npm - @wingman-ai/gateway - Versions diffs - 0.2.1 → 0.2.3 - Mend

@wingman-ai/gateway 0.2.1 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/.wingman/agents/README.md +1 -0
package/.wingman/agents/coding/agent.md +179 -112
package/.wingman/agents/coding/implementor.md +50 -3
package/.wingman/agents/main/agent.md +4 -0
package/README.md +1 -0
package/dist/agent/config/agentConfig.cjs +30 -1
package/dist/agent/config/agentConfig.js +30 -1
package/dist/agent/config/modelFactory.cjs +22 -2
package/dist/agent/config/modelFactory.d.ts +2 -0
package/dist/agent/config/modelFactory.js +22 -2
package/dist/agent/tests/agentConfig.test.cjs +39 -0
package/dist/agent/tests/agentConfig.test.js +39 -0
package/dist/agent/tests/modelFactory.test.cjs +12 -5
package/dist/agent/tests/modelFactory.test.js +12 -5
package/dist/cli/commands/init.cjs +7 -6
package/dist/cli/commands/init.js +7 -6
package/dist/cli/commands/provider.cjs +17 -3
package/dist/cli/commands/provider.js +17 -3
package/dist/cli/config/loader.cjs +27 -0
package/dist/cli/config/loader.js +27 -0
package/dist/cli/config/schema.cjs +80 -2
package/dist/cli/config/schema.d.ts +88 -0
package/dist/cli/config/schema.js +67 -1
package/dist/cli/core/agentInvoker.cjs +242 -17
package/dist/cli/core/agentInvoker.d.ts +46 -4
package/dist/cli/core/agentInvoker.js +214 -13
package/dist/cli/core/sessionManager.cjs +32 -5
package/dist/cli/core/sessionManager.js +32 -5
package/dist/cli/index.cjs +6 -5
package/dist/cli/index.js +6 -5
package/dist/cli/types.d.ts +32 -0
package/dist/gateway/http/sessions.cjs +7 -7
package/dist/gateway/http/sessions.js +7 -7
package/dist/gateway/server.cjs +230 -28
package/dist/gateway/server.d.ts +11 -1
package/dist/gateway/server.js +230 -28
package/dist/gateway/types.d.ts +5 -1
package/dist/gateway/validation.cjs +1 -0
package/dist/gateway/validation.d.ts +2 -0
package/dist/gateway/validation.js +1 -0
package/dist/providers/codex.cjs +167 -0
package/dist/providers/codex.d.ts +15 -0
package/dist/providers/codex.js +127 -0
package/dist/providers/credentials.cjs +8 -0
package/dist/providers/credentials.js +8 -0
package/dist/providers/registry.cjs +11 -0
package/dist/providers/registry.d.ts +1 -1
package/dist/providers/registry.js +11 -0
package/dist/tests/agentInvokerSummarization.test.cjs +296 -0
package/dist/tests/agentInvokerSummarization.test.d.ts +1 -0
package/dist/tests/agentInvokerSummarization.test.js +290 -0
package/dist/tests/cli-config-loader.test.cjs +88 -0
package/dist/tests/cli-config-loader.test.js +88 -0
package/dist/tests/codex-credentials-precedence.test.cjs +94 -0
package/dist/tests/codex-credentials-precedence.test.d.ts +1 -0
package/dist/tests/codex-credentials-precedence.test.js +88 -0
package/dist/tests/codex-provider.test.cjs +186 -0
package/dist/tests/codex-provider.test.d.ts +1 -0
package/dist/tests/codex-provider.test.js +180 -0
package/dist/tests/gateway.test.cjs +173 -1
package/dist/tests/gateway.test.js +173 -1
package/dist/tests/provider-command-codex.test.cjs +57 -0
package/dist/tests/provider-command-codex.test.d.ts +1 -0
package/dist/tests/provider-command-codex.test.js +51 -0
package/dist/tests/sessionStateMessages.test.cjs +38 -0
package/dist/tests/sessionStateMessages.test.js +38 -0
package/dist/webui/assets/index-BVMavpud.css +11 -0
package/dist/webui/assets/index-DCB2aVVf.js +182 -0
package/dist/webui/index.html +2 -2
package/package.json +3 -1
package/dist/webui/assets/index-BytPznA_.css +0 -1
package/dist/webui/assets/index-u_5qlVip.js +0 -176

package/dist/tests/codex-provider.test.cjs ADDED Viewed

@@ -0,0 +1,186 @@
+"use strict";
+var __webpack_exports__ = {};
+const external_node_fs_namespaceObject = require("node:fs");
+const external_node_os_namespaceObject = require("node:os");
+const external_node_path_namespaceObject = require("node:path");
+const external_vitest_namespaceObject = require("vitest");
+const codex_cjs_namespaceObject = require("../providers/codex.cjs");
