@steipete/oracle 0.12.0 → 0.13.0

package/dist/src/browser/actions/navigation.js

@@ -149,7 +149,7 @@ export async function ensureLoggedIn(Runtime, logger, options = {}) {
     });
     const probe = normalizeLoginProbe(outcome.result?.value);
     if (probe.ok) {
-        logger(`Login check passed (status=${probe.status}, domLoginCta=${Boolean(probe.domLoginCta)})`);
+        logger(`Login check passed (status=${probe.status}, domLoginCta=${Boolean(probe.domLoginCta)}, appAuthenticated=${Boolean(probe.appAuthenticated)})`);
         return;
     }
     const accepted = await attemptWelcomeBackLogin(Runtime, logger);
@@ -167,9 +167,9 @@ export async function ensureLoggedIn(Runtime, logger, options = {}) {
             logger("Login restored via Welcome back account picker");
             return;
         }
-        logger(`Login retry after Welcome back failed (status=${retryProbe.status}, domLoginCta=${Boolean(retryProbe.domLoginCta)})`);
+        logger(`Login retry after Welcome back failed (status=${retryProbe.status}, domLoginCta=${Boolean(retryProbe.domLoginCta)}, appAuthenticated=${Boolean(retryProbe.appAuthenticated)})`);
     }
-    logger(`Login probe failed (status=${probe.status}, domLoginCta=${Boolean(probe.domLoginCta)}, onAuthPage=${Boolean(probe.onAuthPage)}, url=${probe.pageUrl ?? "n/a"}, error=${probe.error ?? "none"})`);
+    logger(`Login probe failed (status=${probe.status}, domLoginCta=${Boolean(probe.domLoginCta)}, onAuthPage=${Boolean(probe.onAuthPage)}, appAuthenticated=${Boolean(probe.appAuthenticated)}, cfBlocked=${Boolean(probe.cfBlocked)}, url=${probe.pageUrl ?? "n/a"}, error=${probe.error ?? "none"})`);
     const domLabel = probe.domLoginCta ? " Login button detected on page." : "";
     const cookieHint = options.remoteSession
         ? "The remote Chrome session is not signed into ChatGPT. Sign in there, then rerun."
@@ -418,51 +418,111 @@ function buildLoginProbeExpression(timeoutMs) {
       return false;
     };
 
-    const readBackendStatus = async () => {
+    // Learned 2026-05-16: ChatGPT's /backend-api/* endpoints now sit behind Cloudflare bot
+    // mitigation. Programmatic fetch from the page can return 403 with cf-mitigated:challenge
+    // even when the user is logged in via cookies and the SPA renders normally. Detect that
+    // case via the response body shape (Cloudflare interstitial HTML) and fall back to a
+    // DOM-based logged-in signal instead of looping waitForLogin until the 20-min timeout.
+    const isCloudflareBody = (body) => {
+      if (typeof body !== 'string' || body.length === 0) return false;
+      const head = body.slice(0, 2000).toLowerCase();
+      return (
+        head.includes('cf-mitigated') ||
+        head.includes('cloudflare') ||
+        (head.includes('<style global>') && head.includes('scale-appear'))
+      );
+    };
+    const readBackendDetail = async () => {
       try {
-        if (typeof fetch === 'function') {
-          const controller = new AbortController();
-          const timeout = setTimeout(() => controller.abort(), ${timeoutMs});
-          try {
-            // Credentials included so we see a 200 only when cookies are valid.
