auditor-lambda 0.6.8 → 0.6.10

package/dist/providers/claudeCodeProvider.d.ts

@@ -1,5 +1,5 @@
 import type { FreshSessionProvider, LaunchFreshSessionInput, ClaudeCodeConfig, OpenTokenConfig } from "@audit-tools/shared";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
+import { spawnLoggedCommand } from "@audit-tools/shared";
 export declare const ACTIVE_CLAUDE_CODE_SESSION_MESSAGE: string;
 export declare class ClaudeCodeProvider implements FreshSessionProvider {
     name: string;

package/dist/providers/claudeCodeProvider.js

@@ -1,5 +1,5 @@
 import { readFile } from "node:fs/promises";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
+import { readJsonFile, spawnLoggedCommand, applyWorkerTaskLaunchSettings } from "@audit-tools/shared";
 export const ACTIVE_CLAUDE_CODE_SESSION_MESSAGE = "claude-code provider cannot be used inside an active Claude Code session. " +
     'Set provider to "local-subprocess" in .audit-artifacts/session-config.json, ' +
     "then run /audit-code conversationally and follow the dispatch prompts manually.";
@@ -18,6 +18,7 @@ export class ClaudeCodeProvider {
             throw new Error(ACTIVE_CLAUDE_CODE_SESSION_MESSAGE);
         }
         const prompt = await readFile(input.promptPath, "utf8");
+        const task = await readJsonFile(input.taskPath);
         const command = this.config.command ?? "claude";
         const promptFlag = this.config.prompt_flag ?? "-p";
         const args = [
@@ -28,7 +29,7 @@ export class ClaudeCodeProvider {
                 ? ["--dangerously-skip-permissions"]
                 : []),
         ];
-        return await this.launchCommand(command, args, input, undefined, {
+        return await this.launchCommand(command, args, applyWorkerTaskLaunchSettings(input, task), undefined, {
             opentoken: this.opentoken.enabled,
             opentokenCommand: this.opentoken.command,
         });

package/dist/providers/localSubprocessProvider.d.ts

@@ -1,5 +1,5 @@
 import type { FreshSessionProvider, LaunchFreshSessionInput } from "@audit-tools/shared";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
+import { spawnLoggedCommand } from "@audit-tools/shared";
 export declare const MISSING_WORKER_COMMAND_MESSAGE = "local-subprocess provider requires task.worker_command.";
 export declare class LocalSubprocessProvider implements FreshSessionProvider {
     name: string;

package/dist/providers/localSubprocessProvider.js

@@ -1,5 +1,5 @@
 import { readJsonFile } from "@audit-tools/shared";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
+import { spawnLoggedCommand, applyWorkerTaskLaunchSettings } from "@audit-tools/shared";
 export const MISSING_WORKER_COMMAND_MESSAGE = "local-subprocess provider requires task.worker_command.";
 export class LocalSubprocessProvider {
     name = "local-subprocess";
@@ -9,10 +9,10 @@ export class LocalSubprocessProvider {
     }
     async launch(input) {
         const task = await readJsonFile(input.taskPath);
-        if (!task.worker_command.length) {
+        if (!task.worker_command?.length) {
             throw new Error(MISSING_WORKER_COMMAND_MESSAGE);
         }
         const [command, ...args] = task.worker_command;
-        return await this.launchCommand(command, args, input);
+        return await this.launchCommand(command, args, applyWorkerTaskLaunchSettings(input, task));
     }
 }

