Fix integration writeback mounts and delivery confirmation

[kjgbot]

User description

Summary

• Mount configured provider paths alongside discovery paths even when historical download is disabled, so file-native writebacks can be created under paths like .integrations/slack/channels//messages.
• Clarify the injected integrations guidance so agents read schemas from discovery but create provider records under provider paths, not under discovery.
• Add a confirmed broker send path for integration/system messages and use it for integrations-update and integration-event injections so Pear no longer treats HTTP API acceptance as confirmed PTY delivery.

Validation

• npm test
• npm run build

---

CodeAnt-AI Description

Fix integration writeback paths, delivery confirmation, and mount recovery after auth refresh

What Changed

• Connected integration guidance now clearly separates discovery schemas from the real provider paths where writeback files should be created.
• Integration mounts are available for provider writeback paths even when historical downloads are off, so live records can still be written in the expected location.
• System messages for integrations and events now wait for delivery confirmation when supported, instead of treating immediate send acceptance as enough.
• Cloud mounts and event subscriptions retry with refreshed cloud auth when the first attempt is rejected, which helps recover from expired tokens without manual re-login.

Impact

✅ Fewer failed integration writebacks
✅ Clearer file locations for connected integrations
✅ Fewer missed integration and event messages
✅ Less manual recovery after expired cloud auth

🔄 Retrigger CodeAnt AI Review

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[codeant-ai]

CodeAnt AI is reviewing your PR.

[coderabbitai]

Warning

Review limit reached

@kjgbot, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 10 minutes and 50 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Free

Run ID: 32d06a56-e291-448c-9351-bedfd111fcaa

📥 Commits

Reviewing files that changed from the base of the PR and between 7e0c76a and 6bab112.

📒 Files selected for processing (11)

• src/main/__tests__/integration-event-bridge.test.ts
• src/main/broker.test.ts
• src/main/broker.ts
• src/main/cloud-agent.ts
• src/main/index.ts
• src/main/integration-event-bridge.ts
• src/main/integration-symlinks.test.ts
• src/main/integration-symlinks.ts
• src/main/integrations.ts
• src/renderer/src/components/sidebar/SpawnAgentDialog.tsx
• src/renderer/src/components/terminal/TerminalPane.tsx

📝 Walkthrough

Walkthrough

This PR adds a message delivery confirmation flow across the broker and integration systems, derives local watch roots from integration globs, updates integration messaging, schedules per-project agent refresh timers on broker events, and improves symlink idempotency for concurrent safety.

Changes

Message Delivery Confirmation and Integration Synchronization

Layer / File(s)	Summary
Broker message delivery confirmation src/main/broker.ts, src/main/broker.test.ts	Introduces DeliveryConfirmationResult type, default 15-second timeout constant, event shape guards and matching helpers, and sendMessageAndWaitForDelivery() method that routes to correct broker session, sends the message, subscribes to broker events, buffers events, waits for delivery ack/verified/confirmed, and rejects on failure or timeout. Test harness updated with sendMessage mock and integration test validating delivery acknowledgement flow.
Bridge delivery-wait method contracts src/main/cloud-agent.ts, src/main/integration-event-bridge.ts, src/main/integrations.ts	Extends CloudBrokerSystemMessageAdapter, BrokerEventBridge, and IntegrationSystemMessageBridge interfaces with optional sendMessageAndWaitForDelivery() method accepting project ID, input payload, and optional timeout.
System message dispatch via delivery confirmation src/main/cloud-agent.ts, src/main/integration-event-bridge.ts, src/main/integrations.ts	Updates CloudAgentManager.injectSystemMessage, BrokerEventBridge.injectEvent, and IntegrationManager.safeInjectSystemMessage to build typed input payloads and conditionally dispatch via sendMessageAndWaitForDelivery when available, otherwise using sendMessage as fallback.
Local watch-root derivation from integration globs src/main/integration-event-bridge.ts, src/main/__tests__/integration-event-bridge.test.ts	Exports localWatchRootsFor(workspaceId, integrations, globs) function that derives local/remote root mappings from integration mounts and watch globs (including dynamic-child parent roots). Updates watchLocalMounts to use these mappings and guards against nonexistent localRoot paths via existsSync. Test covers glob-implied and dynamic parent watch root derivation.
Integration system message content and mount paths src/main/integrations.ts	Updates buildSystemMessageSnippet to derive writeback path text from resolved canonical mount paths and distinguish intentional vs. non-intentional historical downloads. Revises final guidance sentence for schema/example mounting and historical-download clarity. Changes mountPathsForAgentWorkspace to always include canonical integration mount paths regardless of downloadHistoricalData setting.
Per-project agent refresh timer scheduling src/main/index.ts	Adds integrationAgentRefreshTimers map to store per-project setTimeout handles. Implements scheduleIntegrationAgentRefresh() to debounce notifyAgentState calls with 2-second delay. Introduces registerIntegrationBrokerHooks() to subscribe to agent_spawned and worker_ready events. Extends shutdownBrokerOnce to clean up timers during shutdown and registers hooks during app startup.
Idempotent symlink creation with concurrent safety src/main/integration-symlinks.ts, src/main/integration-symlinks.test.ts	Adds isFileAlreadyExistsError() classifier for EEXIST detection and pointsAtTarget() to resolve symlink targets and verify correctness. Reworks ensureProjectIntegrationsLink to check existing symlinks early for correctness and suppress warnings when EEXIST occurs for already-correct symlinks. Adds concurrent test coverage for multiple ensureProjectIntegrationsLink calls.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 A rabbit hops through broker channels bright,
Where messages deliver in deferred flight,
With timers ticking for each agent's call,
And symlinks idempotent through it all!