-            const response = await fetch('/backend-api/me', {
-              cache: 'no-store',
-              credentials: 'include',
-              signal: controller.signal,
-            });
-            return { status: response.status || 0, error: null };
-          } finally {
-            clearTimeout(timeout);
+        if (typeof fetch !== 'function') return { status: 0, cfBlocked: false, error: null };
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), ${timeoutMs});
+        try {
+          const response = await fetch('/backend-api/me', {
+            cache: 'no-store',
+            credentials: 'include',
+            signal: controller.signal,
+          });
+          let cfBlocked = false;
+          if (response.status === 403 || response.status === 503 || response.status === 429) {
+            try {
+              const text = await response.clone().text();
+              cfBlocked = isCloudflareBody(text);
+            } catch {}
           }
+          return { status: response.status || 0, cfBlocked, error: null };
+        } finally {
+          clearTimeout(timeout);
         }
       } catch (err) {
-        return { status: 0, error: err ? String(err) : 'unknown' };
+        return { status: 0, cfBlocked: false, error: err ? String(err) : 'unknown' };
       }
-      return { status: 0, error: null };
     };
 
-    let { status, error } = await readBackendStatus();
+    const hasAppAuthSignal = () => {
+      // Composer must be present and visible — the auth/login page never renders one.
+      if (typeof document.querySelector !== 'function') return false;
+      const composerSelectors = [
+        '#prompt-textarea',
+        '.ProseMirror',
+        'textarea[data-id="prompt-textarea"]',
+        'textarea[name="prompt-textarea"]',
+        '[contenteditable="true"][role="textbox"]',
+      ];
+      const composer = composerSelectors.map((s) => document.querySelector(s)).find(Boolean);
+      if (!composer) return false;
+      const rect = composer.getBoundingClientRect && composer.getBoundingClientRect();
+      const style = window.getComputedStyle(composer);
+      if (!rect || rect.width <= 0 || rect.height <= 0 || style.display === 'none' || style.visibility === 'hidden') {
+        return false;
+      }
+      // Logged-in users should have an account affordance or prior chat history. Generic
+      // composer/model pills also appear in guest sessions, so they are not auth proof.
+      const profileButton = document.querySelector('[data-testid="accounts-profile-button"]');
+      const historyItem = document.querySelector('[data-testid^="history-item-"]');
+      return Boolean(profileButton || historyItem);
+    };
+
+    let backend = await readBackendDetail();
+    let status = backend.status;
+    let cfBlocked = backend.cfBlocked;
+    let error = backend.error;
     let domLoginCta = hasLoginCta();
+    let appAuthenticated = hasAppAuthSignal();
+    const isRetryableStatus = () =>
+      status === 0 || status === 401 || status === 403 || status === 503 || status === 429;
     const settleDeadline = Date.now() + Math.min(${timeoutMs}, 2500);
-    while (!domLoginCta && Date.now() < settleDeadline) {
+    while (!domLoginCta && status !== 200 && isRetryableStatus() && Date.now() < settleDeadline) {
       await new Promise((resolve) => setTimeout(resolve, 100));
       domLoginCta = hasLoginCta();
-      if (status === 0 || status === 401 || status === 403) {
-        const next = await readBackendStatus();
-        status = next.status;
-        error = next.error;
-      }
+      appAuthenticated = hasAppAuthSignal();
+      backend = await readBackendDetail();
+      status = backend.status;
+      cfBlocked = backend.cfBlocked;
+      error = backend.error;
     }
 
     const loginSignals = domLoginCta || onAuthPage;
+    // Accept the SPA-level signal only when the API path is blocked or unavailable
+    // (CF challenge, throttling, transient 5xx, network shaping) but the DOM shows
+    // an authenticated logged-in shell. Plain 401/403 remain authoritative because
+    // they can mean the ChatGPT session really expired.
