a2acalling 0.6.70 → 0.6.72

package/.a2a-manifest.json

@@ -1,6 +1,6 @@
 {
-  "version": "0.6.70",
-  "installed_at": "2026-02-26T06:18:02.969Z",
+  "version": "0.6.72",
+  "installed_at": "2026-02-27T03:05:52.375Z",
   "files": [
     {
       "path": "CLAUDE.md",

package/CONVENTIONS.md

@@ -99,13 +99,20 @@ close() {
 ```
 - `close()` must be idempotent (safe to call multiple times)
 - `close()` must be a no-op when DB was never initialized (`this.db === null`)
-- The `server.js` `shutdown()` function closes all stores on SIGTERM/SIGINT
+- The `server.js` `shutdown()` function closes all stores on SIGTERM/SIGINT: `serverConvStore`, `eventStore`, `callbookStore` (A2A-59), and logger stores
+- All stores should be created at the `server.js` module level and passed to route factories — do NOT create stores inside route factories (A2A-59)
 - Test teardown should call `store.close()` to prevent SQLite handle leaks
 
 ## Permission Tiers
 
 Tokens have a tier (`public`, `friends`, `family`) and a disclosure level (`public`, `minimal`, `none`). These are enforced at the route level in `src/routes/a2a.js`.
 
+## Route Hardening (A2A-53)
+
+- Rate limit Map has eviction: entries are swept when Map exceeds 1000 entries (stale >24h first, then oldest by insertion order)
+- Admin token comparison uses `timingSafeTokenEqual()` from `src/routes/a2a.js` — do NOT use `!==` for secret comparison
+- Query parameter parsing follows the dashboard.js pattern: `Math.min(max, Math.max(min, Number.parseInt(String(value), 10) || defaultValue))`
+
 ## Anti-Patterns
 
 - Do NOT use `console.log` — use the structured logger

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "a2acalling",
-  "version": "0.6.70",
+  "version": "0.6.72",
   "description": "Agent-to-agent calling for OpenClaw - A2A agent communication",
   "main": "src/index.js",
   "bin": {

package/src/dashboard/public/app.js

@@ -1351,10 +1351,13 @@ function renderSidebarPreview(tierId) {
 function renderSidebarLists(tier) {
   const topicContainer = document.getElementById('sidebar-topics');
   const goalContainer = document.getElementById('sidebar-goals');
-  if (!topicContainer || !goalContainer) return;
+  if (!topicContainer || !goalContainer || !tier) return;
 
-  // Collect ALL topics across ALL tiers for the sidebar
-  const allTiers = state.settings?.tiers || [];
+  // Collect ALL topics/goals across tiers, but prioritize the currently
+  // rendered tier first so sidebar drag payloads carry the right metadata.
+  // This also ensures unsaved in-DOM items from create/drop appear immediately.
+  const baseTiers = state.settings?.tiers || [];
+  const allTiers = [tier, ...baseTiers.filter(t => t.id !== tier.id)];
   const allTopicMap = new Map();
   const allGoalMap = new Map();
   for (const t of allTiers) {
@@ -1362,17 +1365,24 @@ function renderSidebarLists(tier) {
     const fTopics = t.topics || [];
     const topics = mTopics.length > 0 ? mTopics : fTopics.map(x => ({ topic: x, description: '' }));
     for (const item of topics) {
-      if (item.topic && !allTopicMap.has(item.topic)) {
-        allTopicMap.set(item.topic, item.description || '');
+      if (!item.topic) continue;
+      const existingDesc = allTopicMap.get(item.topic);
+      const nextDesc = item.description || '';
+      if (!allTopicMap.has(item.topic) || (!existingDesc && nextDesc)) {
+        allTopicMap.set(item.topic, nextDesc);
       }
     }
+
     const mGoals = t.manifest?.objectives || [];
     const fGoals = t.goals || [];
     const goals = mGoals.length > 0 ? mGoals : fGoals.map(x => ({ topic: x, description: '' }));
     for (const item of goals) {
       const label = item.objective || item.topic;
-      if (label && !allGoalMap.has(label)) {
-        allGoalMap.set(label, item.description || '');
+      if (!label) continue;
+      const existingDesc = allGoalMap.get(label);
+      const nextDesc = item.description || '';
+      if (!allGoalMap.has(label) || (!existingDesc && nextDesc)) {
+        allGoalMap.set(label, nextDesc);
       }
     }
   }
@@ -1428,53 +1438,128 @@ function renderSidebarLists(tier) {
   `;
 }
 
-// A2A-48: Debounced auto-save replaces explicit Save Tier button.
