github-issue-tower-defence-management 1.88.0 → 1.89.0

package/src/adapter/entry-points/console/consoleServer.ts

@@ -1,6 +1,27 @@
 import * as http from 'http';
 import * as fs from 'fs';
 import * as path from 'path';
+import { IssueRepository } from '../../../domain/usecases/adapter-interfaces/IssueRepository';
+import { Project } from '../../../domain/entities/Project';
+import {
+  buildConsoleDataResponse,
+  parseConsoleDataRoute,
+} from './consoleDataDelivery';
+import {
+  IssueTitleStateCache,
+  handleComments,
+  handleIssueTitle,
+  handleItemBody,
+  handlePrCommits,
+  handlePrFiles,
+  handleRelatedPrs,
+} from './consoleReadApi';
+import {
+  ConsoleOperationContext,
+  handleIntmux,
+  handleReview,
+  handleTriage,
+} from './consoleOperationApi';
 
 export const DEFAULT_CONSOLE_PORT = 9981;
 
@@ -108,6 +129,10 @@ export type ConsoleServerOptions = {
   accessToken: string;
   uiDistDir: string;
   consoleDataOutputDir: string | null;
+  pjcode?: string | null;
+  issueRepository?: IssueRepository | null;
+  project?: Project | null;
+  issueTitleStateCache?: IssueTitleStateCache | null;
 };
 
 const sendNotFound = (response: http.ServerResponse): void => {
@@ -134,11 +159,189 @@ const serveBootstrapIndex = (response: http.ServerResponse): void => {
   response.end(PLACEHOLDER_INDEX_HTML);
 };
 
