Commit Graph

130 Commits

Author SHA1 Message Date
ejclaw
aaa9eeb50a Remove paired reviewer container execution path 2026-04-06 07:56:24 +09:00
Eyejoker
b6c8546f25 Dedup reviewer finals only after actual IPC delivery 2026-04-05 08:02:02 +09:00
Eyejoker
ac225f2b1e Add paired delivery diagnostic logging 2026-04-05 00:00:09 +09:00
Eyejoker
7f0fbd5811 Route IPC send_message by paired room role 2026-04-04 23:02:30 +09:00
Eyejoker
3dd772c229 Refactor local memory and role-fixed runtime routing 2026-04-04 03:50:28 +09:00
Eyejoker
2070e0391f refactor: remove register_group legacy surface 2026-03-31 21:59:01 +09:00
Eyejoker
b9538e54bc feat: add room-level assignment write path 2026-03-31 21:21:57 +09:00
Eyejoker
68901e5da9 feat: global failover + dashboard model config section
- Failover is now global (account-level, not per-channel)
- Dashboard shows role model config (Owner/Reviewer/Arbiter + MoA refs)
- Dashboard shows failover status when active
- Auto-clear failover on successful Claude rotation
- Remove per-channel lease writes from failover path
2026-03-31 00:38:29 +09:00
Eyejoker
4a5edaceb6 refactor: remove SERVICE_AGENT_TYPE legacy constant
SERVICE_AGENT_TYPE was always 'claude-code' in the unified service,
making it a misleading constant. Each group already has its own
agentType field.

- Removed SERVICE_AGENT_TYPE from config.ts
- Session functions now accept agentType parameter (default: 'claude-code')
- Task scheduler uses task-level agent_type for token rotation decisions
- All fallback defaults changed to 'claude-code' literal
- Logging uses 'unified' instead of the misleading type
2026-03-30 23:10:48 +09:00
Eyejoker
58ed721d6e feat: auto-recreate reviewer containers on token rotation
When OAuth tokens rotate or refresh, all reviewer containers are
automatically removed. The next reviewer turn recreates them with
the latest token, preventing 401 auth failures.

Uses callback pattern to avoid circular dependencies:
- token-rotation.ts: onTokenRotated(cb)
- token-refresh.ts: onTokenRefreshed(cb)
- index.ts: registers recreateAllReviewerContainers as callback
2026-03-30 21:51:45 +09:00
Eyejoker
ab2680ba11 feat: route cron output via reviewer bot in paired rooms
In paired rooms, cron output was posted by the owner bot. Since the
owner can't respond to its own messages, the cron report just sat
there with no follow-up action.

Now cron output in paired rooms is posted via the reviewer bot. The
owner picks it up as a peer request, analyzes the report, and acts
on it (e.g., fixing Sentry errors). The normal paired review loop
then kicks in to verify the fix.
2026-03-30 01:32:06 +09:00
Eyejoker
382c9f49d4 fix: bind credential proxy to docker0 interface on Linux
Proxy was binding to 127.0.0.1 which is unreachable from Docker
containers. Now uses PROXY_BIND_HOST (detects docker0 IP on Linux)
so containers can reach the proxy via host.docker.internal.
2026-03-29 23:56:46 +09:00
Eyejoker
b965a7e43d feat: add pnpm store mount, pre-flight checks, and idle timeout for reviewer containers
- Detect pnpm projects and mount global store read-only so hardlinks resolve
- npm/yarn/bun need no extra mounts (node_modules is self-contained)
- Pre-flight check: verify Docker running + image exists (cached after first call)
- Add activity-based idle timeout (reset on stdout/stderr like host runner)
- Clean up orphaned containers on shutdown (not just startup)
2026-03-29 22:46:20 +09:00
Eyejoker
d8cb4b691e feat: verdict-based ping-pong control with merge_ready finalization
- DONE → merge_ready → owner final turn (commit/push) → completed
- DONE_WITH_CONCERNS → active → owner addresses → ping-pong continues
- BLOCKED/NEEDS_CONTEXT → completed (escalate to user, stop ping-pong)
- Regular feedback → active → ping-pong continues
- Owner detects merge_ready status and finalizes autonomously
2026-03-29 20:59:08 +09:00
Eyejoker
16d20fe627 feat: paired review system overhaul — unified service, configurable agents, silent output removal
- Remove UNIFIED_MODE legacy: single service manages all 3 Discord bots
- Add OWNER_AGENT_TYPE / REVIEWER_AGENT_TYPE env vars for configurable agent selection
- Fix Discord channel routing: reviewer output goes through correct bot (discord/discord-review)
- Fix channel name assignment: explicit names prevent agentTypeFilter collision
- Remove silent output suppression system: harness-level protections replace prompt workarounds
- Add reviewer approval detection: DONE marker on first line stops ping-pong
- Include user's original message in reviewer prompt for context
- Fix round_trip_count auto-reset on new user message
- Fix session ID conflict: reviewer doesn't reuse owner's session
- Fix pending progress text flush in runner on close sentinel
- Promote buffered intermediate text to final result when result event has no text
- Remove legacy files: .env.codex.example, .env.codex-review.example, migrate-unify.cjs
- Update CLAUDE.md: server-side build deployment, unified architecture docs
2026-03-29 20:50:32 +09:00
Eyejoker
9e0de1297c fix: /clear now resets both owner and reviewer sessions in paired rooms 2026-03-29 19:00:42 +09:00
Eyejoker
d01f98bd61 feat: unify 3 bot services into single process
- Add UNIFIED_MODE flag (default on, disable with UNIFIED_MODE=0)
- Register all 3 Discord bots in one process (claude, codex, review)
- Load all registered groups regardless of agent_type (codex/owner priority)
- Start credential proxy and container cleanup at unified startup
- shouldServiceProcessChat returns true in unified mode
- Add findChannelByName for role-based response routing
- Backward compatible: UNIFIED_MODE=0 restores per-service behavior
2026-03-29 18:37:17 +09:00
Eyejoker
e1fdc47552 style: sync pre-commit formatting fallout 2026-03-28 05:41:16 +09:00
Eyejoker
ba9f6871b6 feat: add codex review failover and suppress output hardening 2026-03-28 05:40:38 +09:00
Eyejoker
f79baf1ff8 fix: avoid Claude token refresh races across services 2026-03-26 10:25:09 +09:00
Eyejoker
c89242b6dd fix: harden stripToolCallLeaks regex for CJK/non-ASCII garbage tokens
The previous regex used \w+ for descriptor tokens between the function
name and JSON body, which only matches ASCII word characters. Model
hallucinations often inject CJK/non-ASCII text (e.g. 彩神争霸) in this
position. Switch to (?:\s+[^\s{}]+)+ to match any whitespace-separated
non-brace tokens regardless of character set.