+    const apiBlocked =
+      cfBlocked ||
+      status === 429 ||
+      status === 503 ||
+      status === 0;
+    const ok = !loginSignals && (status === 200 || (apiBlocked && appAuthenticated));
     return {
-      ok: !loginSignals && status === 200,
+      ok,
       status,
       redirected: false,
       url: pageUrl,
       pageUrl,
       domLoginCta,
       onAuthPage,
+      appAuthenticated,
+      cfBlocked,
       error,
     };
   })()`;
@@ -487,6 +547,8 @@ function normalizeLoginProbe(raw) {
         pageUrl: typeof value.pageUrl === "string" ? value.pageUrl : null,
         domLoginCta: Boolean(value.domLoginCta),
         onAuthPage: Boolean(value.onAuthPage),
+        appAuthenticated: Boolean(value.appAuthenticated),
+        cfBlocked: Boolean(value.cfBlocked),
     };
 }
 export function buildLoginProbeExpressionForTest(timeoutMs = LOGIN_CHECK_TIMEOUT_MS) {

package/dist/src/browser/actions/promptComposer.js

@@ -166,7 +166,7 @@ export async function submitPrompt(deps, prompt, logger) {
             observedLength,
         });
     }
-    const clicked = await attemptSendButton(runtime, logger, deps?.attachmentNames);
+    const clicked = await attemptSendButton(runtime, logger, deps?.attachmentNames, deps?.attachmentTimeoutMs);
     if (!clicked) {
         await input.dispatchKeyEvent({
             type: "keyDown",
@@ -183,6 +183,7 @@ export async function submitPrompt(deps, prompt, logger) {
     else {
         logger("Clicked send button");
     }
+    await deps.onPromptSubmitted?.();
     const commitTimeoutMs = Math.max(60_000, deps.inputTimeoutMs ?? 0);
     // Learned: the send button can succeed but the turn doesn't appear immediately; verify commit via turns/stop button.
     return await verifyPromptCommitted(runtime, prompt, commitTimeoutMs, logger, deps.baselineTurns ?? undefined);
@@ -282,18 +283,136 @@ async function waitForDomReady(Runtime, logger, timeoutMs = 10_000) {
     logger?.(`Page did not reach ready/composer state within ${timeoutMs}ms; continuing cautiously.`);
 }
 function buildAttachmentReadyExpression(attachmentNames) {
-    const namesLiteral = JSON.stringify(attachmentNames.map((name) => name.toLowerCase()));
+    const attachmentExpectations = attachmentNames.map((name) => {
+        const normalized = name.toLowerCase().replace(/\s+/g, " ").trim();
+        return {
+            name: normalized,
+            stem: normalized.replace(/\.[a-z0-9]{1,10}$/i, ""),
+            extension: normalized.match(/(\.[a-z0-9]{1,10})$/i)?.[1] ?? "",
+        };
+    });
+    const namesLiteral = JSON.stringify(attachmentExpectations);
     return `(() => {
-    const names = ${namesLiteral};
+    const expected = ${namesLiteral};
+    const sendSelectors = ${JSON.stringify(SEND_BUTTON_SELECTORS)};
+    const normalize = (value) => String(value || '').toLowerCase().replace(/\\s+/g, ' ').trim();
+    const hasNameBoundary = (text, name) => {
+      if (!name) return false;
+      let from = 0;
+      while (from < text.length) {
+        const index = text.indexOf(name, from);
+        if (index === -1) return false;
+        const previous = text[index - 1] || '';
+        const next = text[index + name.length] || '';
+        const previousOk = !previous || !/[a-z0-9]/.test(previous);
+        const nextOk = !next || !/[a-z0-9]/.test(next);
+        if (previousOk && nextOk) return true;
+        from = index + name.length;
+      }
+      return false;
+    };
+    const hasExtensionBoundary = (text, extension) => {
+      if (!extension) return false;
+      let from = 0;
+      while (from < text.length) {
+        const index = text.indexOf(extension, from);
+        if (index === -1) return false;
+        const next = text[index + extension.length] || '';
+        if (!next || !/[a-z0-9]/.test(next)) return true;
+        from = index + extension.length;
+      }
+      return false;
+    };
+    const matchesExpected = (value, item) => {
