github-router 0.3.66 → 0.3.71

package/README.md

@@ -34,10 +34,10 @@ The server runs at `http://localhost:8787`. Now pick your tool below.
 npx github-router@latest claude
 ```
 
-Boots the proxy on a random port and spawns Claude Code wired to it. Sets `ANTHROPIC_MODEL=claude-opus-4-7` (Anthropic's dashed slug — Claude Code's `/model` UI displays this as menu entry "Opus 4.7 (1M context)"). The proxy translates to Copilot's `claude-opus-4.7-1m-internal` on enterprise tokens or `claude-opus-4.7` on Pro+/Business/Max at request time. Major.minor fallback chain: `claude-opus-4-6` → `claude-opus-4-5`. Override with `-m`:
+Boots the proxy on a random port and spawns Claude Code wired to it. Sets `ANTHROPIC_MODEL=claude-opus-4-8` (Anthropic's dashed slug — Claude Code's `/model` UI displays this as menu entry "Opus 4.8 (1M context)"). The proxy translates to Copilot's `claude-opus-4.8` at request time (single base slug; the catalog entry's `max_context_window_tokens` already advertises 1M context — no `-1m` sibling needed for 4.8). Major.minor fallback chain: `claude-opus-4-7` → `claude-opus-4-6` → `claude-opus-4-5`. Override with `-m`:
 
 ```sh
-npx github-router@latest claude -m claude-opus-4-7
+npx github-router@latest claude -m claude-opus-4-8
 ```
 
 The launcher sanitizes parent-env auth keys and sets `CLAUDE_CONFIG_DIR=$HOME/.claude` so the spawned `claude` ignores any persisted Console OAuth credential without requiring `claude /logout`. Settings, MCP servers, hooks, and CLAUDE.md auto-discovery still load from `~/.claude` as normal.
@@ -85,7 +85,7 @@ Each persona is exposed both as a Claude Code subagent (callable via the `Task`
 |---|---|---|---|
 | `codex-critic` | gpt-5.5 | `/v1/responses` | low \| medium \| high \| xhigh (xhigh) |
 | `codex-reviewer` | gpt-5.3-codex | `/v1/responses` | low \| medium \| high \| xhigh (xhigh) |
-| `opus-critic` | claude-opus-4-7 | `/v1/messages` | low \| medium \| high \| xhigh (xhigh) |
+| `opus-critic` | claude-opus-4-6 | `/v1/messages` | low \| medium \| high (high) |
 | `gemini-critic` | gemini-3.1-pro-preview | `/v1/chat/completions` | low \| medium \| high (high) |
 | `peer-review-coordinator` | (meta) | — | — |
 
@@ -169,6 +169,7 @@ Anthropic endpoints are only available under `/v1/messages`.
 | gpt-4.1, gpt-4o | Yes | Yes | No |
 | gpt-5.5, gpt-5.4 | No | Yes | No |
 | gpt-5.3-codex, gpt-5.2-codex | No | Yes | No |
+| claude-opus-4.8 (1M context as the single base slug) | Yes | No | Yes |
 | claude-opus-4.7-1m-internal (enterprise), claude-opus-4.7 | Yes | No | Yes |
 | claude-opus-4.6-1m, claude-opus-4.6, claude-sonnet-4.6 | Yes | No | Yes |
 | o3, o4-mini | Yes | Yes | No |
@@ -234,7 +235,7 @@ github-router debug              Print diagnostic info
 
 The `claude` and `codex` subcommands accept all the shared flags below plus `-m`/`--model` to override the default model. Default models live in `src/lib/port.ts`:
 
-- `claude` → `claude-opus-4-7` (Anthropic dashed slug for UI compatibility; the proxy translates to Copilot's `claude-opus-4.7-1m-internal` on enterprise or `claude-opus-4.7` elsewhere). Major.minor fallback chain: `claude-opus-4-6` → `claude-opus-4-5`.
+- `claude` → `claude-opus-4-8` (Anthropic dashed slug for UI compatibility; the proxy translates to Copilot's `claude-opus-4.8` — the single base slug already advertises 1M context via `max_context_window_tokens`, so no `-1m` sibling exists). Major.minor fallback chain: `claude-opus-4-7` → `claude-opus-4-6` → `claude-opus-4-5`.
 - `codex` → `gpt-5.5` → `gpt-5.4` → `gpt-5.3-codex` → `gpt-5.2-codex`
 
 Fallback chains fire only on the implicit-default path; explicit `-m`/`--model` is always respected as-is.
@@ -257,7 +258,7 @@ Additional flags accepted only by the `claude` subcommand:
 
 | Flag | Description | Default |
 |---|---|---|
-| `--model, -m` | Override the default Claude model | claude-opus-4-7 |
+| `--model, -m` | Override the default Claude model | claude-opus-4-8 |
 | `--codex-mcp` / `--no-codex-mcp` | Wire peer-MCP review subagents (codex-critic / opus-critic / gemini-critic / codex-reviewer / peer-review-coordinator) into the spawned session | true |
 | `--codex-cli` | Add a `codex mcp-server` stdio backend so `codex-implementer` can mutate files. Requires codex CLI 0.129+; falls back to HTTP-only if absent | false |
 | `--codex-mcp-only` | Pass `--strict-mcp-config` to Claude Code so only the proxy's MCP servers load (hides any user MCP servers in `~/.claude/mcp.json`) | false |

package/dist/browser-ext/manifest.json

@@ -2,7 +2,7 @@
   "manifest_version": 3,
   "name": "github-router browser bridge",
   "short_name": "gh-router-browser",
-  "version": "0.3.66",
+  "version": "0.3.71",
   "description": "Bridge between Claude (via github-router /mcp) and the browser. Implements tab control, navigation, clicks, form fill, downloads, screenshots, devtools eval. Blocks navigation to chrome://settings.",
   "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJElxuBlonBS3TVW9FJN0mGTtShB3L1hoaYf6k39SOr1ogGYmF90EjRxy1i21k9wQQjPf26bcBu/9X67KrQjQV0uB38CaNukgiSeoLjfptN811u+PJHx6BP+jx3Qa6/3VenNPxHC8WEU0GXql8QSjIHEyCwKb6fMASXOK94JyB5Ywov2x8mt/+9ncqBBBMVzf6r5Sagy4PL1XnryLsuADD/vOEkPet8wXgH/Oj7v5tTsQQZ7U1JT51PoDs2BFnXc5v3TkVgZwd32k3ONh+nkDw1Hof+4zwUGOyJE6eMrlYzRlKM4Qxdf9JpavQvqfieAbTRWcyKeclnHeoIfE7cDBQIDAQAB",
   "background": {

package/dist/{lifecycle-pWZ9tKxf.js → lifecycle-C2kZwv-z.js}

@@ -1,4 +1,4 @@
-import "./paths-CZvFif-e.js";
-import { a as sweepRegistry, i as registerExitHandlers, n as getInstanceUuid, o as sweepStaleWorktreesAtBoot, r as recordWorkerRepo, t as WorktreeRegistry } from "./lifecycle-hkBEjHb2.js";
+import "./paths-CoFnpNZl.js";
+import { a as sweepRegistry, i as registerExitHandlers, n as getInstanceUuid, o as sweepStaleWorktreesAtBoot, r as recordWorkerRepo, t as WorktreeRegistry } from "./lifecycle-NQRdfY1u.js";
 
 export { WorktreeRegistry, getInstanceUuid, recordWorkerRepo, registerExitHandlers, sweepRegistry, sweepStaleWorktreesAtBoot };

