switchroom 0.14.9 → 0.14.10

package/dist/agent-scheduler/index.js

@@ -11091,6 +11091,7 @@ var TelegramChannelSchema = exports_external.object({
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+  webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
   chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
   default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
   topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")
@@ -12120,6 +12121,52 @@ function validateAllCronTopicAliases(config, filePath) {
   }
 }
 
+// src/scheduler/dispatch.ts
+import { createHash } from "node:crypto";
+function collectScheduleEntries(config) {
+  const out = [];
+  const agentNames = Object.keys(config.agents).sort();
+  for (const agent of agentNames) {
+    const raw = config.agents[agent];
+    if (!raw)
+      continue;
+    const resolved = resolveAgentConfig(config.defaults, config.profiles, raw);
+    const schedule = resolved.schedule ?? [];
+    for (let i = 0;i < schedule.length; i++) {
+      const entry = schedule[i];
+      out.push({
+        agent,
+        scheduleIndex: i,
+        cron: entry.cron,
+        prompt: entry.prompt,
+        promptKey: createHash("sha256").update(entry.prompt).digest("hex").slice(0, 12),
+        ...entry.topic !== undefined ? { topic: entry.topic } : {}
+      });
+    }
+  }
+  return out;
+}
+function dispatchAsInbound(entry, options, dispatcher) {
+  const ts = (options.now ?? Date.now)();
+  const message = {
+    type: "inbound",
+    chatId: options.chatId,
+    ...options.threadId !== undefined ? { threadId: options.threadId } : {},
+    messageId: ts,
+    user: "cron",
+    userId: 0,
+    ts,
+    text: entry.prompt,
+    meta: {
+      source: "cron",
+      schedule_index: String(entry.scheduleIndex),
+      prompt_key: entry.promptKey
+    }
+  };
+  const delivered = dispatcher.sendToAgent(entry.agent, message);
+  return { delivered, message };
+}
+
 // src/telegram/topic-router.ts
 var ALERTS_ALIAS = "alerts";
 var ADMIN_ALIAS = "admin";
@@ -12173,50 +12220,41 @@ function resolveOutboundTopic(config, event) {
   }
 }
 
-// src/scheduler/dispatch.ts
-import { createHash } from "node:crypto";
-function collectScheduleEntries(config) {
-  const out = [];
-  const agentNames = Object.keys(config.agents).sort();
-  for (const agent of agentNames) {
-    const raw = config.agents[agent];
-    if (!raw)
-      continue;
-    const resolved = resolveAgentConfig(config.defaults, config.profiles, raw);
-    const schedule = resolved.schedule ?? [];
-    for (let i = 0;i < schedule.length; i++) {
-      const entry = schedule[i];
-      out.push({
-        agent,
-        scheduleIndex: i,
-        cron: entry.cron,
-        prompt: entry.prompt,
-        promptKey: createHash("sha256").update(entry.prompt).digest("hex").slice(0, 12),
-        ...entry.topic !== undefined ? { topic: entry.topic } : {}
-      });
-    }
+// src/agent-scheduler/channel-target.ts
+function resolveChannelTarget(config, agentName) {
+  const agent = config.agents?.[agentName];
+  const tgChannel = agent ? resolveAgentConfig(config.defaults, config.profiles, agent).channels?.telegram : undefined;
+  const supergroupChatId = tgChannel?.chat_id;
+  const supergroupDefaultTopic = tgChannel?.default_topic_id;
+  if (typeof supergroupChatId === "string" && supergroupChatId.length > 0) {
+    return {
+      chatId: supergroupChatId,
+      ...typeof supergroupDefaultTopic === "number" ? { threadId: supergroupDefaultTopic } : {},
+      routerConfig: {
+        ...typeof supergroupDefaultTopic === "number" ? { default_topic_id: supergroupDefaultTopic } : {},
+        ...tgChannel?.topic_aliases ? { topic_aliases: tgChannel.topic_aliases } : {}
+      }
+    };
   }
-  return out;
-}
-function dispatchAsInbound(entry, options, dispatcher) {
-  const ts = (options.now ?? Date.now)();
-  const message = {
-    type: "inbound",
-    chatId: options.chatId,
-    ...options.threadId !== undefined ? { threadId: options.threadId } : {},
-    messageId: ts,
-    user: "cron",
-    userId: 0,
-    ts,
-    text: entry.prompt,
-    meta: {
-      source: "cron",
-      schedule_index: String(entry.scheduleIndex),
-      prompt_key: entry.promptKey
-    }
+  const forumChatId = config.telegram?.forum_chat_id;
+  if (typeof forumChatId !== "string" || forumChatId.length === 0)
+    return null;
+  const threadId = agent?.topic_id;
+  return {
+    chatId: forumChatId,
+    ...typeof threadId === "number" ? { threadId } : {}
   };
-  const delivered = dispatcher.sendToAgent(entry.agent, message);
-  return { delivered, message };
+}
+function resolveEntryThreadId(entry, channel) {
+  if (channel.routerConfig) {
+    const routed = resolveOutboundTopic(channel.routerConfig, {
+      kind: "cron",
+      entryTopic: entry.topic
+    });
+    if (routed !== undefined)
+      return routed;
+  }
+  return channel.threadId;
 }
 