+(0, external_vitest_namespaceObject.describe)("codex provider", ()=>{
+    let codexHome;
+    const originalCodexHome = process.env.CODEX_HOME;
+    (0, external_vitest_namespaceObject.beforeEach)(()=>{
+        codexHome = (0, external_node_fs_namespaceObject.mkdtempSync)((0, external_node_path_namespaceObject.join)((0, external_node_os_namespaceObject.tmpdir)(), "wingman-codex-"));
+        process.env.CODEX_HOME = codexHome;
+        delete process.env.CODEX_ACCESS_TOKEN;
+        delete process.env.CHATGPT_ACCESS_TOKEN;
+    });
+    (0, external_vitest_namespaceObject.afterEach)(()=>{
+        if (void 0 === originalCodexHome) delete process.env.CODEX_HOME;
+        else process.env.CODEX_HOME = originalCodexHome;
+        if ((0, external_node_fs_namespaceObject.existsSync)(codexHome)) (0, external_node_fs_namespaceObject.rmSync)(codexHome, {
+            recursive: true,
+            force: true
+        });
+    });
+    (0, external_vitest_namespaceObject.it)("reads access token and account id from codex auth file", ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "codex-access-token",
+                account_id: "acct_123"
+            }
+        });
+        const resolved = (0, codex_cjs_namespaceObject.resolveCodexAuthFromFile)();
+        (0, external_vitest_namespaceObject.expect)(resolved.accessToken).toBe("codex-access-token");
+        (0, external_vitest_namespaceObject.expect)(resolved.accountId).toBe("acct_123");
+        (0, external_vitest_namespaceObject.expect)(resolved.authPath).toBe((0, external_node_path_namespaceObject.join)(codexHome, "auth.json"));
+    });
+    (0, external_vitest_namespaceObject.it)("applies codex auth headers and forces store=false", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token",
+                account_id: "acct_file"
+            }
+        });
+        const baseFetch = external_vitest_namespaceObject.vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = (0, codex_cjs_namespaceObject.createCodexFetch)({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            headers: {
+                "x-api-key": "placeholder"
+            },
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello",
+                temperature: 1
+            })
+        });
+        (0, external_vitest_namespaceObject.expect)(baseFetch).toHaveBeenCalledTimes(1);
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        (0, external_vitest_namespaceObject.expect)(requestInit).toBeDefined();
+        const headers = new Headers(requestInit?.headers);
+        const payload = JSON.parse(String(requestInit?.body));
+        (0, external_vitest_namespaceObject.expect)(headers.get("authorization")).toBe("Bearer file-token");
+        (0, external_vitest_namespaceObject.expect)(headers.get("chatgpt-account-id")).toBe("acct_file");
+        (0, external_vitest_namespaceObject.expect)(headers.get("x-api-key")).toBeNull();
+        (0, external_vitest_namespaceObject.expect)(payload.store).toBe(false);
+        (0, external_vitest_namespaceObject.expect)(payload.temperature).toBeUndefined();
+        (0, external_vitest_namespaceObject.expect)(typeof payload.instructions).toBe("string");
+        (0, external_vitest_namespaceObject.expect)(payload.instructions.length).toBeGreaterThan(0);
+    });
+    (0, external_vitest_namespaceObject.it)("derives instructions from system/developer input when missing", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token"
+            }
+        });
+        const baseFetch = external_vitest_namespaceObject.vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = (0, codex_cjs_namespaceObject.createCodexFetch)({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "gpt-5.3-codex",
+                input: [
+                    {
+                        role: "developer",
+                        content: [
+                            {
+                                type: "input_text",
+                                text: "Always run tests first."