package/dist/{lifecycle-hkBEjHb2.js → lifecycle-NQRdfY1u.js}

@@ -1,4 +1,4 @@
-import { l as writeRuntimeFileSecure, t as PATHS } from "./paths-CZvFif-e.js";
+import { l as writeRuntimeFileSecure, t as PATHS } from "./paths-CoFnpNZl.js";
 import { randomBytes, randomUUID } from "node:crypto";
 import fs from "node:fs/promises";
 import path from "node:path";
@@ -307,4 +307,4 @@ async function sweepStaleWorktreesAtBoot() {
 
 //#endregion
 export { sweepRegistry as a, registerExitHandlers as i, getInstanceUuid as n, sweepStaleWorktreesAtBoot as o, recordWorkerRepo as r, WorktreeRegistry as t };
-//# sourceMappingURL=lifecycle-hkBEjHb2.js.map
+//# sourceMappingURL=lifecycle-NQRdfY1u.js.map

package/dist/{lifecycle-hkBEjHb2.js.map → lifecycle-NQRdfY1u.js.map}

@@ -1 +1 @@
-{"version":3,"file":"lifecycle-hkBEjHb2.js","names":["_instanceUuid: string | null","_activeRegistry: WorktreeRegistry | null","_exitHandler: (() => void) | null","_sigintHandler: (() => void) | null","_sigtermHandler: (() => void) | null","raw: string","cleaned: Array<LedgerEntry>","_ledgerChain: Promise<void>","ledger: LedgerFile","names: Array<string>"],"sources":["../src/lib/worker-agent/lifecycle.ts"],"sourcesContent":["/**\n * Lifecycle plumbing for worker worktrees: in-memory registry, signal\n * handlers, ledger of repos touched, and the boot-time PID+instance\n * safety net.\n *\n * Plan: see `plans/we-have-added-a-dreamy-tide.md` (\"Worktree mode\" →\n * \"Cleanup paths\"). Three layers cooperate, none of them sufficient\n * alone:\n *\n *   1. Per-call cleanup (`engine.ts` finally block invoking\n *      `WorktreeHandle.remove()`) — covers the happy path.\n *\n *   2. Session-end signal sweep (this file, registered via\n *      `registerExitHandlers`) — covers Ctrl+C, service-manager stop,\n *      and (in `github-router claude` mode) the spawned child's exit.\n *      Synchronous `execFileSync` is intentional: exit handlers can't\n *      reliably await async work.\n *\n *   3. Boot-time PID+instance sweep (`sweepStaleWorktreesAtBoot`) —\n *      covers SIGKILL, OOM, container restart. Walks the ledger of\n *      repos this proxy has touched and removes worktree dirs whose\n *      `<pid>` is dead OR whose `<instance>` UUID doesn't match the\n *      current proxy's UUID.\n *\n * Ledger writes are ATOMIC (temp + rename) per peer review — a\n * concurrent-RMW corruption would silently strand worktrees because\n * the boot sweep can't find their repo roots.\n */\n\nimport { execFileSync } from \"node:child_process\"\nimport { randomBytes, randomUUID } from \"node:crypto\"\nimport fs from \"node:fs/promises\"\nimport path from \"node:path\"\nimport process from \"node:process\"\n\nimport { PATHS, writeRuntimeFileSecure } from \"../paths\"\n\n/**\n * Same regex worktree.ts uses for its per-call age sweep — kept in\n * sync intentionally. `<pid>-<uuid>-<8hex>` strictly.\n */\nconst WORKTREE_DIR_NAME_RE =\n  /^(\\d+)-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})-([0-9a-f]{8})$/\n\n/**\n * Cap on the ledger: how many repos we remember across boots, and how\n * old an entry may be before it's pruned. Both are belt-and-suspenders\n * — the per-call age sweep is the primary guard against accumulation\n * inside any single repo.\n */\nconst LEDGER_MAX_ENTRIES = 100\nconst LEDGER_MAX_AGE_MS = 30 * 24 * 60 * 60 * 1000\n\nexport interface WorktreeRegistryEntry {\n  repoRoot: string\n  dir: string\n  branch: string\n}\n\n/**\n * Set-like in-memory registry of worktrees this proxy created. Engine\n * passes it to `createWorktree` so per-call cleanup deletes the entry\n * on success; the signal handlers walk what's left at shutdown.\n *\n * Not a bare `Set` because we want to expose only the operations we\n * actually use, and we want a stable testable surface.\n */\nexport class WorktreeRegistry {\n  private readonly entries = new Set<WorktreeRegistryEntry>()\n\n  add(entry: WorktreeRegistryEntry): void {\n    this.entries.add(entry)\n  }\n  delete(entry: WorktreeRegistryEntry): void {\n    this.entries.delete(entry)\n  }\n  has(entry: WorktreeRegistryEntry): boolean {\n    return this.entries.has(entry)\n  }\n  values(): IterableIterator<WorktreeRegistryEntry> {\n    return this.entries.values()\n  }\n  get size(): number {\n    return this.entries.size\n  }\n  clear(): void {\n    this.entries.clear()\n  }\n}\n\n// ---------------------------------------------------------------------\n// Per-launch instance UUID\n// ---------------------------------------------------------------------\n\nlet _instanceUuid: string | null = null\n\n/**\n * Stable UUID4 generated once per proxy process. Used in worktree\n * dir/branch names so the boot sweep can reliably distinguish \"this\n * proxy's still-live worktrees\" from \"stranded dirs from a prior\n * proxy that happens to have a recycled PID\" — Docker PID-1 across\n * container restarts is the classic case (peer-review HIGH finding).\n */\nexport function getInstanceUuid(): string {\n  if (_instanceUuid === null) {\n    _instanceUuid = randomUUID()\n  }\n  return _instanceUuid\n}\n\n/** Test-only: reset the cached UUID. */\nexport function __resetInstanceUuidForTests(): void {\n  _instanceUuid = null\n}\n\n// ---------------------------------------------------------------------\n// Signal handlers + sweepRegistry\n// ---------------------------------------------------------------------\n\nlet _registered = false\nlet _activeRegistry: WorktreeRegistry | null = null\nlet _exitHandler: (() => void) | null = null\nlet _sigintHandler: (() => void) | null = null\nlet _sigtermHandler: (() => void) | null = null\n\n/**\n * Synchronous cleanup of every registry entry. Best-effort:\n * `execFileSync` failures are swallowed (the dir may have been\n * removed already, or git may not be on PATH any more in some\n * environments). After a successful removal we drop the entry from\n * the registry so a second call is a true no-op.