@team-agent/installer 0.2.0 → 0.2.2

package/src/team_agent/messaging/results.py

@@ -359,36 +359,27 @@ def _refresh_leader_receiver_or_flag_rebind(
     receiver = state.get("leader_receiver") or {}
     if receiver.get("mode") != "direct_tmux":
         return state
-    validation = _validate_leader_receiver(receiver)
+    owner_identity = state.get("team_owner") or None
+    receiver_for_validation = dict(receiver)
+    if owner_identity and owner_identity.get("leader_session_uuid") and not receiver_for_validation.get("leader_session_uuid"):
+        receiver_for_validation["leader_session_uuid"] = owner_identity["leader_session_uuid"]
+    validation = _validate_leader_receiver(receiver_for_validation)
     if validation.get("ok"):
         return state
-    owner_identity = state.get("team_owner") or None
-    rediscovered = _rediscover_leader_receiver(receiver, event_log, owner_identity)
+    rediscovered = _rediscover_leader_receiver(
+        receiver_for_validation,
+        event_log,
+        owner_identity,
+        invalidation_reason=validation.get("reason"),
+        team_id=team_state_key(state),
+    )
     if rediscovered.get("status") == "updated":
         state["leader_receiver"] = rediscovered["receiver"]
         if persist:
             save_runtime_state(workspace, state)
         else:
             save_team_scoped_state(workspace, state)
-        event_log.write(
-            "leader_receiver.rebind_applied",
-            old_pane_id=receiver.get("pane_id"),
-            new_pane_id=rediscovered["receiver"].get("pane_id"),
-            reason=validation.get("reason"),
-            source="report_result_notify",
-            owner_identity=owner_identity,
-        )
         return state
-    event_log.write(
-        "leader_receiver.rebind_required",
-        old_pane_id=receiver.get("pane_id"),
-        reason=validation.get("reason"),
-        validation_error=validation.get("error"),
-        rediscovery_status=rediscovered.get("status"),
-        provider=receiver.get("provider"),
-        source="report_result_notify",
-        owner_identity=owner_identity,
-    )
     return state
 
 

package/src/team_agent/messaging/scheduler.py

@@ -311,6 +311,16 @@ def _suppression_clear_reason(
     agent_id: str,
     entry: dict[str, Any],
 ) -> str | None:
+    if entry.get("manual_acknowledge"):
+        try:
+            expires_at = datetime.fromisoformat(str(entry.get("expires_at")))
+        except ValueError:
+            return "invalid_suppression_timestamp"
+        if expires_at.tzinfo is None:
+            expires_at = expires_at.replace(tzinfo=timezone.utc)
+        if datetime.now(timezone.utc) < expires_at:
+            return None
+        return "manual_acknowledge_expired"
     previous = entry.get("snapshot") if isinstance(entry.get("snapshot"), dict) else {}
     current = _agent_alert_snapshot(state, store, agent_id)
     if current.get("assigned_task_ids") != previous.get("assigned_task_ids"):
@@ -399,8 +409,18 @@ def _recent_restart_or_reset_event(event_log: EventLog, agent_id: str, since: da
     for event in reversed(event_log.tail(200)):
         if event.get("event") not in _RESTART_RESET_EVENTS:
             continue
-        if event.get("agent_id") != agent_id and agent_id not in set(event.get("agents") or []):
-            continue
+        if event.get("agent_id") != agent_id:
+            agents_field = event.get("agents") or []
+            agent_ids: set[str] = set()
+            for entry in agents_field:
+                if isinstance(entry, str):
+                    agent_ids.add(entry)
+                elif isinstance(entry, dict):
+                    aid = entry.get("agent_id")
+                    if isinstance(aid, str):
+                        agent_ids.add(aid)
+            if agent_id not in agent_ids:
+                continue
         try:
             ts = datetime.fromisoformat(str(event.get("ts")))
         except ValueError:

package/src/team_agent/messaging/send.py

@@ -85,11 +85,13 @@ def _send_message_unlocked(
             return ambiguous
     state = select_runtime_state(workspace, team)
     gate = check_team_owner(state)
-    if gate:
-        return gate
     spec_path = Path(state.get("spec_path", workspace / "team.spec.yaml"))
     spec = load_spec(spec_path)
     event_log = EventLog(workspace)
+    if gate:
+        from team_agent.messaging.owner_bypass import apply_worker_sender_bypass
+        if not apply_worker_sender_bypass(state, sender, target, task_id, event_log):
+            return gate
     owner_team_id = team_state_key(state)
     leader_id = _leader_id(state, spec)
 
