Commit Graph

298 Commits

Author SHA1 Message Date
harshitsinghbhandari d3cf4ae3de fix: address PR review comments on stage 5 rollout (#119) 2026-04-17 13:36:09 +05:30
harshitsinghbhandari 88cd9e7ed1 merge: resolve sessions-redone conflicts for stage5
Preserve the split lifecycle observability and UI truth model while retaining the latest sessions-redone PR transition handling and dependency updates.
2026-04-17 13:09:13 +05:30
harshitsinghbhandari 7072143138 feat: expose split lifecycle truth in dashboard
Implement the Stage 5 rollout so API and UI consumers stop depending on one overloaded status and operators can see structured transition evidence without breaking older session metadata.
2026-04-17 13:00:26 +05:30
Harshit Singh Bhandari ffdfd869ff
Merge pull request #118 from harshitsinghbhandari/stage4-pr-policy
fix: decouple PR truth from worker session policy
2026-04-17 11:51:01 +05:30
harshitsinghbhandari b5c969c6b4 fix: address PR review policy regressions (#118) 2026-04-17 11:39:13 +05:30
harshitsinghbhandari 7ccbe5b260 fix: preserve session truth over PR aliases (#118) 2026-04-17 11:02:06 +05:30
Harshit Singh Bhandari 7361e5b5ee
Merge branch 'ComposioHQ:main' into sessions-redone 2026-04-17 10:48:42 +05:30
harshitsinghbhandari a45eb322bb fix: decouple PR truth from worker session policy 2026-04-17 10:44:35 +05:30
Pritom Mazumdar 685fd42c3d
fix: resolve three Next.js build warnings in web package (#1087)
* fix Next.js build warnings, pin flatted override, regenerate lockfile

* fix ignoreDuringBuilds, add ao-core to serverExternalPackages, clean dist-server in prebuild

* fix ESLint plugin detection, remove ao-core from transpilePackages, suppress plugin-registry webpack warning

* fix(web): restore ao-core to transpilePackages, document overrides, fix dev:optimized cleanup

Move @aoagents/ao-core back to transpilePackages only. dist/ is gitignored so fresh
checkout has no dist/index.js; serverExternalPackages causes a hard crash at runtime.
Client components (SessionDetail, ProjectSidebar, sessions/[id]/page) also import
@aoagents/ao-core/types which serverExternalPackages does not cover.

Keep @composio/core in serverExternalPackages only with comment explaining it is an
optional transitive dep via tracker-linear dynamic import.

Add _overrides_rationale to document axios (SSRF CVE-2023-45857) and flatted
(prototype-pollution) security pins in root package.json.

Fix dev:optimized to clean both .next and dist-server, matching what prebuild does.

* fix: webpackIgnore dynamic imports in plugin-registry fixes #1056

* fix: move Next.js ESLint config to packages/web for build-time detection fixes #1058

* fix: remove scope creep and phantom agent-soma from lockfile

- remove agent-soma importer block from pnpm-lock.yaml
- remove @composio/core from serverExternalPackages
- remove redundant exprContextCritical webpack override
- remove flatted override and _overrides_rationale
- align @next/eslint-plugin-next to ^15.5.15

* fix: replace rm -rf with rimraf for cross-platform compatibility

* fix: use rimraf in clean script and sort devDependencies

* fix: add postcss.config.mjs to web ESLint ignores

* fix: restore no-console exemption for web package in root ESLint config
2026-04-17 10:43:01 +05:30
harshitsinghbhandari 0093e2b4e4 fix(core): use kind for orchestrator skip; honest report-surfacing copy
Address Copilot review feedback on PR #117:

- lifecycle-manager: replace string-matching guards (`metadata["role"]`,
  `session.id.endsWith("-orchestrator")`) with the authoritative
  `lifecycle.session.kind !== "orchestrator"` check. The previous guard
  missed numbered orchestrator IDs like `${prefix}-orchestrator-1`, which
  could let a fresh agent report incorrectly override an orchestrator
  session's status.
- orchestrator-prompt: reword the "Explicit Agent Reports" section to stop
  promising automatic surfacing in status/dashboard. CLI/UI display work
  is not part of this PR; the prompt now describes reports as a hint to
  lifecycle inference and explicitly notes SCM/runtime truth still wins.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-17 10:13:00 +05:30
harshitsinghbhandari 593eec441a fix(core): tighten agent-report contract per PR review
Address Copilot review feedback on PR #117:

- Drop the `done` alias from `INPUT_ALIASES`. Agents cannot self-report the
  terminal `done` state (AO owns that transition via SCM ground truth), so
  silently aliasing `done` → `completed` contradicted the prompts and
  weakened the reserved-transition boundary.
- Tighten `validateAgentReportTransition` to reject ALL reports when
  `session.state === "done"`. Previously `completed` slipped through, but
  `completed` maps to `idle` and would have re-opened a terminal session,
  contradicting the function's own doc comment.
- Reject future timestamps in `isAgentReportFresh`. A skewed/future
  `agentReportedAt` would otherwise yield a negative delta that satisfies
  `<= windowMs`, making the report appear "fresh" indefinitely and
  overriding stronger inference signals.

Tests updated:
- Replace done→completed alias assertion with explicit null expectation.
- Expand `done`-state rejection test to cover `completed` and `needs_input`.
- Add freshness test for future-dated timestamps.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-17 10:11:03 +05:30
harshitsinghbhandari cab0a2656d feat(core): add explicit agent reporting for workflow coordination (Stage 3)
Introduce an explicit reporting channel so worker agents can self-declare
their workflow phase (started/working/waiting/needs-input/fixing-ci/
addressing-reviews/completed). Fresh reports are trusted over weak inference
but runtime death, activity-based waiting_input, and SCM ground truth still
take precedence.

- Add `applyAgentReport`, validator, canonical mapping, and freshness helper
  in `packages/core/src/agent-report.ts`.
- Wire the fallback into `determineStatus` just before the idle-beyond-
  threshold promotion, skipping orchestrator and terminal sessions.
- Add `ao acknowledge` and `ao report <state>` CLI commands. Both resolve
  the session from `AO_SESSION_ID` when no argument is passed.
- Teach the base agent prompt and orchestrator prompt about the new
  reporting commands.
- Ship unit tests covering normalization, mapping, transition validation,
  metadata persistence, freshness, and first-start behavior.

Stage 3 of the state-machine redesign (see aa-2/state-machine-redesign-
rollout-plan.md).
2026-04-17 10:11:03 +05:30
Harshit Singh Bhandari 47c4b877f7
Merge branch 'ComposioHQ:main' into sessions-redone 2026-04-17 10:06:26 +05:30
yyovil 8b7a54ba5a
Merge pull request #1206 from yyovil/yyovil/fix-issue-1175
refactor(core): templated orchestrator prompt
2026-04-16 23:54:44 +05:30
harshitsinghbhandari f4fdaa7f3f fix: honor live startup evidence in recovery (#95) 2026-04-16 23:06:49 +05:30
harshitsinghbhandari f2f1a4ddb6 fix: address follow-up stage 2 review feedback (#95) 2026-04-16 23:00:20 +05:30
harshitsinghbhandari c447c7c41f fix: address stage 2 PR review feedback (#95) 2026-04-16 22:46:12 +05:30
harshitsinghbhandari 008ca45618 Merge remote-tracking branch 'origin/sessions-redone' into feat/stage2-evidence-recovery
# Conflicts:
#	packages/core/src/lifecycle-manager.ts
2026-04-16 22:43:57 +05:30
harshitsinghbhandari 0a55b12f19 feat: implement stage 2 evidence-based recovery rules (#95) 2026-04-16 22:33:27 +05:30
Harshit Singh Bhandari 42e9be13a5
Merge pull request #114 from harshitsinghbhandari/plan/stage1-lifecycle-foundation
Plan/stage1 lifecycle foundation
2026-04-16 22:09:41 +05:30
yyovil 4f687dd59e fix(core): validate template placeholders before render
Entire-Checkpoint: 7fdb8af31510
2026-04-16 20:13:58 +05:30
yyovil e418f6f9f3 chore(core): simplify command prompt markdown 2026-04-16 19:14:41 +05:30
Dhruv Sharma 87fb598d87
Merge pull request #1126 from gautamtayal1/fix/spawn-ao-for-opencode
fix (opencode): use local AGENTS.md for OpenCode orchestrator instructions
2026-04-16 18:21:12 +05:30
yyovil b853fe3080 fix(core): harden prompt template rendering 2026-04-16 14:43:33 +05:30
yyovil f4870c41c9 Merge remote-tracking branch 'origin/main' into yyovil/fix-issue-1175
# Conflicts:
#	packages/core/src/__tests__/orchestrator-prompt.test.ts
#	packages/core/src/orchestrator-prompt.ts
2026-04-15 22:08:28 +05:30
Adil Shaikh ba77929c93
Merge pull request #1158 from ComposioHQ/feat/issue-1154
fix(cli): stop writing broken yaml when `ao start` runs in a new folder
2026-04-15 15:10:10 +05:30
Gautam Tayal 179c0a6083 fix: add agents.md file for restore command 2026-04-15 13:56:35 +05:30
Harshit Singh Bhandari ae302ea221
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-04-15 13:50:28 +05:30
Harshit Singh Bhandari bfe85876e4
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-04-15 13:50:09 +05:30
harshitsinghbhandari 81d88c4412 fix(core): address lifecycle review feedback 2026-04-15 12:41:06 +05:30
harshitsinghbhandari d466118450 feat(core): add canonical lifecycle persistence foundation 2026-04-15 12:41:06 +05:30
adil 6d6822e501 refactor(cli): extract shared repo helpers and support GitLab subgroups
- New repo-utils.ts with extractOwnerRepo() and isValidRepoString()
  shared across detectEnvironment, autoCreateConfig, addProjectToConfig
- Remote regex now supports GitLab subgroup paths (group/subgroup/repo)
- Repo validation accepts multi-segment paths (owner/repo and deeper)
- Updated prompt text to mention group/subgroup/repo format
- Updated ProjectConfig.repo docstring to be provider-neutral
- Tests import from shared helpers instead of duplicating regex

