@agfpd/iapeer 0.1.0

package/src/launch/launch.test.ts

@@ -0,0 +1,233 @@
+import { describe, expect, test } from 'bun:test'
+import { getAdapter, launch } from './index.ts'
+import { claudeAdapter } from './adapters/claude.ts'
+import { codexAdapter } from './adapters/codex.ts'
+import { telegramAdapter } from './adapters/telegram.ts'
+import { notifierAdapter } from './adapters/notifier.ts'
+import type { LaunchAdapterConfig, LaunchConfig, LaunchSpec } from './types.ts'
+
+const cfg: LaunchAdapterConfig = { claudeBin: '/bin/claude', codexBin: 'codex' }
+// Full LaunchConfig for the gate tests — the intelligence gate returns FAILED at
+// step 0, BEFORE any tmux/FS work, so these values are never exercised.
+const launchCfg: LaunchConfig = {
+  claudeBin: '/bin/claude',
+  codexBin: 'codex',
+  sockDir: '/tmp',
+  bootDeadlineSecs: 1,
+  readyGateSecs: 1,
+  maxAgeSecs: 1,
+  logDir: '/tmp/iapeer-test-logs',
+}
+function spec(over: Partial<LaunchSpec> = {}): LaunchSpec {
+  return {
+    personality: 'p',
+    runtime: 'claude',
+    cwd: '/tmp/p',
+    identity: 'claude-p',
+    socketPath: '/tmp/tmux-iap-claude-p.sock',
+    ...over,
+  }
+}
+
+describe('getAdapter', () => {
+  test('dispatches each runtime to its adapter', () => {
+    expect(getAdapter('claude')).toBe(claudeAdapter)
+    expect(getAdapter('codex')).toBe(codexAdapter)
+    expect(getAdapter('telegram')).toBe(telegramAdapter)
+    expect(getAdapter('notifier')).toBe(notifierAdapter)
+  })
+  test('codex is tui+doctrine, telegram is router+no-doctrine', () => {
+    expect(codexAdapter.kind).toBe('tui')
+    expect(codexAdapter.usesDoctrine).toBe(true)
+    expect(telegramAdapter.kind).toBe('router')
+    expect(telegramAdapter.usesDoctrine).toBe(false)
+  })
+  test('unknown runtime throws', () => {
+    expect(() => getAdapter('webhook')).toThrow()
+  })
+})
+
+describe('codexAdapter.buildArgv', () => {
+  test('bare (no resume, no doctrine): --no-alt-screen -C cwd --dangerously-bypass', () => {
+    expect(codexAdapter.buildArgv(spec({ runtime: 'codex', cwd: '/w' }), cfg)).toEqual([
+      'codex',
+      '--no-alt-screen',
+      '-C',
+      '/w',
+      '--dangerously-bypass-approvals-and-sandbox',
+    ])
+  })
+  test('with resume + model_instructions_file (exact order)', () => {
+    expect(
+      codexAdapter.buildArgv(spec({ runtime: 'codex', cwd: '/w', resume: true, systemPromptFile: '/sp.md' }), cfg),
+    ).toEqual([
+      'codex',
+      'resume',
+      '--last',
+      '--no-alt-screen',
+      '-C',
+      '/w',
+      '-c',
+      'model_instructions_file=/sp.md',
+      '--dangerously-bypass-approvals-and-sandbox',
+    ])
+  })
+})
+
+describe('telegramAdapter (router — no TUI surface)', () => {
+  test('router predicates are trivial', () => {
+    expect(telegramAdapter.bootDialogKeys('anything')).toBeNull()
+    expect(telegramAdapter.isInputReady('anything')).toBe(true)
+    expect(telegramAdapter.newestActivityMtime('/w')).toBeNull()
+    expect(telegramAdapter.permissionDialogActive('x')).toBe(false)
+  })
+})
+
+describe('notifierAdapter (router — infra/always-on)', () => {
+  test('kind:router, no doctrine', () => {
+    expect(notifierAdapter.runtime).toBe('notifier')
+    expect(notifierAdapter.kind).toBe('router')
+    expect(notifierAdapter.usesDoctrine).toBe(false)
+  })
+  test('buildArgv = notifier-runtime run [+extra], default bin', () => {
