alvin-bot 4.18.0 → 4.18.2

package/test/sync-task-timeout.test.ts

@@ -1,153 +0,0 @@
-/**
- * v4.12.1 — Integration test: sync Agent tool call with long silence
- * does NOT trigger the stuck timeout abort.
- *
- * Before v4.12.1: a Task tool call WITHOUT run_in_background: true
- * running silently for >10 minutes triggered STUCK_TIMEOUT_MS and
- * aborted the main session — even though the sub-agent was working
- * legitimately (it just can't emit intermediate chunks to the parent
- * stream).
- *
- * After v4.12.1: the stuck timer escalates to SYNC_AGENT_IDLE_TIMEOUT_MS
- * (120 min) as soon as the sync tool_use is detected (tracked by
- * toolUseId), and only reverts to the normal timeout after the matching
- * tool_result arrives.
- *
- * This test uses the pure createStuckTimer state machine directly —
- * the real integration into the message handler's for-await loop is
- * covered by the Task A unit tests and manual smoke tests. What this
- * file verifies is the COMBINED flow (normal → enterSync → exitSync →
- * normal) over realistic timing scales.
- */
-import { describe, it, expect, beforeEach, afterEach, vi } from "vitest";
-import { createStuckTimer } from "../src/handlers/stuck-timer.js";
-
-describe("sync Task tool call stuck-timer integration (v4.12.1)", () => {
-  beforeEach(() => vi.useFakeTimers());
-  afterEach(() => vi.useRealTimers());
-
-  it("30-min silent sync Task gap does NOT fire the 10-min normal timer", () => {
-    const onTimeout = vi.fn();
-    const t = createStuckTimer({
-      normalMs: 10 * 60 * 1000, // 10 min — production default
-      extendedMs: 120 * 60 * 1000, // 120 min — production default
-      onTimeout,
-    });
-
-    // Simulate: handler begins streaming, first chunk arrives
-    t.reset();
-
-    // Assistant text chunk arrives
-    t.reset();
-
-    // tool_use with Task, runInBackground NOT true → sync path
-    t.enterSync("toolu_sync_123");
-
-    // 30 min of silence (no chunks, no resets) — sub-agent is working
-    vi.advanceTimersByTime(30 * 60 * 1000);
-
-    // MUST NOT have fired — we're in extended mode (120 min cap)
-    expect(onTimeout).not.toHaveBeenCalled();
-
-    // tool_result finally arrives
-    t.exitSync("toolu_sync_123");
-    t.reset();
-
-    // Subsequent 10 minutes of silence SHOULD fire (back to normal mode)
-    vi.advanceTimersByTime(10 * 60 * 1000);
-    expect(onTimeout).toHaveBeenCalledTimes(1);
-  });
-
-  it("async Task (runInBackground=true) uses normal timeout (handler does NOT call enterSync)", () => {
-    // Simulates the decision flow: the handler only calls enterSync
-    // when chunk.runInBackground !== true. For async tasks, enterSync
-    // is NEVER called, so the normal 10-min timer applies to any gap
-    // before the watcher delivers (which is a separate path).
-    const onTimeout = vi.fn();
-    const t = createStuckTimer({
-      normalMs: 10 * 60 * 1000,
-      extendedMs: 120 * 60 * 1000,
-      onTimeout,
-    });
-
-    t.reset();
-    // Async path: the async tool_result arrives almost immediately
-    // (the SDK returns "Async agent launched successfully" quickly)
-    t.reset();
-    // Then the parent turn ends normally within a few seconds
-    // ... but if something went wrong and the parent stream hangs,
-    // the normal 10-min timeout applies:
-    vi.advanceTimersByTime(11 * 60 * 1000);
-    expect(onTimeout).toHaveBeenCalledTimes(1);
-  });
-
-  it("cancel during extended mode stops cleanly (handler finally block)", () => {
-    const onTimeout = vi.fn();
-    const t = createStuckTimer({
-      normalMs: 10 * 60 * 1000,
-      extendedMs: 120 * 60 * 1000,
-      onTimeout,
-    });
-
-    t.enterSync("toolu_1");
-
-    // Simulate: partway through a sync task, something errors out
-    // and the handler reaches its finally block
-    vi.advanceTimersByTime(60 * 60 * 1000);
-    t.cancel();
-
-    // Another 60 min pass — no firing because cancel cleared the timer
-    vi.advanceTimersByTime(60 * 60 * 1000);
-    expect(onTimeout).not.toHaveBeenCalled();
-  });
-
-  it("multiple parallel sync tasks (nested Agent calls): extended until ALL complete", () => {
-    // Edge case: if two parent-level sync tool_use blocks land in
-    // the same assistant message, both get tracked. The extended
-    // timer must stay armed until BOTH exit.
-    const onTimeout = vi.fn();
-    const t = createStuckTimer({
-      normalMs: 10 * 60 * 1000,
-      extendedMs: 120 * 60 * 1000,
-      onTimeout,
-    });
-
-    t.enterSync("toolu_parallel_1");
-    t.enterSync("toolu_parallel_2");
-    expect(t._pendingCount()).toBe(2);
-
-    // First finishes
-    vi.advanceTimersByTime(20 * 60 * 1000);
-    t.exitSync("toolu_parallel_1");
-    expect(t._pendingCount()).toBe(1);
-
-    // Second still running — another 30 min of silence
-    vi.advanceTimersByTime(30 * 60 * 1000);
-    expect(onTimeout).not.toHaveBeenCalled();
-
-    // Second finishes
-    t.exitSync("toolu_parallel_2");
-    t.reset();
-
-    // Now back to normal timeout — should fire after 10 min
-    vi.advanceTimersByTime(10 * 60 * 1000);
-    expect(onTimeout).toHaveBeenCalledTimes(1);
-  });
-
-  it("regression guard: old behavior (no task tracking, flat 10-min) would have false-aborted", () => {
-    // This test is a documentation-as-code artifact: it simulates
-    // what the OLD code did and verifies it WOULD have false-aborted.
-    // If we ever revert the fix, this test will catch the regression
-    // by asserting the old behavior fires at exactly 10 min of silence.
-    const onTimeout = vi.fn();
-    const flatTimer = createStuckTimer({
-      normalMs: 10 * 60 * 1000,
-      extendedMs: 10 * 60 * 1000, // identical → simulates pre-v4.12.1 behavior
-      onTimeout,
-    });
-    flatTimer.enterSync("toolu_1");
-    vi.advanceTimersByTime(10 * 60 * 1000);
-    // With the flat timer (pre-fix), a 10-min sync gap DOES fire
-    expect(onTimeout).toHaveBeenCalledTimes(1);
-  });
-});