+                            }
+                        ]
+                    },
+                    {
+                        role: "user",
+                        content: [
+                            {
+                                type: "input_text",
+                                text: "Fix the bug."
+                            }
+                        ]
+                    }
+                ]
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        const payload = JSON.parse(String(requestInit?.body));
+        (0, external_vitest_namespaceObject.expect)(payload.instructions).toBe("Always run tests first.");
+    });
+    (0, external_vitest_namespaceObject.it)("preserves explicit instructions when provided", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token"
+            }
+        });
+        const baseFetch = external_vitest_namespaceObject.vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = (0, codex_cjs_namespaceObject.createCodexFetch)({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "gpt-5.3-codex",
+                instructions: "Use concise answers.",
+                input: "hello"
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        const payload = JSON.parse(String(requestInit?.body));
+        (0, external_vitest_namespaceObject.expect)(payload.instructions).toBe("Use concise answers.");
+    });
+    (0, external_vitest_namespaceObject.it)("uses fallback token when codex auth file is unavailable", async ()=>{
+        const baseFetch = external_vitest_namespaceObject.vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = (0, codex_cjs_namespaceObject.createCodexFetch)({
+            baseFetch,
+            fallbackToken: "fallback-token"
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello"
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        (0, external_vitest_namespaceObject.expect)(requestInit).toBeDefined();
+        const headers = new Headers(requestInit?.headers);
+        (0, external_vitest_namespaceObject.expect)(headers.get("authorization")).toBe("Bearer fallback-token");
+    });
+    (0, external_vitest_namespaceObject.it)("throws when no codex token is available", async ()=>{
+        const baseFetch = external_vitest_namespaceObject.vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = (0, codex_cjs_namespaceObject.createCodexFetch)({
+            baseFetch
+        });
+        await (0, external_vitest_namespaceObject.expect)(codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello"
+            })
+        })).rejects.toThrow(/Codex credentials missing/);
+    });
+});
+function writeCodexAuth(payload) {
+    const authPath = (0, codex_cjs_namespaceObject.getCodexAuthPath)();
+    (0, external_node_fs_namespaceObject.mkdirSync)((0, external_node_path_namespaceObject.dirname)(authPath), {
+        recursive: true
+    });
+    (0, external_node_fs_namespaceObject.writeFileSync)(authPath, JSON.stringify(payload, null, 2));
+}
+for(var __rspack_i in __webpack_exports__)exports[__rspack_i] = __webpack_exports__[__rspack_i];
+Object.defineProperty(exports, '__esModule', {
+    value: true
+});

package/dist/tests/codex-provider.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/tests/codex-provider.test.js ADDED Viewed

@@ -0,0 +1,180 @@
+import { existsSync, mkdirSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { dirname, join } from "node:path";
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import { createCodexFetch, getCodexAuthPath, resolveCodexAuthFromFile } from "../providers/codex.js";
+describe("codex provider", ()=>{
+    let codexHome;
+    const originalCodexHome = process.env.CODEX_HOME;
+    beforeEach(()=>{
+        codexHome = mkdtempSync(join(tmpdir(), "wingman-codex-"));
+        process.env.CODEX_HOME = codexHome;
+        delete process.env.CODEX_ACCESS_TOKEN;
+        delete process.env.CHATGPT_ACCESS_TOKEN;
+    });
+    afterEach(()=>{
+        if (void 0 === originalCodexHome) delete process.env.CODEX_HOME;
+        else process.env.CODEX_HOME = originalCodexHome;
+        if (existsSync(codexHome)) rmSync(codexHome, {
+            recursive: true,
+            force: true
+        });
+    });
+    it("reads access token and account id from codex auth file", ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "codex-access-token",
+                account_id: "acct_123"
+            }
+        });
+        const resolved = resolveCodexAuthFromFile();
+        expect(resolved.accessToken).toBe("codex-access-token");
+        expect(resolved.accountId).toBe("acct_123");
+        expect(resolved.authPath).toBe(join(codexHome, "auth.json"));
+    });