+    expect(notifierAdapter.buildArgv(spec({ runtime: 'notifier' }), cfg)).toEqual(['notifier-runtime', 'run'])
+    expect(
+      notifierAdapter.buildArgv(spec({ runtime: 'notifier', extraArgs: ['--foo'] }), { ...cfg, notifierBin: '/n/bin' }),
+    ).toEqual(['/n/bin', 'run', '--foo'])
+  })
+  test('router predicates are trivial (no TUI surface)', () => {
+    expect(notifierAdapter.bootDialogKeys('anything')).toBeNull()
+    expect(notifierAdapter.isInputReady('anything')).toBe(true)
+    expect(notifierAdapter.newestActivityMtime('/w')).toBeNull()
+    expect(notifierAdapter.permissionDialogActive('x')).toBe(false)
+    expect(notifierAdapter.permissionDialogKeys()).toEqual([])
+    expect(notifierAdapter.resolveResume('/w')).toEqual({ ok: true })
+  })
+})
+
+describe('claudeAdapter', () => {
+  test('kind/usesDoctrine', () => {
+    expect(claudeAdapter.kind).toBe('tui')
+    expect(claudeAdapter.usesDoctrine).toBe(true)
+  })
+
+  test('buildArgv bare (no system-prompt, no resume)', () => {
+    expect(claudeAdapter.buildArgv(spec(), cfg)).toEqual([
+      '/bin/claude',
+      '--dangerously-skip-permissions',
+      '--disallowedTools',
+      'AskUserQuestion',
+    ])
+  })
+
+  test('buildArgv with system-prompt-file + resume + extras (exact flags/order)', () => {
+    const argv = claudeAdapter.buildArgv(
+      spec({ systemPromptFile: '/tmp/sp.md', resumeRef: 'uuid-1', extraArgs: ['--foo'] }),
+      cfg,
+    )
+    expect(argv).toEqual([
+      '/bin/claude',
+      '--dangerously-skip-permissions',
+      '--disallowedTools',
+      'AskUserQuestion',
+      '--system-prompt-file',
+      '/tmp/sp.md',
+      '--resume',
+      'uuid-1',
+      '--foo',
+    ])
+  })
+
+  test('buildArgv carries NO currency (no marketplace/plugin tokens)', () => {
+    const flat = claudeAdapter.buildArgv(spec({ systemPromptFile: '/x' }), cfg).join(' ')
+    expect(flat).not.toMatch(/marketplace|plugin (install|update|marketplace)/)
+  })
+
+  test('isInputReady: ❯ + bypass banner, dialogs gone → true', () => {
+    expect(claudeAdapter.isInputReady('… ❯ …\nbypass permissions on')).toBe(true)
+  })
+  test('isInputReady: a boot dialog present → false even with ❯', () => {
+    expect(claudeAdapter.isInputReady('trust this folder\n❯ bypass permissions on')).toBe(false)
+  })
+  test('isInputReady: no bypass banner → false', () => {
+    expect(claudeAdapter.isInputReady('❯ just a prompt')).toBe(false)
+  })
+
+  test('bootDialogKeys: a dialog → [Enter], clean pane → null', () => {
+    expect(claudeAdapter.bootDialogKeys('I am using this for local development')).toEqual(['Enter'])
+    expect(claudeAdapter.bootDialogKeys('Resuming the full session')).toEqual(['Enter'])
+    expect(claudeAdapter.bootDialogKeys('❯ ready')).toBeNull()
+  })
+
+  test('permissionDialog: proceed prompt → active, [Enter]', () => {
+    expect(claudeAdapter.permissionDialogActive('Do you want to proceed?')).toBe(true)
+    expect(claudeAdapter.permissionDialogActive('nothing')).toBe(false)
+    expect(claudeAdapter.permissionDialogKeys()).toEqual(['Enter'])
+  })
+})
+
+// ─── Ф-A #2: deliveryMarkers OWNED by the adapter (07.06 refactor) ───────────
+describe('deliveryMarkers (adapter-owned, was transport PROMPT_GLYPHS)', () => {
+  test('claude: ❯ glyph + paste patterns', () => {
+    expect(claudeAdapter.deliveryMarkers.promptGlyphs).toEqual(['❯'])
