alvin-bot 4.12.0 → 4.12.2

package/test/subagents-toolset.test.ts

@@ -21,7 +21,7 @@ vi.mock("../src/engine.js", () => ({
   }),
 }));
 
-describe("sub-agents toolset (G1)", () => {
+describe("sub-agents toolset (G1, extended v4.12.2)", () => {
   it("accepts toolset='full'", async () => {
     const mod = await import("../src/services/subagents.js");
     const id = await mod.spawnSubAgent({
@@ -38,13 +38,33 @@ describe("sub-agents toolset (G1)", () => {
     expect(typeof id).toBe("string");
   });
 
+  it("accepts toolset='readonly' (v4.12.2 — read-only sub-agents)", async () => {
+    const mod = await import("../src/services/subagents.js");
+    const id = await mod.spawnSubAgent({
+      name: "tool-readonly",
+      prompt: "hi",
+      toolset: "readonly",
+    });
+    expect(typeof id).toBe("string");
+  });
+
+  it("accepts toolset='research' (v4.12.2 — readonly + web)", async () => {
+    const mod = await import("../src/services/subagents.js");
+    const id = await mod.spawnSubAgent({
+      name: "tool-research",
+      prompt: "hi",
+      toolset: "research",
+    });
+    expect(typeof id).toBe("string");
+  });
+
   it("rejects unknown toolset values at runtime", async () => {
     const mod = await import("../src/services/subagents.js");
     await expect(
       mod.spawnSubAgent({
         name: "tool-bogus",
         prompt: "hi",
-        toolset: "readonly" as unknown as "full",
+        toolset: "nonsense-preset" as unknown as "full",
       }),
     ).rejects.toThrow(/toolset/i);
   });

