npm - switchroom - Versions diffs - 0.13.24 → 0.13.26 - Mend

switchroom 0.13.24 → 0.13.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/agent-scheduler/index.js +2 -4
package/dist/auth-broker/index.js +31 -9
package/dist/cli/switchroom.js +494 -349
package/dist/host-control/main.js +2 -4
package/dist/vault/approvals/kernel-server.js +68 -65
package/dist/vault/broker/server.js +41 -12
package/package.json +1 -1
package/profiles/_shared/telegram-style.md.hbs +4 -4
package/telegram-plugin/dist/gateway/gateway.js +34 -29
package/telegram-plugin/tests/telegram-format.test.ts +2 -2
package/telegram-plugin/uat/scenarios/jtbd-rapid-followup-dm.test.ts +1 -1

package/dist/agent-scheduler/index.js CHANGED Viewed

@@ -11034,7 +11034,6 @@ var SessionSchema = exports_external.object({
 var SessionContinuitySchema = exports_external.object({
   enabled: exports_external.boolean().optional().describe("Master switch for the session-handoff briefing (default true)."),
   show_handoff_line: exports_external.boolean().optional().describe("Whether the telegram plugin prepends a visible '↩️ Picked up…' " + "line to the first assistant reply after a restart (default true)."),
-  summarizer_model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional().describe("Anthropic model used to produce the handoff briefing."),
   max_turns_in_briefing: exports_external.number().int().positive().optional().describe("Cap on recent user/assistant turn pairs fed to the summarizer."),
   resume_mode: exports_external.enum(["auto", "continue", "handoff", "none"]).optional().describe("How to resume the next session. 'handoff' (default as of #362) " + "never passes --continue; a fresh Claude starts each restart and " + "reads a briefing assembled from recent Telegram messages, Hindsight " + "recall, and today's daily memory file. 'auto' uses --continue when " + "the latest JSONL is smaller than resume_max_bytes, else falls back " + "to the handoff briefing. 'continue' always passes --continue. " + "'none' starts completely fresh every time."),
   resume_max_bytes: exports_external.number().int().positive().optional().describe("Byte threshold above which 'auto' mode falls back to handoff " + "instead of --continue. Default 2_000_000 (~2MB). Large transcripts " + "can blow out the context window even with prefix caching, and " + "--continue replay is known-fragile at scale.")
@@ -11081,10 +11080,9 @@ var TelegramChannelSchema = exports_external.object({
         start: exports_external.number().int().min(0).max(23),
         end: exports_external.number().int().min(0).max(23),
         tz: exports_external.string().optional()
-      }).optional(),
-      model: exports_external.string().optional()
+      }).optional()
     })).optional()
-  }).optional().describe("Auto-dispatch rules: when a verified webhook event matches a rule, " + "spawn a one-shot `claude -p` turn for the agent with the rendered " + "prompt. Supports cooldowns, quiet hours, and label/action matchers. " + "Off by default — opt in per agent. See src/web/webhook-dispatch.ts."),
+  }).optional().describe("Auto-dispatch rules: when a verified webhook event matches a rule, " + "inject the rendered prompt into the agent's live session (#1625). " + "Supports cooldowns, quiet hours, and label/action matchers. " + "Off by default — opt in per agent. See src/web/webhook-dispatch.ts."),
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit.")

