teleportation-cli 1.3.0 → 1.4.1

package/lib/daemon/teleportation-daemon.js

@@ -39,10 +39,29 @@ import { fileURLToPath } from 'url';
 import { spawn, exec } from 'child_process';
 import { promisify } from 'util';
 import { homedir, tmpdir } from 'os';
-import { existsSync, appendFileSync } from 'fs';
-import { join } from 'path';
+import { existsSync, appendFileSync, readFileSync, unlinkSync } from 'fs';
+import { join, dirname } from 'path';
 // NOTE: PID locking is handled by agent-process at the platform level (launchd/systemd/pm2).
 // Signal handling and heartbeat management are handled inline below.
+
+// File-based session registry — imported lazily so daemon can start without it
+// fileURLToPath is imported from 'url' at line 38.
+// REGISTRY_UNAVAILABLE is a no-op sentinel returned on transient import failure.
+// Callers guard with `if (!registry.readAllSessionFiles) return` so null-deref is safe.
+// _registry stays null so the next scan cycle retries the import automatically.
+const REGISTRY_UNAVAILABLE = Object.freeze({ readAllSessionFiles: null, isClaudePidAlive: null });
+let _registry = null;
+async function getRegistry() {
+  if (_registry) return _registry;
+  try {
+    const registryPath = join(dirname(fileURLToPath(import.meta.url)), 'session-file-registry.js');
+    _registry = await import(registryPath);
+  } catch (e) {
+    console.warn('[daemon] session-file-registry not available (will retry next scan):', e.message);
+    return REGISTRY_UNAVAILABLE;
+  }
+  return _registry;
+}
 // The following were removed in PRD-0025 migration:
 //   - pid-manager.js (replaced by agent-process platform locking)
 //   - lifecycle.js (replaced by inline signal handlers)
@@ -54,6 +73,7 @@ import {
   executeTaskTurn,
   stopTask,
   stopAllTasks,
+  stopTasksForSession,
 } from './task-executor-v2.js';
 
 // Transcript ingestion for timeline completeness
@@ -86,6 +106,8 @@ const CLAUDE_CLI = process.env.CLAUDE_CLI_PATH || 'claude'; // Configurable Clau
 const ALLOW_ALL_COMMANDS = process.env.TELEPORTATION_DAEMON_ALLOW_ALL_COMMANDS === 'true';
 const HEARTBEAT_INTERVAL_MS = parseInt(process.env.DAEMON_HEARTBEAT_INTERVAL_MS || '30000', 10); // 30 sec default
 const HEARTBEAT_CHECK_INTERVAL_MS = parseInt(process.env.DAEMON_HEARTBEAT_CHECK_INTERVAL_MS || '60000', 10); // 1 min default
+// How long a PID must be dead before the daemon marks the session stopped (ms)
+const DEAD_PID_THRESHOLD_MS = parseInt(process.env.DAEMON_DEAD_PID_THRESHOLD_MS || '60000', 10); // 60s default
 
 // Message routing configuration
 // REQUIRE_COMMAND_WHITELIST: If true, use legacy shell execution with command whitelist
@@ -109,6 +131,29 @@ const ROUTER_MAX_ESCALATIONS = parseInt(process.env.TELEPORTATION_ROUTER_MAX_ESC
 // Debug logging configuration
 const DEBUG = process.env.TELEPORTATION_DEBUG === 'true';
 const LOG_DIR = process.env.TELEPORTATION_LOG_DIR || tmpdir();
+const SESSION_LOG_FILE = join(homedir(), '.teleportation', 'session-events.log');
+
+/**
+ * Append a register event to the session log so daemon restarts can recover
+ * full session metadata (hostname, branch, etc.) and re-register correctly
+ * after a Redis TTL expiry.
+ */
+function appendSessionRegisterLog(session) {
+  try {
+    const line = JSON.stringify({
+      type: 'register',
+      session_id: session.session_id,
+      claude_session_id: session.claude_session_id,
+      pid: session.pid || null,
+      cwd: session.cwd,
+      meta: session.meta,
+      timestamp: session.registered_at || Date.now()
+    }) + '\n';
+    appendFileSync(SESSION_LOG_FILE, line);
+  } catch (err) {
+    if (DEBUG) console.error(`[daemon] Failed to append session log: ${err.message}`);
+  }
+}
 