+      const text = normalize(value);
+      if (!text) return false;
+      if (hasNameBoundary(text, item.name)) return true;
+      if (
+        item.stem &&
+        item.stem.length >= 4 &&
+        item.extension &&
+        text.includes(item.stem + '(') &&
+        hasExtensionBoundary(text, item.extension)
+      ) {
+        return true;
+      }
+      if (text.includes('…') || text.includes('...')) {
+        const marker = text.includes('…') ? '…' : '...';
+        const [prefixRaw, suffixRaw] = text.split(marker);
+        const prefix = normalize(prefixRaw);
+        const suffix = normalize(suffixRaw);
+        const prefixParts = prefix.split(' ').filter(Boolean);
+        const suffixParts = suffix.split(' ').filter(Boolean);
+        const prefixCandidates = prefixParts.map((_, index) => prefixParts.slice(index).join(' '));
+        const suffixCandidates = suffixParts.map((_, index) =>
+          suffixParts.slice(0, suffixParts.length - index).join(' '),
+        );
+        if (prefixCandidates.length === 0 || suffixCandidates.length === 0) return false;
+        const targets = [item.name, item.stem && item.stem.length >= 4 ? item.stem : ''].filter(Boolean);
+        return targets.some((target) => {
+          return prefixCandidates.some((prefixPart) =>
+            suffixCandidates.some((suffixPart) => {
+              const strongEnough =
+                suffixPart.length >= 2 &&
+                (prefixPart.length >= 3 || (prefixPart.length >= 2 && suffixPart.length >= 4));
+              return strongEnough && target.startsWith(prefixPart) && target.endsWith(suffixPart);
+            }),
+          );
+        });
+      }
+      return false;
+    };
+    // Restrict to attachment affordances; never scan generic div/span nodes (prompt text can contain the file name).
+    const attachmentSelectors = [
+      '[data-testid*="chip"]',
+      '[data-testid*="attachment"]',
+      '[data-testid*="upload"]',
+      '[data-testid*="file"]',
+      '[aria-label*="Remove file"]',
+      'button[aria-label*="Remove file"]',
+      '[aria-label*="remove file"]',
+      'button[aria-label*="remove file"]',
+      '[aria-label*="Remove attachment"]',
+      'button[aria-label*="Remove attachment"]',
+      '[aria-label*="remove attachment"]',
+      'button[aria-label*="remove attachment"]',
+    ];
+    const sendButton = sendSelectors
+      .map((selector) => document.querySelector(selector))
+      .find(Boolean);
+    const isUsableComposerRoot = (node) => {
+      if (!(node instanceof HTMLElement)) return false;
+      if (String(node.tagName || '').toLowerCase() === 'button') return false;
+      const testId = String(node.getAttribute?.('data-testid') || '').toLowerCase();
+      if (!testId.includes('composer')) return false;
+      return !(
+        testId.includes('footer') ||
+        testId.includes('action') ||
+        testId.includes('plus') ||
+        testId.includes('send')
+      );
+    };
+    const closestComposerRoot = (node) => {
+      let current = node instanceof HTMLElement ? node : null;
+      while (current) {
+        if (isUsableComposerRoot(current)) return current;
+        current = current.parentElement;
+      }
+      return null;
+    };
+    const firstComposerRoot = () =>
+      Array.from(document.querySelectorAll('[data-testid*="composer"]')).find(isUsableComposerRoot) || null;
     const composer =
-      document.querySelector('[data-testid*="composer"]') ||
+      closestComposerRoot(sendButton) ||
+      sendButton?.closest?.('form') ||
+      firstComposerRoot() ||
       document.querySelector('form') ||
       document.body ||
       document;
     // Walk node + ancestors (up to grandparent) + descendants to gather every textual hint.
     // ChatGPT's current chip DOM nests the filename inside truncated child spans, so checking
     // only the node's own textContent/aria/title misses the match.