+    it("applies codex auth headers and forces store=false", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token",
+                account_id: "acct_file"
+            }
+        });
+        const baseFetch = vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = createCodexFetch({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            headers: {
+                "x-api-key": "placeholder"
+            },
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello",
+                temperature: 1
+            })
+        });
+        expect(baseFetch).toHaveBeenCalledTimes(1);
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        expect(requestInit).toBeDefined();
+        const headers = new Headers(requestInit?.headers);
+        const payload = JSON.parse(String(requestInit?.body));
+        expect(headers.get("authorization")).toBe("Bearer file-token");
+        expect(headers.get("chatgpt-account-id")).toBe("acct_file");
+        expect(headers.get("x-api-key")).toBeNull();
+        expect(payload.store).toBe(false);
+        expect(payload.temperature).toBeUndefined();
+        expect(typeof payload.instructions).toBe("string");
+        expect(payload.instructions.length).toBeGreaterThan(0);
+    });
+    it("derives instructions from system/developer input when missing", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token"
+            }
+        });
+        const baseFetch = vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = createCodexFetch({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "gpt-5.3-codex",
+                input: [
+                    {
+                        role: "developer",
+                        content: [
+                            {
+                                type: "input_text",
+                                text: "Always run tests first."
+                            }
+                        ]
+                    },
+                    {
+                        role: "user",
+                        content: [
+                            {
+                                type: "input_text",
+                                text: "Fix the bug."
+                            }
+                        ]
+                    }
+                ]
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        const payload = JSON.parse(String(requestInit?.body));
+        expect(payload.instructions).toBe("Always run tests first.");
+    });
+    it("preserves explicit instructions when provided", async ()=>{
+        writeCodexAuth({
+            tokens: {
+                access_token: "file-token"
+            }
+        });
+        const baseFetch = vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = createCodexFetch({
+            baseFetch
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "gpt-5.3-codex",
+                instructions: "Use concise answers.",
+                input: "hello"
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        const payload = JSON.parse(String(requestInit?.body));
+        expect(payload.instructions).toBe("Use concise answers.");
+    });
+    it("uses fallback token when codex auth file is unavailable", async ()=>{
+        const baseFetch = vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = createCodexFetch({
+            baseFetch,
+            fallbackToken: "fallback-token"
+        });
+        await codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello"
+            })
+        });
+        const requestInit = baseFetch.mock.calls[0]?.[1];
+        expect(requestInit).toBeDefined();
+        const headers = new Headers(requestInit?.headers);
+        expect(headers.get("authorization")).toBe("Bearer fallback-token");
+    });
+    it("throws when no codex token is available", async ()=>{
+        const baseFetch = vi.fn(async (_input, _init)=>new Response("{}", {
+                status: 200
+            }));
+        const codexFetch = createCodexFetch({
+            baseFetch
+        });
+        await expect(codexFetch("https://chatgpt.com/backend-api/codex/responses", {
+            method: "POST",
+            body: JSON.stringify({
+                model: "codex-mini-latest",
+                input: "hello"
+            })
+        })).rejects.toThrow(/Codex credentials missing/);
+    });
+});
+function writeCodexAuth(payload) {
+    const authPath = getCodexAuthPath();
+    mkdirSync(dirname(authPath), {
+        recursive: true
+    });
+    writeFileSync(authPath, JSON.stringify(payload, null, 2));
+}

package/dist/tests/gateway.test.cjs CHANGED Viewed

@@ -2,15 +2,53 @@
 var __webpack_exports__ = {};
 const external_vitest_namespaceObject = require("vitest");
 const index_cjs_namespaceObject = require("../gateway/index.cjs");
