- Remove unused `resolve` import from plugin.ts
- Use strict equality (`!== null && !== undefined`) instead of `!=` in start.ts
- Attach `cause` to re-thrown errors in plugin install/update rollback
- Fix forbidden `import()` type annotation in plugin test
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use consistent regex for OPENCLAW_HOOKS_TOKEN detection and replacement
in shell profile (prevents silent no-ops for non-exported lines)
- Broaden token detection regex to match lines with/without export prefix
and leading whitespace
- Fix misleading --non-interactive help text (token is auto-generated)
- Fix doctor.ts catch block to say "Notifier checks failed" not "load config"
- Fix 204 mock in Discord notifier test (ok: true, not ok: false)
- Fix weak no-duplicate assertion in setup.test.ts (actually count list items)
- Add discord to notifier options comment in config-instruction.ts
- URL-encode threadId in Discord webhook URL construction
- Add aoCwd to required[] in openclaw.plugin.json configSchema
- Add HTTPS recommendation comment to agent-orchestrator.yaml.example
- Add rimraf for cross-platform clean script in notifier-discord
- Rename "Recommended Settings" to "Required: Disable Conflicting Built-in Skills"
with explicit warning in docs
- Add /ao setup post-setup reminder to manually disable coding-agent skill
- Fix misleading README non-interactive example wording
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fixes all 12 issues identified in the Cursor Bugbot review:
#4 – Setup tests now assert non-interactive mode skips validation and
auto-generates tokens; removed incorrect validateToken call expectations.
#5 – Replaced module-level mutable `tsFailures` in doctor.ts with a
`makeFailCounter()` closure that is local to each command invocation,
eliminating potential state bleed between invocations.
#6 – Both `notify`, `notifyWithActions`, and `post` in notifier-discord
now consistently guard on `effectiveUrl` (which includes thread_id),
not on the raw `webhookUrl`. Removes non-null assertions.
#7/#12 – setup.ts now writes `${OPENCLAW_HOOKS_TOKEN}` as the token
value in the YAML config instead of the raw token, so credentials are
never committed to version control. setup.test.ts already expected this
placeholder; the test was correct, the code was not.
#8 – `ao_batch_spawn` follow-up setTimeout handles are tracked in
`batchSpawnFollowUpTimeouts[]` and cleared when the health service stops,
preventing timer leaks after plugin shutdown.
#11 – Discord 429 Retry-After handling no longer double-delays: a
`skipNextBackoff` flag is set after waiting for Retry-After so the
following iteration skips the standard exponential backoff.
Also removes the unused `yamlStringify` import from setup.ts.
Issues #1/#2/#3/#9/#10 were already correctly addressed in previous commits.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Refactor ensureTmux() to use askYesNo() + tryInstallWithAttempts()
matching the existing ensureGit() pattern — no silent sudo
- Add log line before each auto-install attempt in preflight.checkTmux()
- Update config warning: "will prompt to install at startup"
- Update design doc to reflect interactive consent flow
- Include prior uncommitted changes: interactive install prompts for
git/gh/agent-runtime, ensureGit(), canPromptForInstall(), askYesNo()
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Store board scanner initial setTimeout and clear on stop
- Fix deliver assertion in openclaw-probe test (true -> false)
- Fix Discord thread_id test to check URL query param, not body
- Use yaml Document API to preserve comments in config writes
- Fix setup tests to match actual nonInteractiveSetup behavior
(skips validation, auto-generates missing tokens)
- checkTmux() now attempts auto-install (brew/apt/dnf) before erroring
- Config generation uses runtime: "process" when tmux unavailable
- start.ts tries auto-install during config creation, falls back gracefully
- Fix restart bookkeeping in start-all.ts: slot-based tracking prevents
duplicate children entries that broke cleanup countdown
- Updated design doc reflecting all fixes and review feedback
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix shell injection in writeShellExport: use single-quoted token with
escaped embedded single quotes instead of double-quoted interpolation
- Fix board scanner initial setTimeout not cleared on stop: store the