 // src/scheduler/audit.ts
@@ -12716,41 +12754,6 @@ function ipcDispatcher(client) {
     }
   };
 }
-function resolveChannelTarget(config, agentName) {
-  const agent = config.agents?.[agentName];
-  const tgChannel = agent ? resolveAgentConfig(config.defaults, config.profiles, agent).channels?.telegram : undefined;
-  const supergroupChatId = tgChannel?.chat_id;
-  const supergroupDefaultTopic = tgChannel?.default_topic_id;
-  if (typeof supergroupChatId === "string" && supergroupChatId.length > 0) {
-    return {
-      chatId: supergroupChatId,
-      ...typeof supergroupDefaultTopic === "number" ? { threadId: supergroupDefaultTopic } : {},
-      routerConfig: {
-        ...typeof supergroupDefaultTopic === "number" ? { default_topic_id: supergroupDefaultTopic } : {},
-        ...tgChannel?.topic_aliases ? { topic_aliases: tgChannel.topic_aliases } : {}
-      }
-    };
-  }
-  const forumChatId = config.telegram?.forum_chat_id;
-  if (typeof forumChatId !== "string" || forumChatId.length === 0)
-    return null;
-  const threadId = agent?.topic_id;
-  return {
-    chatId: forumChatId,
-    ...typeof threadId === "number" ? { threadId } : {}
-  };
-}
-function resolveEntryThreadId(entry, channel) {
-  if (channel.routerConfig) {
-    const routed = resolveOutboundTopic(channel.routerConfig, {
-      kind: "cron",
-      entryTopic: entry.topic
-    });
-    if (routed !== undefined)
-      return routed;
-  }
-  return channel.threadId;
-}
 async function main() {
   const agentName = process.env.SWITCHROOM_AGENT_NAME;
   if (!agentName) {

package/dist/auth-broker/index.js

@@ -11091,6 +11091,7 @@ var TelegramChannelSchema = exports_external.object({
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+  webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
   chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
   default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
   topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")

package/dist/cli/notion-write-pretool.mjs

@@ -11838,6 +11838,7 @@ var TelegramChannelSchema = exports_external.object({
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default \u2014 when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+  webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
   chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID \u2014 overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
   default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field \u2014 the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
   topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot \u2192 alerts, hostd \u2192 admin, etc.). " + "Cascades per-key through defaults \u2192 profile \u2192 agent.")

