switchroom 0.12.13 → 0.12.15

package/telegram-plugin/gateway/vault-grant-inbound-builders.ts

@@ -123,3 +123,120 @@ export function buildVaultGrantDeniedInbound(opts: {
     },
   }
 }
+
+/** Subset of PendingVaultRequestSave the save-outcome builders need.
+ *  The `vault_request_save` flow has no scope/ttl (it stores a value,
+ *  it doesn't mint a scoped grant). */
+export interface VaultSaveInboundContext {
+  agent: string
+  key: string
+  /** Telegram chat the save card lived in — keeps the synthesized
+   *  resume-turn associated with the originating conversation. */
+  chat_id: string
+}
+
+/**
+ * Synthetic inbound for a successful operator Save tap on a
+ * `vault_request_save` card. Symmetric with
+ * `buildVaultGrantApprovedInbound`: the `vault_request_save` tool
+ * returns "waiting for operator" and the agent ends its turn, so
+ * without this inbound the secret is stored but the agent is never
+ * told and never resumes (the exact silence bug this fixes — the
+ * `vrs:` handler had no wake-up despite a comment claiming one).
+ */
+export function buildVaultSaveCompletedInbound(opts: {
+  ctx: VaultSaveInboundContext
+  stageId: string
+  operatorId: string
+  nowMs?: number
+}): InboundMessage {
+  const ts = opts.nowMs ?? Date.now()
+  return {
+    type: 'inbound',
+    chatId: opts.ctx.chat_id,
+    messageId: ts,
+    user: 'vault-broker',
+    userId: 0,
+    ts,
+    text:
+      `✅ Operator saved your secret as \`vault:${opts.ctx.key}\`. ` +
+      `Please resume the task that was waiting on it — reference the ` +
+      `value via the usual \`vault:${opts.ctx.key}\` path.`,
+    meta: {
+      source: 'vault_save_completed',
+      agent: opts.ctx.agent,
+      key: opts.ctx.key,
+      stage_id: opts.stageId,
+      operator_id: opts.operatorId,
+    },
+  }
+}
+
+/**
+ * Synthetic inbound for a Save tap whose vault write FAILED. Steers
+ * the model away from assuming the secret exists.
+ */
+export function buildVaultSaveFailedInbound(opts: {
+  ctx: VaultSaveInboundContext
+  stageId: string
+  operatorId: string
+  reason: string
+  nowMs?: number
+}): InboundMessage {
+  const ts = opts.nowMs ?? Date.now()
+  return {
+    type: 'inbound',
+    chatId: opts.ctx.chat_id,
+    messageId: ts,
+    user: 'vault-broker',
+    userId: 0,
+    ts,
+    text:
+      `⚠️ The operator tapped Save but the vault write for ` +
+      `\`vault:${opts.ctx.key}\` FAILED (${opts.reason}). The secret was ` +
+      `NOT stored — do NOT assume \`vault:${opts.ctx.key}\` resolves. ` +
+      `Either retry the save (the operator may need to fix the underlying ` +
+      `issue first) or pick a fallback for the original task.`,
+    meta: {
+      source: 'vault_save_failed',
+      agent: opts.ctx.agent,
+      key: opts.ctx.key,
+      stage_id: opts.stageId,
+      operator_id: opts.operatorId,
+    },
+  }
+}
+
+/**
+ * Synthetic inbound for an operator Discard tap. The secret was never
+ * written; steer the model to a fallback rather than silent idle.
+ */
+export function buildVaultSaveDiscardedInbound(opts: {
+  ctx: VaultSaveInboundContext
+  stageId: string
+  operatorId: string
+  nowMs?: number
+}): InboundMessage {
+  const ts = opts.nowMs ?? Date.now()
+  return {
+    type: 'inbound',
+    chatId: opts.ctx.chat_id,
+    messageId: ts,
+    user: 'vault-broker',
+    userId: 0,
+    ts,
+    text:
+      `🚫 Operator discarded your \`vault_request_save\` for ` +
+      `\`${opts.ctx.key}\` — the secret was NOT stored and ` +
+      `\`vault:${opts.ctx.key}\` will not resolve. Pick a fallback for ` +
+      `the original task (ask the user, try another approach, or skip ` +
+      `the feature). Do NOT re-request the save without asking the user.`,
+    meta: {
+      source: 'vault_save_discarded',
+      agent: opts.ctx.agent,
+      key: opts.ctx.key,
+      stage_id: opts.stageId,
+      operator_id: opts.operatorId,
+    },
+  }
+}

