claudemesh-cli 1.33.0 → 1.34.0

package/dist/entrypoints/cli.js

@@ -104,7 +104,7 @@ __export(exports_urls, {
   VERSION: () => VERSION,
   URLS: () => URLS
 });
-var URLS, VERSION = "1.33.0", env;
+var URLS, VERSION = "1.34.0", env;
 var init_urls = __esm(() => {
   URLS = {
     BROKER: process.env.CLAUDEMESH_BROKER_URL ?? "wss://ic.claudemesh.com/ws",
@@ -4019,6 +4019,7 @@ __export(exports_daemon_route, {
   tryListStateViaDaemon: () => tryListStateViaDaemon,
   tryListSkillsViaDaemon: () => tryListSkillsViaDaemon,
   tryListPeersViaDaemon: () => tryListPeersViaDaemon,
+  tryListInboxViaDaemon: () => tryListInboxViaDaemon,
   tryGetStateViaDaemon: () => tryGetStateViaDaemon,
   tryGetSkillViaDaemon: () => tryGetSkillViaDaemon,
   tryForgetViaDaemon: () => tryForgetViaDaemon
@@ -4049,6 +4050,22 @@ async function tryListPeersViaDaemon(mesh) {
     return null;
   }
 }
+async function tryListInboxViaDaemon(mesh, limit = 100) {
+  if (!await daemonReachable())
+    return null;
+  try {
+    const path = `/v1/inbox${meshQuery(mesh)}${meshQuery(mesh) ? "&" : "?"}limit=${limit}`;
+    const res = await ipc({ path, timeoutMs: 3000 });
+    if (res.status !== 200)
+      return null;
+    return Array.isArray(res.body.items) ? res.body.items : [];
+  } catch (err) {
+    const msg = String(err);
+    if (/ENOENT|ECONNREFUSED|ipc_timeout/.test(msg))
+      return null;
+    return null;
+  }
+}
 async function tryListSkillsViaDaemon(mesh) {
   if (!await daemonReachable())
     return null;
@@ -8227,38 +8244,47 @@ var exports_inbox = {};
 __export(exports_inbox, {
   runInbox: () => runInbox
 });
-function formatMessage(msg) {
-  const text = msg.plaintext ?? `[encrypted: ${msg.ciphertext.slice(0, 32)}…]`;
-  const from = msg.senderPubkey.slice(0, 8);
-  const time = new Date(msg.createdAt).toLocaleTimeString();
-  const kindTag = msg.kind === "direct" ? "→ direct" : msg.kind;
-  return `  ${bold(from)} ${dim(`[${kindTag}] ${time}`)}
+function formatMessage(msg, includeMesh) {
+  const text = msg.body ?? "[encrypted]";
+  const from = msg.sender_name && msg.sender_name !== msg.sender_pubkey.slice(0, 8) ? `${msg.sender_name} (${msg.sender_pubkey.slice(0, 8)})` : msg.sender_pubkey.slice(0, 8);
+  const time = new Date(msg.received_at).toLocaleTimeString();
+  const topicTag = msg.topic ? ` (#${msg.topic})` : "";
+  const meshTag = includeMesh ? ` [${msg.mesh}]` : "";
+  return `  ${bold(from)} ${dim(`${meshTag}${topicTag} ${time}`)}
   ${text}`;
 }
 async function runInbox(flags) {
-  const waitMs = (flags.wait ?? 1) * 1000;
-  await withMesh({ meshSlug: flags.mesh ?? null }, async (client, mesh) => {
-    await new Promise((resolve) => setTimeout(resolve, waitMs));
-    const messages = client.drainPushBuffer();
+  const meshSlug = flags.mesh;
+  const items = await tryListInboxViaDaemon(meshSlug, flags.limit ?? 100);
+  if (items === null) {
     if (flags.json) {
-      process.stdout.write(JSON.stringify(messages, null, 2) + `
+      process.stdout.write(`[]
 `);
       return;
     }
-    if (messages.length === 0) {
-      render.info(dim(`No messages on mesh "${mesh.slug}".`));
-      return;
-    }
-    render.section(`inbox — ${mesh.slug} (${messages.length} message${messages.length === 1 ? "" : "s"})`);
-    for (const msg of messages) {
-      process.stdout.write(formatMessage(msg) + `
+    render.info(dim("Daemon not reachable. Run `claudemesh daemon up` and retry."));
+    return;
+  }
+  if (flags.json) {
+    process.stdout.write(JSON.stringify(items, null, 2) + `
+`);
+    return;
+  }
+  if (items.length === 0) {