-export const handleConsoleRequest = (
+const sendJson = (
+  response: http.ServerResponse,
+  statusCode: number,
+  body: unknown,
+): void => {
+  response.writeHead(statusCode, {
+    'Content-Type': 'application/json; charset=utf-8',
+    'Cache-Control': 'no-store',
+  });
+  response.end(JSON.stringify(body));
+};
+
+const sendDataResponse = (
+  response: http.ServerResponse,
+  statusCode: number,
+  contentType: string,
+  body: string,
+): void => {
+  response.writeHead(statusCode, {
+    'Content-Type': contentType,
+    'Cache-Control': 'no-store',
+  });
+  response.end(body);
+};
+
+const readRequestBody = (request: http.IncomingMessage): Promise<string> =>
+  new Promise((resolve, reject) => {
+    const chunks: Uint8Array[] = [];
+    request.on('data', (chunk: Uint8Array) => chunks.push(chunk));
+    request.on('end', () => resolve(Buffer.concat(chunks).toString('utf-8')));
+    request.on('error', reject);
+  });
+
+const isRecord = (value: unknown): value is Record<string, unknown> =>
+  value !== null && typeof value === 'object' && !Array.isArray(value);
+
+const parseRequestBody = (raw: string): Record<string, unknown> | null => {
+  if (raw.length === 0) {
+    return {};
+  }
+  let parsed: unknown;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    return null;
+  }
+  if (!isRecord(parsed)) {
+    return null;
+  }
+  return parsed;
+};
+
+const handleReadApi = async (
+  options: ConsoleServerOptions,
+  requestPath: string,
+  searchParams: URLSearchParams,
+): Promise<{ statusCode: number; body: unknown } | null> => {
+  const issueRepository = options.issueRepository ?? null;
+  if (issueRepository === null) {
+    return null;
+  }
+  const cache = options.issueTitleStateCache ?? null;
+  const url = searchParams.get('url');
+  switch (requestPath) {
+    case '/api/itembody':
+      return handleItemBody(issueRepository, url);
+    case '/api/comments':
+      return handleComments(issueRepository, url);
+    case '/api/prfiles':
+      return handlePrFiles(issueRepository, url);
+    case '/api/prcommits':
+      return handlePrCommits(issueRepository, url);
+    case '/api/relatedprs':
+      return handleRelatedPrs(issueRepository, url);
+    case '/api/issuetitle':
+      if (cache === null) {
+        return null;
+      }
+      return handleIssueTitle(issueRepository, cache, url);
+    default:
+      return null;
+  }
+};
+
+const handleOperationApi = async (
+  options: ConsoleServerOptions,
+  requestPath: string,
+  body: Record<string, unknown>,
+): Promise<{ statusCode: number; body: unknown } | null> => {
+  const issueRepository = options.issueRepository ?? null;
+  const project = options.project ?? null;
+  if (issueRepository === null || project === null) {
+    return null;
+  }
+  const context: ConsoleOperationContext = {
+    issueRepository,
+    project,
+    consoleDataOutputDir: options.consoleDataOutputDir,
+    pjcode: options.pjcode ?? null,
+  };
+  switch (requestPath) {
+    case '/api/review':
+      return handleReview(context, body);
+    case '/api/triage':
+      return handleTriage(context, body);
+    case '/api/intmux':
+      return handleIntmux(context, body);
+    default:
+      return null;
+  }
+};
+
+const handleTokenedRequest = async (
   options: ConsoleServerOptions,
   request: http.IncomingMessage,
   response: http.ServerResponse,
-): void => {
+  requestPath: string,
+  searchParams: URLSearchParams,
+): Promise<void> => {
+  const method = (request.method ?? 'GET').toUpperCase();
+
+  if (requestPath.startsWith('/api/')) {
+    if (method === 'GET') {
+      const readResult = await handleReadApi(
+        options,
+        requestPath,
+        searchParams,
+      );
+      if (readResult === null) {
+        sendNotFound(response);
+        return;
+      }
+      sendJson(response, readResult.statusCode, readResult.body);
+      return;
+    }
+    if (method === 'POST') {
+      const raw = await readRequestBody(request);
+      const parsedBody = parseRequestBody(raw);
+      if (parsedBody === null) {
+        sendJson(response, 400, { error: 'invalid JSON body' });
+        return;
+      }
+      const operationResult = await handleOperationApi(
+        options,
+        requestPath,
+        parsedBody,
+      );
+      if (operationResult === null) {
+        sendNotFound(response);
+        return;
+      }
+      sendJson(response, operationResult.statusCode, operationResult.body);
+      return;
+    }
+    sendNotFound(response);
+    return;
+  }
+
+  if (method === 'GET') {
+    const dataRoute = parseConsoleDataRoute(requestPath);
+    if (dataRoute !== null && options.consoleDataOutputDir !== null) {
+      const dataResponse = buildConsoleDataResponse(
+        options.consoleDataOutputDir,
+        dataRoute,
+      );
+      sendDataResponse(
+        response,
+        dataResponse.statusCode,
+        dataResponse.contentType,
+        dataResponse.body,
+      );
+      return;
+    }
+  }
+
+  sendNotFound(response);
+};
+
+export const handleConsoleRequest = async (
+  options: ConsoleServerOptions,
+  request: http.IncomingMessage,
+  response: http.ServerResponse,
+): Promise<void> => {
   const requestUrl = new URL(request.url ?? '/', 'http://localhost');
   const requestPath = requestUrl.pathname;
 
@@ -156,7 +359,13 @@ export const handleConsoleRequest = (
       sendUnauthorized(response);
       return;
     }
-    sendNotFound(response);
+    await handleTokenedRequest(
+      options,
+      request,
+      response,
+      requestPath,
+      requestUrl.searchParams,
+    );
     return;
   }
 
@@ -196,11 +405,26 @@ export const handleConsoleRequest = (
   response.end(staticContent);
 };
 
+const sendInternalServerError = (response: http.ServerResponse): void => {
+  if (response.headersSent) {
+    response.end();
+    return;
+  }
+  response.writeHead(500, {
+    'Content-Type': 'text/plain; charset=utf-8',
+    'Cache-Control': 'no-store',
+  });
+  response.end('Internal Server Error');
+};
+
 export const createConsoleServer = (
   options: ConsoleServerOptions,
 ): http.Server =>
   http.createServer((request, response) => {
-    handleConsoleRequest(options, request, response);
+    handleConsoleRequest(options, request, response).catch((error) => {
+      console.error('console request failed', error);
+      sendInternalServerError(response);
+    });
   });
 
