@slock-ai/daemon 0.50.0 → 0.51.0

package/dist/cli/index.js

@@ -56,19 +56,78 @@ function loadAgentContext(env = process.env) {
   const agentId = env.SLOCK_AGENT_ID;
   const serverUrl = env.SLOCK_SERVER_URL;
   const serverId = env.SLOCK_SERVER_ID ?? null;
+  const activeCapabilities = env.SLOCK_AGENT_ACTIVE_CAPABILITIES ? env.SLOCK_AGENT_ACTIVE_CAPABILITIES.split(",").map((cap) => cap.trim()).filter(Boolean) : null;
   if (!agentId) throw new AgentBootstrapError("MISSING_AGENT_ID", "SLOCK_AGENT_ID is required");
   if (!serverUrl) throw new AgentBootstrapError("MISSING_SERVER_URL", "SLOCK_SERVER_URL is required");
+  const agentProxyUrl = env.SLOCK_AGENT_PROXY_URL;
+  const agentProxyToken = env.SLOCK_AGENT_PROXY_TOKEN;
+  const agentProxyTokenFile = env.SLOCK_AGENT_PROXY_TOKEN_FILE;
+  if (agentProxyUrl || agentProxyToken || agentProxyTokenFile) {
+    if (!agentProxyUrl) {
+      throw new AgentBootstrapError("MISSING_AGENT_PROXY_URL", "SLOCK_AGENT_PROXY_URL is required when agent proxy auth is set");
+    }
+    if (agentProxyToken && agentProxyTokenFile) {
+      throw new AgentBootstrapError(
+        "MULTIPLE_AGENT_PROXY_TOKENS",
+        "Set only one of SLOCK_AGENT_PROXY_TOKEN or SLOCK_AGENT_PROXY_TOKEN_FILE"
+      );
+    }
+    const token = agentProxyToken ?? (agentProxyTokenFile ? readTokenFromFile(agentProxyTokenFile) : null);
+    if (!token) {
+      throw new AgentBootstrapError(
+        "MISSING_AGENT_PROXY_TOKEN",
+        "SLOCK_AGENT_PROXY_TOKEN_FILE or SLOCK_AGENT_PROXY_TOKEN is required when SLOCK_AGENT_PROXY_URL is set"
+      );
+    }
+    return {
+      agentId,
+      serverUrl: agentProxyUrl,
+      serverId,
+      token,
+      clientMode: "managed-runner",
+      secretSource: agentProxyTokenFile ? "agent-proxy-token-file" : "agent-proxy-token-env",
+      activeCapabilities
+    };
+  }
+  const agentCredentialFile = env.SLOCK_AGENT_CREDENTIAL_KEY_FILE;
+  if (agentCredentialFile) {
+    return {
+      agentId,
+      serverUrl,
+      serverId,
+      token: readTokenFromFile(agentCredentialFile),
+      clientMode: "self-hosted-runner",
+      secretSource: "agent-credential-file",
+      activeCapabilities
+    };
+  }
   const tokenFile = env.SLOCK_AGENT_TOKEN_FILE;
   if (tokenFile) {
-    return { agentId, serverUrl, serverId, token: readTokenFromFile(tokenFile), tokenSource: "token-file" };
+    return {
+      agentId,
+      serverUrl,
+      serverId,
+      token: readTokenFromFile(tokenFile),
+      clientMode: "legacy-machine",
+      secretSource: "legacy-token-file",
+      activeCapabilities
+    };
   }
   const tokenLiteral = env.SLOCK_AGENT_TOKEN;
   if (tokenLiteral) {
-    return { agentId, serverUrl, serverId, token: tokenLiteral, tokenSource: "env" };
+    return {
+      agentId,
+      serverUrl,
+      serverId,
+      token: tokenLiteral,
+      clientMode: "legacy-machine",
+      secretSource: "legacy-token-env",
+      activeCapabilities
+    };
   }
   throw new AgentBootstrapError(
     "MISSING_TOKEN",
-    "Neither SLOCK_AGENT_TOKEN_FILE nor SLOCK_AGENT_TOKEN is set. The daemon should inject one of these when spawning the agent process."
