@agent-team-foundation/first-tree-hub 0.14.7-alpha.286.1 → 0.14.8

package/dist/{bootstrap-BmeaRhRp.mjs → bootstrap-BC1M0f6A.mjs}

@@ -1,3 +1,3 @@
-import { a as loadCredentials, s as resolveServerUrl } from "./bootstrap-CmkHQsnS.mjs";
+import { a as loadCredentials, s as resolveServerUrl } from "./bootstrap-D6RsdtJg.mjs";
 import "./cli-fetch-BGVItZxo.mjs";
 export { loadCredentials, resolveServerUrl };

package/dist/{bootstrap-CmkHQsnS.mjs → bootstrap-D6RsdtJg.mjs}

@@ -664,6 +664,12 @@ defineConfig({
 			captureClientIp: field(z.boolean().default(false), { env: "FIRST_TREE_HUB_OTEL_CAPTURE_CLIENT_IP" })
 		})
 	},
+	update: {
+		channel: field(z.enum(["latest", "alpha"]).default("latest"), { env: "FIRST_TREE_HUB_UPDATE_CHANNEL" }),
+		commandVersion: field(z.string().optional(), { env: "FIRST_TREE_HUB_COMMAND_VERSION" }),
+		pollIntervalMinutes: field(z.coerce.number().int().min(1).max(1440).default(60), { env: "FIRST_TREE_HUB_UPDATE_POLL_INTERVAL_MINUTES" }),
+		registryUrl: field(z.string().url().default("https://registry.npmjs.org"), { env: "FIRST_TREE_HUB_UPDATE_REGISTRY_URL" })
+	},
 	runtime: {
 		inboxTimeoutSeconds: field(z.coerce.number().int().positive().default(300), { env: "FIRST_TREE_HUB_INBOX_TIMEOUT_SECONDS" }),
 		maxRetryCount: field(z.coerce.number().int().nonnegative().default(3), { env: "FIRST_TREE_HUB_MAX_RETRY_COUNT" }),