-    const collectLabelHaystack = (node) => {
+    const collectOwnLabelHaystack = (node) => {
       if (!node) return '';
       const pieces = [];
       const pushAttrs = (el) => {
@@ -310,31 +429,21 @@ function buildAttachmentReadyExpression(attachmentNames) {
       };
       pushAttrs(node);
       pushText(node);
+      return pieces.join(' ').toLowerCase();
+    };
+    const collectLabelHaystack = (node) => {
+      if (!node) return '';
+      const pieces = [collectOwnLabelHaystack(node)];
+      const push = (el) => {
+        const text = collectOwnLabelHaystack(el);
+        if (text) pieces.push(text);
+      };
       const parent = node.parentElement;
-      pushAttrs(parent);
-      pushText(parent);
+      push(parent);
       const grandparent = parent?.parentElement;
-      pushAttrs(grandparent);
-      pushText(grandparent);
+      push(grandparent);
       return pieces.join(' ').toLowerCase();
     };
-    const match = (node, name) => collectLabelHaystack(node).includes(name);
-
-    // Restrict to attachment affordances; never scan generic div/span nodes (prompt text can contain the file name).
-    const attachmentSelectors = [
-      '[data-testid*="chip"]',
-      '[data-testid*="attachment"]',
-      '[data-testid*="upload"]',
-      '[data-testid*="file"]',
-      '[aria-label*="Remove file"]',
-      'button[aria-label*="Remove file"]',
-      '[aria-label*="remove file"]',
-      'button[aria-label*="remove file"]',
-      '[aria-label*="Remove attachment"]',
-      'button[aria-label*="Remove attachment"]',
-      '[aria-label*="remove attachment"]',
-      'button[aria-label*="remove attachment"]',
-    ];
     const attachmentRoots = Array.from(new Set([composer])).filter(Boolean);
     const collectChipNodes = () => {
       const seen = new Set();
@@ -353,32 +462,66 @@ function buildAttachmentReadyExpression(attachmentNames) {
       return collected;
     };
     const chipNodes = collectChipNodes();
-
-    const chipsReady = names.every((name) =>
-      chipNodes.some((node) => match(node, name)),
+    const chipLabels = chipNodes.map((node) => collectLabelHaystack(node));
+    const chipOwnLabels = chipNodes.map((node) => collectOwnLabelHaystack(node));
+    const hasEllipsisSuffix = (label) => {
+      const marker = label.includes('…') ? '…' : label.includes('...') ? '...' : '';
+      if (!marker) return false;
+      return normalize(label.split(marker)[1] || '').length > 0;
+    };
+    const chipOwnLabelsWithVisibleNames = chipOwnLabels.filter((label) =>
+      /\\.[a-z][a-z0-9]{0,9}(?:\\b|$)/i.test(label) ||
+      hasEllipsisSuffix(label),
+    );
+    const visibleExtensionLabelsMatchExpected = chipOwnLabelsWithVisibleNames.every((label) =>
+      expected.some((item) => matchesExpected(label, item)),
     );
-    const inputsReady = names.every((name) =>
+
+    const chipsReady = (() => {
+      const used = new Set();
+      return expected.every((item) => {
+        const index = chipLabels.findIndex((label, candidateIndex) =>
+          !used.has(candidateIndex) && matchesExpected(label, item),
+        );
+        if (index === -1) return false;
+        used.add(index);
+        return true;
+      });
+    })();
+    const inputsReady = expected.every((item) =>
       attachmentRoots.some((root) =>
         Array.from(root.querySelectorAll('input[type="file"]')).some((el) =>
           Array.from((el instanceof HTMLInputElement ? el.files : []) || []).some((file) =>
-            file?.name?.toLowerCase?.().includes(name),
+            matchesExpected(file?.name, item),
           ),
         ),
       ),
     );
     // Count-based fallback: if we cannot match names individually (ChatGPT may strip
     // the filename out of attribute-readable text into a deeply nested span), but we
-    // do see at least as many distinct chip-shaped nodes as attachments we uploaded,
-    // and a sibling "Remove" affordance exists per chip, trust the upload.
-    const removeAffordanceCount = chipNodes.filter((node) => {
-      const aria = (node.getAttribute?.('aria-label') ?? '').toLowerCase();
-      if (aria.includes('remove')) return true;
-      const removeSibling = node.querySelector?.(
+    // do see at least as many distinct "Remove" affordances as attachments we
+    // uploaded, trust the upload without double-counting nested chip/remove nodes.