+    expect(claudeAdapter.deliveryMarkers.pastePatterns?.some(re => re.test('[Pasted text +5 lines]'))).toBe(true)
+  })
+  test('codex: › glyph (not ❯) — per-runtime, no false cross-match', () => {
+    expect(codexAdapter.deliveryMarkers.promptGlyphs).toEqual(['›'])
+    expect(codexAdapter.deliveryMarkers.promptGlyphs).not.toContain('❯')
+  })
+  test('routers have no submit surface → empty glyphs', () => {
+    expect(telegramAdapter.deliveryMarkers.promptGlyphs).toEqual([])
+    expect(notifierAdapter.deliveryMarkers.promptGlyphs).toEqual([])
+  })
+})
+
+// ─── Ф-A #3: intelligence gate (telegram launch requires natural) ────────────
+describe('launch intelligence gate (adapter.requiresIntelligence)', () => {
+  test('telegram declares requiresIntelligence=natural; tui runtimes declare none', () => {
+    expect(telegramAdapter.requiresIntelligence).toBe('natural')
+    expect(claudeAdapter.requiresIntelligence).toBeUndefined()
+    expect(codexAdapter.requiresIntelligence).toBeUndefined()
+    expect(notifierAdapter.requiresIntelligence).toBeUndefined()
+  })
+
+  test('launch REFUSES a non-natural peer on telegram (fail-loud, before any tmux)', async () => {
+    const r = await launch(
+      spec({ runtime: 'telegram', identity: 'telegram-bot', socketPath: '/tmp/tmux-iap-telegram-bot.sock', intelligence: 'artificial' }),
+      telegramAdapter,
+      'first',
+      launchCfg,
+    )
+    expect(r.status).toBe('FAILED')
+    expect(r.reason).toMatch(/requires intelligence=natural/)
+  })
+
+  test('launch REFUSES when intelligence is unknown (cannot confirm natural)', async () => {
+    const r = await launch(
+      spec({ runtime: 'telegram', identity: 'telegram-bot', socketPath: '/tmp/tmux-iap-telegram-bot.sock' }),
+      telegramAdapter,
+      'first',
+      launchCfg,
+    )
+    expect(r.status).toBe('FAILED')
+    expect(r.reason).toMatch(/unknown/)
+  })
+})
+
+// ─── Ф-E #control: executeControl (adapter-owned in-session control mapping) ──
+describe('executeControl (Ф-E control commands)', () => {
+  test('claude: interrupt → [Escape]; compact → type /compact then Enter', () => {
+    expect(claudeAdapter.executeControl({ name: 'interrupt' })).toEqual({ sequence: [['Escape']] })
+    expect(claudeAdapter.executeControl({ name: 'compact' })).toEqual({ sequence: [['-l', '/compact'], ['Enter']], stepDelayMs: 300 })
+    expect(claudeAdapter.executeControl({ name: 'bogus' })).toBeNull()
+  })
+  test('codex: interrupt → [Escape] (×1 baseline; ×2 snapped live); compact → null', () => {
+    expect(codexAdapter.executeControl({ name: 'interrupt' })).toEqual({ sequence: [['Escape']] })
+    expect(codexAdapter.executeControl({ name: 'compact' })).toBeNull()
+  })
+  test('routers (telegram/notifier) refuse all control (no TUI turn)', () => {
+    expect(telegramAdapter.executeControl({ name: 'interrupt' })).toBeNull()
+    expect(notifierAdapter.executeControl({ name: 'interrupt' })).toBeNull()
+    expect(telegramAdapter.executeControl({ name: 'compact' })).toBeNull()
+  })
+})

package/src/launch/launchd.test.ts

@@ -0,0 +1,363 @@
+// launchd plist generation + the install↔isLaunchdManaged round-trip + the notifier
+// runtime classification. Validates the rendered plist with the REAL macOS
+// `plutil -lint` (a live check that the XML is a well-formed plist), exercises XML
+// escaping of hostile cwd characters, and proves the generator and the H4 detector
+// agree on the label/dir scheme.
