switchroom 0.13.38 → 0.13.39

package/dist/cli/switchroom.js

@@ -47744,8 +47744,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.13.38";
-var COMMIT_SHA = "faca4736";
+var VERSION = "0.13.39";
+var COMMIT_SHA = "8681f423";
 
 // src/cli/agent.ts
 init_source();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.13.38",
+  "version": "0.13.39",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {

package/telegram-plugin/answer-stream.ts

@@ -244,15 +244,22 @@ export function createAnswerStream(config: AnswerStreamConfig): AnswerStreamHand
    * must clear the draft. Best-effort: a failed clear is logged but
    * not re-thrown — the worst case is a transient stale draft that
    * Telegram's own 30 s draft expiry eventually mops up.
+   *
+   * #1792 — accepts an explicit `targetDraftId` so `forceNewMessage`
+   * can clear the OLD id before bumping the closure's `draftId`. The
+   * default reads the live closure, which is what stop() / retract()
+   * want — clear whatever's current at the time the call lands.
    */
-  async function clearDraftBestEffort(): Promise<void> {
-    if (!usesDraftTransport || draftApi == null || draftId == null) return
+  async function clearDraftBestEffort(
+    targetDraftId: number | undefined = draftId,
+  ): Promise<void> {
+    if (!usesDraftTransport || draftApi == null || targetDraftId == null) return
     try {
       const params: { message_thread_id?: number } = {}
       if (threadId != null) params.message_thread_id = threadId
       await draftApi(
         chatId,
-        draftId,
+        targetDraftId,
         '',
         Object.keys(params).length > 0 ? params : undefined,
       )
@@ -531,6 +538,18 @@ export function createAnswerStream(config: AnswerStreamConfig): AnswerStreamHand
       stopped = false
       materialized = false
       if (usesDraftTransport) {
+        // #1792: clear the OLD draftId BEFORE rotating. Otherwise the
+        // stale content stays in the user's compose box until the 30 s
+        // Telegram draft expiry — the typical caller (gateway.ts mid-
+        // turn rapid-steer path: `forceNewMessage(); stop();`) cleans
+        // up the prior turn's stream, so the prior draft's content is
+        // semantically retracted. Fire-and-forget — forceNewMessage is
+        // sync; the worst-case failure mode is the same 30 s expiry
+        // we'd have had without the call.
+        const staleDraftId = draftId
+        if (staleDraftId != null) {
+          void clearDraftBestEffort(staleDraftId)
+        }
         draftId = allocateDraftId()
       }
       log?.(`answer-stream: forceNewMessage (gen=${generation})`)
@@ -546,6 +565,10 @@ export function createAnswerStream(config: AnswerStreamConfig): AnswerStreamHand
       // #1704: clear the compose-box draft. stop() is sync — fire and
       // forget. A dropped clear falls back on Telegram's own 30 s
       // draft expiry; the worst case is a transient stale preview.
+      // (#1792: the stale-id-after-rotation hazard is owned by
+      // forceNewMessage itself now — it clears its own draftId before
+      // rotating. stop() just clears whatever's current; clearing an
+      // already-cleared or never-used id is a harmless no-op.)
       void clearDraftBestEffort()
     },
 
@@ -563,6 +586,8 @@ export function createAnswerStream(config: AnswerStreamConfig): AnswerStreamHand
       // draft sitting in the user's input area and blocks them from
       // typing until the 30 s draft expiry. Awaited so a follow-up
       // sendMessage on the same chat doesn't race a stale draft edit.
+      // (See #1792 note in stop() — forceNewMessage owns its own stale
+      // id cleanup; retract just clears whatever's current.)
       await clearDraftBestEffort()
       // Delete the preliminary message if one was sent and deleteMessage
       // is wired. Best-effort: failures are logged but not re-thrown.

