switchroom 0.14.93 → 0.15.1

package/dist/agent-scheduler/index.js

@@ -13283,6 +13283,13 @@ var ProbeQuotaRequestSchema = exports_external.object({
   accounts: exports_external.array(exports_external.string().min(1)).min(1).max(32),
   timeoutMs: exports_external.number().int().positive().max(60000).optional()
 });
+var ClaimNotificationRequestSchema = exports_external.object({
+  v: exports_external.literal(PROTOCOL_VERSION),
+  op: exports_external.literal("claim-notification"),
+  id: exports_external.string().min(1),
+  key: exports_external.string().min(1).max(512),
+  windowMs: exports_external.number().int().positive().max(86400000)
+});
 var RequestSchema2 = exports_external.discriminatedUnion("op", [
   GetCredentialsRequestSchema,
   ListStateRequestSchema,
@@ -13294,7 +13301,8 @@ var RequestSchema2 = exports_external.discriminatedUnion("op", [
   SetOverrideRequestSchema,
   ListGoogleAccountsRequestSchema,
   ListMicrosoftAccountsRequestSchema,
-  ProbeQuotaRequestSchema
+  ProbeQuotaRequestSchema,
+  ClaimNotificationRequestSchema
 ]);
 var GetCredentialsDataSchema = exports_external.object({
   account: exports_external.string(),
@@ -13350,6 +13358,9 @@ var SetOverrideDataSchema = exports_external.object({
   agent: exports_external.string(),
   account: exports_external.string().nullable()
 });
+var ClaimNotificationDataSchema = exports_external.object({
+  granted: exports_external.boolean()
+});
 var GoogleAccountStateSchema = exports_external.object({
   account: exports_external.string(),
   expiresAt: exports_external.number(),
@@ -13556,6 +13567,16 @@ class AuthBrokerClient {
     const data = await this.send(req);
     return data;
   }
+  async claimNotification(key, windowMs) {
+    const data = await this.send({
+      v: PROTOCOL_VERSION,
+      id: randomUUID(),
+      op: "claim-notification",
+      key,
+      windowMs
+    });
+    return data;
+  }
   async refreshAccount(account) {
     const data = await this.send({
       v: PROTOCOL_VERSION,

