Commit Graph

67 Commits

Author SHA1 Message Date
Eyejoker
3dd772c229 Refactor local memory and role-fixed runtime routing 2026-04-04 03:50:28 +09:00
Eyejoker
60f360b5ea fix: preserve handoff roles during failover 2026-04-01 02:54:35 +09:00
Eyejoker
141898f764 refactor: scope runtime log context 2026-03-31 17:23:43 +09:00
Eyejoker
509e4c24a3 refactor: cut over room mode from paired legacy 2026-03-31 14:47:59 +09:00
Eyejoker
1c87616c44 fix: support same-service tribunal runtime 2026-03-31 14:01:31 +09:00
Eyejoker
a81e5aea63 style: format pending paired turn helpers 2026-03-31 05:43:54 +09:00
Eyejoker
43f8341c17 refactor: extract pending paired turn helpers 2026-03-31 05:43:17 +09:00
Eyejoker
3283522be5 feat: enrich finalize prompts and raise round-trip default 2026-03-31 04:40:56 +09:00
Eyejoker
e1b9501e87 feat: add completion_reason to paired_tasks (done/escalated/stopped/arbiter_escalated)
- owner can summon arbiter via BLOCKED/NEEDS_CONTEXT verdict
- completion_reason tracks why task ended: done (success), escalated
  (reviewer gave up), stopped (/stop), arbiter_escalated
2026-03-31 04:10:33 +09:00
Eyejoker
61c9b8c2e9 fix: reviewer auto-trigger now receives owner turn outputs instead of static prompt 2026-03-31 03:55:45 +09:00
Eyejoker
f98dd27712 refactor: MoA uses lightweight API references + SDK arbiter as aggregator
Instead of spawning separate processes or using OpenRouter, MoA now:
- Queries external API models (Kimi, GLM) in parallel for opinions
- Injects opinions into the SDK arbiter's prompt
- The existing subscription-based arbiter aggregates all perspectives

No extra SDK processes, no OpenRouter dependency. Per-model config via
MOA_REF_MODELS + MOA_{NAME}_MODEL/BASE_URL/API_KEY env vars.
2026-03-31 00:26:24 +09:00
Eyejoker
f4b04d6c4d feat: add Mixture of Agents (MoA) for arbiter verdicts
When MOA_ENABLED=true, arbiter queries multiple LLM models in parallel
via OpenAI-compatible API, then an aggregator model synthesizes the
final verdict from all opinions. Falls back to single-agent arbiter
when MoA is disabled.

Config: MOA_BASE_URL, MOA_API_KEY, MOA_REFERENCE_MODELS, MOA_AGGREGATOR_MODEL
2026-03-31 00:20:41 +09:00
Eyejoker
4a5edaceb6 refactor: remove SERVICE_AGENT_TYPE legacy constant
SERVICE_AGENT_TYPE was always 'claude-code' in the unified service,
making it a misleading constant. Each group already has its own
agentType field.

- Removed SERVICE_AGENT_TYPE from config.ts
- Session functions now accept agentType parameter (default: 'claude-code')
- Task scheduler uses task-level agent_type for token rotation decisions
- All fallback defaults changed to 'claude-code' literal
- Logging uses 'unified' instead of the misleading type
2026-03-30 23:10:48 +09:00
Eyejoker
46926f32f3 fix: use role-specific cursor keys in review_ready and arbiter_requested paths
The review_ready and arbiter_requested paths in processGroupMessages
were advancing the default (owner) cursor instead of the role-specific
cursor. This caused the reviewer to miss the owner's messages because
the owner cursor had already moved past them.

Now review_ready advances chatJid:reviewer cursor only, and
arbiter_requested advances chatJid:arbiter cursor only.
2026-03-30 22:50:26 +09:00
Eyejoker
a043f2b79a feat: implement MAGI 3-agent arbiter system for deadlock resolution
Introduces a third agent role (arbiter) that is summoned on-demand
when owner and reviewer reach a deadlock (same verdict 3+ rounds).