package/dist/cli/switchroom.js

@@ -13655,6 +13655,7 @@ var init_schema = __esm(() => {
     webhook_rate_limit: exports_external.object({
       rpm: exports_external.number().int().positive()
     }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default \u2014 when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+    webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
     chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID \u2014 overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
     default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field \u2014 the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
     topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot \u2192 alerts, hostd \u2192 admin, etc.). " + "Cascades per-key through defaults \u2192 profile \u2192 agent.")
@@ -23313,7 +23314,7 @@ function generateCompose(opts) {
       telemetryDisabled,
       posthogKeyOverride,
       posthogHostOverride
-    }, bundledSkillsPoolDir, hostControlEnabled);
+    }, bundledSkillsPoolDir, hostControlEnabled, opts.operatorUid);
   }
   lines.push(`volumes:`);
   for (const a of describeAgents(config)) {
@@ -23338,7 +23339,7 @@ function generateCompose(opts) {
   return lines.join(`
 `);
 }
-function emitAgentService(lines, a, imageTag, buildMode, buildContext, homePrefix, hostHomeForChecks, switchroomConfigPath, containerNamePrefix, posthog, bundledSkillsPoolDir, hostControlEnabled) {
+function emitAgentService(lines, a, imageTag, buildMode, buildContext, homePrefix, hostHomeForChecks, switchroomConfigPath, containerNamePrefix, posthog, bundledSkillsPoolDir, hostControlEnabled, operatorUid) {
   lines.push(`  agent-${a.name}:`);
   emitImageOrBuild(lines, "agent", imageTag, buildMode, buildContext);
   lines.push(`    container_name: ${containerNamePrefix}-${a.name}`);
@@ -23418,6 +23419,9 @@ function emitAgentService(lines, a, imageTag, buildMode, buildContext, homePrefi
   if (a.admin === true) {
     env2.SWITCHROOM_AGENT_ADMIN = "true";
   }
+  if (operatorUid !== undefined) {
+    env2.SWITCHROOM_WEBHOOK_RECEIVER_UID = String(operatorUid);
+  }
   for (const [k, v] of Object.entries(a.userEnv)) {
     if (env2[k] === undefined)
       env2[k] = v;
@@ -49404,8 +49408,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.14.9";
-var COMMIT_SHA = "fd8ed8ed";
+var VERSION = "0.14.10";
+var COMMIT_SHA = "0cd391b5";
 
 // src/cli/agent.ts
 init_source();
@@ -71404,6 +71408,50 @@ function escapeHtml3(s) {
   return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
 }
 