package/dist/auth-broker/index.js

@@ -13367,6 +13367,13 @@ var ProbeQuotaRequestSchema = exports_external.object({
   accounts: exports_external.array(exports_external.string().min(1)).min(1).max(32),
   timeoutMs: exports_external.number().int().positive().max(60000).optional()
 });
+var ClaimNotificationRequestSchema = exports_external.object({
+  v: exports_external.literal(PROTOCOL_VERSION),
+  op: exports_external.literal("claim-notification"),
+  id: exports_external.string().min(1),
+  key: exports_external.string().min(1).max(512),
+  windowMs: exports_external.number().int().positive().max(86400000)
+});
 var RequestSchema = exports_external.discriminatedUnion("op", [
   GetCredentialsRequestSchema,
   ListStateRequestSchema,
@@ -13378,7 +13385,8 @@ var RequestSchema = exports_external.discriminatedUnion("op", [
   SetOverrideRequestSchema,
   ListGoogleAccountsRequestSchema,
   ListMicrosoftAccountsRequestSchema,
-  ProbeQuotaRequestSchema
+  ProbeQuotaRequestSchema,
+  ClaimNotificationRequestSchema
 ]);
 var GetCredentialsDataSchema = exports_external.object({
   account: exports_external.string(),
@@ -13434,6 +13442,9 @@ var SetOverrideDataSchema = exports_external.object({
   agent: exports_external.string(),
   account: exports_external.string().nullable()
 });
+var ClaimNotificationDataSchema = exports_external.object({
+  granted: exports_external.boolean()
+});
 var GoogleAccountStateSchema = exports_external.object({
   account: exports_external.string(),
   expiresAt: exports_external.number(),
@@ -13520,6 +13531,7 @@ var MARK_EXHAUSTED_DEFAULT_MS = 5 * 60 * 60 * 1000;
 var AUDIT_ROTATE_BYTES = 10 * 1024 * 1024;
 var AUDIT_KEEP = 5;
 var AUDIT_LINE_MAX = 4000;
+var NOTIFICATION_CLAIM_MAX_AGE_MS = 86400000;
 function sha256Hex(content) {
   return createHash2("sha256").update(content).digest("hex");
 }
@@ -13560,6 +13572,7 @@ class AuthBroker {
   listeners = new Map;
   refreshTimer = null;
   consumerProbeTimer = null;
+  fleetProbeTimer = null;
   fetchQuotaImpl;
   stateDir;
   socketRoot;
@@ -13572,6 +13585,7 @@ class AuthBroker {
   lastQuotaCache = {};
   shaIndex = {};
   thresholdViolations = {};
+  notificationClaims = {};
   lastWrittenExpiresAt = new Map;
   refreshInFlight = new Set;
   consumerLastSeen = {};
@@ -13641,6 +13655,17 @@ class AuthBroker {
         }, probeMs);
         this.consumerProbeTimer.unref();
       }
+      if (probeMs > 0 && process.env.SWITCHROOM_DISABLE_FLEET_QUOTA_PROBE !== "1") {
+        this.fleetQuotaProbeTick().catch((err) => {
+          this.logErr(`fleet-quota-probe (boot) threw: ${err.message}`);
+        });
+        this.fleetProbeTimer = setInterval(() => {
+          this.fleetQuotaProbeTick().catch((err) => {
+            this.logErr(`fleet-quota-probe threw: ${err.message}`);
+          });
+        }, probeMs);
+        this.fleetProbeTimer.unref();
+      }
     }
     const fanned = this.fanoutAll();
     if (fanned.length > 0) {
@@ -13671,6 +13696,10 @@ class AuthBroker {
       clearInterval(this.consumerProbeTimer);
       this.consumerProbeTimer = null;
     }
+    if (this.fleetProbeTimer) {
+      clearInterval(this.fleetProbeTimer);
+      this.fleetProbeTimer = null;
+    }
     for (const [sock, lis] of this.listeners) {
       try {
         lis.server.close();
@@ -13955,6 +13984,9 @@ class AuthBroker {
         case "probe-quota":
           await this.opProbeQuota(socket, reqId, identity2, req.accounts, req.timeoutMs);
           break;
+        case "claim-notification":
+          this.opClaimNotification(socket, reqId, identity2, req.key, req.windowMs);
+          break;
       }
     } catch (err) {
       socket.write(encodeError(reqId, "INTERNAL", err.message));
@@ -14096,22 +14128,42 @@ class AuthBroker {
         ok: result.ok,
         error: result.ok ? undefined : result.reason
       });
-      if (result.ok) {
