npm - @sentry/junior - Versions diffs - 0.69.0 → 0.71.0 - Mend

@sentry/junior 0.69.0 → 0.71.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/app.js +513 -65
package/dist/chat/plugins/credential-hooks.d.ts +19 -0
package/dist/chat/sandbox/egress-credentials.d.ts +1 -0
package/dist/chat/sandbox/egress-schemas.d.ts +1 -1
package/dist/chat/state/conversation-details.d.ts +46 -0
package/dist/chat/state/turn-session.d.ts +0 -3
package/dist/chat/task-execution/store.d.ts +23 -0
package/dist/chat/task-execution/worker.d.ts +1 -1
package/dist/{chunk-N3MORKTH.js → chunk-HOGQL2H6.js} +123 -12
package/dist/cli/init.js +18 -1
package/dist/reporting.d.ts +6 -2
package/dist/reporting.js +62 -21
package/package.json +3 -3

package/dist/app.js CHANGED Viewed

@@ -19,6 +19,7 @@ import {
   getAgentPlugins,
   getAgentTurnSessionRecord,
   getInterruptionMarker,
+  initConversationContext,
   listAgentTurnSessionSummaries,
   listAgentTurnSessionSummariesForConversation,
   loadConnectedMcpProviders,
@@ -32,12 +33,13 @@ import {
   resolveSlackChannelTypeFromMessage,
   resolveSlackConversationContext,
   setAgentPlugins,
+  setConversationTitle,
   splitSlackReplyText,
   truncateStatusText,
   upsertAgentTurnSessionRecord,
   validateAgentPlugins,
   verifySlackDirectCredentialSubject
-} from "./chunk-N3MORKTH.js";
+} from "./chunk-HOGQL2H6.js";
 import {
   discoverSkills,
   findSkillByName,
@@ -6545,6 +6547,7 @@ import {
   agentPluginProviderAccountSchema
 } from "@sentry/junior-plugin-api";
 var finiteNumberSchema = z.number().refine(Number.isFinite);
+var httpStatusSchema = z.number().int().min(100).max(599);
 var providerNameSchema = z.string().regex(/^[a-z][a-z0-9-]*$/);
 var sandboxEgressGrantSchema = agentPluginGrantSchema;
 var sandboxEgressCredentialContextSchema = z.object({
@@ -6584,7 +6587,7 @@ var sandboxEgressPermissionDeniedSignalSchema = z.object({
   provider: providerNameSchema,
   source: z.literal("upstream"),
   sso: z.string().optional(),
-  status: z.literal(403),
+  status: httpStatusSchema,
   upstreamHost: z.string().min(1),
   upstreamPath: z.string().min(1),
   createdAtMs: finiteNumberSchema
@@ -8482,6 +8485,10 @@ function stringField(record, key) {
   const value = record[key];
   return typeof value === "string" ? value : "";
 }
+function numberField(record, key) {
+  const value = record[key];
+  return typeof value === "number" && Number.isFinite(value) ? value : 0;
+}
 function stringListField(record, key) {
   const value = record[key];
   return Array.isArray(value) ? value.filter((item) => typeof item === "string") : [];
@@ -8502,14 +8509,15 @@ function upstreamPermissionDeniedText(value) {
     return void 0;
   }
   const signal = value.permission_denied;
-  if (signal.source !== "upstream" || signal.status !== 403) {
+  if (signal.source !== "upstream") {
     return void 0;
   }
   const provider = stringField(signal, "provider");
   const message = stringField(signal, "message");
   const upstreamHost = stringField(signal, "upstreamHost");
   const upstreamPath2 = stringField(signal, "upstreamPath");
-  if (!provider || !message || !upstreamHost || !upstreamPath2) {
+  const status = numberField(signal, "status");
+  if (!provider || !message || !upstreamHost || !upstreamPath2 || !status) {
     return void 0;
   }
   const grant = isRecord3(signal.grant) ? signal.grant : {};
@@ -8535,7 +8543,7 @@ function upstreamPermissionDeniedText(value) {
       ...grantRequirements.map((item) => `- ${item}`)
     ] : [],
     `Upstream: ${upstreamHost}${upstreamPath2}`,
-    "Status: 403",
+    `Status: ${status}`,
     ...acceptedPermissions ? [`Accepted provider permissions: ${acceptedPermissions}`] : [],
     ...sso ? [`Provider SSO: ${sso}`] : [],
     ...command ? [`Command: ${command}`] : [],
@@ -8953,12 +8961,41 @@ async function selectPluginGrant(input) {
     plugin: { name: plugin.name },
     log: createAgentPluginLogger(plugin.name),
     request: {
+      ...input.bodyText !== void 0 ? { bodyText: input.bodyText } : {},
       method: input.method,
