@agfpd/iapeer 0.1.0

package/src/enable/index.ts

@@ -0,0 +1,381 @@
+// enable — per-peer capability install (contract Установка §3 + Per-рантайм
+// install-асимметрия; verb `enable <capability> [peer]`). The init→enable
+// capability story: a peer gains a capability (peer-voice / MergeMind) FROM our
+// marketplace. iapeer ORCHESTRATES — install + enable + call `setup` ONLY if the
+// plugin declares it — and deliberately does NOT resolve the plugin's dep-graph
+// (`requires`/`setup` internals are the plugin's job, → Стандарт iapeer плагина).
+//
+// Per-рантайм install-асимметрия (contract table):
+//   claude → `plugin install <p>@agfpd --scope project` run IN the peer's cwd; the
+//            project-scope entry is keyed by projectPath, so it is ISOLATED per peer
+//            (a test-peer install never touches a live peer's entry). enable = that
+//            install (project-scope is the cold-start MCP enabler) + plugin enable.
+//   codex  → `plugin add <p>@agfpd` GLOBAL (host-wide, once); enable is per-peer via
+//            config. codex has no project scope (a global mutation), so it is NOT run
+//            against the real host under fleet-guard without an isolated CODEX_HOME.
+//
+// SIMPLE vs СЛОЖНЫЙ plugin (contract): a plugin MAY ship `iapeer.json` at its root
+// declaring `setup` (a multi-step installer) and `requires`. SIMPLE (peer-voice — no
+// iapeer.json/no setup): install + enable → works. СЛОЖНЫЙ (MergeMind): install +
+// enable → call `setup`. iapeer reads the manifest and calls setup ONLY if declared.
+
+import { spawnSync } from 'child_process'
+import { existsSync, readFileSync, realpathSync } from 'fs'
+import { basename, join } from 'path'
+import { homedir } from 'os'
+import { MARKETPLACE_NAME } from '../onboard/index.ts'
+import { findPeer, readPeersIndex } from '../registry/index.ts'
+import { IapError } from '../core/errors.ts'
+import { normalizeNameCandidate } from '../core/normalize.ts'
+
+export type CapabilityRuntime = 'claude' | 'codex'
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Installed-plugins parse + per-peer match (PURE — the fleet-guard hinges on it)
+// ─────────────────────────────────────────────────────────────────────────────
+
+/** One entry of `claude plugin list --json`. Project-scope entries carry projectPath
+ *  (the per-peer key); user/local scope do not. */
+export interface InstalledEntry {
+  id: string // `<plugin>@<marketplace>`
+  scope: string // 'project' | 'user' | 'local'
+  enabled: boolean
+  projectPath?: string
+  installPath?: string
+}
+
+/** Parse `claude plugin list --json` (a flat array) into typed entries; tolerant of
+ *  unknown extra fields and non-array payloads (→ []). */
+export function parseInstalledPlugins(json: string): InstalledEntry[] {
+  let data: unknown
+  try {
+    data = JSON.parse(json)
+  } catch {
+    return []
+  }
+  if (!Array.isArray(data)) return []
+  return data.flatMap(raw => {
+    if (!raw || typeof raw !== 'object') return []
+    const o = raw as Record<string, unknown>
+    if (typeof o.id !== 'string') return []
+    return [
+      {
+        id: o.id,
+        scope: typeof o.scope === 'string' ? o.scope : 'unknown',
+        enabled: o.enabled === true,
+        projectPath: typeof o.projectPath === 'string' ? o.projectPath : undefined,
+        installPath: typeof o.installPath === 'string' ? o.installPath : undefined,
+      },
+    ]
+  })
+}
+
+/** realpath-normalize a path for comparison (/tmp→/private/tmp on macOS); falls back
+ *  to the raw path when it does not resolve. Mirrors the legacy install-gate match. */
+function canonPath(p: string): string {
+  try {
+    return realpathSync(p)
+  } catch {
+    return p
+  }
+}
+
+/**
+ * Find the project-scope entry for `<plugin>@agfpd` installed for THIS peer cwd
+ * (realpath-matched projectPath). Returns the entry (so the caller sees enabled +
+ * installPath) or null. This is what makes enable idempotent AND fleet-safe: it keys
+ * on the peer's OWN projectPath, never another peer's.