+    "Neither SLOCK_AGENT_PROXY_TOKEN_FILE, SLOCK_AGENT_PROXY_TOKEN, SLOCK_AGENT_CREDENTIAL_KEY_FILE, SLOCK_AGENT_TOKEN_FILE nor SLOCK_AGENT_TOKEN is set. The daemon should inject one of these when spawning the agent process."
   );
 }
 
@@ -88,7 +147,8 @@ function registerWhoamiCommand(parent) {
         agentId: ctx.agentId,
         serverUrl: ctx.serverUrl,
         serverId: ctx.serverId,
-        tokenSource: ctx.tokenSource
+        clientMode: ctx.clientMode,
+        secretSource: ctx.secretSource
       }
     });
   });
@@ -14203,6 +14263,54 @@ var ApiClient = class {
   constructor(ctx) {
     this.ctx = ctx;
   }
+  usesAgentApiSurface() {
+    return this.ctx.clientMode === "managed-runner" || this.ctx.clientMode === "self-hosted-runner";
+  }
+  rewriteAgentCredentialPath(pathname) {
+    if (!this.usesAgentApiSurface()) return pathname;
+    const attachmentDownload = /^\/api\/attachments\/([^/?]+)(.*)$/.exec(pathname);
+    if (attachmentDownload) {
+      return `/internal/agent-api/attachments/${attachmentDownload[1]}${attachmentDownload[2] ?? ""}`;
+    }
+    const agentPrefix = `/internal/agent/${encodeURIComponent(this.ctx.agentId)}`;
+    if (!pathname.startsWith(agentPrefix)) return pathname;
+    const suffix = pathname.slice(agentPrefix.length);
+    if (suffix === "/server") return "/internal/agent-api/server";
+    if (suffix === "/send") return "/internal/agent-api/send";
+    if (suffix.startsWith("/history")) return `/internal/agent-api/history${suffix.slice("/history".length)}`;
+    if (suffix.startsWith("/search")) return `/internal/agent-api/search${suffix.slice("/search".length)}`;
+    if (suffix.startsWith("/channel-members")) return `/internal/agent-api/channel-members${suffix.slice("/channel-members".length)}`;
+    if (suffix === "/profile" || suffix.startsWith("/profile/")) return `/internal/agent-api${suffix}`;
+    if (suffix === "/upload") return "/internal/agent-api/upload";
+    if (suffix === "/resolve-channel") return "/internal/agent-api/resolve-channel";
+    if (suffix === "/threads/unfollow") return "/internal/agent-api/threads/unfollow";
+    if (suffix === "/prepare-action") return "/internal/agent-api/prepare-action";
+    if (suffix === "/tasks" || suffix.startsWith("/tasks?") || suffix.startsWith("/tasks/")) {
+      return `/internal/agent-api${suffix}`;
+    }
+    if (suffix === "/reminders" || suffix.startsWith("/reminders?") || suffix.startsWith("/reminders/")) {
+      return `/internal/agent-api${suffix}`;
+    }
+    if (suffix === "/receive" || suffix.startsWith("/receive?")) {
+      return "/internal/agent-api/events?since=latest";
+    }
+    const reaction = /^\/messages\/([^/]+)\/reactions$/.exec(suffix);
+    if (reaction) {
+      return `/internal/agent-api/messages/${reaction[1]}/reactions`;
+    }
+    const channelMembership = /^\/channels\/([^/]+)\/(join|leave)$/.exec(suffix);
+    if (channelMembership) {
+      return `/internal/agent-api/channels/${channelMembership[1]}/${channelMembership[2]}`;
+    }
+    return pathname;
+  }
+  normalizeAgentCredentialResponse(pathname, data) {
+    if (!this.usesAgentApiSurface()) return data;
+    if (!pathname.includes("/internal/agent-api/events")) return data;
+    const value = data;
+    if (!Array.isArray(value.events)) return data;
+    return { ...data, messages: value.events };
+  }
   buildAuthHeaders() {
     const headers = {
       "Authorization": `Bearer ${this.ctx.token}`,
@@ -14237,9 +14345,13 @@ var ApiClient = class {
     return { ok: res.ok, status: res.status, data, error: error48, errorCode };
   }
   async request(method, pathname, body) {
+    pathname = this.rewriteAgentCredentialPath(pathname);
     const url2 = new URL(pathname, this.ctx.serverUrl).toString();
     const headers = this.buildAuthHeaders();
     headers["Content-Type"] = "application/json";
+    if (this.ctx.activeCapabilities && this.ctx.activeCapabilities.length > 0) {
+      headers["X-Slock-Agent-Active-Capabilities"] = this.ctx.activeCapabilities.join(",");
+    }
     const dispatcher = buildFetchDispatcher(url2);
     const init = {
       method,
@@ -14248,17 +14360,26 @@ var ApiClient = class {
     };
     if (dispatcher) init.dispatcher = dispatcher;
     const res = await fetch(url2, init);
-    return this.parseJsonResponse(res);
+    const parsed = await this.parseJsonResponse(res);
+    if (parsed.ok && parsed.data !== null) {
+      parsed.data = this.normalizeAgentCredentialResponse(pathname, parsed.data);
+    }
+    return parsed;
   }
   // Multipart upload. Caller builds the FormData (file part + any text fields).