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 12:30:32 +05:30
adil 72e3620b8d test: add tests for optional repo across all changed modules
- detect-env: test GitHub/GitLab HTTPS/SSH remote extraction, unknown
  hosts returning null, missing remote, and non-git directories
- repo-validation: test the anchored regex accepts owner/repo, rejects
  empty, lone slash, missing segments, whitespace, and nested paths
- config-validation: test SCM/tracker inference skipped when repo is
  missing or has no slash, and inferred correctly with owner/repo
- scm-webhooks: test eventMatchesProject returns false when project
  has no repo configured
- orchestrator-prompt: existing test covers repo:undefined → "not configured"
- prompt-builder: existing test covers BASE_AGENT_PROMPT_NO_REPO selection

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 12:06:09 +05:30
Adil Shaikh d9ff7315d4
Merge pull request #1132 from ComposioHQ/feat/issue-1035
fix(core): skip liveness check on spawning sessions to prevent race condition
2026-04-15 03:39:08 +05:30
adil 9db0945b0e fix: address follow-up review comments from @illegalcall
1. Fix ao start <path> regression: when target path differs from cwd,
   run autoCreateConfig on the target (which is a git repo) instead of
   cwd (which may not be). Removes the double-create pattern that added
   a second project entry.

2. Gate remaining PR/CI sections in orchestrator-prompt: PR Takeover,
   PR Review Flow, Bulk Issue Processing, and Monitoring Progress
   details are now wrapped in project.repo checks so repo-less projects
   don't get contradictory instructions.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 03:38:38 +05:30
adil a7b0c8567a fix(core): guard lifecycle-manager poll path against spawning race condition
Address review feedback from @illegalcall:

1. Fix canProbeRuntimeIdentity in determineStatus() — the previous
   guard (hasPersistedRuntimeIdentity || status !== spawning) was
   ineffective because spawn writes runtimeHandle to metadata before
   leaving "spawning" status. Simplified to just check status !== spawning.

2. Guard getActivityState exited→killed transition — agent plugins
   return "exited" before the process starts, so spawning sessions
   were being marked killed via the agent activity path too.

3. Add lifecycle-manager tests covering both paths: runtime.isAlive
   false with persisted handle, and agent reporting "exited" activity
   during spawning.