+
+import { afterEach, describe, expect, test } from 'bun:test'
+import { spawnSync } from 'child_process'
+import { existsSync, mkdirSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from 'fs'
+import { tmpdir } from 'os'
+import { join } from 'path'
+import {
+  getAdapter,
+  installAlwaysOnPlist,
+  isFoundationOwnedPlist,
+  launchAgentsDir,
+  launchdLabel,
+  launchdPlistPath,
+  renderLaunchdPlist,
+  resolveExecutable,
+  type LaunchdPlistSpec,
+} from './index.ts'
+import { isLaunchdManaged } from '../lifecycle/index.ts'
+import { buildAlwaysOnSpec, runAlwaysOn } from './launchdRun.ts'
+import { defaultIntelligenceForRuntime, isInfraRuntime } from '../core/constants.ts'
+
+const tmpDirs: string[] = []
+function mkTmp(): string {
+  const d = mkdtempSync(join(tmpdir(), 'iapeer-launchd-'))
+  tmpDirs.push(d)
+  return d
+}
+afterEach(() => {
+  while (tmpDirs.length) rmSync(tmpDirs.pop()!, { recursive: true, force: true })
+})
+
+function plutilLint(path: string): { ok: boolean; out: string } {
+  const r = spawnSync('plutil', ['-lint', path], { encoding: 'utf8' })
+  return { ok: r.status === 0, out: `${r.stdout ?? ''}${r.stderr ?? ''}`.trim() }
+}
+
+const baseSpec: LaunchdPlistSpec = {
+  label: 'com.iapeer.timer',
+  programArguments: ['/path/to/bun', '/pkg/src/launch/launchdRun.ts', 'timer', 'notifier'],
+  workingDirectory: '/Users/x/Peers/timer',
+  environment: {
+    PEER_PERSONALITY: 'timer',
+    PEER_RUNTIME: 'notifier',
+    PEER_IDENTITY: 'notifier-timer',
+    PATH: '/usr/bin:/bin',
+  },
+  stdoutPath: '/Users/x/Peers/timer/.iapeer/logs/notifier/launchd-stdout.log',
+  stderrPath: '/Users/x/Peers/timer/.iapeer/logs/notifier/launchd-stderr.log',
+}
+
+describe('runtime classification', () => {
+  test('notifier → intelligence absent (zone)', () => {
+    expect(defaultIntelligenceForRuntime('notifier')).toBe('absent')
+  })
+  test('isInfraRuntime: notifier + telegram infra; claude/codex not', () => {
+    expect(isInfraRuntime('notifier')).toBe(true)
+    expect(isInfraRuntime('telegram')).toBe(true)
+    expect(isInfraRuntime('claude')).toBe(false)
+    expect(isInfraRuntime('codex')).toBe(false)
+  })
+  test('every infra runtime resolves to a router adapter (isInfraRuntime ↔ getAdapter can not drift)', () => {
+    for (const rt of ['notifier', 'telegram']) {
+      expect(isInfraRuntime(rt)).toBe(true)
+      expect(getAdapter(rt).kind).toBe('router') // always-on bring-up needs the launch-primitive adapter
+    }
+  })
+})
+
+describe('launchdLabel / launchAgentsDir', () => {
+  test('label = com.iapeer.<personality>', () => {
+    expect(launchdLabel('timer')).toBe('com.iapeer.timer')