package/dist/providers/opencodeProvider.js

@@ -1,24 +1,5 @@
 import { readFile } from "node:fs/promises";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
-function resolveOpenCodeSpawnCommand(command, args, platform = process.platform, shellCommand = process.env.ComSpec ?? "cmd.exe") {
-    if (platform !== "win32") {
-        return { command, args };
-    }
-    const base = command.replace(/\.(cmd|bat|exe)$/i, "").toLowerCase();
-    if (base === "opencode" || base === "npx" || command.endsWith(".cmd")) {
-        return {
-            command: shellCommand,
-            args: ["/d", "/s", "/c", [command, ...args].map(quoteCmdArg).join(" ")],
-        };
-    }
-    return { command, args };
-}
-function quoteCmdArg(value) {
-    if (/^[A-Za-z0-9_./:=+-]+$/.test(value)) {
-        return value;
-    }
-    return `"${value.replace(/(["^&|<>%])/g, "^$1")}"`;
-}
+import { readJsonFile, spawnLoggedCommand, resolveOpenCodeSpawnCommand, applyWorkerTaskLaunchSettings, } from "@audit-tools/shared";
 export class OpenCodeProvider {
     name = "opencode";
     config;
@@ -29,10 +10,13 @@ export class OpenCodeProvider {
     }
     async launch(input) {
         const prompt = await readFile(input.promptPath, "utf8");
+        const task = await readJsonFile(input.taskPath);
         const baseCommand = this.config.command ?? "opencode";
         const baseArgs = ["run", prompt, ...(this.config.extra_args ?? [])];
-        const resolved = resolveOpenCodeSpawnCommand(baseCommand, baseArgs);
-        return await spawnLoggedCommand(resolved.command, resolved.args, input, undefined, {
+        // On Windows the `opencode` launcher is a `.cmd` shim that `spawn` cannot
+        // run without a shell; resolve it through cmd.exe (no-op on other OSes).
+        const { command, args } = resolveOpenCodeSpawnCommand(baseCommand, baseArgs);
+        return await spawnLoggedCommand(command, args, applyWorkerTaskLaunchSettings(input, task), undefined, {
             opentoken: this.opentoken.enabled,
             opentokenCommand: this.opentoken.command,
         });

package/dist/providers/subprocessTemplateProvider.js

@@ -1,10 +1,9 @@
 import { readJsonFile } from "@audit-tools/shared";
-import { spawnLoggedCommand } from "./spawnLoggedCommand.js";
-function shellQuote(arg) {
-    return JSON.stringify(arg);
-}
-function applyTemplate(template, input, task) {
-    const workerCommandShell = task.worker_command.map(shellQuote).join(" ");
+import { spawnLoggedCommand, shellQuote, applyWorkerTaskLaunchSettings, } from "@audit-tools/shared";
+function applyTemplate(template, input, task, context) {
+    const workerCommandShell = task.worker_command
+        .map((arg) => shellQuote(arg))
+        .join(" ");
     const workerCommandJson = JSON.stringify(task.worker_command);
     const values = {
         repoRoot: input.repoRoot,
@@ -20,7 +19,17 @@ function applyTemplate(template, input, task) {
         uiMode: input.uiMode,
         timeoutMs: String(input.timeoutMs),
     };
-    return template.replace(/\{([A-Za-z0-9_]+)\}/g, (_match, key) => values[key] ?? "");
+    const wholePlaceholder = template.match(/^\{([A-Za-z0-9_]+)\}$/);
+    return template.replace(/\{([A-Za-z0-9_]+)\}/g, (match, key) => {
+        if (!(key in values)) {
+            console.warn(`applyTemplate: unknown placeholder ${match} ` +
+                `provider=${context.providerName} runId=${input.runId} ` +
+                `obligationId=${input.obligationId ?? ""} taskPath=${input.taskPath} ` +
+                `entryIndex=${context.entryIndex}`);
+        }
+        const value = values[key] ?? "";
+        return wholePlaceholder || key.endsWith("Shell") ? value : shellQuote(value);
+    });
 }
 export class SubprocessTemplateProvider {
     name;
@@ -36,9 +45,13 @@ export class SubprocessTemplateProvider {
         if (!this.config.command_template.length) {
             throw new Error(`${this.name} provider requires a non-empty command_template.`);
         }
-        const rendered = this.config.command_template.map((entry) => applyTemplate(entry, input, task));
+        const launchInput = applyWorkerTaskLaunchSettings(input, task);
+        const rendered = this.config.command_template.map((entry, entryIndex) => applyTemplate(entry, launchInput, task, {
+            providerName: this.name,
+            entryIndex,
+        }));
         const [command, ...args] = rendered;
-        return await spawnLoggedCommand(command, args, input, this.config.env, {
+        return await spawnLoggedCommand(command, args, launchInput, this.config.env, {
             opentoken: this.opentoken.enabled,
             opentokenCommand: this.opentoken.command,
         });