---

Note

🎁 Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://app.coderabbit.ai/login.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a mechanism to wait for message delivery confirmation via sendMessageAndWaitForDelivery across several managers, handles token expiration gracefully by refreshing cloud authentication upon encountering unauthorized errors during workspace operations, and refines the mounting logic and documentation for integrations. The feedback highlights a critical compilation error due to a duplicate isRecord declaration in broker.ts, suggests simplifying deliveryFailureMessage using existing helpers, and recommends removing unnecessary as const assertions on message input objects to avoid strict TypeScript type-checking issues.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

Duplicate function declaration of isRecord. It is already defined at lines 67-69 in the same file. This duplicate declaration will cause a TypeScript compilation error (Duplicate identifier 'isRecord').

[gemini-code-assist]

Simplify deliveryFailureMessage by reusing the existing brokerEventString helper. This avoids direct property access on the BrokerEvent union type (which can cause compilation errors depending on the TypeScript configuration) and removes the need for the local isRecord check.

function deliveryFailureMessage(event: BrokerEvent): string {
  const reason = brokerEventString(event, 'reason')
  const lastError = brokerEventString(event, 'lastError')
  return reason || lastError || 'Broker delivery failed'
}

[gemini-code-assist]

Remove the as const assertion on the input object. Using as const infers all properties as readonly, which can cause strict type-checking errors when passed to functions expecting mutable types (like Record<string, unknown> for the data field). Since the type is already compatible, as const is unnecessary.

Suggested change

	const input = {
	to: agent.name,
	from: options.from || 'system',
	text: message,
	priority: 0,
	mode: 'steer',
	data: options.data || {
	kind: 'integrations-update',
	system: true
	}
	} as const
	const input = {
	to: agent.name,
	from: options.from || 'system',
	text: message,
	priority: 0,
	mode: 'steer',
	data: options.data || {
	kind: 'integrations-update',
	system: true
	}
	}

[gemini-code-assist]

Remove the as const assertion on the input object to prevent potential strict type-checking errors with readonly properties when passed to sendMessage or sendMessageAndWaitForDelivery.

Suggested change

	const input = {
	to: recipient,
	from: 'integration',
	text: formatIntegrationEventMessage(event),
	priority: 0,
	mode: 'steer',
	data: {
	kind: 'integration-event',
	system: true,
	eventId: event.id,
	eventType: event.type,
	occurredAt: event.occurredAt,
	resource: isRecord(event.resource) ? { ...event.resource } : undefined,
	path: event.resource.path
	}
	} as const
	const input = {
	to: recipient,
	from: 'integration',
	text: formatIntegrationEventMessage(event),
	priority: 0,
	mode: 'steer',
	data: {
	kind: 'integration-event',
	system: true,
	eventId: event.id,
	eventType: event.type,
	occurredAt: event.occurredAt,
	resource: isRecord(event.resource) ? { ...event.resource } : undefined,
	path: event.resource.path
	}
	}

[gemini-code-assist]

Remove the as const assertion on the input object to avoid potential strict type-checking issues with readonly properties.