\n *\n * Synchronous on purpose — exit handlers can't reliably await async\n * work; the process would die before the promise settled.\n */\nexport function sweepRegistry(): void {\n  if (!_activeRegistry) return\n  // Snapshot the values first so we can mutate the underlying set\n  // during iteration without skipping entries.\n  const snapshot = [..._activeRegistry.values()]\n  for (const entry of snapshot) {\n    try {\n      // `-C entry.repoRoot` is load-bearing: without it git resolves\n      // the worktree path relative to the proxy's cwd (which is the\n      // user's launch dir, typically NOT inside the target repo), and\n      // fails with `fatal: '<path>' is not a working tree`. The E2E\n      // boot-sweep test (worker-agent-boot-sweep.test.ts) is what\n      // caught the missing flag.\n      execFileSync(\n        \"git\",\n        [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", entry.dir],\n        { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n      )\n    } catch {\n      // Already gone, EBUSY, or git not on PATH — best effort.\n    }\n    try {\n      execFileSync(\"git\", [\"-C\", entry.repoRoot, \"branch\", \"-D\", entry.branch], {\n        stdio: \"ignore\",\n        timeout: 5_000,\n        windowsHide: true,\n      })\n    } catch {\n      // Same as above.\n    }\n    _activeRegistry.delete(entry)\n  }\n}\n\n/**\n * Windows ConPTY / node-pty signal behavior:\n *\n * When a ConPTY host (VS Code terminal, Windows Terminal, node-pty) closes\n * the pseudo-console, the ConPTY layer sends CTRL_CLOSE_EVENT to the\n * process group. Node.js translates this into SIGINT (NOT SIGTERM). The\n * process has a ~5-second window before forced termination.\n *\n * Implication: the SIGTERM handler below may NEVER fire in node-pty\n * environments. This is by design — the three-layer cleanup architecture\n * ensures coverage:\n *   1. Per-call cleanup (engine.ts finally block) — happy path\n *   2. SIGINT handler (this file) — ConPTY close, Ctrl+C\n *   3. `exit` handler (this file) — unconditional, fires on any exit\n *   4. Boot-time PID+instance sweep (sweepStaleWorktreesAtBoot) — crash recovery\n *\n * Layers 1+2+3 cover ConPTY; layer 4 covers SIGKILL/OOM/container restart.\n */\n\n/**\n * Wire up SIGINT/SIGTERM/exit handlers that walk the registry and\n * remove every entry. Idempotent: subsequent calls swap the registry\n * pointer but do NOT register additional process listeners (otherwise\n * we'd leak listeners on every `runWorkerAgent`).\n *\n * Signal handlers re-raise the signal after sweeping. Naively running\n * the sweep on SIGINT/SIGTERM and returning would *suppress* the\n * signal: Node defaults to terminating the process on these, but only\n * if no user listener is attached. Once we attach a listener, the\n * default action is cancelled and the process keeps running — which\n * means Ctrl-C would clean worktrees but not actually exit, leaving\n * orphan processes in dev. The `process.kill(pid, sig)` re-raise\n * after removing our own listener restores the default behaviour\n * (the second delivery now hits an empty listener list, so Node\n * terminates with the conventional `128 + signum` exit code).\n */\nexport function registerExitHandlers(registry: WorktreeRegistry): void {\n  _activeRegistry = registry\n  if (_registered) return\n  _registered = true\n  _exitHandler = () => sweepRegistry()\n  _sigintHandler = () => {\n    sweepRegistry()\n    if (_sigintHandler) process.off(\"SIGINT\", _sigintHandler)\n    process.kill(process.pid, \"SIGINT\")\n  }\n  _sigtermHandler = () => {\n    sweepRegistry()\n    if (_sigtermHandler) process.off(\"SIGTERM\", _sigtermHandler)\n    process.kill(process.pid, \"SIGTERM\")\n  }\n  process.on(\"SIGINT\", _sigintHandler)\n  process.on(\"SIGTERM\", _sigtermHandler)\n  // `exit` handlers can only run synchronous code — exactly what\n  // sweepRegistry does. Async work here would never complete.\n  process.on(\"exit\", _exitHandler)\n}\n\n/**\n * Test-only: unregister the handlers and reset module state. Tests\n * that want to verify `registerExitHandlers` semantics must clean up\n * after themselves or future tests in the same process inherit the\n * (now stale) registry pointer.\n */\nexport function __unregisterExitHandlersForTests(): void {\n  if (_sigintHandler) {\n    process.off(\"SIGINT\", _sigintHandler)\n    _sigintHandler = null\n  }\n  if (_sigtermHandler) {\n    process.off(\"SIGTERM\", _sigtermHandler)\n    _sigtermHandler = null\n  }\n  if (_exitHandler) {\n    process.off(\"exit\", _exitHandler)\n    _exitHandler = null\n  }\n  _registered = false\n  _activeRegistry = null\n}\n\n// ---------------------------------------------------------------------\n// Ledger: which repos has this proxy touched?\n// ---------------------------------------------------------------------\n\ninterface LedgerEntry {\n  repoRoot: string\n  lastSeenMs: number\n}\n\ninterface LedgerFile {\n  entries: Array<LedgerEntry>\n}\n\nfunction ledgerPath(): string {\n  return path.join(PATHS.APP_DIR, \"worker-repos.json\")\n}\n\nasync function readLedger(): Promise<LedgerFile> {\n  let raw: string\n  try {\n    raw = await fs.readFile(ledgerPath(), \"utf8\")\n  } catch (err) {\n    if ((err as NodeJS.ErrnoException).code === \"ENOENT\") {\n      return { entries: [] }\n    }\n    return { entries: [] }\n  }\n  try {\n    const parsed = JSON.parse(raw) as Partial<LedgerFile>\n    if (!parsed || !Array.isArray(parsed.entries)) return { entries: [] }\n    const cleaned: Array<LedgerEntry> = []\n    for (const e of parsed.entries) {\n      if (\n        e &&\n        typeof e === \"object\" &&\n        typeof (e as LedgerEntry).repoRoot === \"string\" &&\n        typeof (e as LedgerEntry).lastSeenMs === \"number\"\n      ) {\n        cleaned.push({\n          repoRoot: (e as LedgerEntry).repoRoot,\n          lastSeenMs: (e as LedgerEntry).lastSeenMs,\n        })\n      }\n    }\n    return { entries: cleaned }\n  } catch {\n    // Corrupted JSON — start fresh rather than crashing the proxy.