package/telegram-plugin/dist/gateway/gateway.js

@@ -37781,14 +37781,14 @@ function createAnswerStream(config) {
       scheduledTimer = null;
     }
   }
-  async function clearDraftBestEffort() {
-    if (!usesDraftTransport || draftApi == null || draftId == null)
+  async function clearDraftBestEffort(targetDraftId = draftId) {
+    if (!usesDraftTransport || draftApi == null || targetDraftId == null)
       return;
     try {
       const params = {};
       if (threadId != null)
         params.message_thread_id = threadId;
-      await draftApi(chatId, draftId, "", Object.keys(params).length > 0 ? params : undefined);
+      await draftApi(chatId, targetDraftId, "", Object.keys(params).length > 0 ? params : undefined);
     } catch {}
   }
   async function sendDraft(text) {
@@ -38008,6 +38008,10 @@ function createAnswerStream(config) {
       stopped = false;
       materialized = false;
       if (usesDraftTransport) {
+        const staleDraftId = draftId;
+        if (staleDraftId != null) {
+          clearDraftBestEffort(staleDraftId);
+        }
         draftId = allocateDraftId2();
       }
       log?.(`answer-stream: forceNewMessage (gen=${generation})`);
@@ -39638,9 +39642,13 @@ function parseSteerPrefix(body) {
 function escapeXmlAttribute(s) {
   return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
 }
+function decodeXmlEntities(s) {
+  return s.replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&quot;/g, '"').replace(/&apos;/g, "'").replace(/&nbsp;/g, " ").replace(/&amp;/g, "&");
+}
 function formatPriorAssistantPreview(text, maxChars = 200) {
   const stripped = text.replace(/<[^>]*>/g, "");
-  const collapsed = stripped.replace(/\s+/g, " ").trim();
+  const decoded = decodeXmlEntities(stripped);
+  const collapsed = decoded.replace(/\s+/g, " ").trim();
   const truncated = collapsed.length > maxChars ? collapsed.slice(0, maxChars) : collapsed;
   return escapeXmlAttribute(truncated);
 }
@@ -48722,10 +48730,10 @@ function sweepStaleTurnActiveMarker(stateDir, opts) {
 }
 
 // ../src/build-info.ts
-var VERSION = "0.13.38";
-var COMMIT_SHA = "faca4736";
-var COMMIT_DATE = "2026-05-25T06:37:08Z";
-var LATEST_PR = 1795;
+var VERSION = "0.13.39";
+var COMMIT_SHA = "8681f423";
+var COMMIT_DATE = "2026-05-25T07:06:31Z";
+var LATEST_PR = 1797;
 var COMMITS_AHEAD_OF_TAG = 0;
 
 // gateway/boot-version.ts

package/telegram-plugin/steering.ts

@@ -73,22 +73,53 @@ export function escapeXmlAttribute(s: string): string {
     .replace(/'/g, ''')
 }
 
+/**
+ * Decode the small set of HTML / XML entities switchroom emits when it
+ * renders model output as Telegram HTML. Pre-#1791 this function did
+ * not decode and `formatPriorAssistantPreview` then re-escaped the
+ * already-encoded entities, so a turn containing inline `<code>` would
+ * surface to the model on the next inbound as `&amp;amp;lt;…&amp;amp;gt;`
+ * (triple-encoded). The model had to mentally decode three layers to
+ * recover the original characters it wrote — measurably hostile to
+ * comprehension on turns with placeholders, JSX, XML, generics, etc.
+ *
+ * Decoding before re-escape closes that loop: the attribute boundary
+ * stays safe because `escapeXmlAttribute` runs unchanged at the tail.
+ *
+ * Limited to the canonical six entities — there's no general HTML
+ * entity table here, which keeps the surface predictable.
+ */
+function decodeXmlEntities(s: string): string {
+  return s
+    .replace(/&lt;/g, '<')
+    .replace(/&gt;/g, '>')
+    .replace(/&quot;/g, '"')
+    .replace(/&apos;/g, "'")
+    .replace(/&nbsp;/g, ' ')
+    // `&amp;` last so we don't accidentally re-decode `&amp;lt;` → `<` on
+    // a single pass — the order above relies on `&amp;` still being
+    // intact during the prior replaces.
+    .replace(/&amp;/g, '&')
+}
+
 /**
  * Produce a short, safe preview of the last assistant turn for injection
  * as an XML attribute. Strips HTML tags (so `<b>foo</b>` becomes `foo`),
- * collapses all whitespace runs into single spaces, truncates to
- * `maxChars` visible characters, then XML-escapes.
- *
- * We do NOT decode HTML entities — a literal `&amp;` in the source
- * survives as `&amp;amp;` after escape, which is fine: the attribute is
- * for the model's situational awareness, not faithful rendering.
+ * decodes the canonical six XML entities so the model sees the original
+ * characters (not triple-encoded `&amp;amp;lt;` — see #1791), collapses
+ * all whitespace runs into single spaces, truncates to `maxChars` visible
+ * characters, then XML-escapes for safe attribute injection.
  */
 export function formatPriorAssistantPreview(text: string, maxChars = 200): string {
   // Strip HTML tags. Anything angle-bracketed between < and > goes away;
   // this is deliberately liberal (no tag-name whitelist) because the
   // preview is for the model's eyes only.
   const stripped = text.replace(/<[^>]*>/g, '')
-  const collapsed = stripped.replace(/\s+/g, ' ').trim()
+  // #1791: decode entities BEFORE collapse/truncate/re-escape so the
+  // model sees the prose it actually wrote. The re-escape at the tail
+  // preserves attribute-injection safety.
+  const decoded = decodeXmlEntities(stripped)
+  const collapsed = decoded.replace(/\s+/g, ' ').trim()
   const truncated = collapsed.length > maxChars ? collapsed.slice(0, maxChars) : collapsed
   return escapeXmlAttribute(truncated)
 }