+    const scope = meshSlug ? `mesh "${meshSlug}"` : "any mesh";
+    render.info(dim(`No messages on ${scope}.`));
+    return;
+  }
+  const heading = meshSlug ? `inbox — ${meshSlug} (${items.length} message${items.length === 1 ? "" : "s"})` : `inbox (${items.length} message${items.length === 1 ? "" : "s"})`;
+  render.section(heading);
+  for (const msg of items) {
+    process.stdout.write(formatMessage(msg, !meshSlug) + `
 
 `);
-    }
-  });
+  }
 }
 var init_inbox = __esm(() => {
-  init_connect();
+  init_daemon_route();
   init_render();
   init_styles();
 });
@@ -9149,6 +9175,9 @@ function migrateOutbox(db) {
     db.exec(`ALTER TABLE outbox ADD COLUMN ciphertext TEXT`);
   if (!hasPriority)
     db.exec(`ALTER TABLE outbox ADD COLUMN priority TEXT`);
+  const hasSenderSessionPk = columnExists(db, "outbox", "sender_session_pubkey");
+  if (!hasSenderSessionPk)
+    db.exec(`ALTER TABLE outbox ADD COLUMN sender_session_pubkey TEXT`);
 }
 function columnExists(db, table, column) {
   const rows = db.prepare(`PRAGMA table_info(${table})`).all();
@@ -9159,7 +9188,8 @@ function findByClientId(db, clientMessageId) {
     SELECT id, client_message_id, request_fingerprint, payload, enqueued_at,
            attempts, next_attempt_at, status, last_error, delivered_at,
            broker_message_id, aborted_at, aborted_by, superseded_by,
-           mesh, target_spec, nonce, ciphertext, priority
+           mesh, target_spec, nonce, ciphertext, priority,
+           sender_session_pubkey
       FROM outbox WHERE client_message_id = ?
   `).get(clientMessageId);
   return row ?? null;
@@ -9169,9 +9199,10 @@ function insertPending(db, input) {
     INSERT INTO outbox (
       id, client_message_id, request_fingerprint, payload,
       enqueued_at, attempts, next_attempt_at, status,
-      mesh, target_spec, nonce, ciphertext, priority
-    ) VALUES (?, ?, ?, ?, ?, 0, ?, 'pending', ?, ?, ?, ?, ?)
-  `).run(input.id, input.client_message_id, input.request_fingerprint, input.payload, input.now, input.now, input.mesh ?? null, input.target_spec ?? null, input.nonce ?? null, input.ciphertext ?? null, input.priority ?? null);
+      mesh, target_spec, nonce, ciphertext, priority,
+      sender_session_pubkey
+    ) VALUES (?, ?, ?, ?, ?, 0, ?, 'pending', ?, ?, ?, ?, ?, ?)
+  `).run(input.id, input.client_message_id, input.request_fingerprint, input.payload, input.now, input.now, input.mesh ?? null, input.target_spec ?? null, input.nonce ?? null, input.ciphertext ?? null, input.priority ?? null, input.sender_session_pubkey ?? null);
 }
 function fingerprintsEqual(a, b) {
   if (a.length !== b.length)
@@ -9192,7 +9223,8 @@ function listOutbox(db, p = {}) {
     SELECT id, client_message_id, request_fingerprint, payload, enqueued_at,
            attempts, next_attempt_at, status, last_error, delivered_at,
            broker_message_id, aborted_at, aborted_by, superseded_by,
-           mesh, target_spec, nonce, ciphertext, priority
+           mesh, target_spec, nonce, ciphertext, priority,
+           sender_session_pubkey
       FROM outbox
      ${where.length ? "WHERE " + where.join(" AND ") : ""}
      ORDER BY enqueued_at DESC
@@ -9206,7 +9238,8 @@ function findById(db, id) {
     SELECT id, client_message_id, request_fingerprint, payload, enqueued_at,
            attempts, next_attempt_at, status, last_error, delivered_at,
            broker_message_id, aborted_at, aborted_by, superseded_by,
-           mesh, target_spec, nonce, ciphertext, priority
+           mesh, target_spec, nonce, ciphertext, priority,
+           sender_session_pubkey
       FROM outbox WHERE id = ?