       url: input.upstreamUrl.toString()
     }
   });
   return result === void 0 ? void 0 : parseGrant(result, plugin.name);
 }
+async function onPluginEgressResponse(input) {
+  const plugin = agentPluginFor(input.provider);
+  const hook = plugin?.hooks?.onEgressResponse;
+  if (!plugin || !hook) {
+    return {};
+  }
+  let permissionDenied;
+  await hook({
+    plugin: { name: plugin.name },
+    log: createAgentPluginLogger(plugin.name),
+    grant: input.grant,
+    permissionDenied(message) {
+      const trimmed = message.trim();
+      if (!trimmed) {
+        throw new Error(
+          `Plugin "${plugin.name}" onEgressResponse permissionDenied message is empty`
+        );
+      }
+      permissionDenied = { message: trimmed };
+    },
+    request: {
+      method: input.method,
+      url: input.upstreamUrl.toString()
+    },
+    response: input.response
+  });
+  return permissionDenied ? { permissionDenied } : {};
+}
 function hasEgressCredentialHooks(provider) {
   const hooks = agentPluginFor(provider)?.hooks;
   return Boolean(hooks?.grantForEgress || hooks?.issueCredential);
@@ -13914,6 +13951,7 @@ var CONVERSATION_WORK_MUTATION_RETRY_MS = 25;
 var CONVERSATION_WORK_LEASE_TTL_MS = 9e4;
 var CONVERSATION_WORK_CHECK_IN_INTERVAL_MS = 15e3;
 var CONVERSATION_WORK_STALE_ENQUEUE_MS = 6e4;
+var CONVERSATION_WORK_MAX_CONSECUTIVE_FAILURES = 5;
 function duplicateInboundNudgeIdempotencyKey(message, nowMs) {
   return `duplicate:${message.conversationId}:${message.inboundMessageId}:${nowMs}`;
 }
@@ -14035,14 +14073,18 @@ function normalizeWorkState(conversationId, value) {
     messages,
     needsRun: value.needsRun === true,
     updatedAtMs,
+    consecutiveFailureCount: toOptionalNumber(value.consecutiveFailureCount) ?? 0,
     lastEnqueuedAtMs: toOptionalNumber(value.lastEnqueuedAtMs),
-    lease: normalizeLease(value.lease)
+    lastFailureAtMs: toOptionalNumber(value.lastFailureAtMs),
+    lease: normalizeLease(value.lease),
+    terminallyFailedAtMs: toOptionalNumber(value.terminallyFailedAtMs)
   };
 }
 function emptyWorkState(args) {
   return {
     schemaVersion: CONVERSATION_WORK_SCHEMA_VERSION,
     conversationId: args.conversationId,
+    consecutiveFailureCount: 0,
     destination: args.destination,
     messages: [],
     needsRun: false,
@@ -14056,6 +14098,9 @@ function pendingMessages(state) {
   return state.messages.filter((message) => message.injectedAtMs === void 0).sort(compareMessages);
 }
 function shouldKeepIndexed(state) {
+  if (state.terminallyFailedAtMs !== void 0) {
+    return false;
+  }
   return state.needsRun || Boolean(state.lease) || pendingMessages(state).length > 0;
 }
 async function getConnectedState(stateAdapter) {
@@ -14180,6 +14225,9 @@ async function writeWorkState(state, work) {
   }
 }
 function hasRunnableWork(state) {
+  if (state.terminallyFailedAtMs !== void 0) {
+    return false;
+  }
   return state.needsRun || pendingMessages(state).length > 0;
 }
 function assertSameConversationDestination(args) {
@@ -14229,8 +14277,11 @@ async function appendInboundMessage(args) {
       }
       const next = {
         ...current,
+        consecutiveFailureCount: 0,
+        lastFailureAtMs: void 0,
         messages: [...current.messages, args.message].sort(compareMessages),
         needsRun: true,
+        terminallyFailedAtMs: void 0,
         updatedAtMs: nowMs
       };
       await writeWorkState(state, next);
@@ -14398,6 +14449,8 @@ async function drainConversationMailbox(args) {
     );
     await writeWorkState(state, {
       ...current,
+      consecutiveFailureCount: 0,
+      lastFailureAtMs: void 0,
       messages,
       needsRun: hasPending,
       updatedAtMs: nowMs
@@ -14429,6 +14482,8 @@ async function markConversationMessagesInjected(args) {
     }
     await writeWorkState(state, {
       ...current,
+      consecutiveFailureCount: 0,
+      lastFailureAtMs: void 0,
       messages,
       updatedAtMs: nowMs
     });
@@ -14481,6 +14536,8 @@ async function completeConversationWork(args) {
