sentinelayer-cli 0.19.0 → 0.20.0

package/src/scan/generator.js

@@ -2,7 +2,7 @@ import YAML from "yaml";
 
 export const DEFAULT_SCAN_WORKFLOW_PATH = ".github/workflows/omar-gate.yml";
 export const DEFAULT_SCAN_SECRET_NAME = "SENTINELAYER_TOKEN";
-export const SENTINELAYER_ACTION_REF = "mrrCarter/sentinelayer-v1-action@8595c4ad41e7b710ff6b1de0603da6ad8c0c3c07";
+export const SENTINELAYER_ACTION_REF = "mrrCarter/sentinelayer-v1-action@03d7369cba7de2e9f15b959275c982111f0ee493";
 export const SUPPORTED_E2E_HINTS = Object.freeze(["auto", "yes", "no"]);
 export const SUPPORTED_PLAYWRIGHT_MODES = Object.freeze(["auto", "off", "baseline", "audit"]);
 
@@ -228,11 +228,12 @@ export function buildSecurityReviewWorkflow({ secretName = DEFAULT_SCAN_SECRET_N
               sentinelayer_token: `\${{ secrets.${normalizedSecret} }}`,
               sentinelayer_managed_llm: "false",
               openai_api_key: "${{ secrets.OPENAI_API_KEY }}",
+              google_api_key: "${{ secrets.GOOGLE_API_KEY }}",
               scan_mode: profile.scanMode || "deep",
               severity_gate: profile.severityGate || "P1",
               model: "gpt-5.3-codex",
               codex_model: "gpt-5.3-codex",
-              model_fallback: "gpt-5.2-codex",
+              model_fallback: "gemini-2.5-flash",
               llm_failure_policy: "block",
               playwright_mode: profile.playwrightMode || "off",
               sbom_mode: profile.sbomMode || "off",

package/src/session/agent-registry.js

@@ -185,6 +185,43 @@ export function generateAgentId(modelName) {
   return `${prefix}-${suffix}`;
 }
 
+function isActiveAgentSnapshot(snapshot) {
+  if (!snapshot || typeof snapshot !== "object") {
+    return false;
+  }
+  if (snapshot.active === false) {
+    return false;
+  }
+  if (normalizeString(snapshot.leftAt)) {
+    return false;
+  }
+  return true;
+}
+
+function chooseAgentRefreshModel(value, existingModel) {
+  const candidate = normalizeString(value);
+  const existing = normalizeString(existingModel);
+  if (!candidate) {
+    return existing || "unknown";
+  }
+  if (existing && ["cli", "unknown"].includes(candidate.toLowerCase())) {
+    return existing;
+  }
+  return candidate;
+}
+
+function chooseAgentRefreshRole(value, existingRole) {
+  const candidate = normalizeString(value);
+  const existing = normalizeString(existingRole);
+  if (!candidate) {
+    return existing || "observer";
+  }
+  if (existing && candidate.toLowerCase() === "observer") {
+    return existing;
+  }
+  return candidate;
+}
+
 // In-process registry of agents registered by *this* CLI process. The
 // dashboard treats any participant without a terminal agent_leave /
 // agent_killed / session_killed event as "active". When a CLI exits via
@@ -275,6 +312,39 @@ export async function registerAgent(
   }
 
   const snapshotPath = buildAgentSnapshotPath(paths, resolvedAgentId);
+  const existing = await readAgentSnapshot(snapshotPath);
+
+  if (isActiveAgentSnapshot(existing)) {
+    const snapshot = normalizeAgentSnapshot(
+      {
+        ...existing,
+        sessionId: paths.sessionId,
+        agentId: resolvedAgentId,
+        model: chooseAgentRefreshModel(model, existing.model),
+        role: chooseAgentRefreshRole(role, existing.role),
+        status: normalizeString(existing.status) || "idle",
+        detail: normalizeString(existing.detail) || "",
+        file: normalizeString(existing.file) || null,
+        lastActivityAt: nowIso,
+        leftAt: null,
+        leaveReason: null,
+        active: true,
+        updatedAt: nowIso,
+      },
+      nowIso
+    );
+    await writeAgentSnapshot(snapshotPath, snapshot);
+    if (trackProcessExit) {
+      _trackLocalAgent(paths.sessionId, snapshot.agentId, targetPath);
+    }
+    return {
+      ...snapshot,
+      snapshotPath,
+      emittedJoinEvent: false,
+      emittedContextBriefing: false,
+      refreshedExistingAgent: true,
+    };
+  }
 
   const snapshot = normalizeAgentSnapshot(
     {
@@ -328,6 +398,54 @@ export async function registerAgent(
     }).catch(() => {});
   }
 