-// 250ms delay prevents excessive API calls during rapid changes.
+// A2A-61: Snapshot permissions payload from live DOM at mutation time.
+// This prevents polling/re-render races from dropping unsaved drag changes.
+function collectTierPayloadFromDom() {
+  const toggles = document.querySelectorAll('#tool-toggles .toggle-switch input');
+  const allowed_tools = Array.from(toggles).filter(t => t.checked).map(t => t.dataset.tool);
+
+  const topicCards = document.querySelectorAll('#active-topics-zone .active-item-card');
+  // A2A-48: uses dataset.topic for BOTH topics and goals (NOT dataset.objective)
+  // because parseTopicObjects() in dashboard.js only reads entry.topic.
+  const topics = Array.from(topicCards).map(c => c.dataset.topic).filter(Boolean);
+  const manifestTopics = Array.from(topicCards).map(c => ({
+    topic: c.dataset.topic,
+    description: c.dataset.description || ''
+  })).filter(t => t.topic);
+
+  const goalCards = document.querySelectorAll('#active-goals-zone .active-item-card');
+  const goals = Array.from(goalCards).map(c => c.dataset.topic).filter(Boolean);
+  const manifestObjectives = Array.from(goalCards).map(c => ({
+    topic: c.dataset.topic,
+    description: c.dataset.description || ''
+  })).filter(g => g.topic);
+
+  return {
+    allowed_tools,
+    topics,
+    goals,
+    manifest: {
+      topics: manifestTopics,
+      objectives: manifestObjectives
+    }
+  };
+}
+
+// A2A-61: Build a tier view using live DOM state so sidebar active badges
+// stay accurate immediately after create/drop/delete (before round-trip save).
+function getTierSnapshotFromDom() {
+  const tierId = state.activeTierId;
+  const tier = (state.settings?.tiers || []).find(t => t.id === tierId);
+  if (!tier) return null;
+  const payload = collectTierPayloadFromDom();
+  return {
+    ...tier,
+    allowed_tools: payload.allowed_tools,
+    topics: payload.topics,
+    goals: payload.goals,
+    manifest: {
+      ...(tier.manifest || {}),
+      topics: payload.manifest.topics,
+      objectives: payload.manifest.objectives
+    }
+  };
+}
+
+function renderSidebarListsFromDom() {
+  const snapshot = getTierSnapshotFromDom();
+  if (snapshot) renderSidebarLists(snapshot);
+}
+
+// A2A-61: Debounced auto-save with per-tier queueing.
+// Snapshot is captured at mutation time; timer only controls network cadence.
 let _autoSaveTimer = null;
-function autoSaveTier() {
-  clearTimeout(_autoSaveTimer);
-  _autoSaveTimer = setTimeout(async () => {
-    const tierId = state.activeTierId;
-    if (!tierId) return;
+const _pendingTierSaves = new Map();
+let _tierSaveQueue = [];
+let _tierSaveInFlight = false;
 
-    // Collect tools from toggle states
-    const toggles = document.querySelectorAll('#tool-toggles .toggle-switch input');
-    const allowed_tools = Array.from(toggles).filter(t => t.checked).map(t => t.dataset.tool);
-
-    // Collect topics from active zone
-    const topicCards = document.querySelectorAll('#active-topics-zone .active-item-card');
-    // A2A-48: uses dataset.topic for BOTH topics and goals (NOT dataset.objective)
-    // because parseTopicObjects() in dashboard.js:160 only reads entry.topic.
-    // The semantic distinction (objective vs topic) is UI-only; storage layer
-    // uses {topic, description} uniformly for both types.
-    const topics = Array.from(topicCards).map(c => c.dataset.topic).filter(Boolean);
-    const manifestTopics = Array.from(topicCards).map(c => ({
-      topic: c.dataset.topic,
-      description: c.dataset.description || ''
-    })).filter(t => t.topic);
-
-    // Collect goals from active zone
-    const goalCards = document.querySelectorAll('#active-goals-zone .active-item-card');
-    const goals = Array.from(goalCards).map(c => c.dataset.topic).filter(Boolean);
-    const manifestObjectives = Array.from(goalCards).map(c => ({
-      topic: c.dataset.topic,
-      description: c.dataset.description || ''
-    })).filter(g => g.topic);
-
-    const body = { allowed_tools, topics, goals, manifest: { topics: manifestTopics, objectives: manifestObjectives } };
-    // A2A-48: Refresh state inside try block so that a failed PUT does not
-    // trigger an unhandled rejection from the subsequent GET.
