Commit Graph

766 Commits

Author SHA1 Message Date
Dhruv Sharma df9f3c8b5d fix(codex): classify activity by payload.type for wrapped event_msg
Real Codex sessions emit records like
`{"type":"event_msg","payload":{"type":"error",...}}` and
`{"type":"event_msg","payload":{"type":"approval_request",...}}`.
readLastJsonlEntry only exposed the top-level `type`, so the codex
plugin's activity switch matched `event_msg` and decayed to ready/idle,
never surfacing `blocked` or `waiting_input`. The approval_request/error
branches were dead code for payload-wrapped sessions, which is the exact
format this PR series is migrating to.

- readLastJsonlEntry now returns payloadType alongside lastType.
- Codex getActivityState prefers payloadType when present and classifies
  task_started/agent_reasoning as active, task_complete as ready, and
  the approval/error variants as waiting_input/blocked.
- New tests cover the payload-wrapped approval_request, exec_approval_request,
  error, task_started, and task_complete cases end-to-end.
- Core utils gains coverage for payloadType extraction and null fallbacks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-13 18:53:50 +05:30
Dhruv Sharma 4ab844e47f Fix Codex session activity parsing 2026-04-13 16:45:57 +05:30
i-trytoohard 4950b431db
fix(web): make PR title clickable on /prs page (#1146)
* fix(web): make PR title clickable on /prs page

* chore: upload screenshot for #1145
2026-04-12 08:43:53 +05:30
yyovil d73ec8edfd fix(cli): update stale ao-core imports (#1143) 2026-04-12 03:56:37 +05:30
yyovil c48b078a7b
Merge pull request #982 from yyovil/fix/cli-config-not-found-error-981
fix(cli): catch ConfigNotFoundError for clean error output
2026-04-12 00:42:15 +05:30
Dhruv Sharma 663c61e16d fix: merge main and address review findings for prompt-driven spawn
- Merge main to pick up @composio/ao-core → @aoagents/ao-core rename
  and decomposer removal (#1104)
- Fix @composio/ao-core import in prompt-spawn.test.ts → @aoagents/ao-core
- Remove unreachable dead code in CLI spawn (empty-string guard after || undefined)
- Update format.ts JSDoc to document 8-item fallback chain including userPrompt
- Add clarifying comment on validation/sanitization separation in spawn route
- Integrate userPrompt display into redesigned SessionCard footer

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 21:44:57 +05:30
Atul Pandey 31fc9ef274
Merge pull request #1112 from ComposioHQ/fix/activity-state-terminal-status-1081
fix(core): derive activity from runtime probe, not terminal status
2026-04-11 20:39:26 +05:30
Ashish Huddar af2af115bd
style(design): design review fixes + fresh Warm Terminal design system (#927)
* style(design): FINDING-001 — add prefers-reduced-motion support

All animations and transitions are disabled when the user's system
requests reduced motion, per DESIGN.md accessibility requirements.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-003 — remove concurrent breathe animations

Status pills had two animations: a breathe animation on the pill
and a dot-pulse on the child dot. DESIGN.md says "one animation per
element, one purpose" and "keep dot pulse, remove border heartbeat."

Removed all three breathe keyframes, kept dot-pulse only.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-004 — fix dashboard title weight and tracking

DESIGN.md specifies display headings at weight 680 and letter-spacing
-0.035em. The dashboard title was using 600 / -0.05em.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-005 — fix detail-card text to blue-tinted graphite

Detail cards overrode text-secondary and text-tertiary with neutral
grays (#9898a0, #5c5c66). DESIGN.md specifies blue-tinted graphite
palette (#a5afc4, #6f7c94) for dark mode text.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-008 — add text-wrap: balance on headings

Dashboard title and kanban column titles now use text-wrap: balance
for more even line breaks on narrow viewports.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-006/009 — fix section label semantics and spacing

Changed "Attention Board" from <h2> to <div role="heading"> since it's
styled as a 12px uppercase label, not a heading. Also fixed letter-spacing
from 0.16em to 0.06em per DESIGN.md UI/Labels spec.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* style(design): FINDING-007 — contextual empty state messages

Empty kanban columns now show context-specific messages instead of
generic "No sessions" text. Each column's empty state reflects its
purpose: "No agents need your input" (Respond), "No code waiting
for review" (Review), etc.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs(design): fresh design system — Warm Terminal