+  return {
+    ...snapshot,
+    snapshotPath,
+    emittedJoinEvent: true,
+    emittedContextBriefing: normalizeString(snapshot.agentId).toLowerCase() !== "senti",
+    refreshedExistingAgent: false,
+  };
+}
+
+export async function rememberAgentIdentity(
+  sessionId,
+  {
+    agentId = "",
+    model = "",
+    role = "observer",
+    targetPath = process.cwd(),
+  } = {}
+) {
+  const paths = resolveSessionPaths(sessionId, { targetPath });
+  const nowIso = new Date().toISOString();
+  const resolvedAgentId = normalizeString(agentId);
+  if (!resolvedAgentId) {
+    throw new Error("agentId is required.");
+  }
+
+  const snapshotPath = buildAgentSnapshotPath(paths, resolvedAgentId);
+  const existing = await readAgentSnapshot(snapshotPath);
+  const snapshot = normalizeAgentSnapshot(
+    {
+      ...(existing || {}),
+      sessionId: paths.sessionId,
+      agentId: resolvedAgentId,
+      model: normalizeString(model) || normalizeString(existing?.model) || "unknown",
+      role: normalizeString(role) || normalizeString(existing?.role) || "observer",
+      status: normalizeString(existing?.status) || "idle",
+      detail: normalizeString(existing?.detail) || "",
+      file: normalizeString(existing?.file) || null,
+      joinedAt: normalizeString(existing?.joinedAt) || nowIso,
+      lastActivityAt: nowIso,
+      leftAt: null,
+      leaveReason: null,
+      active: true,
+      updatedAt: nowIso,
+    },
+    nowIso
+  );
+
+  await writeAgentSnapshot(snapshotPath, snapshot);
   return {
     ...snapshot,
     snapshotPath,

package/src/session/checkpoints.js

@@ -9,10 +9,12 @@ const DEFAULT_CHECKPOINT_LIMIT = 100;
 const MAX_CHECKPOINT_LIMIT = 200;
 const DEFAULT_MIN_EVENTS = 20;
 const DEFAULT_MAX_EVENTS = 80;
+const DEFAULT_BATCH_MAX_CHECKPOINTS = 5;
+const MAX_BATCH_MAX_CHECKPOINTS = 50;
 const DEFAULT_CREATED_BY_AGENT_ID = "senti";
 
 function normalizeString(value) {
-  return String(value || "").trim();
+  return String(value ?? "").trim();
 }
 
 function normalizeApiUrl(value) {
@@ -36,6 +38,15 @@ function normalizeLimit(value) {
   return Math.max(1, Math.min(MAX_CHECKPOINT_LIMIT, parsed));
 }
 
+function normalizeBatchMaxCheckpoints(value) {
+  const parsed = parsePositiveInteger(
+    value,
+    "max-checkpoints",
+    DEFAULT_BATCH_MAX_CHECKPOINTS,
+  );
+  return Math.max(1, Math.min(MAX_BATCH_MAX_CHECKPOINTS, parsed));
+}
+
 function stableHash(value) {
   return crypto
     .createHash("sha256")
@@ -97,6 +108,12 @@ function buildInvocationIdempotencyKey(operation) {
   return `sl_cli_session_checkpoint_${normalizeString(operation) || "mutation"}_${suffix}`;
 }
 
+function buildBatchIdempotencyKey(baseKey, index) {
+  const normalizedBase = normalizeString(baseKey);
+  if (!normalizedBase) return "";
+  return `${normalizedBase}:${Number(index) + 1}`;
+}
+
 function normalizeReason(value, fallbackValue = "checkpoint_generate_failed") {
   return (
     normalizeString(value)
@@ -345,6 +362,57 @@ export async function generateSessionCheckpoint(sessionId, options = {}) {
   };
 }
 