     const hasRunnableWork2 = current.needsRun || hasPending;
     await writeWorkState(state, {
       ...current,
+      consecutiveFailureCount: 0,
+      lastFailureAtMs: void 0,
       lease: void 0,
       needsRun: hasRunnableWork2,
       updatedAtMs: nowMs
@@ -14504,6 +14561,53 @@ async function clearExpiredConversationLease(args) {
     return true;
   });
 }
+async function recordConversationWorkFailure(args) {
+  const nowMs = args.nowMs ?? now();
+  return await withConversationMutation(args, async (state) => {
+    const current = await readWorkState(state, args.conversationId);
+    if (!current) {
+      return {
+        abandoned: false,
+        consecutiveFailureCount: 0,
+        releasedLease: false
+      };
+    }
+    const consecutiveFailureCount = current.consecutiveFailureCount + 1;
+    const abandoned = consecutiveFailureCount >= CONVERSATION_WORK_MAX_CONSECUTIVE_FAILURES;
+    if (!abandoned) {
+      await writeWorkState(state, {
+        ...current,
+        consecutiveFailureCount,
+        lastFailureAtMs: nowMs,
+        updatedAtMs: nowMs
+      });
+      return {
+        abandoned: false,
+        consecutiveFailureCount,
+        releasedLease: false
+      };
+    }
+    const releasedLease = Boolean(current.lease);
+    const drainedMessages = current.messages.filter(
+      (message) => message.injectedAtMs !== void 0
+    );
+    await writeWorkState(state, {
+      ...current,
+      consecutiveFailureCount,
+      lastFailureAtMs: nowMs,
+      lease: void 0,
+      messages: drainedMessages,
+      needsRun: false,
+      terminallyFailedAtMs: nowMs,
+      updatedAtMs: nowMs
+    });
+    return {
+      abandoned: true,
+      consecutiveFailureCount,
+      releasedLease
+    };
+  });
+}
 async function listConversationWorkIds(args = {}) {
   const state = await getConnectedState(args.state);
   const ids = uniqueStrings(await state.get(indexKey()) ?? []);
@@ -17426,6 +17530,7 @@ async function selectSandboxEgressGrant(input) {
     return defaultGrantForProvider(input);
   }
   const pluginGrant = await selectPluginGrant({
+    ...input.bodyText !== void 0 ? { bodyText: input.bodyText } : {},
     provider: input.provider,
     method: input.method,
     upstreamUrl: input.upstreamUrl
@@ -17587,6 +17692,7 @@ async function verifyVercelSandboxOidcToken(token) {
 }
 // src/chat/sandbox/egress-proxy.ts
+import { EgressAuthRequired } from "@sentry/junior-plugin-api";
 var OIDC_TOKEN_HEADER = "vercel-sandbox-oidc-token";
 var FORWARDED_HOST_HEADER = "vercel-forwarded-host";
 var FORWARDED_SCHEME_HEADER = "vercel-forwarded-scheme";
@@ -17616,6 +17722,8 @@ var DECODED_RESPONSE_HEADERS = /* @__PURE__ */ new Set([
 ]);
 var UPSTREAM_TOKEN_REJECTION_STATUS = 401;
 var UPSTREAM_PERMISSION_REJECTION_STATUS = 403;
+var GRANT_SELECTION_BODY_TEXT_LIMIT_BYTES = 64 * 1024;
+var RESPONSE_BODY_TEXT_LIMIT_BYTES = 64 * 1024;
 function jsonError(message, status) {
   return Response.json({ error: message }, { status });
 }
@@ -17714,6 +17822,9 @@ function githubPermissionHeaders(upstream) {
 function permissionDeniedMessage(provider, grant) {
   return `${provider} returned HTTP 403 after Junior injected the ${grant.name} grant. Junior forwarded the request; this is not a local runtime block.`;
 }
+function isEgressAuthRequired(error) {
+  return error instanceof EgressAuthRequired || error instanceof Error && error.name === "EgressAuthRequired";
+}
 function logSandboxEgressUpstreamRequest(input) {
   if (!shouldLogSandboxEgressInfo()) {
     return;
@@ -17822,6 +17933,78 @@ async function requestBodyBytes(request) {
   }
   return await request.arrayBuffer();
 }
+function isGrantSelectionBodyVisible(input) {
+  return input.provider === "github" && input.upstreamUrl.hostname.toLowerCase() === "api.github.com" && input.upstreamUrl.pathname.toLowerCase().endsWith("/graphql");
+}
+function requestBodyText(body) {
+  if (body === void 0 || body.byteLength > GRANT_SELECTION_BODY_TEXT_LIMIT_BYTES) {
+    return void 0;
+  }