Complete redesign from Industrial Precision (blue-tinted) to Warm Terminal
(brown-tinted). Key changes:

- Warm charcoal surfaces (#121110, #1a1918, #222120) replace blue-gray
- Cream text (#f0ece8) replaces blue-white (#eef3ff)
- Warm periwinkle accent (#8b9cf7) replaces cool blue (#5B7EF8)
- Berkeley Mono for display headlines (mono cohesion)
- Added: Accessibility section (44px touch targets, WCAG AA, focus-visible)
- Added: Component anatomy (button states, card structure, input fields)
- Added: Light mode design rationale (warm parchment, not clinical white)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs(design): swap Berkeley Mono for JetBrains Mono (free)

Berkeley Mono is a paid font ($75). JetBrains Mono is free, open source,
already loaded in the project, and the mono-for-headlines concept works
the same way with it.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs(design): fix light mode contrast failures

Light mode text-tertiary #a8a29e failed WCAG AA at 2.5:1 on white.
Darkened to #736e6b (5.0:1). Light mode accent #6b73c4 was borderline
at 4.3:1, darkened to #5c64b5 (5.3:1). All pairs now pass AA.

Added verified contrast ratios for both modes to accessibility section.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* chore: gitignore .gstack/ directory

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs(design): add design audit report and screenshots

Design review audit report with before/after screenshots for all
dashboard pages (kanban, session detail, PRs) across desktop, tablet,
and mobile viewports in both light and dark mode.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(design): address PR review comments

- Fix mobile test expecting removed "No sessions" text. The merge zone
  emptyMessage is now "Nothing cleared to land yet." (Bugbot comment #1)
- Remove no-op .dark .detail-card override that duplicated global dark
  values after FINDING-005 fix aligned them (Bugbot comment #2)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: gitignore .gstack-report/ and remove from tracking

The .gstack-report/ directory contains local audit artifacts with
filesystem paths. Should not be tracked in the repository.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(design): align dashboard title CSS to new DESIGN.md spec

Dashboard title was using old Geist Sans values (weight 680, -0.035em).
New spec is JetBrains Mono, weight 500, letter-spacing -0.02em.
Added font-family: var(--font-mono) to match.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: use native h2 element for Attention Board section heading

Replace ARIA role="heading" div with semantic h2 per ARIA first rule — native elements are preferred over ARIA roles for actual headings.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: pre-landing review fixes — a11y, dead code, test coverage

- Add aria-controls + id to accordion button/body pair in AttentionZone
- Wrap empty-state messages in aria-live="polite" regions for AT announcements
- Remove dead message prop and isDefault from EmptyState (Skeleton.tsx)
- Add parameterized test covering all 6 zone-specific empty messages

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: revert aria-live on empty states — causes false AT announcements

Codex review identified that role="status" aria-live on static empty-state
text causes burst announcements on page load (all empty columns fire) and
announces in collapsed mobile sections that aren't visible. Empty states are
static text, not dynamic transitions. The aria-controls fix is kept.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: bump version and changelog (v0.0.1.0)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* chore: remove .gstack-report/ from .gitignore

* chore: remove VERSION and CHANGELOG (not used in this project)

* style(design): warm terminal color migration + inline style removal

Migrate all CSS tokens from cool blue-tinted graphite to warm
brown-tinted terminal aesthetic per DESIGN.md spec. Replace inline
style color mappings in ActivityDot, AttentionZone, Dashboard,
ProjectSidebar, and SessionCard with data-attribute CSS selectors.
Fix duplicate className bug on SessionCard done-title element.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: pre-landing review fixes — activity dot fallback + review stat color

Add base CSS fallback for activity-dot, activity-pill, and
activity-pill__text so null/unknown activity states render visibly
(gray) instead of invisible. Fix review stat card to use accent-orange
(matching kanban/sidebar/mobile review indicators) instead of cyan.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: checkpoint current design branch state

* design changes

* feat(web): redesign session detail page — compact PR card, identity strip, layout reorder

- Redesign SessionTopStrip with simplified breadcrumbs, action buttons (Message/Kill)
- Replace stacked PR card with compact inline layout: title row + blocker/CI chips + collapsible comments
- Move PR card above terminal for better information hierarchy
- Replace vertical IssuesList with inline buildBlockerChips helper
- Add ~200 lines of new CSS classes for compact PR card design system
- Add changedFiles field to DashboardPR type

