@team-agent/installer 0.2.1 → 0.2.2

package/src/team_agent/message_store/leader_notification_log.py

@@ -0,0 +1,132 @@
+"""Stage 12 (Gap 26 ∩ Gap 32 roundtable consolidation 2026-05-26): atomic exactly-once
+dedupe at the leader-pane injection boundary, keyed by (result_id, leader_session_uuid).
+
+Replaces the bad6484 watcher-table UPSERT approach. UNIQUE primary key + SQLite
+INSERT OR IGNORE gives an atomic claim that works across processes (CLI subprocess
+vs coordinator daemon) and across threads without an advisory lock. Distinct
+leader_session_uuid values (e.g. after takeover) each get their own row so a
+re-takeover legitimately allows another delivery for the same result_id.
+"""
+from __future__ import annotations
+
+from contextlib import closing
+from datetime import datetime, timedelta, timezone
+from typing import Any
+
+
+def claim_leader_notification_delivery(
+    store: Any,
+    *,
+    result_id: str,
+    leader_session_uuid: str,
+    proposed_message_id: str,
+    envelope_hash: str,
+    owner_team_id: str | None,
+    pane_id: str | None,
+) -> dict[str, Any]:
+    """Atomic claim. INSERT OR IGNORE → rowcount=1 means we won, fire the inject.
+    rowcount=0 means a prior row exists for (result_id, leader_session_uuid); SELECT
+    it and return so the caller can decide to suppress (same envelope_hash) or surface
+    legitimate-duplicate (different envelope_hash)."""
+    now = datetime.now(timezone.utc).isoformat()
+    with closing(store.connect()) as conn:
+        with conn:
+            cur = conn.execute(
+                "insert or ignore into leader_notification_log("
+                "  result_id, leader_session_uuid, notified_message_id, notified_at,"
+                "  leader_pane_id_at_notify, envelope_content_hash, owner_team_id"
+                ") values (?, ?, ?, ?, ?, ?, ?)",
+                (
+                    result_id, leader_session_uuid, proposed_message_id, now,
+                    pane_id, envelope_hash, owner_team_id,
+                ),
+            )
+            if cur.rowcount == 1:
+                return {
+                    "status": "claimed_by_you",
+                    "notified_message_id": proposed_message_id,
+                    "notified_at": now,
+                    "envelope_content_hash": envelope_hash,
+                }
+            row = conn.execute(
+                "select notified_message_id, notified_at, envelope_content_hash, "
+                "leader_pane_id_at_notify from leader_notification_log "
+                "where result_id = ? and leader_session_uuid = ?",
+                (result_id, leader_session_uuid),
+            ).fetchone()
+    if row is None:
+        # Should not happen (INSERT OR IGNORE returned 0 → row must exist), but be defensive.
+        return {"status": "claimed_by_you", "notified_message_id": proposed_message_id,
+                "notified_at": now, "envelope_content_hash": envelope_hash}
+    prev_message_id, prev_ts, prev_hash, prev_pane = row[0], row[1], row[2], row[3]
+    return {
+        "status": "already_notified_by",
+        "notified_message_id": prev_message_id,
+        "notified_at": prev_ts,
+        "envelope_content_hash": prev_hash,
+        "leader_pane_id_at_notify": prev_pane,
+    }
+
+
+def peek_leader_notification(
+    store: Any,
+    *,
+    result_id: str,
+    leader_session_uuid: str,
+) -> dict[str, Any] | None:
+    """Read-only fast-path peek (Stage 12). Returns the existing log row for
+    (result_id, leader_session_uuid) or None. Used by notify_result_watchers to short-
+    circuit before calling deliver_stored_message; the authoritative atomic claim still
+    happens at the _send_to_leader_receiver injection boundary."""
+    with closing(store.connect()) as conn:
+        row = conn.execute(
+            "select notified_message_id, notified_at, envelope_content_hash, "
+            "leader_pane_id_at_notify, owner_team_id from leader_notification_log "
+            "where result_id = ? and leader_session_uuid = ?",
+            (result_id, leader_session_uuid),
+        ).fetchone()
+    if row is None:
+        return None
+    return {
+        "notified_message_id": row[0],
+        "notified_at": row[1],
+        "envelope_content_hash": row[2],
+        "leader_pane_id_at_notify": row[3],
+        "owner_team_id": row[4],
+    }
+
+
+def prune_leader_notification_log(store: Any, *, max_age_hours: int = 24) -> int:
+    """Coordinator-tick maintenance: drop rows older than max_age_hours. Cheap, bounded."""
+    cutoff = (datetime.now(timezone.utc) - timedelta(hours=max_age_hours)).isoformat()
+    with closing(store.connect()) as conn:
+        with conn:
+            cur = conn.execute(
+                "delete from leader_notification_log where notified_at < ?",
+                (cutoff,),
+            )
+            return cur.rowcount or 0
+
+
+def leader_notification_log_rows(store: Any, *, owner_team_id: str | None = None) -> list[dict[str, Any]]:
+    """Test/diagnostic accessor. Returns all rows (optionally team-scoped)."""
+    with closing(store.connect()) as conn:
+        if owner_team_id is None:
+            rows = conn.execute(
+                "select * from leader_notification_log order by notified_at"
+            ).fetchall()
+        else:
+            rows = conn.execute(
+                "select * from leader_notification_log where owner_team_id = ? "
+                "or owner_team_id is null order by notified_at",
+                (owner_team_id,),
+            ).fetchall()
+    return [dict(row) for row in rows]
+
+
+__all__ = [
+    "claim_leader_notification_delivery",
+    "peek_leader_notification",
+    "prune_leader_notification_log",
+    "leader_notification_log_rows",
+]