package/dist/cli/index.mjs

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
-import { $ as SdkError, A as printResults, B as ClientRuntime, C as migrateLocalAgentDirs, D as checkNodeVersion, E as checkClientConfig, G as removeLocalAgent, I as restartClientService, J as fail, K as resolveReplyToFromEnv, L as startClientService, M as getClientServiceStatus, N as installClientService, O as checkServerReachable, P as isServiceSupported, Q as FirstTreeHubSDK, R as stopClientService, S as createApiNameResolver, T as checkBackgroundService, U as findStaleAliases, V as handleClientOrgMismatch, W as formatStaleReason, X as ClientOrgMismatchError, Y as success, Z as ClientUserMismatchError, _ as loadOnboardState, a as declineUpdate, b as saveOnboardState, c as detectInstallMode, d as reconcileLocalRuntimeProviders, et as SessionRegistry, f as uploadClientCapabilities, g as formatCheckReport, h as promptMissingFields, i as createExecuteUpdate, it as configureClientLoggerForService, j as reconcileAgentConfigs, k as checkWebSocket, l as fetchLatestVersion, m as promptAddAgent, nt as probeCapabilities, o as promptUpdate, p as isInteractive, q as resolveSenderName, r as registerSaaSConnectCommand, rt as applyClientLoggerConfig, s as PACKAGE_NAME, tt as cleanWorkspaces, u as installGlobalLatest, v as onboardCheck, w as checkAgentConfigs, x as runHomeMigration, y as onboardCreate } from "../saas-connect-gXv14p6J.mjs";
-import { C as resolveConfigReadonly, S as resetConfigMeta, _ as initConfig, a as loadCredentials, b as readConfigFile, c as saveAgentConfig, d as DEFAULT_DATA_DIR, f as DEFAULT_HOME_DIR, g as getConfigValue, i as ensureFreshAdminToken, m as clientConfigSchema, p as agentConfigSchema, r as ensureFreshAccessToken, s as resolveServerUrl, u as DEFAULT_CONFIG_DIR, v as loadAgents, w as setConfigValue, x as resetConfig } from "../bootstrap-CmkHQsnS.mjs";
+import { $ as SdkError, A as printResults, B as ClientRuntime, C as migrateLocalAgentDirs, D as checkNodeVersion, E as checkClientConfig, G as removeLocalAgent, I as restartClientService, J as fail, K as resolveReplyToFromEnv, L as startClientService, M as getClientServiceStatus, N as installClientService, O as checkServerReachable, P as isServiceSupported, Q as FirstTreeHubSDK, R as stopClientService, S as createApiNameResolver, T as checkBackgroundService, U as findStaleAliases, V as handleClientOrgMismatch, W as formatStaleReason, X as ClientOrgMismatchError, Y as success, Z as ClientUserMismatchError, _ as loadOnboardState, a as declineUpdate, b as saveOnboardState, c as detectInstallMode, d as reconcileLocalRuntimeProviders, et as SessionRegistry, f as uploadClientCapabilities, g as formatCheckReport, h as promptMissingFields, i as createExecuteUpdate, it as configureClientLoggerForService, j as reconcileAgentConfigs, k as checkWebSocket, l as fetchLatestVersion, m as promptAddAgent, nt as probeCapabilities, o as promptUpdate, p as isInteractive, q as resolveSenderName, r as registerSaaSConnectCommand, rt as applyClientLoggerConfig, s as PACKAGE_NAME, tt as cleanWorkspaces, u as installGlobalLatest, v as onboardCheck, w as checkAgentConfigs, x as runHomeMigration, y as onboardCreate } from "../saas-connect-BOe1ynz2.mjs";
+import { C as resolveConfigReadonly, S as resetConfigMeta, _ as initConfig, a as loadCredentials, b as readConfigFile, c as saveAgentConfig, d as DEFAULT_DATA_DIR, f as DEFAULT_HOME_DIR, g as getConfigValue, i as ensureFreshAdminToken, m as clientConfigSchema, p as agentConfigSchema, r as ensureFreshAccessToken, s as resolveServerUrl, u as DEFAULT_CONFIG_DIR, v as loadAgents, w as setConfigValue, x as resetConfig } from "../bootstrap-D6RsdtJg.mjs";
 import { a as print, n as CLI_USER_AGENT, o as setJsonMode, r as COMMAND_VERSION, t as cliFetch } from "../cli-fetch-BGVItZxo.mjs";
 import { n as bindFeishuUser, t as bindFeishuBot } from "../feishu-BBUEVTnb.mjs";
 import { join } from "node:path";
@@ -1463,13 +1463,13 @@ function decodeJwtExpSeconds(token) {
 //#region src/commands/onboard.ts
 async function promptMissing(args) {
 	if (!args.server) try {
-		const { resolveServerUrl } = await import("../bootstrap-BmeaRhRp.mjs");
+		const { resolveServerUrl } = await import("../bootstrap-BC1M0f6A.mjs");
 		resolveServerUrl();
 	} catch {
 		args.server = await input({ message: "Hub server URL:" });
 		saveOnboardState(args);
 	}
-	const { loadCredentials } = await import("../bootstrap-BmeaRhRp.mjs");
+	const { loadCredentials } = await import("../bootstrap-BC1M0f6A.mjs");
 	if (!loadCredentials()) throw new Error("No saved credentials. Run `first-tree-hub connect <token>` before onboarding.");
 	if (!args.id) {
 		args.id = await input({ message: "Agent ID:" });

