switchroom 0.13.51 → 0.13.53

package/dist/auth-broker/index.js

@@ -10973,7 +10973,11 @@ var ScheduleEntrySchema = exports_external.object({
   cron: exports_external.string().describe("Cron expression (e.g., '0 8 * * *')"),
   prompt: exports_external.string().describe("Prompt to send at the scheduled time"),
   model: exports_external.string().optional().describe("DEPRECATED / IGNORED. Pre-v0.8 the singleton scheduler ran each " + "task as an isolated headless invocation and could set --model per " + "task. Post cron-fold-in (v0.8) the fire is injected into the agent's " + "running session, so it always uses the agent's configured model " + "— this field has no effect. Accepted (optional) only so existing " + "configs keep validating; set the model at the agent level instead. " + "See docs/scheduling.md."),
-  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).default([]).describe("Vault key names this cron task may read via the vault-broker daemon. " + "Empty by default — broker requests for unlisted keys are denied. " + "Note: this is misconfiguration protection (a typo in cron-A doesn't " + "accidentally read cron-B's keys) rather than a security boundary — " + "anyone who can edit cron scripts can also edit switchroom.yaml, and " + "anyone with the vault passphrase can read the vault file directly. " + "See docs/configuration.md for the full framing.")
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).default([]).describe("Vault key names this cron task may read via the vault-broker daemon. " + "Empty by default — broker requests for unlisted keys are denied. " + "Note: this is misconfiguration protection (a typo in cron-A doesn't " + "accidentally read cron-B's keys) rather than a security boundary — " + "anyone who can edit cron scripts can also edit switchroom.yaml, and " + "anyone with the vault passphrase can read the vault file directly. " + "See docs/configuration.md for the full framing."),
+  topic: exports_external.union([
+    exports_external.string().min(1, "topic alias must be non-empty"),
+    exports_external.number().int().positive("topic ID must be a positive integer")
+  ]).optional().describe("Forum topic this cron fires into when the owning agent is in " + "supergroup-owned mode (channels.telegram.chat_id set). Either a " + 'string alias resolved against `topic_aliases` (e.g. "planning") ' + "or a numeric topic ID. Falls back to the agent's `default_topic_id` " + "when unset. Ignored for agents in fleet-shared or dm_only mode. " + "Alias-resolution happens at config-load — typos surface immediately. " + "See docs/rfcs/supergroup-mode.md.")
 });
 var AgentSoulSchema = exports_external.object({
   name: exports_external.string().describe("Agent persona name (e.g., 'Coach', 'Sage')"),
@@ -11085,8 +11089,35 @@ var TelegramChannelSchema = exports_external.object({
   }).optional().describe("Auto-dispatch rules: when a verified webhook event matches a rule, " + "inject the rendered prompt into the agent's live session (#1625). " + "Supports cooldowns, quiet hours, and label/action matchers. " + "Off by default — opt in per agent. See src/web/webhook-dispatch.ts."),
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
-  }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit.")
-}).optional();
+  }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+  chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
+  default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
+  topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")
+}).optional().superRefine((tg, ctx) => {
+  if (!tg)
+    return;
+  if (tg.chat_id != null && tg.default_topic_id == null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`channels.telegram.chat_id` requires `default_topic_id` — supergroup-mode agents need a fallback topic for unclassified outbounds.",
+      path: ["default_topic_id"]
+    });
+  }
+  if (tg.default_topic_id != null && tg.chat_id == null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`channels.telegram.default_topic_id` requires `chat_id` — default_topic_id is only meaningful when the agent owns its own supergroup.",
+      path: ["chat_id"]
+    });
+  }
+  if (tg.topic_aliases != null && tg.chat_id == null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`channels.telegram.topic_aliases` requires `chat_id` — aliases only resolve in supergroup-owned mode.",
+      path: ["topic_aliases"]
+    });
+  }
+});
 var ChannelsSchema = exports_external.object({
   telegram: TelegramChannelSchema
 }).optional();
@@ -11103,6 +11134,12 @@ var GoogleWorkspaceConfigSchema = exports_external.object({
   approvers: exports_external.array(ApproverIdSchema).min(1).describe("Array of numeric Telegram user IDs authorized to approve drive onboarding. " + "At least one must be specified."),
   tier: GoogleWorkspaceTierSchema.optional().describe("RFC G Phase 1: which upstream MCP tier to expose. " + "core (default) = ~16 tools (Drive+Docs+Sheets+Calendar). " + "extended = ~40 tools (+Slides, Forms, Tasks, Chat). " + "complete = ~60+ tools (+Gmail; not recommended yet — see RFC G §5).")