package/src/team_agent/message_store/result_watchers.py

@@ -94,9 +94,152 @@ def requeue_delivery_exhausted_watchers(self) -> list[str]:
             ).fetchall()
             watcher_ids = [row[0] for row in rows]
             if watcher_ids:
+                # Phase D hotfix-3 (78055bc) cleared notified_message_id here; Gap 32 dedupe
+                # reverses that — preserve notified_message_id so the retry path can re-confirm
+                # (or skip if the same result_id was already injected on a different pane_id).
                 conn.execute(
                     "update result_watchers "
-                    "set status = 'notify_failed', error = null, notified_message_id = null, completed_at = null "
+                    "set status = 'notify_failed', error = null, completed_at = null "
                     "where status = 'delivery_exhausted'"
                 )
     return watcher_ids
+
+
+def claim_leader_notification(
+    store: Any,
+    owner_team_id: str | None,
+    result_id: str | None,
+    watcher_id: str,
+    proposed_token: str,
+) -> dict[str, Any]:
+    """DEPRECATED (Stage 12 roundtable retirement). The watcher-table UPSERT did not
+    actually prevent duplicate leader-pane injections in Mac mini real flow because two
+    independent code paths (scheduled_event branch + result_watchers branch) emit
+    deliver_attempt without coordinating at the watcher level. Replaced by
+    leader_notification_log.claim_leader_notification_delivery consulted inside
+    _send_to_leader_receiver. Kept here as a no-op shim so legacy callers / tests that
+    still import this symbol don't crash on import — but it does NOT perform a claim and
+    should NOT be used in new code."""
+    if not result_id:
+        return {"status": "deprecated_noop", "canonical_message_id": None}
+    return {"status": "deprecated_noop", "canonical_message_id": None}
+
+
+def _claim_leader_notification_disabled_impl(  # legacy reference for archaeology
+    store: Any,
+    owner_team_id: str | None,
+    result_id: str | None,
+    watcher_id: str,
+    proposed_token: str,
+) -> dict[str, Any]:
+    if not result_id:
+        return {"status": "no_result_id", "canonical_message_id": None}
+    with closing(store.connect()) as conn:
+        conn.isolation_level = None
+        try:
+            conn.execute("BEGIN IMMEDIATE")
+            if owner_team_id is None:
+                sibling = conn.execute(
+                    "select notified_message_id from result_watchers "
+                    "where result_id = ? and notified_message_id is not null "
+                    "order by coalesce(completed_at, created_at) limit 1",
+                    (result_id,),
+                ).fetchone()
+            else:
+                sibling = conn.execute(
+                    "select notified_message_id from result_watchers "
+                    "where result_id = ? and notified_message_id is not null "
+                    "and (owner_team_id = ? or owner_team_id is null) "
+                    "order by coalesce(completed_at, created_at) limit 1",
+                    (result_id, owner_team_id),
+                ).fetchone()
+            if sibling and sibling[0]:
+                conn.execute("COMMIT")
+                return {"status": "already_notified_by", "canonical_message_id": sibling[0]}
+            cur = conn.execute(
+                "update result_watchers "
+                "set notified_message_id = ?, result_id = coalesce(result_id, ?) "
+                "where watcher_id = ? and notified_message_id is null",
+                (proposed_token, result_id, watcher_id),
+            )
+            if cur.rowcount == 1:
+                conn.execute("COMMIT")
+                return {"status": "claimed_by_you", "canonical_message_id": proposed_token}
+            row = conn.execute(
+                "select notified_message_id from result_watchers where watcher_id = ?",
+                (watcher_id,),
+            ).fetchone()
+            conn.execute("COMMIT")
+            return {
+                "status": "already_notified_by",
+                "canonical_message_id": (row[0] if row else None) or None,
+            }