package/telegram-plugin/tests/pending-inbound-buffer.test.ts

@@ -7,7 +7,7 @@
  */
 
 import { describe, it, expect } from 'vitest'
-import { createPendingInboundBuffer, DEFAULT_PENDING_INBOUND_CAP } from '../gateway/pending-inbound-buffer.js'
+import { createPendingInboundBuffer, redeliverBufferedInbound, DEFAULT_PENDING_INBOUND_CAP } from '../gateway/pending-inbound-buffer.js'
 import type { InboundMessage } from '../gateway/ipc-protocol.js'
 
 function inbound(source: string, ts = Date.now()): InboundMessage {
@@ -130,3 +130,73 @@ describe('pending-inbound-buffer', () => {
     expect(buf.totalDepth()).toBe(1)
   })
 })
+
+describe('redeliverBufferedInbound — wedge-clear self-heal (fleet-update incident 2026-05-19)', () => {
+  it('delivers every buffered message and empties the buffer when send succeeds', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    buf.push('klanker', inbound('user', 1))
+    buf.push('klanker', inbound('user', 2))
+    const seen: number[] = []
+    const r = redeliverBufferedInbound(buf, 'klanker', (m) => {
+      seen.push(m.messageId as number)
+      return true
+    })
+    expect(r).toEqual({ drained: 2, redelivered: 2, rebuffered: 0 })
+    expect(seen).toEqual([1, 2]) // FIFO preserved
+    expect(buf.depth('klanker')).toBe(0)
+  })
+
+  it('re-buffers (loses nothing) when the bridge is still offline — send returns false', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    buf.push('klanker', inbound('user', 1))
+    buf.push('klanker', inbound('cron', 2))
+    const r = redeliverBufferedInbound(buf, 'klanker', () => false)
+    expect(r).toEqual({ drained: 2, redelivered: 0, rebuffered: 2 })
+    expect(buf.depth('klanker')).toBe(2) // still there, nothing lost
+    expect(buf.drain('klanker').map((m) => m.meta?.source)).toEqual(['user', 'cron'])
+  })
+
+  it('treats a throwing send as not-delivered and re-buffers', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    buf.push('klanker', inbound('user', 1))
+    const r = redeliverBufferedInbound(buf, 'klanker', () => {
+      throw new Error('bridge write failed')
+    })
+    expect(r).toEqual({ drained: 1, redelivered: 0, rebuffered: 1 })
+    expect(buf.depth('klanker')).toBe(1)
+  })
+
+  it('mixed: delivers what it can, re-buffers only the misses', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    buf.push('klanker', inbound('a', 1))
+    buf.push('klanker', inbound('b', 2))
+    buf.push('klanker', inbound('c', 3))
+    let n = 0
+    const r = redeliverBufferedInbound(buf, 'klanker', () => {
+      n++
+      return n !== 2 // 2nd send fails
+    })
+    expect(r).toEqual({ drained: 3, redelivered: 2, rebuffered: 1 })
+    expect(buf.drain('klanker').map((m) => m.meta?.source)).toEqual(['b'])
+  })
+
+  it('is a no-op on an empty buffer (no send calls)', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    let calls = 0
+    const r = redeliverBufferedInbound(buf, 'klanker', () => {
+      calls++
+      return true
+    })
+    expect(r).toEqual({ drained: 0, redelivered: 0, rebuffered: 0 })
+    expect(calls).toBe(0)
+  })
+
+  it('only touches the named agent', () => {
+    const buf = createPendingInboundBuffer({ log: () => {} })
+    buf.push('klanker', inbound('user', 1))
+    buf.push('clerk', inbound('user', 2))
+    redeliverBufferedInbound(buf, 'klanker', () => true)
+    expect(buf.depth('klanker')).toBe(0)
+    expect(buf.depth('clerk')).toBe(1) // untouched
+  })
+})