package/telegram-plugin/tests/answer-stream.test.ts

@@ -527,6 +527,92 @@ describe('answer-stream — clears sendMessageDraft on terminal paths (#1704)',
   })
 })
 
+// ─── #1792 — forceNewMessage clears the stale draftId before rotating ───
+//
+// Background: `forceNewMessage()` rotates `draftId` to a fresh allocation
+// so the stream can be re-used for a new turn (typical caller: gateway
+// rapid-steer path in `handleSessionEvent` enqueue branch — calls
+// `forceNewMessage(); stop()` on the prior turn's stream before opening
+// the new turn). Pre-#1792, the rotation orphaned the prior turn's
+// draft content in the user's compose box until Telegram's 30 s draft
+// expiry — `stop()`'s fire-and-forget clear closed over the (now-new)
+// `draftId`, so the clear targeted the unused id, not the stale one.
+//
+// Post-fix: `forceNewMessage` itself clears the stale draftId BEFORE
+// rotating. `stop()` continues to clear whatever draftId is current
+// at the time it runs (defensive, also fine: clearing an unused id
+// is a harmless no-op for the user).
+
+describe('answer-stream — forceNewMessage clears the stale draft before rotating (#1792)', () => {
+  it('clears the pre-rotation draftId when forceNewMessage rotates', async () => {
+    const sendMessage = makeSendMessage()
+    const editMessageText = makeEditMessageText()
+    const sendMessageDraft = makeSendMessageDraft()
+    const stream = createAnswerStream({
+      chatId: 'chat1',
+      isPrivateChat: true,
+      throttleMs: 250,
+      sendMessage,
+      editMessageText,
+      sendMessageDraft,
+    })
+
+    // Open the stream — this allocates draftId N and fires sendDraft(N).
+    stream.update('first turn thought')
+    await flushMicrotasks()
+    expect(sendMessageDraft).toHaveBeenCalledTimes(1)
+    const staleDraftId = (sendMessageDraft.mock.calls[0] as unknown as [string, number, string, unknown])[1]
+    sendMessageDraft.mockClear()
+
+    // Rotate. forceNewMessage must enqueue a clear against the OLD
+    // draftId before bumping to the new allocation — pre-fix the
+    // stale content stayed in the compose box for 30 s.
+    stream.forceNewMessage()
+    await flushMicrotasks()
+
+    expect(sendMessageDraft).toHaveBeenCalledTimes(1)
+    const clearedId = (sendMessageDraft.mock.calls[0] as unknown as [string, number, string, unknown])[1]
+    const clearedText = (sendMessageDraft.mock.calls[0] as unknown as [string, number, string, unknown])[2]
+    expect(clearedId).toBe(staleDraftId)
+    expect(clearedText).toBe('')
+  })
+
+  it('the gateway sequence forceNewMessage(); stop() clears the stale draftId', async () => {
+    // Mirrors the only production caller — telegram-plugin/gateway/
+    // gateway.ts:6476-6477 cleans up the prior turn's answer-stream
+    // before opening a new turn (rapid steer / queue path).
+    const sendMessage = makeSendMessage()
+    const editMessageText = makeEditMessageText()
+    const sendMessageDraft = makeSendMessageDraft()
+    const stream = createAnswerStream({
+      chatId: 'chat1',
+      isPrivateChat: true,
+      throttleMs: 250,
+      sendMessage,
+      editMessageText,
+      sendMessageDraft,
+    })
+
+    stream.update('prior turn thought')
+    await flushMicrotasks()
+    const staleDraftId = (sendMessageDraft.mock.calls[0] as unknown as [string, number, string, unknown])[1]
+    sendMessageDraft.mockClear()
+
+    stream.forceNewMessage()
+    stream.stop()
+    await flushMicrotasks()
+
+    // The stale id must have been cleared by ONE of the two calls
+    // (forceNewMessage in this design); the new unused id may also
+    // be cleared by stop() — harmless. The load-bearing invariant
+    // is "the stale id reaches sendMessageDraft('') somewhere".
+    const clearedIds = (sendMessageDraft.mock.calls as unknown as Array<[string, number, string, unknown]>)
+      .filter(c => c[2] === '')
+      .map(c => c[1])
+    expect(clearedIds).toContain(staleDraftId)
+  })
+})
+
 describe('answer-stream — empty / whitespace-only text is a no-op', () => {
   it('update("") does not trigger any transport call', async () => {
     const sendMessage = makeSendMessage()

package/telegram-plugin/tests/steering.test.ts

@@ -138,10 +138,43 @@ describe('formatPriorAssistantPreview', () => {
     expect(formatPriorAssistantPreview('a & b < c')).toBe('a &amp; b &lt; c')
   })
 