\n    return { entries: [] }\n  }\n}\n\n/**\n * Per-process serializer for ledger writes. Multiple concurrent\n * `recordWorkerRepo` calls (legitimate: several workers may start at\n * once) would otherwise race read-modify-write on the JSON file. Each\n * call chains onto the previous so the on-disk sequence is\n * deterministic from this process's perspective.\n *\n * Cross-process safety is provided by the atomic temp+rename below,\n * which makes the final state of the file always be a well-formed\n * full snapshot from ONE writer — never a partial write or\n * interleaved JSON.\n */\nlet _ledgerChain: Promise<void> = Promise.resolve()\n\n/**\n * Append `repoRoot` to the ledger (or update its `lastSeenMs`).\n * Atomic temp+rename per peer review.\n */\nexport function recordWorkerRepo(repoRoot: string): Promise<void> {\n  const next = _ledgerChain.then(async () => {\n    await fs.mkdir(PATHS.APP_DIR, { recursive: true })\n    const current = await readLedger()\n    // Dedup: drop any existing entry for this root before appending\n    // the fresh one so the array doesn't grow unbounded with repeats.\n    const filtered = current.entries.filter((e) => e.repoRoot !== repoRoot)\n    filtered.push({ repoRoot, lastSeenMs: Date.now() })\n    // Prune by age and cap entry count (newest wins).\n    const now = Date.now()\n    const pruned = filtered\n      .filter((e) => now - e.lastSeenMs < LEDGER_MAX_AGE_MS)\n      .slice(-LEDGER_MAX_ENTRIES)\n    const ledger: LedgerFile = { entries: pruned }\n\n    // Atomic temp+rename. The temp filename is unique per call\n    // (PID + 8 random hex chars) so concurrent processes don't\n    // collide on the temp name; the final `rename` is atomic on\n    // POSIX and on Windows (both with same filesystem).\n    const tmp = `${ledgerPath()}.tmp.${process.pid}.${randomBytes(4).toString(\n      \"hex\",\n    )}`\n    try {\n      await writeRuntimeFileSecure(tmp, JSON.stringify(ledger, null, 2))\n      await fs.rename(tmp, ledgerPath())\n    } catch (err) {\n      // Clean up the temp file if rename failed midway.\n      await fs.unlink(tmp).catch(() => {})\n      throw err\n    }\n  })\n  // Swallow chain-internal errors so one failed write doesn't poison\n  // the chain for every subsequent caller. Each call still sees its\n  // own rejection (we return `next`, not the catch-handler chain).\n  _ledgerChain = next.catch(() => undefined)\n  return next\n}\n\nfunction isPidAlive(pid: number): boolean {\n  if (!Number.isInteger(pid) || pid <= 0) return false\n  try {\n    process.kill(pid, 0)\n    return true\n  } catch (err) {\n    const code = (err as NodeJS.ErrnoException).code\n    // EPERM = process exists but we can't signal it — still alive\n    // for our purposes (we just need to know whether to clean up).\n    if (code === \"EPERM\") return true\n    return false\n  }\n}\n\n/**\n * Boot-time sweep. For every repo we recorded in the ledger,\n * enumerate `<repoRoot>/.git/worker-worktrees/` (the conventional\n * location — for repos already inside a worktree, the actual\n * `git-common-dir` may differ, in which case we'll miss this batch\n * and the per-call age sweep will catch them within 7 days) and\n * remove dirs that aren't owned by THIS proxy.\n *\n * Ownership rule: dir is \"ours\" iff its embedded PID is alive AND\n * its embedded UUID equals `getInstanceUuid()`. Either condition\n * failing → remove.\n */\nexport async function sweepStaleWorktreesAtBoot(): Promise<void> {\n  const ledger = await readLedger()\n  if (ledger.entries.length === 0) return\n  const currentUuid = getInstanceUuid()\n  for (const entry of ledger.entries) {\n    const parent = path.join(entry.repoRoot, \".git\", \"worker-worktrees\")\n    let names: Array<string>\n    try {\n      names = await fs.readdir(parent)\n    } catch {\n      continue\n    }\n    for (const name of names) {\n      const m = WORKTREE_DIR_NAME_RE.exec(name)\n      if (!m) continue\n      const pid = Number.parseInt(m[1], 10)\n      const uuid = m[2]\n      const isOurs = isPidAlive(pid) && uuid === currentUuid\n      if (isOurs) continue\n\n      const fullDir = path.join(parent, name)\n      const branch = `worker/${pid}-${uuid}-${m[3]}`\n      try {\n        // `-C entry.repoRoot` is load-bearing here too — see the\n        // matching comment in `sweepRegistry`. The boot sweep runs\n        // BEFORE any worker tool has set cwd, so the proxy's cwd is\n        // the user's launch dir, which is almost never inside the\n        // target repo.\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", fullDir],\n          { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"branch\", \"-D\", branch],\n          { stdio: \"ignore\", timeout: 5_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        await fs.rm(fullDir, { recursive: true, force: true })\n      } catch {\n        // ignore — git may have removed it already\n      }\n    }\n  }\n}\n\n/** Test-only: clear the ledger file (does NOT remove on-disk worktrees). */\nexport async function __clearLedgerForTests(): Promise<void> {\n  await fs.unlink(ledgerPath()).catch(() => {})\n}\n\n/** Test-only: read the ledger as a plain array (no side effects). */\nexport async function __readLedgerForTests(): Promise<Array<LedgerEntry>> {\n  return (await