package/test/sync-task-timeout.test.ts

@@ -0,0 +1,153 @@
+/**
+ * v4.12.1 — Integration test: sync Agent tool call with long silence
+ * does NOT trigger the stuck timeout abort.
+ *
+ * Before v4.12.1: a Task tool call WITHOUT run_in_background: true
+ * running silently for >10 minutes triggered STUCK_TIMEOUT_MS and
+ * aborted the main session — even though the sub-agent was working
+ * legitimately (it just can't emit intermediate chunks to the parent
+ * stream).
+ *
+ * After v4.12.1: the stuck timer escalates to SYNC_AGENT_IDLE_TIMEOUT_MS
+ * (120 min) as soon as the sync tool_use is detected (tracked by
+ * toolUseId), and only reverts to the normal timeout after the matching
+ * tool_result arrives.
+ *
+ * This test uses the pure createStuckTimer state machine directly —
+ * the real integration into the message handler's for-await loop is
+ * covered by the Task A unit tests and manual smoke tests. What this
+ * file verifies is the COMBINED flow (normal → enterSync → exitSync →
+ * normal) over realistic timing scales.
+ */
+import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
+import { createStuckTimer } from "../src/handlers/stuck-timer.js";
+
+describe("sync Task tool call stuck-timer integration (v4.12.1)", () => {
+  beforeEach(() => vi.useFakeTimers());
+  afterEach(() => vi.useRealTimers());
+
+  it("30-min silent sync Task gap does NOT fire the 10-min normal timer", () => {
+    const onTimeout = vi.fn();
+    const t = createStuckTimer({
+      normalMs: 10 * 60 * 1000, // 10 min — production default
+      extendedMs: 120 * 60 * 1000, // 120 min — production default
+      onTimeout,
+    });
+
+    // Simulate: handler begins streaming, first chunk arrives
+    t.reset();
+
+    // Assistant text chunk arrives
+    t.reset();
+
+    // tool_use with Task, runInBackground NOT true → sync path
+    t.enterSync("toolu_sync_123");
+
+    // 30 min of silence (no chunks, no resets) — sub-agent is working
+    vi.advanceTimersByTime(30 * 60 * 1000);
+
+    // MUST NOT have fired — we're in extended mode (120 min cap)
+    expect(onTimeout).not.toHaveBeenCalled();
+
+    // tool_result finally arrives
+    t.exitSync("toolu_sync_123");
+    t.reset();
+
+    // Subsequent 10 minutes of silence SHOULD fire (back to normal mode)
+    vi.advanceTimersByTime(10 * 60 * 1000);
+    expect(onTimeout).toHaveBeenCalledTimes(1);
+  });
+
+  it("async Task (runInBackground=true) uses normal timeout (handler does NOT call enterSync)", () => {
+    // Simulates the decision flow: the handler only calls enterSync
+    // when chunk.runInBackground !== true. For async tasks, enterSync
+    // is NEVER called, so the normal 10-min timer applies to any gap
+    // before the watcher delivers (which is a separate path).
+    const onTimeout = vi.fn();
+    const t = createStuckTimer({
+      normalMs: 10 * 60 * 1000,
+      extendedMs: 120 * 60 * 1000,
+      onTimeout,
+    });
+
+    t.reset();
+    // Async path: the async tool_result arrives almost immediately
+    // (the SDK returns "Async agent launched successfully" quickly)
+    t.reset();
+    // Then the parent turn ends normally within a few seconds
+    // ... but if something went wrong and the parent stream hangs,
+    // the normal 10-min timeout applies:
+    vi.advanceTimersByTime(11 * 60 * 1000);
+    expect(onTimeout).toHaveBeenCalledTimes(1);
+  });
+
+  it("cancel during extended mode stops cleanly (handler finally block)", () => {
+    const onTimeout = vi.fn();
+    const t = createStuckTimer({
+      normalMs: 10 * 60 * 1000,
+      extendedMs: 120 * 60 * 1000,
+      onTimeout,
+    });
+
+    t.enterSync("toolu_1");
+
+    // Simulate: partway through a sync task, something errors out
+    // and the handler reaches its finally block
+    vi.advanceTimersByTime(60 * 60 * 1000);
+    t.cancel();
+
+    // Another 60 min pass — no firing because cancel cleared the timer
+    vi.advanceTimersByTime(60 * 60 * 1000);
+    expect(onTimeout).not.toHaveBeenCalled();
+  });
+
+  it("multiple parallel sync tasks (nested Agent calls): extended until ALL complete", () => {
+    // Edge case: if two parent-level sync tool_use blocks land in
+    // the same assistant message, both get tracked. The extended
+    // timer must stay armed until BOTH exit.
+    const onTimeout = vi.fn();
+    const t = createStuckTimer({
+      normalMs: 10 * 60 * 1000,
+      extendedMs: 120 * 60 * 1000,
+      onTimeout,
+    });
+
+    t.enterSync("toolu_parallel_1");
+    t.enterSync("toolu_parallel_2");
+    expect(t._pendingCount()).toBe(2);
+
+    // First finishes
+    vi.advanceTimersByTime(20 * 60 * 1000);
+    t.exitSync("toolu_parallel_1");
+    expect(t._pendingCount()).toBe(1);
+
+    // Second still running — another 30 min of silence
+    vi.advanceTimersByTime(30 * 60 * 1000);
+    expect(onTimeout).not.toHaveBeenCalled();
+
+    // Second finishes
+    t.exitSync("toolu_parallel_2");
+    t.reset();
+
+    // Now back to normal timeout — should fire after 10 min
+    vi.advanceTimersByTime(10 * 60 * 1000);
+    expect(onTimeout).toHaveBeenCalledTimes(1);
+  });
+
+  it("regression guard: old behavior (no task tracking, flat 10-min) would have false-aborted", () => {
+    // This test is a documentation-as-code artifact: it simulates
+    // what the OLD code did and verifies it WOULD have false-aborted.
+    // If we ever revert the fix, this test will catch the regression
+    // by asserting the old behavior fires at exactly 10 min of silence.
+    const onTimeout = vi.fn();
+    const flatTimer = createStuckTimer({
+      normalMs: 10 * 60 * 1000,
+      extendedMs: 10 * 60 * 1000, // identical → simulates pre-v4.12.1 behavior
+      onTimeout,
+    });
+    flatTimer.enterSync("toolu_1");
+    vi.advanceTimersByTime(10 * 60 * 1000);
+    // With the flat timer (pre-fix), a 10-min sync gap DOES fire
+    expect(onTimeout).toHaveBeenCalledTimes(1);
+  });
+});

