opencode-pilot 0.24.10 → 0.24.12

package/Formula/opencode-pilot.rb

@@ -1,8 +1,8 @@
 class OpencodePilot < Formula
   desc "Automation daemon for OpenCode - polls GitHub/Linear issues and spawns sessions"
   homepage "https://github.com/athal7/opencode-pilot"
-  url "https://github.com/athal7/opencode-pilot/archive/refs/tags/v0.24.9.tar.gz"
-  sha256 "b477a5677fb80456db3f4f6464dd2071d0efb56bdd29b8a8fc01e5d56638f588"
+  url "https://github.com/athal7/opencode-pilot/archive/refs/tags/v0.24.11.tar.gz"
+  sha256 "c0c9e3cdb3b34275d7a1d63b128430dd7e6fdd00dc8fe9e3baa5f3124b955422"
   license "MIT"
 
   depends_on "node"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-pilot",
-  "version": "0.24.10",
+  "version": "0.24.12",
   "type": "module",
   "main": "plugin/index.js",
   "description": "Automation daemon for OpenCode - polls for work and spawns sessions",

package/service/actions.js

@@ -3,6 +3,20 @@
  *
  * Starts OpenCode sessions with configurable prompts.
  * Supports prompt_template for custom prompts (e.g., to invoke /devcontainer).
+ *
+ * ## Session directory handling
+ *
+ * POST /session?directory=X sets both session.directory (working dir) and
+ * session.projectID (derived from the git root of X). Sandbox directories
+ * are git worktrees of the parent repo — they share the same root commit,
+ * so OpenCode resolves the correct projectID automatically.
+ *
+ * This means we always POST with the workingDirectory. No PATCH-based
+ * "project re-scoping" is needed. See test/integration/real-server.test.js
+ * for verification against a real OpenCode server.
+ *
+ * Session isolation: worktree sessions skip findReusableSession entirely
+ * to prevent cross-PR contamination (each PR gets its own session).
  */
 
 import { execSync } from "child_process";
@@ -11,6 +25,7 @@ import { debug } from "./logger.js";
 import { getNestedValue } from "./utils.js";
 import { getServerPort } from "./repo-config.js";
 import { resolveWorktreeDirectory, getProjectInfo, getProjectInfoForDirectory } from "./worktree.js";
+import { SessionContext } from "./session-context.js";
 import path from "path";
 import os from "os";
 
@@ -672,30 +687,43 @@ export async function findReusableSession(serverUrl, directory, options = {}) {
 
 /**
  * Create a session via the OpenCode HTTP API
- * 
+ *
+ * Creates the session with sessionCtx.workingDirectory. OpenCode resolves
+ * the correct projectID from the git root of that directory — sandbox dirs
+ * (git worktrees) resolve to the same project as the parent repo, so no
+ * separate "project scoping" step is needed.
+ *
+ * Verified against real OpenCode server in test/integration/real-server.test.js.
+ *
  * @param {string} serverUrl - Server URL (e.g., "http://localhost:4096")
- * @param {string} directory - Working directory for file operations (may be a worktree)
+ * @param {SessionContext} sessionCtx - Carries both directories (see session-context.js)
  * @param {string} prompt - The prompt/message to send
  * @param {object} [options] - Options
- * @param {string} [options.projectDirectory] - Project directory for session scoping (defaults to directory)
  * @param {string} [options.title] - Session title
  * @param {string} [options.agent] - Agent to use
  * @param {string} [options.model] - Model to use
  * @param {function} [options.fetch] - Custom fetch function (for testing)
  * @returns {Promise<object>} Result with sessionId, success, error
  */
-export async function createSessionViaApi(serverUrl, directory, prompt, options = {}) {
+export async function createSessionViaApi(serverUrl, sessionCtx, prompt, options = {}) {
   const fetchFn = options.fetch || fetch;
   const headerTimeout = options.headerTimeout || HEADER_TIMEOUT_MS;
-  const projectDir = options.projectDirectory || directory;
+  // POST /session?directory=X sets both session.directory and projectID.
+  // OpenCode resolves projectID from the git root of X — sandbox directories
+  // (git worktrees) share the same root commit as the parent repo, so they
+  // get the correct projectID automatically. No PATCH re-scoping needed.
+  //
+  // PATCH /session/:id only updates title/archived — the ?directory param
+  // is a routing parameter (determines which project to look in), NOT a
+  // mutation of session.directory.
+  const directory = sessionCtx.workingDirectory;
   