 }).optional();
+var MicrosoftWorkspaceConfigSchema = exports_external.object({
+  microsoft_client_id: exports_external.string().min(1).describe("Microsoft OAuth application (client) ID from Entra portal " + "(literal string or vault reference e.g. " + "'vault:microsoft-oauth-client-id')."),
+  microsoft_client_secret: exports_external.string().min(1).optional().describe("Microsoft OAuth client secret. Optional — public-client apps " + "(Mobile + Desktop platform with 'Allow public client flows' " + "enabled) work without a secret; confidential clients pass " + "one. Either literal or vault reference e.g. " + "'vault:microsoft-oauth-client-secret'."),
+  authority: exports_external.string().url().optional().describe("Microsoft authority endpoint. Defaults to " + "'https://login.microsoftonline.com/common' which accepts both " + "personal MSA and work/school tenants. Override only for " + "single-tenant deployments."),
+  org_mode: exports_external.boolean().optional().describe("Opt-in to Teams + SharePoint surfaces (RFC §6.4). When true, " + "the v1 scope set adds Sites.ReadWrite.All AND the launcher " + "spawns softeria with --org-mode. Defaults to false — personal " + "MSA + standard work surfaces only. Flipping for an existing " + "consented account requires re-running 'auth microsoft account " + "add --replace' to consent the additional scope.")
+}).optional();
 var AgentGoogleWorkspaceConfigSchema = exports_external.object({
   account: exports_external.string().regex(/^[^@\s:]+@[^@\s:]+\.[^@\s:]+$/, {
     message: "google_workspace.account must be a Google account email like " + "'alice@example.com' (colons not allowed)"
@@ -11110,6 +11147,12 @@ var AgentGoogleWorkspaceConfigSchema = exports_external.object({
   approvers: exports_external.array(ApproverIdSchema).min(1).optional().describe("Per-agent approver override. When set, replaces (does not extend) " + "the top-level drive.approvers list for this agent's onboarding card."),
   tier: GoogleWorkspaceTierSchema.optional().describe("Per-agent tier override (RFC G Phase 1). When set, replaces the " + "top-level google_workspace.tier for this agent. Common case: most " + "agents on `core`, one specialist on `extended` for Slides access.")
 }).optional();
+var AgentMicrosoftWorkspaceConfigSchema = exports_external.object({
+  account: exports_external.string().regex(/^[^@\s:]+@[^@\s:]+\.[^@\s:]+$/, {
+    message: "microsoft_workspace.account must be a Microsoft account email like " + "'alice@outlook.com' or 'alice@contoso.com' (colons not allowed)"
+  }).transform((v) => v.trim().toLowerCase()).optional().describe("RFC #1873: the Microsoft account this agent uses for the M365 MCP. " + "Must be a key in top-level `microsoft_accounts:` with this agent " + "listed in its `enabled_for[]`. Read by the auth-broker " + "(get-credentials, provider=microsoft) and by the scaffold to " + "decide whether to emit the `ms-365` MCP entry. Normalized to " + "lowercase so it matches the microsoft_accounts key (which is " + "also normalized)."),
+  org_mode: exports_external.boolean().optional().describe("Per-agent org_mode override (RFC #1873 §6.4). When set, replaces " + "the top-level microsoft_workspace.org_mode for this agent. " + "Defaults to top-level value (which defaults to false).")
+}).optional();
 var ReactionsSchema = exports_external.object({
   enabled: exports_external.boolean().optional().describe("Master switch for the reaction-trigger path. When false, " + "reactions are still persisted via recordReaction but never " + "dispatched to the agent as synthetic inbound turns. Default true."),
   trigger_emojis: exports_external.array(exports_external.string()).optional().describe("Emoji allowlist that triggers a synthetic inbound when reacted " + "to a bot message. Default ['\uD83D\uDC4E', '❌', '\uD83D\uDC4D', '✅']. Cascade " + "mode: REPLACE (not union) — setting this at a layer replaces " + "lower layers entirely, so an operator can narrow to [] to " + "disable triggering without flipping `enabled`."),
@@ -11245,6 +11288,7 @@ var AgentSchema = exports_external.object({
   code_repos: exports_external.array(CodeRepoEntrySchema).optional().describe("Git repositories this agent is allowed to claim worktrees from. " + "Each entry provides a short name alias, a source path, and an " + "optional concurrency cap (default 5). When code_repos is set, " + "claim_worktree accepts the alias as the repo argument. " + "Absolute paths may always be passed regardless of this list."),
   drive: AgentGoogleWorkspaceConfigSchema.describe("RFC D legacy key — use `google_workspace:` instead. Per-agent " + "google_workspace overrides (currently approvers + tier). When set, " + "replaces the top-level approvers list for this agent. " + "google_client_id/secret are not per-agent — they live at the top level."),
   google_workspace: AgentGoogleWorkspaceConfigSchema.describe("RFC G canonical key. Per-agent Google Workspace overrides — currently " + "approvers (replaces, does not extend the top-level list) and tier " + "(`core` | `extended` | `complete`, replaces top-level default). " + "google_client_id/secret are not per-agent — they live at the top level. " + "Mutually exclusive with `drive:` on the same agent (loader fails fast " + "if both are set)."),
+  microsoft_workspace: AgentMicrosoftWorkspaceConfigSchema.describe("RFC #1873 (Microsoft 365 integration). Per-agent Microsoft Workspace " + "override — pins the Microsoft account this agent reads via the " + "auth-broker (must be a key in top-level `microsoft_accounts:` with " + "this agent in its `enabled_for[]`) and optionally overrides org_mode. " + "microsoft_client_id/secret are not per-agent."),
   repos: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9-]*$/, "Repo slug must be kebab-case ASCII: start with a lowercase letter or digit, contain only lowercase letters, digits, and hyphens"), exports_external.object({
     url: exports_external.string().min(1).describe("Git remote URL for the repo (e.g. 'git@github.com:org/repo.git' or " + "'https://github.com/org/repo.git'). Used verbatim for git clone."),
     branch_default: exports_external.string().optional().describe("Default branch to track (defaults to the remote's HEAD, typically 'main'). " + "The per-agent branch 'agent/<agentName>/main' fast-forwards to this branch " + "when the worktree is clean on session start.")