 export type StartConsoleServerOptions = ConsoleServerOptions & {

package/src/adapter/entry-points/handlers/OauthTokenSelectHandler.test.ts

@@ -0,0 +1,204 @@
+import * as fs from 'fs';
+import * as os from 'os';
+import * as path from 'path';
+import { hashToken } from '../../proxy/RateLimitCache';
+import {
+  OauthTokenSelectHandler,
+  resolveCacheDirectory,
+  resolveTokenListJsonPath,
+} from './OauthTokenSelectHandler';
+
+const NOW = 2_000_000;
+const HOUR = 3600;
+const DAY = 86400;
+
+type FakeHeaders = {
+  fiveHourUtilization: number;
+  fiveHourReset: number;
+  sevenDayUtilization: number;
+  sevenDayReset: number;
+};
+
+describe('OauthTokenSelectHandler', () => {
+  let tempDir: string;
+  let cacheDirectory: string;
+  let tokenListPath: string;
+  const originalTokenListEnv =
+    process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH;
+  const originalCacheEnv = process.env.TDPM_RATELIMIT_CACHE_DIR;
+
+  beforeEach(() => {
+    tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'select-token-'));
+    cacheDirectory = path.join(tempDir, 'cache');
+    fs.mkdirSync(cacheDirectory, { recursive: true });
+    tokenListPath = path.join(tempDir, 'tokens.json');
+    delete process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH;
+    delete process.env.TDPM_RATELIMIT_CACHE_DIR;
+  });
+
+  afterEach(() => {
+    if (originalTokenListEnv === undefined) {
+      delete process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH;
+    } else {
+      process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH = originalTokenListEnv;
+    }
+    if (originalCacheEnv === undefined) {
+      delete process.env.TDPM_RATELIMIT_CACHE_DIR;
+    } else {
+      process.env.TDPM_RATELIMIT_CACHE_DIR = originalCacheEnv;
+    }
+    fs.rmSync(tempDir, { recursive: true, force: true });
+  });
+
+  const writeTokenList = (entries: { name: string; token: string }[]): void => {
+    fs.writeFileSync(tokenListPath, JSON.stringify(entries));
+  };
+
+  const writeCache = (token: string, headers: FakeHeaders): void => {
+    const payload = {
+      ts: NOW,
+      headers: {
+        'anthropic-ratelimit-unified-status': 'allowed',
+        'anthropic-ratelimit-unified-5h-status': 'allowed',
+        'anthropic-ratelimit-unified-5h-reset': String(headers.fiveHourReset),
+        'anthropic-ratelimit-unified-5h-utilization': String(
+          headers.fiveHourUtilization,
+        ),
+        'anthropic-ratelimit-unified-7d-status': 'allowed',
+        'anthropic-ratelimit-unified-7d-reset': String(headers.sevenDayReset),
+        'anthropic-ratelimit-unified-7d-utilization': String(
+          headers.sevenDayUtilization,
+        ),
+      },
+      modelWeeklyLimits: {},
+    };
+    fs.writeFileSync(
+      path.join(cacheDirectory, `${hashToken(token)}.json`),
+      JSON.stringify(payload),
+    );
+  };
+
+  it('selects the eligible token with the soonest 7d reset', () => {
+    writeTokenList([
+      { name: 'far', token: 'fake-far' },
+      { name: 'soon', token: 'fake-soon' },
+    ]);
+    writeCache('fake-far', {
+      fiveHourUtilization: 0.1,
+      fiveHourReset: NOW + HOUR,
+      sevenDayUtilization: 0.1,
+      sevenDayReset: NOW + 6 * DAY,
+    });
+    writeCache('fake-soon', {
+      fiveHourUtilization: 0.1,
+      fiveHourReset: NOW + HOUR,
+      sevenDayUtilization: 0.1,
+      sevenDayReset: NOW + 2 * DAY,
+    });
+
+    const handler = new OauthTokenSelectHandler();
+    const output = handler.handle({
