heyio 0.42.0 → 1.0.0

package/dist/auth/session-logic.test.js

@@ -1,201 +0,0 @@
-/**
- * Auth session handling regression tests — Supabase JS v2 integration decisions.
- *
- * These tests guard the behavioral decisions made across four consecutive auth
- * patches (#189→#192→#194→#196) that fixed undocumented Supabase JS v2 side-
- * effects. They test the logic extracted into src/auth/session-logic.ts, which
- * mirrors the implementation in web/src/stores/auth.ts.
- *
- * If auth store logic changes, update session-logic.ts to match AND verify
- * these tests still pass.
- */
-import { describe, it } from "node:test";
-import assert from "node:assert/strict";
-import { handleAuthStateChange, getAccessToken, } from "./session-logic.js";
-// ── Helpers ───────────────────────────────────────────────────────────────────
-function makeSession(overrides = {}) {
-    return {
-        access_token: "tok-abc",
-        expires_at: Math.floor(Date.now() / 1000) + 3600, // 1 hour from now
-        user: { id: "user-1" },
-        ...overrides,
-    };
-}
-const neverCalled = async () => {
-    throw new Error("refresh should not have been called");
-};
-// Use a fixed epoch (multiple of 1000ms) for deterministic boundary tests.
-// T = 1_000_000_000_000ms (epoch seconds = 1_000_000_000)
-const FIXED_NOW_MS = 1_000_000_000_000;
-const FIXED_NOW_S = FIXED_NOW_MS / 1000; // 1_000_000_000
-// ── onAuthStateChange session caching ────────────────────────────────────────
-describe("handleAuthStateChange — onAuthStateChange caching rules", () => {
-    it("accepts a valid session on SIGNED_IN", () => {
-        const s = makeSession();
-        const result = handleAuthStateChange(null, "SIGNED_IN", s);
-        assert.deepEqual(result, s);
-    });
-    it("accepts a valid session on INITIAL_SESSION", () => {
-        const s = makeSession();
-        const result = handleAuthStateChange(null, "INITIAL_SESSION", s);
-        assert.deepEqual(result, s);
-    });
-    it("accepts a valid session on TOKEN_REFRESHED", () => {
-        const old = makeSession({ access_token: "tok-old" });
-        const fresh = makeSession({ access_token: "tok-new" });
-        const result = handleAuthStateChange(old, "TOKEN_REFRESHED", fresh);
-        assert.equal(result?.access_token, "tok-new");
-    });
-    // Critical regression: SIGNED_OUT is the ONLY event that clears the cache.
-    it("clears session on SIGNED_OUT with null session", () => {
-        const s = makeSession();
-        const result = handleAuthStateChange(s, "SIGNED_OUT", null);
-        assert.equal(result, null);
-    });
-    // Critical regression: internal null-session events must NOT poison the cache.