package/test/system-prompt-background-hint.test.ts

@@ -1,65 +0,0 @@
-/**
- * Fix #17 (Stage 1) — buildSystemPrompt must include the async-subagent
- * hint for SDK sessions so Claude autonomously uses run_in_background: true
- * for long-running tasks, unblocking the main Telegram session.
- *
- * See docs/superpowers/plans/2026-04-13-async-subagents.md
- */
-import { describe, it, expect } from "vitest";
-import { buildSystemPrompt } from "../src/services/personality.js";
-
-describe("buildSystemPrompt background-subagent hint (Stage 1)", () => {
-  it("includes the background hint when isSDK=true", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    expect(prompt).toMatch(/run_in_background/);
-    expect(prompt.toLowerCase()).toMatch(/background|async/);
-  });
-
-  it("instructs Claude to wrap up the turn after launching a background agent", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    // Must tell Claude to end the turn quickly, not keep working
-    expect(prompt.toLowerCase()).toMatch(/end.*turn|wrap up|finish.*turn|end your turn/);
-  });
-
-  it("lists the criteria for when to use background mode", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    // Must mention at least one concrete trigger
-    expect(prompt.toLowerCase()).toMatch(/audit|research|long|>.*minute|2 min/);
-  });
-
-  it("tells Claude NOT to use background for trivial queries", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    expect(prompt.toLowerCase()).toMatch(/don'?t use|avoid|not for|simple question/);
-  });
-
-  it("skips the hint for non-SDK sessions (no Agent tool available)", () => {
-    const prompt = buildSystemPrompt(false, "en", "1234");
-    expect(prompt).not.toMatch(/run_in_background/);
-  });
-
-  it("hint is present regardless of user UI locale (prompt is always in English for Claude)", () => {
-    const en = buildSystemPrompt(true, "en", "1234");
-    const de = buildSystemPrompt(true, "de", "1234");
-    const es = buildSystemPrompt(true, "es", "1234");
-    expect(en).toMatch(/run_in_background/);
-    expect(de).toMatch(/run_in_background/);
-    expect(es).toMatch(/run_in_background/);
-  });
-
-  it("uses CRITICAL framing and decision-tree structure (v4.12.1)", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    expect(prompt).toMatch(/CRITICAL/);
-    expect(prompt).toMatch(/decision tree/i);
-  });
-
-  it("explicitly warns about Telegram session blocking (v4.12.1)", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    expect(prompt.toLowerCase()).toMatch(/blocked|blocking/);
-    expect(prompt.toLowerCase()).toMatch(/telegram/);
-  });
-
-  it("aggressive 30-second threshold (v4.12.1, previously 2 minutes)", () => {
-    const prompt = buildSystemPrompt(true, "en", "1234");
-    expect(prompt).toMatch(/30\s*seconds?/i);
-  });
-});