-    try {
-      await request(`/settings/tiers/${encodeURIComponent(tierId)}`, {
-        method: 'PUT', body: JSON.stringify(body)
-      });
-      showNotice('Saved');
-      // Refresh state from server to stay in sync after auto-save
-      const payload = await request('/settings');
-      state.settings = payload;
-    } catch (err) {
-      showNotice(`Save failed: ${err.message}`);
+function hasPendingTierSaves() {
+  return Boolean(_autoSaveTimer) || _tierSaveInFlight || _tierSaveQueue.length > 0 || _pendingTierSaves.size > 0;
+}
+
+function queueTierSave(tierId, payload) {
+  if (!tierId || !payload) return;
+  if (!_pendingTierSaves.has(tierId)) {
+    _tierSaveQueue.push(tierId);
+  }
+  _pendingTierSaves.set(tierId, payload);
+}
+
+async function flushTierSaveQueue() {
+  if (_tierSaveInFlight) return;
+  _tierSaveInFlight = true;
+
+  try {
+    while (_tierSaveQueue.length > 0) {
+      const tierId = _tierSaveQueue.shift();
+      const body = _pendingTierSaves.get(tierId);
+      _pendingTierSaves.delete(tierId);
+      if (!tierId || !body) continue;
+
+      try {
+        await request(`/settings/tiers/${encodeURIComponent(tierId)}`, {
+          method: 'PUT',
+          body: JSON.stringify(body)
+        });
+        showNotice('Saved');
+
+        // Refresh canonical settings after each successful save so future
+        // renders and sidebar catalogs stay in sync with persisted state.
+        const payload = await request('/settings');
+        state.settings = payload;
+      } catch (err) {
+        showNotice(`Save failed: ${err.message}`);
+      }
     }
+  } finally {
+    _tierSaveInFlight = false;
+    if (_tierSaveQueue.length > 0) {
+      flushTierSaveQueue().catch(() => {});
+    }
+  }
+}
+
+function autoSaveTier(snapshotPayload = null) {
+  const tierId = state.activeTierId;
+  if (!tierId) return;
+
+  const payload = snapshotPayload || collectTierPayloadFromDom();
+  queueTierSave(tierId, payload);
+
+  clearTimeout(_autoSaveTimer);
+  _autoSaveTimer = setTimeout(() => {
+    _autoSaveTimer = null;
+    flushTierSaveQueue().catch(() => {});
   }, 250);
 }
 
@@ -1486,13 +1571,24 @@ function autoSaveTier() {
 function handleZoneDrop(zone, e) {
   e.preventDefault();
   zone.classList.remove('drag-over');
+
   let data;
   try { data = JSON.parse(e.dataTransfer.getData('application/json')); } catch { return; }
-  if (!data.name) return;
 
-  // A2A-50: Route to correct zone by data.type, NOT by which zone received
-  // the drop. Falls back to zone.id routing if data.type is missing (defensive).
-  const itemType = data.type || (zone.id === 'active-topics-zone' ? 'topic' : 'goal');
+  const name = String(data?.name || '').trim();
+  if (!name) return;
+
+  // A2A-61: strict payload validation. Unknown explicit types are rejected
+  // instead of silently defaulting into the goals column.
+  let itemType = null;
+  if (data.type === 'topic' || data.type === 'goal') {
+    itemType = data.type;
+  } else if (!data.type) {
+    itemType = zone.id === 'active-topics-zone' ? 'topic' : 'goal';
+  } else {
+    return;
+  }
+
   const targetZoneId = itemType === 'topic' ? 'active-topics-zone' : 'active-goals-zone';
   const targetZone = document.getElementById(targetZoneId);
   if (!targetZone) return;
@@ -1504,24 +1600,18 @@ function handleZoneDrop(zone, e) {
   // Check if already in target zone
   const existing = targetZone.querySelectorAll('.active-item-card');
   for (const card of existing) {
-    if (card.dataset.topic === data.name) return; // already active
+    if (card.dataset.topic === name) return;
   }
 
   // A2A-50: Shared helper builds the card HTML to avoid duplication with
   // the create-item-submit handler. Both paths now use buildItemCard().