Refs #1035

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 03:09:44 +05:30
adil c8af50fac2 fix: address all 9 review comments from @illegalcall
1. prompt-builder: gate PR/CI instructions on project.repo — use
   trimmed BASE_AGENT_PROMPT_NO_REPO when no remote configured
2. orchestrator-prompt: gate Quick Start and Available Commands
   sections on project.repo — omit issue/PR commands when absent
3. types.ts: add changeset (minor for ao-core) with migration note
4. config.ts: consistent includes("/") guard for tracker inference
5. start.ts: fail fast with clear error when run in non-git directory
6. start.ts: stricter repo validation regex (requires non-empty
   segments on both sides of slash)
7. start.ts: addProjectToConfig now prompts for repo like
   autoCreateConfig does, with matching warning message
8. scm-webhooks.ts: pre-filter projects without repo in
   findWebhookProjects to skip unnecessary SCM plugin lookups
9. lifecycle-manager.ts: fix GitLab subgroup split — use lastIndexOf
   to correctly handle group/subgroup/repo paths

Closes #1154

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 03:04:12 +05:30
Dhruv Sharma 9691e6e6c5
Merge pull request #1215 from illegalcall/fix/codex-session-tracking-1099
Fix Codex session activity parsing for payload JSONL
2026-04-15 01:50:22 +05:30
adil 9ae7c00cef test: add coverage for optional repo and ignore interactive prompt lines
- Add test for orchestrator-prompt with repo: undefined (verifies
  "not configured" fallback instead of showing literal "undefined")
- Add c8 ignore for interactive prompt code in autoCreateConfig and
  promptText (same pattern as existing promptConfirm/promptSelect)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 22:13:03 +05:30
adil 7de9a981fe fix(core): guard tracker inference for projects without repo
Skip inferring tracker plugin when project.repo is undefined, matching
the existing SCM inference guard. Without this, tracker operations would
throw via requireRepo() for projects with no remote configured.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 22:13:01 +05:30
adil 17ea240f68 fix(cli): stop writing broken yaml when `ao start` runs in a new folder
- Make `repo` field optional in ProjectConfig and Zod schema so projects
  without a detected GitHub remote can still load and run
- Remove placeholder `repo: "owner/repo"` from autoCreateConfig() and
  addProjectToConfig() — omit the field entirely when no remote is found
- Always use actual workingDir for `path` instead of unreliable `~/<projectId>`
  fallback for non-git directories
- Add null guards for `project.repo` across SCM plugins, tracker plugins,
  lifecycle manager, webhooks, and prompt builders to prevent crashes when
  repo is not configured

Closes #1154

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 22:13:01 +05:30
Dhruv Sharma ad10dbf7aa
Merge pull request #1119 from harshitsinghbhandari/feat/1072
feat(power): prevent macOS idle sleep while AO is running
2026-04-14 17:26:58 +05:30
yyovil 02d2c756c1 fix: align prompt asset test/build tooling 2026-04-14 00:20:11 +05:30
yyovil aede05e55f build(core): load rollup ts config in ci 2026-04-13 21:23:55 +05:30
yyovil 72340af73f build(core): use ts rollup config
Entire-Checkpoint: a4d62ba98cfd
2026-04-13 20:57:08 +05:30
Dhruv Sharma ab1e4fb069
Merge pull request #1180 from yyovil/add/type-resolution
Add node type resolution for non-web packages
2026-04-13 19:56:36 +05:30
Dhruv Sharma df9f3c8b5d fix(codex): classify activity by payload.type for wrapped event_msg
Real Codex sessions emit records like
`{"type":"event_msg","payload":{"type":"error",...}}` and
`{"type":"event_msg","payload":{"type":"approval_request",...}}`.
readLastJsonlEntry only exposed the top-level `type`, so the codex
plugin's activity switch matched `event_msg` and decayed to ready/idle,
never surfacing `blocked` or `waiting_input`. The approval_request/error
branches were dead code for payload-wrapped sessions, which is the exact
format this PR series is migrating to.

- readLastJsonlEntry now returns payloadType alongside lastType.
- Codex getActivityState prefers payloadType when present and classifies
  task_started/agent_reasoning as active, task_complete as ready, and
  the approval/error variants as waiting_input/blocked.
- New tests cover the payload-wrapped approval_request, exec_approval_request,
  error, task_started, and task_complete cases end-to-end.
- Core utils gains coverage for payloadType extraction and null fallbacks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-13 18:53:50 +05:30
yyovil 9bed49d453 fix: scope node types to node packages 2026-04-13 18:25:21 +05:30
yyovil dc8b9d6211 build(core): bundle prompt templates with rollup 2026-04-13 14:55:01 +05:30
yyovil c977be1be5 fix(core): harden prompt template validation
Entire-Checkpoint: 5049cee2a3a0
2026-04-13 14:20:16 +05:30