timeout handle and clear it in the stop handler
- Fix openclaw-probe test asserting deliver:true when code sends false
- Fix Discord notifier thread_id test to check URL query param instead
of body, and remove redundant thread_id from post() body payload
- Remove redundant project-existence check after autoDetectProject
- Wrap SIGTERM in try/catch for restart flow (dead process case)
- Remove unused setCallerContext export from caller-context.ts
- Fix unused vi import lint error in init.test.ts
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add vi.mock() for running-state, caller-context, detect-env,
detect-agent, and project-detection modules imported by start.ts
- Without these mocks, vitest threads never exit (open handles)
- Remove init.test.ts test that triggered dynamic import of start.js
- Relax waitForPortAndOpen assertion (port resolution depends on
full dashboard startup which is mocked out)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When users run `ao spawn <project> <issue>`, show a yellow warning
explaining the new syntax (`ao spawn <issue>`) instead of Commander's
raw "too many arguments" error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- spawn now takes only `[issue]` — project is always auto-detected
- batch-spawn now takes only `<issues...>` — no project prefix
- Commander rejects extra positional args automatically
- Update orchestrator prompt to remove projectId from spawn example
- Rewrite spawn tests to use auto-detected project (single project in config)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Rewrite init.test.ts to match simplified deprecated init command
(old tests referenced removed --output, --auto, --smart flags)
- Add eslint-disable for consistent-type-imports in direct-terminal-ws.ts
(node-pty is optional, must use import() type annotations)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Keep orchestrator control sessions visible in CLI status without counting them as worker sessions, and preserve explicit roles in JSON output for multi-project tooling.
* fix(core): enforce single-owner PR claim consolidation
* refactor: remove dead `takeover` option from claimPR
Since PR consolidation is now automatic (single-owner enforcement),
the `--takeover` flag became dead code. Users passing it got no
error but it had zero effect.
This commit:
- Removes takeover from ClaimPROptions interface
- Removes --takeover flag from spawn and session CLI commands
- Updates orchestrator-prompt.ts examples
- Updates tests to reflect automatic consolidation
Tests: ao-core 403 passing, ao-cli 189 passing (spawn+session)
* fix: remove stale --takeover from Quick Start example
Remove remaining --takeover reference in orchestrator prompt Quick Start section.
* feat(core): document and test asymmetric PR ownership model
- Add JSDoc to claimPR documenting RULE A (exclusive PR->Agent) and
RULE B (Agent->Many PRs) ownership contract
- Add tests for:
- Same session claiming multiple PRs sequentially (RULE B)
- Idempotent re-claim by same owner
- Stale/dead prior owner handoff
- Exclusive PR ownership enforcement (RULE A)
139 tests passing
---------
Co-authored-by: Harsh <harsh@Ubuntu-24-Forrest.lan>
* fix: pause workers on model limits and stabilize session visibility
Detect model limit exhaustion, pause project worker operations until reset, and expose pause state in dashboard/API. Also harden killed-session cleanup and SSE session reconciliation so sessions do not appear ghost-active or disappear until reload.
* fix: satisfy lint in rate-limit pause probe
* fix: address bugbot feedback for pause handling
* fix(lifecycle): prevent infinite re-pause loop for duration-based rate limits
Duration-based rate limits (e.g., 'usage limit reached for N hours') were
causing infinite re-pause loops because they always calculate reset time as
Date.now() + duration, which extends the pause on every poll cycle if the
message remains in terminal output.
Now checks for existing active pause before setting a new one:
- Skips override if same session already has active pause
- Preserves longer pauses from other sessions
Fixes infinite loop described in PR #367 review comment.
* fix(core): export global pause constants to prevent duplication
Export GLOBAL_PAUSE_*_KEY constants and parsePauseUntil utility from
@composio/ao-core so web package can import them instead of hardcoding.