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* feat(web): design system tokens, sidebar redesign, and component primitives

- Align all color tokens (status, bg, border, text) across three HTML mockups
- Rewrite ProjectSidebar to match finalized.html: rotation chevron, session status text, border-bottom project separators, 224px width
- Add packages/web/DESIGN.md: agent-readable reference for tokens, typography, component patterns, anti-patterns
- Add Badge.tsx: generic badge/chip/pill primitive with status/outline/default variants
- Add Button.tsx: ghost/primary/danger button primitive
- Update CLAUDE.md to reference DESIGN.md as required pre-read for web UI work

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* style(design): FINDING-001 — card border-radius 0 → 6px to match mockup

* style(design): FINDING-002 — column border-radius 0 → 7px, border subtle to match mockup

* style(design): FINDING-003 — column header mono font, 500 weight, muted color to match mockup

* style(design): FINDING-004/005/006 — fix accent-blue/yellow/purple tokens to match mockup

* style(design): FINDING-007 — add --color-bg-card token (light #fff, dark #1c1b19)

* Refine dashboard design system and remove fixture flow

* Fix respond status colors in dashboard indicators

* Align tests with updated dashboard and metadata behavior

* fix(core): register notifier aliases consistently

* chore(web): drop uncovered showcase routes

* Add desktop PullRequestsPage coverage tests

* Remove generated coverage artifact

* Consolidate web design guidance into the root design system

* Fix working and ready status color tokens

* Fix sidebar collapse and inline kill confirmation

* fix(qa): ISSUE-001 - show all mobile filter chips

* Restore full title contrast in session cards

* Fix review feedback in dashboard state styling

* style: implement mobile responsive designs (feed, terminal-first, dense PRs)

Dashboard: replace accordion with urgency-sorted priority feed, horizontal scroll filter pills.
Session Detail: terminal-first layout with floating header, status pill, PR bottom sheet.
PRs: dense rows with CI dots, grouped sections, muted merged/closed rows.
Update tests to match new mobile layouts.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Fix mobile terminal padding with PR sheet layout

* Polish mobile feed and session detail styling

* Align mobile dashboard layouts with gstack designs

* Fix mobile terminal actions and PR review labels

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 16:30:03 +05:30
Dhruv Sharma 2ebe111af0
Merge pull request #1086 from ComposioHQ/fix/node-pty-postinstall-rebuild
fix(ao): rebuild node-pty when prebuilt binary is incompatible
2026-04-11 15:03:40 +05:30
Dhruv Sharma 94b83c41e0 fix(ao): add process.exit(0) after pty.kill() to prevent hang in compatibility probe
node-pty leaves libuv handles alive after kill() (PTY master fd, internal
Socket, timers). Without process.exit(0) the probe process idles until the
10s execSync timeout fires, causing a spurious node-gyp rebuild on every
install even when the prebuilt binary is perfectly compatible.
2026-04-11 14:54:57 +05:30
Dhruv Sharma d908500791
Merge pull request #882 from DNX/feat/linear-spawn-branch-name
Honor Linear branchName as single source of truth for spawn worktree branches
2026-04-11 14:45:57 +05:30
Dhruv Sharma 628ada0891 fix(ao): exercise pty.spawn() in postinstall probe, not just require()
The require('node-pty') check only verifies the module loads, but the
actual posix_spawnp failure only surfaces when the helper binary is
executed via pty.spawn(). This means the probe could pass while the
terminal remains broken — exactly the scenario issue #987 describes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 14:45:50 +05:30
Dhruv Sharma e90cc48d6c fix(ao): rebuild node-pty from source when prebuilt binary is incompatible (#987)
The postinstall script only fixed spawn-helper permissions but didn't handle
ABI mismatches when the prebuilt binary doesn't match the user's Node.js
version (common with nvm/fnm/volta). Now tries to load node-pty after the
chmod fix and falls back to npx node-gyp rebuild if it fails.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 14:45:50 +05:30
adil 0f4e2bcc3c feat(cli): hide orchestrator sessions from `ao session ls` by default (#1088)
Orchestrator sessions are control-plane sessions that clutter the ls
output alongside worker sessions. Filter them out using the existing
`isOrchestratorSessionName()` helper. Add `--all` / `-a` flag to
include them when needed.