-  test('does NOT decode HTML entities (documented)', () => {
-    // Entities like &amp; survive as literal "&amp;" through strip and then
-    // get re-escaped to &amp;amp;. Acceptable for a model-facing preview.
-    expect(formatPriorAssistantPreview('a &amp; b')).toBe('a &amp;amp; b')
+  // ─── #1791 — decode entities before re-escape ───────────────────────────
+  // Pre-fix this function did NOT decode, so an already-encoded source
+  // (e.g. the rendered HTML stored in history) was re-escaped on top of
+  // its own encoding. The model saw `&amp;amp;lt;bar&amp;amp;gt;` (triple
+  // encoded) instead of `<bar>`. Decoding before the trim/re-escape pass
+  // closes that loop; the attribute boundary stays safe because
+  // escapeXmlAttribute runs unchanged at the tail.
+
+  test('decodes &amp; before re-escape (single-pass, not triple) — #1791', () => {
+    // Source stored in history as escaped HTML: `a &amp; b`.
+    // Pre-fix output: `a &amp;amp; b`. Post-fix: `a &amp; b` (single).
+    expect(formatPriorAssistantPreview('a &amp; b')).toBe('a &amp; b')
+  })
+
+  test('decodes &lt; / &gt; inside stripped tags — #1791', () => {
+    // The classic #1120 case: model wrote `Path: \`/tmp/foo-<bar>/\``,
+    // markdownToHtml stored it as `<code>/tmp/foo-&lt;bar&gt;/</code>`,
+    // strip removes the <code> tags, decode brings back the angle
+    // brackets, escape re-encodes safely for the attribute.
+    expect(formatPriorAssistantPreview('<code>/tmp/foo-&lt;bar&gt;/</code>'))
+      .toBe('/tmp/foo-&lt;bar&gt;/')
+  })
+
+  test('decodes &quot; / &apos; / &nbsp; — #1791', () => {
+    expect(formatPriorAssistantPreview('say &quot;hi&quot;')).toBe('say &quot;hi&quot;')
+    expect(formatPriorAssistantPreview('it&apos;s here')).toBe("it&apos;s here")
+    expect(formatPriorAssistantPreview('a&nbsp;b')).toBe('a b')
+  })
+
+  test('does not over-decode: bare `&amp;lt;` decodes to `&lt;`, not `<` — #1791', () => {
+    // The decode order (&lt; / &gt; / &quot; / &apos; / &nbsp; first, then
+    // &amp;) ensures a single pass doesn't strip two layers of escape.
+    // A literal `&amp;lt;` in source (i.e. someone deliberately encoded
+    // the word "&lt;") becomes `&lt;` after one decode pass, and then
+    // re-escapes back to `&amp;lt;`. Pin this so the order isn't accidentally
+    // flipped to a re-decode loop.
+    expect(formatPriorAssistantPreview('&amp;lt;')).toBe('&amp;lt;')
   })
 