+// src/web/webhook-ingest-client.ts
+import net4 from "node:net";
+function forwardToGateway(socketPath, req, opts = {}) {
+  const timeoutMs = opts.timeoutMs ?? 5000;
+  return new Promise((resolve28) => {
+    let settled = false;
+    let buf = "";
+    const done = (value) => {
+      if (settled)
+        return;
+      settled = true;
+      try {
+        conn.destroy();
+      } catch {}
+      resolve28(value);
+    };
+    const conn = net4.createConnection(socketPath);
+    conn.setEncoding("utf8");
+    conn.setTimeout(timeoutMs);
+    conn.on("connect", () => {
+      conn.write(JSON.stringify(req) + `
+`);
+    });
+    conn.on("data", (chunk) => {
+      buf += chunk;
+      const nl = buf.indexOf(`
+`);
+      if (nl === -1)
+        return;
+      const line = buf.slice(0, nl);
+      try {
+        done(JSON.parse(line));
+      } catch {
+        done({ status: "error", error: "unparseable gateway response" });
+      }
+    });
+    conn.on("timeout", () => done(null));
+    conn.on("error", () => done(null));
+    conn.on("close", () => {
+      done(null);
+    });
+  });
+}
+
 // src/web/webhook-handler.ts
 var KNOWN_SOURCES = ["github", "generic"];
 function jsonReply(status, body, extraHeaders) {
@@ -71559,7 +71607,7 @@ async function handleWebhookIngest(args, deps = {}) {
 `);
     return jsonReply(401, { ok: false, error: "unauthorized" });
   }
-  if (source === "github") {
+  if (source === "github" && !args.viaGateway) {
     const deliveryId = args.headers.get("x-github-delivery");
     if (deliveryId) {
       const originalTs = dedupStore.check(args.agent, deliveryId, now);
@@ -71573,10 +71621,12 @@ async function handleWebhookIngest(args, deps = {}) {
   const rpm = args.config.rateLimit?.rpm;
   const retryAfter = rpm !== undefined ? rateLimiter.check(args.agent, source, rpm, now) : null;
   if (retryAfter !== null) {
-    const agentDir2 = resolveAgentDir(args.agent);
-    const telegramDir2 = join39(agentDir2, "telegram");
-    if (shouldWriteThrottleIssue(args.agent, source, now)) {
-      writeThrottleIssue(args.agent, source, now, telegramDir2, log);
+    if (!args.viaGateway) {
+      const agentDir2 = resolveAgentDir(args.agent);
+      const telegramDir2 = join39(agentDir2, "telegram");
+      if (shouldWriteThrottleIssue(args.agent, source, now)) {
+        writeThrottleIssue(args.agent, source, now, telegramDir2, log);
+      }
     }
     log(`webhook-ingest: agent='${args.agent}' source='${source}' rate limited retry-after=${retryAfter}s
 `);
@@ -71592,6 +71642,45 @@ async function handleWebhookIngest(args, deps = {}) {
   }
   const eventType = source === "github" ? args.headers.get("x-github-event") ?? "unknown" : args.source;
   const rendered = source === "github" ? renderGithubEvent(eventType, payload) : renderGenericEvent(args.source, payload);
+  if (args.viaGateway) {
+    const socketPath = join39(resolveAgentDir(args.agent), "telegram", "webhook.sock");
+    const forward = deps.forwardFn ?? forwardToGateway;
+    const deliveryId = source === "github" ? args.headers.get("x-github-delivery") ?? undefined : undefined;
+    let resp;
+    try {
+      resp = await forward(socketPath, {
+        agent: args.agent,
+        source,
+        event_type: eventType,
+        ts: now,
+        rendered_text: rendered.text,
+        payload,
+        ...deliveryId ? { delivery_id: deliveryId } : {}
+      });
+    } catch (err) {
+      log(`webhook-ingest: agent='${args.agent}' source='${source}' gateway forward threw: ${err.message}
+`);
+      resp = null;
+    }
+    if (resp === null) {
+      log(`webhook-ingest: agent='${args.agent}' source='${source}' gateway unreachable
+`);
+      return jsonReply(503, { ok: false, error: "gateway unavailable" });
+    }
+    if (resp.status === "error") {
+      log(`webhook-ingest: agent='${args.agent}' source='${source}' gateway error: ${resp.error ?? "unknown"}
+`);
+      return jsonReply(500, { ok: false, error: "gateway record failed" });
+    }
+    if (resp.status === "deduped") {
+      log(`webhook-ingest: agent='${args.agent}' source='${source}' deduped (gateway) ts=${resp.ts}
+`);
+      return jsonReply(200, { ok: true, deduped: true, ts: resp.ts });
+    }
+    log(`webhook-ingest: agent='${args.agent}' source='${source}' event='${eventType}' recorded via gateway ts=${resp.ts}
+`);
+    return jsonReply(202, { ok: true, recorded: true, ts: resp.ts });
+  }
   const agentDir = resolveAgentDir(args.agent);
   const telegramDir = join39(agentDir, "telegram");
   const logPath = join39(telegramDir, "webhook-events.jsonl");
@@ -71768,7 +71857,8 @@ async function handleWebhookRoute(req, agent, source, config) {
     allowedSources,
     config: { secrets: agentSecrets },
     agentExists: agentConfig !== undefined,
-    dispatchConfig: agentConfig?.channels?.telegram?.webhook_dispatch
+    dispatchConfig: agentConfig?.channels?.telegram?.webhook_dispatch,
+    viaGateway: agentConfig?.channels?.telegram?.webhook_via_gateway === true
   }, {});
   return new Response(result.body, {
     status: result.status,