@@ -11259,6 +11303,33 @@ var AgentSchema = exports_external.object({
     pids_limit: exports_external.number().int().positive().optional(),
     cpus: exports_external.number().positive().optional()
   }).optional()
+}).superRefine((agent, ctx) => {
+  if (agent.dm_only !== true)
+    return;
+  const tg = agent.channels?.telegram;
+  if (tg == null)
+    return;
+  if (tg.chat_id != null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`dm_only: true` forbids `channels.telegram.chat_id` — DM-only agents have their own private chat, not a supergroup.",
+      path: ["channels", "telegram", "chat_id"]
+    });
+  }
+  if (tg.default_topic_id != null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`dm_only: true` forbids `channels.telegram.default_topic_id` — DMs don't have forum topics.",
+      path: ["channels", "telegram", "default_topic_id"]
+    });
+  }
+  if (tg.topic_aliases != null) {
+    ctx.addIssue({
+      code: exports_external.ZodIssueCode.custom,
+      message: "`dm_only: true` forbids `channels.telegram.topic_aliases` — DMs don't have forum topics.",
+      path: ["channels", "telegram", "topic_aliases"]
+    });
+  }
 });
 var TelegramConfigSchema = exports_external.object({
   bot_token: exports_external.string().describe("Telegram bot token or vault reference (e.g., 'vault:telegram-bot-token')"),
@@ -11340,6 +11411,7 @@ var SwitchroomConfigSchema = exports_external.object({
   }).optional().describe("Switchroom-auth-broker configuration (RFC H). Fleet-wide active account, " + "fallback order, admin-agent ACL, and ephemeral-consumer surface. " + "Required from the v0.8+ schema onwards; pre-v0.8 fleets are migrated " + "in-place by `switchroom apply` (see src/auth/migrate-schema.ts)."),
   drive: GoogleWorkspaceConfigSchema.describe("RFC D legacy key — use `google_workspace:` instead. Optional Google " + "Workspace onboarding configuration. When set, supplies Google OAuth " + "client credentials, the approver allowlist for `switchroom drive " + "connect`, and the optional tier knob. Env vars " + "(SWITCHROOM_GOOGLE_CLIENT_ID, SWITCHROOM_GOOGLE_CLIENT_SECRET, " + "SWITCHROOM_APPROVER_USER_ID) take precedence over this block when " + "set, preserving back-compat with the env-only flow shipped in #766."),
   google_workspace: GoogleWorkspaceConfigSchema.describe("RFC G canonical key. Top-level Google Workspace configuration — " + "OAuth client credentials, approver allowlist, and tier knob (`core` " + "| `extended` | `complete`, default `core`). Mutually exclusive with " + "`drive:` at the top level (loader fails fast if both are set)."),
+  microsoft_workspace: MicrosoftWorkspaceConfigSchema.describe("RFC #1873 (Microsoft 365 integration). Top-level Microsoft Workspace " + "configuration — OAuth client credentials (Entra app), authority " + "endpoint (defaults to /common for personal MSA + work), and the " + "org_mode opt-in for Teams/SharePoint surfaces. Block is optional; " + "when omitted the broker does not register the Microsoft provider."),
   quota: QuotaConfigSchema.optional().describe("Optional weekly/monthly USD spend budgets rendered in the session " + "greeting. Usage is read from ccusage at runtime; no network calls."),
   host_control: HostControlConfigSchema.default({}).describe("Host-control daemon configuration. Defaults to enabled=true since " + "RFC C Phase 2 (docs/rfcs/host-control-daemon.md). Omit the block " + "to accept defaults; set `enabled: false` only on legacy systemd-" + "mode installs (removal tracked as RFC C Phase 3)."),
   hostd: HostdConfigSchema.default({}).describe("hostd verb-level knobs (RFC admin-agent-config-edit). Distinct " + "from `host_control:` which governs whether the daemon runs at " + "all. Currently scopes the opt-in flag and rate cap for the new " + "`config_propose_edit` verb (PR 1a — disabled by default)."),
@@ -11350,6 +11422,13 @@ var SwitchroomConfigSchema = exports_external.object({
       message: "Agent name must match the standard agent-name pattern"
     })).describe("Agent slugs that may read this account's vault slots " + "(`google:<account>:refresh_token` etc). Per-agent ACL is " + "enforced at the broker, not at the agent identity layer — " + "the agent still authenticates via socket-path-as-identity " + "per RFC D §4.1, broker just gates the cross-agent token share.")