@@ -174,6 +176,11 @@ def _send_single_message_unlocked(
     if _is_leader_target(target, leader_id) and not _is_leader_sender(sender, leader_id):
         return _send_to_leader_receiver(workspace, state, leader_id, content, task_id, sender, requires_ack, event_log)
 
+    from team_agent.messaging.session_drift import session_drift_refusal
+    drift = session_drift_refusal(state, target, leader_id, sender, task_id, event_log)
+    if drift:
+        return drift
+
     if task_id and route_task_id:
         task = _find_task(state.get("tasks", []), task_id)
         if task.get("human_confirmation") and not task.get("human_confirmed"):

package/src/team_agent/messaging/session_drift.py

@@ -0,0 +1,94 @@
+from __future__ import annotations
+
+import re
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any
+
+from team_agent.events import EventLog
+
+_UUID = r"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
+_RESUME_THREAD_RE = re.compile(
+    rf"(?:Switched to thread|resume|thread)\s+({_UUID})",
+    re.IGNORECASE,
+)
+
+
+def extract_thread_id_from_scrollback(scrollback: str) -> str | None:
+    if not scrollback:
+        return None
+    matches = _RESUME_THREAD_RE.findall(scrollback)
+    if not matches:
+        return None
+    return matches[-1].lower()
+
+
+def detect_session_drift(
+    workspace: Path,
+    state: dict[str, Any],
+    event_log: EventLog,
+    *,
+    agent_id: str,
+    agent_state: dict[str, Any],
+    scrollback: str,
+) -> dict[str, Any] | None:
+    provider = str(agent_state.get("provider") or "").lower()
+    if provider != "codex":
+        return None
+    stored = str(agent_state.get("session_id") or "").strip()
+    if not stored:
+        return None
+    if str(agent_state.get("status") or "").lower() == "session_drift":
+        return None
+    actual = extract_thread_id_from_scrollback(scrollback)
+    if not actual:
+        return None
+    if actual.lower() == stored.lower():
+        return None
+    now = datetime.now(timezone.utc).isoformat()
+    event = event_log.write(
+        "coordinator.session_drift_detected",
+        agent_id=agent_id,
+        stored_session_id=stored,
+        actual_thread_id=actual,
+        status="session_drift",
+        provider=provider,
+        ts=now,
+        remediation="team-agent reset-agent --discard-session <agent>",
+    )
+    agent_state["status"] = "session_drift"
+    agent_state["session_drift"] = {
+        "stored_session_id": stored,
+        "actual_thread_id": actual,
+        "detected_at": now,
+        "remediation": "team-agent reset-agent --discard-session <agent>",
+    }
+    return event
+
+
+def session_drift_refusal(state, target, leader_id, sender, task_id, event_log):
+    if not target or target == leader_id or target == "*":
+        return None
+    rs = (state.get("agents") or {}).get(target) or {}
+    if str(rs.get("status") or "").lower() != "session_drift":
+        return None
+    info = rs.get("session_drift") or {}
+    event_log.write(
+        "send.refused_session_drift",
+        target=target,
+        sender=sender,
+        task_id=task_id,
+        stored_session_id=info.get("stored_session_id"),
+        actual_thread_id=info.get("actual_thread_id"),
+    )
+    return {
+        "ok": False,
+        "status": "refused",
+        "reason": "session_drift",
+        "to": target,
+        "action": f"team-agent reset-agent --discard-session {target}",
+        "session_drift": info,
+    }
+
+
+__all__ = ["detect_session_drift", "extract_thread_id_from_scrollback", "session_drift_refusal"]