package/dist/host-control/main.js

@@ -13826,6 +13826,7 @@ var TelegramChannelSchema = exports_external.object({
   webhook_rate_limit: exports_external.object({
     rpm: exports_external.number().int().positive()
   }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+  webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
   chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
   default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
   topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")

package/dist/vault/approvals/kernel-server.js

@@ -11406,6 +11406,7 @@ var init_schema = __esm(() => {
     webhook_rate_limit: exports_external.object({
       rpm: exports_external.number().int().positive()
     }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+    webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
     chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
     default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
     topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")

package/dist/vault/broker/server.js

@@ -11406,6 +11406,7 @@ var init_schema = __esm(() => {
     webhook_rate_limit: exports_external.object({
       rpm: exports_external.number().int().positive()
     }).optional().describe("Per-source rate limit for the webhook ingest path (#714). " + "Off by default — when this key is absent the handler skips " + "rate-limit checks entirely. Opt in by setting `rpm` to an " + "integer requests-per-minute (token bucket per (agent, source); " + "burst equal to rpm). When enabled, exceeding the limit returns " + "429 with Retry-After header; first throttle event per " + "(agent, source) per 60s window is written to " + "<agent>/telegram/issues.jsonl. " + "Cascades from defaults.channels.telegram.webhook_rate_limit."),
+    webhook_via_gateway: exports_external.boolean().optional().describe("Route verified webhook events to the agent's in-container gateway " + "over a peercred-gated UDS (<agent>/telegram/webhook.sock) instead " + "of having the host-side web receiver write the agent dir directly. " + "Required under the Docker runtime: the receiver runs as the host " + "operator UID and cannot write the per-agent-UID-owned agent dir " + "(EACCES 500) nor connect the gateway socket. When true the gateway " + "(running as the agent UID) becomes the sole writer of " + "webhook-events.jsonl + dedup/cooldown state and also fires " + "webhook_dispatch. Off by default for back-compat with host-runtime " + "installs. See docs/rfcs/webhook-via-gateway-socket.md."),
     chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID — overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
     default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Required when `chat_id` is set. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field — the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
     topic_aliases: exports_external.record(exports_external.string(), exports_external.number().int().positive()).optional().describe("Operator-friendly names for forum topic IDs (e.g. " + "`{ general: 1, planning: 17, cron: 23, admin: 31, alerts: 41 }`). " + "Referenced from per-cron `topic:` fields and the outbound router " + "for autonomous events (boot → alerts, hostd → admin, etc.). " + "Cascades per-key through defaults → profile → agent.")