   let session = null;
   
   try {
-    // Step 1: Create session with the working directory (may be a worktree).
-    // This sets the session's working directory so the agent operates in the
-    // correct location. For worktree sessions, the server may assign
-    // projectID 'global' since sandbox paths don't match project worktrees.
+    // Step 1: Create session with the working directory.
+    // This is what determines where the agent actually operates (file reads,
+    // writes, tool execution). For worktree sessions this is the sandbox path.
     const sessionUrl = new URL('/session', serverUrl);
     sessionUrl.searchParams.set('directory', directory);
     
@@ -713,20 +741,16 @@ export async function createSessionViaApi(serverUrl, directory, prompt, options
     session = await createResponse.json();
     debug(`createSessionViaApi: created session ${session.id} in ${directory}`);
     
-    // Step 2: Update session - always PATCH with project directory when it
-    // differs from the working directory (worktree case). This re-associates
-    // the session with the correct project so it appears in the UI.
-    // Also set the title if provided.
-    const needsProjectScoping = projectDir !== directory;
-    if (options.title || needsProjectScoping) {
+    // Step 2: Set session title if provided.
+    // PATCH ?directory must match the session's directory so the server can
+    // find it (it's a routing param, not a mutation).
+    if (options.title) {
       const updateUrl = new URL(`/session/${session.id}`, serverUrl);
-      updateUrl.searchParams.set('directory', projectDir);
-      const patchBody = {};
-      if (options.title) patchBody.title = options.title;
+      updateUrl.searchParams.set('directory', directory);
       await fetchFn(updateUrl.toString(), {
         method: 'PATCH',
         headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify(patchBody),
+        body: JSON.stringify({ title: options.title }),
       });
     }
     
@@ -839,17 +863,25 @@ export async function createSessionViaApi(serverUrl, directory, prompt, options
 }
 
 /**
- * Execute session creation/reuse in a specific directory
- * Internal helper for executeAction - handles prompt building, session reuse, and API calls
- * 
+ * Execute session creation/reuse for the given session context.
+ * Internal helper for executeAction - handles prompt building, session reuse, and API calls.
+ *
+ * Enforces invariant C (session isolation): session reuse is skipped entirely
+ * when sessionCtx.isWorktree is true. Each PR/issue running in a worktree must
+ * get its own session because:
+ *   - Querying by workingDirectory finds old sessions with projectID='global'
+ *   - Querying by projectDirectory finds sessions for unrelated PRs in the same project
+ *
  * @param {string} serverUrl - OpenCode server URL
- * @param {string} cwd - Working directory for the session
+ * @param {SessionContext} sessionCtx - Carries both directories
  * @param {object} item - Item to create session for
  * @param {object} config - Repo config with action settings
  * @param {object} [options] - Execution options
  * @returns {Promise<object>} Result with command, success, sessionId, etc.
  */
-async function executeInDirectory(serverUrl, cwd, item, config, options = {}, projectDirectory = null) {
+async function executeInDirectory(serverUrl, sessionCtx, item, config, options = {}) {
+  const cwd = sessionCtx.workingDirectory;
+
   // Build prompt from template
   const prompt = buildPromptFromTemplate(config.prompt || "default", item);
   
@@ -889,15 +921,12 @@ async function executeInDirectory(serverUrl, cwd, item, config, options = {}, pr
     }
   }
   
-  // Check if we should try to reuse an existing session.
-  // Skip reuse when working in a worktree (projectDirectory differs from cwd),
-  // because querying by worktree dir finds old sessions with projectID "global",
-  // and querying by project dir finds unrelated sessions for other PRs.
-  // Each worktree should get its own correctly-scoped session.
+  // Invariant C: skip findReusableSession when in a worktree.
+  // Each worktree (= each PR/issue) must get its own session to prevent
+  // cross-PR contamination. See session-context.js for full rationale.
   const reuseActiveSession = config.reuse_active_session !== false; // default true
-  const inWorktree = projectDirectory && projectDirectory !== cwd;
   