package/dist/index.mjs

@@ -1,5 +1,5 @@
-import { $ as SdkError, A as printResults, B as ClientRuntime, D as checkNodeVersion, E as checkClientConfig, F as resolveCliInvocation, H as rotateClientIdWithBackup, I as restartClientService, L as startClientService, M as getClientServiceStatus, N as installClientService, O as checkServerReachable, P as isServiceSupported, Q as FirstTreeHubSDK, R as stopClientService, V as handleClientOrgMismatch, g as formatCheckReport, h as promptMissingFields, k as checkWebSocket, m as promptAddAgent, n as deriveHubUrlFromToken, p as isInteractive, t as HubUrlDerivationError, v as onboardCheck, w as checkAgentConfigs, x as runHomeMigration, y as onboardCreate, z as uninstallClientService } from "./saas-connect-gXv14p6J.mjs";
-import { i as ensureFreshAdminToken, n as AuthRefreshRateLimitedError, o as resolveAccessToken, r as ensureFreshAccessToken, s as resolveServerUrl, t as AuthRefreshFailedError } from "./bootstrap-CmkHQsnS.mjs";
+import { $ as SdkError, A as printResults, B as ClientRuntime, D as checkNodeVersion, E as checkClientConfig, F as resolveCliInvocation, H as rotateClientIdWithBackup, I as restartClientService, L as startClientService, M as getClientServiceStatus, N as installClientService, O as checkServerReachable, P as isServiceSupported, Q as FirstTreeHubSDK, R as stopClientService, V as handleClientOrgMismatch, g as formatCheckReport, h as promptMissingFields, k as checkWebSocket, m as promptAddAgent, n as deriveHubUrlFromToken, p as isInteractive, t as HubUrlDerivationError, v as onboardCheck, w as checkAgentConfigs, x as runHomeMigration, y as onboardCreate, z as uninstallClientService } from "./saas-connect-BOe1ynz2.mjs";
+import { i as ensureFreshAdminToken, n as AuthRefreshRateLimitedError, o as resolveAccessToken, r as ensureFreshAccessToken, s as resolveServerUrl, t as AuthRefreshFailedError } from "./bootstrap-D6RsdtJg.mjs";
 import { i as blank, s as status } from "./cli-fetch-BGVItZxo.mjs";
 import { n as bindFeishuUser, t as bindFeishuBot } from "./feishu-BBUEVTnb.mjs";
 export { AuthRefreshFailedError, AuthRefreshRateLimitedError, ClientRuntime, FirstTreeHubSDK, HubUrlDerivationError, SdkError, bindFeishuBot, bindFeishuUser, blank, checkAgentConfigs, checkClientConfig, checkNodeVersion, checkServerReachable, checkWebSocket, deriveHubUrlFromToken, ensureFreshAccessToken, ensureFreshAdminToken, formatCheckReport, getClientServiceStatus, handleClientOrgMismatch, installClientService, isInteractive, isServiceSupported, onboardCheck, onboardCreate, printResults, promptAddAgent, promptMissingFields, resolveAccessToken, resolveCliInvocation, resolveServerUrl, restartClientService, rotateClientIdWithBackup, runHomeMigration, startClientService, status, stopClientService, uninstallClientService };