+        except Exception:
+            try:
+                conn.execute("ROLLBACK")
+            except Exception:
+                pass
+            raise
+        finally:
+            conn.isolation_level = ""  # restore default
+
+
+def release_leader_notification_claim(
+    store: Any,
+    watcher_id: str,
+    expected_token: str,
+) -> bool:
+    """Release a sentinel claim after delivery failure so the next retry can re-claim.
+    Returns True iff we released the claim we owned (rowcount == 1)."""
+    with closing(store.connect()) as conn:
+        with conn:
+            cur = conn.execute(
+                "update result_watchers set notified_message_id = null "
+                "where watcher_id = ? and notified_message_id = ?",
+                (watcher_id, expected_token),
+            )
+            return cur.rowcount == 1
+
+
+def promote_leader_notification_id(
+    store: Any,
+    watcher_id: str,
+    sentinel_token: str,
+    real_message_id: str,
+) -> bool:
+    """After successful delivery, replace the sentinel claim with the real message_id.
+    Returns True iff the promotion succeeded (rowcount == 1)."""
+    with closing(store.connect()) as conn:
+        with conn:
+            cur = conn.execute(
+                "update result_watchers set notified_message_id = ? "
+                "where watcher_id = ? and notified_message_id = ?",
+                (real_message_id, watcher_id, sentinel_token),
+            )
+            return cur.rowcount == 1
+
+
+def leader_notified_message_id_for_result(
+    store: Any,
+    owner_team_id: str | None,
+    result_id: str | None,
+) -> str | None:
+    if not result_id:
+        return None
+    with closing(store.connect()) as conn:
+        if owner_team_id is None:
+            row = conn.execute(
+                "select notified_message_id from result_watchers "
+                "where result_id = ? and notified_message_id is not null "
+                "order by coalesce(completed_at, created_at) limit 1",
+                (result_id,),
+            ).fetchone()
+        else:
+            row = conn.execute(
+                "select notified_message_id from result_watchers "
+                "where result_id = ? and notified_message_id is not null "
+                "and (owner_team_id = ? or owner_team_id is null) "
+                "order by coalesce(completed_at, created_at) limit 1",
+                (result_id, owner_team_id),
+            ).fetchone()
+    return row[0] if row else None

package/src/team_agent/message_store/schema.py

@@ -231,6 +231,29 @@ def initialize_schema(conn: sqlite3.Connection) -> None:
             RESULT_WATCHER_COLUMNS,
             {"owner_team_id": "alter table result_watchers add column owner_team_id text"},
         )
+        # Stage 12 (Gap 26 ∩ Gap 32 roundtable consolidation 2026-05-26): dedupe leader
+        # notifications at the injection boundary, keyed by (result_id, leader_session_uuid).
+        # UNIQUE primary key + INSERT OR IGNORE in claim_leader_notification_delivery gives
+        # atomic exactly-once without an advisory lock. Retires the bad6484 watcher-table
+        # UPSERT approach.
+        conn.execute(
+            """
+            create table if not exists leader_notification_log (
+              result_id text not null,
+              leader_session_uuid text not null,
+              notified_message_id text not null,
+              notified_at text not null,
+              leader_pane_id_at_notify text,
+              envelope_content_hash text,
+              owner_team_id text,
+              primary key (result_id, leader_session_uuid)
+            )
+            """
+        )
+        conn.execute(
+            "create index if not exists idx_leader_notification_log_uuid "
+            "on leader_notification_log(leader_session_uuid, notified_at)"
+        )
         conn.execute("create index if not exists idx_messages_owner_team_id on messages(owner_team_id)")
         conn.execute("create index if not exists idx_scheduled_events_owner_team_id on scheduled_events(owner_team_id)")
         conn.execute("create index if not exists idx_agent_health_owner_team_id on agent_health(owner_team_id)")