Suggested change

	const input = {
	to: agent.name,
	from: 'system',
	text: message,
	priority: 0,
	mode: 'steer',
	data: {
	kind: 'integrations-update',
	system: true
	}
	} as const
	const input = {
	to: agent.name,
	from: 'system',
	text: message,
	priority: 0,
	mode: 'steer',
	data: {
	kind: 'integrations-update',
	system: true
	}
	}

[codeant-ai]

Suggestion: The dynamic import uses a .ts extension, which can break at runtime after transpilation/packaging when only .js files exist. Use the same extensionless module specifier pattern used elsewhere so the runtime resolver works in built artifacts. [import error]

Severity Level: Critical 🚨

- ❌ Local integration mount daemon fails during app startup.
- ❌ Integration event subscriptions fail to initialize for projects.
- ⚠️ Integration-event-based system messages never reach connected agents.

Steps of Reproduction ✅

1. Build and run the production Electron app so the main process executes the compiled
`src/main/index.ts` entrypoint (importing `integrationsManager` from
`src/main/integrations.ts:8`).

2. When the app's `app.whenReady()` handler runs (`src/main/index.ts:5-25`), it calls
`integrationsManager.startLocalMountDaemon()` at `src/main/index.ts:25`.

3. `startLocalMountDaemon()` in `src/main/integrations.ts:12-15` calls
`this.syncAllEventSubscriptions()`, which in turn calls
`this.syncEventSubscriptions(projectId)` for each project
(`src/main/integrations.ts:19-24`), and `syncEventSubscriptions()` invokes
`integrationEventBridge.reconcile(projectId, …)` at `src/main/integrations.ts:21-23`.

4. `IntegrationEventBridge.reconcile()` calls `const handle = await
this.getWorkspaceHandle()` at `src/main/integration-event-bridge.ts:20`, which executes
`const { … } = await import('./auth.ts')` at `src/main/integration-event-bridge.ts:33`; in
a compiled/bundled build only `auth.js` (not `auth.ts`) exists next to the compiled file,
so the dynamic import for `'./auth.ts'` fails module resolution with a `Cannot find module
'./auth.ts'` error, preventing integration event subscriptions from being established.

Fix in Cursor | Fix in VSCode Claude

(Use Cmd/Ctrl + Click for best experience)

Prompt for AI Agent 🤖

This is a comment left during a code review.

**Path:** src/main/integration-event-bridge.ts
**Line:** 962:962
**Comment:**
	*Import Error: The dynamic import uses a `.ts` extension, which can break at runtime after transpilation/packaging when only `.js` files exist. Use the same extensionless module specifier pattern used elsewhere so the runtime resolver works in built artifacts.

Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise.
Once fix is implemented, also check other comments on the same PR, and ask user if the user wants to fix the rest of the comments as well. if said yes, then fetch all the comments validate the correctness and implement a minimal fix

👍 | 👎

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[agent-relay-code]

Implemented fixes for PR #96.

Key changes:

• Fixed sendMessageAndWaitForDelivery to wait for confirmations from all reported targets, not just the first ack.
• Added duplicate-ack multi-target regression coverage in src/main/broker.test.ts.
• Updated stale test mocks for sendMessage and refreshCloudAuth.
• Added auth-refresh retry coverage for unauthorized Relayfile mount startup.
• Fixed an async race in IntegrationsManager test fixtures.

Local verification passed:

• npx tsc --noEmit
• npx vitest run src/main/*.test.ts src/renderer/src/hooks/*.test.ts
• node --experimental-strip-types --no-warnings --test src/main/__tests__/integration-event-bridge.test.ts
• npm test
• npm run build

[agent-relay-code]

Fixed the PR issues I found.

Changes made:

• sendMessageAndWaitForDelivery now handles delivery events that arrive before sendMessage returns, preserves early delivery failures, avoids a pre-send timeout rejection, normalizes missing delivery metadata, and throttles missing event_id telemetry.
• Added broker regressions for early delivery ack/failure handling.
• Restored prompt local integration mount reconciliation by not blocking normal sync on optional cloud hydration; daemon startup still awaits hydration.
• Fixed the refreshed Relayfile auth token provider type in integration-event-bridge.

Local validation passed:

• npx vitest run src/main/broker.test.ts src/main/integrations.test.ts src/main/integration-symlinks.test.ts src/main/integration-mounts.test.ts src/main/cloud-agent.test.ts src/main/auth.test.ts
• npm test
• npm run build
• npm run verify:mcp-resources-drift

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Fixed the PR issues I found.

Changes made:

• sendMessageAndWaitForDelivery now handles delivery events that arrive before sendMessage returns, preserves early delivery failures, avoids a pre-send timeout rejection, normalizes missing delivery metadata, and throttles missing event_id telemetry.
• Added broker regressions for early delivery ack/failure handling.
• Restored prompt local integration mount reconciliation by not blocking normal sync on optional cloud hydration; daemon startup still awaits hydration.
• Fixed the refreshed Relayfile auth token provider type in integration-event-bridge.

