Skip to content

feat(desktop-agent): land V2 flagship pack streams 01-13#58

Merged
ihabkhaled merged 2 commits into
mainfrom
feature/desktop-agent-v2
May 24, 2026
Merged

feat(desktop-agent): land V2 flagship pack streams 01-13#58
ihabkhaled merged 2 commits into
mainfrom
feature/desktop-agent-v2

Conversation

@ihabkhaled
Copy link
Copy Markdown
Owner

@ihabkhaled ihabkhaled commented May 24, 2026

Sustained execution across the 13-stream V2 pack at plan-prompts/ClawAI_desktop_agent_v2_flagship_pack/. Progress matrix + deferred-items punch list at
docs/15-ai-context/desktop-agent-v2-implementation-progress.md.

Stream 01 — Foundation closeout

  • RecipeRunStatus type alias mismatch deleted (Prisma is authoritative)
  • 7 missing agent.* event payload types in shared-types
  • 7 missing audit handlers in claw-audit-service (now all 25 events flow into Mongo)
  • CapabilityDualWriteMetricsService + GET /agent/capabilities/dual-write-status
  • Retirement runbook + deprecation log + .env entry
  • RecipeRun.dryRun column + migration + runner short-circuit + test
  • capability-dual-write-metrics.service.spec.ts (8 cases)
  • command-risk.service.spec.ts (6 cases)
  • qa/test-foundation-closeout.sh (gitignored)

Stream 02 — Cross-OS provider hardening

  • probe-helpers.js shared module + probe() on every provider
  • doctor command lists probes + gates core vs optional providers
  • Per-recipe browser profile isolation; recipeRunId plumbed through capability-runner to providers
  • runbook-cross-os-evidence.md + qa/test-providers-cross-os.sh

Stream 03 — Recipe runner UX

  • claw-agent run-recipe CLI command (--device --param --dry-run --watch --json)
  • parseArgs repeat-flag fix
  • FE StartRunRequest.dryRun + RecipeRun.dryRun types

Stream 04 — Tauri shell hardening + auto-update

  • Tray menu V2 (palette, dashboards, runner pause/resume, pair, check-update, settings, quit) + 30s tooltip refresher
  • tauri-plugin-updater v2 + updater.rs (boot-time + tray-menu check)
  • tauri.conf.json updater section + pubkey placeholder
  • runbook-tauri-shell-release.md

Stream 05 — Activity memory cloud sync + suggestions

  • CLI runCloudSyncLoop (gated by CLAW_ACTIVITY_CLOUD_SYNC=true)
  • AgentSuggestion schema + migration + AgentSuggestionManager cron
  • AgentSuggestionRepository (raw SQL group-by) + controller + enum + DTOs

Stream 06 — Marketplace publisher portal

  • /listings/mine + /listings/:id/unpublish + /listings/:id/republish
  • Repo + service methods (listForPublisher, setListingStatus)

Stream 07 — Fleet enterprise SSO + device governance

  • runbook-fleet-enterprise-sso.md (production IdP rollout)
  • /agent/organizations/:id/devices device matrix endpoint with raw-SQL join (org -> members -> devices) + pending-cap subquery

Stream 08 — Live agent UX SSE + bulk approval

  • SkipLogging decorator (agent-service mirror of chat-service)
  • CapabilityEventBusService (Subject fanout for 11 CAPABILITY_* events)
  • CapabilityStreamController @sse('stream') filtered by userId
  • POST /agent/capabilities/bulk-approve (max 100 ids) + service method + DTO

Stream 09 — OS control add-ons

  • SYSTEM capability provider stub (LOCK, SUSPEND, NETWORK_INFO, DISK_USAGE, TIMEZONE) registered in providerRegistry

Stream 10 — Release channels + auto-update

  • runbook-desktop-agent-release-channels.md (stable/beta/canary, CI scaffold, latest.json schema, rollback)

Stream 11 — Security/privacy/sandboxing sweep

  • CAPABILITY_HARD_DENYLIST constants (rm -rf /, fork bombs, kill PID 1, file:// nav, dangerous deletes)
  • Pino redact paths extended for capability framework (target/payload/dsl/result creds, SAML, signatures)
  • runbook-desktop-agent-security.md (7-layer defense + incident response)