-  const card = buildItemCard(data.name, data.description || '', accentClass, typeLabel, removeAttr);
+  const card = buildItemCard(name, String(data.description || ''), accentClass, typeLabel, removeAttr);
   const placeholder = targetZone.querySelector('.drop-placeholder');
-  targetZone.insertBefore(card, placeholder);
-  autoSaveTier();
+  if (placeholder) targetZone.insertBefore(card, placeholder);
+  else targetZone.appendChild(card);
 
-  // A2A-48: Re-fetch tier from state instead of using captured reference,
-  // since autoSaveTier() may refresh state.settings asynchronously.
-  setTimeout(() => {
-    const freshTier = (state.settings?.tiers || []).find(t => t.id === state.activeTierId);
-    if (freshTier) {
-      renderSidebarLists(freshTier);
-    }
-  }, 300);
+  autoSaveTier();
+  renderSidebarListsFromDom();
 }
 
 // A2A-50: Shared helper to build an active-item card DOM element.
@@ -1791,10 +1881,28 @@ function bindPermissionsActions() {
   [topicZone, goalZone].forEach(zone => {
     if (!zone) return;
     let dragCounter = 0;
-    zone.addEventListener('dragenter', (e) => { e.preventDefault(); dragCounter++; zone.classList.add('drag-over'); });
+    const clearZoneDragState = () => {
+      dragCounter = 0;
+      zone.classList.remove('drag-over');
+    };
+
+    zone.addEventListener('dragenter', (e) => {
+      e.preventDefault();
+      dragCounter += 1;
+      zone.classList.add('drag-over');
+    });
     zone.addEventListener('dragover', (e) => { e.preventDefault(); });
-    zone.addEventListener('dragleave', () => { dragCounter--; if (dragCounter === 0) zone.classList.remove('drag-over'); });
-    zone.addEventListener('drop', (e) => { dragCounter = 0; handleZoneDrop(zone, e); });
+    zone.addEventListener('dragleave', () => {
+      dragCounter = Math.max(0, dragCounter - 1);
+      if (dragCounter <= 0) zone.classList.remove('drag-over');
+    });
+    zone.addEventListener('drop', (e) => {
+      clearZoneDragState();
+      handleZoneDrop(zone, e);
+    });
+
+    // A2A-61: Ensure highlight never gets stuck if drag ends outside zone.
+    window.addEventListener('dragend', clearZoneDragState);
   });
 
   // A2A-61: Delegated drag listeners on .perm-sidebar — survives innerHTML
@@ -1809,12 +1917,13 @@ function bindPermissionsActions() {
       const itemType = item.dataset.itemType || 'topic';
       const name = item.dataset.sidebarTopic || item.dataset.sidebarGoal || '';
       const desc = item.dataset.description || '';
+      e.dataTransfer.effectAllowed = 'move';
       e.dataTransfer.setData('application/json', JSON.stringify({ name, description: desc, type: itemType }));
-      item.style.opacity = '0.5';
+      item.classList.add('dragging');
     });
     sidebar.addEventListener('dragend', (e) => {
       const item = e.target.closest('.sidebar-item[draggable="true"]');
-      if (item) item.style.opacity = '';
+      if (item) item.classList.remove('dragging');
     });
   }
 
@@ -1852,6 +1961,16 @@ function bindPermissionsActions() {
     const typeLabel = type === 'topic' ? 'Topic' : 'Goal';
     const removeAttr = type === 'topic' ? 'data-remove-topic' : 'data-remove-goal';
 
+    // A2A-61: Match drop-path dedupe behavior for create flow.
+    const existing = zone.querySelectorAll('.active-item-card');
+    for (const existingCard of existing) {
+      if (existingCard.dataset.topic === title) {
+        dialog.hide();
+        showNotice(`Already active: ${title}`);
+        return;
+      }
+    }
+
     const card = buildItemCard(title, desc, accentClass, typeLabel, removeAttr);
     const placeholder = zone.querySelector('.drop-placeholder');
     if (placeholder) zone.insertBefore(card, placeholder);
@@ -1859,6 +1978,7 @@ function bindPermissionsActions() {
 
     dialog.hide();
     autoSaveTier();
+    renderSidebarListsFromDom();
   });
 
   // A2A-48: Create Item dialog — cancel handler
@@ -1915,6 +2035,7 @@ function bindPermissionsActions() {
     }
     dialog.hide();
     autoSaveTier();
+    renderSidebarListsFromDom();
   });
 
   // A2A-50: Delete confirm dialog — cancel handler
@@ -2310,9 +2431,12 @@ const tabLoaders = {
   contacts: loadContacts,
   calls: loadCalls,
   logs: () => { loadLogs(); loadLogStats(); },
-  // A2A-48: Load fresh settings data when switching to Permissions tab.
