You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* feat(sdk): self-healing Signal session reset + daemon bypass mode
Add resetSession across the SDK (EncryptionContext -> TinyPlaceClient ->
Agent) to drop a peer's persisted Double Ratchet session so the next send
re-runs X3DH from a fresh pre-key bundle. Agent.resetSession resolves the
recipient the same way sendMessage does, so the correct cryptoId-keyed
session is cleared for a @handle/base64/cryptoId address.
Wrap the daemon's outbound send with reset+retry: on a session-class error
(relay 400 / ratchet / decrypt / prekey / contact), reset the session and
retry once so daemon replies self-heal after a crash/restart mid-handshake.
Also pass --dangerously-skip-permissions to the claude provider so daemon
workers run unattended in bypass mode.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* feat(daemon): idle (no-event) task watchdog instead of a hard cap
Convert the daemon's per-task timeout from a fixed wall-clock kill into an
idle watchdog: the child CLI is reaped only after --task-timeout-ms with NO
new provider event. `armIdle` re-arms on every parsed event, so a long-but-
active run (streaming tool calls / output) keeps going while a genuinely
wedged one is killed ~timeout after it goes silent. Default stays 600000ms.
Also update the claude headless-argv test for the --dangerously-skip-
permissions flag added with bypass mode.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* fix(daemon): address review — opt-in bypass, narrow session classifier, propagate reset
- Security (P1): `--dangerously-skip-permissions` is now opt-in behind a
`--dangerously-skip-permissions` daemon flag (threaded through
DaemonRuntime → RunTaskOptions → buildRunArgs), default OFF. A daemon
auto-accepts contacts and runs remote task text, so bypassing approval must
be an explicit operator choice, not the default.
- Narrow isSessionError to explicit stale-ratchet/decrypt/prekey/session
faults; stop treating a not-yet-contact 400 (or a bare HTTP status) as
recoverable — resetting won't accept the contact and the failed retry would
leave an undelivered X3DH session, making the next send undecryptable.
- Do not swallow a failed resetSession: propagate it instead of retrying over
an uncleared ratchet.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
0 commit comments