   // Content-Type intentionally omitted so fetch sets the correct multipart
   // boundary itself.
   async requestMultipart(method, pathname, form) {
+    pathname = this.rewriteAgentCredentialPath(pathname);
     const url2 = new URL(pathname, this.ctx.serverUrl).toString();
     const dispatcher = buildFetchDispatcher(url2);
+    const headers = this.buildAuthHeaders();
+    if (this.ctx.activeCapabilities && this.ctx.activeCapabilities.length > 0) {
+      headers["X-Slock-Agent-Active-Capabilities"] = this.ctx.activeCapabilities.join(",");
+    }
     const init = {
       method,
-      headers: this.buildAuthHeaders(),
+      headers,
       body: form
     };
     if (dispatcher) init.dispatcher = dispatcher;
@@ -14269,11 +14390,16 @@ var ApiClient = class {
   // For non-JSON downloads (binary attachments). Caller is responsible for
   // consuming the body. On non-2xx, attempts to surface a JSON error.
   async requestRaw(method, pathname) {
+    pathname = this.rewriteAgentCredentialPath(pathname);
     const url2 = new URL(pathname, this.ctx.serverUrl).toString();
     const dispatcher = buildFetchDispatcher(url2);
+    const headers = this.buildAuthHeaders();
+    if (this.ctx.activeCapabilities && this.ctx.activeCapabilities.length > 0) {
+      headers["X-Slock-Agent-Active-Capabilities"] = this.ctx.activeCapabilities.join(",");
+    }
     const init = {
       method,
-      headers: this.buildAuthHeaders(),
+      headers,
       redirect: "follow"
     };
     if (dispatcher) init.dispatcher = dispatcher;
@@ -14802,12 +14928,15 @@ function formatMessages(messages) {
 function formatHistoryMessageLine(m) {
   const senderName = m.senderName ?? m.sender_name ?? "unknown";
   const senderDescription = m.senderDescription ?? m.sender_description ?? null;
+  const messageId = m.id ?? m.message_id ?? "-";
+  const createdAt = m.createdAt ?? m.timestamp ?? null;
+  const senderType = m.senderType ?? m.sender_type ?? null;
   const headerParts = [
     `seq=${m.seq}`,
-    `msg=${m.id || "-"}`,
-    `time=${m.createdAt ? toLocalTime(m.createdAt) : "-"}`
+    `msg=${messageId}`,
+    `time=${createdAt ? toLocalTime(createdAt) : "-"}`
   ];
-  if (m.senderType) headerParts.push(`type=${m.senderType}`);
+  if (senderType) headerParts.push(`type=${senderType}`);
   if (m.threadId) headerParts.push(`threadId=${m.threadId}`);
   if ((m.replyCount ?? 0) > 0) headerParts.push(`replyCount=${m.replyCount}`);
   const attachSuffix = formatAttachmentSuffix(m.attachments);
@@ -14981,6 +15110,30 @@ function rejectSendDraftStdin(content, target) {
     ].join("\n")
   );
 }
+function formatHeldSendOutput(target, data) {
+  const newMessageCount = data.newMessageCount ?? 0;
