switchroom 0.15.7 → 0.15.8

package/dist/agent-scheduler/index.js

@@ -11232,6 +11232,10 @@ var ReactionsSchema = exports_external.object({
   per_hour_cap: exports_external.number().int().nonnegative().optional().describe("Max reaction-triggered synthetic turns per chat per rolling hour. " + "Refusals are stderr-logged but not surfaced to the agent. " + "Default 10. Set to 0 to disable triggering via the cap path."),
   group_admin_only: exports_external.boolean().optional().describe("In groups/supergroups (negative chat_id), only trigger a synthetic " + "turn when the reacter is a chat admin (creator or administrator). " + "Failing the lookup is treated as non-admin (fail-closed). " + "DMs are never affected by this flag — the reacter IS the user. " + "Default true.")
 }).optional();
+var ReactionDispatchSchema = exports_external.object({
+  enabled: exports_external.boolean().optional().describe("Master switch for the reaction-dispatch path. Default false — " + "with no reaction_dispatch block, reactions are persisted (and may " + "feed the `reactions` feedback path) but are NEVER dispatched as " + "event-driven inbound turns."),
+  emojis: exports_external.array(exports_external.string()).optional().describe('Emoji allowlist that triggers a `<channel event="reaction">` ' + "inbound turn when reacted to any message. Default [] (nothing " + "fires). Cascade mode: REPLACE (not union) — a layer's list " + "replaces lower layers entirely so an operator can narrow per-agent.")
+}).optional();
 var ReleaseBlock = exports_external.object({
   channel: exports_external.enum(["dev", "rc", "latest"]).optional(),
   pin: exports_external.string().regex(/^(sha-[0-9a-f]{7,40}|v\d+\.\d+\.\d+)$/).optional()
@@ -11267,6 +11271,7 @@ var profileFields = {
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Omit to use Claude's default (acceptEdits for switchroom agents). " + "Warning: bypassPermissions and dontAsk skip all safety checks — use only in trusted sandboxes."),
@@ -11336,6 +11341,7 @@ var AgentSchema = exports_external.object({
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Per-agent override wins over defaults.permission_mode. " + "Warning: bypassPermissions and dontAsk skip all safety checks — use only in trusted sandboxes."),
@@ -12001,6 +12007,18 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reactions = combined;
   }
+  const dReactionDispatch = defaults.reaction_dispatch;
+  const mReactionDispatch = merged.reaction_dispatch;
+  if (dReactionDispatch || mReactionDispatch) {
+    const base = dReactionDispatch ?? {};
+    const override = mReactionDispatch ?? {};
+    const combined = { ...base };
+    for (const [k, v] of Object.entries(override)) {
+      if (v !== undefined)
+        combined[k] = v;
+    }
+    merged.reaction_dispatch = combined;
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};
@@ -14364,6 +14382,43 @@ function registerAgentSchedule(opts) {
   }
   return tasks;
 }
+function scheduleSignature(entries) {
+  return JSON.stringify(entries);
+}
+function createScheduleReloader(opts) {
+  let tasks = opts.initialTasks;
+  let sig = scheduleSignature(opts.initialEntries);
+  return {
+    tick() {
+      let next;
+      try {
+        next = opts.loadEntries();
+      } catch (err) {
+        opts.onError?.(err);
+        return;
+      }
+      const nextSig = scheduleSignature(next);
+      if (nextSig === sig)
+        return;
+      const before = tasks.length;
+      for (const t of tasks)
+        t.task.stop();
+      tasks = opts.register(next);
+      sig = nextSig;
+      opts.log(`schedule reloaded: ${before} → ${tasks.length} task(s)`);
+    },
+    currentTasks() {
+      return tasks;
+    }
+  };
+}
+function resolveReloadPollMs(env) {
+  const raw = Number.parseInt(env.SWITCHROOM_SCHEDULER_RELOAD_POLL_MS ?? "", 10);
+  return Number.isFinite(raw) && raw >= 1000 ? raw : 30000;
+}
+function isHotReloadEnabled(env) {
+  return env.SWITCHROOM_SCHEDULER_HOT_RELOAD !== "0";
+}
 function ipcDispatcher(client) {
   return {
     sendToAgent(agentName, inbound) {
@@ -14405,8 +14460,28 @@ async function main() {
   if (entries.length === 0) {
     process.stdout.write(`agent-scheduler: ${agentName} has no schedule entries — idling ` + `(re-checks on container restart)
 `);
-    setInterval(() => {}, 1 << 30);
+    let idleTimer;
+    if (isHotReloadEnabled(process.env)) {
+      idleTimer = setInterval(() => {