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.14.9",
+  "version": "0.14.10",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {
@@ -23,9 +23,9 @@
     "build": "node scripts/build.mjs",
     "build:cli": "node scripts/build.mjs && bun build --compile --target=bun-linux-x64 --minify bin/switchroom.ts --outfile switchroom-linux-amd64",
     "pretest": "npm run build",
-    "test": "vitest run && bun test telegram-plugin/tests/history.test.ts telegram-plugin/tests/history-reaper.test.ts telegram-plugin/tests/ipc-server-client.test.ts telegram-plugin/tests/ipc-server-race.test.ts telegram-plugin/tests/gateway-bridge.test.ts telegram-plugin/tests/gateway-startup-mutex.test.ts telegram-plugin/tests/gateway-clean-shutdown-marker.test.ts telegram-plugin/tests/boot-card-dedupe.test.ts telegram-plugin/tests/boot-card-reason.test.ts telegram-plugin/tests/progress-update.test.ts telegram-plugin/tests/quota-cache.test.ts telegram-plugin/tests/silent-reply-guard.test.ts telegram-plugin/tests/unhandled-rejection-policy.test.ts telegram-plugin/tests/registry-turns.test.ts telegram-plugin/registry/subagents.test.ts telegram-plugin/tests/turns-writer.test.ts telegram-plugin/registry/api-registry.test.ts telegram-plugin/registry/turns-schema.test.ts telegram-plugin/tests/idle-footer-wiring.test.ts telegram-plugin/tests/subagent-tracker-hooks.test.ts telegram-plugin/tests/resolve-calling-subagent.test.ts telegram-plugin/tests/gateway-update-placeholder-dispatch.test.ts telegram-plugin/tests/reaction-trigger.test.ts telegram-plugin/tests/reaction-trigger-flow.test.ts",
+    "test": "vitest run && bun test telegram-plugin/tests/history.test.ts telegram-plugin/tests/history-reaper.test.ts telegram-plugin/tests/ipc-server-client.test.ts telegram-plugin/tests/ipc-server-race.test.ts telegram-plugin/tests/gateway-bridge.test.ts telegram-plugin/tests/gateway-startup-mutex.test.ts telegram-plugin/tests/gateway-clean-shutdown-marker.test.ts telegram-plugin/tests/boot-card-dedupe.test.ts telegram-plugin/tests/boot-card-reason.test.ts telegram-plugin/tests/progress-update.test.ts telegram-plugin/tests/quota-cache.test.ts telegram-plugin/tests/silent-reply-guard.test.ts telegram-plugin/tests/unhandled-rejection-policy.test.ts telegram-plugin/tests/registry-turns.test.ts telegram-plugin/registry/subagents.test.ts telegram-plugin/tests/turns-writer.test.ts telegram-plugin/registry/api-registry.test.ts telegram-plugin/registry/turns-schema.test.ts telegram-plugin/tests/idle-footer-wiring.test.ts telegram-plugin/tests/subagent-tracker-hooks.test.ts telegram-plugin/tests/resolve-calling-subagent.test.ts telegram-plugin/tests/gateway-update-placeholder-dispatch.test.ts telegram-plugin/tests/reaction-trigger.test.ts telegram-plugin/tests/reaction-trigger-flow.test.ts telegram-plugin/gateway/webhook-ingest-server.test.ts",
     "test:vitest": "vitest run",
-    "test:bun": "bun test src/watchdog/state.test.ts src/watchdog/policy.test.ts src/vault/grants.test.ts src/vault/write-grants.test.ts src/vault/broker/server-grants.test.ts src/vault/broker/server-write-grants.test.ts src/vault/broker/server-mint-grant-passphrase-attest.test.ts src/vault/broker/server-passphrase-attest.test.ts src/vault/broker/server-mint-grant-posture-attest.test.ts src/vault/broker/client-token.test.ts src/vault/broker/server-unlock.test.ts src/vault/broker/auto-unlock.test.ts src/vault/broker/drift-detection.test.ts tests/vault-broker-passphrase.test.ts src/cli/vault-get-broker.test.ts src/vault/resolver-via-broker.test.ts src/vault/broker/scope.test.ts src/vault/broker/server.test.ts src/drive/disconnect.test.ts src/drive/grants.test.ts src/drive/oauth.test.ts src/drive/onboarding.test.ts src/drive/reconciler.test.ts src/drive/vault-slots.test.ts src/drive/wrapper.test.ts