This prevents silent breakage if key values ever change - now there's
a single source of truth.
Addresses review comment on PR #367.
* fix(web): globalPause as first-class state in SSE event flow
globalPause is now part of the same reducer/event flow as sessions,
not derived from provider-specific output text in the UI.
Changes:
- useSessionEvents: manage globalPause alongside sessions in reducer state
- Dashboard: consume globalPause from hook instead of SSR-only prop
- types: re-export GlobalPauseState from shared lib (provider-agnostic contract)
- Tests: 15 new tests proving banner appears/disappears from state updates
alone, regardless of agent model/plugin (Claude Code, OpenCode, Codex)
Design requirements satisfied:
- First-class state in same reducer/event flow as sessions
- Key names sourced from shared core contract via export/import
- Provider-neutral: no Anthropic/OpenAI string coupling in control logic
- State-driven: banner visibility from reducer state updates via SSE
Addresses Bugbot finding: Dashboard pause banner never updates after
initial render (eba24a0b-9e4c-47e3-91c9-7d10be01e3cf)
* fix: remove unused import in test file
* fix(cli): consistent purge default for session kill and stop commands
The kill method's default changed from opt-in (=== true) to opt-out (!== false).
Both session kill and stop commands now use the same logic:
purgeOpenCode = opts.purgeSession === true ? true : opts.keepSession !== true
This ensures consistent behavior across all kill paths.
Adds --keep-session flag to both commands.
Adds regression tests for provider-agnostic behavior verified.
Addresses Bugbot finding: orchestrator start cleanup inconsistent
with new purge default (2bc2535f-b2d1-4f64-96d6-150f97ed8564)
* feat: add PR claim flow for agent sessions
* feat: support PR claim during spawn
* fix: address PR review feedback
* feat: add lifecycle worker automation
* fix: prevent duplicate messages on unconfirmed delivery and deduplicate review prompt
sendWithConfirmation now treats unconfirmed delivery as a soft success
since the message was already sent, preventing the dispatch hash from
staying stale and causing duplicate sends on the next poll cycle.
review-check command now sources its prompt from the lifecycle reaction
config instead of hardcoding it, keeping both paths aligned.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: pass AO_CONFIG_PATH to spawned lifecycle worker and log duplicate-worker early exit
The spawned lifecycle worker now receives AO_CONFIG_PATH in its
environment so it finds the correct config regardless of CWD. Also
added a log message when exiting early due to an existing worker.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: prevent lifecycle worker from clearing metadata on SCM fetch failures
SCM methods (getPendingComments, getAutomatedComments) silently returned []
on error, causing maybeDispatchReviewBacklog to treat fetch failures as
"no comments" and clear all tracking metadata every poll cycle. The worker
appeared to do nothing because it kept resetting its own state.
- SCM methods now propagate errors instead of returning []
- maybeDispatchReviewBacklog distinguishes null (fetch failed, skip) from
[] (confirmed empty, safe to clear)
- pollAll() logs errors instead of silently swallowing them
- Added heartbeat logging and stdout flush before process.exit
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add debug breadcrumbs when review comment fetch fails
Logs a console.debug message when getPendingComments or
getAutomatedComments fails, making it clear the lifecycle loop is
preserving metadata due to a fetch failure rather than genuinely
having no comments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: scope lifecycle worker polling to its project and add missing test
pollAll() now passes the worker's projectId to sessionManager.list(),
so each per-project lifecycle worker only polls its own sessions. This
prevents duplicate SCM API calls and race conditions in multi-project
configs.
Also fixed misleading test name and added a test verifying that
--no-dashboard alone still starts the lifecycle worker.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: remove dead confirmation check and respect project-level reaction overrides
Removed the unreachable "could not be confirmed" guard from the retry
logic since sendWithConfirmation now returns silently on unconfirmed
delivery.
review-check now resolves the prompt per-session by checking
project-level reaction overrides before falling back to the global
config, matching lifecycle worker behavior.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: close TOCTOU race in lifecycle worker spawn and unexport getRegistry
Write the child PID from the parent immediately after spawn, closing
the window where a concurrent ensureLifecycleWorker could pass the
"not running" check and spawn a duplicate worker.