+        let appeared;
+        try {
+          appeared = collectScheduleEntries(loadConfig(configPath)).filter((e) => e.agent === agentName);
+        } catch {
+          return;
+        }
+        if (appeared.length > 0) {
+          process.stdout.write(`agent-scheduler: ${agentName} schedule appeared (${appeared.length} ` + `entr${appeared.length === 1 ? "y" : "ies"}) — restarting to activate
+`);
+          clearInterval(idleTimer);
+          releaseLock(lockPath);
+          process.exit(0);
+        }
+      }, resolveReloadPollMs(process.env));
+    } else {
+      idleTimer = setInterval(() => {}, 1 << 30);
+    }
     const cleanup = () => {
+      clearInterval(idleTimer);
       releaseLock(lockPath);
       process.exit(0);
     };
@@ -14551,8 +14626,8 @@ Briefly and plainly tell the user these scheduled runs did not ` + "happen so th
     process.stdout.write(`agent-scheduler: ${agentName} cheap-cron ENABLED` + (recovered > 0 ? ` (recovered ${recovered} pending escalation(s))` : "") + `
 `);
   }
-  const tasks = registerAgentSchedule({
-    entries,
+  const registerForEntries = (es) => registerAgentSchedule({
+    entries: es,
     channel,
     sink,
     cronLib,
@@ -14560,10 +14635,28 @@ Briefly and plainly tell the user these scheduled runs did not ` + "happen so th
     ...quotaGate ? { quotaGate } : {},
     ...cheapCron ? { cheapCron } : {}
   });
+  const tasks = registerForEntries(entries);
   process.stdout.write(`agent-scheduler: ${agentName} registered ${tasks.length} task(s); ` + `chat=${channel.chatId} thread=${channel.threadId ?? "(none)"} ` + `socket=${socketPath} jsonl=${jsonlPath}
 `);
+  let reloader;
+  let reloadTimer;
+  if (isHotReloadEnabled(process.env)) {
+    reloader = createScheduleReloader({
+      loadEntries: () => collectScheduleEntries(loadConfig(configPath)).filter((e) => e.agent === agentName),
+      register: registerForEntries,
+      initialTasks: tasks,
+      initialEntries: entries,
+      log: (m) => process.stdout.write(`agent-scheduler: ${agentName} ${m}
+`),
+      onError: (e) => process.stderr.write(`agent-scheduler: ${agentName} reload skipped (config error, keeping current schedule): ${e.message}
+`)
+    });
+    reloadTimer = setInterval(() => reloader.tick(), resolveReloadPollMs(process.env));
+  }
   const shutdown = () => {
-    for (const t of tasks)
+    if (reloadTimer)
+      clearInterval(reloadTimer);
+    for (const t of reloader ? reloader.currentTasks() : tasks)
       t.task.stop();
     sink.close();
     ipcClient.close();
@@ -14581,10 +14674,14 @@ if (import.meta.url === `file://${process.argv[1]}` && /(?:^|[/\\])agent-schedul
   });
 }
 export {
+  scheduleSignature,
+  resolveReloadPollMs,
   resolveEntryThreadId,
   resolveChannelTarget,
   registerAgentSchedule,
   recoverPendingEscalations,
   main,
-  ipcDispatcher
+  isHotReloadEnabled,
+  ipcDispatcher,
+  createScheduleReloader
 };

package/dist/auth-broker/index.js

@@ -11232,6 +11232,10 @@ var ReactionsSchema = exports_external.object({
   per_hour_cap: exports_external.number().int().nonnegative().optional().describe("Max reaction-triggered synthetic turns per chat per rolling hour. " + "Refusals are stderr-logged but not surfaced to the agent. " + "Default 10. Set to 0 to disable triggering via the cap path."),
   group_admin_only: exports_external.boolean().optional().describe("In groups/supergroups (negative chat_id), only trigger a synthetic " + "turn when the reacter is a chat admin (creator or administrator). " + "Failing the lookup is treated as non-admin (fail-closed). " + "DMs are never affected by this flag — the reacter IS the user. " + "Default true.")
 }).optional();
+var ReactionDispatchSchema = exports_external.object({
+  enabled: exports_external.boolean().optional().describe("Master switch for the reaction-dispatch path. Default false — " + "with no reaction_dispatch block, reactions are persisted (and may " + "feed the `reactions` feedback path) but are NEVER dispatched as " + "event-driven inbound turns."),
+  emojis: exports_external.array(exports_external.string()).optional().describe('Emoji allowlist that triggers a `<channel event="reaction">` ' + "inbound turn when reacted to any message. Default [] (nothing " + "fires). Cascade mode: REPLACE (not union) — a layer's list " + "replaces lower layers entirely so an operator can narrow per-agent.")
