typeclaw 0.27.0 → 0.28.0

package/src/channels/github-review-turn-ledger.ts

@@ -0,0 +1,71 @@
+// In-process record of REAL github review actions performed during the current
+// turn, shared across two plugin boundaries: github-cli-auth records a formal
+// review / thread-resolve here after the `gh` command SUCCEEDS, and channel-reply
+// consults it before sending a verdict/close-out reply. If the agent claims a
+// verdict in prose but this ledger shows no matching action this turn, the reply
+// is a false receipt (see channel-reply.ts). State is per-session and reset at
+// turn start, so a claim must be backed by an action in the SAME turn.
+
+export type ReviewVerdict = 'APPROVE' | 'REQUEST_CHANGES'
+
+type PrKey = string
+type ThreadKey = string
+
+const reviewsByPr = new Map<PrKey, Set<ReviewVerdict>>()
+const resolvedThreads = new Set<ThreadKey>()
+
+function prKey(sessionId: string, workspace: string, prNumber: number): PrKey {
+  return `${sessionId}::${workspace}::${prNumber}`
+}
+
+function threadKey(sessionId: string, workspace: string, prNumber: number, rootCommentId: string): ThreadKey {
+  return `${sessionId}::${workspace}::${prNumber}::${rootCommentId}`
+}
+
+export function resetReviewTurn(sessionId: string): void {
+  for (const key of reviewsByPr.keys()) {
+    if (key.startsWith(`${sessionId}::`)) reviewsByPr.delete(key)
+  }
+  for (const key of resolvedThreads) {
+    if (key.startsWith(`${sessionId}::`)) resolvedThreads.delete(key)
+  }
+}
+
+export function recordReview(args: {
+  sessionId: string
+  workspace: string
+  prNumber: number
+  verdict: ReviewVerdict
+}): void {
+  const key = prKey(args.sessionId, args.workspace, args.prNumber)
+  const set = reviewsByPr.get(key) ?? new Set<ReviewVerdict>()
+  set.add(args.verdict)
+  reviewsByPr.set(key, set)
+}
+
+export function hasReview(args: {
+  sessionId: string
+  workspace: string
+  prNumber: number
+  verdict: ReviewVerdict
+}): boolean {
+  return reviewsByPr.get(prKey(args.sessionId, args.workspace, args.prNumber))?.has(args.verdict) ?? false
+}
+
+export function recordResolvedThread(args: {
+  sessionId: string
+  workspace: string
+  prNumber: number
+  rootCommentId: string
+}): void {
+  resolvedThreads.add(threadKey(args.sessionId, args.workspace, args.prNumber, args.rootCommentId))
+}
+
+export function hasResolvedThread(args: {
+  sessionId: string
+  workspace: string
+  prNumber: number
+  rootCommentId: string
+}): boolean {
+  return resolvedThreads.has(threadKey(args.sessionId, args.workspace, args.prNumber, args.rootCommentId))
+}

package/src/channels/persistence.ts

@@ -1,4 +1,4 @@
-import { mkdir, readdir, readFile, writeFile } from 'node:fs/promises'
+import { mkdir, readFile, writeFile } from 'node:fs/promises'
 import { dirname, join } from 'node:path'
 
 import type { ChannelParticipant } from '@/agent/session-origin'
@@ -16,10 +16,8 @@ const FILE_VERSION = 4
 // UUID, which never matches on disk — every restart silently creates a
 // fresh session and the channel loses its transcript memory.
 //
-// `sessionFile` is optional because v2 records (pre-fix) only carried the
-// UUID. Those are migrated in-place at load time by globbing the sessions
-// directory for `*_${sessionId}.jsonl`; if no match is found the file is
-// considered lost and reopen will fall back to a fresh session.
+// `sessionFile` is optional because a session can exist in memory before a
+// transcript path is known; reopen falls back to a fresh session when absent.
 export type ChannelSessionRecord = {
   adapter: AdapterId
   workspace: string
@@ -36,16 +34,6 @@ type FileV4 = {
   sessions: ChannelSessionRecord[]
 }
 
-type FileV3 = {
-  version: 3
-  sessions: ChannelSessionRecord[]
-}
-
-type FileV2 = {
-  version: 2
-  sessions: Array<Omit<ChannelSessionRecord, 'sessionFile'>>
-}
-
 export type ChannelSessionsLogger = {
   info: (msg: string) => void
   warn: (msg: string) => void
@@ -62,10 +50,6 @@ export function channelsSessionsPath(agentDir: string): string {
   return join(agentDir, 'channels', 'sessions.json')
 }
 