-        this.lastQuotaCache[label] = {
-          fiveHourUtilizationPct: result.data.fiveHourUtilizationPct,
-          sevenDayUtilizationPct: result.data.sevenDayUtilizationPct,
-          fiveHourResetAt: result.data.fiveHourResetAt?.toISOString() ?? null,
-          sevenDayResetAt: result.data.sevenDayResetAt?.toISOString() ?? null,
-          representativeClaim: result.data.representativeClaim,
-          overageStatus: result.data.overageStatus,
-          overageDisabledReason: result.data.overageDisabledReason,
-          capturedAt: this.now()
-        };
-      }
+      if (result.ok)
+        this.cacheQuotaSnapshot(label, result);
       return { label, result };
     }));
     socket.write(encodeSuccess(id, { results }));
   }
+  cacheQuotaSnapshot(label, result) {
+    if (!result.ok)
+      return;
+    this.lastQuotaCache[label] = {
+      fiveHourUtilizationPct: result.data.fiveHourUtilizationPct,
+      sevenDayUtilizationPct: result.data.sevenDayUtilizationPct,
+      fiveHourResetAt: result.data.fiveHourResetAt?.toISOString() ?? null,
+      sevenDayResetAt: result.data.sevenDayResetAt?.toISOString() ?? null,
+      representativeClaim: result.data.representativeClaim,
+      overageStatus: result.data.overageStatus,
+      overageDisabledReason: result.data.overageDisabledReason,
+      capturedAt: this.now()
+    };
+  }
+  async fleetQuotaProbeTick() {
+    for (const label of listAccounts(this.home)) {
+      const creds = readAccountCredentials(label, this.home);
+      const token = creds?.claudeAiOauth?.accessToken;
+      if (!token)
+        continue;
+      let result;
+      try {
+        result = await this.fetchQuotaImpl({ accessToken: token });
+      } catch (err) {
+        this.logErr(`fleet-quota-probe ${label}: ${err.message}`);
+        continue;
+      }
+      this.cacheQuotaSnapshot(label, result);
+    }
+  }
   async consumerQuotaProbeTick() {
     const accounts = Array.from(new Set((this.config.auth?.consumers ?? []).map((c) => c.account)));
     for (const label of accounts) {
@@ -14175,6 +14227,21 @@ class AuthBroker {
     this.audit({ op: "mark-exhausted", identity: identity2, account, ok: true });
     socket.write(encodeSuccess(id, { account, rolled, rolledTo }));
   }
+  opClaimNotification(socket, id, identity2, key, windowMs) {
+    const now = this.now();
+    const prev = this.notificationClaims[key];
+    const granted = prev === undefined || now - prev >= windowMs;
+    if (granted) {
+      this.notificationClaims[key] = now;
+      for (const [k, ts] of Object.entries(this.notificationClaims)) {
+        if (now - ts > NOTIFICATION_CLAIM_MAX_AGE_MS)
+          delete this.notificationClaims[k];
+      }
+      this.persistNotificationClaims();
+      this.audit({ op: "claim-notification", identity: identity2, account: key, ok: true });
+    }
+    socket.write(encodeSuccess(id, { granted }));
+  }
   async opRefreshAccount(socket, id, identity2, account) {
     if (!this.isAdmin(identity2)) {
       this.audit({ op: "refresh-account", identity: identity2, account, ok: false, error: "FORBIDDEN" });
@@ -14777,6 +14844,7 @@ class AuthBroker {
     this.quota = this.readJson("quota.json") ?? {};
     this.shaIndex = this.readJson("sha-index.json") ?? {};
     this.thresholdViolations = this.readJson("threshold-violations.json") ?? {};
+    this.notificationClaims = this.readJson("notification-claims.json") ?? {};
   }
   readJson(name) {
     const p = join4(this.stateDir, name);
@@ -14791,6 +14859,9 @@ class AuthBroker {
   persistQuota() {
     atomicWriteJsonSync(join4(this.stateDir, "quota.json"), this.quota, 384);
   }
+  persistNotificationClaims() {
+    atomicWriteJsonSync(join4(this.stateDir, "notification-claims.json"), this.notificationClaims, 384);
+  }
   persistShaIndex() {
     atomicWriteJsonSync(join4(this.stateDir, "sha-index.json"), this.shaIndex, 384);
   }