   })).optional().describe("RFC G Phase 2: per-Google-account ACL for vault slots holding " + "OAuth refresh tokens. Maps account email → list of agents " + "permitted to read that account's slots. Written by `switchroom " + "auth google enable|disable` (Phase 3); read by the broker on " + "every Google slot access. Replaces RFC D's per-agent vault slot " + "scope (which can't express 'two agents share one Google account')."),
+  microsoft_accounts: exports_external.record(exports_external.string().regex(/^[^@\s:]+@[^@\s:]+\.[^@\s:]+$/, {
+    message: "Account key must be a Microsoft account email like 'alice@outlook.com' or 'alice@contoso.com' (colons not allowed)"
+  }).transform((v) => v.trim().toLowerCase()), exports_external.object({
+    enabled_for: exports_external.array(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
+      message: "Agent name must match the standard agent-name pattern"
+    })).describe("Agent slugs that may read this Microsoft account's broker " + "credentials. Per-agent ACL enforced at the broker; agents " + "still authenticate via socket-path-as-identity, broker just " + "gates the cross-agent token share. Mirrors google_accounts.")
+  })).optional().describe("RFC #1873: per-Microsoft-account ACL. Maps account email → list of " + "agents permitted to use that account's broker credentials. Written " + "by `switchroom auth microsoft enable|disable`; read by the broker " + "on get-credentials with provider=microsoft."),
   defaults: AgentDefaultsSchema.describe("Implicit bottom-of-cascade profile applied to every agent before " + "per-agent config and `extends:` resolution. Tools, mcp_servers, and " + "schedule are unioned/concatenated; scalars and nested objects are " + "shallow-merged with per-agent values winning."),
   profiles: exports_external.record(exports_external.string(), ProfileSchema).optional().describe("Named profile definitions. Agents reference via `extends: <name>`. " + "Inline profiles declared here take priority over filesystem " + "profiles/<name>/ directories when both exist."),
   agents: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
@@ -11519,157 +11598,6 @@ function applyAgentOverlays(config) {
   return { config, warnings };
 }
 
-// src/config/loader.ts
-class ConfigError extends Error {
-  details;
-  constructor(message, details) {
-    super(message);
-    this.details = details;
-    this.name = "ConfigError";
-  }
-}
-function formatZodErrors(error) {
-  return error.errors.map((e) => {
-    const path = e.path.join(".");
-    return `  ${path}: ${e.message}`;
-  });
-}
-function coerceLegacyGoogleWorkspaceKeys(parsed, filePath) {
-  const stableStringify = (v) => {
-    if (v === null || typeof v !== "object")
-      return JSON.stringify(v);
-    if (Array.isArray(v))
-      return `[${v.map(stableStringify).join(",")}]`;
-    const obj = v;
-    const keys = Object.keys(obj).sort();
-    return `{${keys.map((k) => `${JSON.stringify(k)}:${stableStringify(obj[k])}`).join(",")}}`;
-  };
-  const aliasInPlace = (obj, where) => {
-    const a = obj.drive;
-    const b = obj.google_workspace;
-    if (a !== undefined && b !== undefined) {
-      if (stableStringify(a) !== stableStringify(b)) {
-        throw new ConfigError(`Both \`drive:\` and \`google_workspace:\` are set on ${where} in ${filePath} with different values.`, [
-          "  These are aliases — pick one and remove the other.",
-          "  `google_workspace:` is the RFC G canonical key; `drive:` is the legacy alias.",
-          "  Allowed during transition: setting both with identical values."
-        ]);
-      }
-      return;
-    }
-    if (a !== undefined && b === undefined)
-      obj.google_workspace = a;
-    if (b !== undefined && a === undefined)
-      obj.drive = b;
-  };
-  aliasInPlace(parsed, "the top level");
-  const agents = parsed.agents;
-  if (agents && typeof agents === "object" && !Array.isArray(agents)) {
-    for (const [name, agent] of Object.entries(agents)) {
-      if (agent && typeof agent === "object" && !Array.isArray(agent)) {
-        aliasInPlace(agent, `agent \`${name}\``);
-      }
-    }
-  }
-}
-function findConfigFile(startDir) {
-  const envPath = process.env.SWITCHROOM_CONFIG;
-  const home2 = homedir();
-  const userDir = resolve3(home2, ".switchroom");
-  const searchPaths = [
-    envPath ? resolve3(envPath) : null,
-    startDir ? resolve3(startDir, "switchroom.yaml") : null,
-    startDir ? resolve3(startDir, "switchroom.yml") : null,
-    startDir ? resolve3(startDir, "clerk.yaml") : null,
-    startDir ? resolve3(startDir, "clerk.yml") : null,
-    resolve3(process.cwd(), "switchroom.yaml"),
-    resolve3(process.cwd(), "switchroom.yml"),
-    resolve3(process.cwd(), "clerk.yaml"),
-    resolve3(process.cwd(), "clerk.yml"),
-    resolve3(userDir, "switchroom.yaml"),
-    resolve3(userDir, "switchroom.yml"),
-    resolve3(userDir, "clerk.yaml"),
-    resolve3(userDir, "clerk.yml")
-  ].filter(Boolean);
-  for (const path of searchPaths) {
-    if (existsSync3(path)) {
