@poolzin/pool-bot 2026.2.7 → 2026.2.8

package/dist/process/command-queue.js

@@ -1,26 +1,48 @@
 import { diagnosticLogger as diag, logLaneDequeue, logLaneEnqueue } from "../logging/diagnostic.js";
+/**
+ * Dedicated error type thrown when a queued command is rejected because
+ * its lane was cleared.  Callers that fire-and-forget enqueued tasks can
+ * catch (or ignore) this specific type to avoid unhandled-rejection noise.
+ */
+export class CommandLaneClearedError extends Error {
+    constructor(lane) {
+        super(lane ? `Command lane "${lane}" cleared` : "Command lane cleared");
+        this.name = "CommandLaneClearedError";
+    }
+}
 const lanes = new Map();
+let nextTaskId = 1;
 function getLaneState(lane) {
     const existing = lanes.get(lane);
-    if (existing)
+    if (existing) {
         return existing;
+    }
     const created = {
         lane,
         queue: [],
-        active: 0,
+        activeTaskIds: new Set(),
         maxConcurrent: 1,
         draining: false,
+        generation: 0,
     };
     lanes.set(lane, created);
     return created;
 }
+function completeTask(state, taskId, taskGeneration) {
+    if (taskGeneration !== state.generation) {
+        return false;
+    }
+    state.activeTaskIds.delete(taskId);
+    return true;
+}
 function drainLane(lane) {
     const state = getLaneState(lane);
-    if (state.draining)
+    if (state.draining) {
         return;
+    }
     state.draining = true;
     const pump = () => {
-        while (state.active < state.maxConcurrent && state.queue.length > 0) {
+        while (state.activeTaskIds.size < state.maxConcurrent && state.queue.length > 0) {
             const entry = state.queue.shift();
             const waitedMs = Date.now() - entry.enqueuedAt;
             if (waitedMs >= entry.warnAfterMs) {
@@ -28,23 +50,29 @@ function drainLane(lane) {
                 diag.warn(`lane wait exceeded: lane=${lane} waitedMs=${waitedMs} queueAhead=${state.queue.length}`);
             }
             logLaneDequeue(lane, waitedMs, state.queue.length);
-            state.active += 1;
+            const taskId = nextTaskId++;
+            const taskGeneration = state.generation;
+            state.activeTaskIds.add(taskId);
             void (async () => {
                 const startTime = Date.now();
                 try {
                     const result = await entry.task();
-                    state.active -= 1;
-                    diag.debug(`lane task done: lane=${lane} durationMs=${Date.now() - startTime} active=${state.active} queued=${state.queue.length}`);
-                    pump();
+                    const completedCurrentGeneration = completeTask(state, taskId, taskGeneration);
+                    if (completedCurrentGeneration) {
+                        diag.debug(`lane task done: lane=${lane} durationMs=${Date.now() - startTime} active=${state.activeTaskIds.size} queued=${state.queue.length}`);
+                        pump();
+                    }
                     entry.resolve(result);
                 }
                 catch (err) {
-                    state.active -= 1;
+                    const completedCurrentGeneration = completeTask(state, taskId, taskGeneration);
                     const isProbeLane = lane.startsWith("auth-probe:") || lane.startsWith("session:probe-");
                     if (!isProbeLane) {
                         diag.error(`lane task error: lane=${lane} durationMs=${Date.now() - startTime} error="${String(err)}"`);
                     }
-                    pump();
+                    if (completedCurrentGeneration) {
+                        pump();
+                    }
                     entry.reject(err);
                 }
             })();
@@ -72,7 +100,7 @@ export function enqueueCommandInLane(lane, task, opts) {
             warnAfterMs,
             onWait: opts?.onWait,
         });
-        logLaneEnqueue(cleaned, state.queue.length + state.active);
+        logLaneEnqueue(cleaned, state.queue.length + state.activeTaskIds.size);
         drainLane(cleaned);
     });
 }
@@ -82,23 +110,117 @@ export function enqueueCommand(task, opts) {
 export function getQueueSize(lane = "main" /* CommandLane.Main */) {
     const resolved = lane.trim() || "main" /* CommandLane.Main */;
     const state = lanes.get(resolved);
-    if (!state)
+    if (!state) {
         return 0;
-    return state.queue.length + state.active;
+    }
+    return state.queue.length + state.activeTaskIds.size;
 }
 export function getTotalQueueSize() {
     let total = 0;
     for (const s of lanes.values()) {
-        total += s.queue.length + s.active;
+        total += s.queue.length + s.activeTaskIds.size;
     }
     return total;
 }
 export function clearCommandLane(lane = "main" /* CommandLane.Main */) {
     const cleaned = lane.trim() || "main" /* CommandLane.Main */;
     const state = lanes.get(cleaned);
-    if (!state)
+    if (!state) {
         return 0;
+    }
     const removed = state.queue.length;
-    state.queue.length = 0;
+    const pending = state.queue.splice(0);
+    for (const entry of pending) {
+        entry.reject(new CommandLaneClearedError(cleaned));
+    }
     return removed;
 }
+/**
+ * Reset all lane runtime state to idle. Used after SIGUSR1 in-process
+ * restarts where interrupted tasks' finally blocks may not run, leaving
+ * stale active task IDs that permanently block new work from draining.
+ *
+ * Bumps lane generation and clears execution counters so stale completions
+ * from old in-flight tasks are ignored. Queued entries are intentionally
+ * preserved — they represent pending user work that should still execute
+ * after restart.
+ *
+ * After resetting, drains any lanes that still have queued entries so
+ * preserved work is pumped immediately rather than waiting for a future
+ * `enqueueCommandInLane()` call (which may never come).
+ */
+export function resetAllLanes() {
+    const lanesToDrain = [];
+    for (const state of lanes.values()) {
+        state.generation += 1;
+        state.activeTaskIds.clear();
+        state.draining = false;
+        if (state.queue.length > 0) {
+            lanesToDrain.push(state.lane);
+        }
+    }
+    // Drain after the full reset pass so all lanes are in a clean state first.
+    for (const lane of lanesToDrain) {
+        drainLane(lane);
+    }
+}
+/**
+ * Returns the total number of actively executing tasks across all lanes
+ * (excludes queued-but-not-started entries).
+ */
+export function getActiveTaskCount() {
+    let total = 0;
+    for (const s of lanes.values()) {
+        total += s.activeTaskIds.size;
+    }
+    return total;
+}
+/**
+ * Wait for all currently active tasks across all lanes to finish.
+ * Polls at a short interval; resolves when no tasks are active or
+ * when `timeoutMs` elapses (whichever comes first).
+ *
+ * New tasks enqueued after this call are ignored — only tasks that are
+ * already executing are waited on.
+ */
+export function waitForActiveTasks(timeoutMs) {
+    // Keep shutdown/drain checks responsive without busy looping.
+    const POLL_INTERVAL_MS = 50;
+    const deadline = Date.now() + timeoutMs;
+    const activeAtStart = new Set();
+    for (const state of lanes.values()) {
+        for (const taskId of state.activeTaskIds) {
+            activeAtStart.add(taskId);
+        }
+    }
+    return new Promise((resolve) => {
+        const check = () => {
+            if (activeAtStart.size === 0) {
+                resolve({ drained: true });
+                return;
+            }
+            let hasPending = false;
+            for (const state of lanes.values()) {
+                for (const taskId of state.activeTaskIds) {
+                    if (activeAtStart.has(taskId)) {
+                        hasPending = true;
+                        break;
+                    }
+                }
+                if (hasPending) {
+                    break;
+                }
+            }
+            if (!hasPending) {
+                resolve({ drained: true });
+                return;
+            }
+            if (Date.now() >= deadline) {
+                resolve({ drained: false });
+                return;
+            }
+            setTimeout(check, POLL_INTERVAL_MS);
+        };
+        check();
+    });
+}