Stream 12 — QA/UAT release-gate matrix

  • runbook-desktop-agent-qa-release-gate.md (per-channel quality bar + regression matrix per stream change)

Stream 13 — Business roadmap + positioning

  • desktop-agent-v2-roadmap-and-positioning.md (personas, tier matrix, roadmap Q3 2026 -> Q1 2027, competitive positioning, success metrics)

Migrations to apply on first deploy:

  • 20260524120000_add_recipe_run_dryrun
  • 20260524123000_add_agent_suggestions

Known deferred work documented in
docs/15-ai-context/desktop-agent-v2-implementation-progress.md "Known gaps after this session".

Summary

Brief description of changes.

Type

  • Feature
  • Bug Fix
  • Refactor
  • Documentation
  • Test

Checklist

  • npm run lint passes
  • npm run build passes
  • npm run test passes
  • Documentation updated (if applicable)
  • No secrets in code

ihabkhaled and others added 2 commits May 24, 2026 04:50
@ihabkhaled @claude
feat(desktop-agent): land V2 flagship pack streams 01-13
5fb9748 
Sustained execution across the 13-stream V2 pack at
plan-prompts/ClawAI_desktop_agent_v2_flagship_pack/. Progress matrix +
deferred-items punch list at
docs/15-ai-context/desktop-agent-v2-implementation-progress.md.

Stream 01 — Foundation closeout
  * RecipeRunStatus type alias mismatch deleted (Prisma is authoritative)
  * 7 missing agent.* event payload types in shared-types
  * 7 missing audit handlers in claw-audit-service (now all 25 events
    flow into Mongo)
  * CapabilityDualWriteMetricsService + GET /agent/capabilities/dual-write-status
  * Retirement runbook + deprecation log + .env entry
  * RecipeRun.dryRun column + migration + runner short-circuit + test
  * capability-dual-write-metrics.service.spec.ts (8 cases)
  * command-risk.service.spec.ts (6 cases)
  * qa/test-foundation-closeout.sh (gitignored)

Stream 02 — Cross-OS provider hardening
  * probe-helpers.js shared module + probe() on every provider
  * doctor command lists probes + gates core vs optional providers
  * Per-recipe browser profile isolation; recipeRunId plumbed through
    capability-runner to providers
  * runbook-cross-os-evidence.md + qa/test-providers-cross-os.sh

Stream 03 — Recipe runner UX
  * claw-agent run-recipe CLI command (--device --param --dry-run
    --watch --json)
  * parseArgs repeat-flag fix
  * FE StartRunRequest.dryRun + RecipeRun.dryRun types

Stream 04 — Tauri shell hardening + auto-update
  * Tray menu V2 (palette, dashboards, runner pause/resume, pair,
    check-update, settings, quit) + 30s tooltip refresher
  * tauri-plugin-updater v2 + updater.rs (boot-time + tray-menu check)
  * tauri.conf.json updater section + pubkey placeholder
  * runbook-tauri-shell-release.md

Stream 05 — Activity memory cloud sync + suggestions
  * CLI runCloudSyncLoop (gated by CLAW_ACTIVITY_CLOUD_SYNC=true)
  * AgentSuggestion schema + migration + AgentSuggestionManager cron
  * AgentSuggestionRepository (raw SQL group-by) + controller +
    enum + DTOs

Stream 06 — Marketplace publisher portal
  * /listings/mine + /listings/:id/unpublish + /listings/:id/republish
  * Repo + service methods (listForPublisher, setListingStatus)

Stream 07 — Fleet enterprise SSO + device governance
  * runbook-fleet-enterprise-sso.md (production IdP rollout)
  * /agent/organizations/:id/devices device matrix endpoint with
    raw-SQL join (org -> members -> devices) + pending-cap subquery

Stream 08 — Live agent UX SSE + bulk approval
  * SkipLogging decorator (agent-service mirror of chat-service)
  * CapabilityEventBusService (Subject fanout for 11 CAPABILITY_*
    events)
  * CapabilityStreamController @sse('stream') filtered by userId
  * POST /agent/capabilities/bulk-approve (max 100 ids) +
    service method + DTO