+  return new TextDecoder().decode(body);
+}
+function responseContentLength(upstream) {
+  const raw = upstream.headers.get("content-length");
+  if (!raw) {
+    return void 0;
+  }
+  const parsed = Number(raw);
+  return Number.isSafeInteger(parsed) && parsed >= 0 ? parsed : void 0;
+}
+async function responseTextWithinLimit(upstream, maxBytes) {
+  const limit = Math.min(
+    Math.max(0, Math.floor(maxBytes)),
+    RESPONSE_BODY_TEXT_LIMIT_BYTES
+  );
+  if (limit <= 0) {
+    return void 0;
+  }
+  const contentLength = responseContentLength(upstream);
+  if (contentLength !== void 0 && contentLength > limit) {
+    return void 0;
+  }
+  let clone;
+  try {
+    clone = upstream.clone();
+  } catch {
+    return void 0;
+  }
+  const body = clone.body;
+  if (!body) {
+    return "";
+  }
+  const reader = body.getReader();
+  const chunks = [];
+  let bytes = 0;
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) {
+        break;
+      }
+      if (!value) {
+        continue;
+      }
+      bytes += value.byteLength;
+      if (bytes > limit) {
+        await reader.cancel().catch(() => void 0);
+        return void 0;
+      }
+      chunks.push(value);
+    }
+  } catch {
+    await reader.cancel().catch(() => void 0);
+    return void 0;
+  } finally {
+    reader.releaseLock();
+  }
+  const combined = new Uint8Array(bytes);
+  let offset = 0;
+  for (const chunk of chunks) {
+    combined.set(chunk, offset);
+    offset += chunk.byteLength;
+  }
+  return new TextDecoder().decode(combined);
+}
 function requestHeaders(request, lease, upstreamHost) {
   const headers = new Headers();
   request.headers.forEach((value, key) => {
@@ -17956,7 +18139,14 @@ async function proxySandboxEgressRequest(request, deps = {}) {
       403
     );
   }
+  let body;
+  let bodyRead = false;
+  if (isGrantSelectionBodyVisible({ provider, upstreamUrl })) {
+    body = await requestBodyBytes(request);
+    bodyRead = true;
+  }
   const grantSelection = await selectSandboxEgressGrant({
+    bodyText: requestBodyText(body),
     provider,
     method: request.method,
     upstreamUrl
@@ -18067,7 +18257,9 @@ async function proxySandboxEgressRequest(request, deps = {}) {
   }
   const fetchImpl = deps.fetch ?? fetch;
   const headers = requestHeaders(request, lease, upstreamUrl.hostname);
-  const body = await requestBodyBytes(request);
+  if (!bodyRead) {
+    body = await requestBodyBytes(request);
+  }
   const intercepted = await deps.interceptHttp?.({
     provider,
     request: new Request(upstreamUrl, {
@@ -18086,6 +18278,93 @@ async function proxySandboxEgressRequest(request, deps = {}) {
     ...body !== void 0 ? { body } : {},
     redirect: "manual"
   });
+  try {
+    const effects = await onPluginEgressResponse({
+      provider,
+      grant: lease.grant,
+      method: request.method,
+      upstreamUrl,
+      response: {
+        headers: new Headers(upstream.headers),
+        readText: async (maxBytes) => await responseTextWithinLimit(upstream, maxBytes),
+        status: upstream.status
+      }
+    });
+    if (effects.permissionDenied) {
+      await setSandboxEgressPermissionDeniedSignal(credentialContext, {
+        provider,
+        grant: lease.grant,
+        ...lease.account ? { account: lease.account } : {},
+        message: effects.permissionDenied.message,
+        source: "upstream",
+        status: upstream.status,
+        upstreamHost: upstreamUrl.hostname,
+        upstreamPath: displayedUpstreamPath(upstreamUrl),
+        ...provider === "github" ? githubPermissionHeaders(upstream) : {}
+      });
+      logWarn(
+        "sandbox_egress_upstream_permission_classified",
+        {},
+        {
+          ...egressAttributes({
+            egressId: activeEgressId,
+            grantAccess: lease.grant.access,
+            grantName: lease.grant.name,
+            grantReason: lease.grant.reason,
+            host: upstreamUrl.hostname,
+            method: request.method,
+            path: upstreamUrl.pathname,
+            provider,