 /**
  * Cross-platform debug logging utility
@@ -242,6 +287,13 @@ const stoppedSessions = new Set();
 // Session activity tracking for cleanup
 const sessionActivity = new Map(); // sessionId -> lastActivityTimestamp
 
+// PID liveness tracking (Bug 2):
+// Caches the Claude PID per session to avoid re-reading the session file every poll cycle.
+// lastPidCheck throttles the PID check to at most once every PID_CHECK_INTERVAL_MS per session.
+const sessionPidCache = new Map();   // sessionId -> number (claude_pid)
+const lastPidCheck = new Map();      // sessionId -> number (timestamp of last check)
+const PID_CHECK_INTERVAL_MS = parseInt(process.env.DAEMON_PID_CHECK_INTERVAL_MS || '30000', 10); // 30s default
+
 // Transcript ingestion throttling: Prevents concurrent ingestion runs per session
 // Map<session_id, Promise> tracks in-progress ingestion promises
 // If ingestion takes >5 seconds, prevents stacking multiple concurrent calls
@@ -270,6 +322,8 @@ setInterval(() => {
       sessionActivity.delete(sessionId);
       heartbeatState.delete(sessionId);
       heartbeatFailureLogged.delete(sessionId);
+      sessionPidCache.delete(sessionId);
+      lastPidCheck.delete(sessionId);
       sessionCleanedCount++;
 
       if (process.env.DEBUG) {
@@ -787,7 +841,11 @@ async function handleRequest(req, res) {
         }
       }
 
-      sessions.set(session_id, {
+      // Clear stale PID cache so the new session's PID is read fresh from marker file
+      sessionPidCache.delete(session_id);
+      lastPidCheck.delete(session_id);
+
+      const sessionEntry = {
         session_id,
         claude_session_id: claude_session_id || session_id, // Fallback to session_id if not provided
         cwd: cwd || process.cwd(),
@@ -796,7 +854,10 @@ async function handleRequest(req, res) {
           daemon_pid: process.pid // Add daemon PID to metadata
         },
         registered_at: Date.now()
-      });
+      };
+      sessions.set(session_id, sessionEntry);
+      // Persist to log so daemon restarts can recover full meta for re-registration
+      appendSessionRegisterLog(sessionEntry);
 
       console.log(`[daemon] Session registered: ${session_id} (claude_id: ${claude_session_id || session_id}) (daemon_pid: ${process.pid}) (cwd: ${cwd || process.cwd()})`);
       
@@ -1144,6 +1205,67 @@ async function handleInboxMessage(session_id, message) {
         return;
       }
 
+      // Check for paused tasks — route message to task instead of spawning new process.
+      // This adds one relay round-trip per inbox message, but only fires for 'command' type
+      // messages (user-initiated from mobile), not for auto-continue or approval messages.
+      // Future optimization: include paused task info in the session polling response.
+      try {
+        const tasksResp = await fetch(
+          `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/tasks`,
+          { headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }, signal: AbortSignal.timeout(5000) }
+        );
+        if (tasksResp.ok) {
+          const tasks = await tasksResp.json();
+          const pausedTasks = tasks.filter(t => t.status === 'paused' || t.status === 'waiting_input');
+          if (pausedTasks.length > 1) {
+            logWarn(`[daemon] ⚠️  Multiple paused tasks (${pausedTasks.length}) for session ${session_id} — routing to first`);
+          }
+          const pausedTask = pausedTasks[0];
+          if (pausedTask) {
+            logInfo(`[daemon] 📨 Routing message to paused task ${pausedTask.id.slice(0, 20)}... (status: ${pausedTask.status})`);
+
+            let routeResp;
+            if (pausedTask.status === 'waiting_input') {
+              // Task is waiting for user input — use the answer endpoint
+              routeResp = await fetch(
+                `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/tasks/${encodeURIComponent(pausedTask.id)}/answer`,
+                {
+                  method: 'POST',
+                  headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${RELAY_API_KEY}` },
+                  body: JSON.stringify({ answer: commandText })
+                }
+              );
+            } else {
+              // Task is paused — use redirect to set new instructions and resume
+              routeResp = await fetch(
+                `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/tasks/${encodeURIComponent(pausedTask.id)}/redirect`,
+                {
+                  method: 'POST',
+                  headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${RELAY_API_KEY}` },
+                  body: JSON.stringify({ instruction: commandText })
+                }
+              );
+            }
+
+            if (routeResp.ok) {
+              logInfo(`[daemon] ✅ Message routed to task, will resume on next poll cycle`);
+              // Acknowledge the inbox message
+              await fetch(`${RELAY_API_URL}/api/messages/${encodeURIComponent(message.id)}/ack`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${RELAY_API_KEY}` },
+                body: JSON.stringify({ session_id })
+              }).catch(() => {});
+              return; // Don't spawn a new process
+            }
+            // If route failed (e.g. wrong status), fall through to normal execution
+            logWarn(`[daemon] Failed to route message to task (${routeResp.status}), falling back to normal execution`);
+          }
+        }
+      } catch (taskCheckError) {
+        // Non-critical — fall through to normal execution
+        logWarn(`[daemon] Task check failed: ${taskCheckError.message}`);
+      }
+
       // Invalidate pending approvals BEFORE executing new command
       // This prevents race conditions where stale approvals could be acted upon
       try {
@@ -1466,6 +1588,100 @@ async function sendHeartbeat(session_id) {
   }
 }
 