+}).optional();
 var ReleaseBlock = exports_external.object({
   channel: exports_external.enum(["dev", "rc", "latest"]).optional(),
   pin: exports_external.string().regex(/^(sha-[0-9a-f]{7,40}|v\d+\.\d+\.\d+)$/).optional()
@@ -11267,6 +11271,7 @@ var profileFields = {
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Omit to use Claude's default (acceptEdits for switchroom agents). " + "Warning: bypassPermissions and dontAsk skip all safety checks — use only in trusted sandboxes."),
@@ -11336,6 +11341,7 @@ var AgentSchema = exports_external.object({
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Per-agent override wins over defaults.permission_mode. " + "Warning: bypassPermissions and dontAsk skip all safety checks — use only in trusted sandboxes."),
@@ -12001,6 +12007,18 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reactions = combined;
   }
+  const dReactionDispatch = defaults.reaction_dispatch;
+  const mReactionDispatch = merged.reaction_dispatch;
+  if (dReactionDispatch || mReactionDispatch) {
+    const base = dReactionDispatch ?? {};
+    const override = mReactionDispatch ?? {};
+    const combined = { ...base };
+    for (const [k, v] of Object.entries(override)) {
+      if (v !== undefined)
+        combined[k] = v;
+    }
+    merged.reaction_dispatch = combined;
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};

package/dist/cli/notion-write-pretool.mjs

@@ -11980,6 +11980,10 @@ var ReactionsSchema = exports_external.object({
   per_hour_cap: exports_external.number().int().nonnegative().optional().describe("Max reaction-triggered synthetic turns per chat per rolling hour. " + "Refusals are stderr-logged but not surfaced to the agent. " + "Default 10. Set to 0 to disable triggering via the cap path."),
   group_admin_only: exports_external.boolean().optional().describe("In groups/supergroups (negative chat_id), only trigger a synthetic " + "turn when the reacter is a chat admin (creator or administrator). " + "Failing the lookup is treated as non-admin (fail-closed). " + "DMs are never affected by this flag \u2014 the reacter IS the user. " + "Default true.")
 }).optional();
+var ReactionDispatchSchema = exports_external.object({
+  enabled: exports_external.boolean().optional().describe("Master switch for the reaction-dispatch path. Default false \u2014 " + "with no reaction_dispatch block, reactions are persisted (and may " + "feed the `reactions` feedback path) but are NEVER dispatched as " + "event-driven inbound turns."),
+  emojis: exports_external.array(exports_external.string()).optional().describe('Emoji allowlist that triggers a `<channel event="reaction">` ' + "inbound turn when reacted to any message. Default [] (nothing " + "fires). Cascade mode: REPLACE (not union) \u2014 a layer's list " + "replaces lower layers entirely so an operator can narrow per-agent.")
+}).optional();
 var ReleaseBlock = exports_external.object({
   channel: exports_external.enum(["dev", "rc", "latest"]).optional(),
   pin: exports_external.string().regex(/^(sha-[0-9a-f]{7,40}|v\d+\.\d+\.\d+)$/).optional()
@@ -12015,6 +12019,7 @@ var profileFields = {
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker \u2014 independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 \u2014 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Omit to use Claude's default (acceptEdits for switchroom agents). " + "Warning: bypassPermissions and dontAsk skip all safety checks \u2014 use only in trusted sandboxes."),
@@ -12084,6 +12089,7 @@ var AgentSchema = exports_external.object({
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
   secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
+  reaction_dispatch: ReactionDispatchSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
   permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Per-agent override wins over defaults.permission_mode. " + "Warning: bypassPermissions and dontAsk skip all safety checks \u2014 use only in trusted sandboxes."),
@@ -12751,6 +12757,18 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reactions = combined;
   }
+  const dReactionDispatch = defaults.reaction_dispatch;
+  const mReactionDispatch = merged.reaction_dispatch;
+  if (dReactionDispatch || mReactionDispatch) {
+    const base = dReactionDispatch ?? {};
+    const override = mReactionDispatch ?? {};
+    const combined = { ...base };
+    for (const [k, v] of Object.entries(override)) {
+      if (v !== undefined)
+        combined[k] = v;
+    }
+    merged.reaction_dispatch = combined;
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};

package/dist/cli/switchroom.js

@@ -13520,7 +13520,7 @@ var init_zod = __esm(() => {
 });
 
 // src/config/schema.ts
-var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, TelegramReactionsPollSchema, PollSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, SwitchroomConfigSchema;
+var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, TelegramReactionsPollSchema, PollSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReactionDispatchSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, SwitchroomConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   CodeRepoEntrySchema = exports_external.object({
@@ -13796,6 +13796,10 @@ var init_schema = __esm(() => {
     per_hour_cap: exports_external.number().int().nonnegative().optional().describe("Max reaction-triggered synthetic turns per chat per rolling hour. " + "Refusals are stderr-logged but not surfaced to the agent. " + "Default 10. Set to 0 to disable triggering via the cap path."),
     group_admin_only: exports_external.boolean().optional().describe("In groups/supergroups (negative chat_id), only trigger a synthetic " + "turn when the reacter is a chat admin (creator or administrator). " + "Failing the lookup is treated as non-admin (fail-closed). " + "DMs are never affected by this flag \u2014 the reacter IS the user. " + "Default true.")