Also removes stale backward-compat re-exports from index.ts and updates
the test import for composeDashboardContent.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-25 18:06:31 +09:00
Eyejoker
b6d3f879ef refactor: add recovery mode + shared JSON/error/fetch utilities
- GroupQueue recovery mode: limit to 3 concurrent agents for 60s after restart
  to prevent API rate-limit storms (configurable via env vars)
- getErrorMessage: replace 14 occurrences of instanceof Error pattern
- readJsonFile/writeJsonFile: replace 19 occurrences of JSON+fs pattern
- fetchWithTimeout: replace 3 occurrences of AbortController pattern

354/354 tests passing
2026-03-25 07:08:49 +09:00
Eyejoker
f4b02af4dd feat: restore OAuth token auto-refresh with multi-account support
Restores token-refresh.ts that was deleted in 35356dd. Now works
with multi-account token rotation:
- Refreshes tokens from ~/.claude/.credentials.json (account 0)
  and ~/.claude-accounts/{n}/.credentials.json (account 1+)
- Updates token-rotation memory and .env on refresh
- Syncs credentials to session directories
- 5-min check interval, refreshes 30 min before expiry
- forceRefreshToken() export for 401 recovery
2026-03-24 15:35:37 +09:00
Eyejoker
816b0a39cc feat: Codex account rotation + fix rate-limit detection
- New codex-token-rotation module: rotates between multiple
  ~/.codex-accounts/{n}/auth.json on rate-limit
- Copies active account auth to session dir before each spawn
- Fix detectFallbackTrigger to match "usage limit" / "hit your limit"
- Fix streamed error detection: remove claude-only guard so codex
  rate-limit errors are caught even when output.status is "success"
- Add rotation in both task-scheduler and message-agent-executor
2026-03-23 23:06:17 +09:00
Eyejoker
d378598f2e feat: Claude OAuth token rotation on rate-limit
- New token-rotation module: stores multiple tokens from
  CLAUDE_CODE_OAUTH_TOKENS env var (comma-separated)
- On rate-limit, rotates to next healthy token before falling
  back to Kimi provider
- Also fixes: intermediate text routes to progress message
  when no subagents active (prevents message flooding)
2026-03-23 22:01:06 +09:00
Eyejoker
42d721a9ec fix claude turn teardown and start CI watchers immediately 2026-03-23 08:55:48 +09:00
Eyejoker
d28b6151a8 chore: rebrand runtime and docs to EJClaw 2026-03-23 08:09:15 +09:00
Eyejoker
f5eae07657 fix: use resolved ipc dirs for recovery flow 2026-03-23 07:18:47 +09:00
Eyejoker
9def49f7fb fix: isolate watcher task runtimes 2026-03-23 07:16:07 +09:00
Eyejoker
a2db8f6c0e refactor: extract dashboard and task helpers 2026-03-23 06:59:59 +09:00
Eyejoker
898c77fcfc refactor: consolidate runtime helpers 2026-03-23 06:39:26 +09:00
Eyejoker
7c6019dea3 refactor: drop idle queue state 2026-03-23 04:57:13 +09:00
Eyejoker
28eb8c6cb1 fix: harden restart recovery flow 2026-03-23 01:00:14 +09:00
Eyejoker
a1324726b1 style: format after runtime unification
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 00:44:04 +09:00
Eyejoker
d4fc498268 refactor: unify runtime into single message-runtime path
Remove duplicate processGroupMessages, runAgent, startMessageLoop, and
recoverPendingMessages from index.ts. All message processing now flows
through createMessageRuntime() in message-runtime.ts, eliminating the
dual-path issue that caused the v1 follow-up turn reset bug.