package/dist/auth-broker/index.js CHANGED Viewed

@@ -11034,7 +11034,6 @@ var SessionSchema = exports_external.object({
 var SessionContinuitySchema = exports_external.object({
   enabled: exports_external.boolean().optional().describe("Master switch for the session-handoff briefing (default true)."),
   show_handoff_line: exports_external.boolean().optional().describe("Whether the telegram plugin prepends a visible '↩️ Picked up…' " + "line to the first assistant reply after a restart (default true)."),
-  summarizer_model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional().describe("Anthropic model used to produce the handoff briefing."),
   max_turns_in_briefing: exports_external.number().int().positive().optional().describe("Cap on recent user/assistant turn pairs fed to the summarizer."),
   resume_mode: exports_external.enum(["auto", "continue", "handoff", "none"]).optional().describe("How to resume the next session. 'handoff' (default as of #362) " + "never passes --continue; a fresh Claude starts each restart and " + "reads a briefing assembled from recent Telegram messages, Hindsight " + "recall, and today's daily memory file. 'auto' uses --continue when " + "the latest JSONL is smaller than resume_max_bytes, else falls back " + "to the handoff briefing. 'continue' always passes --continue. " + "'none' starts completely fresh every time."),
   resume_max_bytes: exports_external.number().int().positive().optional().describe("Byte threshold above which 'auto' mode falls back to handoff " + "instead of --continue. Default 2_000_000 (~2MB). Large transcripts " + "can blow out the context window even with prefix caching, and " + "--continue replay is known-fragile at scale.")
@@ -11081,10 +11080,9 @@ var TelegramChannelSchema = exports_external.object({
         start: exports_external.number().int().min(0).max(23),
         end: exports_external.number().int().min(0).max(23),
         tz: exports_external.string().optional()
-      }).optional(),
-      model: exports_external.string().optional()
+      }).optional()
     })).optional()
-  }).optional().describe("Auto-dispatch rules: when a verified webhook event matches a rule, " + "spawn a one-shot `claude -p` turn for the agent with the rendered " + "prompt. Supports cooldowns, quiet hours, and label/action matchers. " + "Off by default — opt in per agent. See src/web/webhook-dispatch.ts."),
+  }).optional().describe("Auto-dispatch rules: when a verified webhook event matches a rule, " + "inject the rendered prompt into the agent's live session (#1625). " + "Supports cooldowns, quiet hours, and label/action matchers. " + "Off by default — opt in per agent. See src/web/webhook-dispatch.ts."),
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit.")
@@ -11646,7 +11644,7 @@ function resolveAgentsDir(config) {
 import * as net from "node:net";
 import {
   chmodSync,
-  chownSync,
+  chownSync as chownSync2,
   existsSync as existsSync6,
   lstatSync,
   mkdirSync as mkdirSync3,
@@ -12107,6 +12105,7 @@ function atomicWriteJsonSync(destPath, value, mode = 384) {
 // src/auth/account-store.ts
 import {
+  chownSync,
   existsSync as existsSync4,
   mkdirSync,
   readFileSync as readFileSync3,
@@ -12203,6 +12202,18 @@ function writeAccountCredentials(label, value, home2 = homedir2()) {
   mkdirSync(accountDir(label, home2), { recursive: true });
   atomicWriteJson(accountCredentialsPath(label, home2), enrichClaudeCreds(value));
 }
+function chownAccountFiles(label, uid, home2 = homedir2()) {
+  validateAccountLabel(label);
+  const dir = accountDir(label, home2);
+  if (existsSync4(dir))
+    chownSync(dir, uid, uid);
+  const creds = accountCredentialsPath(label, home2);
+  if (existsSync4(creds))
+    chownSync(creds, uid, uid);
+  const meta = accountMetaPath(label, home2);
+  if (existsSync4(meta))
+    chownSync(meta, uid, uid);
+}
 function readAccountMeta(label, home2 = homedir2()) {
   const p = accountMetaPath(label, home2);
   if (!existsSync4(p))
@@ -13135,7 +13146,7 @@ class AuthBroker {
     const dir = dirname2(sockPath);
     if (existsSync6(dir)) {
       try {
-        chownSync(dir, 0, 0);
+        chownSync2(dir, 0, 0);
       } catch {}
       try {
         chmodSync(dir, 448);
@@ -13158,10 +13169,10 @@ class AuthBroker {
           chmodSync(sockPath, sockMode);
         } catch {}
         try {
-          chownSync(sockPath, targetUid, targetUid);
+          chownSync2(sockPath, targetUid, targetUid);
         } catch {}
         try {
-          chownSync(dir, targetUid, targetUid);
+          chownSync2(dir, targetUid, targetUid);
         } catch {}
         this.listeners.set(sockPath, { server, identity: identity2, socketPath: sockPath });
         resolveP();
@@ -13507,6 +13518,7 @@ class AuthBroker {
       socket.write(encodeError(id, "INTERNAL", err.message));
       return;
     }
+    this.chownAccountFilesIfRoot(label);
     const contents = readFileSync5(accountCredentialsPath(label, this.home), "utf-8");
     this.shaIndex[label] = sha256Hex(contents);
     this.lastWrittenExpiresAt.set(label, credentials.claudeAiOauth?.expiresAt);
@@ -13749,6 +13761,7 @@ class AuthBroker {
       };
       const outcome = await refreshAccountIfNeeded(label, opts);
       if (outcome.kind === "refreshed") {
+        this.chownAccountFilesIfRoot(label);
         const creds = readAccountCredentials(label, this.home);
         const newExpiresAt = creds?.claudeAiOauth?.expiresAt ?? outcome.newExpiresAt;
         this.lastWrittenExpiresAt.set(label, newExpiresAt);
@@ -13899,7 +13912,7 @@ class AuthBroker {
       atomicWriteFileSync(targetPath, mirrorContent, 384);
       try {
         const uid = allocateAgentUid(agentName);
-        chownSync(targetPath, uid, uid);
+        chownSync2(targetPath, uid, uid);
       } catch (err) {
         this.warnCapChownMissing(err);
       }
@@ -14026,6 +14039,15 @@ class AuthBroker {
     const msg = err instanceof Error ? err.message : String(err);
     this.logErr(`chown failed (CAP_CHOWN missing?): ${msg}. ` + `Per-agent mirror written but ownership not flipped. ` + `Suppressing further chown warnings for this process.`);
   }
+  chownAccountFilesIfRoot(label) {
+    if (this.operatorUid === undefined)
+      return;
+    try {
+      chownAccountFiles(label, this.operatorUid, this.home);
+    } catch (err) {
+      this.warnCapChownMissing(err);
+    }
+  }
   assertConfigConsistent(cfg) {
     const shape = configToShape(cfg);
     const errs = validateConsumerNames(shape);