-    it("does NOT clear session on TOKEN_REFRESHED with null — keeps existing cache", () => {
-        const cached = makeSession({ access_token: "tok-valid" });
-        const result = handleAuthStateChange(cached, "TOKEN_REFRESHED", null);
-        assert.equal(result?.access_token, "tok-valid");
-    });
-    it("does NOT clear session on INITIAL_SESSION with null — keeps existing cache", () => {
-        const cached = makeSession({ access_token: "tok-valid" });
-        const result = handleAuthStateChange(cached, "INITIAL_SESSION", null);
-        assert.equal(result?.access_token, "tok-valid");
-    });
-    it("does NOT clear session on USER_UPDATED with null — keeps existing cache", () => {
-        const cached = makeSession({ access_token: "tok-valid" });
-        const result = handleAuthStateChange(cached, "USER_UPDATED", null);
-        assert.equal(result?.access_token, "tok-valid");
-    });
-    it("returns null when cache is already null and null-session event fires", () => {
-        const result = handleAuthStateChange(null, "TOKEN_REFRESHED", null);
-        assert.equal(result, null);
-    });
-    it("null-session SIGNED_OUT with no prior cache stays null", () => {
-        const result = handleAuthStateChange(null, "SIGNED_OUT", null);
-        assert.equal(result, null);
-    });
-});
-// ── getAccessToken — cached session path ─────────────────────────────────────
-describe("getAccessToken — reads from cached session", () => {
-    it("returns cached access token when session is valid and not near expiry", async () => {
-        const session = makeSession({ access_token: "tok-valid" });
-        const token = await getAccessToken(session, true, neverCalled);
-        assert.equal(token, "tok-valid");
-    });
-    it("returns null when auth is disabled and cache is null", async () => {
-        const token = await getAccessToken(null, false, neverCalled);
-        assert.equal(token, null);
-    });
-});
-// ── getAccessToken — proactive refresh near expiry ───────────────────────────
-describe("getAccessToken — proactive refresh within 30s of expiry", () => {
-    it("calls refresh and returns new token when within 30s of expiry", async () => {
-        // Session expires in 25 seconds (within 30s threshold)
-        const session = makeSession({
-            access_token: "tok-expiring",
-            expires_at: Math.floor(Date.now() / 1000) + 25,
-        });
-        const freshSession = makeSession({ access_token: "tok-fresh" });
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return freshSession; };
-        const token = await getAccessToken(session, true, refresh);
-        assert.equal(refreshCalled, true);
-        assert.equal(token, "tok-fresh");
-    });
-    it("does NOT call refresh when expiry is more than 30s away", async () => {
-        const session = makeSession({
-            access_token: "tok-valid",
-            expires_at: Math.floor(Date.now() / 1000) + 60, // 60s away
-        });
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return null; };
-        const token = await getAccessToken(session, true, refresh);
-        assert.equal(refreshCalled, false);
-        assert.equal(token, "tok-valid");
-    });
-    it("falls back to cached token if refresh throws near expiry", async () => {
-        const session = makeSession({
-            access_token: "tok-expiring",
-            expires_at: Math.floor(Date.now() / 1000) + 10,
-        });
-        const refresh = async () => { throw new Error("network error"); };
-        const token = await getAccessToken(session, true, refresh);
-        assert.equal(token, "tok-expiring");
-    });
-    it("falls back to cached token if refresh returns null near expiry", async () => {
-        const session = makeSession({
-            access_token: "tok-expiring",
-            expires_at: Math.floor(Date.now() / 1000) + 10,
-        });
-        const refresh = async () => null;
-        const token = await getAccessToken(session, true, refresh);
-        assert.equal(token, "tok-expiring");
-    });
-    // Boundary: expires_at * 1000 - now == 30_000 is NOT < 30_000, so no refresh.
-    // Use FIXED_NOW_MS (exact multiple of 1000) to avoid floor-truncation artifacts.
-    it("does NOT refresh when exactly 30s remain (boundary is exclusive)", async () => {
-        const session = makeSession({
-            access_token: "tok-boundary",
-            expires_at: FIXED_NOW_S + 30, // exactly 30_000ms away from FIXED_NOW_MS
-        });
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return null; };
-        const token = await getAccessToken(session, true, refresh, () => FIXED_NOW_MS);
-        assert.equal(refreshCalled, false);
-        assert.equal(token, "tok-boundary");
-    });
-    // Boundary: expires_at * 1000 - now == 29_000 is < 30_000, so refresh fires.