index.ts reduced from ~2300 to ~1210 lines.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 00:43:57 +09:00
Eyejoker
badb900a23 style: format files after pre-commit prettier run
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 00:11:44 +09:00
Eyejoker
b647502a10 feat: add seq cursor, work_items, provider fallback, and delivery reliability
Major reliability improvements to the message processing pipeline:

- Add messages.seq monotonic cursor replacing timestamp-based cursors,
  preventing message loss from timestamp collisions with LIMIT queries
- Add work_items table separating agent production from delivery,
  enabling delivery retry without re-running the agent
- Propagate Discord send failures instead of silently swallowing them
- Add Claude 429 → Kimi K2.5 automatic provider fallback with cooldown
- Fix follow-up turn state reset in live index.ts path (not just
  message-runtime.ts) to prevent final output from being lost
- Add restart context tracking for graceful restart announcements
- Lazy migration from timestamp cursors to seq cursors for existing data

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-23 00:11:32 +09:00
Eyejoker
9b741be902 fix: resolve session race condition and follow-up turn output loss
Two bugs fixed:

1. agent-runner error path race condition: when agent process exited
   with error, the promise resolved immediately without waiting for
   outputChain, allowing a late wrappedOnOutput to re-persist a stale
   session ID after clearSession had already run.

2. follow-up turn state not resetting: when a follow-up IPC message
   joined an active run, turn-level flags (finalOutputSentToUser,
   sawNonProgressOutput) from the first turn prevented the last
   progress from being promoted to a final message.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-21 12:29:00 +09:00
Eyejoker
6eb72ad499 Merge origin/main into chore/nanoclaw-recursive-room 2026-03-20 03:48:29 +09:00
Eyejoker
f281a2ee52 style: apply formatter to runtime files 2026-03-20 03:42:22 +09:00
Eyejoker
a293a701f4 fix: restore regressions from discord-only refactor 2026-03-20 03:41:53 +09:00
Eyejoker
bb0628e8f4 refactor: remove legacy container and non-discord remnants 2026-03-20 01:07:46 +09:00
Eyejoker
41afcb91cf feat: integrate Memento MCP for shared memory across agents
- Add MEMENTO_MCP_SSE_URL/ACCESS_KEY/REMOTE_PATH to readEnvFile
- Merge .env vars into cleanEnv for runner process inheritance
- Claude Code runner: add memento-mcp via mcp-remote in mcpServers
- Codex runner: inject memento-mcp section into config.toml
- Various improvements: CI watch, task scheduler, DB, IPC auth
2026-03-20 00:12:43 +09:00
Eyejoker
f2ad1331a9 Rebrand NanoClaw to EJClaw 2026-03-19 03:31:41 +09:00
Eyejoker
ea03956d0a feat: show session ID in dashboard status display
Add session label (last 8 chars) next to each group status.
Export buildStatusContent and DashboardOptions for testing.
2026-03-16 05:36:30 +09:00
Eyejoker
7e77f37948 refactor: extract dashboard and message-runtime from index.ts
- Extract dashboard code into src/dashboard.ts
- Extract message runtime into src/message-runtime.ts
- Improve group-queue with better concurrency handling
- Update agent-runner with enhanced env/config passing
- Simplify DB operations and cleanup unused code
- Update README for Codex SDK architecture
2026-03-16 05:08:19 +09:00
Eyejoker
e23315ed48 feat: usage/server dashboard with progress bars and aligned labels 2026-03-15 22:37:40 +09:00
Eyejoker
9a6d9f4c4b revert: roll back DB merge, keep useful improvements
Fully revert DB merge patch (WAL, composite PK, SERVICE_ID in IPC/
router_state/sessions). Return to proven split-DB architecture.

Keep:
- Docker/Apple Container cleanup
- Usage dashboard CLAUDE_CODE_OAUTH_TOKEN fallback
- Codex runner heartbeat
- Agent-runner stderr timeout reset
2026-03-15 22:35:53 +09:00
Eyejoker
6f4b6f8df7 feat: prepare DB for shared access (WAL, service partitioning)
Phase 0-2 of data unification:
- Enable WAL mode + busy_timeout for safe concurrent access
- router_state: keys prefixed with SERVICE_ID (lazy migration)
- sessions: composite PK (group_folder, agent_type)
- registered_groups: filtered by SERVICE_AGENT_TYPE on load
- Logger: service name tag for unified log streams

All changes are backward-compatible with the current split setup.
Actual directory merge (Phase 3-4) is a separate step.
2026-03-15 19:26:34 +09:00
Eyejoker
35356dd8a7 refactor: remove token-refresh, use env-based auth only
Delete token-refresh.ts and credentials.json sync. Auth is now
via CLAUDE_CODE_OAUTH_TOKEN in .env (1-year setup-token).
No more auto-refresh loop or credentials.json dependency.
2026-03-14 19:09:40 +09:00