   }).optional();
+  ReactionDispatchSchema = exports_external.object({
+    enabled: exports_external.boolean().optional().describe("Master switch for the reaction-dispatch path. Default false \u2014 " + "with no reaction_dispatch block, reactions are persisted (and may " + "feed the `reactions` feedback path) but are NEVER dispatched as " + "event-driven inbound turns."),
+    emojis: exports_external.array(exports_external.string()).optional().describe('Emoji allowlist that triggers a `<channel event="reaction">` ' + "inbound turn when reacted to any message. Default [] (nothing " + "fires). Cascade mode: REPLACE (not union) \u2014 a layer's list " + "replaces lower layers entirely so an operator can narrow per-agent.")
+  }).optional();
   ReleaseBlock = exports_external.object({
     channel: exports_external.enum(["dev", "rc", "latest"]).optional(),
     pin: exports_external.string().regex(/^(sha-[0-9a-f]{7,40}|v\d+\.\d+\.\d+)$/).optional()
@@ -13831,6 +13835,7 @@ var init_schema = __esm(() => {
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
     secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker \u2014 independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 \u2014 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
     reactions: ReactionsSchema,
+    reaction_dispatch: ReactionDispatchSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
     permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Omit to use Claude's default (acceptEdits for switchroom agents). " + "Warning: bypassPermissions and dontAsk skip all safety checks \u2014 use only in trusted sandboxes."),
@@ -13900,6 +13905,7 @@ var init_schema = __esm(() => {
     schedule: exports_external.array(ScheduleEntrySchema).default([]),
     secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
     reactions: ReactionsSchema,
+    reaction_dispatch: ReactionDispatchSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
     permission_mode: exports_external.enum(["acceptEdits", "auto", "bypassPermissions", "default", "dontAsk", "plan"]).optional().describe("Permission mode passed as --permission-mode to the claude CLI. " + "Per-agent override wins over defaults.permission_mode. " + "Warning: bypassPermissions and dontAsk skip all safety checks \u2014 use only in trusted sandboxes."),
@@ -14617,6 +14623,18 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reactions = combined;
   }
+  const dReactionDispatch = defaults.reaction_dispatch;
+  const mReactionDispatch = merged.reaction_dispatch;
+  if (dReactionDispatch || mReactionDispatch) {
+    const base = dReactionDispatch ?? {};
+    const override = mReactionDispatch ?? {};
+    const combined = { ...base };
+    for (const [k, v] of Object.entries(override)) {
+      if (v !== undefined)
+        combined[k] = v;
+    }
+    merged.reaction_dispatch = combined;
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};
@@ -49409,6 +49427,10 @@ function dispatchTool(name, args) {
         base.push("--name", a.name);
       if (a.secrets && a.secrets.length > 0)
         base.push("--secrets", a.secrets.join(","));
+      if (a.model)
+        base.push("--model", a.model);
+      if (a.context)
+        base.push("--context", a.context);
       cliArgs = base;
       parseMode = "json";
       break;
@@ -49593,7 +49615,7 @@ var init_server3 = __esm(() => {
     },
     {
       name: "schedule_add",
-      description: "Append a cron schedule entry to the agent's overlay dir. " + "Overlay-sourced entries with non-empty `secrets:` are REJECTED " + "(E_OVERLAY_SECRETS_REQUIRES_APPROVAL); operator-authored entries " + "in switchroom.yaml are unaffected.",