-    it("refreshes when 29s remain (1s inside the 30s window)", async () => {
-        const freshSession = makeSession({ access_token: "tok-refreshed" });
-        const session = makeSession({
-            access_token: "tok-boundary",
-            expires_at: FIXED_NOW_S + 29, // 29_000ms away — within threshold
-        });
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return freshSession; };
-        const token = await getAccessToken(session, true, refresh, () => FIXED_NOW_MS);
-        assert.equal(refreshCalled, true);
-        assert.equal(token, "tok-refreshed");
-    });
-});
-// ── getAccessToken — recovery fallback when cache is null ────────────────────
-describe("getAccessToken — recovery fallback when cache is null", () => {
-    it("attempts refreshSession() when cache is null and auth is enabled", async () => {
-        const freshSession = makeSession({ access_token: "tok-recovered" });
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return freshSession; };
-        const token = await getAccessToken(null, true, refresh);
-        assert.equal(refreshCalled, true);
-        assert.equal(token, "tok-recovered");
-    });
-    it("returns null when auth is enabled but refreshSession() returns null", async () => {
-        const token = await getAccessToken(null, true, async () => null);
-        assert.equal(token, null);
-    });
-    it("returns null when auth is enabled but refreshSession() throws", async () => {
-        const refresh = async () => { throw new Error("refresh failed"); };
-        const token = await getAccessToken(null, true, refresh);
-        assert.equal(token, null);
-    });
-    it("does NOT call refreshSession() when auth is disabled", async () => {
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return null; };
-        const token = await getAccessToken(null, false, refresh);
-        assert.equal(refreshCalled, false);
-        assert.equal(token, null);
-    });
-});
-// ── getAccessToken — session without expires_at ───────────────────────────────
-describe("getAccessToken — session without expires_at", () => {
-    it("returns cached token without attempting refresh if expires_at is undefined", async () => {
-        const session = { access_token: "tok-no-expiry" };
-        let refreshCalled = false;
-        const refresh = async () => { refreshCalled = true; return null; };
-        const token = await getAccessToken(session, true, refresh);
-        assert.equal(refreshCalled, false);
-        assert.equal(token, "tok-no-expiry");
-    });
-});
-//# sourceMappingURL=session-logic.test.js.map

package/dist/copilot/auto-complete-instance.test.js

@@ -1,104 +0,0 @@
-import { describe, it, before, after } from "node:test";
-import assert from "node:assert/strict";
-import { setDbPathForTests, closeDb, getDb } from "../store/db.js";
-import { ensureInstanceTables, createInstance, getInstance } from "../store/instances.js";
-import { randomUUID } from "crypto";
-// We test the autoCompleteInstance logic by importing it directly.
-// Since it's not exported, we test indirectly via the observable side effects
-// on the DB after calling the function from agents.ts.
-// For unit testing, we extract the logic into a testable helper.
-// Actually, let's test the exported behavior by simulating what agents.ts does:
-// import the function via a re-export or test the DB state.
-// The function is module-private in agents.ts. We'll test it by creating
-// a minimal reproduction that calls the same store functions.
-import { updateInstanceStatus, mergeInstanceDecisions, logInstanceDecision, } from "../store/instances.js";
-import { createFeedEntry, listFeedEntries } from "../store/feed.js";
-describe("auto-complete instance on task done (#261)", () => {
-    const dbPath = `/tmp/test-auto-complete-${Date.now()}.db`;
-    before(() => {
-        setDbPathForTests(dbPath);
-        ensureInstanceTables();
-    });
-    after(() => {
-        closeDb();
-    });
-    function setupInstance(opts) {