+ */
+export function findPeerScopedEntry(
+  entries: InstalledEntry[],
+  plugin: string,
+  marketplace: string,
+  peerCwd: string,
+): InstalledEntry | null {
+  const id = `${plugin}@${marketplace}`
+  const want = canonPath(peerCwd)
+  return (
+    entries.find(
+      e => e.id === id && e.scope === 'project' && e.projectPath !== undefined && canonPath(e.projectPath) === want,
+    ) ?? null
+  )
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Manifest — setup detection (PURE)
+// ─────────────────────────────────────────────────────────────────────────────
+
+/** The optional `setup` descriptor in a plugin's `iapeer.json`: a bare command/script
+ *  string (resolved relative to the plugin root), or {command,args}. */
+export type SetupDescriptor = string | { command: string; args?: string[] }
+export interface IapeerManifest {
+  setup?: SetupDescriptor
+  requires?: unknown
+}
+
+/**
+ * Read `<installPath>/iapeer.json` and return its `setup` descriptor, or null when
+ * the plugin is SIMPLE (no manifest, no `setup`). A malformed manifest is treated as
+ * SIMPLE (no setup) rather than failing enable — the manifest is the plugin's contract,
+ * not iapeer's; install+enable already succeeded.
+ */
+export function readSetupDescriptor(installPath: string | undefined): SetupDescriptor | null {
+  if (!installPath) return null
+  const manifestPath = join(installPath, 'iapeer.json')
+  if (!existsSync(manifestPath)) return null
+  try {
+    const m = JSON.parse(readFileSync(manifestPath, 'utf8')) as IapeerManifest
+    if (typeof m.setup === 'string' && m.setup.trim()) return m.setup
+    if (m.setup && typeof m.setup === 'object' && typeof m.setup.command === 'string' && m.setup.command.trim()) {
+      return { command: m.setup.command, args: Array.isArray(m.setup.args) ? m.setup.args.map(String) : undefined }
+    }
+    return null
+  } catch {
+    return null
+  }
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Orchestrator
+// ─────────────────────────────────────────────────────────────────────────────
+
+export type RuntimeEnableState =
+  | 'already-enabled' // present + enabled for this peer → no-op (idempotent, fleet-safe)
+  | 'installed' // installed (and enabled) now
+  | 'enabled' // was installed-but-disabled → enabled now
+  | 'runtime-missing' // the runtime binary is not on the host
+  | 'failed' // install/enable command failed
+
+export type SetupState = 'absent' | 'called' | 'failed' | 'skipped'
+
+export interface RuntimeEnableResult {
+  runtime: CapabilityRuntime
+  state: RuntimeEnableState
+  installPath?: string
+  detail?: string
+}
+
+export interface EnableResult {
+  plugin: string
+  personality: string
+  cwd: string
+  runtimes: RuntimeEnableResult[]
+  setup: SetupState
+  setupDetail?: string
+}
+
+export interface EnableOptions {
+  plugin: string
+  /** Target peer by personality; default = the peer of the current cwd. */
+  peer?: string
+  /** Restrict to these runtimes (default: the peer's agentic runtimes). */
+  runtimes?: CapabilityRuntime[]
+  /** Skip the plugin's `setup` even if declared (install+enable only). */
+  noSetup?: boolean
+  env?: NodeJS.ProcessEnv
+  cwd?: string
+}
+
+function claudeBin(env: NodeJS.ProcessEnv): string {
+  return env.IAPEER_CLAUDE_BIN?.trim() || join(env.HOME?.trim() || homedir(), '.local', 'bin', 'claude')
+}
+function codexBin(env: NodeJS.ProcessEnv): string {
+  return env.IAPEER_CODEX_BIN?.trim() || 'codex'
+}
+
+/** Resolve the target peer (cwd + agentic runtimes) from a personality arg or the cwd.