package/test/system-prompt-background-hint.test.ts

@@ -45,4 +45,21 @@ describe("buildSystemPrompt background-subagent hint (Stage 1)", () => {
     expect(de).toMatch(/run_in_background/);
     expect(es).toMatch(/run_in_background/);
   });
+
+  it("uses CRITICAL framing and decision-tree structure (v4.12.1)", () => {
+    const prompt = buildSystemPrompt(true, "en", "1234");
+    expect(prompt).toMatch(/CRITICAL/);
+    expect(prompt).toMatch(/decision tree/i);
+  });
+
+  it("explicitly warns about Telegram session blocking (v4.12.1)", () => {
+    const prompt = buildSystemPrompt(true, "en", "1234");
+    expect(prompt.toLowerCase()).toMatch(/blocked|blocking/);
+    expect(prompt.toLowerCase()).toMatch(/telegram/);
+  });
+
+  it("aggressive 30-second threshold (v4.12.1, previously 2 minutes)", () => {
+    const prompt = buildSystemPrompt(true, "en", "1234");
+    expect(prompt).toMatch(/30\s*seconds?/i);
+  });
 });

package/test/timing-safe-bearer.test.ts

@@ -0,0 +1,65 @@
+/**
+ * v4.12.2 — Timing-safe bearer token comparison.
+ *
+ * The webhook auth check at src/web/server.ts:127 previously used naive
+ * string equality on the Authorization header. That's vulnerable (in
+ * principle) to timing side-channel attacks where an attacker measures
+ * response times to leak the token character by character.
+ *
+ * Real-world exploitability over network is low due to jitter, but
+ * crypto.timingSafeEqual is the right tool regardless.
+ *
+ * This test covers the pure helper; the integration is in server.ts.
+ */
+import { describe, it, expect } from "vitest";
+import { timingSafeBearerMatch } from "../src/services/timing-safe-bearer.js";
+
+describe("timing-safe bearer token comparison (v4.12.2)", () => {
+  it("matches a correct token", () => {
+    expect(timingSafeBearerMatch("Bearer abc123xyz", "abc123xyz")).toBe(true);
+  });
+
+  it("rejects an incorrect token", () => {
+    expect(timingSafeBearerMatch("Bearer wrong", "abc123xyz")).toBe(false);
+  });
+
+  it("rejects when Bearer prefix is missing", () => {
+    expect(timingSafeBearerMatch("abc123xyz", "abc123xyz")).toBe(false);
+  });
+
+  it("rejects when auth header is empty", () => {
+    expect(timingSafeBearerMatch("", "abc123xyz")).toBe(false);
+  });
+
+  it("rejects when auth header is undefined", () => {
+    expect(timingSafeBearerMatch(undefined, "abc123xyz")).toBe(false);
+  });
+
+  it("rejects when expected token is empty (prevents accidental auth bypass)", () => {
+    expect(timingSafeBearerMatch("Bearer anything", "")).toBe(false);
+    expect(timingSafeBearerMatch("Bearer ", "")).toBe(false);
+    expect(timingSafeBearerMatch("", "")).toBe(false);
+  });
+
+  it("rejects tokens of different lengths without revealing prefix match", () => {
+    expect(timingSafeBearerMatch("Bearer abc", "abcdefg")).toBe(false);
+    expect(timingSafeBearerMatch("Bearer abcdefg", "abc")).toBe(false);
+  });
+
+  it("handles unicode tokens (not that we'd use them, but correctness)", () => {
+    expect(timingSafeBearerMatch("Bearer 🔒xyz", "🔒xyz")).toBe(true);
+    expect(timingSafeBearerMatch("Bearer 🔒xyz", "🔒xYz")).toBe(false);
+  });
+
+  it("case-sensitive comparison (tokens are opaque)", () => {
+    expect(timingSafeBearerMatch("Bearer AbCdEf", "abcdef")).toBe(false);
+    expect(timingSafeBearerMatch("Bearer AbCdEf", "AbCdEf")).toBe(true);
+  });
+
+  it("rejects Bearer with leading/trailing whitespace mismatches the expected format", () => {
+    // RFC 6750 says: Authorization: Bearer <token>
+    // Exactly one space between "Bearer" and the token.
+    expect(timingSafeBearerMatch("Bearer  abc", "abc")).toBe(false); // double space
+    expect(timingSafeBearerMatch(" Bearer abc", "abc")).toBe(false); // leading space
+  });
+});