package/test/telegram-error-filter.test.ts

@@ -1,85 +0,0 @@
-/**
- * Fix #12 — grammy error noise filter.
- *
- * Regression: chunks like
- *   Fehler: Call to 'editMessageText' failed! (400: Bad Request:
- *   message is not modified: specified new message content and reply
- *   markup are exactly the same as a current content and reply markup
- *   of the message)
- * were being sent to end users 2-3 times per day whenever a live-stream
- * edit raced against itself. The v4.8.8 `bot.catch()` fix swallowed
- * these at the middleware layer, but `telegram.ts` finalize() and
- * `handlers/message.ts` error paths bypass bot.catch completely —
- * they surface the raw grammy error via `ctx.reply()`.
- *
- * Contract: `isHarmlessTelegramError(err)` returns true for:
- *   - "message is not modified" (any language, any prefix)
- *   - "Call to 'editMessageText' failed" combined with the above
- *   - "query is too old" (harmless callback-answer race)
- *   - "MESSAGE_ID_INVALID" (user deleted the message before we edited it)
- *
- * Returns false for all other errors — they still need surfacing.
- */
-import { describe, it, expect } from "vitest";
-import { isHarmlessTelegramError } from "../src/util/telegram-error-filter.js";
-
-describe("isHarmlessTelegramError (Fix #12)", () => {
-  it("matches the exact production message", () => {
-    const err = new Error(
-      "Call to 'editMessageText' failed! (400: Bad Request: message is not modified: " +
-      "specified new message content and reply markup are exactly the same as a current " +
-      "content and reply markup of the message)",
-    );
-    expect(isHarmlessTelegramError(err)).toBe(true);
-  });
-
-  it("matches just the 'message is not modified' substring", () => {
-    expect(isHarmlessTelegramError(new Error("400: message is not modified"))).toBe(true);
-  });
-
-  it("matches 'specified new message content ... exactly the same'", () => {
-    expect(
-      isHarmlessTelegramError(
-        new Error("specified new message content and reply markup are exactly the same"),
-      ),
-    ).toBe(true);
-  });
-
-  it("matches 'query is too old' (answerCallbackQuery race)", () => {
-    expect(
-      isHarmlessTelegramError(new Error("Bad Request: query is too old and response timeout expired")),
-    ).toBe(true);
-  });
-
-  it("matches 'message to edit not found' (user deleted)", () => {
-    expect(
-      isHarmlessTelegramError(new Error("Bad Request: message to edit not found")),
-    ).toBe(true);
-  });
-
-  it("matches MESSAGE_ID_INVALID", () => {
-    expect(isHarmlessTelegramError(new Error("Bad Request: MESSAGE_ID_INVALID"))).toBe(true);
-  });
-
-  it("accepts plain strings as well as Error objects", () => {
-    expect(isHarmlessTelegramError("message is not modified")).toBe(true);
-  });
-
-  it("accepts undefined / null as not harmless (caller decides)", () => {
-    expect(isHarmlessTelegramError(undefined)).toBe(false);
-    expect(isHarmlessTelegramError(null)).toBe(false);
-  });
-
-  it("does NOT swallow real errors", () => {
-    expect(isHarmlessTelegramError(new Error("Unauthorized"))).toBe(false);
-    expect(isHarmlessTelegramError(new Error("Too Many Requests: retry after 5"))).toBe(false);
-    expect(isHarmlessTelegramError(new Error("chat not found"))).toBe(false);
-    expect(isHarmlessTelegramError(new Error("stream error: provider timeout"))).toBe(false);
-  });
-
-  it("handles nested err.description from grammy", () => {
-    const err = new Error("anything") as Error & { description?: string };
-    err.description = "Bad Request: message is not modified";
-    expect(isHarmlessTelegramError(err)).toBe(true);
-  });
-});