+/**
+ * Check if a Claude PID is still alive.
+ * Uses signal 0 (no signal sent, just existence check).
+ * CROSS-REFERENCE: pid-liveness.test.js has an equivalent local implementation.
+ * If this logic changes, update the test copy to match.
+ * @param {number} pid - Process ID to check
+ * @returns {boolean} true if process exists, false otherwise
+ */
+function isPidAlive(pid) {
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (e) {
+    // EPERM means process exists but we lack permission to signal it (different user/container)
+    return e.code === 'EPERM';
+  }
+}
+
+/**
+ * Read Claude PID from session marker file.
+ * Caches the PID per session to avoid reading the file on every poll cycle.
+ * CROSS-REFERENCE: pid-liveness.test.js has an equivalent local implementation
+ * (without cache). If this file-reading logic changes, update the test copy to match.
+ * @param {string} session_id - Session ID
+ * @returns {number|null} Claude PID or null if unavailable
+ */
+function getSessionPid(session_id) {
+  // Check cache first
+  if (sessionPidCache.has(session_id)) {
+    return sessionPidCache.get(session_id);
+  }
+
+  // Read from marker file
+  const sessionFile = join(tmpdir(), `teleportation-session-${session_id}.json`);
+  try {
+    const content = readFileSync(sessionFile, 'utf8');
+    const data = JSON.parse(content);
+    const pid = data.claude_pid;
+    if (typeof pid === 'number' && pid > 0) {
+      sessionPidCache.set(session_id, pid);
+      return pid;
+    }
+  } catch {
+    // File doesn't exist or can't be read - return null (no PID available)
+  }
+  return null;
+}
+
+/**
+ * Clean up a dead session: remove from all tracking maps, deregister from relay,
+ * and delete marker file.
+ * @param {string} session_id - Session ID to clean up
+ * @param {number|null} pid - The dead PID (for logging)
+ */
+async function cleanupDeadSession(session_id, pid) {
+  logInfo(`[daemon] PID ${pid} for session ${session_id.slice(0, 8)}... is dead - cleaning up`);
+
+  // Remove from all tracking maps
+  sessions.delete(session_id);
+  sessionActivity.delete(session_id);
+  heartbeatState.delete(session_id);
+  heartbeatFailureLogged.delete(session_id);
+  sessionPidCache.delete(session_id);
+  lastPidCheck.delete(session_id);
+  ingestionInProgress.delete(session_id);
+  stoppedSessions.add(session_id); // Prevent re-activation from stale registration attempts
+
+  // Delete marker file
+  const sessionFile = join(tmpdir(), `teleportation-session-${session_id}.json`);
+  try {
+    unlinkSync(sessionFile);
+  } catch {
+    // File may already be deleted
+  }
+
+  // Deregister from relay (best-effort)
+  try {
+    await fetch(
+      `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/end`,
+      {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${RELAY_API_KEY}`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({ reason: 'pid_dead' }),
+        signal: AbortSignal.timeout(5000)
+      }
+    );
+  } catch {
+    // Best-effort - relay will eventually expire the session via heartbeat timeout
+  }
+}
+
 /**
  * Relay API Polling Loop
  * Polls relay API every 5 seconds for approved requests
@@ -1491,8 +1707,96 @@ async function pollRelayAPI() {
       // Debug: Log to file for visibility
       debugLog('daemon-poll-debug.log', `Polling session ${session_id}`);
 