Also removed the unnecessary export on getRegistry since it has no
external consumers.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: always include ao base prompt on spawn
* fix: clear heartbeat on shutdown and add initial delay to confirmation loop
Clear the heartbeat interval in the shutdown handler to prevent it
firing during the stream-flush window after lifecycle.stop().
Move the sleep in sendWithConfirmation to before each check (including
the first), so the runtime has time to reflect the message before
the first confirmation attempt.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: resolve lint errors in lifecycle and session manager
- Replace dynamic delete with object reconstruction in lifecycle-manager
- Add { cause } to re-thrown errors in session-manager for preserve-caught-error rule
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: auto-detect free port in ao start <url> config generation
When generating a new config via `ao start <url>`, auto-detect a free
port instead of hardcoding 3000. Reuses `findFreePort` (extracted to
shared web-dir.ts from init.ts). When port was auto-selected, skip the
strict preflight port check and silently find another free port if
needed (race condition).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: add polling to listIssues integration test for Linear API consistency
The listIssues test was failing because Linear's API has eventual
consistency — a just-created issue may not appear in list queries
immediately. Other tests in this file already use pollUntilEqual for
the same reason. Use pollUntil to retry until the issue appears.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: restore coupling between MAX_PORT_SCAN and findFreePort
MAX_PORT_SCAN was decoupled from findFreePort after extraction to
web-dir.ts — init.ts kept a local constant only used in messages while
findFreePort had its own default, and start.ts hardcoded 99. Export
MAX_PORT_SCAN from web-dir.ts as the single source of truth, use it as
findFreePort's default parameter, and import it in both callers.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
HTTPS clone fails on private repos without credentials. Now tries
three strategies in order:
1. gh repo clone (handles GitHub auth via gh auth token)
2. git clone with SSH URL (works with SSH keys)
3. git clone with HTTPS URL (public repos fallback)
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: URL start handles multi-project configs and cross-platform browser open
When `ao start <url>` loads an existing config with multiple projects,
resolve the correct project by matching the URL's owner/repo against
each project's `repo` field instead of failing with "Multiple projects".
Also fix browser open to use platform-appropriate command (open/xdg-open/start)
instead of hardcoded macOS `open`.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: use shallow clone (--depth 1) for faster repo onboarding
Full clones of large repos can take minutes. Shallow clone with
depth 1 fetches only the latest commit, making `ao start <url>`
near-instant for any repo size.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: use cmd.exe /c start for Windows browser open
`start` is a cmd.exe builtin, not a standalone executable — spawn
would fail with ENOENT. Run via cmd.exe /c with empty title arg.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add `ao start <url>` one-command project onboarding
When `ao start` receives a repo URL instead of a project ID, it now:
1. Parses the URL (supports GitHub, GitLab, Bitbucket — HTTPS and SSH)
2. Clones the repo (or reuses if already present with matching remote)
3. Auto-generates agent-orchestrator.yaml with sensible defaults:
- SCM/tracker plugins inferred from URL host
- Default branch detected from local refs
- Project type detected (language, package manager)
- Post-create install commands set based on package manager
4. Starts the orchestrator + dashboard as usual
New core module `config-generator.ts` handles URL parsing, SCM detection,
project info detection, and config generation. All logic is in core (not
CLI) for reusability. 36 unit tests cover URL parsing, SCM detection,
default branch detection, project info, config generation, and clone
target resolution.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address bugbot review feedback
1. Non-JS postCreate fix: Only set postCreate install commands for JS
package managers (pnpm/yarn/bun/npm). Rust/Go/Python projects no
longer get an incorrect "npm install" command.