-      return path;
-    }
-  }
-  throw new ConfigError("No switchroom.yaml found", searchPaths.map((p) => `  Searched: ${p}`));
-}
-function loadConfig(configPath) {
-  const filePath = configPath ?? findConfigFile();
-  if (!existsSync3(filePath)) {
-    throw new ConfigError(`Config file not found: ${filePath}`);
-  }
-  let raw;
-  try {
-    raw = readFileSync2(filePath, "utf-8");
-  } catch (err) {
-    throw new ConfigError(`Failed to read config file: ${filePath}`, [
-      `  ${err.message}`
-    ]);
-  }
-  let parsed;
-  try {
-    parsed = $parse(raw);
-  } catch (err) {
-    throw new ConfigError(`Invalid YAML in ${filePath}`, [
-      `  ${err.message}`
-    ]);
-  }
-  if (parsed && typeof parsed === "object" && !Array.isArray(parsed) && parsed.clerk !== undefined && parsed.switchroom === undefined) {
-    const obj = parsed;
-    obj.switchroom = obj.clerk;
-    delete obj.clerk;
-  }
-  if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
-    coerceLegacyGoogleWorkspaceKeys(parsed, filePath);
-  }
-  let config;
-  try {
-    config = SwitchroomConfigSchema.parse(parsed);
-  } catch (err) {
-    if (err instanceof ZodError) {
-      throw new ConfigError("Invalid switchroom.yaml configuration", formatZodErrors(err));
-    }
-    throw err;
-  }
-  applyAgentOverlays(config);
-  return config;
-}
-function resolveAgentsDir(config) {
-  const override = process.env.SWITCHROOM_AGENTS_DIR;
-  if (override && override.length > 0 && override.startsWith("/")) {
-    return override;
-  }
-  return resolveDualPath(config.switchroom.agents_dir);
-}
-
-// src/auth/broker/server.ts
-import * as net from "node:net";
-import {
-  chmodSync,
-  chownSync as chownSync2,
-  existsSync as existsSync6,
-  lstatSync,
-  mkdirSync as mkdirSync3,
-  readFileSync as readFileSync5,
-  renameSync as renameSync3,
-  rmSync as rmSync4,
-  statSync as statSync4,
-  unlinkSync,
-  writeFileSync as writeFileSync2
-} from "node:fs";
-import { closeSync as closeSync2, openSync as openSync2, writeSync as writeSync2 } from "node:fs";
-import * as constants2 from "node:constants";
-import { createHash as createHash2 } from "node:crypto";
-import { dirname as dirname2, join as join3, resolve as resolve6 } from "node:path";
-
-// src/agents/compose.ts
-import { createHash } from "node:crypto";
-
 // src/config/merge.ts
 function dedupe(items) {
   const seen = new Set;
@@ -11698,6 +11626,20 @@ function deepMergeJson(base, override) {
   }
   return out;
 }
+function resolveAgentConfig(defaults, profiles, agent) {
+  if (!mergeAgentConfig.suppressDeprecationLogs && !mergeAgentConfig.notifiedWorkerIsolationMove && defaults?.subagents?.worker?.isolation === "worktree") {
+    mergeAgentConfig.notifiedWorkerIsolationMove = true;
+    console.warn("[switchroom] NOTICE: defaults.subagents.worker.isolation moved to the " + "`coding` profile in switchroom 0.6.6 (#682). Agents extending coding " + "still get worktree-isolated workers; other agents would have hard-failed " + "the first time they delegated. See CHANGELOG.");
+  }
+  const name = agent.extends;
+  const profile = name && profiles ? profiles[name] : undefined;
+  if (!profile) {
+    return mergeAgentConfig(defaults, agent);
+  }
+  const { extends: _unused, ...profileWithoutExtends } = profile;
+  const layered = mergeAgentConfig(defaults, profileWithoutExtends);
+  return mergeAgentConfig(layered, agent);
+}
 function foldDeprecatedTelegramFields(config) {
   const c = config;
   const root = c;
@@ -11965,6 +11907,183 @@ function mergeAgentConfig(defaultsIn, agentIn) {
   mergeAgentConfig.notifiedWorkerIsolationMove = false;
 })(mergeAgentConfig ||= {});
 
+// src/config/loader.ts
+class ConfigError extends Error {
+  details;
+  constructor(message, details) {
+    super(message);
+    this.details = details;
+    this.name = "ConfigError";
+  }
+}
+function formatZodErrors(error) {
+  return error.errors.map((e) => {
+    const path = e.path.join(".");
+    return `  ${path}: ${e.message}`;
+  });
+}
+function coerceLegacyGoogleWorkspaceKeys(parsed, filePath) {
+  const stableStringify = (v) => {
+    if (v === null || typeof v !== "object")
+      return JSON.stringify(v);
+    if (Array.isArray(v))
+      return `[${v.map(stableStringify).join(",")}]`;
+    const obj = v;
+    const keys = Object.keys(obj).sort();
+    return `{${keys.map((k) => `${JSON.stringify(k)}:${stableStringify(obj[k])}`).join(",")}}`;
+  };
+  const aliasInPlace = (obj, where) => {
+    const a = obj.drive;
+    const b = obj.google_workspace;
+    if (a !== undefined && b !== undefined) {
+      if (stableStringify(a) !== stableStringify(b)) {
+        throw new ConfigError(`Both \`drive:\` and \`google_workspace:\` are set on ${where} in ${filePath} with different values.`, [
+          "  These are aliases — pick one and remove the other.",
+          "  `google_workspace:` is the RFC G canonical key; `drive:` is the legacy alias.",
+          "  Allowed during transition: setting both with identical values."