Stream 09 — OS control add-ons
  * SYSTEM capability provider stub (LOCK, SUSPEND, NETWORK_INFO,
    DISK_USAGE, TIMEZONE) registered in providerRegistry

Stream 10 — Release channels + auto-update
  * runbook-desktop-agent-release-channels.md (stable/beta/canary,
    CI scaffold, latest.json schema, rollback)

Stream 11 — Security/privacy/sandboxing sweep
  * CAPABILITY_HARD_DENYLIST constants (rm -rf /, fork bombs, kill
    PID 1, file:// nav, dangerous deletes)
  * Pino redact paths extended for capability framework
    (target/payload/dsl/result creds, SAML, signatures)
  * runbook-desktop-agent-security.md (7-layer defense + incident
    response)

Stream 12 — QA/UAT release-gate matrix
  * runbook-desktop-agent-qa-release-gate.md (per-channel quality
    bar + regression matrix per stream change)

Stream 13 — Business roadmap + positioning
  * desktop-agent-v2-roadmap-and-positioning.md (personas, tier
    matrix, roadmap Q3 2026 -> Q1 2027, competitive positioning,
    success metrics)

Migrations to apply on first deploy:
  - 20260524120000_add_recipe_run_dryrun
  - 20260524123000_add_agent_suggestions

Known deferred work documented in
docs/15-ai-context/desktop-agent-v2-implementation-progress.md
"Known gaps after this session".

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@ihabkhaled @claude
fix(desktop-agent): green CI after V2 land — lint/typecheck/test errors
29d0026 
Caught by GitHub Actions on commit 5fb9748. Eight typecheck errors,
six lint errors, one test failure — all real bugs in the V2 land.

Typecheck fixes:
  * NestJS Logger has no .info() — use .log() (6 sites: agent-suggestion
    manager x2, agent-suggestion repository x2, capability.service,
    marketplace.service)
  * agent-suggestion.manager.ts: suggestedRecipeDsl: null → Prisma.JsonNull
    (Prisma's nullable JSON input requires the symbol, not bare null)
  * recipe-runner.manager.spec.ts: existing happy-path DTO literal now
    needs dryRun:false explicitly (StartRunDto.dryRun is non-optional
    after Zod's .default(false) inferred output)

Lint fixes:
  * marketplace.service.ts + marketplace.repository.ts: status param
    typed as 'PUBLISHED' | 'HIDDEN' | 'DRAFT' string-literal union →
    use Prisma's MarketplaceListingStatus enum import
  * agent-suggestion.repository.ts: Omit<X, 'a'|'b'|'c'> literal-union
    inline tripped no-restricted-syntax → extract to
    AgentSuggestionUpsertData type alias in types/suggestion.types.ts
    (logic files ban string-literal unions; types files do not)
  * agent-suggestion.manager.ts: `as unknown as Prisma.InputJsonValue`
    cast removed — string[] is directly assignable to InputJsonValue
  * agent-suggestion.repository.ts: sort import members
    (SUGGESTION_LOOKBACK_DAYS before SUGGESTION_PENDING_TTL_DAYS)
  * command-risk.service.spec.ts: CapabilityRiskService used only as
    a generic type parameter to jest.Mocked<> → `import type`

Test fix:
  * recipe-runner.manager.spec.ts dry-run test: rewrote with single-
    step DSL + proper findRunByIdInternal sequencing (PENDING on first
    call, SUCCEEDED-snapshot on subsequent). Original 2-step fixture
    caused infinite advance() recursion that exhausted the mock stack
    and threw "steps is not iterable" inside buildContext. Single
    step + terminal-state fallback lets the recursive advance hit the
    allTerminal=true branch and mark the run SUCCEEDED on the second
    pass.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@ihabkhaled ihabkhaled merged commit eb8beb5 into main May 24, 2026
59 checks passed
@ihabkhaled ihabkhaled deleted the feature/desktop-agent-v2 branch May 24, 2026 11:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ihabkhaled