package/test/telegram-workspace-command.test.ts

@@ -1,78 +0,0 @@
-/**
- * v4.12.0 — Telegram /workspace command + workspace-aware session key.
- */
-import { describe, it, expect, beforeEach, vi } from "vitest";
-import fs from "fs";
-import os from "os";
-import { resolve } from "path";
-
-const TEST_DATA_DIR = resolve(os.tmpdir(), `alvin-tgws-${process.pid}-${Date.now()}`);
-
-beforeEach(() => {
-  if (fs.existsSync(TEST_DATA_DIR)) fs.rmSync(TEST_DATA_DIR, { recursive: true, force: true });
-  fs.mkdirSync(resolve(TEST_DATA_DIR, "workspaces"), { recursive: true });
-  process.env.ALVIN_DATA_DIR = TEST_DATA_DIR;
-  vi.resetModules();
-});
-
-describe("Telegram workspace state (v4.12.0)", () => {
-  it("getTelegramWorkspace returns null by default", async () => {
-    const { getTelegramWorkspace } = await import("../src/services/session.js");
-    expect(getTelegramWorkspace("42")).toBeNull();
-  });
-
-  it("setTelegramWorkspace stores the name", async () => {
-    const { getTelegramWorkspace, setTelegramWorkspace } = await import("../src/services/session.js");
-    setTelegramWorkspace("42", "my-project");
-    expect(getTelegramWorkspace("42")).toBe("my-project");
-  });
-
-  it("setTelegramWorkspace(userId, null) clears the mapping", async () => {
-    const { getTelegramWorkspace, setTelegramWorkspace } = await import("../src/services/session.js");
-    setTelegramWorkspace("42", "my-project");
-    setTelegramWorkspace("42", null);
-    expect(getTelegramWorkspace("42")).toBeNull();
-  });
-
-  it("persistence: setTelegramWorkspace + flush + reload roundtrips", async () => {
-    const { setTelegramWorkspace, attachPersistHook } = await import("../src/services/session.js");
-    const { flushSessions, schedulePersist } = await import("../src/services/session-persistence.js");
-    attachPersistHook(schedulePersist);
-
-    setTelegramWorkspace("42", "my-project");
-    setTelegramWorkspace("99", "homes");
-    await flushSessions();
-
-    vi.resetModules();
-    const s2 = await import("../src/services/session.js");
-    const p2 = await import("../src/services/session-persistence.js");
-    p2.loadPersistedSessions();
-
-    expect(s2.getTelegramWorkspace("42")).toBe("my-project");
-    expect(s2.getTelegramWorkspace("99")).toBe("homes");
-  });
-
-  it("legacy flat session file still loads (backwards compat)", async () => {
-    fs.mkdirSync(resolve(TEST_DATA_DIR, "state"), { recursive: true });
-    fs.writeFileSync(
-      resolve(TEST_DATA_DIR, "state", "sessions.json"),
-      JSON.stringify({
-        "legacy-user": {
-          sessionId: "abc",
-          history: [{ role: "user", content: "from v4.11 era" }],
-          language: "en",
-          effort: "medium",
-          voiceReply: false,
-          workingDir: "/tmp",
-        },
-      }),
-    );
-
-    const { loadPersistedSessions } = await import("../src/services/session-persistence.js");
-    const { getSession } = await import("../src/services/session.js");
-    const loaded = loadPersistedSessions();
-    expect(loaded).toBe(1);
-    expect(getSession("legacy-user").sessionId).toBe("abc");
-    expect(getSession("legacy-user").history[0].content).toBe("from v4.11 era");
-  });
-});