+        ]);
+      }
+      return;
+    }
+    if (a !== undefined && b === undefined)
+      obj.google_workspace = a;
+    if (b !== undefined && a === undefined)
+      obj.drive = b;
+  };
+  aliasInPlace(parsed, "the top level");
+  const agents = parsed.agents;
+  if (agents && typeof agents === "object" && !Array.isArray(agents)) {
+    for (const [name, agent] of Object.entries(agents)) {
+      if (agent && typeof agent === "object" && !Array.isArray(agent)) {
+        aliasInPlace(agent, `agent \`${name}\``);
+      }
+    }
+  }
+}
+function findConfigFile(startDir) {
+  const envPath = process.env.SWITCHROOM_CONFIG;
+  const home2 = homedir();
+  const userDir = resolve3(home2, ".switchroom");
+  const searchPaths = [
+    envPath ? resolve3(envPath) : null,
+    startDir ? resolve3(startDir, "switchroom.yaml") : null,
+    startDir ? resolve3(startDir, "switchroom.yml") : null,
+    startDir ? resolve3(startDir, "clerk.yaml") : null,
+    startDir ? resolve3(startDir, "clerk.yml") : null,
+    resolve3(process.cwd(), "switchroom.yaml"),
+    resolve3(process.cwd(), "switchroom.yml"),
+    resolve3(process.cwd(), "clerk.yaml"),
+    resolve3(process.cwd(), "clerk.yml"),
+    resolve3(userDir, "switchroom.yaml"),
+    resolve3(userDir, "switchroom.yml"),
+    resolve3(userDir, "clerk.yaml"),
+    resolve3(userDir, "clerk.yml")
+  ].filter(Boolean);
+  for (const path of searchPaths) {
+    if (existsSync3(path)) {
+      return path;
+    }
+  }
+  throw new ConfigError("No switchroom.yaml found", searchPaths.map((p) => `  Searched: ${p}`));
+}
+function loadConfig(configPath) {
+  const filePath = configPath ?? findConfigFile();
+  if (!existsSync3(filePath)) {
+    throw new ConfigError(`Config file not found: ${filePath}`);
+  }
+  let raw;
+  try {
+    raw = readFileSync2(filePath, "utf-8");
+  } catch (err) {
+    throw new ConfigError(`Failed to read config file: ${filePath}`, [
+      `  ${err.message}`
+    ]);
+  }
+  let parsed;
+  try {
+    parsed = $parse(raw);
+  } catch (err) {
+    throw new ConfigError(`Invalid YAML in ${filePath}`, [
+      `  ${err.message}`
+    ]);
+  }
+  if (parsed && typeof parsed === "object" && !Array.isArray(parsed) && parsed.clerk !== undefined && parsed.switchroom === undefined) {
+    const obj = parsed;
+    obj.switchroom = obj.clerk;
+    delete obj.clerk;
+  }
+  if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+    coerceLegacyGoogleWorkspaceKeys(parsed, filePath);
+  }
+  let config;
+  try {
+    config = SwitchroomConfigSchema.parse(parsed);
+  } catch (err) {
+    if (err instanceof ZodError) {
+      throw new ConfigError("Invalid switchroom.yaml configuration", formatZodErrors(err));
+    }
+    throw err;
+  }
+  applyAgentOverlays(config);
+  validateAllCronTopicAliases(config, filePath);
+  return config;
+}
+function validateAllCronTopicAliases(config, filePath) {
+  const issues = [];
+  for (const [agentName, agentRaw] of Object.entries(config.agents)) {
+    if (!agentRaw)
+      continue;
+    const resolved = resolveAgentConfig(config.defaults, config.profiles, agentRaw);
+    const schedule = resolved.schedule ?? [];
+    if (schedule.length === 0)
+      continue;
+    const tg = resolved.channels?.telegram;
+    const aliases = new Set(Object.keys(tg?.topic_aliases ?? {}));
+    for (const entry of schedule) {
+      if (entry.topic == null)
+        continue;
+      if (typeof entry.topic === "number")
+        continue;
+      if (!aliases.has(entry.topic)) {
+        issues.push(`  agents.${agentName}.schedule cron \`${entry.cron}\`: ` + `topic alias "${entry.topic}" is not defined in ` + `channels.telegram.topic_aliases.`);
+      }
+    }
+  }
+  if (issues.length > 0) {
+    throw new ConfigError(`Cron \`topic:\` alias references unknown topic_aliases in ${filePath}`, issues);
+  }
+}
+function resolveAgentsDir(config) {
+  const override = process.env.SWITCHROOM_AGENTS_DIR;
+  if (override && override.length > 0 && override.startsWith("/")) {
+    return override;
+  }
+  return resolveDualPath(config.switchroom.agents_dir);
+}
+
+// src/auth/broker/server.ts
+import * as net from "node:net";
+import {
+  chmodSync,
+  chownSync as chownSync2,
+  existsSync as existsSync6,
+  lstatSync,
+  mkdirSync as mkdirSync3,
+  readFileSync as readFileSync5,
+  renameSync as renameSync3,
+  rmSync as rmSync4,
+  statSync as statSync4,
+  unlinkSync,
+  writeFileSync as writeFileSync2
+} from "node:fs";
+import { closeSync as closeSync2, openSync as openSync2, writeSync as writeSync2 } from "node:fs";
+import * as constants2 from "node:constants";
+import { createHash as createHash2 } from "node:crypto";
+import { dirname as dirname2, join as join3, resolve as resolve6 } from "node:path";