-        const id = `inst-${randomUUID().slice(0, 8)}`;
-        const squadSlug = "test-squad";
-        const db = getDb();
-        // Ensure squad_decisions table exists for merge
-        db.exec(`CREATE TABLE IF NOT EXISTS squad_decisions (
-      id INTEGER PRIMARY KEY AUTOINCREMENT,
-      squad_slug TEXT NOT NULL,
-      decision TEXT NOT NULL,
-      context TEXT,
-      created_at DATETIME DEFAULT CURRENT_TIMESTAMP
-    )`);
-        createInstance({
-            id,
-            masterSquadSlug: squadSlug,
-            worktreePath: `/tmp/fake-worktree-${id}`,
-            branchName: `instance/${id}`,
-        });
-        if (opts?.status) {
-            updateInstanceStatus(id, opts.status);
-        }
-        else {
-            updateInstanceStatus(id, "active");
-        }
-        return { id, squadSlug };
-    }
-    it("auto-completes an active instance when task with instance_id finishes", () => {
-        const { id, squadSlug } = setupInstance();
-        logInstanceDecision(id, "test decision", "test context");
-        // Simulate what autoCompleteInstance does
-        const instance = getInstance(id);
-        assert.ok(instance);
-        assert.equal(instance.status, "active");
-        // Run the auto-complete logic
-        updateInstanceStatus(id, "merging");
-        const merged = mergeInstanceDecisions(id, squadSlug);
-        updateInstanceStatus(id, "done");
-        assert.equal(merged, 1);
-        const completed = getInstance(id);
-        assert.equal(completed.status, "done");
-        assert.ok(completed.completed_at);
-    });
-    it("does nothing when instance is already done", () => {
-        const { id } = setupInstance({ status: "done" });
-        const instance = getInstance(id);
-        assert.equal(instance.status, "done");
-        // autoCompleteInstance would return early — no error
-    });
-    it("does nothing when instance is already failed", () => {
-        const { id } = setupInstance({ status: "failed" });
-        const instance = getInstance(id);
-        assert.equal(instance.status, "failed");
-        // autoCompleteInstance would return early — no error
-    });
-    it("handles instance with no decisions gracefully", () => {
-        const { id, squadSlug } = setupInstance();
-        updateInstanceStatus(id, "merging");
-        const merged = mergeInstanceDecisions(id, squadSlug);
-        updateInstanceStatus(id, "done");
-        assert.equal(merged, 0);
-        const completed = getInstance(id);
-        assert.equal(completed.status, "done");
-    });
-    it("sends a notification feed entry on auto-complete", () => {
-        const { id, squadSlug } = setupInstance();
-        const beforeEntries = listFeedEntries({});
-        createFeedEntry({
-            type: "notification",
-            title: `[${squadSlug}] Instance auto-completed`,
-            body: `Instance "${id}" auto-completed after task finished. 0 decision(s) merged to master squad.`,
-            source_type: "instance-auto-complete",
-        });
-        const afterEntries = listFeedEntries({});
-        assert.equal(afterEntries.length, beforeEntries.length + 1);
-        const latest = afterEntries[0];
-        assert.ok(latest.title.includes("auto-completed"));
-        assert.ok(latest.body.includes(id));
-    });
-});
-//# sourceMappingURL=auto-complete-instance.test.js.map

package/dist/copilot/cron.js

@@ -1,136 +0,0 @@
-// Minimal standard 5-field cron parser + next-run calculator.
-//
-// Fields (in order): minute, hour, day-of-month, month, day-of-week.
-// Supported syntax per field:
-//   *           — all values
-//   N           — single value
-//   A,B,C       — list
-//   A-B         — range
-//   A-B/N or */N — step (A-B/N restricts to range; */N applies to full range)
-//
-// Day-of-week: 0 or 7 = Sunday, 1 = Monday … (standard Unix cron).
-//
-// Matching semantics: when both day-of-month and day-of-week are restricted
-// (i.e. neither is "*"), Vixie cron uses an OR between them — we follow that.