-      // Update activity timestamp for cleanup tracking
-      sessionActivity.set(session_id, Date.now());
+      // PID liveness check (Bug 2):
+      // Instead of unconditionally refreshing sessionActivity, check if the Claude
+      // process is still alive. Only update activity if PID is confirmed alive.
+      // Throttled to at most once per PID_CHECK_INTERVAL_MS per session.
+      const pidCheckNow = Date.now();
+      const lastCheck = lastPidCheck.get(session_id) || 0;
+      if (pidCheckNow - lastCheck >= PID_CHECK_INTERVAL_MS) {
+        lastPidCheck.set(session_id, pidCheckNow);
+        const pid = getSessionPid(session_id);
+        if (pid !== null && !isPidAlive(pid)) {
+          // PID is dead - clean up and skip this session
+          await cleanupDeadSession(session_id, pid);
+          continue;
+        }
+        // PID is alive (or no PID file exists - backward compat: treat as alive)
+        sessionActivity.set(session_id, pidCheckNow);
+      }
+      // Between PID checks, do NOT refresh sessionActivity - let the cleanup
+      // sweep use the last confirmed-alive timestamp.
+
+      // 0) Check for stop_requested flag (mobile stop button)
+      // Uses daemon-state endpoint (lightweight) instead of full session fetch
+      try {
+        const stopCheckResponse = await fetch(
+          `${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`,
+          {
+            headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` },
+            signal: AbortSignal.timeout(5000)
+          }
+        );
+
+        if (stopCheckResponse.ok) {
+          const daemonState = await stopCheckResponse.json();
+
+          if (daemonState.stop_requested) {
+            logInfo(`[daemon] 🛑 Stop requested for session ${session_id} — killing running processes`);
+
+            // Kill any running approval execution processes for this session
+            let killedExecution = false;
+            for (const [approval_id, exec] of executions) {
+              if (exec.session_id === session_id && exec.status === 'executing' && exec.child_process) {
+                try {
+                  const child = exec.child_process;
+                  child.kill('SIGTERM');
+                  // Track SIGKILL timer so it can be cancelled if process exits cleanly
+                  const killTimer = setTimeout(() => {
+                    try { child.kill('SIGKILL'); } catch {}
+                  }, 2000);
+                  child.once('exit', () => clearTimeout(killTimer));
+                  killedExecution = true;
+                  logInfo(`[daemon] Killed execution process for approval ${approval_id}`);
+                } catch (killErr) {
+                  logWarn(`[daemon] Failed to kill execution ${approval_id}: ${killErr.message}`);
+                }
+              }
+            }
+
+            // Kill any running task processes for this session
+            const killedTaskCount = stopTasksForSession(session_id);
+            const killedTask = killedTaskCount > 0;
+            if (killedTask) {
+              logInfo(`[daemon] Killed ${killedTaskCount} task process(es) for session ${session_id}`);
+            }
+
+            // Clear stop_requested flag
+            try {
+              await fetch(`${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`, {
+                method: 'PATCH',
+                headers: {
+                  'Content-Type': 'application/json',
+                  'Authorization': `Bearer ${RELAY_API_KEY}`
+                },
+                body: JSON.stringify({ stop_requested: false })
+              });
+              logInfo(`[daemon] Cleared stop_requested flag for session ${session_id}`);
+            } catch (clearErr) {
+              logWarn(`[daemon] Failed to clear stop_requested: ${clearErr.message}`);
+            }
+
+            if (!killedExecution && !killedTask) {
+              logInfo(`[daemon] No running processes found to stop for session ${session_id}`);
+            }
+          }
+        }
+      } catch (stopCheckError) {
+        // Don't block polling if stop check fails
+        if (stopCheckError.name !== 'AbortError') {
+          logWarn(`[daemon] Stop check error for ${session_id}: ${stopCheckError.message}`);
+        }
+      }
 
       // 1) Approvals polling (existing behavior)
       try {
@@ -1603,8 +1907,8 @@ async function pollRelayAPI() {
 