-  // Previously a no-op — now ensures data is current on tab switch.
-  permissions: loadSettings,
+  // A2A-48/A2A-61: Load fresh settings data when switching to Permissions,
+  // but skip polling refresh while local drag/create/delete saves are pending.
+  permissions: () => {
+    if (hasPendingTierSaves()) return Promise.resolve();
+    return loadSettings();
+  },
   invites: loadInvites,
   health: loadHealth,
   // A2A-50: Settings tab loads dashboard status, auto-update, and callbook data

package/src/dashboard/public/style.css

@@ -981,6 +981,10 @@ table tbody tr:hover td {
   border-color: rgba(255, 255, 255, 0.18);
 }
 
+.sidebar-item.dragging {
+  opacity: 0.5;
+}
+
 /* A2A-48: Active items in the sidebar are dimmed with dashed border and
    non-draggable to indicate they are already in the active zone. */
 .sidebar-item.active-in-zone {

package/src/lib/config.js

@@ -246,7 +246,15 @@ const DEFAULT_CONFIG = {
     allowMajor: false,
     lastGoodVersion: null
   },
-  
+
+  // A2A-63: Retention policy defaults for database lifecycle management
+  retention: {
+    conversations_days: 90,
+    logs_days: 30,
+    compress_after_days: 7,
+    token_expiry_grace_days: 30
+  },
+
   // Timestamps
   createdAt: null,
   updatedAt: null
@@ -442,6 +450,22 @@ class A2AConfig {
     return next;
   }
 
+  // A2A-63: Retention config accessor — returns merged defaults when
+  // the retention section is missing or partially present in the config file.
+  // Does NOT write defaults to disk automatically.
+  getRetention() {
+    const defaults = DEFAULT_CONFIG.retention;
+    const current = (this.config && typeof this.config.retention === 'object' && this.config.retention)
+      ? this.config.retention
+      : {};
+    return {
+      conversations_days: Number.isFinite(current.conversations_days) ? current.conversations_days : defaults.conversations_days,
+      logs_days: Number.isFinite(current.logs_days) ? current.logs_days : defaults.logs_days,
+      compress_after_days: Number.isFinite(current.compress_after_days) ? current.compress_after_days : defaults.compress_after_days,
+      token_expiry_grace_days: Number.isFinite(current.token_expiry_grace_days) ? current.token_expiry_grace_days : defaults.token_expiry_grace_days
+    };
+  }
+
   // Export for sharing (strips private_key to prevent leakage — A2A-52)
   export() {
     const { private_key, ...agentPublic } = this.config.agent || {};

package/src/lib/conversations.js

@@ -16,6 +16,8 @@ const DEFAULT_CONFIG_DIR = process.env.A2A_CONFIG_DIR ||
 
 const DB_FILENAME = 'a2a-conversations.db';
 const logger = createLogger({ component: 'a2a.conversations' });
+// A2A-63: Dedicated cleanup logger for retention pruning operations
+const cleanupLogger = createLogger({ component: 'a2a.cleanup' });
 
 class ConversationStore {
   constructor(configDir = DEFAULT_CONFIG_DIR, options = {}) {
@@ -573,6 +575,135 @@ class ConversationStore {
     return { compressed, total: messages.length };
   }
 
+  /**
+   * A2A-63: Prune old concluded/timeout conversations and their messages.
+   *
+   * Pipeline:
+   *   1. Compress messages in the compress window (compress_after_days..conversations_days)
+   *   2. Delete messages belonging to expired conversations
+   *   3. Delete the expired conversations themselves
+   *   4. VACUUM only when >100 total rows deleted
+   *
+   * Active conversations are NEVER deleted regardless of age.
