replicas-engine 0.1.222 → 0.1.224

package/dist/src/index.js

@@ -38,6 +38,7 @@ var CODEX_ASP_ITEM_ID_PAYLOAD_KEY = "codexAspItemId";
 var CODEX_QUOTA_STATUS_EVENT_TYPE = "codex-quota-status";
 var COMPACTION_STATUS_EVENT_TYPE = "compaction-status";
 var CHAT_GOAL_EVENT_TYPE = "chat-goal";
+var AUTH_RETRY_STATUS_EVENT_TYPE = "auth-retry-status";
 var CONTEXT_USAGE_EVENT_TYPE = "context-usage";
 
 // ../shared/src/languages.ts
@@ -555,22 +556,19 @@ Docker is pre-installed in Replicas workspaces, but the daemon does **not** auto
 
 \`\`\`bash
 sudo service docker start
+until docker info >/dev/null 2>&1; do sleep 0.2; done
 \`\`\`
 
-After starting, verify the daemon is running:
-
-\`\`\`bash
-docker info
-\`\`\`
+\`service docker start\` returns before the socket is accepting connections, so immediate commands may fail without the poll.
 
 ## Important Notes
 
 - **Start once per session.** The daemon stays running until the workspace shuts down. You do not need to restart it between commands.
 - **Check before starting.** If you are unsure whether the daemon is already running, check first to avoid an unnecessary restart:
   \`\`\`bash
-  docker info > /dev/null 2>&1 || sudo service docker start
+  docker info >/dev/null 2>&1 || { sudo service docker start && until docker info >/dev/null 2>&1; do sleep 0.2; done; }
   \`\`\`
-- **Sudo is required** for starting the daemon, but regular \`docker\` commands run without sudo (the user is in the \`docker\` group).
+- **Sudo is only required for starting the daemon.** The workspace user is in the \`docker\` group, so regular \`docker\` commands work without sudo.
 `;
 var DOCKER_ABILITY = {
   label: "Docker",
@@ -1762,8 +1760,14 @@ function parseReplicasConfigString(content, filename) {
   return parseReplicasConfig(parsed, filename);
 }
 
+// ../shared/src/claude-auth.ts
+function isClaudeAuthErrorText(text) {
+  const lower = text.toLowerCase();
+  return lower.includes("failed to authenticate") || lower.includes("authentication_error") || lower.includes("authentication_failed") || lower.includes("authentication failed") || lower.includes("invalid authentication credentials") || lower.includes("not logged in") || lower.includes("please run /login") || lower.includes("401") && lower.includes("authentic");
+}
+
 // ../shared/src/engine/environment.ts
-var DAYTONA_SNAPSHOT_ID = "27-05-2026-royal-york-v6";
+var DAYTONA_SNAPSHOT_ID = "28-05-2026-royal-york-v1";
 