package/dist/quota/index.d.ts

@@ -1,8 +1,8 @@
 import type { ResolvedLimits as _ResolvedLimits, LimitConfidence as _LimitConfidence, LimitSource as _LimitSource, HostConcurrencyLimit as _HostConcurrencyLimit, QuotaUsageSnapshot as _QuotaUsageSnapshot, BackoffState as _BackoffState } from "@audit-tools/shared";
 export { resolveLimits, lookupKnownModel, classifyProvider, readQuotaState, writeQuotaState, computeMaxSafeConcurrency, recordWaveOutcome, getQuotaStatePath, decayWeight, applyDecayToEntry, computeBackoffCooldownMs, computeBackoffFailureWeight, computeRampUpConcurrency, setQuotaStateDir, detectRateLimitError, computeCooldownUntil, acquireLock, releaseLock, withFileLock, FileLockTimeoutError, runSlidingWindow, LearnedQuotaSource, CompositeQuotaSource, GenericErrorParser, ClaudeCodeErrorParser, getErrorParserForProvider, } from "@audit-tools/shared";
 export type { LimitResolutionResult, ResolveLimitsOptions, ProviderType, ResolvedLimits, LimitSource, LimitConfidence, HostConcurrencyLimit, HostConcurrencyLimitSource, QuotaState, QuotaStateEntry, ConcurrencyBucket, WaveSchedule, BackoffState, ObservedWaveOutcome, RateLimitDetectionResult, SlidingWindowResult, QuotaSource, QuotaUsageSnapshot, ErrorParser, } from "@audit-tools/shared";
-export { scheduleWave, buildProviderModelKey } from "./scheduler.js";
-export type { ScheduleWaveOptions } from "./scheduler.js";
+export { scheduleWave, buildProviderModelKey } from "@audit-tools/shared";
+export type { ScheduleWaveOptions } from "@audit-tools/shared";
 export { detectHostActiveSubagentLimit, resolveHostActiveSubagentLimit, } from "./hostLimits.js";
 export { probeProvider } from "./probe.js";
 export type { ProbeResult } from "./probe.js";

package/dist/quota/index.js

@@ -1,7 +1,10 @@
 // Re-exported from @audit-tools/shared
 export { resolveLimits, lookupKnownModel, classifyProvider, readQuotaState, writeQuotaState, computeMaxSafeConcurrency, recordWaveOutcome, getQuotaStatePath, decayWeight, applyDecayToEntry, computeBackoffCooldownMs, computeBackoffFailureWeight, computeRampUpConcurrency, setQuotaStateDir, detectRateLimitError, computeCooldownUntil, acquireLock, releaseLock, withFileLock, FileLockTimeoutError, runSlidingWindow, LearnedQuotaSource, CompositeQuotaSource, GenericErrorParser, ClaudeCodeErrorParser, getErrorParserForProvider, } from "@audit-tools/shared";
-// Auditor-specific: local scheduler, probe, discovered limits, header extraction
-export { scheduleWave, buildProviderModelKey } from "./scheduler.js";
+// Wave scheduler now lives in @audit-tools/shared (single source of truth for
+// both orchestrators). Auditor passes its discovered-limits via the structural
+// DiscoveredRateLimitsInput the shared scheduler accepts.
+export { scheduleWave, buildProviderModelKey } from "@audit-tools/shared";
+// Auditor-specific: probe, discovered limits, header extraction
 export { detectHostActiveSubagentLimit, resolveHostActiveSubagentLimit, } from "./hostLimits.js";
 export { probeProvider } from "./probe.js";
 export { lookupDiscoveredLimits, updateDiscoveredLimits, mergeDiscoveredLimits, readDiscoveredLimitsCache, writeDiscoveredLimitsCache, } from "./discoveredLimits.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auditor-lambda",
-  "version": "0.6.8",
+  "version": "0.6.10",
   "private": false,
   "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
   "type": "module",
@@ -47,14 +47,15 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/OhOkThisIsFine/auditor-lambda.git"
+    "url": "git+https://github.com/OhOkThisIsFine/audit-tools.git",
+    "directory": "packages/audit-code"
   },
   "publishConfig": {
     "access": "public"
   },
-  "homepage": "https://github.com/OhOkThisIsFine/auditor-lambda#readme",
+  "homepage": "https://github.com/OhOkThisIsFine/audit-tools/tree/master/packages/audit-code#readme",
   "bugs": {
-    "url": "https://github.com/OhOkThisIsFine/auditor-lambda/issues"
+    "url": "https://github.com/OhOkThisIsFine/audit-tools/issues"
   },
   "keywords": [
     "audit",