package/dist/cli/drive-write-pretool.mjs

@@ -4000,7 +4000,7 @@ function decodeResponse(line) {
   }
   return ResponseSchema.parse(parsed);
 }
-var MAX_FRAME_BYTES, PROTOCOL_VERSION = 1, ProviderNameSchema, GetCredentialsRequestSchema, ListStateRequestSchema, SetActiveRequestSchema, MarkExhaustedRequestSchema, RefreshAccountRequestSchema, AnthropicCredentialsSchema, GoogleCredentialsSchema, MicrosoftCredentialsSchema, ProviderCredentialsSchema, AddAccountRequestSchema, RmAccountRequestSchema, SetOverrideRequestSchema, ListGoogleAccountsRequestSchema, ListMicrosoftAccountsRequestSchema, ProbeQuotaRequestSchema, RequestSchema, GetCredentialsDataSchema, AccountStateSchema, AgentStateSchema, ConsumerStateSchema, ListStateDataSchema, SetActiveDataSchema, MarkExhaustedDataSchema, RefreshAccountDataSchema, AddAccountDataSchema, RmAccountDataSchema, SetOverrideDataSchema, GoogleAccountStateSchema, ListGoogleAccountsDataSchema, MicrosoftAccountStateSchema, ListMicrosoftAccountsDataSchema, ErrorBodySchema, SuccessResponseSchema, ErrorResponseSchema, ResponseSchema;
+var MAX_FRAME_BYTES, PROTOCOL_VERSION = 1, ProviderNameSchema, GetCredentialsRequestSchema, ListStateRequestSchema, SetActiveRequestSchema, MarkExhaustedRequestSchema, RefreshAccountRequestSchema, AnthropicCredentialsSchema, GoogleCredentialsSchema, MicrosoftCredentialsSchema, ProviderCredentialsSchema, AddAccountRequestSchema, RmAccountRequestSchema, SetOverrideRequestSchema, ListGoogleAccountsRequestSchema, ListMicrosoftAccountsRequestSchema, ProbeQuotaRequestSchema, ClaimNotificationRequestSchema, RequestSchema, GetCredentialsDataSchema, AccountStateSchema, AgentStateSchema, ConsumerStateSchema, ListStateDataSchema, SetActiveDataSchema, MarkExhaustedDataSchema, RefreshAccountDataSchema, AddAccountDataSchema, RmAccountDataSchema, SetOverrideDataSchema, ClaimNotificationDataSchema, GoogleAccountStateSchema, ListGoogleAccountsDataSchema, MicrosoftAccountStateSchema, ListMicrosoftAccountsDataSchema, ErrorBodySchema, SuccessResponseSchema, ErrorResponseSchema, ResponseSchema;
 var init_protocol = __esm(() => {
   init_zod();
   MAX_FRAME_BYTES = 64 * 1024;
@@ -4116,6 +4116,13 @@ var init_protocol = __esm(() => {
     accounts: exports_external.array(exports_external.string().min(1)).min(1).max(32),
     timeoutMs: exports_external.number().int().positive().max(60000).optional()
   });
+  ClaimNotificationRequestSchema = exports_external.object({
+    v: exports_external.literal(PROTOCOL_VERSION),
+    op: exports_external.literal("claim-notification"),
+    id: exports_external.string().min(1),
+    key: exports_external.string().min(1).max(512),
+    windowMs: exports_external.number().int().positive().max(86400000)
+  });
   RequestSchema = exports_external.discriminatedUnion("op", [
     GetCredentialsRequestSchema,
     ListStateRequestSchema,
@@ -4127,7 +4134,8 @@ var init_protocol = __esm(() => {
     SetOverrideRequestSchema,
     ListGoogleAccountsRequestSchema,
     ListMicrosoftAccountsRequestSchema,
-    ProbeQuotaRequestSchema
+    ProbeQuotaRequestSchema,
+    ClaimNotificationRequestSchema
   ]);
   GetCredentialsDataSchema = exports_external.object({
     account: exports_external.string(),
@@ -4183,6 +4191,9 @@ var init_protocol = __esm(() => {
     agent: exports_external.string(),
     account: exports_external.string().nullable()
   });
+  ClaimNotificationDataSchema = exports_external.object({
+    granted: exports_external.boolean()
+  });
   GoogleAccountStateSchema = exports_external.object({
     account: exports_external.string(),
     expiresAt: exports_external.number(),
@@ -4364,6 +4375,16 @@ class AuthBrokerClient {
     const data = await this.send(req);
     return data;
   }
+  async claimNotification(key, windowMs) {
+    const data = await this.send({
+      v: PROTOCOL_VERSION,
+      id: randomUUID(),
+      op: "claim-notification",
+      key,
+      windowMs
+    });
+    return data;
+  }
   async refreshAccount(account) {
     const data = await this.send({
       v: PROTOCOL_VERSION,