+  const shownMessageCount = data.shownMessageCount ?? data.heldMessages?.length ?? 0;
+  const omittedMessageCount = data.omittedMessageCount ?? Math.max(0, newMessageCount - shownMessageCount);
+  const heldHistory = data.heldMessages && data.heldMessages.length > 0 ? `
+
+${formatHistory(target, { messages: data.heldMessages })}` : "";
+  const mentionNote = (data.mentionAnnotation?.formalMentionCount ?? 0) > 0 ? `
+
+Note: ${data.mentionAnnotation.formalMentionCount} of these messages formally @mention you.` : "";
+  const omittedNote = omittedMessageCount > 0 ? ` ${omittedMessageCount} additional newer message${omittedMessageCount === 1 ? "" : "s"} omitted from this notice; use slock message read explicitly if you need more context.` : "";
+  return `Freshness hold: showing latest ${shownMessageCount} of ${newMessageCount} newer message${newMessageCount === 1 ? "" : "s"}.${omittedNote}
+Your message has been saved as a draft. Review the bounded context shown here, then choose one path.${mentionNote}${heldHistory}
+
+To update the draft, send revised content normally:
+  slock message send --target "${target}" <<'EOF'
+  revised message
+  EOF
+To send the current draft unchanged:
+  slock message send --send-draft --target "${target}"
+` + (data.continueAnywaySuggested ? `If repeated updates keep blocking the same draft and this is still the right reply, you may use:
+  slock message send --send-draft --anyway --target "${target}"
+` : "");
+}
 function registerSendCommand(parent) {
   parent.command("send").description("Send a message to a channel, DM, or thread").argument("[content...]", "Unsupported positional message content. Pipe content to stdin instead.").requiredOption("--target <target>", "Target: '#channel', 'dm:@peer', '#channel:threadId', 'dm:@peer:threadId'").option("--send-draft", "Send the current saved draft after reviewing newer messages").option("--anyway", "Escape hatch: send a saved draft even if freshness re-check is still stale").option("--content <content>", "Unsupported. Pipe message content to stdin instead.").option(
     "--attachment-id <id>",
@@ -15086,26 +15239,7 @@ function registerSendCommand(parent) {
         reholdCount: previousDraftReholdCount + 1,
         seenUpToSeq: data.seenUpToSeq
       });
-      const heldHistory = data.heldMessages && data.heldMessages.length > 0 ? `
-
-${formatHistory(opts.target, { messages: data.heldMessages })}` : "";
-      const mentionNote = (data.mentionAnnotation?.formalMentionCount ?? 0) > 0 ? `
-
-Note: ${data.mentionAnnotation.formalMentionCount} of these messages formally @mention you.` : "";
-      process.stdout.write(
-        `Not sent yet \u2014 ${data.newMessageCount ?? 0} newer message(s) arrived.