package/dist/providers/spawnLoggedCommand.d.ts

@@ -1,12 +0,0 @@
-import { createWriteStream } from "node:fs";
-import { spawn } from "node:child_process";
-import type { LaunchFreshSessionInput, LaunchFreshSessionResult } from "@audit-tools/shared";
-interface SpawnLoggedCommandOptions {
-    createWriteStream?: typeof createWriteStream;
-    spawn?: typeof spawn;
-    killGraceMs?: number;
-    opentoken?: boolean;
-    opentokenCommand?: string;
-}
-export declare function spawnLoggedCommand(command: string, args: string[], input: LaunchFreshSessionInput, env?: Record<string, string>, options?: SpawnLoggedCommandOptions): Promise<LaunchFreshSessionResult>;
-export {};

package/dist/providers/spawnLoggedCommand.js

@@ -1,186 +0,0 @@
-import { createWriteStream } from "node:fs";
-import { spawn } from "node:child_process";
-const TERMINATION_SIGNAL = "SIGTERM";
-const FORCE_KILL_SIGNAL = "SIGKILL";
-const FORCE_KILL_GRACE_MS = 1_000;
-function formatCommand(command, args) {
-    return [command, ...args].join(" ");
-}
-function quoteCmdArg(value) {
-    if (/^[A-Za-z0-9_./:=@+-]+$/.test(value))
-        return value;
-    return `"${value.replace(/(["^&|<>%])/g, "^$1")}"`;
-}
-function applyOpenTokenWrap(command, args, opentokenCommand, platform = process.platform) {
-    if (platform === "win32") {
-        const shell = process.env.ComSpec ?? "cmd.exe";
-        const inner = [command, ...args].map(quoteCmdArg).join(" ");
-        return {
-            command: shell,
-            args: ["/d", "/s", "/c", `${opentokenCommand} wrap ${inner}`],
-        };
-    }
-    return { command: opentokenCommand, args: ["wrap", command, ...args] };
-}
-// On Windows `command` must be the resolved .cmd / .exe path because `spawn`
-// does not consult PATH for executables without a shell. Callers should use
-// `platformCommand()` (scripts/smoke-packaged-audit-code.mjs) or similar to
-// supply the correct command form for the host OS.
-export async function spawnLoggedCommand(command, args, input, env, options = {}) {
-    const openWriteStream = options.createWriteStream ?? createWriteStream;
-    const spawnProcess = options.spawn ?? spawn;
-    const killGraceMs = options.killGraceMs ?? FORCE_KILL_GRACE_MS;
-    if (options.opentoken) {
-        const wrapped = applyOpenTokenWrap(command, args, options.opentokenCommand ?? "opentoken");
-        command = wrapped.command;
-        args = wrapped.args;
-    }
-    return await new Promise((resolve, reject) => {
-        const stdoutLog = openWriteStream(input.stdoutPath, { flags: "a" });
-        const stderrLog = openWriteStream(input.stderrPath, { flags: "a" });
-        const startedAt = Date.now();
-        let timedOut = false;
-        let settled = false;
-        let child = null;
-        let timer;
-        let heartbeat;
-        let forceKillTimer;
-        let pendingLogWrites = 0;
-        let childClosed = false;
-        let closeCode = null;
-        let closeSignal = null;
-        let logsEnded = false;
-        const clearTimers = () => {
-            if (timer) {
-                clearTimeout(timer);
-            }
-            if (heartbeat) {
-                clearInterval(heartbeat);
-            }
-            if (forceKillTimer) {
-                clearTimeout(forceKillTimer);
-            }
-        };
-        const endLogs = (callback) => {
-            if (logsEnded) {
-                callback();
-                return;
-            }
-            logsEnded = true;
-            let remaining = 2;
-            const done = () => {
-                remaining -= 1;
-                if (remaining === 0) {
-                    callback();
-                }
-            };
-            stdoutLog.end(done);
-            stderrLog.end(done);
-        };
-        const settle = (callback) => {
-            if (settled) {
-                return;
-            }
-            settled = true;
-            clearTimers();
-            endLogs(callback);
-        };
-        const fail = (error) => {
-            if (child && !child.killed) {
-                child.kill(FORCE_KILL_SIGNAL);
-            }
-            const normalized = error instanceof Error ? error : new Error(String(error));
-            settle(() => reject(normalized));
-        };
-        const writeLog = (write, chunk) => {
-            pendingLogWrites += 1;
-            write.write(chunk, () => {
-                pendingLogWrites -= 1;
-                maybeSettleFromClose();
-            });
-        };
-        const maybeSettleFromClose = () => {
-            if (!childClosed || pendingLogWrites > 0 || settled) {
-                return;
-            }
-            if (timedOut) {
-                settle(() => reject(new Error(`Fresh session timed out after ${input.timeoutMs}ms for run ${input.runId}.`)));
-                return;
-            }
-            settle(() => resolve({
-                accepted: closeCode === 0 && closeSignal === null,
-                processId: spawnedChild.pid,
-                exitCode: closeCode,
-                signal: closeSignal,
-                command: formatCommand(command, args),
-                args,
-                stdoutPath: input.stdoutPath,
-                stderrPath: input.stderrPath,
-                error: closeCode === 0 && closeSignal === null
-                    ? undefined
-                    : closeSignal
-                        ? `Provider command exited with signal ${closeSignal}.`
-                        : `Provider command exited with code ${closeCode}.`,
-            }));
-        };
-        stdoutLog.on("error", fail);
-        stderrLog.on("error", fail);
-        let spawnedChild;
-        try {
-            spawnedChild = spawnProcess(command, args, {
-                cwd: input.repoRoot,
-                env: { ...process.env, ...env },
-                stdio: ["ignore", "pipe", "pipe"],
-            });
-            child = spawnedChild;
-        }
-        catch (error) {
-            fail(error);
-            return;
-        }
-        if (!spawnedChild.stdout || !spawnedChild.stderr) {
-            fail(new Error(`Fresh session spawn for run ${input.runId} did not provide pipe-backed stdout/stderr streams.`));
-            return;
-        }
-        timer = setTimeout(() => {
-            timedOut = true;
-            spawnedChild.kill(TERMINATION_SIGNAL);
-            forceKillTimer = setTimeout(() => {
-                if (!settled) {
-                    spawnedChild.kill(FORCE_KILL_SIGNAL);
-                }
-            }, killGraceMs);
-        }, input.timeoutMs);
-        heartbeat = setInterval(() => {
-            const elapsedMs = Date.now() - startedAt;
-            const message = `[provider] run ${input.runId} still running after ${elapsedMs}ms\n`;
-            writeLog(stderrLog, message);
-            if (input.uiMode === "visible") {
-                process.stderr.write(message);
-            }
-        }, 30_000);
-        spawnedChild.stdout.on("data", (chunk) => {
-            writeLog(stdoutLog, chunk);
-            if (input.uiMode === "visible") {
-                process.stdout.write(chunk);
-            }
-        });
-        spawnedChild.stderr.on("data", (chunk) => {
-            writeLog(stderrLog, chunk);
-            if (input.uiMode === "visible") {
-                process.stderr.write(chunk);
-            }
-        });
-        spawnedChild.on("error", fail);
-        spawnedChild.on("exit", (code, signal) => {
-            closeCode = code;
-            closeSignal = signal;
-        });
-        spawnedChild.on("close", (code, signal) => {
-            childClosed = true;
-            closeCode = code;
-            closeSignal = signal;
-            maybeSettleFromClose();
-        });
-    });
-}

