .max(20)
             .optional()
-            .describe("Maximum active children a single requester session may spawn. Default: 5."),
+            .describe("Maximum number of active children a single agent session can spawn (default: 5)."),
         archiveAfterMinutes: z.number().int().positive().optional(),
-        model: z
-            .union([
-            z.string(),
-            z
-                .object({
-                primary: z.string().optional(),
-                fallbacks: z.array(z.string()).optional(),
-            })
-                .strict(),
-        ])
-            .optional(),
+        model: AgentModelSchema.optional(),
         thinking: z.string().optional(),
     })
         .strict()
         .optional(),
-    sandbox: z
-        .object({
-        mode: z.union([z.literal("off"), z.literal("non-main"), z.literal("all")]).optional(),
-        workspaceAccess: z.union([z.literal("none"), z.literal("ro"), z.literal("rw")]).optional(),
-        sessionToolsVisibility: z.union([z.literal("spawned"), z.literal("all")]).optional(),
-        scope: z.union([z.literal("session"), z.literal("agent"), z.literal("shared")]).optional(),
-        perSession: z.boolean().optional(),
-        workspaceRoot: z.string().optional(),
-        docker: SandboxDockerSchema,
-        browser: SandboxBrowserSchema,
-        prune: SandboxPruneSchema,
-    })
-        .strict()
-        .optional(),
+    sandbox: AgentSandboxSchema,
 })
     .strict()
     .optional();