package/dist/process/restart-recovery.js

@@ -0,0 +1,16 @@
+/**
+ * Returns an iteration hook for in-process restart loops.
+ * The first call is considered initial startup and does nothing.
+ * Each subsequent call represents a restart iteration and invokes `onRestart`.
+ */
+export function createRestartIterationHook(onRestart) {
+    let isFirstIteration = true;
+    return () => {
+        if (isFirstIteration) {
+            isFirstIteration = false;
+            return false;
+        }
+        onRestart();
+        return true;
+    };
+}

package/dist/security/dangerous-tools.js

@@ -0,0 +1,34 @@
+// Shared tool-risk constants.
+// Keep these centralized so gateway HTTP restrictions, security audits, and ACP prompts don't drift.
+/**
+ * Tools denied via Gateway HTTP `POST /tools/invoke` by default.
+ * These are high-risk because they enable session orchestration, control-plane actions,
+ * or interactive flows that don't make sense over a non-interactive HTTP surface.
+ */
+export const DEFAULT_GATEWAY_HTTP_TOOL_DENY = [
+    // Session orchestration — spawning agents remotely is RCE
+    "sessions_spawn",
+    // Cross-session injection — message injection across sessions
+    "sessions_send",
+    // Gateway control plane — prevents gateway reconfiguration via HTTP
+    "gateway",
+    // Interactive setup — requires terminal QR scan, hangs on HTTP
+    "whatsapp_login",
+];
+/**
+ * ACP tools that should always require explicit user approval.
+ * ACP is an automation surface; we never want "silent yes" for mutating/execution tools.
+ */
+export const DANGEROUS_ACP_TOOL_NAMES = [
+    "exec",
+    "spawn",
+    "shell",
+    "sessions_spawn",
+    "sessions_send",
+    "gateway",
+    "fs_write",
+    "fs_delete",
+    "fs_move",
+    "apply_patch",
+];
+export const DANGEROUS_ACP_TOOLS = new Set(DANGEROUS_ACP_TOOL_NAMES);

package/dist/security/secret-equal.js

@@ -0,0 +1,12 @@
+import { timingSafeEqual } from "node:crypto";
+export function safeEqualSecret(provided, expected) {
+    if (typeof provided !== "string" || typeof expected !== "string") {
+        return false;
+    }
+    const providedBuffer = Buffer.from(provided);
+    const expectedBuffer = Buffer.from(expected);
+    if (providedBuffer.length !== expectedBuffer.length) {
+        return false;
+    }
+    return timingSafeEqual(providedBuffer, expectedBuffer);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@poolzin/pool-bot",
-  "version": "2026.2.7",
+  "version": "2026.2.8",
   "description": "🎱 Pool Bot - AI assistant with PLCODE integrations",
   "keywords": [],
   "license": "MIT",