Closes #1088

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 12:25:14 +05:30
Dhruv Sharma ba899f9c30
Merge pull request #1104 from ComposioHQ/feat/issue-1045
refactor: remove ao spawn --decompose feature
2026-04-11 10:22:22 +05:30
Dhruv Sharma e18f9bee33 fix(tests): fix prompt-spawn integration test import and type annotations
The test file imported from @composio/ao-core but main renamed packages
to @aoagents/ao-core. Also added Session type annotations to all find()
callbacks to satisfy strict typecheck.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 22:03:04 +05:30
Dhruv Sharma b7464e5657 fix(spawn): persist userPrompt to metadata and prevent injection
writeMetadata() used a hard-coded field whitelist that silently dropped
userPrompt. The in-memory Session.metadata also never included it, so
the spawn response always returned null. Additionally, prompts containing
newlines could inject arbitrary key=value pairs into the flat-file
metadata format.

Fixes:
- Add userPrompt to writeMetadata() whitelist and readMetadata() return
- Populate session.metadata with userPrompt during spawn
- Strip newlines from prompts in both web API and CLI (defense-in-depth)
- Harden serializeMetadata() to replace newlines in all values
- Add prompt length validation (4096 max) in CLI to match web API

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 18:54:48 +05:30
prod-blip b88b664dbb fix(core): derive activity from runtime probe, not terminal status (#1081)
Previously, sessions with terminal statuses (merged, done, killed, etc.)
had their activity unconditionally set to "exited" without checking if
the agent process was actually still running. This caused the dashboard
to show incorrect activity state for sessions where the PR was merged
but the agent was still alive in tmux.

Now the runtime liveness check runs first for all sessions, and activity
is derived from the actual process state via getActivityState(). Terminal
status no longer forces activity to "exited".

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-10 16:20:26 +05:30
Dhruv Sharma ff9bb76e63
Merge pull request #1076 from harshitsinghbhandari/feat/cursor-agent-support
feat: add Cursor agent CLI support (#1060)
2026-04-10 15:29:55 +05:30
Harsh Batheja 1a476a415c test(core): fix stale @composio scope refs in plugin-registry tests
Two notifier alias tests in plugin-registry.test.ts still referenced
@composio/ao-plugin-notifier-slack after the @composio→@aoagents
rename in #983. The mock fallback hit the throw branch, the slack
plugin never got registered, and the assertions failed with
"undefined" / "called 0 times". CI on main has been red on these
two tests since #967 merged.

Other tests in the same file (webhook line 231, openclaw line 333)
already use @aoagents — these two were missed.
2026-04-10 13:09:30 +05:30
Harsh Batheja 3fb2ddf06d refactor: remove --decompose feature entirely
The --decompose flag and supporting decomposer module had two
unfixable bugs (#1045): it crashed when ANTHROPIC_API_KEY was unset,
and it created multiple branches/PRs per issue, fragmenting history
and complicating review/merge. Removing the feature instead of
patching either bug.

- Delete packages/core/src/decomposer.ts and all re-exports
- Drop @anthropic-ai/sdk dependency from @composio/ao-core
- Remove --decompose / --max-depth options from ao spawn
- Remove decomposer field from ProjectConfig (zod default-strip
  silently ignores existing decomposer: blocks in user yaml)
- Remove lineage / siblings from SessionSpawnConfig and the
  prompt-builder Layer 4 block (only used by decomposer)
- Gut the matching backlog reactor branch in web/services.ts
  so the polling path no longer hits the same bugs
- Remove decompose parameter from openclaw-plugin ao_spawn tool
- Drop decomposer mocks from web services.test.ts
2026-04-10 13:02:52 +05:30
harshitsinghbhandari 8f43006472 fix(agent-cursor): use printf %s pattern to prevent shell injection
Fix shell injection vulnerability when combining systemPromptFile with
prompt. The prompt could contain shell metacharacters ($(), backticks)
that would be executed inside the double-quoted string.

Now uses the exact same pattern as OpenCode:
  "$(cat 'file'; printf '\n\n'; printf %s 'prompt')"

The shellEscape wraps prompt in single quotes (no shell expansion),
and printf %s outputs it literally without interpretation.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 12:34:07 +05:30
harshitsinghbhandari 843ae2b897 fix(agent-cursor): use shell substitution for systemPromptFile
Use $(cat file) shell substitution instead of inlining file content
to avoid tmux truncation for large system prompt files (2000+ chars).
This matches the pattern used by Claude Code, Aider, and OpenCode.