package/src/team_agent/messaging/idle_alerts.py

@@ -6,7 +6,7 @@ from typing import Any
 
 from team_agent.events import EventLog
 from team_agent.message_store import MessageStore
-from team_agent.messaging.deps import load_spec, save_runtime_state, team_state_key
+from team_agent.messaging.deps import load_runtime_state, load_spec, save_runtime_state, team_state_key
 from team_agent.messaging.internal_delivery import deliver_stored_message
 
 
@@ -27,6 +27,21 @@ STABLE_IDLE_SECONDS = 120
 FIRE_DEBOUNCE_SECONDS = 300
 OBLIGATION_PENDING_MIN_AGE_SECONDS = 60
 
+# Event-log progress signal (Gap 32 §"Idle-Detector False Positive Continues Post Phase G hotfix-3"):
+# the team_last_progress_at calculation must also count leader-side sends and worker MCP calls
+# as recent team activity, not only agent_health.last_output_at. Without this, a worker that has
+# called MCP but not yet emitted a visible turn shows up as idle and the idle reminder fires
+# spuriously inside the stable-idle window.
+_PROGRESS_EVENT_TYPES = frozenset({
+    "send.deliver_attempt",
+    "leader_receiver.deliver_attempt",
+    "mcp.report_result",
+    "mcp.send_message",
+})
+_PROGRESS_EVENT_PREFIXES = ("mcp.read_",)
+_PROGRESS_EVENT_WINDOW_SECONDS = 300
+_PROGRESS_EVENT_TAIL_LIMIT = 1000
+
 