+   *
+   * @param {object} options
+   * @param {number} [options.conversations_days=90] - Delete concluded/timeout conversations older than this
+   * @param {number} [options.compress_after_days=7] - Compress messages older than this
+   * @returns {{ compressed: number, deletedMessages: number, deletedConversations: number, vacuumed: boolean }}
+   */
+  pruneOld(options = {}) {
+    const db = this._initDb();
+    if (!db) {
+      return {
+        compressed: 0,
+        deletedMessages: 0,
+        deletedConversations: 0,
+        vacuumed: false,
+        error: this._dbError
+      };
+    }
+
+    const conversationsDays = Number.isFinite(options.conversations_days)
+      ? options.conversations_days
+      : 90;
+    const compressAfterDays = Number.isFinite(options.compress_after_days)
+      ? options.compress_after_days
+      : 7;
+
+    // Step 1: Compress messages in the compress window before deletion
+    const compressResult = this.compressOldMessages(compressAfterDays);
+
+    // Step 2: Find expired conversations (concluded or timeout, older than retention threshold)
+    // A2A-63: Only prune conversations with a non-NULL ended_at that is older than the threshold.
+    // Active conversations have NULL ended_at and are never touched.
+    const retentionThreshold = new Date(
+      Date.now() - conversationsDays * 24 * 60 * 60 * 1000
+    ).toISOString();
+
+    const expiredConvIds = db.prepare(`
+      SELECT id FROM conversations
+      WHERE status IN ('concluded', 'timeout')
+        AND ended_at IS NOT NULL
+        AND ended_at < ?
+    `).all(retentionThreshold).map(row => row.id);
+
+    let deletedMessages = 0;
+    let deletedConversations = 0;
+
+    if (expiredConvIds.length > 0) {
+      // A2A-63: Delete messages BEFORE their parent conversations (foreign key safety)
+      const deleteMsgs = db.prepare(
+        'DELETE FROM messages WHERE conversation_id = ?'
+      );
+      const deleteConv = db.prepare(
+        'DELETE FROM conversations WHERE id = ?'
+      );
+
+      const pruneTransaction = db.transaction((ids) => {
+        for (const id of ids) {
+          const msgResult = deleteMsgs.run(id);
+          deletedMessages += msgResult.changes;
+          const convResult = deleteConv.run(id);
+          deletedConversations += convResult.changes;
+        }
+      });
+
+      pruneTransaction(expiredConvIds);
+    }
+
+    // Step 3: VACUUM only when >100 total rows deleted
+    const totalDeleted = deletedMessages + deletedConversations;
+    let vacuumed = false;
+    if (totalDeleted > 100) {
+      try {
+        db.exec('VACUUM');
+        vacuumed = true;
+      } catch (_) {
+        // A2A-63: Best effort — VACUUM can fail if another connection holds a lock
+      }
+    }
+
+    // Step 4: Log results
+    cleanupLogger.info('Conversation retention prune completed', {
+      event: 'conversations_pruned',
+      data: {
+        compressed: compressResult.compressed,
+        deleted_messages: deletedMessages,
+        deleted_conversations: deletedConversations,
+        vacuumed,
+        retention_days: conversationsDays,
+        compress_after_days: compressAfterDays
+      }
+    });
+
+    return {
+      compressed: compressResult.compressed,
+      deletedMessages,
+      deletedConversations,
+      vacuumed
+    };
+  }
+
+  /**
+   * A2A-63: Get database row counts for monitoring.
+   *
+   * @returns {{ conversations: number, messages: number }}
+   */
+  getDatabaseStats() {
+    const db = this._initDb();
+    if (!db) {
+      return { conversations: 0, messages: 0 };
+    }
+
+    const convCount = db.prepare('SELECT COUNT(*) AS count FROM conversations').get();
+    const msgCount = db.prepare('SELECT COUNT(*) AS count FROM messages').get();
+
+    return {
+      conversations: convCount ? convCount.count : 0,
+      messages: msgCount ? msgCount.count : 0
+    };
+  }
+
   /**
    * Get conversation context for retrieval (summary + recent messages)
    */

package/src/lib/logger.js

@@ -200,6 +200,8 @@ class LogStore {
         trace_id, conversation_id, token_id, request_id, error_code, status_code, hint, data
       ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
     `);
+    // A2A-64: Prepared statement for time-based retention pruning
+    this.pruneStmt = this.db.prepare('DELETE FROM logs WHERE timestamp < ?');
   }
 
   isAvailable() {
@@ -231,6 +233,19 @@ class LogStore {
         entry.hint,
         dataText
       );
+
+      // A2A-64: Auto-prune on every 1000th write (dashboard-events.js pattern).
+      // Best effort — prune failures must not affect write operations.