- Replace readFileSync with $(cat) in getLaunchCommand
- Remove unused readFileSync import
- Update tests to verify shell substitution behavior

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 12:23:47 +05:30
harshitsinghbhandari e47b03807c fix(agent-cursor): address Cursor Bugbot security findings
1. Add symlink check for .cursor directory in extractCursorSummary
   to match getCursorSessionMtime behavior (prevents path traversal)

2. Add vitest alias for @aoagents/ao-plugin-agent-cursor in CLI tests
   (fixes missing module resolution in tests)

3. Add lstatSync check before readFileSync in getLaunchCommand
   to reject symlinked systemPromptFile paths (security hardening)

4. Add test coverage for symlink rejection behavior

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 12:16:37 +05:30
harshitsinghbhandari f154f87add fix: merge upstream main and resolve conflicts for cursor agent
- Resolve @composio → @aoagents package renaming conflicts
- Add cursor agent to BUILTIN_PLUGINS in plugin-registry.ts
- Add cursor agent to AGENT_PLUGINS in detect-agent.ts
- Add cursor agent import and registration in plugins.ts
- Add cursor agent dependency and import in web services.ts
- Update cursor plugin package naming to @aoagents/ao-plugin-agent-cursor
- Add cursor agent to changeset linked group
- Fix test imports to use new @aoagents package naming

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 11:48:27 +05:30
harshitsinghbhandari 63faae784c fix(agent-cursor): address 7 critical PR review findings
Fixes all issues identified in PR review from illegalcall:

1. 🔴 detect() false positives - Now checks for multiple Cursor-specific
   markers: "Cursor Agent" text OR (--approve-mcps AND --sandbox flags).
   Provides redundancy if Cursor changes one indicator.

2. 🔴 systemPromptFile/systemPrompt ignored - Properly reads file content
   synchronously using readFileSync and prepends to prompt. Clean approach
   without shell command substitution. Gracefully handles missing files.

3. 🟡 Process regex too generic - Fixed regex from /\\.?/ to /\.?/ for
   optional dot prefix. Now correctly matches "agent" or ".agent" binaries.

4. 🟡 Idle check before waiting_input - Reordered detectActivity checks so
   waiting_input patterns (permission prompts) are tested BEFORE idle prompt
   detection. Fixes false negatives when prompts end with input cursor.

5. 🟡 Symlink/path traversal protection - Added lstat() checks in
   extractCursorSummary and getCursorSessionMtime to reject symlinks and
   verify paths stay under workspacePath.

6. 🟡 hasRecentCommits false actives - Added comment acknowledging the
   limitation (same pattern as Aider plugin). Better than missing activity.

7. 🟡 Missing test coverage - Added 11 new tests:
   - 6 tests for detect() covering text match, flag fallback, edge cases
   - 5 tests for systemPromptFile/systemPrompt handling including errors
   Total: 62/62 tests passing

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-10 11:02:33 +05:30
ChiragArora31 99da8b3c1c test(core): update notifier stubs for aoagents packages 2026-04-10 06:59:43 +05:30
ChiragArora31 98c5e1518c Merge upstream/main into feat/session-ls-json 2026-04-10 06:43:25 +05:30
Dhruv Sharma c9c41ad6dc
Merge pull request #967 from ChiragArora31/fix/notifier-alias-lifecycle-routing
fix(core): resolve notifier aliases in lifecycle routing
2026-04-10 03:02:36 +05:30
ChiragArora31 ea3da99c51 Merge upstream/main into feat/session-ls-json 2026-04-09 22:24:37 +05:30
harshitsinghbhandari d97177bced fix(cursor): address PR review comments from Copilot AI and Cursor bot
Activity Detection (2 related issues):
- Fix getCursorSessionMtime to stat .cursor/chat.md file instead of directory
- Directory mtime only updates on entry changes, not file modifications
- Now checks chat.md file first (tracks actual writes), falls back to directory
- Prevents directory mtime from blocking JSONL fallback in getActivityState
- Allows tier 4 (getActivityFallbackState) to run when needed

Prompt Safety:
- Add -- separator before positional prompt argument in getLaunchCommand
- Prevents prompts starting with - from being misinterpreted as flags
- Matches pattern used in Codex agent plugin
- Update test expectations to include -- separator

Process Detection:
- Update comment to accurately describe "agent" binary matching
- Removed misleading reference to "cursor and .cursor" process names

Plugin Detection:
- Improve detect() to check --version output for Cursor-specific text
- Reduces false positive risk from generic "agent" command name
- Validates output contains "cursor" or "agent" keywords

All tests passing (51/51).