+            status: upstream.status
+          }),
+          ...routingAttributes(request, upstreamUrl),
+          ...upstreamPermissionAttributes(provider, upstream)
+        },
+        "Sandbox egress plugin classified upstream response as permission denied"
+      );
+    }
+  } catch (error) {
+    if (!isEgressAuthRequired(error)) {
+      throw error;
+    }
+    await clearSandboxEgressCredentialLease(
+      provider,
+      lease.grant.name,
+      credentialContext
+    );
+    await setSandboxEgressAuthRequiredSignal(credentialContext, {
+      provider,
+      grant: lease.grant,
+      ...error.authorization ?? lease.authorization ? { authorization: error.authorization ?? lease.authorization } : {},
+      message: error.message
+    });
+    logWarn(
+      "sandbox_egress_upstream_auth_required_classified",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          grantAccess: lease.grant.access,
+          grantName: lease.grant.name,
+          grantReason: lease.grant.reason,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          provider,
+          status: upstream.status
+        }),
+        ...routingAttributes(request, upstreamUrl),
+        ...upstreamPermissionAttributes(provider, upstream)
+      },
+      "Sandbox egress plugin classified upstream response as auth required"
+    );
+    await upstream.body?.cancel().catch(() => void 0);
+    return authRequiredResponse({
+      provider,
+      grant: lease.grant,
+      message: error.message
+    });
+  }
   logSandboxEgressUpstreamRequest({
     egressId: activeEgressId,
     grantAccess: lease.grant.access,
@@ -19034,6 +19313,7 @@ function createSlackTurnRuntime(deps) {
         text: args.text
       });
     }
+    await args.onInputCommitted?.();
   };
   return {
     async handleNewMention(thread, message, hooks) {
@@ -19222,6 +19502,7 @@ function createSlackTurnRuntime(deps) {
               message,
               decision: { shouldReply: false, reason },
               context: threadContext,
+              onInputCommitted: hooks.onInputCommitted,
               text: combinedText
             });
             return;
@@ -19258,6 +19539,7 @@ function createSlackTurnRuntime(deps) {
               message,
               decision,
               context: threadContext,
+              onInputCommitted: hooks.onInputCommitted,
               preparedState,
               text: combinedText
             });
@@ -19269,6 +19551,7 @@ function createSlackTurnRuntime(deps) {
               message,
               decision,
               context: threadContext,
+              onInputCommitted: hooks.onInputCommitted,
               preparedState,
               text: combinedText
             });
@@ -20694,12 +20977,13 @@ function createReplyToThread(deps) {
           updateConversationStats
         });
         if (conversationId) {
+          const turnStartedAtMs = message.metadata.dateSent.getTime();
           void recordAgentTurnSessionSummary({
             channelName,
             conversationId,
             sessionId: turnId,
             sliceId: 1,
-            startedAtMs: message.metadata.dateSent.getTime(),
+            startedAtMs: turnStartedAtMs,
             state: "running",
             surface: "slack",
             requester,
@@ -20710,12 +20994,41 @@ function createReplyToThread(deps) {
               error,
               "agent_turn_summary_record_failed",
               turnTraceContext,
-              {
-                "app.agent.turn.state": "running"
-              },
+              { "app.agent.turn.state": "running" },
               "Failed to record running turn summary"
             );
           });
+          void initConversationContext(conversationId, {
+            channelName,
+            originSurface: "slack",
+            originRequester: requester,
+            startedAtMs: turnStartedAtMs
+          }).catch((error) => {
+            logException(
+              error,
+              "conversation_details_context_init_failed",
+              turnTraceContext,