+    const removeAffordances = [];
+    const removeSeen = new Set();
+    for (const root of attachmentRoots) {
+      for (const node of Array.from(root.querySelectorAll(
         '[aria-label*="Remove" i], [aria-label*="remove" i], button[aria-label*="Remove" i], button[aria-label*="remove" i]',
-      );
-      return Boolean(removeSibling);
-    }).length;
-    const countReady = chipNodes.length >= names.length && removeAffordanceCount >= names.length;
+      ))) {
+        if (!(node instanceof HTMLElement)) continue;
+        if (node.closest('textarea,[contenteditable="true"]')) continue;
+        const aria = (node.getAttribute?.('aria-label') ?? '').toLowerCase();
+        const fileSpecific = aria.includes('remove file') || aria.includes('remove attachment');
+        const attachmentOwner = node.closest(
+          '[data-testid*="chip"], [data-testid*="attachment"], [data-testid*="upload"], [data-testid*="file"]',
+        );
+        if (!fileSpecific && !attachmentOwner) continue;
+        if (removeSeen.has(node)) continue;
+        removeSeen.add(node);
+        removeAffordances.push(node);
+      }
+    }
+    const countReady =
+      visibleExtensionLabelsMatchExpected && removeAffordances.length >= expected.length;
 
     return chipsReady || inputsReady || countReady;
   })()`;
@@ -386,7 +529,7 @@ function buildAttachmentReadyExpression(attachmentNames) {
 export function buildAttachmentReadyExpressionForTest(attachmentNames) {
     return buildAttachmentReadyExpression(attachmentNames);
 }
-async function attemptSendButton(Runtime, _logger, attachmentNames) {
+async function attemptSendButton(Runtime, _logger, attachmentNames, attachmentTimeoutMs) {
     const needAttachment = Array.isArray(attachmentNames) && attachmentNames.length > 0;
     const script = `(() => {
     ${buildClickDispatcher()}
@@ -423,7 +566,8 @@ async function attemptSendButton(Runtime, _logger, attachmentNames) {
     // Give attachment-bearing submissions more headroom. ChatGPT's chip render can
     // settle slowly for multi-file uploads, but plain text sends should keep the
     // shorter historical deadline.
-    const deadline = Date.now() + sendButtonTimeoutMs(attachmentNames);
+    const timeoutMs = sendButtonTimeoutMs(attachmentNames, attachmentTimeoutMs);
+    const deadline = Date.now() + timeoutMs;
     while (Date.now() < deadline) {
         if (needAttachment) {
             const ready = await Runtime.evaluate({
@@ -445,16 +589,22 @@ async function attemptSendButton(Runtime, _logger, attachmentNames) {
         await delay(100);
     }
     if (Array.isArray(attachmentNames) && attachmentNames.length > 0) {
-        throw new BrowserAutomationError("Attachments never reached a clickable send button before timeout.", {
+        throw new BrowserAutomationError(`Attachments never reached a clickable send button after ${Math.ceil(timeoutMs / 1000)}s; tune --browser-attachment-timeout.`, {
             stage: "submit-prompt",
             code: "attachment-send-not-ready",
             attachmentNames,
+            timeoutMs,
         });
     }
     return false;
 }
-function sendButtonTimeoutMs(attachmentNames) {
-    return Array.isArray(attachmentNames) && attachmentNames.length > 0 ? 45_000 : 20_000;
+function sendButtonTimeoutMs(attachmentNames, attachmentTimeoutMs) {
+    if (!Array.isArray(attachmentNames) || attachmentNames.length === 0) {
+        return 20_000;
+    }
+    return typeof attachmentTimeoutMs === "number" && Number.isFinite(attachmentTimeoutMs)
+        ? Math.max(1_000, attachmentTimeoutMs)
+        : 45_000;
 }
 async function verifyPromptCommitted(Runtime, prompt, timeoutMs, logger, baselineTurns) {
     const deadline = Date.now() + timeoutMs;