Fixes issues identified in PR #637 review.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 22:17:13 +05:30
ChiragArora31 f9edbee5d2 fix(cli): classify metadata orchestrators in session ls json 2026-04-09 22:16:49 +05:30
ChiragArora31 8ea1c38532 Merge upstream/main into fix/notifier-alias-lifecycle-routing 2026-04-09 21:55:05 +05:30
harshitsinghbhandari e210feb850 fix(agent-cursor): use --sandbox disabled instead of --trust to skip workspace prompts
The --trust flag only works in headless mode (with --print), so it doesn't
prevent the workspace trust prompt in interactive mode. Changed to --sandbox
disabled which skips workspace trust prompts entirely.

This fixes the issue where Cursor agent would block on startup waiting for
user to approve the workspace trust prompt.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 21:46:22 +05:30
AO Bot 8cfa5b079b fix: add terminal health metrics to /health endpoint 2026-04-09 16:13:44 +00:00
Prateek 27712442f8 fix: restore GitHub repo URLs to ComposioHQ/agent-orchestrator — only npm scope changed 2026-04-09 16:00:32 +00:00
Prateek 2c862f3f29 fix: restore @composio/core references — third-party SDK, not our scope 2026-04-09 16:00:31 +00:00
Prateek 4f2616674f fix: address bugbot comments — missed renames in preflight, tests, and shell scripts 2026-04-09 16:00:31 +00:00
Prateek 550bdf589c fix: rename @composio refs in tsx files and regenerate lockfile 2026-04-09 15:59:33 +00:00
Prateek 967e864f5a chore: rename @composio scope to @aoagents across all packages
Renames all npm package scopes from @composio/* to @aoagents/* and
updates GitHub repo references from ComposioHQ/agent-orchestrator
to aoagents/ao throughout the codebase.

- All package.json names and dependencies
- README badges, links, and install instructions
- Documentation references
- Changeset config
- Source code imports and test files
2026-04-09 15:59:33 +00:00
harshitsinghbhandari f8e535f605 fix(cursor): correct binary name from 'cursor' to 'agent'
CRITICAL: The Cursor CLI binary is actually called 'agent', not 'cursor'.
This was a fundamental assumption error that made the plugin completely non-functional.

## Changes

### Binary and Process Names
- **manifest.description**: "Cursor CLI" → "Cursor Agent CLI"
- **processName**: "cursor" → "agent" (line 119)
- **detect()**: Check for "agent" binary instead of "cursor" (line 335)
- **isProcessRunning**: Look for "agent" process, not "cursor" (line 263)
  - Updated regex to `/(?:^|\/)\bagent\b(?:\s|$)/` with word boundaries
  - Prevents false matches on "agent-orchestrator" etc.

### Command Generation
- **Base command**: "cursor" → "agent" (line 122)
- **Permission flags**: Changed from assumed --auto-approve to actual Cursor flags:
  - --force (Run Everything / YOLO mode)
  - --trust (trust workspace without prompting)
  - --approve-mcps (auto-approve MCP servers)
- **Prompt handling**: Prompt is passed as positional argument, not --prompt flag
- **Removed**: --system flag support (Cursor agent doesn't have this)

### Activity Detection
- Updated prompt patterns: "cursor>" → "agent>", "[cursor]" → "[agent]"
- All terminal output detection patterns updated

### Test Updates (51/51 passing)
- processName expectation: "cursor" → "agent"
- Command assertions: "cursor" → "agent", --auto-approve → --force
- Combined options test: updated to reflect actual flag names
- Process detection tests: "cursor" → "agent", ".cursor" → "/path/to/agent"
- Activity detection tests: all "cursor" references → "agent"
- Manifest description test: updated to match new description