Architecture:
- 3 Discord bots: owner (codex), reviewer (claude), arbiter (claude/codex)
- Arbiter is NOT always-on — only invoked when deadlock detected
- Arbiter renders binding verdict: PROCEED/REVISE/RESET/ESCALATE
- Non-escalate verdicts reset round_trip_count and resume ping-pong
- Backward compatible: ARBITER_AGENT_TYPE unset = existing 2-agent mode

Changes across 13 source files + 7 test files:
- types.ts: PairedRoomRole += 'arbiter', new statuses, ArbiterVerdict type
- config.ts: ARBITER_AGENT_TYPE, ARBITER_SERVICE_ID, ARBITER_DEADLOCK_THRESHOLD
- db.ts: schema migration (arbiter columns in channel_owner + paired_tasks)
- service-routing.ts: arbiter_service_id in lease
- room-role-context.ts: arbiter role detection
- paired-execution-context.ts: deadlock->arbiter, verdict handling
- message-runtime.ts: arbiter turn routing, cursor, sender labeling
- message-agent-executor.ts: arbiter mode, failover
- agent-runner.ts + environment.ts: arbiter container mode
- platform-prompts.ts: arbiter prompt loading

New files:
- prompts/arbiter-paired-room.md: arbiter system prompt
- src/arbiter-context.ts: builds conversation context for arbiter judgment
2026-03-30 22:20:42 +09:00
Eyejoker
17e92d4c3d fix: isolate stale finals from next runs 2026-03-30 05:23:29 +09:00
Eyejoker
5221fb8b33 style: fix prettier drift after merge 2026-03-30 03:44:58 +09:00
Eyejoker
e863db61a8 refactor: remove dead output suppression path 2026-03-30 03:22:08 +09:00
Eyejoker
6edf5aebbd refactor: remove explicit paired review command path 2026-03-30 01:43:48 +09:00
Eyejoker
9e0de1297c fix: /clear now resets both owner and reviewer sessions in paired rooms 2026-03-29 19:00:42 +09:00
Eyejoker
a1e5418a2f feat: auto-trigger reviewer after owner completion with round trip limit
- Owner finishes → auto mark review_ready → reviewer executes
- Reviewer finishes → task back to active → owner can respond
- Automatic ping-pong until consensus or round trip limit
- PAIRED_MAX_ROUND_TRIPS env var (default 10, 0 = unlimited)
- round_trip_count tracked per task in DB
2026-03-29 18:57:16 +09:00
Eyejoker
d01f98bd61 feat: unify 3 bot services into single process
- Add UNIFIED_MODE flag (default on, disable with UNIFIED_MODE=0)
- Register all 3 Discord bots in one process (claude, codex, review)
- Load all registered groups regardless of agent_type (codex/owner priority)
- Start credential proxy and container cleanup at unified startup
- shouldServiceProcessChat returns true in unified mode
- Add findChannelByName for role-based response routing
- Backward compatible: UNIFIED_MODE=0 restores per-service behavior
2026-03-29 18:37:17 +09:00
Eyejoker
fc9f2867b9 refactor: simplify paired review system and add reviewer container isolation
Phase 1 — Strip over-engineering (-3,665 lines):
- DB tables: 7 → 3 (remove executions, approvals, artifacts, events)
- Task statuses: 11 → 5 (active, review_ready, in_review, merge_ready, completed)
- Remove plan governance, event sourcing, gate/verdict, freshness guards
- paired-execution-context: 980 → 299 lines
- Session commands: remove /risk, /plan, /approve-plan, /request-plan-changes

Phase 2 — Container isolation for reviewers:
- Add container-runtime.ts (Docker abstraction)
- Add credential-proxy.ts (API key injection without container exposure)
- Add container-runner.ts (reviewer-specific read-only mount + tmpfs)
- Add container/Dockerfile + agent-runner (Chromium, Claude Code, Codex)
- agent-runner.ts: auto-route reviewer execution to container mode
2026-03-29 18:24:56 +09:00
Eyejoker
0e12a560a4 feat: finalize paired tasks on deploy completion 2026-03-29 06:42:03 +09:00
Eyejoker
29310ce67f feat: recover paired executions after restart 2026-03-29 05:06:25 +09:00
Eyejoker
2d8f8151dd style: sync high-risk plan gate formatting 2026-03-29 02:14:44 +09:00
Eyejoker
b536c90716 feat: add high-risk paired plan gate 2026-03-29 02:13:57 +09:00
Eyejoker
c76ed1d10a fix: reconcile governance scaffold follow-up 2026-03-29 01:38:30 +09:00
Eyejoker
dc8dd98e84 feat: scaffold paired governance state 2026-03-29 01:35:57 +09:00
Eyejoker
b97d1a6260 refactor: unify typing policy across services 2026-03-28 06:52:57 +09:00
Eyejoker
de913985ba fix: promote visible progress after silent final 2026-03-28 06:27:36 +09:00
Eyejoker
47dda19ded fix: block malformed structured silent envelope leaks 2026-03-28 06:04:26 +09:00
Eyejoker
fe6314108c feat: add structured silent output contract 2026-03-28 05:56:58 +09:00
Eyejoker
e1fdc47552 style: sync pre-commit formatting fallout 2026-03-28 05:41:16 +09:00
Eyejoker
ba9f6871b6 feat: add codex review failover and suppress output hardening 2026-03-28 05:40:38 +09:00
Eyejoker
60a9fe86ec fix: detect org-access-denied errors, suppress chat output, and rotate Claude tokens
When a Claude account is suspended, the API returns "Your organization does
not have access to Claude" on the success path or "Failed to authenticate.
API Error: 403 terminated" on the error path. Both are now classified as
'org-access-denied', suppressed from Discord output, and trigger automatic
token rotation. If all tokens are exhausted, enters cooldown without Kimi
fallback (same as usage-exhausted and auth-expired).