package/src/team_agent/runtime.py

@@ -67,6 +67,8 @@ from team_agent.display import (
 from team_agent.leader import (
     attach_leader,
     attach_leader_to_state as _attach_leader_to_state,
+    claim_leader,
+    leader_identity,
     leader_session_name as _leader_session_name,
     leader_start_plan,
     start_leader,
@@ -220,6 +222,7 @@ from team_agent.state import (
     save_runtime_state,
     save_team_scoped_state,
     select_runtime_state,
+    team_state_key,
     write_spec,
     write_team_state,
 )
@@ -437,12 +440,10 @@ for _name in (
     assert hasattr(_launch_pkg, _name), f"team_agent.launch missing {_name}"
 del _launch_pkg, _name
 
-# Leader lane re-exports keep runtime.attach_leader, runtime.start_leader,
-# runtime.leader_start_plan, runtime._attach_leader_to_state,
-# runtime._leader_session_name resolving for CLI handlers and tests.
+# Leader lane re-exports keep runtime leader helpers resolving for CLI handlers and tests.
 import team_agent.leader as _leader_pkg
 assert attach_leader is _leader_pkg.attach_leader
-for _name in ("attach_leader", "attach_leader_to_state", "leader_session_name", "leader_start_plan", "start_leader"):
+for _name in ("attach_leader", "attach_leader_to_state", "claim_leader", "leader_identity", "leader_session_name", "leader_start_plan", "start_leader"):
     assert hasattr(_leader_pkg, _name), f"team_agent.leader missing {_name}"
 del _leader_pkg, _name
 from team_agent.task_graph import ready_tasks, update_task_status
@@ -578,20 +579,27 @@ def remove_agent(
         return lifecycle_remove_agent(workspace, agent_id, from_spec=from_spec, confirm=confirm, force=force, team=team)
 
 
-def acknowledge_idle(workspace: Path, agent_id: str) -> dict[str, Any]:
+def acknowledge_idle(workspace: Path, agent_id: str | None = None, *, team: str | None = None) -> dict[str, Any]:
     with _runtime_lock(workspace, "acknowledge-idle"):
-        state = load_runtime_state(workspace)
+        try:
+            state = select_runtime_state(workspace, team)
+        except Exception as exc:
+            return {"ok": False, "status": "refused", "reason": "team_target_unresolved", "team": team, "error": str(exc)}
         gate = check_team_owner(state)
         if gate:
             return gate
-        now = datetime.now(timezone.utc).isoformat()
-        coordinator = state.setdefault("coordinator", {})
-        ack = coordinator.setdefault("idle_acknowledged", {})
-        ack[agent_id] = {"acknowledged_at": now}
-        save_runtime_state(workspace, state)
-        EventLog(workspace).write("coordinator.idle_acknowledged", agent_id=agent_id, acknowledged_at=now)
-        return {"ok": True, "agent_id": agent_id, "acknowledged_at": now}
-
+        now_dt = datetime.now(timezone.utc); now = now_dt.isoformat()
+        ttl_seconds = 1800
+        expires_at = (now_dt + timedelta(seconds=ttl_seconds)).isoformat()
+        owner_team_id = team_state_key(state); coordinator = state.setdefault("coordinator", {})
+        coordinator.setdefault("idle_acknowledged", {})[owner_team_id] = {"acknowledged_at": now, "expires_at": expires_at, "ttl_seconds": ttl_seconds}
+        team_suppressions = coordinator.setdefault("suppressed_idle_alerts", {}).setdefault(owner_team_id, {})
+        entry = {"suppressed_at": now, "suppressed_by": "manual_acknowledge", "manual_acknowledge": True, "expires_at": expires_at, "ttl_seconds": ttl_seconds}
+        for worker_id in state.get("agents", {}):
+            team_suppressions.setdefault(worker_id, {})["idle_fallback"] = dict(entry)
+        save_team_scoped_state(workspace, state)
+        EventLog(workspace).write("coordinator.idle_acknowledged", agent_id=agent_id, team=owner_team_id, acknowledged_at=now, expires_at=expires_at, ttl_seconds=ttl_seconds)
+        return {"ok": True, "team": owner_team_id, "agent_id": agent_id, "acknowledged_at": now, "expires_at": expires_at, "ttl_seconds": ttl_seconds}
 