+      tokenListJsonPath: tokenListPath,
+      cacheDirectory,
+      nowEpochSeconds: NOW,
+    });
+
+    expect(output.selectedName).toBe('soon');
+    expect(output.selectedToken).toBe('fake-soon');
+  });
+
+  it('treats a token with no cache file as fully free', () => {
+    writeTokenList([{ name: 'fresh', token: 'fake-fresh' }]);
+
+    const handler = new OauthTokenSelectHandler();
+    const output = handler.handle({
+      tokenListJsonPath: tokenListPath,
+      cacheDirectory,
+      nowEpochSeconds: NOW,
+    });
+
+    expect(output.selectedName).toBe('fresh');
+  });
+
+  it('returns null and a diagnostic when no token passes the filter', () => {
+    writeTokenList([{ name: 'busy', token: 'fake-busy' }]);
+    writeCache('fake-busy', {
+      fiveHourUtilization: 0.9,
+      fiveHourReset: NOW + HOUR,
+      sevenDayUtilization: 0.1,
+      sevenDayReset: NOW + DAY,
+    });
+
+    const handler = new OauthTokenSelectHandler();
+    const output = handler.handle({
+      tokenListJsonPath: tokenListPath,
+      cacheDirectory,
+      nowEpochSeconds: NOW,
+    });
+
+    expect(output.selectedToken).toBeNull();
+    expect(output.diagnostics.join('\n')).toContain(
+      'No eligible token passed the rate-limit filter.',
+    );
+  });
+
+  it('returns a diagnostic when no token list path is resolvable', () => {
+    const handler = new OauthTokenSelectHandler();
+    const output = handler.handle({
+      tokenListJsonPath: null,
+      cacheDirectory,
+      nowEpochSeconds: NOW,
+    });
+
+    expect(output.selectedToken).toBeNull();
+    expect(output.diagnostics.join('\n')).toContain('No token list path');
+  });
+
+  it('returns a diagnostic when the token list file has no usable entries', () => {
+    fs.writeFileSync(tokenListPath, JSON.stringify([]));
+
+    const handler = new OauthTokenSelectHandler();
+    const output = handler.handle({
+      tokenListJsonPath: tokenListPath,
+      cacheDirectory,
+      nowEpochSeconds: NOW,
+    });
+
+    expect(output.selectedToken).toBeNull();
+    expect(output.diagnostics.join('\n')).toContain('No usable token entries');
+  });
+
+  describe('resolveTokenListJsonPath', () => {
+    it('prefers the explicit path over the environment variable', () => {
+      process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH = '/from/env.json';
+      expect(resolveTokenListJsonPath('/explicit.json')).toBe('/explicit.json');
+    });
+
+    it('falls back to the environment variable when no explicit path is given', () => {
+      process.env.CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH = '/from/env.json';
+      expect(resolveTokenListJsonPath(null)).toBe('/from/env.json');
+    });
+
+    it('returns null when neither source provides a path', () => {
+      expect(resolveTokenListJsonPath(null)).toBeNull();
+    });
+  });
+
+  describe('resolveCacheDirectory', () => {
+    it('prefers the explicit directory over the environment variable', () => {
+      process.env.TDPM_RATELIMIT_CACHE_DIR = '/from/env';
+      expect(resolveCacheDirectory('/explicit')).toBe('/explicit');
+    });
+
+    it('falls back to the environment variable when no explicit directory is given', () => {
+      process.env.TDPM_RATELIMIT_CACHE_DIR = '/from/env';
+      expect(resolveCacheDirectory(null)).toBe('/from/env');
+    });
+
+    it('falls back to the default tdpm cache directory', () => {
+      expect(resolveCacheDirectory(null)).toContain(
+        path.join('tdpm', 'ratelimit'),
+      );
+    });
+  });
+});