package/dist/{saas-connect-gXv14p6J.mjs → saas-connect-BOe1ynz2.mjs}

@@ -1,4 +1,4 @@
-import { C as resolveConfigReadonly, S as resetConfigMeta, _ as initConfig, a as loadCredentials, c as saveAgentConfig, d as DEFAULT_DATA_DIR$1, f as DEFAULT_HOME_DIR$1, h as collectMissingPrompts, l as saveCredentials, m as clientConfigSchema, p as agentConfigSchema, r as ensureFreshAccessToken, s as resolveServerUrl, u as DEFAULT_CONFIG_DIR, v as loadAgents, w as setConfigValue, x as resetConfig, y as migrateLegacyHome } from "./bootstrap-CmkHQsnS.mjs";
+import { C as resolveConfigReadonly, S as resetConfigMeta, _ as initConfig, a as loadCredentials, c as saveAgentConfig, d as DEFAULT_DATA_DIR$1, f as DEFAULT_HOME_DIR$1, h as collectMissingPrompts, l as saveCredentials, m as clientConfigSchema, p as agentConfigSchema, r as ensureFreshAccessToken, s as resolveServerUrl, u as DEFAULT_CONFIG_DIR, v as loadAgents, w as setConfigValue, x as resetConfig, y as migrateLegacyHome } from "./bootstrap-D6RsdtJg.mjs";
 import { a as print, i as blank, n as CLI_USER_AGENT, r as COMMAND_VERSION, t as cliFetch } from "./cli-fetch-BGVItZxo.mjs";
 import { createRequire } from "node:module";
 import { z } from "zod";
@@ -5883,6 +5883,12 @@ defineConfig({
 			captureClientIp: field(z.boolean().default(false), { env: "FIRST_TREE_HUB_OTEL_CAPTURE_CLIENT_IP" })
 		})
 	},
+	update: {
+		channel: field(z.enum(["latest", "alpha"]).default("latest"), { env: "FIRST_TREE_HUB_UPDATE_CHANNEL" }),
+		commandVersion: field(z.string().optional(), { env: "FIRST_TREE_HUB_COMMAND_VERSION" }),
+		pollIntervalMinutes: field(z.coerce.number().int().min(1).max(1440).default(60), { env: "FIRST_TREE_HUB_UPDATE_POLL_INTERVAL_MINUTES" }),
+		registryUrl: field(z.string().url().default("https://registry.npmjs.org"), { env: "FIRST_TREE_HUB_UPDATE_REGISTRY_URL" })
+	},
 	runtime: {
 		inboxTimeoutSeconds: field(z.coerce.number().int().positive().default(300), { env: "FIRST_TREE_HUB_INBOX_TIMEOUT_SECONDS" }),
 		maxRetryCount: field(z.coerce.number().int().nonnegative().default(3), { env: "FIRST_TREE_HUB_MAX_RETRY_COUNT" }),
@@ -13610,17 +13616,46 @@ function detectInstallMode(argv1 = process.argv[1] ?? "") {
 	return "npx";
 }
 /**
-* Install `<pkg>@latest` globally. Returns after the child exits. Does not
-* exit the parent process — callers are expected to handle that (so the
-* UpdateManager can attempt the restart itself while this function remains
-* side-effect-scoped).
-*/
-async function installGlobalLatest() {
+* Validate an npm install spec (the part after `@` in `<pkg>@<spec>`). We
+* accept either a known dist-tag string (`latest`, `alpha`, …) or an exact
+* SemVer version (`0.14.7`, `0.14.8-alpha.286.1`). The intent is purely
+* defensive: the spec is concatenated into the npm CLI args, and we never
+* want to forward an attacker-controlled shell metacharacter from a
+* (compromised) server welcome frame straight into `spawn`. spawn() already
+* argv-escapes, but a `--registry=...` style spec would still be
+* interpreted as an npm flag — refusing leading dashes and whitespace
+* collapses the surface unambiguously.
+*/
+function isSafeInstallSpec(spec) {
+	if (typeof spec !== "string" || spec.length === 0 || spec.length > 128) return false;
+	if (spec.startsWith("-")) return false;
+	return /^[A-Za-z0-9.+-]+$/.test(spec);
+}
+/**
+* Install `<pkg>@<spec>` globally. `spec` is either a dist-tag (e.g. `latest`)
+* or an exact version (e.g. `0.14.7-alpha.286.1`). Returns after the child
+* exits. Does not exit the parent process — callers are expected to handle
+* that (so the UpdateManager can attempt the restart itself while this
+* function remains side-effect-scoped).
+*
+* Why both shapes exist: the auto-update path receives `targetVersion` from
+* the server `welcome` frame and MUST install that exact version — using