+function _define_property(obj, key, value) {
+    if (key in obj) Object.defineProperty(obj, key, {
+        value: value,
+        enumerable: true,
+        configurable: true,
+        writable: true
+    });
+    else obj[key] = value;
+    return obj;
+}
 const isBun = void 0 !== globalThis.Bun;
 const describeIfBun = isBun ? external_vitest_namespaceObject.describe : external_vitest_namespaceObject.describe.skip;
 external_vitest_namespaceObject.vi.mock("@/cli/core/agentInvoker.js", ()=>({
         AgentInvoker: class {
-            async invokeAgent() {
+            async invokeAgent(_agentId, content, _sessionId, _attachments, options) {
+                if ("throw-no-event" === content) throw new Error("Synthetic invocation failure");
+                const signal = options?.signal;
+                await new Promise((resolve)=>{
+                    const timer = setTimeout(resolve, 75);
+                    if (signal) {
+                        const onAbort = ()=>{
+                            clearTimeout(timer);
+                            resolve();
+                        };
+                        if (signal.aborted) return void onAbort();
+                        signal.addEventListener("abort", onAbort, {
+                            once: true
+                        });
+                    }
+                });
+                if (signal?.aborted) {
+                    this.outputManager?.emitAgentError?.("Request cancelled");
+                    return {
+                        cancelled: true
+                    };
+                }
+                this.outputManager?.emitAgentComplete?.({
+                    streaming: true
+                });
                 return {
                     streaming: true
                 };
             }
+            constructor(options){
+                _define_property(this, "outputManager", void 0);
+                this.outputManager = options?.outputManager;
+            }
         }
     }));
 describeIfBun("Gateway", ()=>{
@@ -296,6 +334,140 @@ describeIfBun("Gateway", ()=>{
         desktopClient.close();
         requester.close();
     });
+    (0, external_vitest_namespaceObject.it)("should emit agent-error to requester when invocation throws without emitting", async ()=>{
+        const requester = await connectClient("session-error-requester");
+        const requestId = "req-invocation-error";
+        const sessionId = "session-error-test";
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: requestId,
+            payload: {
+                agentId: "main",
+                sessionKey: sessionId,
+                content: "throw-no-event"
+            },
+            timestamp: Date.now()
+        }));
+        const errorMsg = await waitForMessage(requester, (msg)=>"event:agent" === msg.type && msg.id === requestId && msg.payload?.type === "agent-error");
+        (0, external_vitest_namespaceObject.expect)(errorMsg.payload?.error).toContain("Synthetic invocation failure");
+        (0, external_vitest_namespaceObject.expect)(errorMsg.payload?.sessionId).toBe(sessionId);
+        (0, external_vitest_namespaceObject.expect)(errorMsg.payload?.agentId).toBe("main");
+        requester.close();
+    });
+    (0, external_vitest_namespaceObject.it)("should cancel an in-flight agent request", async ()=>{
+        const requester = await connectClient("session-cancel-requester");
+        const requestId = "req-cancel-test";
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: requestId,
+            payload: {
+                agentId: "main",
+                sessionKey: "session-cancel-test",
+                content: "cancel me"
+            },
+            timestamp: Date.now()
+        }));
+        requester.send(JSON.stringify({
+            type: "req:agent:cancel",
+            id: "cancel-req-cancel-test",
+            payload: {
+                requestId
+            },
+            timestamp: Date.now()
+        }));
+        const ack = await waitForMessage(requester, (msg)=>"ack" === msg.type && msg.payload?.action === "req:agent:cancel" && msg.payload?.requestId === requestId);
+        (0, external_vitest_namespaceObject.expect)([
+            "cancelled",
+            "not_found"
+        ]).toContain(ack.payload?.status);
+        requester.close();
+    });
+    (0, external_vitest_namespaceObject.it)("should queue and dequeue requests for the same session", async ()=>{
+        const requester = await connectClient("session-queue-requester");
+        const sessionId = `session-queue-${Date.now()}`;
+        const firstRequestId = `req-queue-first-${Date.now()}`;
