Stop poisoning slack connect requests with the demoted slack-sage alias

[khaliqgant]

Summary

normalizeProviderID rewrites both slack and slack-sage inputs to slack-sage before any CLI request reaches the cloud, so every relayfile integration connect slack mints a Nango Connect session under the demoted alias regardless of cloud-side fixes — observed live today even after AgentWorkforce/cloud#525 was merged and deployed:

$ relayfile integration connect slack --workspace rw_<id>
Connect slack-sage: https://connect.nango.dev/?session_token=...

The cloud registry has migrated to slack canonical with slack-sage retained as a backwards-compat alias resolved via resolveWorkspaceIntegrationProvider. Returning the canonical id from the CLI lets the cloud either short-circuit (slack == canonical) or alias-back (slack-sage → slack); both paths land on the same providerConfigKey cloud-side.

Changes

• normalizeProviderID returns slack for both slack and slack-sage inputs (was slack-sage for both).
• Offline fallback catalog (fallbackIntegrationCatalog) advertises canonical slack.
• Prompt-default list in providerPromptText uses slack instead of slack-sage.
• providerRootDir already accepted both ids and returned /slack — left untouched as a defensive backstop for existing local state.json files still tagged slack-sage.

Test plan

• go test ./cmd/relayfile-cli/ — full suite green (4.6s, no regressions).
• go build ./cmd/relayfile-cli/ clean.
• New TestNormalizeProviderIDCanonicalizesSlackAlias — table-driven, covers canonical id, demoted alias, mixed case, whitespace, unrelated providers, and the slack-my-senior-dev sibling that must not be affected.
• New TestFallbackIntegrationCatalogUsesCanonicalSlackId — fails if slack-sage ever creeps back into the fallback catalog.
• Manual on rw_517d60b6: after this lands, relayfile integration disconnect slack → relayfile integration connect slack should print Connect slack: ... and state.json should record provider: slack.

Related

• AgentWorkforce/cloud#525 — narrowed the cloud-side env-var override; necessary but not sufficient because the CLI was the second leak.
• AgentWorkforce/cloud#528 — independently adds jira/confluence forward-webhook handlers (separate gap surfaced during the same verification pass).
• Refresh workspace token in relayfile login when one is registered #137 — login workspace-token refresh (separate fix on the same CLI, kept on its own branch).

🤖 Generated with Claude Code

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 2 additional findings.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 031f3089-96a4-45fc-9539-728c48223425

📥 Commits

Reviewing files that changed from the base of the PR and between 4d2ea77 and 775d4fe.

📒 Files selected for processing (2)

• cmd/relayfile-cli/main.go
• cmd/relayfile-cli/main_test.go

---

📝 Walkthrough

Walkthrough

This PR normalizes the Slack provider identifier by updating normalizeProviderID to canonicalize both slack and slack-sage to slack. The change is applied to the default provider prompt list and the offline fallback integration catalog, with test coverage validating the normalization and catalog behavior.

Changes

Slack Provider ID Canonicalization

Layer / File(s)	Summary
Normalization Function cmd/relayfile-cli/main.go	normalizeProviderID is updated to map both slack and slack-sage (including variations in casing and whitespace) to the canonical slack identifier.
Provider Defaults and Fallback Catalog cmd/relayfile-cli/main.go	Default provider list and offline fallback integration catalog both replace slack-sage with slack to use the canonical identifier.
Test Coverage cmd/relayfile-cli/main_test.go	New tests TestNormalizeProviderIDCanonicalizesSlackAlias and TestFallbackIntegrationCatalogUsesCanonicalSlackId validate that normalization works for both IDs and that the fallback catalog advertises only the canonical slack entry.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

A rabbit hops through provider names,
Slack-sage becomes just slack today,
No more aliases, no more games,
One true name, the canonical way! 🐰✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: fixing the CLI to stop rewriting slack provider requests to the demoted slack-sage alias.
Description check	✅ Passed	The description is comprehensive and directly related to the changeset, explaining the bug, the cloud-side context, the specific code changes, and the test plan.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch agent-relay/fix-slack-provider-id-leak

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}