-Your message has been saved as a draft. Read the new messages below, then choose one path.${mentionNote}${heldHistory}
-
-To update the draft, send revised content normally:
-  slock message send --target "${opts.target}" <<'EOF'
-  revised message
-  EOF
-To send the current draft unchanged:
-  slock message send --send-draft --target "${opts.target}"
-` + (data.continueAnywaySuggested ? `If repeated updates keep blocking the same draft and this is still the right reply, you may use:
-  slock message send --send-draft --anyway --target "${opts.target}"
-` : "")
-      );
+      process.stdout.write(formatHeldSendOutput(opts.target, data));
       return;
     }
     clearSavedDraft(ctx.agentId, opts.target);
@@ -15138,6 +15272,9 @@ async function drainInbox(ctx, opts) {
     fail(code, res.error ?? `HTTP ${res.status}`);
   }
   const messages = res.data?.messages ?? [];
+  if (ctx.clientMode === "managed-runner" || ctx.clientMode === "self-hosted-runner") {
+    return { messages };
+  }
   const seqs = messages.map((m) => m.seq).filter((s) => Number.isInteger(s) && s > 0);
   if (seqs.length === 0) return { messages };
   const ack = await client.request("POST", `${agentPath}/receive-ack`, { seqs });
@@ -15880,8 +16017,18 @@ function readAvatarFile(avatarFile) {
   }
   return { filename, buffer, mimeType };
 }
+function normalizeAvatarUrl(avatarUrl) {
+  const trimmed = avatarUrl.trim();
+  if (trimmed.length === 0) {
+    fail("INVALID_ARG", "--avatar-url must not be empty");
+  }
+  if (!trimmed.startsWith("pixel:")) {
+    fail("INVALID_ARG", "--avatar-url currently supports only pixel avatar URLs; use --avatar-file for image uploads");
+  }
+  return trimmed;
+}
 function registerProfileUpdateCommand(parent) {
-  parent.command("update").description("Update your own profile").option("--avatar-file <path>", "Path to a local image file to use as your avatar").option("--display-name <name>", "Set your display name (non-empty)").option("--description <text>", "Set your profile description (non-empty)").option("--json", "Emit machine-readable JSON").action(async (opts) => {
+  parent.command("update").description("Update your own profile").option("--avatar-file <path>", "Path to a local image file to use as your avatar").option("--avatar-url <value>", "Set a pixel avatar URL such as pixel:random:<seed>").option("--display-name <name>", "Set your display name (non-empty)").option("--description <text>", "Set your profile description (non-empty)").option("--json", "Emit machine-readable JSON").action(async (opts) => {
     let ctx;
     try {
       ctx = loadAgentContext();
@@ -15890,10 +16037,18 @@ function registerProfileUpdateCommand(parent) {
       throw err;
     }
     const hasAvatar = opts.avatarFile !== void 0;
+    const hasAvatarUrl = opts.avatarUrl !== void 0;
     const hasDisplayName = opts.displayName !== void 0;
     const hasDescription = opts.description !== void 0;
-    if (!hasAvatar && !hasDisplayName && !hasDescription) {
-      fail("INVALID_ARG", "Provide at least one of --avatar-file, --display-name, or --description");
+    if (!hasAvatar && !hasAvatarUrl && !hasDisplayName && !hasDescription) {
+      fail("INVALID_ARG", "Provide at least one of --avatar-file, --avatar-url, --display-name, or --description");
+    }
+    if (hasAvatar && hasAvatarUrl) {
+      fail("INVALID_ARG", "Use either --avatar-file or --avatar-url, not both");
+    }
+    let normalizedAvatarUrl;
+    if (hasAvatarUrl) {
+      normalizedAvatarUrl = normalizeAvatarUrl(opts.avatarUrl);
     }
     let trimmedDisplayName;
     if (hasDisplayName) {
@@ -15915,8 +16070,11 @@ function registerProfileUpdateCommand(parent) {
     }
     const client = new ApiClient(ctx);
     let latestProfile = null;
-    if (hasDisplayName || hasDescription) {
+    if (hasAvatarUrl || hasDisplayName || hasDescription) {
       const body = {};
+      if (hasAvatarUrl) {
+        body.avatarUrl = normalizedAvatarUrl;
+      }
       if (hasDisplayName) {
         body.displayName = trimmedDisplayName;
       }

package/dist/core.js

@@ -9,7 +9,7 @@ import {
   resolveSlockCliPath,
   resolveWorkspaceDirectoryPath,
   scanWorkspaceDirectories
-} from "./chunk-EXJF5JKE.js";
+} from "./chunk-NAMH7BB6.js";
 import {
   subscribeDaemonLogs
 } from "./chunk-KNMCE6WB.js";

package/dist/index.js

@@ -3,7 +3,7 @@ import {
   DAEMON_CLI_USAGE,
   DaemonCore,
   parseDaemonCliArgs
-} from "./chunk-EXJF5JKE.js";
+} from "./chunk-NAMH7BB6.js";
 import "./chunk-KNMCE6WB.js";
 
 // src/index.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slock-ai/daemon",
-  "version": "0.50.0",
+  "version": "0.51.0",
   "type": "module",
   "bin": {
     "slock-daemon": "dist/index.js"