   `).get(id) ?? null;
 }
@@ -9354,7 +9387,8 @@ function acceptSend(req, deps) {
         target_spec: req.target_spec,
         nonce: req.nonce,
         ciphertext: req.ciphertext,
-        priority: req.priority
+        priority: req.priority,
+        sender_session_pubkey: req.sender_session_pubkey
       });
       return { kind: "accepted_pending", status: 202, client_message_id: clientId };
     }
@@ -9453,6 +9487,10 @@ function listInbox(db, p) {
     where.push("sender_pubkey = ?");
     args.push(p.fromPubkey);
   }
+  if (p.mesh !== undefined) {
+    where.push("mesh = ?");
+    args.push(p.mesh);
+  }
   const sql = `
     SELECT id, client_message_id, broker_message_id, mesh, topic,
            sender_pubkey, sender_name, body, meta, received_at, reply_to_id
@@ -10204,10 +10242,12 @@ function makeHandler(opts) {
       const fromPubkey = url.searchParams.get("from") ?? undefined;
       const limitRaw = url.searchParams.get("limit");
       const limit = limitRaw ? Number.parseInt(limitRaw, 10) : undefined;
+      const meshFilter = meshFromCtx(url.searchParams.get("mesh")) ?? undefined;
       const rows = listInbox(opts.inboxDb, {
         since: Number.isFinite(since) ? since : undefined,
         topic,
         fromPubkey,
+        ...meshFilter ? { mesh: meshFilter } : {},
         limit: Number.isFinite(limit ?? NaN) ? limit : undefined
       });
       respond(res, 200, {
@@ -10324,12 +10364,17 @@ function makeHandler(opts) {
             respond(res, 404, { error: "mesh_not_attached", mesh: chosenSlug });
             return;
           }
+          const senderSessionPubkey = session?.presence?.sessionPubkey;
+          const senderSecretKey = session?.presence?.sessionSecretKey ?? meshCfg.secretKey;
           try {
-            const routed = await resolveAndEncrypt(parsed.req, broker, meshCfg.secretKey, chosenSlug);
+            const routed = await resolveAndEncrypt(parsed.req, broker, senderSecretKey, chosenSlug);
             parsed.req.target_spec = routed.target_spec;
             parsed.req.ciphertext = routed.ciphertext;
             parsed.req.nonce = routed.nonce;
             parsed.req.mesh = routed.mesh;
+            if (senderSessionPubkey) {
+              parsed.req.sender_session_pubkey = senderSessionPubkey;
+            }
           } catch (e) {
             respond(res, 502, { error: "route_failed", detail: String(e) });
             return;
@@ -11063,6 +11108,9 @@ var init_broker = __esm(() => {
 
 // src/daemon/session-broker.ts
 import { hostname as osHostname } from "node:os";
+function classifyPermanent2(error2) {
+  return /unknown|invalid|forbidden|not_authorized|target_not_found/i.test(error2);
+}
 
 class SessionBrokerClient {
   opts;
@@ -11070,6 +11118,8 @@ class SessionBrokerClient {
   _status = "closed";
   closed = false;
   brokerUnsupported = false;
+  pendingAcks = new Map;
+  opens = [];
   constructor(opts) {
     this.opts = opts;
   }
@@ -11134,6 +11184,20 @@ class SessionBrokerClient {
           }
           return;
         }
+        if (msg.type === "ack") {
+          const id = String(msg.id ?? "");
+          const ack = this.pendingAcks.get(id);
+          if (ack) {
+            this.pendingAcks.delete(id);
+            clearTimeout(ack.timer);
+            if (typeof msg.error === "string" && msg.error.length > 0) {
+              ack.resolve({ ok: false, error: msg.error, permanent: classifyPermanent2(msg.error) });
+            } else {
+              ack.resolve({ ok: true, messageId: String(msg.messageId ?? id) });
+            }
+          }
+          return;
+        }
         if (msg.type === "push" || msg.type === "inbound") {
           this.opts.onPush?.(msg);
           return;
@@ -11142,6 +11206,19 @@ class SessionBrokerClient {
       onStatusChange: (s) => {
         this._status = s;
         this.opts.onStatusChange?.(s);
+        if (s === "open") {
+          const queued = this.opens.slice();
+          this.opens.length = 0;
+          for (const fn of queued) {
+            try {
+              fn();
+            } catch (e) {