-  if (reuseActiveSession && !inWorktree && !options.dryRun) {
+  if (reuseActiveSession && !sessionCtx.isWorktree && !options.dryRun) {
     const existingSession = await findReusableSession(serverUrl, cwd, { fetch: options.fetch });
     
     if (existingSession) {
@@ -934,8 +963,7 @@ async function executeInDirectory(serverUrl, cwd, item, config, options = {}, pr
     };
   }
   
-  const result = await createSessionViaApi(serverUrl, cwd, prompt, {
-    projectDirectory: projectDirectory || cwd,
+  const result = await createSessionViaApi(serverUrl, sessionCtx, prompt, {
     title: sessionTitle,
     agent: config.agent,
     model: config.model,
@@ -994,27 +1022,29 @@ export async function executeAction(item, config, options = {}) {
     };
   }
   
-  // If existing_directory is provided (reprocessing same item), use it directly
-  // This preserves the worktree from the previous run even if its name doesn't match the template
+  // If existing_directory is provided (reprocessing same item), use it directly.
+  // This preserves the worktree from the previous run even if its name doesn't match the template.
+  // Build a worktree SessionContext since existing_directory is a worktree path.
   if (config.existing_directory) {
     debug(`executeAction: using existing_directory=${config.existing_directory}`);
     const cwd = expandPath(config.existing_directory);
-    return await executeInDirectory(serverUrl, cwd, item, config, options, baseCwd);
+    const sessionCtx = SessionContext.forWorktree(baseCwd, cwd);
+    return await executeInDirectory(serverUrl, sessionCtx, item, config, options);
   }
   
-  // Resolve worktree directory if configured
-  // This allows creating sessions in isolated worktrees instead of the main project
+  // Resolve worktree directory if configured.
+  // This allows creating sessions in isolated worktrees instead of the main project.
   let worktreeMode = config.worktree;
   
-  // If worktree_name is configured, enable worktree mode (explicit configuration)
-  // This allows presets to specify worktree isolation without requiring existing sandboxes
+  // If worktree_name is configured, enable worktree mode (explicit configuration).
+  // This allows presets to specify worktree isolation without requiring existing sandboxes.
   if (!worktreeMode && config.worktree_name) {
     debug(`executeAction: worktree_name configured, enabling worktree mode`);
     worktreeMode = 'new';
   }
   
-  // Auto-detect worktree support: check if the project has sandboxes
-  // This is a fallback for when worktree isn't explicitly configured
+  // Auto-detect worktree support: check if the project has sandboxes.
+  // This is a fallback for when worktree isn't explicitly configured.
   if (!worktreeMode) {
     // Look up project info for this specific directory (not just /project/current)
     const projectInfo = await getProjectInfoForDirectory(serverUrl, baseCwd, { fetch: options.fetch });
@@ -1051,5 +1081,8 @@ export async function executeAction(item, config, options = {}) {
   
   debug(`executeAction: using cwd=${cwd}`);
   
-  return await executeInDirectory(serverUrl, cwd, item, config, options, baseCwd);
+  // Build a SessionContext so downstream functions always have both directories.
+  // forWorktree correctly sets isWorktree=true when cwd differs from baseCwd.
+  const sessionCtx = SessionContext.forWorktree(baseCwd, cwd);
+  return await executeInDirectory(serverUrl, sessionCtx, item, config, options);
 }