           // Process each task (stateless - queries timeline each time)
           for (const task of tasks) {
-            // Skip stopped/completed tasks
-            if (task.status === 'stopped' || task.status === 'completed') {
+            // Skip non-runnable tasks (paused tasks wait for user message to resume)
+            if (task.status === 'stopped' || task.status === 'completed' || task.status === 'paused') {
               continue;
             }
 
@@ -1643,11 +1947,21 @@ async function pollRelayAPI() {
       const claude_session_id = sessionData.claude_session_id || session_id;
       const cwd = sessionData.cwd || process.cwd();
 
+      // 4) Heartbeat - send periodically to keep session alive
+      // Must run before ingestion throttle check — ingestion `continue` must not skip heartbeats
+      const now = Date.now();
+      const sessionHeartbeat = heartbeatState.get(session_id);
+      const lastSent = sessionHeartbeat?.lastSent || 0;
+      if (now - lastSent >= SESSION_HEARTBEAT_INTERVAL_MS) {
+        await sendHeartbeat(session_id);
+      }
+
+      // 5) Transcript ingestion - backup to stop hook for timeline completeness
       // Throttling: Check if ingestion is already in progress for this session
       // Prevents concurrent ingestion runs that could cause race conditions
       if (ingestionInProgress.has(session_id)) {
         debugLog('daemon-transcript-debug.log', `Ingestion already in progress for ${session_id}, skipping`);
-        // Skip this polling cycle for this session
+        // Skip ingestion this cycle (heartbeat already sent above)
         continue;
       }
 
@@ -1680,15 +1994,6 @@ async function pollRelayAPI() {
 
       // Track the promise (but don't await - fire-and-forget)
       ingestionInProgress.set(session_id, ingestionPromise);
-
-      // 5) Heartbeat - send periodically to keep session alive
-      // Only send heartbeat if enough time has passed since last one (throttled per session)
-      const now = Date.now();
-      const sessionHeartbeat = heartbeatState.get(session_id);
-      const lastSent = sessionHeartbeat?.lastSent || 0;
-      if (now - lastSent >= SESSION_HEARTBEAT_INTERVAL_MS) {
-        await sendHeartbeat(session_id);
-      }
     }
 
     // Process approval queue
@@ -1823,6 +2128,7 @@ async function processQueue() {
   // Mark as executing (child_process will be set when spawnClaudeProcess is called)
   executions.set(approval_id, {
     approval_id,
+    session_id,
     status: 'executing',
     started_at: Date.now(),
     completed_at: null,
@@ -2685,8 +2991,6 @@ async function cleanup() {
  * Enables daemon to recover sessions after restart
  */
 async function discoverSessionsFromLog() {
-  const SESSION_LOG_FILE = join(homedir(), '.teleportation', 'session-events.log');
-
   try {
     const { readFile } = await import('fs/promises');
     const content = await readFile(SESSION_LOG_FILE, 'utf8');
@@ -2771,8 +3075,6 @@ async function discoverSessionsFromLog() {
  * Keeps only active sessions to prevent unbounded growth
  */
 async function compactSessionLog(activeSessions) {
-  const SESSION_LOG_FILE = join(homedir(), '.teleportation', 'session-events.log');
-
   try {
     const { writeFile } = await import('fs/promises');
 
@@ -2813,22 +3115,39 @@ async function compactSessionLog(activeSessions) {
 async function main() {
   console.log('[daemon] Main function started.');
 