readLedger()).entries\n}\n"],"mappings":";;;;;;;;;;;;AAyCA,MAAM,uBACJ;;;;;;;AAQF,MAAM,qBAAqB;AAC3B,MAAM,oBAAoB,MAAU,KAAK,KAAK;;;;;;;;;AAgB9C,IAAa,mBAAb,MAA8B;CAC5B,AAAiB,0BAAU,IAAI,KAA4B;CAE3D,IAAI,OAAoC;AACtC,OAAK,QAAQ,IAAI,MAAM;;CAEzB,OAAO,OAAoC;AACzC,OAAK,QAAQ,OAAO,MAAM;;CAE5B,IAAI,OAAuC;AACzC,SAAO,KAAK,QAAQ,IAAI,MAAM;;CAEhC,SAAkD;AAChD,SAAO,KAAK,QAAQ,QAAQ;;CAE9B,IAAI,OAAe;AACjB,SAAO,KAAK,QAAQ;;CAEtB,QAAc;AACZ,OAAK,QAAQ,OAAO;;;AAQxB,IAAIA,gBAA+B;;;;;;;;AASnC,SAAgB,kBAA0B;AACxC,KAAI,kBAAkB,KACpB,iBAAgB,YAAY;AAE9B,QAAO;;AAYT,IAAI,cAAc;AAClB,IAAIC,kBAA2C;AAC/C,IAAIC,eAAoC;AACxC,IAAIC,iBAAsC;AAC1C,IAAIC,kBAAuC;;;;;;;;;;;AAY3C,SAAgB,gBAAsB;AACpC,KAAI,CAAC,gBAAiB;CAGtB,MAAM,WAAW,CAAC,GAAG,gBAAgB,QAAQ,CAAC;AAC9C,MAAK,MAAM,SAAS,UAAU;AAC5B,MAAI;AAOF,gBACE,OACA;IAAC;IAAM,MAAM;IAAU;IAAY;IAAU;IAAW,MAAM;IAAI,EAClE;IAAE,OAAO;IAAU,SAAS;IAAQ,aAAa;IAAM,CACxD;UACK;AAGR,MAAI;AACF,gBAAa,OAAO;IAAC;IAAM,MAAM;IAAU;IAAU;IAAM,MAAM;IAAO,EAAE;IACxE,OAAO;IACP,SAAS;IACT,aAAa;IACd,CAAC;UACI;AAGR,kBAAgB,OAAO,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCjC,SAAgB,qBAAqB,UAAkC;AACrE,mBAAkB;AAClB,KAAI,YAAa;AACjB,eAAc;AACd,sBAAqB,eAAe;AACpC,wBAAuB;AACrB,iBAAe;AACf,MAAI,eAAgB,SAAQ,IAAI,UAAU,eAAe;AACzD,UAAQ,KAAK,QAAQ,KAAK,SAAS;;AAErC,yBAAwB;AACtB,iBAAe;AACf,MAAI,gBAAiB,SAAQ,IAAI,WAAW,gBAAgB;AAC5D,UAAQ,KAAK,QAAQ,KAAK,UAAU;;AAEtC,SAAQ,GAAG,UAAU,eAAe;AACpC,SAAQ,GAAG,WAAW,gBAAgB;AAGtC,SAAQ,GAAG,QAAQ,aAAa;;AAuClC,SAAS,aAAqB;AAC5B,QAAO,KAAK,KAAK,MAAM,SAAS,oBAAoB;;AAGtD,eAAe,aAAkC;CAC/C,IAAIC;AACJ,KAAI;AACF,QAAM,MAAM,GAAG,SAAS,YAAY,EAAE,OAAO;UACtC,KAAK;AACZ,MAAK,IAA8B,SAAS,SAC1C,QAAO,EAAE,SAAS,EAAE,EAAE;AAExB,SAAO,EAAE,SAAS,EAAE,EAAE;;AAExB,KAAI;EACF,MAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,MAAI,CAAC,UAAU,CAAC,MAAM,QAAQ,OAAO,QAAQ,CAAE,QAAO,EAAE,SAAS,EAAE,EAAE;EACrE,MAAMC,UAA8B,EAAE;AACtC,OAAK,MAAM,KAAK,OAAO,QACrB,KACE,KACA,OAAO,MAAM,YACb,OAAQ,EAAkB,aAAa,YACvC,OAAQ,EAAkB,eAAe,SAEzC,SAAQ,KAAK;GACX,UAAW,EAAkB;GAC7B,YAAa,EAAkB;GAChC,CAAC;AAGN,SAAO,EAAE,SAAS,SAAS;SACrB;AAEN,SAAO,EAAE,SAAS,EAAE,EAAE;;;;;;;;;;;;;;;AAgB1B,IAAIC,eAA8B,QAAQ,SAAS;;;;;AAMnD,SAAgB,iBAAiB,UAAiC;CAChE,MAAM,OAAO,aAAa,KAAK,YAAY;AACzC,QAAM,GAAG,MAAM,MAAM,SAAS,EAAE,WAAW,MAAM,CAAC;EAIlD,MAAM,YAHU,MAAM,YAAY,EAGT,QAAQ,QAAQ,MAAM,EAAE,aAAa,SAAS;AACvE,WAAS,KAAK;GAAE;GAAU,YAAY,KAAK,KAAK;GAAE,CAAC;EAEnD,MAAM,MAAM,KAAK,KAAK;EAItB,MAAMC,SAAqB,EAAE,SAHd,SACZ,QAAQ,MAAM,MAAM,EAAE,aAAa,kBAAkB,CACrD,MAAM,CAAC,mBAAmB,EACiB;EAM9C,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,QAAQ,IAAI,GAAG,YAAY,EAAE,CAAC,SAC/D,MACD;AACD,MAAI;AACF,SAAM,uBAAuB,KAAK,KAAK,UAAU,QAAQ,MAAM,EAAE,CAAC;AAClE,SAAM,GAAG,OAAO,KAAK,YAAY,CAAC;WAC3B,KAAK;AAEZ,SAAM,GAAG,OAAO,IAAI,CAAC,YAAY,GAAG;AACpC,SAAM;;GAER;AAIF,gBAAe,KAAK,YAAY,OAAU;AAC1C,QAAO;;AAGT,SAAS,WAAW,KAAsB;AACxC,KAAI,CAAC,OAAO,UAAU,IAAI,IAAI,OAAO,EAAG,QAAO;AAC/C,KAAI;AACF,UAAQ,KAAK,KAAK,EAAE;AACpB,SAAO;UACA,KAAK;AAIZ,MAHc,IAA8B,SAG/B,QAAS,QAAO;AAC7B,SAAO;;;;;;;;;;;;;;;AAgBX,eAAsB,4BAA2C;CAC/D,MAAM,SAAS,MAAM,YAAY;AACjC,KAAI,OAAO,QAAQ,WAAW,EAAG;CACjC,MAAM,cAAc,iBAAiB;AACrC,MAAK,MAAM,SAAS,OAAO,SAAS;EAClC,MAAM,SAAS,KAAK,KAAK,MAAM,UAAU,QAAQ,mBAAmB;EACpE,IAAIC;AACJ,MAAI;AACF,WAAQ,MAAM,GAAG,QAAQ,OAAO;UAC1B;AACN;;AAEF,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,IAAI,qBAAqB,KAAK,KAAK;AACzC,OAAI,CAAC,EAAG;GACR,MAAM,MAAM,OAAO,SAAS,EAAE,IAAI,GAAG;GACrC,MAAM,OAAO,EAAE;AAEf,OADe,WAAW,IAAI,IAAI,SAAS,YAC/B;GAEZ,MAAM,UAAU,KAAK,KAAK,QAAQ,KAAK;GACvC,MAAM,SAAS,UAAU,IAAI,GAAG,KAAK,GAAG,EAAE;AAC1C,OAAI;AAMF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAY;KAAU;KAAW;KAAQ,EAChE;KAAE,OAAO;KAAU,SAAS;KAAQ,aAAa;KAAM,CACxD;WACK;AAGR,OAAI;AACF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAU;KAAM;KAAO,EAC9C;KAAE,OAAO;KAAU,SAAS;KAAO,aAAa;KAAM,CACvD;WACK;AAGR,OAAI;AACF,UAAM,GAAG,GAAG,SAAS;KAAE,WAAW;KAAM,OAAO;KAAM,CAAC;WAChD"}
+{"version":3,"file":"lifecycle-NQRdfY1u.js","names":["_instanceUuid: string | null","_activeRegistry: WorktreeRegistry | null","_exitHandler: (() => void) | null","_sigintHandler: (() => void) | null","_sigtermHandler: (() => void) | null","raw: string","cleaned: Array<LedgerEntry>","_ledgerChain: Promise<void>","ledger: LedgerFile","names: Array<string>"],"sources":["../src/lib/worker-agent/lifecycle.ts"],"sourcesContent":["/**\n * Lifecycle plumbing for worker worktrees: in-memory registry, signal\n * handlers, ledger of repos touched, and the boot-time PID+instance\n * safety net.\n *\n * Plan: see `plans/we-have-added-a-dreamy-tide.md` (\"Worktree mode\" →\n * \"Cleanup paths\"). Three layers cooperate, none of them sufficient\n * alone:\n *\n *   1. Per-call cleanup (`engine.ts` finally block invoking\n *      `WorktreeHandle.remove()`) — covers the happy path.\n *\n *   2. Session-end signal sweep (this file, registered via\n *      `registerExitHandlers`) — covers Ctrl+C, service-manager stop,\n *      and (in `github-router claude` mode) the spawned child's exit.\n *      Synchronous `execFileSync` is intentional: exit handlers can't\n *      reliably await async work.\n *\n *   3. Boot-time PID+instance sweep (`sweepStaleWorktreesAtBoot`) —\n *      covers SIGKILL, OOM, container restart. Walks the ledger of\n *      repos this proxy has touched and removes worktree dirs whose\n *      `<pid>` is dead OR whose `<instance>` UUID doesn't match the\n *      current proxy's UUID.\n *\n * Ledger writes are ATOMIC (temp + rename) per peer review — a\n * concurrent-RMW corruption would silently strand worktrees because\n * the boot sweep can't find their repo roots.\n */\n\nimport { execFileSync } from \"node:child_process\"\nimport { randomBytes, randomUUID } from \"node:crypto\"\nimport fs from \"node:fs/promises\"\nimport path from \"node:path\"\nimport process from \"node:process\"\n\nimport { PATHS, writeRuntimeFileSecure } from \"../paths\"\n\n/**\n * Same regex worktree.ts uses for its per-call age sweep — kept in\n * sync intentionally. `<pid>-<uuid>-<8hex>` strictly.\n */\nconst WORKTREE_DIR_NAME_RE =\n  /^(\\d+)-([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})-([0-9a-f]{8})$/\n\n/**\n * Cap on the ledger: how many repos we remember across boots, and how\n * old an entry may be before it's pruned. Both are belt-and-suspenders\n * — the per-call age sweep is the primary guard against accumulation\n * inside any single repo.