-function sessionsDirOf(agentDir: string): string {
-  return join(agentDir, 'sessions')
-}
-
 export async function loadChannelSessions(
   agentDir: string,
   logger: ChannelSessionsLogger = consoleLogger,
@@ -94,21 +78,7 @@ export async function loadChannelSessions(
     if (!Array.isArray(file.sessions)) return []
     return file.sessions.filter(isValidRecord)
   }
-  if (version === 3) {
-    const file = parsed as FileV3
-    if (!Array.isArray(file.sessions)) return []
-    return migrateV3ToV4(file.sessions.filter(isValidRecord), logger)
-  }
-  if (version === 2) {
-    const file = parsed as FileV2
-    if (!Array.isArray(file.sessions)) return []
-    const v2Records = file.sessions.filter(isValidV2Record)
-    const v3Records = await migrateV2Records(agentDir, v2Records, logger)
-    return migrateV3ToV4(v3Records, logger)
-  }
-  logger.warn(
-    `[channels] ${path} version ${String(version)} not supported (expected 2, 3, or ${FILE_VERSION}); ignored`,
-  )
+  logger.warn(`[channels] ${path} version ${String(version)} not supported (expected ${FILE_VERSION}); ignored`)
   return []
 }
 
@@ -130,59 +100,6 @@ export async function saveChannelSessions(
   }
 }
 
-// One-shot migration from v2 (sessionId only) to v3 (sessionId + sessionFile).
-// pi-coding-agent writes session files as `${ISO_TIMESTAMP}_${UUID}.jsonl`,
-// so we look for any file ending in `_${sessionId}.jsonl`. If a directory
-// scan fails we leave sessionFile undefined; the next reopen attempt will
-// fall back to a fresh session (the same broken behavior v2 had — but at
-// least the next successful create will populate sessionFile correctly and
-// we'll be migrated forward.)
-async function migrateV2Records(
-  agentDir: string,
-  v2Records: readonly (Omit<ChannelSessionRecord, 'sessionFile' | 'sessionId'> & { sessionId: string })[],
-  logger: ChannelSessionsLogger,
-): Promise<ChannelSessionRecord[]> {
-  if (v2Records.length === 0) return []
-  const sessionsDir = sessionsDirOf(agentDir)
-  let entries: string[]
-  try {
-    entries = await readdir(sessionsDir)
-  } catch {
-    logger.warn(`[channels] could not scan ${sessionsDir} for v2→v3 migration; sessionFile left empty`)
-    return v2Records.map((r) => ({ ...r }))
-  }
-  // pi-coding-agent writes files as `${ISO_TIMESTAMP}_${UUID}.jsonl` where
-  // the ISO timestamp uses `-` (no `_`) and the UUID may contain `-`. Split
-  // on the FIRST underscore so the trailing portion is the full UUID even
-  // when the UUID contains hyphens.
-  const bySessionIdSuffix = new Map<string, string>()
-  for (const entry of entries) {
-    if (!entry.endsWith('.jsonl')) continue
-    const underscore = entry.indexOf('_')
-    if (underscore < 0) continue
-    const trailing = entry.slice(underscore + 1, -'.jsonl'.length)
-    bySessionIdSuffix.set(trailing, entry)
-  }
-  return v2Records.map((r) => {
-    const matched = bySessionIdSuffix.get(r.sessionId)
-    if (matched === undefined) {
-      logger.warn(
-        `[channels] v2→v3: no session file matching *_${r.sessionId}.jsonl in ${sessionsDir}; ` +
-          `sessionFile left empty (next inbound will create a fresh session for ${r.adapter}:${r.chat}:${r.thread ?? ''})`,
-      )
-      return { ...r }
-    }
-    return { ...r, sessionFile: matched }
-  })
-}
-
-function migrateV3ToV4(v3Records: ChannelSessionRecord[], logger: ChannelSessionsLogger): ChannelSessionRecord[] {
-  logger.info(
-    `[channels] v3→v4: ${v3Records.length} record(s) migrated; first post-upgrade inbound will force fresh session`,
-  )
-  return v3Records.map((r) => ({ ...r, lastInboundAt: 0 }))
-}
-
 function dedupe(sessions: readonly ChannelSessionRecord[]): ChannelSessionRecord[] {
   const seen = new Map<string, ChannelSessionRecord>()
   for (const s of sessions) {
@@ -208,21 +125,6 @@ function isObject(v: unknown): v is Record<string, unknown> {
   return typeof v === 'object' && v !== null && !Array.isArray(v)
 }
 