+ *  Without an explicit peer, match the registry by THIS cwd first (robust to a
+ *  uniqueness-suffixed personality), falling back to normalize(basename(cwd)). */
+function resolvePeer(opts: EnableOptions): { personality: string; cwd: string; runtimes: CapabilityRuntime[] } {
+  const env = opts.env ?? process.env
+  const index = readPeersIndex({ env })
+  const cwd = opts.cwd ?? process.cwd()
+  let rec = opts.peer
+    ? findPeer(index, opts.peer)
+    : index.peers.find(p => canonPath(p.cwd) === canonPath(cwd)) ?? findPeer(index, normalizeNameCandidate(basename(cwd)))
+  const personality = opts.peer ?? rec?.personality ?? normalizeNameCandidate(basename(cwd))
+  if (!rec) {
+    throw new IapError(`peer "${personality}" is not registered — run \`iapeer init\` in its folder first`)
+  }
+  const agentic = rec.runtimes.filter((r): r is CapabilityRuntime => r === 'claude' || r === 'codex')
+  if (agentic.length === 0) {
+    throw new IapError(`peer "${personality}" has no agentic runtime (claude/codex) — capability plugins need one`)
+  }
+  return { personality, cwd: rec.cwd, runtimes: agentic }
+}
+
+function isExecutable(bin: string, env: NodeJS.ProcessEnv): boolean {
+  const r = spawnSync(bin, ['--version'], { stdio: 'ignore', env: env as Record<string, string> })
+  return r.error === undefined && r.status !== null
+}
+
+/** Read the peer-scoped entry for this plugin from a fresh `claude plugin list --json`.
+ *  CRITICAL: `enabled` is evaluated relative to the CURRENT cwd's project (verified
+ *  live — the same entry lists enabled=false from another dir, true from its own), so
+ *  the list MUST run with cwd = the peer cwd to read the authoritative enabled-state.
+ *  maxBuffer is raised — a configured host's plugin list exceeds the 1 MB default. */
+function claudeEntry(bin: string, plugin: string, peerCwd: string, env: NodeJS.ProcessEnv): InstalledEntry | null {
+  const list = spawnSync(bin, ['plugin', 'list', '--json'], {
+    cwd: peerCwd,
+    encoding: 'utf8',
+    env: env as Record<string, string>,
+    maxBuffer: 64 * 1024 * 1024,
+  })
+  return findPeerScopedEntry(parseInstalledPlugins(list.stdout ?? ''), plugin, MARKETPLACE_NAME, peerCwd)
+}
+
+/**
+ * claude: install `<plugin>@agfpd` project-scope IN the peer cwd. A project-scope
+ * install also ENABLES it for that project (verified live: enabled=true when listed
+ * from the peer cwd). The explicit `plugin enable` runs ONLY for a pre-existing entry
+ * that lists disabled — never right after a fresh install (that errors "already
+ * enabled"). Idempotent + fleet-safe: the entry is keyed by THIS peer's projectPath
+ * (realpath), so it never reads or mutates another peer's install.
+ */
+function enableClaude(plugin: string, peerCwd: string, env: NodeJS.ProcessEnv): RuntimeEnableResult {
+  const bin = claudeBin(env)
+  if (!isExecutable(bin, env)) return { runtime: 'claude', state: 'runtime-missing' }
+  const id = `${plugin}@${MARKETPLACE_NAME}`
+  const existing = claudeEntry(bin, plugin, peerCwd, env)
+  if (existing?.enabled) return { runtime: 'claude', state: 'already-enabled', installPath: existing.installPath }
+
+  if (!existing) {
+    const inst = spawnSync(bin, ['plugin', 'install', id, '--scope', 'project'], {
+      cwd: peerCwd,
+      encoding: 'utf8',
+      env: env as Record<string, string>,
+    })
+    if (inst.status !== 0) {
+      return { runtime: 'claude', state: 'failed', detail: (inst.stderr || inst.stdout || `exit ${inst.status}`).trim() }
+    }
+  }
+  // the entry now exists but is DISABLED (fresh install) or was pre-existing-disabled →
+  // enable it (and ONLY then; an already-enabled entry would error).