+              this.log("warn", "session_open_handler_failed", { err: String(e) });
+            }
+          }
+        } else if (s === "closed" || s === "reconnecting") {
+          this.failPendingAcks(`session_ws_${s}`);
+        }
       },
       log: (level, msg, meta) => this.log(level, `session_broker_${msg}`, meta)
     });
@@ -11157,6 +11234,57 @@ class SessionBrokerClient {
       });
     } catch {}
   }
+  isOpen() {
+    const sock = this.lifecycle?.ws;
+    return !!sock && sock.readyState === sock.OPEN;
+  }
+  send(req) {
+    return new Promise((resolve) => {
+      const dispatch = () => {
+        if (!this.isOpen() || !this.lifecycle) {
+          resolve({ ok: false, error: "session_ws_not_open", permanent: false });
+          return;
+        }
+        const id = req.client_message_id;
+        const timer = setTimeout(() => {
+          if (this.pendingAcks.delete(id)) {
+            resolve({ ok: false, error: "ack_timeout", permanent: false });
+          }
+        }, SEND_ACK_TIMEOUT_MS2);
+        this.pendingAcks.set(id, { resolve, timer });
+        try {
+          this.lifecycle.send({
+            type: "send",
+            id,
+            client_message_id: id,
+            request_fingerprint: req.request_fingerprint_hex,
+            targetSpec: req.targetSpec,
+            priority: req.priority,
+            nonce: req.nonce,
+            ciphertext: req.ciphertext
+          });
+        } catch (e) {
+          this.pendingAcks.delete(id);
+          clearTimeout(timer);
+          resolve({ ok: false, error: `ws_write_failed: ${String(e)}`, permanent: false });
+        }
+      };
+      if (this._status === "open")
+        dispatch();
+      else
+        this.opens.push(dispatch);
+    });
+  }
+  failPendingAcks(reason) {
+    if (this.pendingAcks.size === 0)
+      return;
+    const entries = [...this.pendingAcks.entries()];
+    this.pendingAcks.clear();
+    for (const [, ack] of entries) {
+      clearTimeout(ack.timer);
+      ack.resolve({ ok: false, error: reason, permanent: false });
+    }
+  }
   async close() {
     this.closed = true;
     if (this.lifecycle) {
@@ -11180,6 +11308,7 @@ function defaultLog3(level, msg, meta) {
     process.stderr.write(line + `
 `);
 }
+var SEND_ACK_TIMEOUT_MS2 = 15000;
 var init_session_broker = __esm(() => {
   init_session_hello_sig();
   init_ws_lifecycle();
@@ -11229,7 +11358,8 @@ async function drainOnce(opts, log2) {
   const now = Date.now();
   const rows = opts.db.prepare(`
     SELECT id, client_message_id, request_fingerprint, payload, attempts,
-           target_spec, nonce, ciphertext, priority, mesh
+           target_spec, nonce, ciphertext, priority, mesh,
+           sender_session_pubkey
       FROM outbox
      WHERE status = 'pending' AND next_attempt_at <= ?
      ORDER BY enqueued_at
@@ -11241,17 +11371,21 @@ async function drainOnce(opts, log2) {
     if (markInflight(opts.db, row.id, now) === 0)
       continue;
     const fpHex = bufferToHex(row.request_fingerprint);
-    let broker;
+    let daemonBroker;
     if (row.mesh) {
-      broker = opts.brokers.get(row.mesh);
+      daemonBroker = opts.brokers.get(row.mesh);
     } else if (opts.brokers.size === 1) {
-      broker = opts.brokers.values().next().value;
+      daemonBroker = opts.brokers.values().next().value;
     }
-    if (!broker) {
+    if (!daemonBroker) {
       log2("warn", "drain_no_broker_for_mesh", { id: row.id, mesh: row.mesh ?? "(null)" });
       markDead(opts.db, row.id, `no_broker_for_mesh:${row.mesh ?? "null"}`);
       continue;
     }
+    let sessionBroker;
+    if (row.sender_session_pubkey && opts.getSessionBrokerByPubkey) {
+      sessionBroker = opts.getSessionBrokerByPubkey(row.sender_session_pubkey);
+    }
     let targetSpec;
     let nonce;
     let ciphertext;
@@ -11267,16 +11401,29 @@ async function drainOnce(opts, log2) {
       ciphertext = Buffer.from(row.payload).toString("base64");
       priority = "next";
     }
+    const sendArgs = {
+      targetSpec,
+      priority,
+      nonce,
+      ciphertext,
+      client_message_id: row.client_message_id,
+      request_fingerprint_hex: fpHex