package/test/timing-safe-bearer.test.ts

@@ -1,65 +0,0 @@
-/**
- * v4.12.2 — Timing-safe bearer token comparison.
- *
- * The webhook auth check at src/web/server.ts:127 previously used naive
- * string equality on the Authorization header. That's vulnerable (in
- * principle) to timing side-channel attacks where an attacker measures
- * response times to leak the token character by character.
- *
- * Real-world exploitability over network is low due to jitter, but
- * crypto.timingSafeEqual is the right tool regardless.
- *
- * This test covers the pure helper; the integration is in server.ts.
- */
-import { describe, it, expect } from "vitest";
-import { timingSafeBearerMatch } from "../src/services/timing-safe-bearer.js";
-
-describe("timing-safe bearer token comparison (v4.12.2)", () => {
-  it("matches a correct token", () => {
-    expect(timingSafeBearerMatch("Bearer abc123xyz", "abc123xyz")).toBe(true);
-  });
-
-  it("rejects an incorrect token", () => {
-    expect(timingSafeBearerMatch("Bearer wrong", "abc123xyz")).toBe(false);
-  });
-
-  it("rejects when Bearer prefix is missing", () => {
-    expect(timingSafeBearerMatch("abc123xyz", "abc123xyz")).toBe(false);
-  });
-
-  it("rejects when auth header is empty", () => {
-    expect(timingSafeBearerMatch("", "abc123xyz")).toBe(false);
-  });
-
-  it("rejects when auth header is undefined", () => {
-    expect(timingSafeBearerMatch(undefined, "abc123xyz")).toBe(false);
-  });
-
-  it("rejects when expected token is empty (prevents accidental auth bypass)", () => {
-    expect(timingSafeBearerMatch("Bearer anything", "")).toBe(false);
-    expect(timingSafeBearerMatch("Bearer ", "")).toBe(false);
-    expect(timingSafeBearerMatch("", "")).toBe(false);
-  });
-
-  it("rejects tokens of different lengths without revealing prefix match", () => {
-    expect(timingSafeBearerMatch("Bearer abc", "abcdefg")).toBe(false);
-    expect(timingSafeBearerMatch("Bearer abcdefg", "abc")).toBe(false);
-  });
-
-  it("handles unicode tokens (not that we'd use them, but correctness)", () => {
-    expect(timingSafeBearerMatch("Bearer 🔒xyz", "🔒xyz")).toBe(true);
-    expect(timingSafeBearerMatch("Bearer 🔒xyz", "🔒xYz")).toBe(false);
-  });
-
-  it("case-sensitive comparison (tokens are opaque)", () => {
-    expect(timingSafeBearerMatch("Bearer AbCdEf", "abcdef")).toBe(false);
-    expect(timingSafeBearerMatch("Bearer AbCdEf", "AbCdEf")).toBe(true);
-  });
-
-  it("rejects Bearer with leading/trailing whitespace mismatches the expected format", () => {
-    // RFC 6750 says: Authorization: Bearer <token>
-    // Exactly one space between "Bearer" and the token.
-    expect(timingSafeBearerMatch("Bearer  abc", "abc")).toBe(false); // double space
-    expect(timingSafeBearerMatch(" Bearer abc", "abc")).toBe(false); // leading space
-  });
-});

