fix(think,ai-chat): make chat-recovery progress signal compaction-immune (#1628)

[threepointone]

Stack

This is PR 1 of 4 addressing #1631 (recovery/repair ergonomics) and #1628. The series is stacked; review/merge bottom-up:

1. ➡️ bug: chat-recovery progress marker is count-based, so compaction can cause premature budget exhaustion #1628 — progress signal compaction-immune (this PR) · patch
2. preserve settled work when a turn is given up · patch
3. repairInterruptedToolPart hook · minor
4. incident identity + onExhausted payload · minor

Each PR is independently reviewable; this one has no dependency on the others (it's the base of the stack). Targets main.

---

Problem (#1628)

Bounded chat recovery (#1623) resets the per-incident retry budget when an interrupted turn is making forward progress, so that a turn repeatedly interrupted by deploy churn isn't falsely treated as a poison turn and sealed at maxAttempts. That progress signal was recomputed from the live transcript by counting assistant messages:

// packages/think/src/think.ts (and the verbatim mirror in packages/ai-chat/src/index.ts)
private _chatRecoveryProgressMarker(): number {
  return this.messages.reduce(
    (count, message) => (message.role === "assistant" ? count + 1 : count),
    0
  );
}
// ...in _beginChatRecoveryIncident:
const prevProgress = existing?.progress ?? 0;
const currentProgress = this._chatRecoveryProgressMarker();
const madeProgress = existing != null && currentProgress > prevProgress;

this.messages is the live, mutable transcript. Compaction collapses older assistant messages into a summary, lowering the count. So a turn that genuinely advanced between two recovery attempts can read as currentProgress < prevProgress → madeProgress = false → the budget is not reset → the turn exhausts at maxAttempts and is sealed, even though it was healthy. The stored progress: Math.max(prevProgress, currentProgress) only protects the persisted high-water; the comparison still uses the live (compacted) recompute, so it doesn't help.

This is the data-loss path a tool-heavy agent under continuous deploys actually hits.

Fix

Track progress with a durable, monotonic counter that compaction can never lower, instead of recomputing from the transcript:

• New storage key cf:chat-recovery:progress.
• Bumped exactly once when _persistOrphanedStream materializes a non-empty partial assistant message — which is precisely the "forward progress" event the old assistant-message count was a proxy for.
• _chatRecoveryProgressMarker() now reads that counter; _beginChatRecoveryIncident awaits it.

Because it only ever increments, compaction is irrelevant. Semantics are otherwise preserved:

• Healthy turn under churn: each interruption persists a non-empty partial → counter grows → madeProgress true → budget resets. ✅
• Poison turn (no chunks): _persistOrphanedStream early-returns on empty chunks → counter flat → budget counts toward the cap → exhausts. ✅
• Genuinely-stuck-but-producing turn: still ultimately bounded by the unchanged 15-minute CHAT_RECOVERY_MAX_WINDOW_MS wall-clock ceiling.

Timing (why the counter is read at incident-begin and bumped at persist)

Per interruption: _beginChatRecoveryIncident reads the counter and compares against the stored high-water → then (if not exhausted) _persistOrphanedStream bumps it. So attempt N's bump is observed at attempt N+1's comparison, exactly mirroring how the old assistant-message count grew after each persist.

Back-compat / migration

A session interrupted mid-incident before this counter existed has no cf:chat-recovery:progress key → it reads 0. For a new incident that's fine (no comparison on first detection). For an in-flight incident at upgrade time the comparison is conservative (treats it as no-progress for that one alarm), which is bounded and harmless. No persisted-data migration required.

Bonus

@cloudflare/ai-chat's _persistOrphanedStream merges a continuation partial into the existing assistant message in place, so its old marker barely grew across continuations (only the first persist added a message) — it was already under-counting progress. The monotonic counter fixes that too and brings ai-chat in line with think.

Files

• packages/think/src/think.ts — counter constant, _chatRecoveryProgressMarker (now async, reads storage), new _bumpChatRecoveryProgress, bump in _persistOrphanedStream, await in _beginChatRecoveryIncident, updated ChatRecoveryIncident.progress doc.
• packages/ai-chat/src/index.ts — same changes; _persistOrphanedStream made async (callers updated to await).
• Tests + harness helpers (bumpRecoveryProgressForTest, dropAssistantMessagesForTest).
• .changeset/chat-recovery-progress-monotonic.md (patch · think + ai-chat).

Tests

New regression test in both packages — "detects forward progress even after compaction collapses the transcript (#1628)": open an incident, make progress (bump the counter), then drop every assistant message from the live cache (simulating compaction), and assert the next alarm still resets the budget. The old message-count marker fails this; the durable counter passes. Existing progress-reset and wall-clock-ceiling tests were re-pointed at the counter and still pass.

Verification

• tsc --noEmit clean for @cloudflare/think and @cloudflare/ai-chat.
• oxlint clean; oxfmt applied.
• Full suites green: think 460 passed (15 files), ai-chat 481 passed (42 files).

Test plan

• CI green (npm run build && npm run check && nx affected -t test)
• Confirm the compaction regression test fails on main and passes here
• Sanity-check the back-compat note for in-flight incidents at deploy time

Made with Cursor

[changeset-bot]

🦋 Changeset detected

Latest commit: 5cde588

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@cloudflare/think	Patch
@cloudflare/ai-chat	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[threepointone]

/bonk do a deep review on this pr, look for edge cases, how's the ux on this

[pkg-pr-new]

Open in StackBlitz

agents

npm i https://pkg.pr.new/agents@1633

@cloudflare/ai-chat

npm i https://pkg.pr.new/@cloudflare/ai-chat@1633

@cloudflare/codemode

npm i https://pkg.pr.new/@cloudflare/codemode@1633

hono-agents

npm i https://pkg.pr.new/hono-agents@1633

@cloudflare/shell

npm i https://pkg.pr.new/@cloudflare/shell@1633

@cloudflare/think

npm i https://pkg.pr.new/@cloudflare/think@1633

@cloudflare/voice

npm i https://pkg.pr.new/@cloudflare/voice@1633

@cloudflare/worker-bundler

npm i https://pkg.pr.new/@cloudflare/worker-bundler@1633

commit: ce215d1

[ask-bonk]

UnknownError: ProviderInitError

github run

[ask-bonk]

@threepointone Bonk workflow failed. Check the logs for details.

View workflow run · To retry, trigger Bonk again.