2. Deduplicate startup logic: Extract shared `runStartup()` helper used
by both URL-mode and normal-mode start flows. Eliminates ~100 lines
of duplicated dashboard+orchestrator startup code.
3. SSH URL matching: Normalize SSH URLs to HTTPS format in
`isRepoAlreadyCloned()` so repos cloned via SSH
(git@github.com:owner/repo) are correctly detected as matching.
4. SCM/tracker always explicit: Always set scm and tracker fields in
generated config so `applyProjectDefaults()` doesn't silently
override with github defaults for non-GitHub repos.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: sanitize repo names for project IDs and session prefixes
Address remaining bugbot comments:
- Add sanitizeProjectId() to handle dots/special chars in repo names
(e.g. "my.app" → "my-app" instead of failing Zod validation)
- Preserve original case for generateSessionPrefix() so CamelCase
detection works (e.g. "DevOS" → prefix "dos", not "dev")
- Strip invalid chars before prefix generation to prevent dots
leaking into sessionPrefix
Also update README and SETUP docs with `ao start <url>` quick
onboarding flow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: auto-open browser to orchestrator page on `ao start`
Opens the orchestrator session page (/sessions/{id}) instead of the
root dashboard, since the Kanban board is empty on first startup
with no worker sessions yet.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: replace fixed 3s delay with port polling for browser open
Poll the dashboard port via TCP connection attempts (300ms intervals,
30s timeout) instead of a hardcoded setTimeout. Opens the browser only
once the server is actually accepting connections — deterministic
regardless of how long Next.js takes to compile.
Applied to both `ao start` and `ao dashboard` commands.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test: add CLI tests for start/stop commands
12 new tests covering:
- Project resolution: single project, explicit arg, missing project,
multi-project ambiguity, empty config
- URL argument: reuse existing clone, git clone flow, existing config
detection, clone failure error handling
- Port polling: waitForPortAndOpen polls isPortAvailable before opening
browser (proves deterministic behavior vs fixed delay)
- Stop command: session kill + dashboard stop, graceful missing session
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: deduplicate waitForPortAndOpen into shared utility
Move waitForPortAndOpen to lib/web-dir.ts (alongside isPortAvailable)
so both start.ts and dashboard.ts share a single cancellation-aware
implementation. start.ts now uses AbortSignal like dashboard.ts —
polling stops immediately if the dashboard process exits early.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Remove unused `createServer` import from web-dir.ts (only `Socket`
is used) — fixes the lint error in CI
- Mock `isPortAvailable` in the "uses port 3000" test so it doesn't
depend on port 3000 actually being free on the host machine
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
In interactive mode: "Port 3000 is busy — suggesting 3001 instead.
Press Enter to accept, or type a different port."
In auto mode: "Port 3000 is busy — using 3001 instead."
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Verify auto mode writes `name` and `sessionPrefix` to project config
- Verify warning is shown when no free port is found in range
- Verify `--smart` flag description includes "coming soon"
- Verify `sessionPrefix` matches core `generateSessionPrefix` output
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Session manager: agent override uses correct agent, unknown agent throws, default used without override
- CLI spawn: --agent flag passthrough with and without issue ID
- Plugin registry: multiple agent plugins registered via loadBuiltins importFn
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When port 3000 is occupied, `ao init` now scans upward (3001, 3002, ...)
until a free port is found. Applies to both interactive and --auto modes.
Uses the existing isPortAvailable() from web-dir.ts (now exported).
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat: first-class orchestrator session + file-based system prompt
Make the orchestrator a first-class managed session that flows through
the same SessionManager pipeline as worker sessions, and fix a blocking
bug where long system prompts get truncated by tmux/zsh.