package/telegram-plugin/tests/pending-permission-decisions.test.ts

@@ -0,0 +1,73 @@
+/**
+ * Pin the per-agent permission-verdict buffer (PR-3 of the callback→
+ * model-continuation series). A tool/skill/MCP permission request
+ * suspends the claude turn inside the MCP permission call until the
+ * operator's Approve/Deny verdict is relayed back. The verdict sites
+ * previously `broadcast(...)` fire-and-forget, so a verdict produced
+ * while the bridge was mid-reconnect was dropped and the model stayed
+ * wedged forever (user tapped, nothing happened, silence). This buffer
+ * — the permission analog of pending-inbound-buffer — holds the missed
+ * verdict and is drained on the next bridge register.
+ */
+
+import { describe, it, expect } from 'vitest'
+import {
+  createPendingPermissionBuffer,
+  DEFAULT_PENDING_PERMISSION_CAP,
+} from '../gateway/pending-permission-decisions.js'
+import type { PermissionEvent } from '../gateway/ipc-protocol.js'
+
+function verdict(
+  requestId: string,
+  behavior: 'allow' | 'deny' = 'allow',
+  rule?: string,
+): PermissionEvent {
+  return { type: 'permission', requestId, behavior, ...(rule ? { rule } : {}) }
+}
+
+describe('pending-permission-decisions', () => {
+  it('push + drain — FIFO order per agent, idempotent drain', () => {
+    const buf = createPendingPermissionBuffer({ log: () => {} })
+    buf.push('a', verdict('r1', 'allow'))
+    buf.push('a', verdict('r2', 'deny'))
+    buf.push('b', verdict('r3', 'allow'))
+    const a = buf.drain('a')
+    expect(a.map((e) => e.requestId)).toEqual(['r1', 'r2'])
+    expect(a[1]!.behavior).toBe('deny')
+    expect(buf.drain('a')).toEqual([]) // idempotent
+    expect(buf.drain('b').map((e) => e.requestId)).toEqual(['r3'])
+    expect(buf.totalDepth()).toBe(0)
+  })
+
+  it('preserves the always-allow rule field through buffering', () => {
+    const buf = createPendingPermissionBuffer({ log: () => {} })
+    buf.push('a', verdict('r1', 'allow', 'Bash(ls:*)'))
+    const [ev] = buf.drain('a')
+    expect(ev!.rule).toBe('Bash(ls:*)')
+    expect(ev!.behavior).toBe('allow')
+  })
+
+  it('per-agent cap drops the OLDEST verdict and reports eviction', () => {
+    const buf = createPendingPermissionBuffer({ capPerAgent: 3, log: () => {} })
+    expect(buf.push('a', verdict('r1'))).toBe(true)
+    expect(buf.push('a', verdict('r2'))).toBe(true)
+    expect(buf.push('a', verdict('r3'))).toBe(true)
+    expect(buf.push('a', verdict('r4'))).toBe(false) // evicted oldest
+    const drained = buf.drain('a')
+    expect(drained.map((e) => e.requestId)).toEqual(['r2', 'r3', 'r4'])
+  })
+
+  it('depth/totalDepth track buffered verdicts', () => {
+    const buf = createPendingPermissionBuffer({ log: () => {} })
+    expect(buf.depth('a')).toBe(0)
+    buf.push('a', verdict('r1'))
+    buf.push('a', verdict('r2'))
+    buf.push('b', verdict('r3'))
+    expect(buf.depth('a')).toBe(2)
+    expect(buf.totalDepth()).toBe(3)
+  })
+
+  it('exports a sane default cap', () => {
+    expect(DEFAULT_PENDING_PERMISSION_CAP).toBeGreaterThanOrEqual(8)
+  })
+})