 def takeover(workspace: Path, team: str | None = None, confirm: bool = False) -> dict[str, Any]:
     if not confirm:

package/src/team_agent/rust_core.py

@@ -1,6 +1,7 @@
 from __future__ import annotations
 
 import json
+import platform
 import re
 import shutil
 import subprocess
@@ -10,6 +11,18 @@ from typing import Any
 from team_agent.paths import repo_root
 
 
+_LEADER_ENV_KEYS = (
+    "TEAM_AGENT_LEADER_SESSION_UUID",
+    "TEAM_AGENT_LEADER_PANE_ID",
+    "TEAM_AGENT_LEADER_PROVIDER",
+    "TEAM_AGENT_MACHINE_FINGERPRINT",
+    "TEAM_AGENT_LEADER_SESSION_UUID_OVERRIDE",
+)
+_LEADER_SHAPED_COMMANDS = {"codex", "claude", "claude.exe", "node", "nodejs"}
+_PANE_ENV_SCAN_TIMEOUT_SECONDS = 2.0
+_run_subprocess = subprocess.run  # test-injectable indirection
+
+
 def core_binary() -> Path | None:
     configured = shutil.which("team-agent-core")
     if configured:
@@ -105,13 +118,13 @@ def list_targets() -> dict[str, Any]:
     result = call_core("list-targets")
     if result.get("ok"):
         return result
-    proc = subprocess.run(
+    proc = _run_subprocess(
         [
             "tmux",
             "list-panes",
             "-a",
             "-F",
-            "#{pane_id}\t#{session_name}\t#{window_index}\t#{window_name}\t#{pane_index}\t#{pane_tty}\t#{pane_current_command}\t#{pane_active}",
+            "#{pane_id}\t#{session_name}\t#{window_index}\t#{window_name}\t#{pane_index}\t#{pane_tty}\t#{pane_current_command}\t#{pane_active}\t#{pane_pid}",
         ],
         text=True,
         capture_output=True,
@@ -123,7 +136,7 @@ def list_targets() -> dict[str, Any]:
     targets = []
     for line in proc.stdout.splitlines():
         parts = line.split("\t")
-        if len(parts) != 8:
+        if len(parts) not in {8, 9}:
             continue
         target = {
             "pane_id": parts[0],
@@ -135,11 +148,152 @@ def list_targets() -> dict[str, Any]:
             "pane_current_command": parts[6],
             "pane_active": parts[7] == "1",
         }
+        pane_pid = parts[8].strip() if len(parts) == 9 else ""
+        if pane_pid:
+            target["pane_pid"] = pane_pid
         target["fingerprint"] = f"{target['session_name']}|{target['window_index']}|{target['pane_index']}|{target['pane_tty']}"
+        _attach_leader_env(target)
         targets.append(target)
     return {"ok": True, "targets": targets, "engine": "python_fallback", "fallback_reason": result.get("error")}
 