package/service/session-context.js

@@ -0,0 +1,83 @@
+/**
+ * session-context.js - SessionContext value object
+ *
+ * Tracks both the project directory (main git repo) and the working directory
+ * (which may be a sandbox/worktree) for session creation.
+ *
+ * ## How OpenCode's API actually works
+ *
+ * Verified against a real OpenCode server (see test/integration/real-server.test.js):
+ *
+ *   - POST /session?directory=X sets `session.directory = X` and derives
+ *     `session.projectID` from the git root of X. Sandbox directories are
+ *     git worktrees that share the same root commit as the parent repo, so
+ *     they get the correct projectID automatically. There is NO need to
+ *     create with the project directory for "project scoping".
+ *
+ *   - PATCH /session/:id only updates title/archived. The ?directory param
+ *     is a routing parameter (determines which project to look in), NOT a
+ *     mutation of session.directory.
+ *
+ *   - GET /session?directory=X uses ?directory for both project routing
+ *     (middleware) and as an exact filter on session.directory (route handler).
+ *     This means sessions created with a sandbox dir are only visible when
+ *     querying with that sandbox dir — natural isolation per worktree.
+ *
+ * ## Why SessionContext still carries both directories
+ *
+ * Even though createSessionViaApi only needs workingDirectory, the project
+ * directory is still needed for:
+ *   - Worktree detection (isWorktree) — to skip session reuse for sandbox
+ *     sessions and prevent cross-PR contamination
+ *   - resolveWorktreeDirectory — needs the base project dir to create/list
+ *     worktrees via GET/POST /experimental/worktree?directory=<projectDir>
+ *
+ * ## Worktree Detection
+ *
+ * A session is "in a worktree" when `workingDirectory !== projectDirectory`.
+ * Non-worktree sessions have both set to the same value.
+ */
+
+export class SessionContext {
+  /**
+   * @param {string} projectDirectory - Base git repo path. Used for:
+   *   - Worktree detection (isWorktree check for session isolation)
+   *   - Worktree API calls (GET/POST /experimental/worktree?directory=...)
+   *
+   * @param {string} workingDirectory - Directory where the agent does work. Used for:
+   *   - POST /session?directory=... (sets session.directory AND projectID)
+   *   - POST /session/:id/message?directory=... (file operations)
+   *   - PATCH /session/:id?directory=... (routing for title updates)
+   *   Equals projectDirectory when not using worktrees.
+   */
+  constructor(projectDirectory, workingDirectory) {
+    if (!projectDirectory) throw new Error('SessionContext: projectDirectory is required');
+    if (!workingDirectory) throw new Error('SessionContext: workingDirectory is required');
+    this.projectDirectory = projectDirectory;
+    this.workingDirectory = workingDirectory;
+    Object.freeze(this);
+  }
+
+  /**
+   * True when the session runs in a worktree separate from the main repo.
+   * Worktree sessions skip findReusableSession to prevent cross-PR
+   * contamination — each PR/issue in its own sandbox gets its own session.
+   */
+  get isWorktree() {
+    return this.projectDirectory !== this.workingDirectory;
+  }
+
+  /**
+   * Factory: use this when there is no worktree (single-directory case).
+   */
+  static forProject(directory) {
+    return new SessionContext(directory, directory);
+  }
+
+  /**
+   * Factory: use this when a worktree has been resolved.
+   */
+  static forWorktree(projectDirectory, worktreeDirectory) {
+    return new SessionContext(projectDirectory, worktreeDirectory);
+  }
+}