+      this._writeCount = (this._writeCount || 0) + 1;
+      if (this._writeCount % 1000 === 0 && !this._pruning) {
+        try {
+          const threshold = new Date(Date.now() - 30 * 24 * 60 * 60 * 1000).toISOString();
+          this.pruneStmt.run(threshold);
+        } catch (_) {
+          // A2A-64: Best effort — silent catch like dashboard-events.js:149
+        }
+      }
+
       return true;
     } catch (err) {
       this._dbError = err.message || 'failed_to_write_log_entry';
@@ -409,6 +424,72 @@ class LogStore {
       this.db = null;
     }
   }
+
+  /**
+   * A2A-64: Delete log entries older than the retention period.
+   *
+   * @param {object} [options]
+   * @param {number} [options.days=30] - Retention period in days
+   * @returns {{ deleted: number }}
+   */
+  pruneOld(options = {}) {
+    const db = this._initDb();
+    if (!db) return { deleted: 0 };
+
+    const days = Number.isFinite(options.days) ? options.days : 30;
+    const threshold = new Date(Date.now() - days * 24 * 60 * 60 * 1000).toISOString();
+
+    // A2A-64: Set _pruning flag to prevent auto-prune recursion if the
+    // cleanup logger writes back to this same store.
+    this._pruning = true;
+    let deleted = 0;
+    try {
+      const result = this.pruneStmt.run(threshold);
+      deleted = result.changes;
+
+      // A2A-64: Only VACUUM after bulk deletions (>100 rows) to avoid unnecessary I/O
+      if (deleted > 100) {
+        db.exec('VACUUM');
+      }
+    } finally {
+      this._pruning = false;
+    }
+
+    // A2A-64: Log prune results AFTER prune completes to avoid recursion.
+    // Use a Logger instance with stdout:false for the cleanup component.
+    try {
+      const cleanupLogger = new Logger(this, { component: 'a2a.cleanup', stdout: true, minLevel: 'info' });
+      cleanupLogger.info(`Pruned ${deleted} log entries older than ${days} days`, {
+        event: 'logs_pruned',
+        data: { deleted, days, threshold }
+      });
+    } catch (_) {
+      // A2A-64: Best effort — logging about prune results must not throw
+    }
+
+    return { deleted };
+  }
+
+  /**
+   * A2A-64: Return database-level stats for monitoring.
+   * Complements the existing stats() method which provides level/component breakdowns.
+   *
+   * @returns {{ total: number, oldest_entry: string|null, newest_entry: string|null }}
+   */
+  getDatabaseStats() {
+    const db = this._initDb();
+    if (!db) return { total: 0, oldest_entry: null, newest_entry: null };
+
+    const row = db.prepare(
+      'SELECT COUNT(*) AS total, MIN(timestamp) AS oldest, MAX(timestamp) AS newest FROM logs'
+    ).get();
+
+    return {
+      total: row?.total || 0,
+      oldest_entry: row?.oldest || null,
+      newest_entry: row?.newest || null
+    };
+  }
 }
 
 class Logger {
@@ -570,9 +651,25 @@ function closeAllLoggerStores() {
   storeCache.clear();
 }
 
+// A2A-65: Prune old entries from all cached logger stores.
+// Best effort — individual store failures are caught and logged.
+function pruneAllLoggerStores(options = {}) {
+  const results = [];
+  for (const store of storeCache.values()) {
+    try {
+      results.push(store.pruneOld(options));
+    } catch (_) {
+      // A2A-65: Best effort — one store failure must not block others
+    }
+  }
+  return results;
+}
+
 module.exports = {
   LOG_DB_FILENAME,
+  LogStore,
   createLogger,
   createTraceId,
-  closeAllLoggerStores
+  closeAllLoggerStores,
+  pruneAllLoggerStores
 };

package/src/lib/tokens.js

@@ -383,6 +383,73 @@ class TokenStore {
     return { success: true, record };
   }
 
+  /**
+   * A2A-65: Remove expired and old-revoked tokens from the store.