+    expect(launchdLabel('watcher')).toBe('com.iapeer.watcher')
+  })
+  test('launchAgentsDir honors IAPEER_LAUNCHAGENTS_DIR', () => {
+    expect(launchAgentsDir({ IAPEER_LAUNCHAGENTS_DIR: '/tmp/la' })).toBe('/tmp/la')
+  })
+})
+
+describe('renderLaunchdPlist', () => {
+  test('valid plist (live plutil -lint) with always-on keys + throttle default 10', () => {
+    const xml = renderLaunchdPlist(baseSpec)
+    expect(xml).toContain('<key>Label</key>\n    <string>com.iapeer.timer</string>')
+    expect(xml).toContain('<key>RunAtLoad</key>\n    <true/>')
+    expect(xml).toContain('<key>KeepAlive</key>\n    <true/>')
+    expect(xml).toContain('<key>ThrottleInterval</key>\n    <integer>10</integer>')
+    expect(xml).toContain('<key>PEER_IDENTITY</key>\n        <string>notifier-timer</string>')
+    expect(xml).toContain('<string>/pkg/src/launch/launchdRun.ts</string>')
+
+    const dir = mkTmp()
+    const f = join(dir, 'r.plist')
+    writeFileSync(f, xml)
+    const lint = plutilLint(f)
+    expect(lint.ok).toBe(true) // plutil parsed it as a valid plist
+  })
+
+  test('explicit throttle is honored', () => {
+    expect(renderLaunchdPlist({ ...baseSpec, throttleIntervalSecs: 30 })).toContain(
+      '<key>ThrottleInterval</key>\n    <integer>30</integer>',
+    )
+  })
+
+  test('XML-escapes hostile cwd/personality and STAYS plutil-valid', () => {
+    const hostile = '/Users/x/Peers/a & b <weird>'
+    const xml = renderLaunchdPlist({ ...baseSpec, workingDirectory: hostile })
+    expect(xml).toContain('<string>/Users/x/Peers/a &amp; b &lt;weird&gt;</string>')
+    expect(xml).not.toContain('a & b <weird>') // raw unescaped must not appear
+    const dir = mkTmp()
+    const f = join(dir, 'h.plist')
+    writeFileSync(f, xml)
+    expect(plutilLint(f).ok).toBe(true)
+  })
+
+  test('drops XML-1.0-illegal control chars (NUL/C0) and stays valid', () => {
+    const xml = renderLaunchdPlist({ ...baseSpec, workingDirectory: '/a\x00b\x01c\x1ftab\tkeep' })
+    expect(xml).toContain('<string>/abctab\tkeep</string>') // controls gone, tab preserved
+    expect(xml).not.toContain('\x00')
+    const dir = mkTmp()
+    const f = join(dir, 'c.plist')
+    writeFileSync(f, xml)
+    expect(plutilLint(f).ok).toBe(true)
+  })
+})
+
+describe('installAlwaysOnPlist ↔ isLaunchdManaged round-trip', () => {
+  test('installs a valid notifier plist that isLaunchdManaged then detects', () => {
+    const root = mkTmp()
+    const laDir = join(root, 'LaunchAgents')
+    const cwd = join(root, 'peer-timer')
+    // IAPEER_ROOT keeps the now-GLOBAL infra log dir (~/.iapeer/logs/<p>) under the
+    // sandbox, not the real home (Фаза §8 moved infra logs out of the per-peer cwd).