package/dist/cli/switchroom.js

@@ -25561,7 +25561,7 @@ function decodeResponse2(line) {
   }
   return ResponseSchema2.parse(parsed);
 }
-var MAX_FRAME_BYTES2, PROTOCOL_VERSION = 1, ProviderNameSchema, GetCredentialsRequestSchema, ListStateRequestSchema, SetActiveRequestSchema, MarkExhaustedRequestSchema, RefreshAccountRequestSchema, AnthropicCredentialsSchema, GoogleCredentialsSchema, MicrosoftCredentialsSchema, ProviderCredentialsSchema, AddAccountRequestSchema, RmAccountRequestSchema, SetOverrideRequestSchema, ListGoogleAccountsRequestSchema, ListMicrosoftAccountsRequestSchema, ProbeQuotaRequestSchema, RequestSchema2, GetCredentialsDataSchema, AccountStateSchema, AgentStateSchema, ConsumerStateSchema, ListStateDataSchema, SetActiveDataSchema, MarkExhaustedDataSchema, RefreshAccountDataSchema, AddAccountDataSchema, RmAccountDataSchema, SetOverrideDataSchema, GoogleAccountStateSchema, ListGoogleAccountsDataSchema, MicrosoftAccountStateSchema, ListMicrosoftAccountsDataSchema, ErrorBodySchema, SuccessResponseSchema, ErrorResponseSchema2, ResponseSchema2;
+var MAX_FRAME_BYTES2, PROTOCOL_VERSION = 1, ProviderNameSchema, GetCredentialsRequestSchema, ListStateRequestSchema, SetActiveRequestSchema, MarkExhaustedRequestSchema, RefreshAccountRequestSchema, AnthropicCredentialsSchema, GoogleCredentialsSchema, MicrosoftCredentialsSchema, ProviderCredentialsSchema, AddAccountRequestSchema, RmAccountRequestSchema, SetOverrideRequestSchema, ListGoogleAccountsRequestSchema, ListMicrosoftAccountsRequestSchema, ProbeQuotaRequestSchema, ClaimNotificationRequestSchema, RequestSchema2, GetCredentialsDataSchema, AccountStateSchema, AgentStateSchema, ConsumerStateSchema, ListStateDataSchema, SetActiveDataSchema, MarkExhaustedDataSchema, RefreshAccountDataSchema, AddAccountDataSchema, RmAccountDataSchema, SetOverrideDataSchema, ClaimNotificationDataSchema, GoogleAccountStateSchema, ListGoogleAccountsDataSchema, MicrosoftAccountStateSchema, ListMicrosoftAccountsDataSchema, ErrorBodySchema, SuccessResponseSchema, ErrorResponseSchema2, ResponseSchema2;
 var init_protocol2 = __esm(() => {
   init_zod();
   MAX_FRAME_BYTES2 = 64 * 1024;
@@ -25677,6 +25677,13 @@ var init_protocol2 = __esm(() => {
     accounts: exports_external.array(exports_external.string().min(1)).min(1).max(32),
     timeoutMs: exports_external.number().int().positive().max(60000).optional()
   });
+  ClaimNotificationRequestSchema = exports_external.object({
+    v: exports_external.literal(PROTOCOL_VERSION),
+    op: exports_external.literal("claim-notification"),
+    id: exports_external.string().min(1),
+    key: exports_external.string().min(1).max(512),
+    windowMs: exports_external.number().int().positive().max(86400000)
+  });
   RequestSchema2 = exports_external.discriminatedUnion("op", [
     GetCredentialsRequestSchema,
     ListStateRequestSchema,
@@ -25688,7 +25695,8 @@ var init_protocol2 = __esm(() => {
     SetOverrideRequestSchema,
     ListGoogleAccountsRequestSchema,
     ListMicrosoftAccountsRequestSchema,
-    ProbeQuotaRequestSchema
+    ProbeQuotaRequestSchema,
+    ClaimNotificationRequestSchema
   ]);
   GetCredentialsDataSchema = exports_external.object({
     account: exports_external.string(),
@@ -25744,6 +25752,9 @@ var init_protocol2 = __esm(() => {
     agent: exports_external.string(),
     account: exports_external.string().nullable()
   });
+  ClaimNotificationDataSchema = exports_external.object({
+    granted: exports_external.boolean()
+  });
   GoogleAccountStateSchema = exports_external.object({
     account: exports_external.string(),
     expiresAt: exports_external.number(),
@@ -25925,6 +25936,16 @@ class AuthBrokerClient {
     const data = await this.send(req);
     return data;
   }
+  async claimNotification(key, windowMs) {
+    const data = await this.send({
+      v: PROTOCOL_VERSION,
+      id: randomUUID(),
+      op: "claim-notification",
+      key,
+      windowMs
+    });
+    return data;
+  }
   async refreshAccount(account) {
     const data = await this.send({
       v: PROTOCOL_VERSION,
@@ -49937,8 +49958,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.14.93";
-var COMMIT_SHA = "87b62902";
+var VERSION = "0.15.1";
+var COMMIT_SHA = "a93177c8";
 