package/src/adapter/entry-points/handlers/OauthTokenSelectHandler.ts

@@ -0,0 +1,132 @@
+import {
+  OauthTokenCandidate,
+  OauthTokenSelectResult,
+  OauthTokenSelectUseCase,
+} from '../../../domain/usecases/OauthTokenSelectUseCase';
+import { cacheDir, readRateLimit } from '../../proxy/RateLimitCache';
+import { loadTokenEntries } from '../../proxy/TokenListLoader';
+
+export type OauthTokenSelectHandlerInput = {
+  tokenListJsonPath: string | null;
+  cacheDirectory: string | null;
+  nowEpochSeconds: number;
+};
+
+export type OauthTokenSelectHandlerOutput = {
+  selectedToken: string | null;
+  selectedName: string | null;
+  diagnostics: string[];
+};
+
+const DEFAULT_TOKEN_LIST_PATH_ENV = 'CLAUDE_CODE_OAUTH_TOKEN_LIST_JSON_PATH';
+const DEFAULT_CACHE_DIRECTORY_ENV = 'TDPM_RATELIMIT_CACHE_DIR';
+
+export const resolveTokenListJsonPath = (
+  explicitPath: string | null,
+): string | null => {
+  if (explicitPath !== null && explicitPath.length > 0) {
+    return explicitPath;
+  }
+  const fromEnv = process.env[DEFAULT_TOKEN_LIST_PATH_ENV];
+  if (fromEnv !== undefined && fromEnv.length > 0) {
+    return fromEnv;
+  }
+  return null;
+};
+
+export const resolveCacheDirectory = (
+  explicitDirectory: string | null,
+): string => {
+  if (explicitDirectory !== null && explicitDirectory.length > 0) {
+    return explicitDirectory;
+  }
+  const fromEnv = process.env[DEFAULT_CACHE_DIRECTORY_ENV];
+  if (fromEnv !== undefined && fromEnv.length > 0) {
+    return fromEnv;
+  }
+  return cacheDir();
+};
+
+export class OauthTokenSelectHandler {
+  constructor(
+    private readonly useCase: OauthTokenSelectUseCase = new OauthTokenSelectUseCase(),
+  ) {}
+
+  handle = (
+    input: OauthTokenSelectHandlerInput,
+  ): OauthTokenSelectHandlerOutput => {
+    const tokenListJsonPath = resolveTokenListJsonPath(input.tokenListJsonPath);
+    if (tokenListJsonPath === null) {
+      return {
+        selectedToken: null,
+        selectedName: null,
+        diagnostics: [
+          `No token list path provided. Pass --tokenListJsonPath or set ${DEFAULT_TOKEN_LIST_PATH_ENV}.`,
+        ],
+      };
+    }
+
+    const entries = loadTokenEntries(tokenListJsonPath);
+    if (entries === null) {
+      return {
+        selectedToken: null,
+        selectedName: null,
+        diagnostics: [
+          `No usable token entries loaded from ${tokenListJsonPath}.`,
+        ],
+      };
+    }
+
+    const cacheDirectory = resolveCacheDirectory(input.cacheDirectory);
+
+    const candidates: OauthTokenCandidate[] = entries.map(({ name, token }) => {
+      const snapshot = readRateLimit(token, cacheDirectory);
+      return {
+        name,
+        token,
+        snapshot:
+          snapshot === null
+            ? null
+            : {
+                fiveHourUtilization: snapshot.fiveHourUtilization,
+                fiveHourReset: snapshot.fiveHourReset,
+                sevenDayUtilization: snapshot.sevenDayUtilization,
+                sevenDayReset: snapshot.sevenDayReset,
+              },
+      };
+    });
+
+    const result = this.useCase.run(candidates, input.nowEpochSeconds);
+
+    return {
+      selectedToken: result.selected?.token ?? null,
+      selectedName: result.selected?.name ?? null,
+      diagnostics: this.formatDiagnostics(result, input.nowEpochSeconds),
+    };
+  };
+
+  private formatDiagnostics = (
+    result: OauthTokenSelectResult,
+    nowEpochSeconds: number,
+  ): string[] => {
+    const lines = result.metrics.map((metric) => {
+      const secondsUntilSevenDayEnd = Math.round(
+        metric.sevenDayEndEpoch - nowEpochSeconds,
+      );
+      const status = metric.eligible
+        ? 'eligible'
+        : `excluded (${metric.exclusionReason})`;
+      return `${metric.name}: 5h ${Math.round(metric.fiveHourFreeRatio * 100)}% free, 7d ${Math.round(metric.sevenDayFreeRatio * 100)}% free, 7d-end in ${secondsUntilSevenDayEnd}s -> ${status}`;
+    });
+
+    if (result.selected === null) {
+      lines.push('No eligible token passed the rate-limit filter.');
+    } else {
+      lines.push(
+        `Selected ${result.selected.name} (soonest 7d reset among eligible tokens).`,
+      );
+    }
+
+    return lines;
+  };
+}