package/dist/quota/scheduler.d.ts

@@ -1,20 +0,0 @@
-import type { ResolvedProviderName, SessionConfig, HostConcurrencyLimit, QuotaStateEntry, WaveSchedule, QuotaUsageSnapshot } from "@audit-tools/shared";
-import type { DiscoveredRateLimits } from "./discoveredLimits.js";
-export interface ScheduleWaveOptions {
-    providerName: ResolvedProviderName;
-    sessionConfig: SessionConfig;
-    hostModel: string | null;
-    requestedConcurrency: number;
-    /** Per-slot estimated tokens (one entry per worker slot). Used for TPM budget. */
-    estimatedSlotTokens?: number[];
-    /** @deprecated Use estimatedSlotTokens instead. Average tokens per slot — used as fallback. */
-    estimatedPacketTokens?: number;
-    quotaStateEntry?: QuotaStateEntry | null;
-    hostConcurrencyLimit?: HostConcurrencyLimit | null;
-    quotaSourceSnapshot?: QuotaUsageSnapshot | null;
-    /** RPM/TPM discovered from provider queries or response header extraction. */
-    discoveredLimits?: DiscoveredRateLimits | null;
-}
-export declare function scheduleWave(options: ScheduleWaveOptions): WaveSchedule;
-/** Build the state key used for indexing quota-state.json entries. */
-export declare function buildProviderModelKey(providerName: string, hostModel: string | null | undefined): string;