\n */\nconst LEDGER_MAX_ENTRIES = 100\nconst LEDGER_MAX_AGE_MS = 30 * 24 * 60 * 60 * 1000\n\nexport interface WorktreeRegistryEntry {\n  repoRoot: string\n  dir: string\n  branch: string\n}\n\n/**\n * Set-like in-memory registry of worktrees this proxy created. Engine\n * passes it to `createWorktree` so per-call cleanup deletes the entry\n * on success; the signal handlers walk what's left at shutdown.\n *\n * Not a bare `Set` because we want to expose only the operations we\n * actually use, and we want a stable testable surface.\n */\nexport class WorktreeRegistry {\n  private readonly entries = new Set<WorktreeRegistryEntry>()\n\n  add(entry: WorktreeRegistryEntry): void {\n    this.entries.add(entry)\n  }\n  delete(entry: WorktreeRegistryEntry): void {\n    this.entries.delete(entry)\n  }\n  has(entry: WorktreeRegistryEntry): boolean {\n    return this.entries.has(entry)\n  }\n  values(): IterableIterator<WorktreeRegistryEntry> {\n    return this.entries.values()\n  }\n  get size(): number {\n    return this.entries.size\n  }\n  clear(): void {\n    this.entries.clear()\n  }\n}\n\n// ---------------------------------------------------------------------\n// Per-launch instance UUID\n// ---------------------------------------------------------------------\n\nlet _instanceUuid: string | null = null\n\n/**\n * Stable UUID4 generated once per proxy process. Used in worktree\n * dir/branch names so the boot sweep can reliably distinguish \"this\n * proxy's still-live worktrees\" from \"stranded dirs from a prior\n * proxy that happens to have a recycled PID\" — Docker PID-1 across\n * container restarts is the classic case (peer-review HIGH finding).\n */\nexport function getInstanceUuid(): string {\n  if (_instanceUuid === null) {\n    _instanceUuid = randomUUID()\n  }\n  return _instanceUuid\n}\n\n/** Test-only: reset the cached UUID. */\nexport function __resetInstanceUuidForTests(): void {\n  _instanceUuid = null\n}\n\n// ---------------------------------------------------------------------\n// Signal handlers + sweepRegistry\n// ---------------------------------------------------------------------\n\nlet _registered = false\nlet _activeRegistry: WorktreeRegistry | null = null\nlet _exitHandler: (() => void) | null = null\nlet _sigintHandler: (() => void) | null = null\nlet _sigtermHandler: (() => void) | null = null\n\n/**\n * Synchronous cleanup of every registry entry. Best-effort:\n * `execFileSync` failures are swallowed (the dir may have been\n * removed already, or git may not be on PATH any more in some\n * environments). After a successful removal we drop the entry from\n * the registry so a second call is a true no-op.\n *\n * Synchronous on purpose — exit handlers can't reliably await async\n * work; the process would die before the promise settled.\n */\nexport function sweepRegistry(): void {\n  if (!_activeRegistry) return\n  // Snapshot the values first so we can mutate the underlying set\n  // during iteration without skipping entries.\n  const snapshot = [..._activeRegistry.values()]\n  for (const entry of snapshot) {\n    try {\n      // `-C entry.repoRoot` is load-bearing: without it git resolves\n      // the worktree path relative to the proxy's cwd (which is the\n      // user's launch dir, typically NOT inside the target repo), and\n      // fails with `fatal: '<path>' is not a working tree`. The E2E\n      // boot-sweep test (worker-agent-boot-sweep.test.ts) is what\n      // caught the missing flag.\n      execFileSync(\n        \"git\",\n        [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", entry.dir],\n        { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n      )\n    } catch {\n      // Already gone, EBUSY, or git not on PATH — best effort.\n    }\n    try {\n      execFileSync(\"git\", [\"-C\", entry.repoRoot, \"branch\", \"-D\", entry.branch], {\n        stdio: \"ignore\",\n        timeout: 5_000,\n        windowsHide: true,\n      })\n    } catch {\n      // Same as above.\n    }\n    _activeRegistry.delete(entry)\n  }\n}\n\n/**\n * Windows ConPTY / node-pty signal behavior:\n *\n * When a ConPTY host (VS Code terminal, Windows Terminal, node-pty) closes\n * the pseudo-console, the ConPTY layer sends CTRL_CLOSE_EVENT to the\n * process group. Node.js translates this into SIGINT (NOT SIGTERM). The\n * process has a ~5-second window before forced termination.\n *\n * Implication: the SIGTERM handler below may NEVER fire in node-pty\n * environments. This is by design — the three-layer cleanup architecture\n * ensures coverage:\n *   1. Per-call cleanup (engine.ts finally block) — happy path\n *   2. SIGINT handler (this file) — ConPTY close, Ctrl+C\n *   3. `exit` handler (this file) — unconditional, fires on any exit\n *   4. Boot-time PID+instance sweep (sweepStaleWorktreesAtBoot) — crash recovery\n *\n * Layers 1+2+3 cover ConPTY; layer 4 covers SIGKILL/OOM/container restart.\n */\n\n/**\n * Wire up SIGINT/SIGTERM/exit handlers that walk the registry and\n * remove every entry. Idempotent: subsequent calls swap the registry\n * pointer but do NOT register additional process listeners (otherwise\n * we'd leak listeners on every `runWorkerAgent`).\n *\n * Signal handlers re-raise the signal after sweeping. Naively running\n * the sweep on SIGINT/SIGTERM and returning would *suppress* the\n * signal: Node defaults to terminating the process on these, but only\n * if no user listener is attached. Once we attach a listener, the\n * default action is cancelled and the process keeps running — which\n * means Ctrl-C would clean worktrees but not actually exit, leaving\n * orphan processes in dev. The `process.kill(pid, sig)` re-raise\n * after removing our own listener restores the default behaviour\n * (the second delivery now hits an empty listener list, so Node\n * terminates with the conventional `128 + signum` exit code).