-  // Load credentials from encrypted file if not in environment
-  if (!RELAY_API_KEY) {
+  // Load credentials from encrypted file if not in environment, OR if the env var
+  // looks like a relay service key (raw hex, no 'tp_' prefix) rather than a user API key.
+  // This handles the case where Bun auto-loads relay/.env when the daemon cwd is /relay,
+  // injecting a hex service key that causes all heartbeats to fail with 404.
+  const envKeyIsServiceKey = RELAY_API_KEY && !RELAY_API_KEY.startsWith('tp_');
+  if (!RELAY_API_KEY || envKeyIsServiceKey) {
     try {
-      console.log('[daemon] RELAY_API_KEY not in environment, loading from credentials file...');
+      console.log(
+        envKeyIsServiceKey
+          ? '[daemon] RELAY_API_KEY looks like a service key (no tp_ prefix), loading user credentials from encrypted file...'
+          : '[daemon] RELAY_API_KEY not in environment, loading from credentials file...'
+      );
       const credManager = new CredentialManager();
       const creds = await credManager.load();
       if (creds && creds.apiKey) {
         RELAY_API_KEY = creds.apiKey;
-        RELAY_API_URL = creds.relayUrl || RELAY_API_URL;
+        RELAY_API_URL = creds.relayApiUrl || creds.relayUrl || RELAY_API_URL;
         console.log('[daemon] ✅ Loaded credentials from encrypted file');
+      } else if (envKeyIsServiceKey) {
+        console.warn('[daemon] ⚠️  No user credentials found — refusing to use service key for heartbeats');
+        RELAY_API_KEY = '';
       } else {
         console.warn('[daemon] ⚠️  No API key found in credentials file');
       }
     } catch (e) {
-      console.warn('[daemon] ⚠️  Failed to load credentials:', e.message);
-      console.warn('[daemon] Daemon will run but cannot authenticate with relay API');
+      if (envKeyIsServiceKey) {
+        console.warn('[daemon] ⚠️  Failed to load credentials and env key is a service key:', e.message);
+        console.warn('[daemon] Clearing service key — daemon will run without relay auth');
+        RELAY_API_KEY = '';
+      } else {
+        console.warn('[daemon] ⚠️  Failed to load credentials:', e.message);
+        console.warn('[daemon] Daemon will run but cannot authenticate with relay API');
+      }
     }
   } else {
     console.log('[daemon] Using RELAY_API_KEY from environment');
@@ -2890,6 +3209,41 @@ async function main() {
           });
           if (!hbResponse.ok) {
             const errMsg = `HTTP ${hbResponse.status}`;
+
+            // 404 means session expired from Redis — try to re-register it.
+            // The relay heartbeat endpoint also attempts recovery from mech-storage,
+            // but if that fails (e.g., session never persisted), daemon-side re-registration
+            // ensures the session is recreated with correct metadata.
+            if (hbResponse.status === 404) {
+              const sessionData = sessions.get(sessionId);
+              try {
+                const regResponse = await fetch(`${RELAY_API_URL}/api/sessions/register`, {
+                  method: 'POST',
+                  headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${RELAY_API_KEY}`
+                  },
+                  body: JSON.stringify({
+                    session_id: sessionId,
+                    claude_session_id: sessionData?.claude_session_id || undefined,
+                    cwd: sessionData?.cwd || process.cwd(),
+                    meta: sessionData?.meta || {}
+                  }),
+                  signal: AbortSignal.timeout(5000)
+                });
+                if (regResponse.ok) {
+                  console.log(`[daemon] Re-registered expired session ${sessionId} after heartbeat 404`);
+                  // Clear failure tracking so next heartbeat is treated fresh
+                  heartbeatFailureLogged.delete(sessionId);
+                  continue; // Skip failure logging — session recovered
+                } else {
+                  console.warn(`[daemon] Failed to re-register session ${sessionId}: HTTP ${regResponse.status}`);
+                }
+              } catch (regErr) {
+                console.warn(`[daemon] Re-registration attempt failed for ${sessionId}: ${regErr.message}`);
+              }
+            }
+
             if (!heartbeatFailureLogged.has(sessionId)) {
               heartbeatFailureLogged.add(sessionId);
               console.warn(`[daemon] Heartbeat rejected for ${sessionId}: ${errMsg} (further failures for this session suppressed unless DEBUG is set)`);
@@ -2912,6 +3266,85 @@ async function main() {
     }, HEARTBEAT_INTERVAL_MS);
     console.log(`[daemon] Session heartbeat interval started (${HEARTBEAT_INTERVAL_MS / 1000}s)`);
 