package/dist/quota/scheduler.js

@@ -1,151 +0,0 @@
-import { classifyProvider, resolveLimits, computeMaxSafeConcurrency, computeRampUpConcurrency } from "@audit-tools/shared";
-function sumTopN(sorted, n) {
-    let sum = 0;
-    for (let i = 0; i < Math.min(n, sorted.length); i++)
-        sum += sorted[i];
-    return sum;
-}
-export function scheduleWave(options) {
-    const { providerName, sessionConfig, hostModel, requestedConcurrency, estimatedSlotTokens, estimatedPacketTokens = 0, quotaStateEntry = null, hostConcurrencyLimit = null, quotaSourceSnapshot = null, discoveredLimits = null, } = options;
-    // Descending sort so sumTopN picks the largest slots
-    const slotsSorted = estimatedSlotTokens
-        ? [...estimatedSlotTokens].sort((a, b) => b - a)
-        : null;
-    const avgTokens = slotsSorted && slotsSorted.length > 0
-        ? Math.floor(slotsSorted.reduce((a, b) => a + b, 0) / slotsSorted.length)
-        : estimatedPacketTokens;
-    const quota = sessionConfig.quota ?? {};
-    const applyHostConcurrencyLimit = (waveSize) => {
-        if (hostConcurrencyLimit === null)
-            return waveSize;
-        return Math.min(waveSize, hostConcurrencyLimit.active_subagents);
-    };
-    if (quota.enabled === false) {
-        const waveSize = Math.max(1, applyHostConcurrencyLimit(requestedConcurrency));
-        const limits = {
-            context_tokens: quota.default_context_tokens ?? 32_000,
-            output_tokens: quota.reserved_output_tokens ?? 4_096,
-            requests_per_minute: null,
-            input_tokens_per_minute: null,
-            output_tokens_per_minute: null,
-        };
-        return {
-            wave_size: waveSize,
-            estimated_wave_tokens: slotsSorted ? sumTopN(slotsSorted, waveSize) : waveSize * avgTokens,
-            cooldown_until: null,
-            confidence: "high",
-            source: "default",
-            resolved_limits: limits,
-            host_concurrency_limit: hostConcurrencyLimit,
-            model: hostModel,
-        };
-    }
-    const safetyMargin = quota.safety_margin ?? 0.8;
-    const halfLifeHours = quota.empirical_half_life_hours ?? 24;
-    const { limits, source, confidence } = resolveLimits({ providerName, sessionConfig, hostModel });
-    // Fill null RPM/TPM from discovered limits (provider query or header extraction)
-    if (discoveredLimits) {
-        limits.requests_per_minute ??= discoveredLimits.requests_per_minute ?? null;
-        limits.input_tokens_per_minute ??= discoveredLimits.input_tokens_per_minute ?? null;
-        limits.output_tokens_per_minute ??= discoveredLimits.output_tokens_per_minute ?? null;
-    }
-    let waveSize = requestedConcurrency;
-    let cooldownUntil = null;
-    // Respect an active cooldown period
-    if (quotaStateEntry?.cooldown_until) {
-        const cooldownExpiry = new Date(quotaStateEntry.cooldown_until).getTime();
-        if (cooldownExpiry > Date.now()) {
-            cooldownUntil = quotaStateEntry.cooldown_until;
-            waveSize = 1;
-        }
-    }
-    if (!cooldownUntil) {
-        // Cap by requests-per-minute
-        if (limits.requests_per_minute != null) {
-            const rpmCap = Math.max(1, Math.floor(limits.requests_per_minute * safetyMargin));
-            waveSize = Math.min(waveSize, rpmCap);
-        }
-        // Cap by input tokens-per-minute
-        if (limits.input_tokens_per_minute != null && avgTokens > 0) {
-            const tpmBudget = limits.input_tokens_per_minute * safetyMargin;
-            if (slotsSorted && slotsSorted.length > 0) {
-                let candidateSize = waveSize;
-                while (candidateSize > 1 && sumTopN(slotsSorted, candidateSize) > tpmBudget) {
-                    candidateSize--;