   test('empty string returns empty', () => {

package/telegram-plugin/uat/scenarios/jtbd-pending-progress-html-dm.test.ts

@@ -0,0 +1,124 @@
+/**
+ * UAT — pending-progress edit preserves HTML formatting (#1698 regression gate).
+ *
+ * Promoted from the one-off `pr1706-pending-progress-html-dm.test.ts`
+ * verification scenario per #1793. The pending-progress / silent-anchor
+ * / answer-stream code family in `telegram-plugin/` all touch the
+ * parse_mode contract on cross-turn edits; the existing UAT suite
+ * (`cross-turn-pending-progress-dm.test.ts`, `jtbd-fast-trivial-dm.test.ts`,
+ * `jtbd-soft-commit-dm.test.ts`) covers cadence / round-trip / pacing
+ * but does NOT pin the parse_mode contract. #1698 shipped to prod and
+ * the existing suite went green throughout — this scenario closes that
+ * blind spot.
+ *
+ * Method:
+ *   1. Ask the agent to send ONE reply with both <b> and <code> via
+ *      the reply tool (default html format).
+ *   2. Dispatch a background bash so the turn ends with pending async.
+ *   3. End turn. Pending-progress activates.
+ *   4. After ~60-90s, observe the first edit. Assert text reads back
+ *      WITHOUT literal `<b>` / `<code>` substrings (Telegram parsed
+ *      under HTML, formatting moved to entities, mtcute Message.text
+ *      returns plain prose). Pre-fix, parse_mode was dropped on the
+ *      edit and the tags would render as literal characters.
+ */
+
+import { describe, it, expect } from "vitest";
+import { spinUp, type ObservedMessage } from "../harness.js";
+
+const SLEEP_SECONDS = 90;
+const OVERALL_DEADLINE_MS = 4 * 60_000;
+
+const PROMPT =
+  `Please run \`sleep ${SLEEP_SECONDS}\` in the background using the ` +
+  `Bash tool with \`run_in_background: true\`. Send exactly ONE reply, ` +
+  `using the reply tool with default html format, containing this text ` +
+  `VERBATIM:\n\n` +
+  `<b>Worker dispatched.</b> Running <code>sleep ${SLEEP_SECONDS}</code> ` +
+  `in background.\n\n` +
+  `Do NOT send any other reply until the sleep finishes. Just dispatch ` +
+  `the bash, send that one HTML reply, end your turn. When it finishes ` +
+  `much later, reply with the single word "done".`;
+
+const SUFFIX_RE = /\n\n— still working \(\d+m\)$/;
+
+describe("uat: pending-progress edit preserves HTML formatting (#1698 regression gate)", () => {
+  it(
+    "first pending-progress edit reads back WITHOUT literal HTML tags",
+    async () => {
+      const sc = await spinUp({ agent: "test-harness" });
+      try {
+        const startedAt = Date.now();
+        await sc.sendDM(PROMPT);
+
+        let anchorMsgId: number | null = null;
+        let editText: string | null = null;
+        const deadline = startedAt + OVERALL_DEADLINE_MS;
+
+        while (Date.now() < deadline) {
+          try {
+            const msg = await sc.expectMessage(
+              (m: ObservedMessage) => m.fromBot,
+              { from: "bot", timeout: deadline - Date.now() },
+            );
+            const rel = Date.now() - startedAt;
+            console.log(
+              `[jtbd-pending-progress-html] +${(rel / 1000).toFixed(1)}s ` +
+                `${msg.edited ? "EDIT" : "FRESH"} msg=${msg.messageId} ` +
+                `${JSON.stringify(msg.text.slice(0, 120))}`,
+            );
+            if (!msg.edited && anchorMsgId == null) {
+              anchorMsgId = msg.messageId;
+              continue;
+            }
+            if (
+              msg.edited &&
+              anchorMsgId === msg.messageId &&
+              SUFFIX_RE.test(msg.text)
+            ) {
+              editText = msg.text;
+              break;
+            }
+          } catch {
+            break;
+          }
+        }
+
+        expect(
+          anchorMsgId,
+          "agent never sent its initial HTML reply — UAT env issue",
+        ).not.toBeNull();
+        expect(
+          editText,
+          `no pending-progress edit observed within ${OVERALL_DEADLINE_MS / 1000}s — ` +
+            `model may not have dispatched async, or pending-progress is disabled`,
+        ).not.toBeNull();
+
+        // ── THE #1698 REGRESSION GATE ─────────────────────────────────
+        // mtcute's Message.text returns the parsed text — formatting
+        // lives in `entities`. So a working parse_mode=HTML edit shows
+        // clean prose with no literal "<b>" / "<code>" substrings.
+        // Pre-fix the gateway dropped parse_mode on the cross-turn
+        // edit and Telegram stored the tags as plain characters.
+        expect(
+          editText,
+          `#1698 regression: pending-progress edit text contains literal "<b>" — ` +
+            `parse_mode was dropped and Telegram is storing the original HTML tags as plain.`,
+        ).not.toContain("<b>");
+        expect(editText).not.toContain("</b>");
+        expect(editText).not.toContain("<code>");
+        expect(editText).not.toContain("</code>");
+
+        // Sanity — the model's prose is still visible (without tags).
+        expect(editText).toContain("Worker dispatched");
+
+        // Belt-and-braces — the suffix landed (proves the edit was
+        // pending-progress and not some other path).
+        expect(editText).toMatch(SUFFIX_RE);
+      } finally {
+        await sc.tearDown();
+      }
+    },
+    OVERALL_DEADLINE_MS + 30_000,
+  );
+});