## Verification

**Before (broken):**
```bash
$ detectAvailableAgents()
Available agents: claude-code, aider, codex, opencode  #  cursor missing
```

**After (working):**
```bash
$ detectAvailableAgents()
Available agents: claude-code, aider, codex, cursor, opencode  #  cursor detected

$ agent.getLaunchCommand({permissions: 'permissionless', model: 'claude-sonnet-4', prompt: 'Fix bug'})
"agent --force --trust --approve-mcps --model 'claude-sonnet-4' 'Fix bug'"  #  correct

$ agent.processName
"agent"  #  correct
```

## Impact

This fix makes the plugin actually functional. The previous implementation would:
-  Never detect Cursor CLI (detect() checked wrong binary)
-  Never find running processes (isProcessRunning looked for wrong name)
-  Generate invalid commands (wrong binary name and flags)

Now it:
-  Detects Cursor CLI when `agent` binary is installed
-  Correctly identifies running agent processes
-  Generates valid commands with correct flags

## Testing
-  51/51 tests passing
-  TypeScript typecheck clean
-  Agent detection working (verified with actual agent binary)
-  Command generation produces valid agent commands

Addresses: ComposioHQ/agent-orchestrator#1076

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 21:11:07 +05:30
ChiragArora31 49df74172b fix(core): preserve alias-specific notifier instances 2026-04-09 19:47:26 +05:30
harshitsinghbhandari f3224e9193 fix(cursor): correct getRestoreCommand signature and update documentation
Address critical PR review findings from #1076.

## Changes

### Critical Fix
- **cursor/index.ts:308**: Add required parameters to getRestoreCommand signature
  - Was: `async getRestoreCommand(): Promise<string | null>`
  - Now: `async getRestoreCommand(_session: Session, _project: ProjectConfig): Promise<string | null>`
  - Fixes interface contract violation that would cause silent runtime failures
  - Parameters prefixed with _ since method always returns null (Cursor doesn't support resume)

### Documentation Improvements
- **cursor/index.ts:125-127**: Add comment explaining --auto-approve flag
  - Clarifies that --auto-approve is equivalent to Aider's --yes flag
  - Maps to same permission semantics across agents
- **cli/config-instruction.ts:24,144**: Add cursor to available agents list
  - Update defaults example to include cursor
  - Update "Available plugins" reference to include cursor

### Type Imports
- **cursor/index.ts:19**: Import ProjectConfig type for getRestoreCommand signature

## Testing
-  cursor plugin tests: 51/51 passing
-  cursor plugin typecheck: clean
-  No regressions introduced

## Why These Changes Are Needed

**Before:**
- getRestoreCommand signature mismatch would cause silent failures when core system calls it with parameters
- Config documentation didn't mention cursor as available agent option
- No explanation why --auto-approve differs from Aider's --yes naming

**After:**
- Interface contract properly satisfied
- Documentation complete and helpful
- Clear code comments explaining design decisions

Addresses: ComposioHQ/agent-orchestrator#1076

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 19:29:26 +05:30
harshitsinghbhandari 04f3a7c27f fix(cursor): register plugin in all discovery/resolution layers
Address PR review feedback from #1076 to make Cursor agent fully functional.

## Changes

### Plugin Registration (High Severity Fixes)
- **core/plugin-registry.ts**: Add cursor to BUILTIN_PLUGINS array for config-based resolution
- **cli/plugins.ts**: Import and register cursor in agentPlugins map for getAgent/getAgentByName
- **cli/detect-agent.ts**: Add cursor to AGENT_PLUGINS array for detectAvailableAgents()
- **web/services.ts**: Import and register cursor plugin for dashboard SessionManager/LifecycleManager
- **web/package.json**: Add @composio/ao-plugin-agent-cursor dependency

### Activity Detection Fix (Medium Severity)
- **cursor/index.ts**: Remove overly broad blocked detection patterns (error:/failed:)
  - Compiler errors, test failures, and linter output are normal tool output
  - Terminal-based detection can't distinguish between actionable agent errors and normal output
  - Follow Aider/OpenCode pattern: only Claude Code detects blocked (has native JSONL)
  - Added comment explaining why blocked detection is removed
- **cursor/index.test.ts**: Remove blocked detection test cases