package/telegram-plugin/tests/vault-save-inbound-builders.test.ts

@@ -0,0 +1,96 @@
+/**
+ * Pin the InboundMessage shapes the gateway synthesizes when the
+ * operator taps Save / Discard (or the write fails) on a
+ * `vault_request_save` card. Before this, `handleVaultRequestSaveCallback`
+ * edited the card on every terminal outcome but NEVER woke the agent
+ * (no sendToAgent / no pendingInboundBuffer push) — so the secret was
+ * stored/discarded but the agent that called `vault_request_save`
+ * stayed silently idle. These builders + the gateway wiring close that
+ * gap symmetrically with the vra: approve/deny path (#1052/#1150/#1156).
+ *
+ * The wire shape is load-bearing; a dropped `meta.source` / field would
+ * silently regress the wake-up. Cheap regression guard.
+ */
+
+import { describe, it, expect } from 'vitest'
+import {
+  buildVaultSaveCompletedInbound,
+  buildVaultSaveFailedInbound,
+  buildVaultSaveDiscardedInbound,
+  type VaultSaveInboundContext,
+} from '../gateway/vault-grant-inbound-builders.js'
+
+const FIXED_NOW = 1_700_000_000_000
+
+const CTX: VaultSaveInboundContext = {
+  agent: 'gymbro',
+  key: 'garmin/credentials',
+  chat_id: '12345',
+}
+
+describe('buildVaultSaveCompletedInbound', () => {
+  it('emits the canonical vault-broker envelope', () => {
+    const msg = buildVaultSaveCompletedInbound({
+      ctx: CTX,
+      stageId: 'stage-001',
+      operatorId: '999',
+      nowMs: FIXED_NOW,
+    })
+    expect(msg.type).toBe('inbound')
+    expect(msg.chatId).toBe('12345')
+    expect(msg.user).toBe('vault-broker')
+    expect(msg.userId).toBe(0)
+    expect(msg.ts).toBe(FIXED_NOW)
+    expect(msg.messageId).toBe(FIXED_NOW)
+  })
+
+  it('carries the load-bearing meta + an actionable resume instruction', () => {
+    const msg = buildVaultSaveCompletedInbound({
+      ctx: CTX,
+      stageId: 'stage-001',
+      operatorId: '999',
+      nowMs: FIXED_NOW,
+    })
+    expect(msg.meta).toEqual({
+      source: 'vault_save_completed',
+      agent: 'gymbro',
+      key: 'garmin/credentials',
+      stage_id: 'stage-001',
+      operator_id: '999',
+    })
+    expect(msg.text).toContain('vault:garmin/credentials')
+    expect(msg.text.toLowerCase()).toContain('resume')
+  })
+})
+
+describe('buildVaultSaveFailedInbound', () => {
+  it('flags NOT stored, carries the reason + failed source', () => {
+    const msg = buildVaultSaveFailedInbound({
+      ctx: CTX,
+      stageId: 'stage-002',
+      operatorId: '999',
+      reason: 'VAULT-BROKER-DENIED: no operator attestation',
+      nowMs: FIXED_NOW,
+    })
+    expect(msg.meta?.source).toBe('vault_save_failed')
+    expect(msg.meta?.key).toBe('garmin/credentials')
+    expect(msg.text).toContain('FAILED')
+    expect(msg.text).toContain('VAULT-BROKER-DENIED')
+    expect(msg.text).toContain('NOT stored')
+  })
+})
+
+describe('buildVaultSaveDiscardedInbound', () => {
+  it('flags NOT stored + steers to a fallback, discarded source', () => {
+    const msg = buildVaultSaveDiscardedInbound({
+      ctx: CTX,
+      stageId: 'stage-003',
+      operatorId: '999',
+      nowMs: FIXED_NOW,
+    })
+    expect(msg.meta?.source).toBe('vault_save_discarded')
+    expect(msg.meta?.agent).toBe('gymbro')
+    expect(msg.text).toContain('discarded')
+    expect(msg.text).toContain('NOT stored')
+  })
+})