+      description: "Append a cron schedule entry to your overlay. Takes effect within ~30s \u2014 " + "the scheduler hot-reloads, no restart needed. Overlay entries with " + "non-empty `secrets:` are REJECTED (E_OVERLAY_SECRETS_REQUIRES_APPROVAL). " + "COST: by default each fire runs as a full turn in your live session " + "(your model, your whole context) \u2014 fine for work that needs your memory/" + "persona, but costly for routine checks. For a lighter recurring task, set " + '`model: "sonnet"` to run that fire in a cheap, minimal-context cron ' + "session instead (saves tokens; needs cheap-cron enabled by the operator). " + "For 'only do something when X changes' (e.g. a webpage, or a reaction), " + "ask the operator to set up a poll or reaction-dispatch instead of a " + "frequent prompt cron \u2014 far cheaper than polling with a full turn.",
       inputSchema: {
         type: "object",
         required: ["cron_expr", "prompt"],
@@ -49601,7 +49623,16 @@ var init_server3 = __esm(() => {
           cron_expr: { type: "string" },
           prompt: { type: "string", minLength: 1, maxLength: 4000 },
           secrets: { type: "array", items: { type: "string" } },
-          name: { type: "string", pattern: "^[a-z0-9-]{1,40}$" }
+          name: { type: "string", pattern: "^[a-z0-9-]{1,40}$" },
+          model: {
+            type: "string",
+            description: "Optional cheap-cron tier hint. A known-cheap model ('sonnet'/'haiku') " + "routes this fire to a fresh, minimal-context cron session (Tier 1) " + "instead of your full live session (Tier 2) \u2014 cheaper per fire. Omit " + "for context-heavy work that needs your memory/persona. Inert unless " + "the operator has enabled cheap-cron."
+          },
+          context: {
+            type: "string",
+            enum: ["fresh", "agent"],
+            description: "Tier hint: 'fresh' = minimal-context cheap session (Tier 1); 'agent' " + "= your full live session (Tier 2). Usually inferred from `model`."
+          }
         }
       }
     },
@@ -50204,8 +50235,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.15.7";
-var COMMIT_SHA = "c0a8b988";
+var VERSION = "0.15.8";
+var COMMIT_SHA = "318cb85f";
 
 // src/cli/agent.ts
 init_source();
@@ -50409,6 +50440,13 @@ function stripSecretValues(value) {
 function restartRequiredNote(agent) {
   return `Not live yet \u2014 claude loads skills, MCP servers and scheduled ` + `tasks at process start. Run \`switchroom agent restart ${agent}\` ` + `for this to take effect.`;
 }
+function scheduleRestartRequired() {
+  return (process.env.SWITCHROOM_SCHEDULER_HOT_RELOAD ?? "") === "0";
+}
+function scheduleLiveNote(agent) {
+  const hotReload = (process.env.SWITCHROOM_SCHEDULER_HOT_RELOAD ?? "") !== "0";
+  return hotReload ? `Live within ~30s \u2014 the in-agent scheduler hot-reloads the overlay; no restart needed.` : `Not live yet \u2014 hot-reload is disabled (SWITCHROOM_SCHEDULER_HOT_RELOAD=0). ` + `Run \`switchroom agent restart ${agent}\` for this to take effect.`;
+}
 function getAgentSlice(config, agent) {
   const slice = config.agents?.[agent];
   if (!slice) {
@@ -68118,6 +68156,7 @@ init_source();
 // src/web/server.ts
 init_merge();
 init_loader();
+init_client();
 init_lifecycle();
 import {
   readFileSync as readFileSync45,
@@ -74490,12 +74529,37 @@ function loadWebhookSecrets() {
     return {};
   }
 }
+async function resolveWebhookSecretFromVault(agent, source, config) {
+  const key = `webhook/${agent}/${source}`;
+  try {
+    const socket = resolveBrokerSocketPath({
+      vaultBrokerSocket: config.vault?.broker?.socket ? resolvePath(config.vault.broker.socket) : undefined
+    });
+    const result = await getViaBrokerStructured(key, { socket });
+    if (result.kind === "ok" && result.entry.kind === "string") {
+      return result.entry.value;
+    }