+    // PID-based session file scan: discover sessions written by session_start.mjs hooks
+    // and check liveness via OS process table rather than waiting for hooks to re-register.
+    const scanSessionFiles = async () => {
+      if (isShuttingDown) return;
+      const registry = await getRegistry();
+      if (!registry.readAllSessionFiles || !registry.isClaudePidAlive) return;
+
+      let records;
+      try { records = await registry.readAllSessionFiles(); } catch { return; }
+
+      for (const record of records) {
+        const { session_id, claude_pid, cwd, meta, acked, ended } = record;
+        if (!session_id || !claude_pid) continue;
+
+        // Fast path: session already ended
+        if (ended) {
+          if (sessions.has(session_id)) {
+            sessions.delete(session_id);
+            console.log(`[daemon] Session ${session_id.slice(0,8)} ended (file flag)`);
+          }
+          try { await registry.deleteSessionFile(session_id); } catch {}
+          continue;
+        }
+
+        const alive = await registry.isClaudePidAlive(claude_pid);
+
+        if (!sessions.has(session_id) && alive) {
+          // New session discovered via file — add to Map and ack
+          // claude_session_id is intentionally set to session_id here: session files
+          // don't store the Anthropic-assigned claude session ID (not available at
+          // hook time). The daemon only uses session_id for heartbeats/relay calls;
+          // claude_session_id is only needed for --resume, which goes through the HTTP
+          // registration path or agentic-executor, not file-based discovery.
+          sessions.set(session_id, { session_id, claude_session_id: session_id, cwd, meta: meta || {}, claude_pid });
+          try { await registry.ackSessionFile(session_id, process.pid); } catch {}
+          console.log(`[daemon] Discovered session ${session_id.slice(0,8)} (PID ${claude_pid}, project: ${meta?.project_name || 'unknown'})`);
+          // Send immediate heartbeat so relay shows it active right away
+          try {
+            await fetch(`${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/heartbeat`, {
+              method: 'POST',
+              headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${RELAY_API_KEY}` },
+              body: JSON.stringify({ timestamp: Date.now() }),
+              signal: AbortSignal.timeout(5000)
+            });
+          } catch {}
+        } else if (sessions.has(session_id) && !alive) {
+          // Track when PID first went dead
+          const sessionData = sessions.get(session_id);
+          const now = Date.now();
+          if (!sessionData._pid_dead_since) {
+            sessionData._pid_dead_since = now;
+            console.log(`[daemon] Session ${session_id.slice(0,8)} PID ${claude_pid} no longer alive — starting ${DEAD_PID_THRESHOLD_MS / 1000}s grace period`);
+          } else if (now - sessionData._pid_dead_since >= DEAD_PID_THRESHOLD_MS) {
+            // Grace period expired — mark stopped
+            sessions.delete(session_id);
+            try { await registry.deleteSessionFile(session_id); } catch {}
+            console.log(`[daemon] Session ${session_id.slice(0,8)} marked stopped (PID dead > ${DEAD_PID_THRESHOLD_MS / 1000}s)`);
+            try {
+              await fetch(`${RELAY_API_URL}/api/sessions/${encodeURIComponent(session_id)}/daemon-state`, {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${RELAY_API_KEY}` },
+                body: JSON.stringify({ status: 'stopped', stopped_reason: 'pid_dead' }),
+                signal: AbortSignal.timeout(5000)
+              });
+            } catch {}
+          }
+        } else if (!sessions.has(session_id) && !alive) {
+          // Stale file for a dead PID we never tracked — clean up
+          try { await registry.deleteSessionFile(session_id); } catch {}
+        }
+      }
+    };
+
+    // Run scan on startup to recover sessions from a daemon restart
+    scanSessionFiles().catch(e => console.warn('[daemon] Initial session file scan failed:', e.message));
+    // Then scan on every heartbeat cycle
+    setInterval(scanSessionFiles, HEARTBEAT_INTERVAL_MS);
+    console.log(`[daemon] PID-based session file scan active (${HEARTBEAT_INTERVAL_MS / 1000}s interval)`);
+
     // Start polling loop
     console.log('[daemon] Starting relay API polling...');
     pollRelayAPI();
@@ -2982,7 +3415,14 @@ const __test = {
   // Stopped sessions test helpers
   _getStoppedSessions: () => stoppedSessions,
   _addStoppedSession: (session_id) => stoppedSessions.add(session_id),
-  _clearStoppedSessions: () => stoppedSessions.clear()
+  _clearStoppedSessions: () => stoppedSessions.clear(),
+  // PID liveness test helpers (Bug 2)
+  isPidAlive,
+  getSessionPid,
+  cleanupDeadSession,
+  _getSessionPidCache: () => sessionPidCache,
+  _getLastPidCheck: () => lastPidCheck,
+  _getSessionActivity: () => sessionActivity,
 };
 
 // Test helper to register a session