\n */\nexport function registerExitHandlers(registry: WorktreeRegistry): void {\n  _activeRegistry = registry\n  if (_registered) return\n  _registered = true\n  _exitHandler = () => sweepRegistry()\n  _sigintHandler = () => {\n    sweepRegistry()\n    if (_sigintHandler) process.off(\"SIGINT\", _sigintHandler)\n    process.kill(process.pid, \"SIGINT\")\n  }\n  _sigtermHandler = () => {\n    sweepRegistry()\n    if (_sigtermHandler) process.off(\"SIGTERM\", _sigtermHandler)\n    process.kill(process.pid, \"SIGTERM\")\n  }\n  process.on(\"SIGINT\", _sigintHandler)\n  process.on(\"SIGTERM\", _sigtermHandler)\n  // `exit` handlers can only run synchronous code — exactly what\n  // sweepRegistry does. Async work here would never complete.\n  process.on(\"exit\", _exitHandler)\n}\n\n/**\n * Test-only: unregister the handlers and reset module state. Tests\n * that want to verify `registerExitHandlers` semantics must clean up\n * after themselves or future tests in the same process inherit the\n * (now stale) registry pointer.\n */\nexport function __unregisterExitHandlersForTests(): void {\n  if (_sigintHandler) {\n    process.off(\"SIGINT\", _sigintHandler)\n    _sigintHandler = null\n  }\n  if (_sigtermHandler) {\n    process.off(\"SIGTERM\", _sigtermHandler)\n    _sigtermHandler = null\n  }\n  if (_exitHandler) {\n    process.off(\"exit\", _exitHandler)\n    _exitHandler = null\n  }\n  _registered = false\n  _activeRegistry = null\n}\n\n// ---------------------------------------------------------------------\n// Ledger: which repos has this proxy touched?\n// ---------------------------------------------------------------------\n\ninterface LedgerEntry {\n  repoRoot: string\n  lastSeenMs: number\n}\n\ninterface LedgerFile {\n  entries: Array<LedgerEntry>\n}\n\nfunction ledgerPath(): string {\n  return path.join(PATHS.APP_DIR, \"worker-repos.json\")\n}\n\nasync function readLedger(): Promise<LedgerFile> {\n  let raw: string\n  try {\n    raw = await fs.readFile(ledgerPath(), \"utf8\")\n  } catch (err) {\n    if ((err as NodeJS.ErrnoException).code === \"ENOENT\") {\n      return { entries: [] }\n    }\n    return { entries: [] }\n  }\n  try {\n    const parsed = JSON.parse(raw) as Partial<LedgerFile>\n    if (!parsed || !Array.isArray(parsed.entries)) return { entries: [] }\n    const cleaned: Array<LedgerEntry> = []\n    for (const e of parsed.entries) {\n      if (\n        e &&\n        typeof e === \"object\" &&\n        typeof (e as LedgerEntry).repoRoot === \"string\" &&\n        typeof (e as LedgerEntry).lastSeenMs === \"number\"\n      ) {\n        cleaned.push({\n          repoRoot: (e as LedgerEntry).repoRoot,\n          lastSeenMs: (e as LedgerEntry).lastSeenMs,\n        })\n      }\n    }\n    return { entries: cleaned }\n  } catch {\n    // Corrupted JSON — start fresh rather than crashing the proxy.\n    return { entries: [] }\n  }\n}\n\n/**\n * Per-process serializer for ledger writes. Multiple concurrent\n * `recordWorkerRepo` calls (legitimate: several workers may start at\n * once) would otherwise race read-modify-write on the JSON file. Each\n * call chains onto the previous so the on-disk sequence is\n * deterministic from this process's perspective.\n *\n * Cross-process safety is provided by the atomic temp+rename below,\n * which makes the final state of the file always be a well-formed\n * full snapshot from ONE writer — never a partial write or\n * interleaved JSON.\n */\nlet _ledgerChain: Promise<void> = Promise.resolve()\n\n/**\n * Append `repoRoot` to the ledger (or update its `lastSeenMs`).\n * Atomic temp+rename per peer review.\n */\nexport function recordWorkerRepo(repoRoot: string): Promise<void> {\n  const next = _ledgerChain.then(async () => {\n    await fs.mkdir(PATHS.APP_DIR, { recursive: true })\n    const current = await readLedger()\n    // Dedup: drop any existing entry for this root before appending\n    // the fresh one so the array doesn't grow unbounded with repeats.\n    const filtered = current.entries.filter((e) => e.repoRoot !== repoRoot)\n    filtered.push({ repoRoot, lastSeenMs: Date.now() })\n    // Prune by age and cap entry count (newest wins).\n    const now = Date.now()\n    const pruned = filtered\n      .filter((e) => now - e.lastSeenMs < LEDGER_MAX_AGE_MS)\n      .slice(-LEDGER_MAX_ENTRIES)\n    const ledger: LedgerFile = { entries: pruned }\n\n    // Atomic temp+rename. The temp filename is unique per call\n    // (PID + 8 random hex chars) so concurrent processes don't\n    // collide on the temp name; the final `rename` is atomic on\n    // POSIX and on Windows (both with same filesystem).\n    const tmp = `${ledgerPath()}.tmp.${process.pid}.${randomBytes(4).toString(\n      \"hex\",\n    )}`\n    try {\n      await writeRuntimeFileSecure(tmp, JSON.stringify(ledger, null, 2))\n      await fs.rename(tmp, ledgerPath())\n    } catch (err) {\n      // Clean up the temp file if rename failed midway.\n      await fs.unlink(tmp).catch(() => {})\n      throw err\n    }\n  })\n  // Swallow chain-internal errors so one failed write doesn't poison\n  // the chain for every subsequent caller. Each call still sees its\n  // own rejection (we return `next`, not the catch-handler chain).\n  _ledgerChain = next.catch(() => undefined)\n  return next\n}\n\nfunction isPidAlive(pid: number): boolean {\n  if (!Number.isInteger(pid) || pid <= 0) return false\n  try {\n    process.kill(pid, 0)\n    return true\n  } catch (err) {\n    const code = (err as NodeJS.ErrnoException).code\n    // EPERM = process exists but we can't signal it — still alive\n    // for our purposes (we just need to know whether to clean up).\n    if (code === \"EPERM\") return true\n    return false\n  }\n}\n\n/**\n * Boot-time sweep. For every repo we recorded in the ledger,\n * enumerate `<repoRoot>/.git/worker-worktrees/` (the conventional\n * location — for repos already inside a worktree, the actual\n * `git-common-dir` may differ, in which case we'll miss this batch\n * and the per-call age sweep will catch them within 7 days) and\n * remove dirs that aren't owned by THIS proxy.