+* `@latest` from auto-update would silently mis-resolve once the server
+* starts advertising alpha builds (alpha lives on a different dist-tag).
+* The manual `first-tree-hub update` CLI keeps the dist-tag form so users
+* who type the command without args still get "newest stable on npm".
+*/
+async function installGlobalSpec(spec) {
+	if (!isSafeInstallSpec(spec)) return {
+		ok: false,
+		mode: "global",
+		reason: `Refusing to install: invalid npm spec ${JSON.stringify(spec)}`
+	};
 	return new Promise((resolvePromise) => {
 		const child = spawn(resolveNpmCommand(), [
 			"install",
 			"-g",
-			`${PACKAGE_NAME}@latest`
+			`${PACKAGE_NAME}@${spec}`
 		], { stdio: [
 			"ignore",
 			"pipe",
@@ -13658,6 +13693,15 @@ async function installGlobalLatest() {
 	});
 }
 /**
+* Back-compat shim: install `<pkg>@latest`. The manual `first-tree-hub
+* update` CLI uses this so an operator-typed `update` keeps the
+* "newest stable on npm" behaviour. Auto-update prefers `installGlobalSpec`
+* with the welcome frame's `targetVersion`.
+*/
+async function installGlobalLatest() {
+	return installGlobalSpec("latest");
+}
+/**
 * Best-effort extraction of the version npm reported as installed. npm's
 * stdout lines look like `+ @agent-team-foundation/first-tree-hub@0.9.2`.
 * Returns null if nothing matches — callers treat null as "install succeeded
@@ -13710,7 +13754,7 @@ function fetchLatestVersion(timeoutMs = 1e4) {
 }
 /** Interactive update prompt. Defaults to N on timeout. */
 const promptUpdate = async ({ currentVersion, targetVersion, timeoutSeconds }) => {
-	const message = `A newer First Tree Hub client is available.\n  You: ${currentVersion}\n  Server bundled with: ${targetVersion}\n  Will install: latest on npm (>= ${targetVersion})\n  Updating will restart the client and briefly interrupt any active sessions.\n  Update now?`;
+	const message = `A newer First Tree Hub client is available.\n  You: ${currentVersion}\n  Server recommends: ${targetVersion}\n  Will install: ${targetVersion}\n  Updating will restart the client and briefly interrupt any active sessions.\n  Update now?`;
 	try {
 		const controller = new AbortController();
 		const timer = setTimeout(() => controller.abort(), timeoutSeconds * 1e3);
@@ -13748,7 +13792,7 @@ const declineUpdate = async () => false;
 * operator restarts manually.
 */
 function createExecuteUpdate({ managed }) {
-	return async () => {
+	return async ({ targetVersion }) => {
 		const mode = detectInstallMode();
 		if (mode === "source") {
 			print.line("  [update] Running from source checkout — self-update skipped. Use `git pull` instead.\n");
@@ -13758,13 +13802,13 @@ function createExecuteUpdate({ managed }) {
 			print.line("  [update] Cannot self-update — not launched from a global npm install.\n  Run `npm i -g @agent-team-foundation/first-tree-hub` manually.\n");
 			return { installed: false };
 		}
-		print.line("  [update] Running `npm install -g @agent-team-foundation/first-tree-hub@latest`...\n");
-		const result = await installGlobalLatest();
+		print.line(`  [update] Running \`npm install -g @agent-team-foundation/first-tree-hub@${targetVersion}\`...\n`);
+		const result = await installGlobalSpec(targetVersion);
 		if (!result.ok) {
 			print.line(`  [update] Install failed: ${result.reason}\n`);
 			return { installed: false };
 		}
-		const installed = result.installedVersion ?? "latest";
+		const installed = result.installedVersion ?? targetVersion;
 		if (managed) {
 			print.line(`  [update] Installed ${installed}. Restarting (exit 75).\n`);
 			process.exit(75);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agent-team-foundation/first-tree-hub",
-  "version": "0.14.7-alpha.286.1",
+  "version": "0.14.8",
   "type": "module",
   "description": "First Tree Hub — unified CLI for client and agent management",
   "exports": {