Changes:
- Add OrchestratorSpawnConfig type and spawnOrchestrator() to
SessionManager interface
- Implement spawnOrchestrator() in session-manager.ts: proper
hash-based tmuxName, runtimeHandle, plugin lifecycle — no workspace
creation (uses project.path directly)
- Refactor `ao start` to use SessionManager.spawnOrchestrator()
instead of manual tmux calls + metadata writes (~80 lines removed)
- Refactor `ao stop` to use SessionManager.kill() instead of manual
tmux kill + metadata delete
- Update `ao init` next steps: guide users to `ao start` before
`ao spawn`
- Add systemPromptFile to AgentLaunchConfig for file-based system
prompts (avoids tmux truncation of 2000+ char inline prompts)
- Update agent-claude-code, agent-codex, agent-aider plugins to use
shell command substitution "$(cat '/path')" when systemPromptFile
is set
- Update runtime-tmux create() to use load-buffer/paste-buffer for
launch commands >200 chars
- Add 8 tests for spawnOrchestrator
- Fix SessionManager mock in 8 test files (add spawnOrchestrator)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: use hash-based tmux name in orchestrator attach hint
The tmux attach hint after `ao start` printed the user-facing session
ID (e.g. app-orchestrator) instead of the hash-based tmux session name
(e.g. a3b4c5d6e7f8-app-orchestrator), causing "session not found"
errors. Now captures the runtimeHandle.id from spawnOrchestrator's
return value for the correct tmux target.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: config discovery, activity detection, and metadata port storage
- findConfigFile() checks AO_CONFIG_PATH env var (resolved to absolute path)
- loadConfig() delegates to findConfigFile() for consistent validation
- Pure Node.js readLastJsonlEntry (no external tail binary), safe for
multi-byte UTF-8 at chunk boundaries
- Added "ready" activity state to agent plugins
- Store dashboardPort, terminalWsPort, directTerminalWsPort in session
metadata so ao stop targets the correct processes
- Zod schema port default aligned with TypeScript interface
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: dashboard config discovery + CLI service layer refactoring
- Config discovery via AO_CONFIG_PATH env var
- Auto port detection with PortManager
- Activity detection with ready state, pure Node.js readLastLine
- 5 CLI services: ConfigService, PortManager, DashboardManager, MetadataService, ProcessManager
- Store all service ports in metadata for ao stop
- Set NEXT_PUBLIC_ env vars for frontend terminal components
- Multi-byte UTF-8 safe readLastJsonlEntry
- Tests for all new services and utils
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address bugbot review comments (port fallback + systemPrompt)
1. Align port fallback to 3000 everywhere (matching Zod schema default):
- start.ts: config.port ?? 3000
- dashboard.ts: config.port ?? 3000
- types.ts JSDoc: "defaults to 3000"
- orchestrator-prompt.ts: already correct at 3000
2. Add --append-system-prompt to Claude Code plugin's getLaunchCommand
so orchestrator context is actually passed to the Claude agent.
Previously systemPrompt was generated but silently dropped.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: remove dead ConfigService mock from status test
The vi.mock for ConfigService.js referenced a deleted module.
Config mocking is already handled by the @composio/ao-core mock.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: extract shared buildDashboardEnv to eliminate duplication
Dashboard env construction (AO_CONFIG_PATH, PORT, NEXT_PUBLIC_*) was
duplicated between start.ts and dashboard.ts. Extracted into
buildDashboardEnv() in web-dir.ts (already shared by both commands).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: delegate CLI commands to core SessionManager
Replace direct tmux/metadata manipulation in CLI commands with calls to
core's SessionManager (spawn, list, kill, cleanup, send). This removes
~700 lines of reimplemented session logic and makes the CLI a thin layer
over the core service.