src/vault/approvals/kernel.test.ts src/vault/approvals/schema-idempotent.test.ts src/vault/broker/server-approvals.test.ts telegram-plugin/tests/boot-probes.test.ts telegram-plugin/tests/boot-version-string.test.ts telegram-plugin/tests/history.test.ts telegram-plugin/tests/history-reaper.test.ts telegram-plugin/tests/ipc-server-client.test.ts telegram-plugin/tests/ipc-server-race.test.ts telegram-plugin/tests/gateway-bridge.test.ts telegram-plugin/tests/gateway-startup-mutex.test.ts telegram-plugin/tests/gateway-clean-shutdown-marker.test.ts telegram-plugin/tests/boot-card-dedupe.test.ts telegram-plugin/tests/boot-card-reason.test.ts telegram-plugin/tests/progress-update.test.ts telegram-plugin/tests/quota-cache.test.ts telegram-plugin/tests/silent-reply-guard.test.ts telegram-plugin/tests/unhandled-rejection-policy.test.ts telegram-plugin/tests/registry-turns.test.ts telegram-plugin/registry/subagents.test.ts telegram-plugin/tests/turns-writer.test.ts telegram-plugin/tests/resolve-calling-subagent.test.ts telegram-plugin/tests/gateway-update-placeholder-dispatch.test.ts telegram-plugin/tests/reaction-trigger.test.ts telegram-plugin/tests/reaction-trigger-flow.test.ts telegram-plugin/uat/load-env.test.ts",
+    "test:bun": "bun test src/watchdog/state.test.ts src/watchdog/policy.test.ts src/vault/grants.test.ts src/vault/write-grants.test.ts src/vault/broker/server-grants.test.ts src/vault/broker/server-write-grants.test.ts src/vault/broker/server-mint-grant-passphrase-attest.test.ts src/vault/broker/server-passphrase-attest.test.ts src/vault/broker/server-mint-grant-posture-attest.test.ts src/vault/broker/client-token.test.ts src/vault/broker/server-unlock.test.ts src/vault/broker/auto-unlock.test.ts src/vault/broker/drift-detection.test.ts tests/vault-broker-passphrase.test.ts src/cli/vault-get-broker.test.ts src/vault/resolver-via-broker.test.ts src/vault/broker/scope.test.ts src/vault/broker/server.test.ts src/drive/disconnect.test.ts src/drive/grants.test.ts src/drive/oauth.test.ts src/drive/onboarding.test.ts src/drive/reconciler.test.ts src/drive/vault-slots.test.ts src/drive/wrapper.test.ts src/vault/approvals/kernel.test.ts src/vault/approvals/schema-idempotent.test.ts src/vault/broker/server-approvals.test.ts telegram-plugin/tests/boot-probes.test.ts telegram-plugin/tests/boot-version-string.test.ts telegram-plugin/tests/history.test.ts telegram-plugin/tests/history-reaper.test.ts telegram-plugin/tests/ipc-server-client.test.ts telegram-plugin/tests/ipc-server-race.test.ts telegram-plugin/tests/gateway-bridge.test.ts telegram-plugin/tests/gateway-startup-mutex.test.ts telegram-plugin/tests/gateway-clean-shutdown-marker.test.ts telegram-plugin/tests/boot-card-dedupe.test.ts telegram-plugin/tests/boot-card-reason.test.ts telegram-plugin/tests/progress-update.test.ts telegram-plugin/tests/quota-cache.test.ts telegram-plugin/tests/silent-reply-guard.test.ts telegram-plugin/tests/unhandled-rejection-policy.test.ts telegram-plugin/tests/registry-turns.test.ts telegram-plugin/registry/subagents.test.ts telegram-plugin/tests/turns-writer.test.ts telegram-plugin/tests/resolve-calling-subagent.test.ts telegram-plugin/tests/gateway-update-placeholder-dispatch.test.ts telegram-plugin/tests/reaction-trigger.test.ts telegram-plugin/tests/reaction-trigger-flow.test.ts telegram-plugin/uat/load-env.test.ts telegram-plugin/gateway/webhook-ingest-server.test.ts",
     "test:watch": "vitest",
     "lint": "tsc --noEmit && node scripts/check-plugin-references.mjs && bash scripts/check-bot-api-wrapping.sh && node scripts/check-bun-test-imports.mjs && node scripts/check-no-pii-secrets.mjs && node scripts/check-vault-test-hermeticity.mjs && node scripts/check-no-broadcast-delivery.mjs",
     "lint:tsc": "tsc --noEmit",