+
+// src/agents/compose.ts
+import { createHash } from "node:crypto";
+
 // src/vault/broker/peercred.ts
 var RESERVED_AGENT_NAMES = new Set(["operator", "hostd"]);
 function isReservedAgentName(name) {
@@ -12552,6 +12671,202 @@ function classifyAsyncError(err) {
   return { ok: false, kind: "provider_error", detail: msg };
 }
 
+// src/microsoft/oauth.ts
+var MICROSOFT_OAUTH_BASE = "https://login.microsoftonline.com/common/oauth2/v2.0";
+var PERSONAL_MSA_TENANT_ID = "9188040d-6c67-4c5b-b112-36a304b66dad";
+
+class MicrosoftInvalidGrantError extends Error {
+  detail;
+  constructor(detail) {
+    super(`invalid_grant: ${detail}`);
+    this.detail = detail;
+    this.name = "MicrosoftInvalidGrantError";
+  }
+}
+async function refreshMicrosoftAccessToken(cfg, refreshToken, fetchImpl = fetch) {
+  const body = new URLSearchParams({
+    client_id: cfg.client_id,
+    refresh_token: refreshToken,
+    grant_type: "refresh_token"
+  });
+  if (cfg.client_secret !== undefined && cfg.client_secret.length > 0) {
+    body.set("client_secret", cfg.client_secret);
+  }
+  if (cfg.scopes && cfg.scopes.length > 0) {
+    body.set("scope", cfg.scopes.join(" "));
+  }
+  const res = await fetchImpl(`${MICROSOFT_OAUTH_BASE}/token`, {
+    method: "POST",
+    headers: { "content-type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  const json = await res.json();
+  if (!res.ok) {
+    if (typeof json.error === "string" && json.error === "invalid_grant") {
+      throw new MicrosoftInvalidGrantError(typeof json.error_description === "string" ? json.error_description : "refresh token rejected by Microsoft");
+    }
+    throw new Error(`refresh failed (${res.status}): ${JSON.stringify(json)}`);
+  }
+  return json;
+}
+function decodeJwtPayloadUnsafe(token) {
+  const parts = token.split(".");
+  if (parts.length !== 3)
+    return null;
+  try {
+    const padded = parts[1] + "===".slice((parts[1].length + 3) % 4);
+    const base64 = padded.replace(/-/g, "+").replace(/_/g, "/");
+    const buf = Buffer.from(base64, "base64");
+    const json = JSON.parse(buf.toString("utf-8"));
+    if (json && typeof json === "object") {
+      return json;
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+function classifyAccountType(tenantId) {
+  return tenantId === PERSONAL_MSA_TENANT_ID ? "personal" : "work";
+}
+
+// src/auth/broker/microsoft-provider.ts
+class MicrosoftProvider {
+  opts;
+  name = "microsoft";
+  constructor(opts) {
+    this.opts = opts;
+  }
+  async refresh(req) {
+    if (!req.refreshToken) {
+      return {
+        ok: false,
+        kind: "provider_error",
+        detail: "MicrosoftProvider.refresh: refreshToken is required"
+      };
+    }
+    const cfg = {
+      client_id: this.opts.clientId,
+      client_secret: this.opts.clientSecret,
+      scopes: []
+    };
+    let token;
+    try {
+      token = await refreshMicrosoftAccessToken(cfg, req.refreshToken, this.opts.fetcher ?? fetch);
+    } catch (err) {
+      if (err instanceof MicrosoftInvalidGrantError) {
+        return {
+          ok: false,
+          kind: "invalid_grant",
+          detail: err.message
+        };
+      }
+      return classifyAsyncError2(err);
+    }
+    const expiresAt = Date.now() + token.expires_in * 1000;
+    const prior = req.priorCredentials?.microsoftOauth;
+    let tenantId = prior?.tenantId ?? "";
+    let accountType = prior?.accountType ?? "work";
+    let homeAccountId = prior?.homeAccountId ?? "";
+    let accountEmail = req.accountEmail ?? prior?.accountEmail ?? "";
+    if (token.id_token) {
+      const claims = decodeJwtPayloadUnsafe(token.id_token);
+      if (claims) {
+        if (typeof claims.tid === "string")
+          tenantId = claims.tid;
+        if (tenantId)
+          accountType = classifyAccountType(tenantId);
+        if (typeof claims.oid === "string" && typeof claims.tid === "string") {
+          homeAccountId = `${claims.oid}.${claims.tid}`;
+        }
+        if (typeof claims.preferred_username === "string") {
+          accountEmail = claims.preferred_username;
+        } else if (typeof claims.email === "string") {
+          accountEmail = claims.email;
+        }
+      }
+    }
+    const rawCredentials = {
+      microsoftOauth: {
+        accessToken: token.access_token,
+        refreshToken: token.refresh_token ?? req.refreshToken,
+        expiresAt,
+        scope: token.scope ?? "",
+        clientId: this.opts.clientId,
+        accountEmail,
+        tokenType: "Bearer",
+        tenantId,
+        accountType,
+        homeAccountId
+      }
+    };
+    return {
+      ok: true,
+      accessToken: token.access_token,
+      expiresAt,