 
+def _attach_leader_env(target: dict[str, Any]) -> None:
+    pane_pid = str(target.get("pane_pid") or "").strip()
+    if not pane_pid:
+        target["leader_env"] = None
+        return
+    env = _read_process_env(pane_pid)
+    if env is None:
+        target["leader_env"] = None
+        return
+    leader_env = {key: env[key] for key in _LEADER_ENV_KEYS if key in env}
+    if "TEAM_AGENT_LEADER_SESSION_UUID" not in leader_env:
+        for child_pid in _walk_leader_shaped_children(pane_pid):
+            child_env = _read_process_env(child_pid)
+            if child_env is None:
+                continue
+            for key in _LEADER_ENV_KEYS:
+                if key not in leader_env and key in child_env:
+                    leader_env[key] = child_env[key]
+            if "TEAM_AGENT_LEADER_SESSION_UUID" in leader_env:
+                break
+    target["leader_env"] = leader_env
+    uuid_value = leader_env.get("TEAM_AGENT_LEADER_SESSION_UUID")
+    if uuid_value:
+        target["leader_session_uuid"] = uuid_value
+
+
+def _read_process_env(pid: str) -> dict[str, str] | None:
+    if platform.system() == "Linux":
+        return _read_proc_environ(pid)
+    return _read_ps_eww_env(pid)
+
+
+def _read_proc_environ(pid: str) -> dict[str, str] | None:
+    path = Path(f"/proc/{pid}/environ")
+    try:
+        raw = path.read_bytes()
+    except (FileNotFoundError, PermissionError, OSError):
+        return None
+    env: dict[str, str] = {}
+    for token in raw.split(b"\x00"):
+        if not token or b"=" not in token:
+            continue
+        try:
+            text = token.decode("utf-8", errors="replace")
+        except Exception:
+            continue
+        key, _, value = text.partition("=")
+        env[key] = value
+    return env
+
+
+def _read_ps_eww_env(pid: str) -> dict[str, str] | None:
+    try:
+        proc = _run_subprocess(
+            ["ps", "-E", "-ww", "-p", str(pid)],
+            text=True,
+            capture_output=True,
+            timeout=_PANE_ENV_SCAN_TIMEOUT_SECONDS,
+            check=False,
+        )
+    except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
+        return None
+    if proc.returncode != 0 or not proc.stdout:
+        return None
+    return _parse_ps_eww_output(proc.stdout, pid)
+
+
+def _parse_ps_eww_output(text: str, pid: str) -> dict[str, str]:
+    env: dict[str, str] = {}
+    lines = text.splitlines()
+    if len(lines) < 2:
+        return env
+    target_row = None
+    for line in lines[1:]:
+        stripped = line.lstrip()
+        if stripped.split(" ", 1)[0] == str(pid):
+            target_row = stripped
+            break
+    if target_row is None:
+        # Spark MEDIUM #2 (da436a3): never fall back to lines[1] — that row may belong to
+        # an unrelated process and would leak its env (incl. another team's
+        # TEAM_AGENT_LEADER_SESSION_UUID) into this pane's leader_env, corrupting rediscovery.
+        return env
+    for token in target_row.split():
+        if "=" not in token:
+            continue
+        key, _, value = token.partition("=")
+        if not key or " " in key:
+            continue
+        if not (key[0].isalpha() or key[0] == "_"):
+            continue
+        if not all(ch.isalnum() or ch == "_" for ch in key):
+            continue
+        env[key] = value
+    return env
+
+
+def _walk_leader_shaped_children(parent_pid: str) -> list[str]:
+    try:
+        proc = _run_subprocess(
+            ["ps", "-o", "pid=,ppid=,comm="],
+            text=True,
+            capture_output=True,
+            timeout=_PANE_ENV_SCAN_TIMEOUT_SECONDS,
+            check=False,
+        )
+    except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
+        return []
+    if proc.returncode != 0 or not proc.stdout:
+        return []
+    return _select_leader_shaped_descendants(proc.stdout, parent_pid)
+
+
+def _select_leader_shaped_descendants(ps_output: str, parent_pid: str) -> list[str]:
+    rows: list[tuple[str, str, str]] = []
+    for line in ps_output.splitlines():
+        parts = line.split()
+        if len(parts) < 3:
+            continue
+        pid, ppid, command = parts[0], parts[1], " ".join(parts[2:])
+        rows.append((pid, ppid, Path(command).name))
+    descendants: set[str] = set()
+    frontier = {str(parent_pid)}
+    while frontier:
+        next_frontier: set[str] = set()
+        for pid, ppid, _ in rows:
+            if ppid in frontier and pid not in descendants:
+                descendants.add(pid)
+                next_frontier.add(pid)
+        frontier = next_frontier
+    return [
+        pid
+        for pid, _, command in rows
+        if pid in descendants and command in _LEADER_SHAPED_COMMANDS
+    ]
+
+
 def contains_inline_secret(value: str) -> bool:
     return (
         _contains_secret_assignment(value)