+              { "app.agent.turn.state": "running" },
+              "Failed to init conversation context at turn start"
+            );
+          });
+          const existingAssistantTitle = preparedState.artifacts.assistantTitle?.trim();
+          if (existingAssistantTitle) {
+            void setConversationTitle(conversationId, {
+              displayTitle: existingAssistantTitle,
+              ...preparedState.artifacts.assistantTitleSourceMessageId ? {
+                titleSourceMessageId: preparedState.artifacts.assistantTitleSourceMessageId
+              } : {}
+            }).catch((error) => {
+              logException(
+                error,
+                "conversation_details_title_refresh_failed",
+                turnTraceContext,
+                { "app.agent.turn.state": "running" },
+                "Failed to refresh conversation title from artifacts"
+              );
+            });
+          }
         }
         setTags({
           conversationId
@@ -20791,6 +21104,7 @@ function createReplyToThread(deps) {
         let persistedAtLeastOnce = false;
         let shouldPersistFailureState = true;
         let latestArtifacts = preparedState.artifacts;
+        let assistantTitleArtifacts = {};
         try {
           const loadedPiMessages = await loadPiMessagesForTurn({
             conversationId,
@@ -20833,6 +21147,54 @@ function createReplyToThread(deps) {
             runId,
             threadId
           });
+          void assistantTitleTask.then(async (titleUpdateResult) => {
+            if (!titleUpdateResult) return;
+            assistantTitleArtifacts = {
+              assistantTitleSourceMessageId: titleUpdateResult.sourceMessageId,
+              ...titleUpdateResult.title ? { assistantTitle: titleUpdateResult.title } : {}
+            };
+            latestArtifacts = {
+              ...latestArtifacts,
+              ...assistantTitleArtifacts
+            };
+            if (conversationId && titleUpdateResult.title) {
+              try {
+                await setConversationTitle(conversationId, {
+                  displayTitle: titleUpdateResult.title,
+                  titleSourceMessageId: titleUpdateResult.sourceMessageId
+                });
+              } catch (error) {
+                logException(
+                  error,
+                  "conversation_details_title_set_failed",
+                  turnTraceContext,
+                  {},
+                  "Failed to set conversation title in details record"
+                );
+              }
+            }
+            try {
+              await persistThreadState(thread, {
+                artifacts: latestArtifacts
+              });
+            } catch (error) {
+              logException(
+                error,
+                "assistant_title_artifact_persist_failed",
+                turnTraceContext,
+                {},
+                "Failed to persist async assistant title artifact state"
+              );
+            }
+          }).catch((error) => {
+            logException(
+              error,
+              "assistant_title_task_failed",
+              turnTraceContext,
+              {},
+              "Async assistant title task failed"
+            );
+          });
           const toolChannelId = preparedState.artifacts.assistantContextChannelId ?? channelId;
           const resolveSteeringMessages = async (queuedMessages) => {
             return await Promise.all(
@@ -20911,8 +21273,13 @@ function createReplyToThread(deps) {
                 });
               },
               onArtifactStateUpdated: async (artifacts) => {
-                latestArtifacts = artifacts;
-                await persistThreadState(thread, { artifacts });
+                latestArtifacts = {
+                  ...artifacts,
+                  ...assistantTitleArtifacts
+                };
+                await persistThreadState(thread, {
+                  artifacts: latestArtifacts
+                });
               },