-function isValidV2Record(
-  v: unknown,
-): v is Omit<ChannelSessionRecord, 'sessionFile' | 'sessionId'> & { sessionId: string } {
-  if (!isObject(v)) return false
-  const r = v as Record<string, unknown>
-  return (
-    typeof r.adapter === 'string' &&
-    typeof r.workspace === 'string' &&
-    typeof r.chat === 'string' &&
-    (r.thread === null || typeof r.thread === 'string') &&
-    typeof r.sessionId === 'string' &&
-    Array.isArray(r.participants)
-  )
-}
-
 function isValidRecord(v: unknown): v is ChannelSessionRecord {
   if (!isObject(v)) return false
   const r = v as Record<string, unknown>

package/src/channels/router.ts

@@ -32,6 +32,7 @@ import {
   StickyLedger,
   type EngagementDecision,
 } from './engagement'
+import { resetReviewTurn } from './github-review-turn-ledger'
 import {
   MEMBERSHIP_COLD_FETCH_TIMEOUT_MS,
   type MembershipCount,
@@ -1844,6 +1845,7 @@ export function createChannelRouter(options: CreateChannelRouterOptions): Channe
         live.successfulSendsAtTurnStart = successfulSendsBeforePrompt
         live.skipLockedSendTurn = null
         live.policyDeniedToolSendsThisTurn.clear()
+        resetReviewTurn(live.sessionId)
         const isRealUserTurn = batch.length > 0
         await fireSessionTurnStart(live, text)
         try {

package/src/channels/schema.ts

@@ -107,11 +107,9 @@ const quotedReplySchema = z
   .default({ enabled: true, queueDelayMs: DEFAULT_QUOTED_REPLY_QUEUE_DELAY_MS })
 
 // Deliberately non-strict: a stale on-disk file may still carry the
-// legacy `allow` field (`migrateLegacyConfigShape` lifts it into
-// `roles.member.match[]` on load, but a between-reload window can
-// briefly contain both). Zod silently drops unknown keys here, which is
-// exactly what we want — a hard `.strict()` reject would brick recovery
-// for any user mid-migration.
+// legacy `allow` field. Zod silently drops unknown keys here, which is
+// exactly what we want — the field is ignored, not translated, and a hard
+// `.strict()` reject would brick recovery for any user with an old config.
 const adapterSchema = z.object({
   engagement: engagementSchema,
   history: historySchema,
@@ -128,6 +126,7 @@ export const DEFAULT_GITHUB_EVENT_ALLOWLIST = [
   'pull_request.ready_for_review',
   'pull_request.review_requested',
   'pull_request.review_request_removed',
+  'pull_request.synchronize',
   'discussion.created',
   'pull_request_review.submitted',
 ] as const
@@ -158,6 +157,21 @@ const GITHUB_EVENT_ALLOWLIST_V2 = [
   'discussion.created',
   'pull_request_review.submitted',
 ] as const
+//   - v3: added ready_for_review, shipped 0.12.0+ (the default just before
+//     synchronize was added). Snapshotted here so configs seeded with the
+//     pre-synchronize default unfreeze and re-track the new default.
+const GITHUB_EVENT_ALLOWLIST_V3 = [
+  'issue_comment.created',
+  'pull_request_review_comment.created',
+  'discussion_comment.created',
+  'issues.opened',
+  'pull_request.opened',
+  'pull_request.ready_for_review',
+  'pull_request.review_requested',
+  'pull_request.review_request_removed',
+  'discussion.created',
+  'pull_request_review.submitted',
+] as const
 
 // Every event-allowlist that `channel add` / `init` has ever seeded verbatim
 // into typeclaw.json, oldest first, current default last. The legacy-shape
@@ -169,6 +183,7 @@ const GITHUB_EVENT_ALLOWLIST_V2 = [
 export const SEEDED_GITHUB_EVENT_ALLOWLISTS: readonly (readonly string[])[] = [
   GITHUB_EVENT_ALLOWLIST_V1,
   GITHUB_EVENT_ALLOWLIST_V2,
+  GITHUB_EVENT_ALLOWLIST_V3,
   DEFAULT_GITHUB_EVENT_ALLOWLIST,
 ]
 

package/src/cli/channel.ts

@@ -629,8 +629,9 @@ async function promptGithubCredentials(cwd: string): Promise<{
     message: 'GitHub authentication type',
     options: [
       { value: 'pat', label: 'Fine-grained personal access token' },
-      { value: 'app', label: 'GitHub App installation token' },
+      { value: 'app', label: 'GitHub App installation token (recommended)' },
     ],
+    initialValue: 'app',
   })
   if (isCancel(authType)) {
     cancel('Aborted.')

package/src/cli/init.ts

@@ -1182,8 +1182,9 @@ async function runGithubFlow(cwd: string): Promise<StepResult<CollectedInputs['c
     message: 'GitHub authentication type',
     options: [
       { value: 'pat', label: 'Fine-grained personal access token' },
-      { value: 'app', label: 'GitHub App installation token' },
+      { value: 'app', label: 'GitHub App installation token (recommended)' },
     ],
+    initialValue: 'app',
   })
   if (isCancel(authType)) return back()
   const auth = authType === 'pat' ? await promptGithubPatAuth() : await promptGithubAppAuth()