+    const env = { IAPEER_LAUNCHAGENTS_DIR: laDir, IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+
+    const path = installAlwaysOnPlist({
+      personality: 'timer',
+      runtime: 'notifier',
+      cwd,
+      entrypointArgv: ['/path/to/bun', '/pkg/src/launch/launchdRun.ts'],
+      path: '/usr/bin:/bin',
+      env,
+    })
+
+    expect(path).toBe(launchdPlistPath('timer', env))
+    expect(existsSync(path)).toBe(true)
+    // generator and H4 detector agree (shared launchdLabel/launchAgentsDir)
+    expect(isLaunchdManaged('timer', env)).toBe(true)
+    expect(isLaunchdManaged('nobody', env)).toBe(false)
+    // the installed file is a valid plist
+    expect(plutilLint(path).ok).toBe(true)
+  })
+
+  test('DEFAULT entrypoint (Ф-F) = the installed `iapeer run-infra <p> <r>` binary, not bun src', () => {
+    const root = mkTmp()
+    // HOME=/Users/x exercises the default binary path (~/.local/bin/iapeer); IAPEER_ROOT
+    // keeps the global infra log dir under the sandbox (not the fake /Users/x).
+    const env = {
+      IAPEER_LAUNCHAGENTS_DIR: join(root, 'LaunchAgents'),
+      HOME: '/Users/x',
+      IAPEER_ROOT: join(root, 'iapeer'),
+    } as NodeJS.ProcessEnv
+    // no entrypointArgv → the default must be the installed binary + run-infra verb
+    const path = installAlwaysOnPlist({ personality: 'timer', runtime: 'notifier', cwd: join(root, 'c'), env })
+    const xml = readFileSync(path, 'utf8')
+    expect(xml).toContain('<string>/Users/x/.local/bin/iapeer</string>')
+    expect(xml).toContain('<string>run-infra</string>')
+    expect(xml).toContain('<string>timer</string>')
+    expect(xml).toContain('<string>notifier</string>')
+    expect(xml).not.toContain('launchdRun.ts') // decoupled from the src tree
+  })
+
+  test('refuses a non-infra (warm-on-demand) runtime', () => {
+    const root = mkTmp()
+    expect(() =>
+      installAlwaysOnPlist({
+        personality: 'boris',
+        runtime: 'claude',
+        cwd: join(root, 'p'),
+        env: { IAPEER_LAUNCHAGENTS_DIR: join(root, 'LaunchAgents') } as NodeJS.ProcessEnv,
+      }),
+    ).toThrow(/not an always-on infra runtime/)
+  })
+})
+
+// The launchd Label com.iapeer.<personality> is keyed on PERSONALITY and SHARED
+// with the live persistent-peer fleet (com.iapeer.arthur, com.iapeer.boris — real
+// people/agents, launchd-held RIGHT NOW). A personality collision would point the
+// installer at a PP-managed plist. H4 invariant: the foundation must NEVER clobber
+// a plist it does not own. The guard tells "ours" from "theirs" by a sentinel the
+// foundation renderer embeds — a PP/foreign plist lacks it → refuse, do not write.
+describe('installAlwaysOnPlist collision guard (H4 — shared com.iapeer.* namespace)', () => {
+  // A persistent-peer start.sh plist for `boris` — same com.iapeer.boris Label, but
+  // NOT foundation-rendered (no sentinel). This stands in for a live PP-managed file.