+export async function generateSessionCheckpointBatch(sessionId, options = {}) {
+  const normalizedSessionId = normalizeString(sessionId);
+  if (!normalizedSessionId) {
+    throw new Error("session id is required.");
+  }
+  const maxCheckpoints = normalizeBatchMaxCheckpoints(options.maxCheckpoints);
+  const results = [];
+  const seenCheckpointIds = new Set();
+  let stoppedReason = "max_checkpoints";
+
+  for (let index = 0; index < maxCheckpoints; index += 1) {
+    const result = await generateSessionCheckpoint(normalizedSessionId, {
+      ...options,
+      idempotencyKey: buildBatchIdempotencyKey(options.idempotencyKey, index),
+    });
+    const normalized = normalizeCheckpointGenerationResult(result);
+    results.push(normalized);
+
+    if (!normalized.checkpoint || normalized.duplicate || !normalized.created) {
+      stoppedReason = normalized.reason || (normalized.duplicate ? "duplicate_checkpoint" : "not_created");
+      break;
+    }
+
+    if (normalized.checkpointId) {
+      if (seenCheckpointIds.has(normalized.checkpointId)) {
+        stoppedReason = "repeated_checkpoint";
+        break;
+      }
+      seenCheckpointIds.add(normalized.checkpointId);
+    }
+  }
+
+  const created = results.filter((result) => result.created && !result.duplicate && result.checkpoint);
+  const duplicates = results.filter((result) => result.duplicate);
+  const lastResult = results.at(-1) || null;
+  return {
+    ok: results.every((result) => result.ok !== false),
+    sessionId: normalizedSessionId,
+    apiUrl: results.find((result) => result.apiUrl)?.apiUrl || null,
+    catchUp: true,
+    maxCheckpoints,
+    attemptedCount: results.length,
+    createdCount: created.length,
+    duplicateCount: duplicates.length,
+    checkpointIds: created.map((result) => result.checkpointId).filter(Boolean),
+    stoppedReason,
+    lastResult,
+    results,
+  };
+}
+
 export async function generateSessionCheckpointBestEffort(sessionId, options = {}) {
   const normalizedSessionId = normalizeString(sessionId);
   if (!normalizedSessionId) {
@@ -375,6 +443,8 @@ export async function generateSessionCheckpointBestEffort(sessionId, options = {
 
 export {
   DEFAULT_CREATED_BY_AGENT_ID,
+  DEFAULT_BATCH_MAX_CHECKPOINTS,
   DEFAULT_MAX_EVENTS,
   DEFAULT_MIN_EVENTS,
+  MAX_BATCH_MAX_CHECKPOINTS,
 };

package/src/session/coordination-guidance.js

@@ -5,8 +5,9 @@ export const COORDINATION_ETIQUETTE_ITEMS = Object.freeze([
   "When you have an agent grant, post agent updates with `sl session post-agent <id> \"status: <update>\" --agent <your-agent-id>` so they render as the agent, not the human relay.",
   "Before implementation, post a short plan and file claims with `sl session say <id> \"plan: <scope>; files: <paths>\"`.",
   "Claim shared files before editing with `lock: <file> - <intent>` and release them with `unlock: <file> - done`.",
-  "Run a background listener for replies: `sl session listen --session <id> --agent <your-name> --interval 60 --active-interval 5 --emit ndjson`; this idles at 60s and switches to 5s after human activity. If background polling is unavailable, fall back to `sl session sync <id> --json` then `sl session read <id> --tail 20 --json` every 5 minutes.",
-  "Use message actions for low-noise coordination before posting a new top-level message: `sl session react <id> ack --target-sequence <n>` for ACKs, `sl session action <id> working_on --target-sequence <n>` for ownership, `sl session view <id> <sequence>` for read receipts, and `sl session reply <id> <sequence> \"<message>\"` / `sl session comment <id> <sequence> \"<message>\"` for threaded responses. Run `sl session actions` to list all action types.",
+  "Run a background/secondary listener for replies with `sl session listen --session <id> --agent <your-name> --interval 60 --active-interval 5 --emit ndjson --no-presence`; this idles at 60s, switches to 5s after human activity, and avoids durable listener heartbeat noise. `session listen` is only a delivery cursor, not a grounding command; join or recap before acting. For your primary interactive listener, omit `--no-presence` so other participants can see you online. If background polling is unavailable, fall back to `sl session sync <id> --json` then `sl session read <id> --tail 20 --json` every 5 minutes.",
+  "For long-lived rooms, make sure exactly one visible participant owns the Senti daemon: `sl session daemon --session <id> --recap-interval 300 --checkpoint-interval 60`. If no durable recap/checkpoint is appearing, run `sl session recap now <id> --remote --agent <your-name> --json` before posting a long plan.",
+  "Use message actions for low-noise coordination before posting a new top-level message: `sl session react <id> ack --target-sequence <n>` only when an explicit ACK is useful, `sl session action <id> working_on --target-sequence <n>` for ownership, and `sl session reply <id> <sequence> \"<message>\"` / `sl session comment <id> <sequence> \"<message>\"` for threaded responses. Read receipts are automatic when you use `sl session read <id> --remote --agent <your-name>`; reserve `sl session view <id> <sequence>` for repair/backfill. Run `sl session actions` for the full list.",
   "Search before asking peers to restate context: `sl session search <id> \"<topic>\" --limit 10`.",
   "Run `sl review --diff` after each finished file or PR-ready diff and post the result summary back to the session.",
   "Post findings through `sl session say <id> \"finding: [P2] <title> in <file>:<line>\"` with enough context for a peer to act.",