+        const secondRequestId = `req-queue-second-${Date.now()}`;
+        const firstCompletePromise = waitForMessage(requester, (msg)=>"event:agent" === msg.type && msg.id === firstRequestId && msg.payload?.type === "agent-complete", 10000);
+        const queuedAckPromise = waitForMessage(requester, (msg)=>"ack" === msg.type && msg.id === secondRequestId && msg.payload?.action === "req:agent" && msg.payload?.status === "queued", 10000);
+        const queuedEventPromise = waitForMessage(requester, (msg)=>"event:agent" === msg.type && msg.id === secondRequestId && msg.payload?.type === "request-queued", 10000);
+        const dequeuedAckPromise = waitForMessage(requester, (msg)=>"ack" === msg.type && msg.id === secondRequestId && msg.payload?.action === "req:agent" && msg.payload?.status === "dequeued", 10000);
+        const secondCompletePromise = waitForMessage(requester, (msg)=>"event:agent" === msg.type && msg.id === secondRequestId && msg.payload?.type === "agent-complete", 10000);
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: firstRequestId,
+            payload: {
+                agentId: "main",
+                sessionKey: sessionId,
+                content: "First queued request"
+            },
+            timestamp: Date.now()
+        }));
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: secondRequestId,
+            payload: {
+                agentId: "main",
+                sessionKey: sessionId,
+                content: "Second queued request"
+            },
+            timestamp: Date.now()
+        }));
+        const queuedAck = await queuedAckPromise;
+        (0, external_vitest_namespaceObject.expect)(queuedAck.payload?.position).toBe(1);
+        const queuedEvent = await queuedEventPromise;
+        (0, external_vitest_namespaceObject.expect)(queuedEvent.payload?.position).toBe(1);
+        (0, external_vitest_namespaceObject.expect)(queuedEvent.payload?.sessionId).toBe(sessionId);
+        await firstCompletePromise;
+        const dequeuedAck = await dequeuedAckPromise;
+        (0, external_vitest_namespaceObject.expect)(dequeuedAck.payload?.remaining).toBe(0);
+        await secondCompletePromise;
+        requester.close();
+    });
+    (0, external_vitest_namespaceObject.it)("should cancel a queued request", async ()=>{
+        const requester = await connectClient("session-cancel-queued-requester");
+        const sessionId = `session-cancel-queued-${Date.now()}`;
+        const firstRequestId = `req-cancel-queued-first-${Date.now()}`;
+        const secondRequestId = `req-cancel-queued-second-${Date.now()}`;
+        const queuedAckPromise = waitForMessage(requester, (msg)=>"ack" === msg.type && msg.id === secondRequestId && msg.payload?.action === "req:agent" && msg.payload?.status === "queued", 10000);
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: firstRequestId,
+            payload: {
+                agentId: "main",
+                sessionKey: sessionId,
+                content: "First request"
+            },
+            timestamp: Date.now()
+        }));
+        requester.send(JSON.stringify({
+            type: "req:agent",
+            id: secondRequestId,
+            payload: {
+                agentId: "main",
+                sessionKey: sessionId,
+                content: "Second request"
+            },
+            timestamp: Date.now()
+        }));
+        await queuedAckPromise;
+        requester.send(JSON.stringify({
+            type: "req:agent:cancel",
+            id: `cancel-${secondRequestId}`,
+            payload: {
+                requestId: secondRequestId
+            },
+            timestamp: Date.now()
+        }));
+        const cancelAck = await waitForMessage(requester, (msg)=>"ack" === msg.type && msg.payload?.action === "req:agent:cancel" && msg.payload?.requestId === secondRequestId && msg.payload?.status === "cancelled_queued", 10000);
+        (0, external_vitest_namespaceObject.expect)(cancelAck.payload?.status).toBe("cancelled_queued");
+        await waitForMessage(requester, (msg)=>"event:agent" === msg.type && msg.id === firstRequestId && msg.payload?.type === "agent-complete", 10000);
+        const queuedRequests = server.queuedSessionRequests;
+        const isStillQueued = [
+            ...queuedRequests.values()
+        ].some((queue)=>queue.some((item)=>item.msg?.id === secondRequestId));
+        (0, external_vitest_namespaceObject.expect)(isStillQueued).toBe(false);
+        requester.close();
+    });
     (0, external_vitest_namespaceObject.it)("should clear session messages via API", async ()=>{
         const createRes = await fetch(`http://localhost:${port}/api/sessions`, {
             method: "POST",