+      newRefreshToken: token.refresh_token,
+      rawCredentials
+    };
+  }
+  extractExpiresAt(credentials) {
+    const c = credentials;
+    return c?.microsoftOauth?.expiresAt;
+  }
+  validateCredentialShape(credentials) {
+    if (!credentials || typeof credentials !== "object") {
+      return "Microsoft credentials must be an object";
+    }
+    const c = credentials;
+    if (!c.microsoftOauth || typeof c.microsoftOauth !== "object") {
+      return "Microsoft credentials must have a microsoftOauth object";
+    }
+    const oauth = c.microsoftOauth;
+    const required = [
+      "accessToken",
+      "refreshToken",
+      "expiresAt",
+      "scope",
+      "clientId",
+      "accountEmail",
+      "tenantId",
+      "accountType",
+      "homeAccountId"
+    ];
+    for (const field of required) {
+      if (oauth[field] === undefined || oauth[field] === null) {
+        return `Microsoft microsoftOauth.${field} is required`;
+      }
+    }
+    if (typeof oauth.accessToken !== "string" || oauth.accessToken.length === 0) {
+      return "Microsoft microsoftOauth.accessToken must be a non-empty string";
+    }
+    if (typeof oauth.refreshToken !== "string" || oauth.refreshToken.length === 0) {
+      return "Microsoft microsoftOauth.refreshToken must be a non-empty string";
+    }
+    if (typeof oauth.expiresAt !== "number" || oauth.expiresAt <= 0) {
+      return "Microsoft microsoftOauth.expiresAt must be a positive unix-ms timestamp";
+    }
+    if (oauth.tokenType !== "Bearer") {
+      return "Microsoft microsoftOauth.tokenType must be 'Bearer'";
+    }
+    if (oauth.accountType !== "personal" && oauth.accountType !== "work") {
+      return "Microsoft microsoftOauth.accountType must be 'personal' or 'work'";
+    }
+    return null;
+  }
+}
+function classifyAsyncError2(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  const lower = msg.toLowerCase();
+  if (lower.includes("etimedout") || lower.includes("econnreset") || lower.includes("network") || lower.includes("fetch failed") || lower.includes("getaddrinfo")) {
+    return { ok: false, kind: "network", detail: msg };
+  }
+  if (lower.includes("429") || lower.includes("rate") || lower.includes("quota") || lower.includes("too many requests") || lower.includes("aadsts50196")) {
+    return { ok: false, kind: "quota_exceeded", detail: msg };
+  }
+  return { ok: false, kind: "provider_error", detail: msg };
+}
+
 // src/auth/broker/google-storage.ts
 import { existsSync as existsSync5, mkdirSync as mkdirSync2, readdirSync as readdirSync3, readFileSync as readFileSync4, rmSync as rmSync3, statSync as statSync3 } from "node:fs";
 import { dirname, join as join2, resolve as resolve5 } from "node:path";
@@ -12694,7 +13009,7 @@ function validateConsumerNames(config) {
 // src/auth/broker/protocol.ts
 var MAX_FRAME_BYTES = 64 * 1024;
 var PROTOCOL_VERSION = 1;
-var ProviderNameSchema = exports_external.enum(["anthropic", "google"]);
+var ProviderNameSchema = exports_external.enum(["anthropic", "google", "microsoft"]);
 var GetCredentialsRequestSchema = exports_external.object({
   v: exports_external.literal(PROTOCOL_VERSION),
   op: exports_external.literal("get-credentials"),
@@ -12747,9 +13062,24 @@ var GoogleCredentialsSchema = exports_external.object({
     tokenType: exports_external.literal("Bearer")
   })
 });
+var MicrosoftCredentialsSchema = exports_external.object({
+  microsoftOauth: exports_external.object({
+    accessToken: exports_external.string(),
+    refreshToken: exports_external.string(),
+    expiresAt: exports_external.number(),
+    scope: exports_external.string(),
+    clientId: exports_external.string(),
+    accountEmail: exports_external.string(),
+    tokenType: exports_external.literal("Bearer"),
+    tenantId: exports_external.string(),
+    accountType: exports_external.enum(["personal", "work"]),
+    homeAccountId: exports_external.string()
+  })
+});
 var ProviderCredentialsSchema = exports_external.union([
   AnthropicCredentialsSchema,
-  GoogleCredentialsSchema
+  GoogleCredentialsSchema,
+  MicrosoftCredentialsSchema
 ]);
 var AddAccountRequestSchema = exports_external.object({
   v: exports_external.literal(PROTOCOL_VERSION),
@@ -13001,6 +13331,14 @@ class AuthBroker {
         fetcher: opts.fetcher
       }));
     }
+    const microsoftClientId = config.microsoft_workspace?.microsoft_client_id;
+    if (microsoftClientId !== undefined) {
+      this.providers.register(new MicrosoftProvider({
+        clientId: microsoftClientId,
+        clientSecret: config.microsoft_workspace?.microsoft_client_secret,
+        fetcher: opts.fetcher
+      }));
+    }
     this.assertConfigConsistent(config);
   }
   homeRoot() {