\n *\n * Ownership rule: dir is \"ours\" iff its embedded PID is alive AND\n * its embedded UUID equals `getInstanceUuid()`. Either condition\n * failing → remove.\n */\nexport async function sweepStaleWorktreesAtBoot(): Promise<void> {\n  const ledger = await readLedger()\n  if (ledger.entries.length === 0) return\n  const currentUuid = getInstanceUuid()\n  for (const entry of ledger.entries) {\n    const parent = path.join(entry.repoRoot, \".git\", \"worker-worktrees\")\n    let names: Array<string>\n    try {\n      names = await fs.readdir(parent)\n    } catch {\n      continue\n    }\n    for (const name of names) {\n      const m = WORKTREE_DIR_NAME_RE.exec(name)\n      if (!m) continue\n      const pid = Number.parseInt(m[1], 10)\n      const uuid = m[2]\n      const isOurs = isPidAlive(pid) && uuid === currentUuid\n      if (isOurs) continue\n\n      const fullDir = path.join(parent, name)\n      const branch = `worker/${pid}-${uuid}-${m[3]}`\n      try {\n        // `-C entry.repoRoot` is load-bearing here too — see the\n        // matching comment in `sweepRegistry`. The boot sweep runs\n        // BEFORE any worker tool has set cwd, so the proxy's cwd is\n        // the user's launch dir, which is almost never inside the\n        // target repo.\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"worktree\", \"remove\", \"--force\", fullDir],\n          { stdio: \"ignore\", timeout: 10_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        execFileSync(\n          \"git\",\n          [\"-C\", entry.repoRoot, \"branch\", \"-D\", branch],\n          { stdio: \"ignore\", timeout: 5_000, windowsHide: true },\n        )\n      } catch {\n        // ignore\n      }\n      try {\n        await fs.rm(fullDir, { recursive: true, force: true })\n      } catch {\n        // ignore — git may have removed it already\n      }\n    }\n  }\n}\n\n/** Test-only: clear the ledger file (does NOT remove on-disk worktrees). */\nexport async function __clearLedgerForTests(): Promise<void> {\n  await fs.unlink(ledgerPath()).catch(() => {})\n}\n\n/** Test-only: read the ledger as a plain array (no side effects). */\nexport async function __readLedgerForTests(): Promise<Array<LedgerEntry>> {\n  return (await readLedger()).entries\n}\n"],"mappings":";;;;;;;;;;;;AAyCA,MAAM,uBACJ;;;;;;;AAQF,MAAM,qBAAqB;AAC3B,MAAM,oBAAoB,MAAU,KAAK,KAAK;;;;;;;;;AAgB9C,IAAa,mBAAb,MAA8B;CAC5B,AAAiB,0BAAU,IAAI,KAA4B;CAE3D,IAAI,OAAoC;AACtC,OAAK,QAAQ,IAAI,MAAM;;CAEzB,OAAO,OAAoC;AACzC,OAAK,QAAQ,OAAO,MAAM;;CAE5B,IAAI,OAAuC;AACzC,SAAO,KAAK,QAAQ,IAAI,MAAM;;CAEhC,SAAkD;AAChD,SAAO,KAAK,QAAQ,QAAQ;;CAE9B,IAAI,OAAe;AACjB,SAAO,KAAK,QAAQ;;CAEtB,QAAc;AACZ,OAAK,QAAQ,OAAO;;;AAQxB,IAAIA,gBAA+B;;;;;;;;AASnC,SAAgB,kBAA0B;AACxC,KAAI,kBAAkB,KACpB,iBAAgB,YAAY;AAE9B,QAAO;;AAYT,IAAI,cAAc;AAClB,IAAIC,kBAA2C;AAC/C,IAAIC,eAAoC;AACxC,IAAIC,iBAAsC;AAC1C,IAAIC,kBAAuC;;;;;;;;;;;AAY3C,SAAgB,gBAAsB;AACpC,KAAI,CAAC,gBAAiB;CAGtB,MAAM,WAAW,CAAC,GAAG,gBAAgB,QAAQ,CAAC;AAC9C,MAAK,MAAM,SAAS,UAAU;AAC5B,MAAI;AAOF,gBACE,OACA;IAAC;IAAM,MAAM;IAAU;IAAY;IAAU;IAAW,MAAM;IAAI,EAClE;IAAE,OAAO;IAAU,SAAS;IAAQ,aAAa;IAAM,CACxD;UACK;AAGR,MAAI;AACF,gBAAa,OAAO;IAAC;IAAM,MAAM;IAAU;IAAU;IAAM,MAAM;IAAO,EAAE;IACxE,OAAO;IACP,SAAS;IACT,aAAa;IACd,CAAC;UACI;AAGR,kBAAgB,OAAO,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwCjC,SAAgB,qBAAqB,UAAkC;AACrE,mBAAkB;AAClB,KAAI,YAAa;AACjB,eAAc;AACd,sBAAqB,eAAe;AACpC,wBAAuB;AACrB,iBAAe;AACf,MAAI,eAAgB,SAAQ,IAAI,UAAU,eAAe;AACzD,UAAQ,KAAK,QAAQ,KAAK,SAAS;;AAErC,yBAAwB;AACtB,iBAAe;AACf,MAAI,gBAAiB,SAAQ,IAAI,WAAW,gBAAgB;AAC5D,UAAQ,KAAK,QAAQ,KAAK,UAAU;;AAEtC,SAAQ,GAAG,UAAU,eAAe;AACpC,SAAQ,GAAG,WAAW,gBAAgB;AAGtC,SAAQ,GAAG,QAAQ,aAAa;;AAuClC,SAAS,aAAqB;AAC5B,QAAO,KAAK,KAAK,MAAM,SAAS,oBAAoB;;AAGtD,eAAe,aAAkC;CAC/C,IAAIC;AACJ,KAAI;AACF,QAAM,MAAM,GAAG,SAAS,YAAY,EAAE,OAAO;UACtC,KAAK;AACZ,MAAK,IAA8B,SAAS,SAC1C,QAAO,EAAE,SAAS,EAAE,EAAE;AAExB,SAAO,EAAE,SAAS,EAAE,EAAE;;AAExB,KAAI;EACF,MAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,MAAI,CAAC,UAAU,CAAC,MAAM,QAAQ,OAAO,QAAQ,CAAE,QAAO,EAAE,SAAS,EAAE,EAAE;EACrE,MAAMC,UAA8B,EAAE;AACtC,OAAK,MAAM,KAAK,OAAO,QACrB,KACE,KACA,OAAO,MAAM,YACb,OAAQ,EAAkB,aAAa,YACvC,OAAQ,EAAkB,eAAe,SAEzC,SAAQ,KAAK;GACX,UAAW,EAAkB;GAC7B,YAAa,EAAkB;GAChC,CAAC;AAGN,SAAO,EAAE,SAAS,SAAS;SACrB;AAEN,SAAO,EAAE,SAAS,EAAE,EAAE;;;;;;;;;;;;;;;AAgB1B,IAAIC,eAA8B,QAAQ,SAAS;;;;;AAMnD,SAAgB,iBAAiB,UAAiC;CAChE,MAAM,OAAO,aAAa,KAAK,YAAY;AACzC,QAAM,GAAG,MAAM,MAAM,SAAS,EAAE,WAAW,MAAM,CAAC;EAIlD,MAAM,YAHU,MAAM,YAAY,EAGT,QAAQ,QAAQ,MAAM,EAAE,aAAa,SAAS;AACvE,WAAS,KAAK;GAAE;GAAU,YAAY,KAAK,KAAK;GAAE,CAAC;EAEnD,MAAM,MAAM,KAAK,KAAK;EAItB,MAAMC,SAAqB,EAAE,SAHd,SACZ,QAAQ,MAAM,MAAM,EAAE,aAAa,kBAAkB,CACrD,MAAM,CAAC,mBAAmB,EACiB;EAM9C,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,QAAQ,IAAI,GAAG,YAAY,EAAE,CAAC,SAC/D,MACD;AACD,MAAI;AACF,SAAM,uBAAuB,KAAK,KAAK,UAAU,QAAQ,MAAM,EAAE,CAAC;AAClE,SAAM,GAAG,OAAO,KAAK,YAAY,CAAC;WAC3B,KAAK;AAEZ,SAAM,GAAG,OAAO,IAAI,CAAC,YAAY,GAAG;AACpC,SAAM;;GAER;AAIF,gBAAe,KAAK,YAAY,OAAU;AAC1C,QAAO;;AAGT,SAAS,WAAW,KAAsB;AACxC,KAAI,CAAC,OAAO,UAAU,IAAI,IAAI,OAAO,EAAG,QAAO;AAC/C,KAAI;AACF,UAAQ,KAAK,KAAK,EAAE;AACpB,SAAO;UACA,KAAK;AAIZ,MAHc,IAA8B,SAG/B,QAAS,QAAO;AAC7B,SAAO;;;;;;;;;;;;;;;AAgBX,eAAsB,4BAA2C;CAC/D,MAAM,SAAS,MAAM,YAAY;AACjC,KAAI,OAAO,QAAQ,WAAW,EAAG;CACjC,MAAM,cAAc,iBAAiB;AACrC,MAAK,MAAM,SAAS,OAAO,SAAS;EAClC,MAAM,SAAS,KAAK,KAAK,MAAM,UAAU,QAAQ,mBAAmB;EACpE,IAAIC;AACJ,MAAI;AACF,WAAQ,MAAM,GAAG,QAAQ,OAAO;UAC1B;AACN;;AAEF,OAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,IAAI,qBAAqB,KAAK,KAAK;AACzC,OAAI,CAAC,EAAG;GACR,MAAM,MAAM,OAAO,SAAS,EAAE,IAAI,GAAG;GACrC,MAAM,OAAO,EAAE;AAEf,OADe,WAAW,IAAI,IAAI,SAAS,YAC/B;GAEZ,MAAM,UAAU,KAAK,KAAK,QAAQ,KAAK;GACvC,MAAM,SAAS,UAAU,IAAI,GAAG,KAAK,GAAG,EAAE;AAC1C,OAAI;AAMF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAY;KAAU;KAAW;KAAQ,EAChE;KAAE,OAAO;KAAU,SAAS;KAAQ,aAAa;KAAM,CACxD;WACK;AAGR,OAAI;AACF,iBACE,OACA;KAAC;KAAM,MAAM;KAAU;KAAU;KAAM;KAAO,EAC9C;KAAE,OAAO;KAAU,SAAS;KAAO,aAAa;KAAM,CACvD;WACK;AAGR,OAAI;AACF,UAAM,GAAG,GAAG,SAAS;KAAE,WAAW;KAAM,OAAO;KAAM,CAAC;WAChD"}