               onAuthPending: async (pendingAuth) => {
                 await applyPendingAuthUpdate({
@@ -21013,24 +21380,26 @@ function createReplyToThread(deps) {
               await sent.delete();
             }
           }
-          const titleUpdateResult = await assistantTitleTask;
-          if (titleUpdateResult) {
-            artifactStatePatch.assistantTitleSourceMessageId = titleUpdateResult.sourceMessageId;
-            if (titleUpdateResult.title) {
-              artifactStatePatch.assistantTitle = titleUpdateResult.title;
-            }
-          }
           const completedState = buildDeliveredTurnStatePatch({
-            artifactStatePatch,
-            artifacts: preparedState.artifacts,
+            artifactStatePatch: {
+              ...artifactStatePatch,
+              ...assistantTitleArtifacts
+            },
+            artifacts: latestArtifacts,
             conversation: preparedState.conversation,
             reply,
             sessionId: turnId,
             userMessageId: preparedState.userMessageId
           });
+          if (completedState.artifacts) {
+            latestArtifacts = completedState.artifacts;
+          }
           await persistThreadState(thread, {
             ...completedState
           });
+          if (completedState.artifacts && (assistantTitleArtifacts.assistantTitle !== void 0 || assistantTitleArtifacts.assistantTitleSourceMessageId !== void 0) && (completedState.artifacts.assistantTitle !== assistantTitleArtifacts.assistantTitle || completedState.artifacts.assistantTitleSourceMessageId !== assistantTitleArtifacts.assistantTitleSourceMessageId)) {
+            await persistThreadState(thread, { artifacts: latestArtifacts });
+          }
           if (conversationId) {
             await recordAgentTurnSessionSummary({
               channelName,
@@ -21041,7 +21410,6 @@ function createReplyToThread(deps) {
               sliceId: 1,
               startedAtMs: message.metadata.dateSent.getTime(),
               state: "completed",
-              conversationTitle: titleUpdateResult?.title,
               requester,
               destination,
               traceId: getActiveTraceId()
@@ -22998,24 +23366,50 @@ async function processConversationWork(message, options) {
     );
   }
   const destination = initial.destination;
-  const lease = await startConversationWork({
-    conversationId,
-    nowMs: now2(options),
-    state: options.state
-  });
+  let lease;
+  try {
+    lease = await startConversationWork({
+      conversationId,
+      nowMs: now2(options),
+      state: options.state
+    });
+  } catch (error) {
+    logException(
+      error,
+      "conversation_work_lease_acquire_failed",
+      { conversationId },
+      {},
+      "Conversation work lease acquisition failed; heartbeat will recover"
+    );
+    return { status: "no_work" };
+  }
   if (lease.status === "no_work") {
     return { status: "no_work" };
   }
   if (lease.status === "active") {
     const nudgeNowMs = now2(options);
-    await sendWakeNudge({
-      conversationId,
-      destination,
-      delayMs: CONVERSATION_WORK_DEFER_DELAY_MS,
-      idempotencyKey: nudgeIdempotencyKey("active", conversationId, nudgeNowMs),
-      nowMs: nudgeNowMs,
-      options
-    });
+    try {
+      await sendWakeNudge({
+        conversationId,
+        destination,
+        delayMs: CONVERSATION_WORK_DEFER_DELAY_MS,
+        idempotencyKey: nudgeIdempotencyKey(
+          "active",
+          conversationId,
+          nudgeNowMs
+        ),
+        nowMs: nudgeNowMs,
+        options
+      });
+    } catch (error) {
+      logException(
+        error,
+        "conversation_work_active_nudge_failed",
+        { conversationId },
+        {},
+        "Conversation work active-lease nudge failed; heartbeat will recover"
+      );
+    }
     logInfo(
       "conversation_work_nudge_deferred_for_active_lease",
       { conversationId },
@@ -23169,35 +23563,97 @@ async function processConversationWork(message, options) {