+    if (result.kind === "denied" || result.kind === "unreachable") {
+      process.stderr.write(`webhook-ingest: vault resolve for ${key} \u2192 ${result.kind}` + `${"code" in result && result.code ? ` (${result.code})` : ""}` + `; webhook will 401 until the secret is operator-readable
+`);
+    }
+  } catch (err) {
+    process.stderr.write(`webhook-ingest: vault resolve for ${key} threw: ${err.message}
+`);
+  }
+  return null;
+}
 async function handleWebhookRoute(req, agent, source, config) {
   const agentConfigRaw = config.agents[agent];
   const agentConfig = agentConfigRaw ? resolveAgentConfig(config.defaults, config.profiles, agentConfigRaw) : undefined;
   const allowedSources = agentConfig?.channels?.telegram?.webhook_sources ?? [];
   const allSecrets = loadWebhookSecrets();
-  const agentSecrets = allSecrets[agent] ?? {};
+  const agentSecrets = { ...allSecrets[agent] ?? {} };
+  if (!agentSecrets[source]) {
+    const fromVault = await resolveWebhookSecretFromVault(agent, source, config);
+    if (fromVault)
+      agentSecrets[source] = fromVault;
+  }
   const requireEdge = agentConfig?.channels?.telegram?.webhook_require_edge === true;
   const edgeSecret = requireEdge ? loadEdgeSecret() : null;
   let bodyBuf;
@@ -82933,6 +82997,10 @@ function scheduleAdd(opts) {
     entry.secrets = opts.secrets;
   if (opts.name)
     entry.name = opts.name;
+  if (opts.model)
+    entry.model = opts.model;
+  if (opts.context)
+    entry.context = opts.context;
   const doc = {
     schedule: [
       Object.fromEntries(Object.entries(entry).filter(([k]) => k !== "name"))
@@ -83017,8 +83085,8 @@ function scheduleAdd(opts) {
     path: path8,
     cron_hash: hash2,
     would_recreate: false,
-    restart_required: true,
-    restart_hint: restartRequiredNote(agent)
+    restart_required: scheduleRestartRequired(),
+    restart_hint: scheduleLiveNote(agent)
   };
 }
 function scheduleAddOrStage(opts) {
@@ -83043,6 +83111,10 @@ function scheduleAddOrStage(opts) {
     entry.secrets = opts.secrets;
   if (opts.name)
     entry.name = opts.name;
+  if (opts.model)
+    entry.model = opts.model;
+  if (opts.context)
+    entry.context = opts.context;
   const doc = {
     schedule: [
       Object.fromEntries(Object.entries(entry).filter(([k]) => k !== "name"))
@@ -83142,13 +83214,17 @@ function scheduleRemove(opts) {
     ok: true,
     slug: match.slug,
     path: match.path,
-    restart_required: true,
-    restart_hint: restartRequiredNote(agent)
+    restart_required: scheduleRestartRequired(),
+    restart_hint: scheduleLiveNote(agent)
   };
 }
 function registerAgentConfigWriteCommands(program3) {
   const schedule = program3.command("schedule").description("Add / remove an agent's scheduled cron entries (overlay-backed)");
-  schedule.command("add").description("Append a schedule entry to the agent's overlay dir").requiredOption("--cron <expr>", "Cron expression").requiredOption("--prompt <text>", "Prompt to fire at the scheduled time").option("--agent <name>", "Target agent (defaults to $SWITCHROOM_AGENT_NAME)").option("--secrets <list>", "Comma-separated vault keys (REJECTED for agent-authored overlays)").option("--name <slug>", "Optional human-readable name (a-z 0-9 -)").option("--stage-on-reject", "When a security gate trips (secrets/quota/min-interval), stage the entry under .pending/ for operator approval instead of rejecting with exit 9. Used by the MCP path; operator CLI defaults to off.").action(async (opts) => {