 // ../shared/src/engine/types.ts
 var DEFAULT_CHAT_TITLES = {
@@ -4529,10 +4533,15 @@ var CodingAgentManager = class {
   setCompacting(active) {
     if (this.compacting === active) return;
     this.compacting = active;
+    this.emitSyntheticEvent(COMPACTION_STATUS_EVENT_TYPE, {
+      state: active ? "in_progress" : "completed"
+    });
+  }
+  emitSyntheticEvent(type, payload) {
     this.onEvent({
       timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-      type: COMPACTION_STATUS_EVENT_TYPE,
-      payload: { state: active ? "in_progress" : "completed" }
+      type,
+      payload
     });
   }
   initializeManager(processMessage) {
@@ -4895,6 +4904,12 @@ var TOOL_INPUT_HANDLERS = {
     }
   }
 };
+var ClaudeAuthError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "ClaudeAuthError";
+  }
+};
 var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
   historyFile;
   sessionId = null;
@@ -4908,6 +4923,7 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
   disallowedToolsOverride;
   /** Active tool-input requests keyed by requestId; resolved when the user selects an option. */
   pendingToolInputs = /* @__PURE__ */ new Map();
+  authRetrying = false;
   constructor(options) {
     super(options);
     this.historyFile = options.historyFilePath ?? join13(homedir11(), ".replicas", "claude", "history.jsonl");
@@ -4942,6 +4958,14 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
   isAwaitingInput() {
     return this.pendingToolInputs.size > 0;
   }
+  isAuthRetrying() {
+    return this.authRetrying;
+  }
+  setAuthRetrying(value) {
+    if (this.authRetrying === value) return;
+    this.authRetrying = value;
+    this.emitSyntheticEvent(AUTH_RETRY_STATUS_EVENT_TYPE, { isAuthRetrying: value });
+  }
   async respondToToolInput(requestId, selectionId) {
     const pending = this.pendingToolInputs.get(requestId);
     if (!pending) {
@@ -5018,29 +5042,73 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
       return result;
     };
   }
-  /**
-   * Internal method that actually processes the message.
-   * On auth failure, refreshes credentials and retries once.
-   */
   async processMessageInternal(request) {
+    const MAX_AUTH_RETRIES = 2;
+    let lastError;
+    let authRetryExhausted = false;
     try {
-      await this.executeQuery(request);
-    } catch (error) {
-      if (_ClaudeManager.isAuthError(error)) {
-        console.warn("[ClaudeManager] Auth failure detected, refreshing credentials and retrying...", error);
-        const refreshed = await claudeTokenManager.fetchFreshCredentials(error instanceof Error ? error.message : String(error));
-        if (refreshed) {
-          await this.executeQuery(request);
+      for (let attempt = 0; attempt <= MAX_AUTH_RETRIES; attempt++) {
+        try {
+          await this.executeQuery(request, { skipUserMessageRecord: attempt > 0 });
           return;
+        } catch (error) {
+          lastError = error;
+          if (!_ClaudeManager.isAuthError(error)) {
+            throw error;
+          }
+          if (attempt === MAX_AUTH_RETRIES) {
+            authRetryExhausted = true;
+            throw error;
+          }
+          console.error(
+            `[ClaudeManager] Auth failure detected (attempt ${attempt + 1}/${MAX_AUTH_RETRIES + 1}), refreshing credentials and retrying...`,
+            error
+          );
+          this.setAuthRetrying(true);
+          const refreshed = await claudeTokenManager.fetchFreshCredentials(
+            error instanceof Error ? error.message : String(error)
+          );
+          if (!refreshed) {
+            authRetryExhausted = true;
+            throw error;
+          }
         }
       }
-      throw error;
+    } finally {
+      this.setAuthRetrying(false);
+      if (authRetryExhausted) {
+        await this.emitAuthRetryExhaustedEvent(lastError);
+      }
+      try {
+        await this.onTurnComplete();
+      } catch (error) {
+        console.error("[ClaudeManager] onTurnComplete failed:", error);
+      }
     }
   }
-  /**
-   * Executes a single query attempt against the Claude Agent SDK.
-   */
-  async executeQuery(request) {
+  async emitAuthRetryExhaustedEvent(error) {
+    const detail = error instanceof Error ? error.message : String(error);
+    const event = {
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      type: "claude-result",
+      payload: {
+        type: "result",
+        subtype: "error_during_execution",
+        is_error: true,
+        result: "Couldn't authenticate with Claude after multiple attempts. Check your credentials in Settings \u2192 Agents and try again.",
+        errors: [detail],
+        session_id: this.sessionId ?? "",
+        parent_tool_use_id: null
+      }
+    };
+    try {
+      await appendFile4(this.historyFile, JSON.stringify(event) + "\n", "utf-8");
+    } catch (writeError) {
+      console.error("[ClaudeManager] Failed to record auth-retry-exhausted event:", writeError);
+    }
+    this.onEvent(event);
+  }
+  async executeQuery(request, options = {}) {
     const {
       message,
       model,
@@ -5084,7 +5152,9 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
         parent_tool_use_id: null,
         session_id: this.sessionId ?? ""
       };
-      await this.recordEvent(userMessage);
+      if (!options.skipUserMessageRecord) {
+        await this.recordEvent(userMessage);
+      }
       const promptStream = new PromptStream();
       promptStream.push(userMessage);
       this.activePromptStream = promptStream;
@@ -5136,6 +5206,11 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
       }
       const linearForwarder = new LinearEventForwarder(linearSessionId);