 def _parse_iso(text: Any) -> datetime | None:
     if not isinstance(text, str) or not text:
@@ -62,24 +77,105 @@ def _team_last_progress_at(
     state: dict[str, Any],
     store: MessageStore,
     owner_team_id: str,
-) -> datetime | None:
-    candidates: list[datetime] = []
+    event_log: EventLog | None = None,
+    now: datetime | None = None,
+    workspace: Path | None = None,
+) -> tuple[datetime | None, str | None]:
+    sources: list[tuple[datetime, str]] = []
     coordinator = state.get("coordinator") or {}
     explicit = (coordinator.get("team_last_progress_at") or {}).get(owner_team_id)
     if isinstance(explicit, dict):
         ts = _parse_iso(explicit.get("at"))
         if ts:
-            candidates.append(ts)
+            sources.append((ts, "explicit_marker"))
     elif isinstance(explicit, str):
         ts = _parse_iso(explicit)
         if ts:
-            candidates.append(ts)
+            sources.append((ts, "explicit_marker"))
     health = store.agent_health(owner_team_id=owner_team_id)
     for row in health.values():
         ts = _parse_iso(row.get("last_output_at"))
         if ts:
-            candidates.append(ts)
-    return max(candidates) if candidates else None
+            sources.append((ts, "agent_health.last_output_at"))
+    if event_log is not None:
+        # Spark MEDIUM #3 (d9f740d): in multi-team workspaces an unscoped progress event in
+        # team A's activity must NOT suppress team B's idle_fallback. require_team_scope=True
+        # when the workspace has more than one team so unscoped events are ignored. The
+        # team-scoped state passed in here does not carry the workspace-level `teams` dict, so
+        # we re-read the workspace state from disk to detect multi-team shape.
+        require_team_scope = False
+        teams = state.get("teams")
+        if isinstance(teams, dict) and len(teams) > 1:
+            require_team_scope = True
+        elif workspace is not None:
+            try:
+                ws_teams = (load_runtime_state(workspace).get("teams") or {})
+            except Exception:
+                ws_teams = {}
+            if isinstance(ws_teams, dict) and len(ws_teams) > 1:
+                require_team_scope = True
+        event_ts = _scan_event_progress_signals(
+            event_log, owner_team_id, now or datetime.now(timezone.utc),
+            require_team_scope=require_team_scope,
+        )
+        if event_ts:
+            sources.append((event_ts, "event_log"))
+    if not sources:
+        return None, None
+    sources.sort(key=lambda item: item[0], reverse=True)
+    return sources[0]
+
+
+# Stage 14 (Gap 36b) — mtime cache per (workspace_path, owner_team_id, require_team_scope).
+# Mac mini 2026-05-26 evidence: _scan_event_progress_signals was a 22% CPU hot path because
+# every 2-second coordinator tick parsed up to 1000 events from a 28 MB events.jsonl. With
+# the cache, the parse only re-runs when the file changes; quiet workspaces pay zero file
+# I/O between writes.
+_PROGRESS_SCAN_CACHE: dict[tuple[str, str, bool], tuple[float, datetime | None]] = {}
+
+
+def _scan_event_progress_signals(
+    event_log: EventLog,
+    owner_team_id: str,
+    now: datetime,
+    *,
+    require_team_scope: bool = False,
+) -> datetime | None:
+    cache_key = (str(event_log.path), owner_team_id, require_team_scope)
+    try:
+        current_mtime = event_log.path.stat().st_mtime
+    except FileNotFoundError:
+        _PROGRESS_SCAN_CACHE.pop(cache_key, None)
+        return None
+    cached = _PROGRESS_SCAN_CACHE.get(cache_key)
+    if cached is not None and cached[0] == current_mtime:
+        return cached[1]
+    window_start = now - timedelta(seconds=_PROGRESS_EVENT_WINDOW_SECONDS)
+    latest: datetime | None = None
+    for event in event_log.tail(_PROGRESS_EVENT_TAIL_LIMIT):
+        event_type = str(event.get("event") or "")
+        if event_type not in _PROGRESS_EVENT_TYPES and not any(
+            event_type.startswith(prefix) for prefix in _PROGRESS_EVENT_PREFIXES
+        ):
+            continue
+        event_team = event.get("team") or event.get("owner_team_id")
+        if event_team is None:
+            if require_team_scope:
+                continue
+        elif event_team != owner_team_id:
+            continue
+        ts = _parse_iso(event.get("ts"))
+        if not ts or ts < window_start:
+            continue
+        if latest is None or ts > latest:
+            latest = ts
+    _PROGRESS_SCAN_CACHE[cache_key] = (current_mtime, latest)
+    return latest
+
+
+def _reset_progress_scan_cache() -> None:
+    """Test-only hook to force re-scan."""
+    _PROGRESS_SCAN_CACHE.clear()
 
 
 def _team_last_idle_fallback_fire_at(state: dict[str, Any], owner_team_id: str) -> datetime | None:
@@ -209,14 +305,18 @@ def detect_idle_fallbacks(
         record_team_progress(state, now, source="all_workers_idle:false", owner_team_id=owner_team_id)
         save_runtime_state(workspace, state)
         return []
-    last_progress = _team_last_progress_at(state, store, owner_team_id)
+    last_progress, progress_source = _team_last_progress_at(
+        state, store, owner_team_id, event_log=event_log, now=now, workspace=workspace,
+    )
     if last_progress and (now - last_progress) < timedelta(seconds=STABLE_IDLE_SECONDS):
+        reason = "recent_team_progress" if progress_source == "event_log" else "stable_idle_window"
         event_log.write(
             "coordinator.idle_fallback_skipped",
-            reason="stable_idle_window",
+            reason=reason,
             team=owner_team_id,
             stable_idle_seconds=STABLE_IDLE_SECONDS,
             elapsed_seconds=int((now - last_progress).total_seconds()),
+            progress_source=progress_source,
         )
         return []
     last_fire = _team_last_idle_fallback_fire_at(state, owner_team_id)