-const FIELD_RANGES = [
-    [0, 59],
-    [0, 23],
-    [1, 31],
-    [1, 12],
-    [0, 7],
-];
-function parseField(raw, [min, max]) {
-    const out = new Set();
-    for (const part of raw.split(",")) {
-        const stepMatch = part.match(/^(.+?)\/(\d+)$/);
-        const body = stepMatch ? stepMatch[1] : part;
-        const step = stepMatch ? parseInt(stepMatch[2], 10) : 1;
-        if (!(step >= 1))
-            throw new Error(`Invalid step in cron field: "${part}"`);
-        let lo, hi;
-        if (body === "*") {
-            lo = min;
-            hi = max;
-        }
-        else if (body.includes("-")) {
-            const [a, b] = body.split("-").map((n) => parseInt(n, 10));
-            if (Number.isNaN(a) || Number.isNaN(b)) {
-                throw new Error(`Invalid range in cron field: "${part}"`);
-            }
-            lo = a;
-            hi = b;
-        }
-        else {
-            const v = parseInt(body, 10);
-            if (Number.isNaN(v))
-                throw new Error(`Invalid cron field value: "${part}"`);
-            lo = v;
-            hi = v;
-        }
-        if (lo < min || hi > max || lo > hi) {
-            throw new Error(`Cron field out of range [${min}-${max}]: "${part}"`);
-        }
-        for (let v = lo; v <= hi; v += step)
-            out.add(v);
-    }
-    return out;
-}
-export function parseCron(expr) {
-    const trimmed = expr.trim().replace(/\s+/g, " ");
-    const parts = trimmed.split(" ");
-    if (parts.length !== 5) {
-        throw new Error(`Cron expression must have 5 fields (minute hour dom month dow), got ${parts.length}: "${expr}"`);
-    }
-    const [mRaw, hRaw, domRaw, monRaw, dowRaw] = parts;
-    const minutes = parseField(mRaw, FIELD_RANGES[0]);
-    const hours = parseField(hRaw, FIELD_RANGES[1]);
-    const doms = parseField(domRaw, FIELD_RANGES[2]);
-    const months = parseField(monRaw, FIELD_RANGES[3]);
-    const dowsRaw = parseField(dowRaw, FIELD_RANGES[4]);
-    const dows = new Set();
-    for (const v of dowsRaw)
-        dows.add(v === 7 ? 0 : v);
-    return {
-        minutes,
-        hours,
-        doms,
-        months,
-        dows,
-        domStar: domRaw === "*",
-        dowStar: dowRaw === "*",
-    };
-}
-/**
- * Return the next Date strictly after `after` that matches the cron expression.
- * Iterates minute-by-minute with month/day fast-forwarding. Capped at ~5
- * years lookahead to guard against unsatisfiable expressions.
- */
-export function nextRun(expr, after = new Date()) {
-    const c = typeof expr === "string" ? parseCron(expr) : expr;
-    const cursor = new Date(after.getTime());
-    cursor.setSeconds(0, 0);
-    cursor.setMinutes(cursor.getMinutes() + 1);
-    const limit = new Date(after.getTime() + 5 * 366 * 24 * 60 * 60 * 1000);
-    while (cursor <= limit) {
-        const month = cursor.getMonth() + 1;
-        if (!c.months.has(month)) {
-            cursor.setMonth(cursor.getMonth() + 1, 1);
-            cursor.setHours(0, 0, 0, 0);
-            continue;
-        }
-        const dom = cursor.getDate();
-        const dow = cursor.getDay();
-        const dayOk = c.domStar && c.dowStar
-            ? true
-            : c.domStar
-                ? c.dows.has(dow)
-                : c.dowStar
-                    ? c.doms.has(dom)
-                    : c.doms.has(dom) || c.dows.has(dow);
-        if (!dayOk) {
-            cursor.setDate(cursor.getDate() + 1);
-            cursor.setHours(0, 0, 0, 0);
-            continue;
-        }
-        if (!c.hours.has(cursor.getHours())) {
-            cursor.setHours(cursor.getHours() + 1, 0, 0, 0);
-            continue;
-        }
-        if (!c.minutes.has(cursor.getMinutes())) {
-            cursor.setMinutes(cursor.getMinutes() + 1, 0, 0);
-            continue;
-        }
-        return cursor;
-    }
-    throw new Error(`No next run found within 5 years for cron expression`);
-}
-export function validateCron(expr) {
-    try {
-        const next = nextRun(expr);
-        return { ok: true, next };
-    }
-    catch (err) {
-        return { ok: false, error: err instanceof Error ? err.message : String(err) };
-    }
-}
-//# sourceMappingURL=cron.js.map