+  schedule.command("add").description("Append a schedule entry to the agent's overlay dir").requiredOption("--cron <expr>", "Cron expression").requiredOption("--prompt <text>", "Prompt to fire at the scheduled time").option("--agent <name>", "Target agent (defaults to $SWITCHROOM_AGENT_NAME)").option("--secrets <list>", "Comma-separated vault keys (REJECTED for agent-authored overlays)").option("--name <slug>", "Optional human-readable name (a-z 0-9 -)").option("--model <id>", "Cheap-cron tier hint: a known-cheap model (sonnet/haiku) routes this fire to a fresh, minimal-context cron session (Tier 1) instead of the agent's full live session (Tier 2), cutting token cost. Inert unless SWITCHROOM_CHEAP_CRON is on.").option("--context <mode>", "Tier hint: 'fresh' (minimal-context cheap session) or 'agent' (full live session). Unset \u2192 inferred from --model.").option("--stage-on-reject", "When a security gate trips (secrets/quota/min-interval), stage the entry under .pending/ for operator approval instead of rejecting with exit 9. Used by the MCP path; operator CLI defaults to off.").action(async (opts) => {
+    if (opts.context && opts.context !== "fresh" && opts.context !== "agent") {
+      emitError("E_INVALID_PROMPT", "--context must be 'fresh' or 'agent'");
+      process.exit(1);
+    }
     const secrets = opts.secrets ? opts.secrets.split(",").map((s) => s.trim()).filter(Boolean) : undefined;
     if (opts.name && !/^[a-z0-9-]{1,40}$/.test(opts.name)) {
       emitError("E_INVALID_PROMPT", "name must match [a-z0-9-]{1,40}");
@@ -83166,7 +83242,9 @@ function registerAgentConfigWriteCommands(program3) {
         cronExpr: opts.cron,
         prompt: opts.prompt,
         secrets,
-        name: opts.name
+        name: opts.name,
+        model: opts.model,
+        context: opts.context
       });
     } catch (err) {
       process.stderr.write(`${err.message}
@@ -85050,7 +85128,11 @@ import { homedir as homedir48 } from "node:os";
 import { join as join82 } from "node:path";
 import { spawnSync as spawnSync14 } from "node:child_process";
 init_audit_reader();
-var DEFAULT_IMAGE_TAG = "latest";
+function resolveHostdImageTag(explicitTag, release) {
+  if (explicitTag)
+    return explicitTag;
+  return resolveImageTag(resolveRelease({ root: release }));
+}
 var HOSTD_COMPOSE_PROJECT = "switchroom-hostd";
 function renderHostdComposeFile(opts) {
   const { hostHome, imageTag, operatorUid } = opts;
@@ -85202,9 +85284,10 @@ async function doInstall(opts, program3) {
   const dir = hostdDir();
   const composePath = hostdComposePath();
   mkdirSync47(dir, { recursive: true });
+  const imageTag = resolveHostdImageTag(opts.tag, cfg.release);
   const yaml = renderHostdComposeFile({
     hostHome: resolveHostdHostHome(),
-    imageTag: opts.tag ?? DEFAULT_IMAGE_TAG,
+    imageTag,
     operatorUid: resolveOperatorUid()
   });
   if (opts.dryRun) {
@@ -85221,12 +85304,12 @@ async function doInstall(opts, program3) {
   const adminAgents = Object.entries(cfg.agents ?? {}).filter(([, a]) => a?.admin === true).map(([name]) => name);
   console.log(source_default.dim(`    agents served (one socket each): ${allAgents.length === 0 ? "(none)" : allAgents.join(", ")}`));
   console.log(source_default.dim(`    admin agents (full config-edit verbs): ${adminAgents.length === 0 ? "(none)" : adminAgents.join(", ")}`));
-  console.log(source_default.dim(`    Pulling ghcr.io/switchroom/switchroom-hostd:${opts.tag ?? DEFAULT_IMAGE_TAG}\u2026`));
+  console.log(source_default.dim(`    Pulling ghcr.io/switchroom/switchroom-hostd:${imageTag}\u2026`));
   const pull = runDocker(["compose", "-p", HOSTD_COMPOSE_PROJECT, "-f", composePath, "pull"]);
   if (!pull.ok) {
     console.error(source_default.red(`  pull failed:
 ${pull.stderr}`));
-    console.error(source_default.yellow(`  Hint: \`ghcr.io/switchroom/switchroom-hostd:${opts.tag ?? DEFAULT_IMAGE_TAG}\` may not be published yet.
+    console.error(source_default.yellow(`  Hint: \`ghcr.io/switchroom/switchroom-hostd:${imageTag}\` may not be published yet.