+  const foreignPpPlist = `<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+    <key>Label</key>
+    <string>com.iapeer.boris</string>
+    <key>ProgramArguments</key>
+    <array>
+        <string>/Users/x/.iapeer/plugins/persistent-peer/start.sh</string>
+        <string>boris</string>
+    </array>
+    <key>RunAtLoad</key>
+    <true/>
+    <key>KeepAlive</key>
+    <true/>
+</dict>
+</plist>
+`
+
+  test('REFUSES to overwrite a foreign (PP-managed) com.iapeer.* plist — no silent clobber', () => {
+    const root = mkTmp()
+    const laDir = join(root, 'LaunchAgents')
+    mkdirSync(laDir, { recursive: true })
+    const env = { IAPEER_LAUNCHAGENTS_DIR: laDir, IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+    const path = launchdPlistPath('boris', env)
+    writeFileSync(path, foreignPpPlist) // a live PP peer's plist already sits here
+
+    expect(() =>
+      installAlwaysOnPlist({
+        personality: 'boris',
+        runtime: 'notifier',
+        cwd: join(root, 'peer-boris'),
+        entrypointArgv: ['/path/to/bun', '/pkg/src/launch/launchdRun.ts'],
+        path: '/usr/bin:/bin',
+        env,
+      }),
+    ).toThrow(/foundation-managed|refus/i)
+
+    // the foreign plist MUST be byte-for-byte untouched (the live PP peer survives)
+    expect(readFileSync(path, 'utf8')).toBe(foreignPpPlist)
+  })
+
+  test('isFoundationOwnedPlist: own (rendered) → true, foreign → false, absent → false', () => {
+    const dir = mkTmp()
+    const own = join(dir, 'own.plist')
+    writeFileSync(own, renderLaunchdPlist(baseSpec)) // foundation renderer → sentinel
+    expect(isFoundationOwnedPlist(own)).toBe(true)
+
+    const foreign = join(dir, 'foreign.plist')
+    writeFileSync(foreign, foreignPpPlist) // PP start.sh plist → no sentinel
+    expect(isFoundationOwnedPlist(foreign)).toBe(false)
+
+    expect(isFoundationOwnedPlist(join(dir, 'nope.plist'))).toBe(false) // absent
+  })
+
+  test('re-installing the foundation OWN plist is idempotent (sentinel present → allowed)', () => {
+    const root = mkTmp()
+    const laDir = join(root, 'LaunchAgents')
+    const env = { IAPEER_LAUNCHAGENTS_DIR: laDir, IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+    const opts = {
+      personality: 'timer',
+      runtime: 'notifier' as const,
+      cwd: join(root, 'peer-timer'),
+      entrypointArgv: ['/path/to/bun', '/pkg/src/launch/launchdRun.ts'],
+      path: '/usr/bin:/bin',
+      env,
+    }
+    const path = installAlwaysOnPlist(opts) // first install — writes OUR plist
+    expect(isFoundationOwnedPlist(path)).toBe(true)
+    // second install over our own plist must NOT throw (idempotent re-provision)
+    expect(() => installAlwaysOnPlist(opts)).not.toThrow()
+    expect(plutilLint(path).ok).toBe(true)
+  })
+})
+
+// launchd gives a job a MINIMAL PATH (no ~/.local/bin, ~/.bun/bin), so an infra
+// peer's always-on plist must PIN its launcher to an absolute path or the session
+// crash-loops. installAlwaysOnPlist resolves the bin against the rich provisioning
+// PATH and bakes NOTIFIER_RUNTIME_BIN / TELEGRAM_RUNTIME_BIN.
+describe('resolveExecutable + runtime-bin pinning', () => {
+  function fakeExec(dir: string, name: string): string {
+    const p = join(dir, name)
+    writeFileSync(p, '#!/bin/sh\nexit 0\n', { mode: 0o755 })
+    return p
+  }
+
+  test('resolveExecutable: finds on PATH, abs passthrough, undefined when absent', () => {
+    const dir = mkTmp()
+    const bin = fakeExec(dir, 'notifier-runtime')
+    expect(resolveExecutable('notifier-runtime', { PATH: dir } as NodeJS.ProcessEnv)).toBe(bin)
+    expect(resolveExecutable(bin, {} as NodeJS.ProcessEnv)).toBe(bin) // abs path, exists+exec
+    expect(resolveExecutable('no-such-bin', { PATH: dir } as NodeJS.ProcessEnv)).toBeUndefined()