     return { status: "completed" };
   } catch (error) {
     const errorNowMs = now2(options);
+    let failure2;
     try {
-      const continuationMarked = await requestConversationContinuation({
+      failure2 = await recordConversationWorkFailure({
         conversationId,
-        destination,
-        leaseToken: lease.leaseToken,
         nowMs: errorNowMs,
         state: options.state
       });
-      if (continuationMarked) {
-        await sendWakeNudge({
+    } catch (recordError) {
+      logException(
+        recordError,
+        "conversation_work_failure_record_failed",
+        { conversationId },
+        {},
+        "Conversation work failure counter update failed"
+      );
+    }
+    if (!isProviderRetryError(error)) {
+      logException(
+        error,
+        "conversation_work_failed",
+        { conversationId },
+        {
+          "app.worker.consecutive_failure_count": failure2?.consecutiveFailureCount ?? null,
+          "app.worker.elapsed_ms": now2(options) - startedAtMs
+        },
+        "Conversation work failed"
+      );
+    }
+    if (failure2?.abandoned) {
+      logWarn(
+        "conversation_work_abandoned",
+        { conversationId },
+        {
+          "app.worker.consecutive_failure_count": failure2.consecutiveFailureCount,
+          "app.worker.max_consecutive_failures": CONVERSATION_WORK_MAX_CONSECUTIVE_FAILURES
+        },
+        "Conversation work abandoned after repeated failures; stopping retries"
+      );
+      if (!failure2.releasedLease) {
+        try {
+          await releaseConversationWork({
+            conversationId,
+            leaseToken: lease.leaseToken,
+            nowMs: errorNowMs,
+            state: options.state
+          });
+        } catch (releaseError) {
+          logException(
+            releaseError,
+            "conversation_work_release_failed",
+            { conversationId },
+            {},
+            "Conversation work release failed after abandoning"
+          );
+        }
+      }
+      return { status: "abandoned" };
+    }
+    let requeueSucceeded = false;
+    if (failure2) {
+      try {
+        const continuationMarked = await requestConversationContinuation({
           conversationId,
           destination,
-          idempotencyKey: nudgeIdempotencyKey(
-            "error",
-            conversationId,
-            errorNowMs
-          ),
+          leaseToken: lease.leaseToken,
           nowMs: errorNowMs,
-          options
+          state: options.state
         });
+        if (continuationMarked) {
+          await sendWakeNudge({
+            conversationId,
+            destination,
+            idempotencyKey: nudgeIdempotencyKey(
+              "error",
+              conversationId,
+              errorNowMs
+            ),
+            nowMs: errorNowMs,
+            options
+          });
+          requeueSucceeded = true;
+        }
+      } catch (requeueError) {
+        logException(
+          requeueError,
+          "conversation_work_requeue_failed",
+          { conversationId },
+          {},
+          "Conversation work requeue failed after runner error"
+        );
       }
-    } catch (requeueError) {
-      logException(
-        requeueError,
-        "conversation_work_requeue_failed",
-        { conversationId },
-        {},
-        "Conversation work requeue failed after runner error"
-      );
     }
     try {
       await releaseConversationWork({
@@ -23215,16 +23671,8 @@ async function processConversationWork(message, options) {
         "Conversation work release failed after runner error"
       );
     }
-    if (!isProviderRetryError(error)) {
-      logException(
-        error,
-        "conversation_work_failed",
-        { conversationId },
-        {
-          "app.worker.elapsed_ms": now2(options) - startedAtMs
-        },
-        "Conversation work failed"
-      );
+    if (requeueSucceeded) {
+      return { status: "pending_requeued" };
     }
     throw error;
   } finally {