 ` + `  Check the docker-images workflow run and verify the tag at:
 ` + `      https://github.com/switchroom/switchroom/pkgs/container/switchroom-hostd`));
     process.exit(1);
@@ -85311,7 +85394,7 @@ ${down.stderr}`));
 }
 function registerHostdCommand(program3) {
   const hostd = program3.command("hostd").description("Manage switchroom-hostd, the host-control daemon for admin agents (RFC C)");
-  hostd.command("install").description("Install or refresh the hostd container (writes ~/.switchroom/hostd/docker-compose.yml + docker compose up -d)").option("--tag <tag>", "Image tag (default: latest)", DEFAULT_IMAGE_TAG).option("--dry-run", "Print the compose file and the docker commands without writing or running anything").action(withConfigError(async (opts) => {
+  hostd.command("install").description("Install or refresh the hostd container (writes ~/.switchroom/hostd/docker-compose.yml + docker compose up -d)").option("--tag <tag>", "Image tag override (default: resolved from release.pin in switchroom.yaml, else latest)").option("--dry-run", "Print the compose file and the docker commands without writing or running anything").action(withConfigError(async (opts) => {
     await doInstall(opts, program3);
   }));
   hostd.command("status").description("Show daemon state and bound sockets").action(() => doStatus());
@@ -85369,7 +85452,11 @@ import { existsSync as existsSync85, mkdirSync as mkdirSync48, writeFileSync as
 import { homedir as homedir49 } from "node:os";
 import { join as join83 } from "node:path";
 import { spawnSync as spawnSync15 } from "node:child_process";
-var DEFAULT_IMAGE_TAG2 = "latest";
+function resolveWebImageTag(explicitTag, release) {
+  if (explicitTag)
+    return explicitTag;
+  return resolveImageTag(resolveRelease({ root: release }));
+}
 var WEB_COMPOSE_PROJECT = "switchroom-web";
 function renderWebComposeFile(opts) {
   const { hostHome, imageTag, operatorUid } = opts;
@@ -85470,7 +85557,7 @@ function runDocker2(args) {
     stderr: r.stderr ?? ""
   };
 }
-async function doInstall2(opts) {
+async function doInstall2(opts, program3) {
   const operatorUid = resolveOperatorUid();
   if (operatorUid === undefined) {
     console.error(source_default.red(`Could not resolve the operator uid (no SUDO_UID and getuid() is 0 or unavailable).
@@ -85481,9 +85568,11 @@ async function doInstall2(opts) {
   const dir = webdDir();
   const composePath = webdComposePath();
   mkdirSync48(dir, { recursive: true });
+  const cfg = getConfig(program3);
+  const imageTag = resolveWebImageTag(opts.tag, cfg.release);
   const yaml = renderWebComposeFile({
     hostHome: homedir49(),
-    imageTag: opts.tag ?? DEFAULT_IMAGE_TAG2,
+    imageTag,
     operatorUid
   });
   if (opts.dryRun) {
@@ -85498,12 +85587,12 @@ async function doInstall2(opts) {
   writeFileSync41(composePath, yaml, "utf8");
   console.log(source_default.green(`  \u2713 Wrote ${composePath}`));
   console.log(source_default.dim(`    running as uid ${operatorUid} (operator), network_mode: host`));
-  console.log(source_default.dim(`    Pulling ghcr.io/switchroom/switchroom-web:${opts.tag ?? DEFAULT_IMAGE_TAG2}\u2026`));
+  console.log(source_default.dim(`    Pulling ghcr.io/switchroom/switchroom-web:${imageTag}\u2026`));
   const pull = runDocker2(["compose", "-p", WEB_COMPOSE_PROJECT, "-f", composePath, "pull"]);
   if (!pull.ok) {
     console.error(source_default.red(`  pull failed:
 ${pull.stderr}`));
-    console.error(source_default.yellow(`  Hint: \`ghcr.io/switchroom/switchroom-web:${opts.tag ?? DEFAULT_IMAGE_TAG2}\` may not be published yet.
+    console.error(source_default.yellow(`  Hint: \`ghcr.io/switchroom/switchroom-web:${imageTag}\` may not be published yet.
 ` + `  Check the docker-images workflow run and verify the tag at:
 ` + `      https://github.com/switchroom/switchroom/pkgs/container/switchroom-web`));
     process.exit(1);
@@ -85571,8 +85660,8 @@ ${down.stderr}`));
 }
 function registerWebdCommand(program3) {
   const webd = program3.command("webd").description("Manage switchroom-web, the dashboard + GitHub-webhook receiver container");
-  webd.command("install").description("Install or refresh the web container (writes ~/.switchroom/web/docker-compose.yml + docker compose up -d)").option("--tag <tag>", "Image tag (default: latest)", DEFAULT_IMAGE_TAG2).option("--dry-run", "Print the compose file and the docker commands without writing or running anything").action(withConfigError(async (opts) => {
-    await doInstall2(opts);
+  webd.command("install").description("Install or refresh the web container (writes ~/.switchroom/web/docker-compose.yml + docker compose up -d)").option("--tag <tag>", "Image tag override (default: resolved from release.pin in switchroom.yaml, else latest)").option("--dry-run", "Print the compose file and the docker commands without writing or running anything").action(withConfigError(async (opts) => {
+    await doInstall2(opts, program3);
   }));
   webd.command("status").description("Show web-service container state").action(() => doStatus2());
   webd.command("uninstall").description("Stop the web container. Leaves the compose file in place for re-install.").action(() => doUninstall2());