Changes:
- agent-error-detection: add isClaudeOrgAccessDeniedMessage(), expand
  classifyClaudeAuthError() and shouldRotateClaudeToken()
- streamed-output-evaluator: detect org-access-denied in success-path chain
- provider-fallback: add NO_FALLBACK_COOLDOWN_REASONS set and
  isPrimaryNoFallbackCooldownActive() helper
- provider-retry: handle org-access-denied in rotation loop
- message-agent-executor / task-scheduler: use generalized no-fallback
  cooldown check
- Tests: +8 test cases across 5 test files (415 total passing)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-25 17:24:10 +09:00
Eyejoker
cc7cfbbc5f refactor: centralize visible phase mapping 2026-03-25 12:04:29 +09:00
Eyejoker
991f2bf2fd test: align fallback expectations after merge 2026-03-24 03:56:07 +09:00
Eyejoker
120f16e9e1 fix: Claude token rotation, usage-exhausted fallback, and usage API caching
- Fix token rotation not taking effect: getCurrentToken() was shadowed
  by static .env CLAUDE_CODE_OAUTH_TOKEN value in agent environment
- Don't fall back to Kimi on usage-exhausted (only on transient 429/network)
- Add disk cache for Claude usage API data (survives restarts, 429s)
- Rate-limit usage API calls to 1 per token per 5 minutes
- Add ignoreRateLimits option to rotateToken() for exhausted recovery
- Rotate to next token in getActiveProvider() when current is exhausted
- Add isUsageExhausted() helper to provider-fallback
2026-03-24 03:40:51 +09:00
Eyejoker
a8a1c9b45a fix: throttle progress edits via 5s ticker, prevent Discord rate limit
- Remove per-tool-activity sync calls (was flooding Discord with edits)
- Ticker-only sync at 5s intervals for time + tool activity updates
- Summary updates heading directly when progress message exists
- Prevent duplicate progress message creation with progressCreating flag
2026-03-23 19:13:51 +09:00
Eyejoker
bf1453541f fix: buffer progress to prevent final-like text from showing
Progress updates are now buffered: each new progress flushes the
previous one. The latest pending progress is discarded when final
arrives with matching text, preventing duplicate display in Discord.
2026-03-23 18:23:46 +09:00
Eyejoker
77e79505eb feat: auto-suspend tasks on quota errors, add Claude progress tracking
- Auto-suspend tasks after 3 consecutive quota/auth errors with
  retry-after date parsing and Discord notification
- Add tool_progress and tool_use_summary streaming from Claude Agent SDK
- Prefix progress messages with invisible marker so bots ignore them
- Fix misleading provider label in codex service logs
2026-03-23 17:03:17 +09:00
Eyejoker
d28b6151a8 chore: rebrand runtime and docs to EJClaw 2026-03-23 08:09:15 +09:00
Eyejoker
9def49f7fb fix: isolate watcher task runtimes 2026-03-23 07:16:07 +09:00
Eyejoker
866d4970f3 fix: ignore watcher status control messages 2026-03-23 06:45:04 +09:00
Eyejoker
77a7918063 fix: restore implicit follow-up continuation 2026-03-23 05:46:37 +09:00
Eyejoker
7c6019dea3 refactor: drop idle queue state 2026-03-23 04:57:13 +09:00
Eyejoker
f49d0f1732 fix: restore mentionless paired room bot flow 2026-03-23 04:18:44 +09:00
Eyejoker
be521eb903 fix: require triggers for paired bot messages 2026-03-23 04:15:22 +09:00
Eyejoker
1974f8a6dc refactor: remove active follow-up piping 2026-03-23 04:13:53 +09:00