package/src/adapter/proxy/RateLimitCache.ts

@@ -39,8 +39,10 @@ export const cacheDir = (): string => {
 export const hashToken = (token: string): string =>
   crypto.createHash(HASH_ALGORITHM).update(token).digest('hex');
 
-export const cachePathForToken = (token: string): string =>
-  path.join(cacheDir(), `${hashToken(token)}.json`);
+export const cachePathForToken = (
+  token: string,
+  baseDir: string = cacheDir(),
+): string => path.join(baseDir, `${hashToken(token)}.json`);
 
 const isRecord = (value: unknown): value is Record<string, unknown> =>
   value !== null && typeof value === 'object' && !Array.isArray(value);
@@ -222,8 +224,11 @@ export const parseModelRateLimitsFromHeaders = (
   return result;
 };
 
-export const readRateLimit = (token: string): RateLimitSnapshot | null => {
-  const filePath = cachePathForToken(token);
+export const readRateLimit = (
+  token: string,
+  baseDir: string = cacheDir(),
+): RateLimitSnapshot | null => {
+  const filePath = cachePathForToken(token, baseDir);
   if (!fs.existsSync(filePath)) return null;
   try {
     const raw = fs.readFileSync(filePath, 'utf8');

package/src/domain/usecases/NotifyFinishedIssuePreparationUseCase.test.ts

@@ -1876,6 +1876,40 @@ describe('NotifyFinishedIssuePreparationUseCase', () => {
       );
     });
 
+    it('should not call setDependedIssueUrl when issue is a PR and the resolved PR URL matches the issue URL (self-reference prevention)', async () => {
+      const prUrl = 'https://github.com/user/repo/pull/77';
+      const prIssue = createMockIssue({
+        url: prUrl,
+        status: 'Preparation',
+        isPr: true,
+      });
+
+      mockProjectRepository.getByUrl.mockResolvedValue(mockProject);
+      mockIssueRepository.get.mockResolvedValue(prIssue);
+      mockIssueCommentRepository.getCommentsFromIssue.mockResolvedValue([
+        createMockComment({ content: 'From: :robot: Agent report' }),
+      ]);
+      mockIssueRepository.getOpenPullRequest.mockResolvedValue({
+        url: prUrl,
+        isConflicted: false,
+        isPassedAllCiJob: true,
+        isCiStateSuccess: true,
+        isResolvedAllReviewComments: true,
+        isBranchOutOfDate: false,
+        missingRequiredCheckNames: [],
+      });
+
+      await useCase.run({
+        projectUrl: 'https://github.com/users/user/projects/1',
+        issueUrl: prUrl,
+        thresholdForAutoReject: 3,
+        workflowBlockerResolvedWebhookUrl: null,
+        allowedIssueAuthors: null,
+      });
+
+      expect(mockIssueRepository.setDependedIssueUrl).not.toHaveBeenCalled();
+    });
+
     it('should log a warning and skip setDependedIssueUrl when dependedIssueUrlSeparatedByComma is not configured in project', async () => {
       const projectWithoutDependedField = createMockProject({
         dependedIssueUrlSeparatedByComma: null,

package/src/domain/usecases/NotifyFinishedIssuePreparationUseCase.ts

@@ -360,6 +360,9 @@ export class NotifyFinishedIssuePreparationUseCase {
       ? await this.resolveOpenPrsForPrItem(issue.url)
       : await this.issueRepository.findRelatedOpenPRs(issue.url);
     for (const pr of openPRs) {
+      if (pr.url === issueUrl) {
+        continue;
+      }
       await this.issueRepository.setDependedIssueUrl(pr.url, project, issueUrl);
     }
   };