- Add create-session-manager.ts factory (cached PluginRegistry + SM)
- spawn: delegate to sm.spawn() instead of manual worktree/tmux setup
- session ls/kill/cleanup: delegate to sm.list()/kill()/cleanup()
- status: use sm.list() for session discovery and activity from Session
- send: resolve tmux target from session.runtimeHandle
- review-check: use sm.list() for session discovery
- dashboard/start: add --rebuild flag for stale .next cache cleanup
- Update all tests to mock create-session-manager.js
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test: add regression tests for spawn delegation and dashboard stale cache
- spawn.test.ts: verify spawn delegates to sm.spawn() with correct args,
shows hash-based tmux name in attach hint (regression for flat-naming bug)
- dashboard.test.ts: verify stale .next cache detection patterns match the
actual error (Cannot find module vendor-chunks/xterm@5.3.0.js) and that
rebuildDashboard cleans .next directory
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: ao dashboard --rebuild properly kills and restarts running server
Before: --rebuild deleted .next under the running dev server, leaving it
in a broken state (500s, missing chunks). Couldn't recover without manual
intervention.
Now: --rebuild detects the running dashboard via lsof, kills it, cleans
.next, then starts a fresh dev server on the same port. Works correctly
from any worktree since findWebDir resolves to the same web package.
- Add findRunningDashboardPid/findProcessWebDir/waitForPortFree utilities
- Split cleanNextCache from rebuildDashboard (cache-only vs full rebuild)
- Update tests for new dashboard-rebuild exports
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: address bugbot review comments on PR #88
1. Cleanup dry-run now delegates to sm.cleanup({dryRun: true}) instead
of checking local status fields — ensures dry-run uses same live
checks (PR state, runtime alive) as actual cleanup.
2. Remove module-level mutable config in status.ts — pass config as
parameter to gatherSessionInfo() to avoid stale state bugs.
3. Batch-spawn duplicate detection uses sm.list() instead of broken
findSessionForIssue() which relied on flat tmux naming incompatible
with hash-based architecture.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* chore: remove dead exports getPluginRegistry and rebuildDashboard
Both functions were exported but never imported outside test mocks.
Clean up test mocks and unused imports accordingly.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: deduplicate config/session lookups in send, hoist sm.list() in batch-spawn
1. Send command: merge resolveTmuxTarget() and resolveAgentForSession()
into a single resolveSessionContext() that loads config and calls
sm.get() once instead of twice.
2. Batch-spawn: move sm.list() call before the loop and build a Map for
O(1) duplicate lookups, avoiding repeated metadata reads + runtime
enrichment on every iteration.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* chore: remove unused project parameter from spawnSession
After delegating to sm.spawn(), the ProjectConfig parameter is no
longer referenced — sm.spawn() resolves it internally from the
projectId. Remove the parameter and simplify both callers.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: handle process.kill race, waitForPortFree timeout, dry-run errors
1. Wrap process.kill() in try-catch to handle ESRCH when the target
process exits between detection and kill (race condition).
2. waitForPortFree() now throws on timeout instead of silently
returning, preventing the dashboard from starting on a busy port.
3. Dry-run cleanup now displays errors from PR/issue checks, matching
the non-dry-run branch behavior.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: hoist session manager in cleanup, skip dead sessions in batch-spawn
1. Hoist getSessionManager() before the dry-run if/else in cleanup
since both branches create the same instance.
2. Batch-spawn duplicate detection now excludes dead/killed/exited
sessions so crashed sessions don't block respawning the same issue.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: lsof flags, dry-run error guard, remove unused --regenerate
1. Fix lsof flag from -Fn to -Ffn so findProcessWebDir() actually
gets the file descriptor field needed to match "fcwd" markers.
2. Dry-run cleanup now guards "no sessions" message with both
killed.length === 0 AND errors.length === 0, matching the
non-dry-run branch behavior.
3. Remove unused --regenerate CLI option from ao start (defined
but never referenced in the action body).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: cache registry promise and cap stderr buffer
- Cache the Promise instead of the resolved PluginRegistry to prevent
concurrent callers from racing past the null check and creating
multiple registries before loadFromConfig completes.
- Cap stderrChunks to 100 entries since only early startup errors
(stale build detection) are checked — unbounded growth wastes memory
for long-running dashboard processes.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>