+    };
     let res;
     try {
-      res = await broker.send({
-        targetSpec,
-        priority,
-        nonce,
-        ciphertext,
-        client_message_id: row.client_message_id,
-        request_fingerprint_hex: fpHex
-      });
+      if (row.sender_session_pubkey) {
+        if (!sessionBroker || !sessionBroker.isOpen()) {
+          log2("info", "drain_session_ws_not_ready", {
+            id: row.id,
+            session_pubkey: row.sender_session_pubkey.slice(0, 12)
+          });
+          backoffPending(opts.db, row.id, row.attempts + 1, "session_ws_not_open", "session_ws_not_open");
+          continue;
+        }
+        res = await sessionBroker.send(sendArgs);
+      } else {
+        res = await daemonBroker.send(sendArgs);
+      }
     } catch (e) {
       log2("warn", "drain_send_threw", { id: row.id, err: String(e) });
       backoffPending(opts.db, row.id, row.attempts + 1, "exception", String(e));
@@ -11672,9 +11819,14 @@ async function runDaemon(opts = {}) {
 `));
     brokers.set(mesh.slug, broker);
   }
-  let drain = null;
-  drain = startDrainWorker({ db: outboxDb, brokers });
   const sessionBrokers = new Map;
+  const sessionBrokersByPubkey = new Map;
+  let drain = null;
+  drain = startDrainWorker({
+    db: outboxDb,
+    brokers,
+    getSessionBrokerByPubkey: (pubkey) => sessionBrokersByPubkey.get(pubkey)
+  });
   setRegistryHooks({
     onRegister: (info) => {
       if (!info.presence)
@@ -11693,6 +11845,9 @@ async function runDaemon(opts = {}) {
       const prior = sessionBrokers.get(info.token);
       if (prior) {
         sessionBrokers.delete(info.token);
+        if (sessionBrokersByPubkey.get(prior.sessionPubkey) === prior) {
+          sessionBrokersByPubkey.delete(prior.sessionPubkey);
+        }
         prior.close().catch(() => {});
       }
       const sessionSecretKeyHex = info.presence.sessionSecretKey;
@@ -11718,6 +11873,7 @@ async function runDaemon(opts = {}) {
         }
       });
       sessionBrokers.set(info.token, client);
+      sessionBrokersByPubkey.set(info.presence.sessionPubkey, client);
       client.connect().catch((err) => process.stderr.write(JSON.stringify({
         level: "warn",
         msg: "session_broker_connect_failed",
@@ -11732,6 +11888,9 @@ async function runDaemon(opts = {}) {
       if (!client)
         return;
       sessionBrokers.delete(info.token);
+      if (sessionBrokersByPubkey.get(client.sessionPubkey) === client) {
+        sessionBrokersByPubkey.delete(client.sessionPubkey);
+      }
       client.close().catch(() => {});
     }
   });
@@ -19526,7 +19685,7 @@ async function main() {
     }
     case "inbox": {
       const { runInbox: runInbox2 } = await Promise.resolve().then(() => (init_inbox(), exports_inbox));
-      await runInbox2({ json: !!flags.json });
+      await runInbox2({ mesh: flags.mesh, json: !!flags.json, limit: typeof flags.limit === "number" ? flags.limit : typeof flags.limit === "string" ? Number.parseInt(flags.limit, 10) : undefined });
       break;
     }
     case "state": {
@@ -19781,7 +19940,7 @@ async function main() {
         await runSend2({ mesh: flags.mesh, priority: flags.priority, json: !!flags.json, self: !!flags.self }, positionals[1] ?? "", positionals.slice(2).join(" "));
       } else if (sub === "inbox") {
         const { runInbox: runInbox2 } = await Promise.resolve().then(() => (init_inbox(), exports_inbox));
-        await runInbox2({ json: !!flags.json });
+        await runInbox2({ mesh: flags.mesh, json: !!flags.json, limit: typeof flags.limit === "number" ? flags.limit : typeof flags.limit === "string" ? Number.parseInt(flags.limit, 10) : undefined });
       } else if (sub === "status") {
         const { runMsgStatus: runMsgStatus2 } = await Promise.resolve().then(() => (init_broker_actions(), exports_broker_actions));
         process.exit(await runMsgStatus2(positionals[1], { mesh: flags.mesh, json: !!flags.json }));
@@ -20334,4 +20493,4 @@ main().catch((err) => {
   process.exit(EXIT.INTERNAL_ERROR);
 });
 
-//# debugId=DC25A8288183DA4364756E2164756E21
+//# debugId=55E9142D00D4EE3764756E2164756E21