+   *
+   * - Tokens expired for >1 hour are removed (grace period for in-flight calls)
+   * - Tokens revoked >token_expiry_grace_days ago are removed
+   * - Valid and recently-expired tokens are preserved
+   *
+   * @param {object} [options]
+   * @param {number} [options.token_expiry_grace_days=30] - Days after revocation before removal
+   * @returns {{ removed_expired: number, removed_revoked: number }}
+   */
+  cleanupExpired(options = {}) {
+    const graceDays = Number.isFinite(options.token_expiry_grace_days)
+      ? options.token_expiry_grace_days
+      : 30;
+
+    const db = this._load();
+    const now = Date.now();
+    const oneHourMs = 60 * 60 * 1000;
+    const gracePeriodMs = graceDays * 24 * 60 * 60 * 1000;
+
+    let removed_expired = 0;
+    let removed_revoked = 0;
+
+    const original = db.tokens.length;
+
+    db.tokens = db.tokens.filter(token => {
+      // Remove tokens expired for > 1 hour
+      if (token.expires_at) {
+        const expiresAt = new Date(token.expires_at).getTime();
+        if (expiresAt < now - oneHourMs) {
+          removed_expired++;
+          return false;
+        }
+      }
+
+      // Remove tokens revoked > graceDays ago
+      if (token.revoked && token.revoked_at) {
+        const revokedAt = new Date(token.revoked_at).getTime();
+        if (revokedAt < now - gracePeriodMs) {
+          removed_revoked++;
+          return false;
+        }
+      }
+
+      return true;
+    });
+
+    // Only write if something changed
+    if (db.tokens.length < original) {
+      this._save(db);
+    }
+
+    // A2A-65: Log cleanup results (best effort)
+    try {
+      const cleanupLogger = require('./logger').createLogger({ component: 'a2a.cleanup' });
+      cleanupLogger.info('Token cleanup completed', {
+        event: 'tokens_cleaned',
+        data: { removed_expired, removed_revoked, remaining: db.tokens.length, grace_days: graceDays }
+      });
+    } catch (_) {
+      // Best effort
+    }
+
+    return { removed_expired, removed_revoked };
+  }
+
   /**
    * Add a remote agent endpoint (contact)
    * Note: Token is encrypted at rest using a derived key

package/src/server.js

@@ -21,7 +21,7 @@ const {
   extractCollaborationState
 } = require('./lib/prompt-template');
 const { findAvailablePort } = require('./lib/port-scanner');
-const { createLogger, closeAllLoggerStores } = require('./lib/logger');
+const { createLogger, closeAllLoggerStores, pruneAllLoggerStores } = require('./lib/logger');
 const { writePidFile, removePidFile } = require('./lib/pid-file');
 const { buildUnifiedSummaryPrompt } = require('./lib/summary-prompt');
 const { A2AConfig } = require('./lib/config');
@@ -1019,6 +1019,67 @@ async function startServer() {
     });
     writePidFile(process.pid);
 
+    // A2A-65: Run retention cleanup on startup (best effort — failures must not prevent server startup)
+    try {
+      const retention = config.getRetention();
+
+      // Conversations retention
+      const convStore = getServerConvStore();
+      if (convStore) {
+        try {
+          const convResult = convStore.pruneOld({
+            conversations_days: retention.conversations_days,
+            compress_after_days: retention.compress_after_days
+          });
+          logger.info('Startup retention: conversations pruned', {
+            event: 'startup_retention_conversations',
+            data: convResult
+          });
+        } catch (err) {
+          logger.warn('Startup retention: conversations prune failed', {
+            event: 'startup_retention_conversations_failed',
+            error: err
+          });
+        }
+      }
+
+      // Logger retention
+      try {
+        const logResults = pruneAllLoggerStores({ days: retention.logs_days });
+        const totalDeleted = logResults.reduce((sum, r) => sum + (r.deleted || 0), 0);
+        logger.info('Startup retention: logs pruned', {
+          event: 'startup_retention_logs',
+          data: { total_deleted: totalDeleted, stores_pruned: logResults.length }
+        });
+      } catch (err) {
+        logger.warn('Startup retention: logs prune failed', {
+          event: 'startup_retention_logs_failed',
+          error: err
+        });
+      }
+
+      // Token retention
+      try {
+        const tokenResult = tokenStore.cleanupExpired({
+          token_expiry_grace_days: retention.token_expiry_grace_days
+        });
+        logger.info('Startup retention: tokens cleaned', {
+          event: 'startup_retention_tokens',
+          data: tokenResult
+        });
+      } catch (err) {
+        logger.warn('Startup retention: token cleanup failed', {
+          event: 'startup_retention_tokens_failed',
+          error: err
+        });
+      }
+    } catch (err) {
+      logger.warn('Startup retention failed', {
+        event: 'startup_retention_failed',
+        error: err
+      });
+    }
+
     if (!updateManager) {
       const pkg = require('../package.json');
       const restartFn = async () => {