## Why These Changes Are Needed

Before these fixes:
- `defaults.agent: cursor` in config would throw "Unknown agent plugin: cursor"
- `ao spawn --agent cursor` would fail
- Dashboard couldn't resolve cursor agent (SessionManager/LifecycleManager failures)
- `detectAvailableAgents()` never discovered Cursor
- False "blocked" states when agent encountered normal compiler errors

After these fixes:
- Cursor agent fully discoverable and usable via config and CLI
- Dashboard can spawn and manage Cursor sessions
- Activity detection matches other terminal-based agents (Aider, OpenCode)
- No false positives from normal tool output

## Testing
-  cursor plugin tests: 51/51 passing (reduced from 52 due to removed blocked tests)
-  core typecheck: clean
-  web typecheck: clean
-  CLI can import cursor plugin without errors

Addresses: ComposioHQ/agent-orchestrator#1076

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 19:17:41 +05:30
harshitsinghbhandari 464f771a76 feat: add Cursor agent CLI support (#1060)
Implement a new agent plugin for Cursor CLI following the existing agent plugin pattern.

## Changes
- Create `packages/plugins/agent-cursor/` with full Agent interface implementation
- Add Cursor plugin to CLI dependencies
- Implement all required methods:
  - getLaunchCommand - command to start Cursor CLI with flags
  - getEnvironment - env vars including ~/.ao/bin in PATH
  - detectActivity - terminal output classification for Cursor prompts
  - getActivityState - JSONL/activity-based state detection with fallbacks
  - isProcessRunning - process liveness check (tmux TTY + PID)
  - setupWorkspaceHooks - PATH wrappers for git/gh metadata capture
  - getSessionInfo - extract summary from .cursor directory if available
  - recordActivity - delegate to shared recordTerminalActivity
  - postLaunchSetup - ensure hooks are installed post-launch
  - getRestoreCommand - returns null (Cursor doesn't support session resume)

## Testing
- Comprehensive test suite with 52 passing tests covering:
  - Manifest validation
  - Command generation with permission modes
  - Process detection (tmux + process runtime)
  - Activity detection from terminal output
  - Activity state cascade (JSONL → git commits → session mtime → fallback)
  - All required getActivityState contract states (exited, waiting_input, blocked, active, idle)
  - Session info extraction
  - Environment setup

## Pattern
Follows the Aider agent pattern using:
- PATH wrappers (`~/.ao/bin/gh`, `~/.ao/bin/git`) for metadata capture
- AO Activity JSONL for terminal-derived activity detection
- Age-based decay for active/ready/idle state transitions
- Process name regex matching both `cursor` and `.cursor` (dot-prefixed)

Closes #1060

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-09 18:51:33 +05:30
Dhruv Sharma ea0a01326b fix(types): restore pinnedSummary field alongside new userPrompt
We accidentally replaced pinnedSummary with userPrompt instead of
adding alongside it. Both fields are needed.

Also add blue-green tests demonstrating the before/after delta for
the prompt-driven spawn feature (issue #974):
- packages/web/src/__tests__/prompt-spawn.test.ts (14 tests)
- packages/integration-tests/src/prompt-spawn.integration.test.ts (7 tests)
2026-04-09 18:43:55 +05:30
Dhruv Sharma aa2177698a feat(spawn): support prompt-driven sessions without a tracker issue (#974)
- Add --prompt <text> flag to `ao spawn` CLI
- Accept prompt field in POST /api/spawn web route
- Persist userPrompt to session metadata on spawn
- Add userPrompt to DashboardSession type and serialize.ts mapping
- Show userPrompt in SessionCard footer for prompt-only sessions
- Include userPrompt in SessionDetail headline fallback chain
- Update orchestrator-prompt.ts with prompt-driven spawn examples

Closes #974
2026-04-09 18:43:55 +05:30
Dhruv Sharma c00618048f
Merge pull request #887 from fastestdevalive/feat/single-socket 2026-04-09 18:30:51 +05:30
Dhruv Sharma 5145dcebb6
Merge pull request #1026 from ComposioHQ/ashish921998/pr-card-before-terminal
fix(web): display PR details card above terminal in session detail
2026-04-09 17:03:39 +05:30
adil 6ecaabe3e6 fix(cli): remove 'Next step' hint from ao start output (#947)
Remove the post-startup "Next step: ao spawn <issue-number>" hint
per reviewer feedback — the dashboard already guides users.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 00:05:06 +05:30