package/test/watchdog-brake.test.ts

@@ -1,157 +0,0 @@
-/**
- * Fix #4 — Watchdog brake must actually engage on chronic crashes.
- *
- * Regression: the previous logic reset crashCount after 5 min of clean
- * uptime. Production logs showed the bot crashing ~5 times per hour, but
- * each boot lived just long enough (>5 min, <10 min) to reset the counter.
- * Result: `crashCount` never reached the brake threshold, the bot cycled
- * for hours, and the daily job-alert silently lost its scheduled runs.
- *
- * New contract (pure function pair extracted to watchdog-brake.ts):
- *
- *   decideBrakeAction(prevBeacon, now, opts)
- *     - returns `{ action: "proceed", crashCount, crashWindowStart }`
- *       on clean start or old previous beacon
- *     - returns `{ action: "proceed", crashCount: N }` when the last run
- *       exited recently but we're still under the brake threshold
- *     - returns `{ action: "brake", reason }` when either
- *         (a) N+1 crashes in a short window, or
- *         (b) the daily crash cap (default 20) is exceeded
- *
- *   shouldResetCrashCounter(uptimeMs, opts) → boolean
- *     - default policy: only reset after 1 h of clean uptime (NOT 5 min)
- */
-import { describe, it, expect } from "vitest";
-import {
-  decideBrakeAction,
-  shouldResetCrashCounter,
-  DEFAULTS,
-  type BeaconData,
-} from "../src/services/watchdog-brake.js";
-
-const ONE_MIN = 60_000;
-const ONE_HOUR = 60 * ONE_MIN;
-
-function beacon(partial: Partial<BeaconData> = {}): BeaconData {
-  return {
-    lastBeat: 0,
-    pid: 1,
-    bootTime: 0,
-    crashCount: 0,
-    crashWindowStart: 0,
-    dailyCrashCount: 0,
-    dailyCrashWindowStart: 0,
-    version: "test",
-    ...partial,
-  };
-}
-
-describe("decideBrakeAction (Fix #4)", () => {
-  it("proceeds on first boot (no previous beacon)", () => {
-    const now = 1_000_000;
-    const result = decideBrakeAction(null, now);
-    expect(result.action).toBe("proceed");
-    if (result.action === "proceed") {
-      expect(result.crashCount).toBe(0);
-      expect(result.crashWindowStart).toBe(now);
-      expect(result.dailyCrashCount).toBe(0);
-    }
-  });
-
-  it("proceeds when previous beacon is old (>STALE_MS) — clean exit", () => {
-    const now = 1_000_000_000;
-    const prev = beacon({ lastBeat: now - 10 * ONE_MIN, crashCount: 3 });
-    const result = decideBrakeAction(prev, now);
-    expect(result.action).toBe("proceed");
-    if (result.action === "proceed") {
-      // Old beacon → treat as clean, reset window counter (but keep daily)
-      expect(result.crashCount).toBe(0);
-    }
-  });
-
-  it("counts a restart after a fresh beacon as a crash", () => {
-    const now = 1_000_000_000;
-    const prev = beacon({
-      lastBeat: now - 15_000, // 15 s ago
-      crashCount: 2,
-      crashWindowStart: now - 5 * ONE_MIN,
-      dailyCrashCount: 2,
-      dailyCrashWindowStart: now - 2 * ONE_HOUR,
-    });
-    const result = decideBrakeAction(prev, now);
-    expect(result.action).toBe("proceed");
-    if (result.action === "proceed") {
-      expect(result.crashCount).toBe(3);
-      expect(result.dailyCrashCount).toBe(3);
-    }
-  });
-
-  it("engages brake when short-window threshold is crossed", () => {
-    const now = 1_000_000_000;
-    const prev = beacon({
-      lastBeat: now - 10_000,
-      crashCount: DEFAULTS.SHORT_BRAKE_THRESHOLD - 1, // one more = brake
-      crashWindowStart: now - 2 * ONE_MIN,
-      dailyCrashCount: 5,
-      dailyCrashWindowStart: now - ONE_HOUR,
-    });
-    const result = decideBrakeAction(prev, now);
-    expect(result.action).toBe("brake");
-    if (result.action === "brake") {
-      expect(result.reason).toMatch(/short.*window|threshold|crashes/i);
-    }
-  });
-
-  it("engages brake when daily cap is exceeded", () => {
-    const now = 1_000_000_000;
-    const prev = beacon({
-      lastBeat: now - 10_000,
-      crashCount: 1, // short window fine
-      crashWindowStart: now - 30 * ONE_MIN,
-      dailyCrashCount: DEFAULTS.DAILY_BRAKE_THRESHOLD - 1,
-      dailyCrashWindowStart: now - 12 * ONE_HOUR,
-    });
-    const result = decideBrakeAction(prev, now);
-    expect(result.action).toBe("brake");
-    if (result.action === "brake") {
-      expect(result.reason).toMatch(/daily|day/i);
-    }
-  });
-
-  it("rolls over daily counter when 24h window expires", () => {
-    const now = 1_000_000_000;
-    const prev = beacon({
-      lastBeat: now - 10_000,
-      crashCount: 1,
-      crashWindowStart: now - 30 * ONE_MIN,
-      dailyCrashCount: 18,                  // high
-      dailyCrashWindowStart: now - 25 * ONE_HOUR, // but window rolled over
-    });
-    const result = decideBrakeAction(prev, now);
-    expect(result.action).toBe("proceed");
-    if (result.action === "proceed") {
-      expect(result.dailyCrashCount).toBe(1); // fresh window
-      expect(result.dailyCrashWindowStart).toBe(now);
-    }
-  });
-});
-
-describe("shouldResetCrashCounter (Fix #4)", () => {
-  it("does NOT reset after 5 min of uptime (old buggy behaviour)", () => {
-    expect(shouldResetCrashCounter(5 * ONE_MIN)).toBe(false);
-  });
-
-  it("does NOT reset after 30 min of uptime", () => {
-    expect(shouldResetCrashCounter(30 * ONE_MIN)).toBe(false);
-  });
-
-  it("resets after 1 h of clean uptime", () => {
-    expect(shouldResetCrashCounter(ONE_HOUR)).toBe(true);
-    expect(shouldResetCrashCounter(ONE_HOUR + 1)).toBe(true);
-  });
-
-  it("can be overridden via opts.resetAfterMs", () => {
-    expect(shouldResetCrashCounter(10 * ONE_MIN, { resetAfterMs: 10 * ONE_MIN })).toBe(true);
-    expect(shouldResetCrashCounter(10 * ONE_MIN - 1, { resetAfterMs: 10 * ONE_MIN })).toBe(false);
-  });
-});