-                }
-                waveSize = Math.max(1, candidateSize);
-            }
-            else {
-                const tpmCap = Math.max(1, Math.floor(tpmBudget / avgTokens));
-                waveSize = Math.min(waveSize, tpmCap);
-            }
-        }
-        if (quotaStateEntry) {
-            const rampUp = quota.ramp_up_enabled !== false;
-            const learnedCap = rampUp
-                ? computeRampUpConcurrency(quotaStateEntry, halfLifeHours)
-                : computeMaxSafeConcurrency(quotaStateEntry, halfLifeHours);
-            waveSize = Math.min(waveSize, learnedCap);
-        }
-        else if (hostConcurrencyLimit !== null) {
-            // The host explicitly reported its active-subagent capacity. That is a
-            // real concurrency signal, so it supersedes the conservative
-            // unknown-provider fallback (which exists only when we have no signal at
-            // all). Leaving waveSize untouched here lets applyHostConcurrencyLimit()
-            // below enforce the reported limit as the hard ceiling, while any RPM/TPM
-            // caps applied above still bind.
-        }
-        else {
-            const providerType = classifyProvider(providerName);
-            const fallbackCap = providerType === "local"
-                ? quota.unknown_local_concurrency
-                : (quota.unknown_hosted_concurrency ?? 1);
-            if (fallbackCap === "unlimited") {
-                // no cap — "unlimited" intentionally skips clamping
-            }
-            else if (typeof fallbackCap === "number" && Number.isFinite(fallbackCap)) {
-                waveSize = Math.min(waveSize, Math.max(1, Math.floor(fallbackCap)));
-            }
-            // First-contact cap: when no learned history, no configured fallback, AND
-            // no RPM/TPM limits from any source, apply a conservative ceiling.
-            // This triggers only for unconfigured local providers (fallbackCap is
-            // undefined). Hosted providers default to 1 via unknown_hosted_concurrency,
-            // and "unlimited" is an explicit opt-out.
-            if (fallbackCap == null &&
-                limits.requests_per_minute == null &&
-                limits.input_tokens_per_minute == null) {
-                const firstContactCap = quota.first_contact_concurrency ?? 3;
-                waveSize = Math.min(waveSize, Math.max(1, firstContactCap));
-            }
-        }
-    }
-    // Apply real-time quota source data if available
-    if (quotaSourceSnapshot && !cooldownUntil) {
-        if (quotaSourceSnapshot.remaining_pct != null && quotaSourceSnapshot.remaining_pct < 0.1) {
-            waveSize = 1;
-            if (quotaSourceSnapshot.reset_at) {
-                cooldownUntil = quotaSourceSnapshot.reset_at;
-            }
-        }
-        else if (quotaSourceSnapshot.remaining_pct != null && quotaSourceSnapshot.remaining_pct < 0.3) {
-            waveSize = Math.min(waveSize, Math.max(1, Math.floor(waveSize * 0.5)));
-        }
-    }
-    waveSize = applyHostConcurrencyLimit(waveSize);
-    waveSize = Math.max(1, waveSize);
-    return {
-        wave_size: waveSize,
-        estimated_wave_tokens: slotsSorted ? sumTopN(slotsSorted, waveSize) : waveSize * avgTokens,
-        cooldown_until: cooldownUntil,
-        confidence,
-        source,
-        resolved_limits: limits,
-        host_concurrency_limit: hostConcurrencyLimit,
-        model: hostModel,
-        quota_source_snapshot: quotaSourceSnapshot,
-    };
-}
-/** Build the state key used for indexing quota-state.json entries. */
-export function buildProviderModelKey(providerName, hostModel) {
-    return hostModel ? `${providerName}/${hostModel}` : `${providerName}/*`;
-}