+    expect(resolveExecutable('/nope/notifier-runtime', {} as NodeJS.ProcessEnv)).toBeUndefined()
+  })
+
+  test('explicit runtimeBin (abs) is baked into the plist env', () => {
+    const root = mkTmp()
+    const env = { IAPEER_LAUNCHAGENTS_DIR: join(root, 'LA'), IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+    const path = installAlwaysOnPlist({
+      personality: 'timer', runtime: 'notifier', cwd: join(root, 'p'),
+      runtimeBin: '/opt/iapeer/notifier-runtime',
+      entrypointArgv: ['/bun', '/run.ts'], path: '/usr/bin:/bin', env,
+    })
+    const xml = readFileSync(path, 'utf8')
+    expect(xml).toContain('<key>NOTIFIER_RUNTIME_BIN</key>')
+    expect(xml).toContain('<string>/opt/iapeer/notifier-runtime</string>')
+    expect(plutilLint(path).ok).toBe(true)
+  })
+
+  test('runtimeBin omitted → default bin resolved from env.PATH and pinned', () => {
+    const root = mkTmp()
+    const bindir = mkTmp()
+    const bin = fakeExec(bindir, 'notifier-runtime')
+    const env = { IAPEER_LAUNCHAGENTS_DIR: join(root, 'LA'), PATH: bindir, IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+    const path = installAlwaysOnPlist({
+      personality: 'timer', runtime: 'notifier', cwd: join(root, 'p'),
+      entrypointArgv: ['/bun', '/run.ts'], env,
+    })
+    expect(readFileSync(path, 'utf8')).toContain(`<string>${bin}</string>`)
+  })
+
+  test('unresolvable launcher → NOT baked (no crash; bare name + plist PATH remain)', () => {
+    const root = mkTmp()
+    const env = { IAPEER_LAUNCHAGENTS_DIR: join(root, 'LA'), PATH: join(root, 'empty'), IAPEER_ROOT: join(root, 'iapeer') } as NodeJS.ProcessEnv
+    const path = installAlwaysOnPlist({
+      personality: 'timer', runtime: 'notifier', cwd: join(root, 'p'),
+      entrypointArgv: ['/bun', '/run.ts'], path: '/usr/bin:/bin', env,
+    })
+    expect(readFileSync(path, 'utf8')).not.toContain('NOTIFIER_RUNTIME_BIN')
+  })
+})
+
+describe('runAlwaysOn guard', () => {
+  test('a non-infra runtime is rejected with exit code 1 (no tmux touched)', async () => {
+    expect(await runAlwaysOn('boris', 'claude', '/tmp/whatever')).toBe(1)
+  })
+})
+
+// REGRESSION (Ф-A #3 adversarial-verify find): the always-on launch path MUST carry
+// the peer's intelligence onto the spec, or the launch primitive's telegram nature
+// gate (requires natural) fails `natural !== undefined` → exit 1 → launchd KeepAlive
+// crash-loop on EVERY telegram bot. buildAlwaysOnSpec reads it from the local profile.
+describe('buildAlwaysOnSpec carries intelligence (telegram crash-loop guard)', () => {
+  test('a provisioned telegram peer (intelligence=natural) → spec.intelligence=natural (clears the gate)', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'iapeer-alwayson-'))
+    mkdirSync(join(cwd, '.iapeer'), { recursive: true })
+    writeFileSync(
+      join(cwd, '.iapeer', 'peer-profile.json'),
+      JSON.stringify({ personality: 'mybot', runtime: 'telegram', runtimes: ['telegram'], description: '', intelligence: 'natural' }),
+    )
+    const spec = buildAlwaysOnSpec('mybot', 'telegram', cwd, '/tmp')
+    expect(spec.intelligence).toBe('natural')
+    // and the gate it feeds would pass: telegram + natural is not refused
+    rmSync(cwd, { recursive: true, force: true })
+  })
+
+  test('legacy human profile self-heals to natural on read → still clears the gate', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'iapeer-alwayson-'))
+    mkdirSync(join(cwd, '.iapeer'), { recursive: true })
+    writeFileSync(
+      join(cwd, '.iapeer', 'peer-profile.json'),
+      JSON.stringify({ personality: 'mybot', runtime: 'telegram', runtimes: ['telegram'], description: '', intelligence: 'human' }),
+    )
+    expect(buildAlwaysOnSpec('mybot', 'telegram', cwd, '/tmp').intelligence).toBe('natural')
+    rmSync(cwd, { recursive: true, force: true })
+  })
+})