package/test/integration/poll-once.test.js

@@ -0,0 +1,308 @@
+/**
+ * Integration tests for pollOnce end-to-end orchestration
+ *
+ * Tests the full wiring: config → source → readiness → dedup → executeAction.
+ * Uses executeAction + createPoller directly (simulating what pollOnce does
+ * after fetching items) with a mock OpenCode server to capture API calls.
+ *
+ * These tests verify two properties NOT covered by the invariant tests:
+ *
+ *   1. Two PRs in the same project each get their own session (dedup does not
+ *      collapse them — they have different IDs).
+ *
+ *   2. A PR already processed in a previous poll cycle is skipped on the next
+ *      call (dedup state persists across pollOnce calls).
+ *
+ * The invariant tests (session-reuse.test.js "session creation invariants")
+ * cover WHICH directories are used. These tests cover WHETHER sessions are
+ * created at all.
+ */
+import { describe, it, beforeEach, afterEach } from "node:test";
+import assert from "node:assert";
+import { createServer } from "node:http";
+import { mkdtempSync, rmSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+
+import { executeAction } from "../../service/actions.js";
+import { createPoller } from "../../service/poller.js";
+
+// ─── Mock server ────────────────────────────────────────────────────────────
+
+/**
+ * Create a mock OpenCode server for testing.
+ * Handlers are keyed by "METHOD /path" (e.g., "POST /session").
+ * A `default` handler catches anything without an exact match.
+ */
+function createMockServer(handlers = {}) {
+  const server = createServer((req, res) => {
+    const url = new URL(req.url, `http://${req.headers.host}`);
+    const pathname = url.pathname;
+    const method = req.method;
+
+    let body = "";
+    req.on("data", (chunk) => (body += chunk));
+    req.on("end", () => {
+      const request = {
+        method,
+        path: pathname,
+        directory: url.searchParams.get("directory"),
+        query: Object.fromEntries(url.searchParams),
+        body: body ? JSON.parse(body) : null,
+      };
+
+      // Find matching handler — try exact match first, then wildcard
+      const exactKey = `${method} ${pathname}`;
+      let handler = handlers[exactKey];
+
+      if (!handler) {
+        for (const [key, h] of Object.entries(handlers)) {
+          if (key === "default") continue;
+          const regexStr = "^" + key.replace(/\*/g, "[^/]+") + "$";
+          if (new RegExp(regexStr).test(exactKey)) {
+            handler = h;
+            break;
+          }
+        }
+      }
+
+      if (!handler) handler = handlers.default;
+
+      if (handler) {
+        const result = handler(request);
+        res.writeHead(result.status || 200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify(result.body));
+      } else {
+        res.writeHead(404, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: `No handler for ${exactKey}` }));
+      }
+    });
+  });
+
+  return new Promise((resolve) => {
+    server.listen(0, "127.0.0.1", () => {
+      const { port } = server.address();
+      resolve({
+        url: `http://127.0.0.1:${port}`,
+        server,
+        close: () => new Promise((r) => server.close(r)),
+      });
+    });
+  });
+}
+
+// ─── Fetch interceptor ───────────────────────────────────────────────────────
+
+/**
+ * Build a fetch interceptor that:
+ *  - Records which sessions were created and which directories were used
+ *  - Short-circuits POST /session/:id/message and /command to avoid
+ *    AbortController race with the mock server (see session-reuse.test.js
+ *    for the full explanation of this race condition)
+ *  - Forwards everything else to the real mock server
+ */
+function makeFetchInterceptor(calls) {
+  return async (url, opts) => {
+    const u = new URL(url);
+    const method = opts?.method || "GET";
+
+    // Short-circuit message/command — return mock 200 directly
+    if (method === "POST" && /^\/session\/[^/]+\/(message|command)$/.test(u.pathname)) {
+      const sessionId = u.pathname.split("/")[2];
+      calls.messages = calls.messages || [];
+      calls.messages.push({
+        sessionId,
+        directory: u.searchParams.get("directory"),
+      });
+      return new Response(JSON.stringify({ success: true }), {
+        status: 200,
+        headers: { "Content-Type": "application/json" },
+      });
+    }
+
+    if (method === "POST" && u.pathname === "/session") {
+      calls.sessionsCreated = (calls.sessionsCreated || 0) + 1;
+    }
+
+    return fetch(url, opts);
+  };
+}
+
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+
+let sessionCounter = 0;
+
+/**
+ * Build a minimal mock server that handles the OpenCode API calls made by
+ * executeAction for a worktree-based PR source.
+ */
+async function buildWorktreeMockServer(calls) {
+  return createMockServer({
+    "GET /project": () => ({
+      body: [{ id: "proj_1", worktree: "/proj", sandboxes: [], time: { created: 1 } }],
+    }),
+    "GET /experimental/worktree": () => ({ body: [] }),
+    "POST /experimental/worktree": (req) => ({
+      body: { name: req.body?.name, directory: `/worktree/${req.body?.name}` },