       for await (const msg of response) {
+        const authErrorMessage = _ClaudeManager.detectAuthErrorInMessage(msg);
+        if (authErrorMessage) {
+          this.activePromptStream?.close();
+          throw new ClaudeAuthError(authErrorMessage);
+        }
         await this.handleMessage(msg);
         if (linearSessionId) {
           linearForwarder.sendPlan(extractPlanFromClaudeEvent(msg));
@@ -5153,11 +5228,6 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
       this.activePromptStream?.close();
       this.activePromptStream = null;
       this.pendingInterrupt = false;
-      try {
-        await this.onTurnComplete();
-      } catch (error) {
-        console.error("[ClaudeManager] onTurnComplete failed:", error);
-      }
     }
   }
   getContextUsageProvider() {
@@ -5203,17 +5273,33 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
       console.warn("[ClaudeManager] Failed to record context usage:", error instanceof Error ? error.message : error);
     }
   }
-  /**
-   * Determines if an error is an OAuth authentication failure from the Claude SDK.
-   * Known patterns:
-   *  - "Not logged in · Please run /login"
-   *  - "authentication_failed"
-   *  - "unauthorized"
-   */
   static isAuthError(error) {
-    const msg = error instanceof Error ? error.message : String(error);
-    const lower = msg.toLowerCase();
-    return lower.includes("not logged in") || lower.includes("please run /login") || lower.includes("authentication_failed") || lower.includes("authentication failed");
+    if (error instanceof ClaudeAuthError) return true;
+    return isClaudeAuthErrorText(error instanceof Error ? error.message : String(error));
+  }
+  // Done at the message-stream layer (rather than letting the failure flow
+  // downstream as a normal result) so we can suppress emission before the
+  // dashboard renders the raw 401 to the user.
+  static detectAuthErrorInMessage(message) {
+    if (message.type === "assistant" && "error" in message) {
+      const error = message.error;
+      if (typeof error === "string") {
+        const errCode = error.toLowerCase();
+        if (errCode === "authentication_failed" || errCode === "authentication_error") {
+          return error;
+        }
+      }
+    }
+    if (message.type === "result" && message.is_error) {
+      if (message.subtype === "success") {
+        if (isClaudeAuthErrorText(message.result)) return message.result;
+      } else {
+        for (const err of message.errors) {
+          if (isClaudeAuthErrorText(err)) return err;
+        }
+      }
+    }
+    return null;
   }
   async getHistory() {
     await this.initialized;
@@ -5231,34 +5317,12 @@ var ClaudeManager = class _ClaudeManager extends CodingAgentManager {
       console.log(`[ClaudeManager] Restored session ID from persisted state: ${this.sessionId}`);
     }
   }
-  /**
-   * Checks if an SDK message indicates an OAuth authentication failure.
-   * When detected, triggers a force-refresh of credentials from the monolith.
-   */
-  async checkForAuthFailure(message) {
-    if (message.type === "assistant" && "error" in message && message.error === "authentication_failed") {
-      console.warn("[ClaudeManager] Detected authentication_failed in assistant message, force-refreshing credentials...");
-      await claudeTokenManager.fetchFreshCredentials();
-      return;
-    }
-    if (message.type === "result" && "is_error" in message && message.is_error && "errors" in message) {
-      const errors = message.errors ?? [];
-      const hasAuthError = errors.some(
-        (err) => err.toLowerCase().includes("authentication") || err.toLowerCase().includes("unauthorized") || err.toLowerCase().includes("not logged in") || err.toLowerCase().includes("login")
-      );
-      if (hasAuthError) {
-        console.warn("[ClaudeManager] Detected auth-related error in result, force-refreshing credentials...");
-        await claudeTokenManager.fetchFreshCredentials();
-      }
-    }
-  }
   async handleMessage(message) {
     if ("session_id" in message && message.session_id && !this.sessionId) {
       this.sessionId = message.session_id;
       await this.onSaveSessionId(this.sessionId);
       console.log(`[ClaudeManager] Captured and persisted session ID: ${this.sessionId}`);
     }
-    await this.checkForAuthFailure(message);
     this.trackNativeCompaction(message);
     await this.recordEvent(message);
   }
@@ -7902,6 +7966,7 @@ var ChatService = class {
       processing: chat.provider.isProcessing(),
       awaitingInput: chat.provider.isAwaitingInput?.() ?? false,
       isCompacting: chat.provider.isCompacting?.() ?? false,
+      isAuthRetrying: chat.provider.isAuthRetrying?.() ?? false,
       goal: chat.provider.getGoal?.() ?? null,
       parentChatId: chat.persisted.parentChatId
     };
@@ -7965,7 +8030,7 @@ var ChatService = class {
       }
     }).catch(() => {
     });
-    if (event.type === "replicas-tool-input-request" || event.type === "replicas-tool-input-resolved" || event.type === "compaction-status" || event.type === CHAT_GOAL_EVENT_TYPE) {
+    if (event.type === "replicas-tool-input-request" || event.type === "replicas-tool-input-resolved" || event.type === "compaction-status" || event.type === AUTH_RETRY_STATUS_EVENT_TYPE || event.type === CHAT_GOAL_EVENT_TYPE) {
       this.publish({
         type: "chat.updated",
         payload: { chat: this.toSummary(chat) }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "replicas-engine",
-  "version": "0.1.222",
+  "version": "0.1.224",
   "description": "Lightweight API server for Replicas workspaces",
   "type": "module",
   "main": "dist/src/index.js",