Local validation passed:

• npx vitest run src/main/broker.test.ts src/main/integrations.test.ts src/main/integration-symlinks.test.ts src/main/integration-mounts.test.ts src/main/cloud-agent.test.ts src/main/auth.test.ts
• npm test
• npm run build
• npm run verify:mcp-resources-drift

[agent-relay-code]

⚠️ pr-reviewer did not push — the PR branch advanced during the review, so fixes were withheld to avoid overwriting newer commits. Re-trigger the review once the branch settles. The notes below are advisory and were not pushed.

Reviewed the checked-out PR diff and current workspace. Note: .workforce/context.json identifies the checked-out PR as #94, not #96, so I treated the current checkout as authoritative.

Validated/fixed state:

• Confirmed the broker connection path changes align with @agent-relay/harness-driver v8.1.2: connect({ cwd, connectionPath }) is supported and defaults to .agentworkforce/relay/connection.json.
• Verified the current connection-file fixture uses api_key, matching the real runtime contract.
• Added/verified regression coverage that a reused current connection reports connectionPath, matches, and the API key through listBrokerDetails().

Verification run:

• npx vitest run src/main/broker.test.ts passed.
• npm test passed.
• npm run verify:mcp-resources-drift passed.

Could not complete full build locally:

• npm ci repeatedly failed in this sandbox under Node 25 (ENOTEMPTY unpack errors / later killed with npm 10).
• npm run build therefore failed at electron-vite: not found.
• CI uses Node 22, so this looks like a local dependency installation/runtime issue, not a demonstrated PR code failure.

I am not printing READY because the build could not be verified in this sandbox.

[agent-relay-code]

Fixed two validated PR issues:

• src/main/broker.ts: delivery confirmation now recognizes recipient identity from name, target, or to, so multi-target/channel delivery waits do not complete after only the first message_delivery_confirmed.
• src/main/broker.test.ts: added a regression test for per-target confirmations using target.
• src/main/integrations.ts: project-local integration state sync now skips cloud hydration before local mount reconcile, fixing the current IntegrationsManager test failure and preserving non-blocking local updates.

Local verification passed:

• npm ci
• npx vitest run
• npm test
• npx tsc --noEmit
• npm run verify:mcp-resources-drift
• npm run build

[agent-relay-code]

✅ pr-reviewer applied fixes — committed and pushed 71169c2 to this PR. The notes below describe what changed.

Fixed two validated PR issues:

• src/main/broker.ts: delivery confirmation now recognizes recipient identity from name, target, or to, so multi-target/channel delivery waits do not complete after only the first message_delivery_confirmed.
• src/main/broker.test.ts: added a regression test for per-target confirmations using target.
• src/main/integrations.ts: project-local integration state sync now skips cloud hydration before local mount reconcile, fixing the current IntegrationsManager test failure and preserving non-blocking local updates.

Local verification passed:

• npm ci
• npx vitest run
• npm test
• npx tsc --noEmit
• npm run verify:mcp-resources-drift
• npm run build

[agent-relay-code]

Fixed the validated PR issues in the current checkout:

• Changed integration-event-bridge dynamic import from ./auth.ts to extensionless ./auth.
• Moved broker delivery confirmation timeout so it starts after sendMessage returns delivery metadata, while still handling early buffered events.
• Kept normal integration agent-state sync from blocking on optional cloud hydration; daemon startup still hydrates.
• Added regressions for slow broker send metadata, early delivery failure, and nonblocking integration sync.

Verification passed:

• npx tsc --noEmit
• npx vitest run
• npm test
• npm run verify:mcp-resources-drift
• npm run build

[agent-relay-code]

⚠️ pr-reviewer push failed (exit 1) — fixes were not applied to the PR. The notes below are advisory and were not pushed.

Fixed the validated PR issues in the current checkout:

• Changed integration-event-bridge dynamic import from ./auth.ts to extensionless ./auth.
• Moved broker delivery confirmation timeout so it starts after sendMessage returns delivery metadata, while still handling early buffered events.
• Kept normal integration agent-state sync from blocking on optional cloud hydration; daemon startup still hydrates.
• Added regressions for slow broker send metadata, early delivery failure, and nonblocking integration sync.

Verification passed:

• npx tsc --noEmit
• npx vitest run
• npm test
• npm run verify:mcp-resources-drift
• npm run build