 // src/cli/agent.ts
 init_source();
@@ -59358,15 +59379,27 @@ function formatQuotaReset(state) {
   const mins = Math.floor(remainingMs % 3600000 / 60000);
   return `${hours}h ${mins}m`;
 }
+function formatQuotaUtilCell(a, now = Date.now()) {
+  const lq = a.last_quota;
+  if (!lq)
+    return "no data";
+  const ageMs = Math.max(0, now - lq.capturedAt);
+  const mins = Math.floor(ageMs / 60000);
+  const ageStr = mins < 1 ? "just now" : mins < 60 ? `${mins}m ago` : mins < 1440 ? `${Math.floor(mins / 60)}h ago` : `${Math.floor(mins / 1440)}d ago`;
+  const five = Math.round(lq.fiveHourUtilizationPct);
+  const seven = Math.round(lq.sevenDayUtilizationPct);
+  return `${five}%\u00b7${seven}% (${ageStr})`;
+}
 function printAccountsTable(state) {
-  console.log(source_default.bold("  ACCOUNT                           STATUS       EXPIRES    QUOTA-RESET"));
+  console.log(source_default.bold("  ACCOUNT                           STATUS       EXPIRES    QUOTA 5h\u00b77d          QUOTA-RESET"));
   for (const a of state.accounts) {
     const marker = a.label === state.active ? source_default.green("\u25cf") : a.exhausted ? source_default.red("!") : source_default.gray("\u2713");
     const status = a.label === state.active ? source_default.green("active   ") : a.exhausted ? source_default.red("exhausted") : "available";
     const label = a.label.padEnd(32);
     const exp = formatExpiry2(a.expiresAt).padEnd(10);
+    const util3 = formatQuotaUtilCell(a).padEnd(20);
     const quota = formatQuotaReset(a);
-    console.log(`  ${marker} ${label} ${status}    ${exp} ${quota}`);
+    console.log(`  ${marker} ${label} ${status}    ${exp} ${util3} ${quota}`);
   }
 }
 function printAgentsTable(state) {

package/dist/cli/ui/index.html

@@ -440,15 +440,20 @@
       return h;
     }
 
+    // Tolerate a single transient failure on the 10s auto-refresh: one blip
+    // (e.g. the web container restarting) shouldn't flash a scary error over a
+    // healthy dashboard. Only surface the error after two in a row.
+    let agentFetchFails = 0;
     async function fetchAgents() {
       try {
         const res = await fetch(`${API}/api/agents`, { headers: authHeaders() });
         if (!res.ok) throw new Error(`HTTP ${res.status}`);
         agents = await res.json();
         render();
+        agentFetchFails = 0;
         clearError();
       } catch (err) {
-        showError(`Failed to fetch agents: ${err.message}`);
+        if (++agentFetchFails >= 2) showError(`Failed to fetch agents: ${err.message}`);
       }
     }
 
@@ -494,12 +499,18 @@
     }
 
     async function fetchConnections() {
+      // Each fetch falls back independently (.catch → default). A single
+      // network blip — e.g. one endpoint momentarily unreachable — must NOT
+      // reject the whole batch and blank the connected accounts; the others
+      // still render. (Previously a bare Promise.all meant any one failure
+      // wiped the tab, so a connected Google/Microsoft account "vanished".)
+      const safe = (p, fallback) => p.then(r => r.ok ? r.json() : fallback).catch(() => fallback);
       try {
         const [google, microsoft, notion, agents] = await Promise.all([
-          fetch(`${API}/api/google-accounts`, { headers: authHeaders() }).then(r => r.ok ? r.json() : []),
-          fetch(`${API}/api/microsoft-accounts`, { headers: authHeaders() }).then(r => r.ok ? r.json() : []),
-          fetch(`${API}/api/notion-workspace`, { headers: authHeaders() }).then(r => r.ok ? r.json() : { configured: false, databases: [] }),
-          fetch(`${API}/api/agents`, { headers: authHeaders() }).then(r => r.ok ? r.json() : []),
+          safe(fetch(`${API}/api/google-accounts`, { headers: authHeaders() }), []),
+          safe(fetch(`${API}/api/microsoft-accounts`, { headers: authHeaders() }), []),
+          safe(fetch(`${API}/api/notion-workspace`, { headers: authHeaders() }), { configured: false, databases: [] }),
+          safe(fetch(`${API}/api/agents`, { headers: authHeaders() }), []),
         ]);
         const agentNames = (agents || []).map(a => a.name).sort();
         renderConnections({ google, microsoft, notion, agentNames });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.14.93",
+  "version": "0.15.1",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {

package/telegram-plugin/auth-snapshot-format.ts

@@ -43,6 +43,11 @@ export interface AccountSnapshot {
   /** Mirrors the broker's `expiresAt` so the table can show token-life
    *  for accounts whose creds are about to expire. */
   expiresAtMs?: number;
+  /** Unix ms when `quota` was captured. Set for CACHED snapshots
+   *  (`buildSnapshotsFromCachedState`) so consumers can refuse to treat
+   *  stale data as current; undefined for live-probe snapshots (fresh
+   *  by construction). */
+  capturedAtMs?: number;
 }
 
 // ── health classification ────────────────────────────────────────────
@@ -653,6 +658,10 @@ export function buildSnapshotsFromCachedState(
       quota: reviveLastQuota(lq),
       quotaError: lq ? undefined : 'no cached quota (no probe since broker start)',
       expiresAtMs: acc.expiresAt,
+      // Surface the cache age so quota-watch can refuse to classify off
+      // stale data (the 2026-06-09 incident: a recovery latched days
+      // earlier only surfaced — and notified — at the next fleet bounce).
+      capturedAtMs: lq?.capturedAt,
     };
   });
 }

package/telegram-plugin/auto-fallback-fleet.ts

@@ -42,6 +42,65 @@ import {
   buildSnapshotsFromState,
 } from './auth-snapshot-format.js';
 
+/**
+ * Failure notice for when the fallback dispatcher itself errors (broker
+ * unreachable, listState/markExhausted throw). The model-unavailable
+ * card renders "Auto-failover in progress — see the announcement below"
+ * BEFORE the outcome is known; every error path must therefore still
+ * produce an announcement or the card's promise is broken (the
+ * 2026-06-06→07 incident: 12 cards promised an announcement while every
+ * dispatch errored "set-active requires admin" — log-only, nothing
+ * arrived). Pure builder so the shape is unit-testable.
+ */
+export function renderFallbackFailureNotice(triggerAgent: string, reason: string): string {
+  return (
+    `⚠️ <b>Auto-failover could not run</b> (trigger: <b>${escFailureHtml(triggerAgent)}</b>)\n` +
+    `${escFailureHtml(reason)}\n\n` +
+    `<i>Switch manually with <code>/auth use &lt;label&gt;</code>, or <code>/auth</code> for fleet status.</i>`
+  );
+}
+
+function escFailureHtml(s: string): string {
+  return s
+    .replace(/&/g, '&amp;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&#39;');
+}
+
+/**
+ * Cooldown for the failure notice. The fleetFallbackGate's dedup window
+ * deliberately arms ONLY on a successful swap (fleet-fallback-gate.ts:
+ * "No-ops … DO NOT arm the suppression window") — so it bounds nothing
+ * on the error path, and the card-less `quota_wall_detected` trigger
+ * re-signals every ~60s for the duration of a weekly wall. Without a
+ * notice-level bound, a persistent broker outage during a wall would
+ * stream ~60 failure notices/hour to every chat for days.
+ *
+ * Plain time cooldown, per gateway, in-memory. Deliberately NOT keyed
+ * by reason: broker error strings vary per attempt (timeout ms values
+ * etc.), so a new-reason bypass would re-open the spam hole. Worst
+ * case is one notice per gateway per cooldown window.
+ */
+export const FALLBACK_FAILURE_NOTICE_COOLDOWN_MS = 30 * 60_000;
+
+export interface FallbackFailureNoticeState {
+  /** Unix ms of the last failure notice this gateway sent. 0 = never. */
+  lastSentAtMs: number;
+}
+
+export function evaluateFallbackFailureNotice(
+  prev: FallbackFailureNoticeState,
+  now: number,
+  cooldownMs: number = FALLBACK_FAILURE_NOTICE_COOLDOWN_MS,
+): { send: boolean; next: FallbackFailureNoticeState } {
+  if (now - prev.lastSentAtMs >= cooldownMs) {
+    return { send: true, next: { lastSentAtMs: now } };
+  }
+  return { send: false, next: prev };
+}
+
 export type FleetFallbackOutcome =
   | {
       kind: 'switched';