+    }),
+    "GET /session": () => ({ body: [] }),
+    "GET /session/status": () => ({ body: {} }),
+    "POST /session": () => {
+      const id = `ses_poll_${++sessionCounter}`;
+      calls.createdSessionIds = calls.createdSessionIds || [];
+      calls.createdSessionIds.push(id);
+      return { body: { id } };
+    },
+    default: (req) => {
+      // PATCH /session/:id — title update
+      if (req.method === "PATCH" && req.path.startsWith("/session/")) {
+        return { body: {} };
+      }
+      return { status: 404, body: { error: `Unhandled: ${req.method} ${req.path}` } };
+    },
+  });
+}
+
+// ─── Tests ───────────────────────────────────────────────────────────────────
+
+describe("integration: pollOnce end-to-end", () => {
+  let mockServer;
+  let tmpDir;
+  let stateFile;
+
+  beforeEach(() => {
+    tmpDir = mkdtempSync(join(tmpdir(), "pilot-poll-test-"));
+    stateFile = join(tmpDir, "poll-state.json");
+    sessionCounter = 0;
+  });
+
+  afterEach(async () => {
+    if (mockServer) {
+      await mockServer.close();
+      mockServer = null;
+    }
+    try {
+      rmSync(tmpDir, { recursive: true, force: true });
+    } catch {
+      // ignore
+    }
+  });
+
+  it("two PRs in the same project each get their own session", async () => {
+    // Two PRs, same project, worktree_name configured.
+    // Both are ready (no readiness filter). Each must get a separate session.
+    // This exercises: source → readiness → executeAction × 2 → two sessions.
+
+    const calls = {};
+    mockServer = await buildWorktreeMockServer(calls);
+    const serverUrl = mockServer.url;
+
+    const items = [
+      { id: "pr-101", number: 101, title: "PR #101", state: "open" },
+      { id: "pr-102", number: 102, title: "PR #102", state: "open" },
+    ];
+
+    const poller = createPoller({ stateFile });
+    const fetchFn = makeFetchInterceptor(calls);
+    const results = [];
+
+    for (const item of items) {
+      if (poller.isProcessed(item.id)) continue;
+
+      const actionConfig = {
+        path: "/proj",
+        prompt: "review",
+        worktree_name: "pr-{number}",
+      };
+
+      const result = await executeAction(item, actionConfig, {
+        discoverServer: async () => serverUrl,
+        fetch: fetchFn,
+      });
+
+      results.push({ item, result });
+
+      if (result.success) {
+        poller.markProcessed(item.id, {
+          source: "test-prs",
+          sessionId: result.sessionId,
+          directory: result.directory,
+        });
+      }
+    }
+
+    // Both PRs should succeed
+    assert.strictEqual(results.length, 2, "Both PRs should be processed");
+    assert.ok(results[0].result.success, "PR #101 should succeed");
+    assert.ok(results[1].result.success, "PR #102 should succeed");
+
+    // Each PR must get its own session
+    assert.strictEqual(
+      calls.createdSessionIds?.length,
+      2,
+      "Two separate sessions must be created — one per PR"
+    );
+    assert.notStrictEqual(
+      results[0].result.sessionId,
+      results[1].result.sessionId,
+      "Session IDs must differ between PRs"
+    );
+
+    // Both are now marked as processed
+    assert.ok(poller.isProcessed("pr-101"), "PR #101 should be marked processed");
+    assert.ok(poller.isProcessed("pr-102"), "PR #102 should be marked processed");
+  });
+
+  it("already-processed PR is skipped on second poll cycle", async () => {
+    // One PR, processed in cycle 1. On cycle 2 it must be skipped.
+    // This exercises the dedup path: poller.isProcessed() → continue.
+
+    const calls = {};
+    mockServer = await buildWorktreeMockServer(calls);
+    const serverUrl = mockServer.url;
+
+    const item = { id: "pr-200", number: 200, title: "PR #200", state: "open" };
+    const poller = createPoller({ stateFile });
+    const fetchFn = makeFetchInterceptor(calls);
+
+    const actionConfig = {
+      path: "/proj",
+      prompt: "review",
+      worktree_name: "pr-{number}",
+    };
+
+    // ── Cycle 1: process the PR ──────────────────────────────────────────
+    const result1 = await executeAction(item, actionConfig, {
+      discoverServer: async () => serverUrl,
+      fetch: fetchFn,
+    });
+
+    assert.ok(result1.success, "Cycle 1: PR should be processed successfully");
+    poller.markProcessed(item.id, {
+      source: "test-prs",
+      sessionId: result1.sessionId,
+      directory: result1.directory,
+    });
+
+    const sessionsAfterCycle1 = calls.createdSessionIds?.length || 0;
+    assert.strictEqual(sessionsAfterCycle1, 1, "Cycle 1: exactly one session created");
+
+    // ── Cycle 2: same PR appears again — must be skipped ─────────────────
+    let cycle2Executed = false;
+
+    if (!poller.isProcessed(item.id)) {
+      cycle2Executed = true;
+      await executeAction(item, actionConfig, {
+        discoverServer: async () => serverUrl,
+        fetch: fetchFn,
+      });
+    }
+
+    assert.strictEqual(cycle2Executed, false, "Cycle 2: PR must be skipped (already processed)");
+    assert.strictEqual(
+      calls.createdSessionIds?.length || 0,
+      1,
+      "Cycle 2: no new session must be created"
+    );
+  });
+});