@agfpd/iapeer-memory 0.2.5 → 0.2.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agfpd/iapeer-memory",
-  "version": "0.2.5",
+  "version": "0.2.6",
   "description": "iapeer-memory — peer memory for the iapeer ecosystem: vault, memoryd (index/search/MCP-http), layer-5 context fragments, role doctrines. The package IS the system; the claude/codex plugins are thin session sockets (docs/10-distribution.md, ADR-009).",
   "license": "MIT",
   "type": "module",
@@ -27,7 +27,7 @@
     "access": "public"
   },
   "dependencies": {
-    "@agfpd/iapeer-memory-core": "0.2.5"
+    "@agfpd/iapeer-memory-core": "0.2.6"
   },
   "devDependencies": {
     "@types/bun": "^1.2.0",

package/src/cli.ts

@@ -13,7 +13,7 @@
  * verify found problems, 2 usage error or not-yet-implemented stage.
  */
 
-import { isUnderProdAnchor, sandboxEnvArmed } from "@agfpd/iapeer-memory-core";
+import { sandboxBlocksProdRead } from "@agfpd/iapeer-memory-core";
 import { loadConfigFile } from "./config-env.js";
 import { liveEgress } from "./egress.js";
 import { memoryPaths } from "./paths.js";
@@ -92,7 +92,7 @@ export async function main(argv: string[]): Promise<number> {
   // process. A test must pass ITS OWN IAPEER_MEMORY_CONFIG_FILE.
   if (cmd && !["help", "--help", "-h", "version", "--version", "-V"].includes(cmd)) {
     const configFile = memoryPaths().configFile;
-    if (sandboxEnvArmed() && isUnderProdAnchor(configFile)) {
+    if (sandboxBlocksProdRead(configFile)) {
       console.error(
         `iapeer-memory: live config.env skipped under the test sandbox (${configFile}) — pass IAPEER_MEMORY_CONFIG_FILE`,
       );

package/src/fleet.ts

@@ -21,7 +21,7 @@
 import fs from "node:fs";
 import path from "node:path";
 import { IAPEER_BIN, type Egress } from "./egress.js";
-import { guardedWriteFileSync } from "@agfpd/iapeer-memory-core";
+import { guardedWriteFileSync, sandboxBlocksProdRead } from "@agfpd/iapeer-memory-core";
 
 export type FleetMapResult = {
   action: "written" | "failed";
@@ -48,6 +48,15 @@ export type FleetPeer = { personality: string; cwd: string; runtimes: string[] }
  *  (pre-v1.2 maps) read as `runtimes: []` — the sweep skips them until the
  *  next map re-write (init/update/verify --repair). */
 export function readFleetMap(fleetMapPath: string): FleetPeer[] | null {
+  // Read-as-egress (И4 parity): the prod fleet map NAMES live cwds — a
+  // sandboxed process must not learn them. Null = «map unreadable», every
+  // caller already reports that honestly instead of sweeping.
+  if (sandboxBlocksProdRead(fleetMapPath)) {
+    console.error(
+      `iapeer-memory: live fleet map skipped under the test sandbox (${fleetMapPath}) — set IAPEER_MEMORY_STATE_DIR/IAPEER_ROOT`,
+    );
+    return null;
+  }
   try {
     const raw = JSON.parse(fs.readFileSync(fleetMapPath, "utf-8")) as {
       peers?: Array<{ personality?: unknown; cwd?: unknown; runtimes?: unknown }>;

package/src/slot.ts

@@ -32,7 +32,11 @@
 import fs from "node:fs";
 import path from "node:path";
 import { IAPEER_BIN, type Egress } from "./egress.js";
-import { guardedWriteFileSync, guardedUnlinkSync } from "@agfpd/iapeer-memory-core";
+import {
+  guardedWriteFileSync,
+  guardedUnlinkSync,
+  sandboxBlocksProdRead,
+} from "@agfpd/iapeer-memory-core";
 
 export const SLOT_PROVIDER = "iapeer-memory";
 export const SLOT_PACKAGE = "@agfpd/iapeer-memory";
@@ -100,6 +104,10 @@ export type MemoryProviderSlot = {
 
 /** Never throws: missing / unreadable / malformed → null (empty slot). */
 export function readSlot(slotPath: string): MemoryProviderSlot | null {
+  // Read-as-egress (И4 parity): the PROD slot gates fleet-wide sweeps
+  // («slot is ours» is TRUE on the live host) — a sandboxed process must
+  // read it as absent and refuse/skip honestly.
+  if (sandboxBlocksProdRead(slotPath)) return null;
   try {
     const parsed = JSON.parse(fs.readFileSync(slotPath, "utf-8")) as MemoryProviderSlot;
     if (!parsed || typeof parsed.provider !== "string") return null;