+  const after = claudeEntry(bin, plugin, peerCwd, env)
+  if (after && !after.enabled) {
+    const en = spawnSync(bin, ['plugin', 'enable', id, '--scope', 'project'], {
+      cwd: peerCwd,
+      encoding: 'utf8',
+      env: env as Record<string, string>,
+    })
+    const confirmed = claudeEntry(bin, plugin, peerCwd, env)
+    if (!confirmed?.enabled) {
+      return { runtime: 'claude', state: 'failed', detail: (en.stderr || en.stdout || `exit ${en.status}`).trim() }
+    }
+    return { runtime: 'claude', state: existing ? 'enabled' : 'installed', installPath: confirmed.installPath }
+  }
+  if (!after) return { runtime: 'claude', state: 'failed', detail: 'install reported success but no project-scope entry appeared' }
+  return { runtime: 'claude', state: existing ? 'enabled' : 'installed', installPath: after.installPath }
+}
+
+/** Parse a `codex plugin list` STATUS column for one plugin id. The table is
+ *  whitespace-aligned: `<id>  <status>  <version>  <path>`; status is `not installed`
+ *  / `installed, enabled` / `installed, disabled`. PURE → unit-testable. */
+export function parseCodexPluginStatus(listOutput: string, id: string): 'enabled' | 'disabled' | 'absent' {
+  for (const line of listOutput.split('\n')) {
+    const cols = line.split(/\s{2,}/).map(c => c.trim())
+    if (cols[0] !== id) continue
+    const status = (cols[1] ?? '').toLowerCase()
+    if (status.includes('not installed')) return 'absent'
+    if (status.includes('enabled')) return 'enabled'
+    if (status.includes('installed')) return 'disabled'
+    return 'absent'
+  }
+  return 'absent'
+}
+
+function codexState(bin: string, id: string, env: NodeJS.ProcessEnv): 'enabled' | 'disabled' | 'absent' {
+  const r = spawnSync(bin, ['plugin', 'list'], { encoding: 'utf8', env: env as Record<string, string>, maxBuffer: 64 * 1024 * 1024 })
+  return parseCodexPluginStatus(r.stdout ?? '', id)
+}
+
+/** codex: add `<plugin>@agfpd` GLOBAL (host-wide; codex has no project scope). The add
+ *  ENABLES (verified live: config.toml `[plugins."<id>"] enabled = true`) and is
+ *  idempotent (re-add exits 0). Idempotency: skip when already enabled. installPath is
+ *  parsed from the add output so setup-detection works for a codex-only peer. */
+function enableCodex(plugin: string, env: NodeJS.ProcessEnv): RuntimeEnableResult {
+  const bin = codexBin(env)
+  if (!isExecutable(bin, env)) return { runtime: 'codex', state: 'runtime-missing' }
+  const id = `${plugin}@${MARKETPLACE_NAME}`
+  const before = codexState(bin, id, env)
+  if (before === 'enabled') return { runtime: 'codex', state: 'already-enabled' }
+  const add = spawnSync(bin, ['plugin', 'add', id], { encoding: 'utf8', env: env as Record<string, string> })
+  if (add.status !== 0) {
+    return { runtime: 'codex', state: 'failed', detail: (add.stderr || add.stdout || `exit ${add.status}`).trim() }
+  }
+  if (codexState(bin, id, env) !== 'enabled') {
+    return { runtime: 'codex', state: 'failed', detail: (add.stdout || 'plugin add did not enable the plugin').trim() }
+  }
+  const m = /Installed plugin root:\s*(\S.*)/.exec(add.stdout ?? '')
+  return { runtime: 'codex', state: before === 'disabled' ? 'enabled' : 'installed', installPath: m?.[1]?.trim() }
+}
+
+/** Invoke the plugin's `setup` (СЛОЖНЫЙ class), cwd = plugin root, peer context in env
+ *  (namespaced IAPEER_PEER_* — NOT the bare PEER_PERSONALITY the identity-gate keys on).
+ *  Best-effort: a setup failure is reported, it does NOT unwind the completed install. */
+function callSetup(
+  setup: SetupDescriptor,
+  installPath: string,
+  peer: { personality: string; cwd: string },
+  env: NodeJS.ProcessEnv,
+): { ok: boolean; detail?: string } {
+  const [command, ...preArgs] = typeof setup === 'string' ? [setup] : [setup.command, ...(setup.args ?? [])]
+  const setupEnv: NodeJS.ProcessEnv = {
+    ...env,
+    IAPEER_PEER_PERSONALITY: peer.personality,
+    IAPEER_PEER_CWD: peer.cwd,
+  }
+  // a bare string resolved relative to the plugin root when it points at a file there
+  const resolved = typeof setup === 'string' && existsSync(join(installPath, command)) ? join(installPath, command) : command
+  const r = spawnSync(resolved, preArgs, {
+    cwd: installPath,
+    encoding: 'utf8',
+    env: setupEnv as Record<string, string>,
+  })
+  if (r.error || (r.status ?? 1) !== 0) {
+    return { ok: false, detail: (r.stderr || r.stdout || r.error?.message || `exit ${r.status}`).trim() }
+  }
+  return { ok: true }
+}
+
+/**
+ * Enable a capability plugin on a peer (contract Установка §3): install per-runtime
+ * (claude project-scope / codex global) + enable + call `setup` ONLY if the plugin
+ * declares it. Idempotent and fleet-safe — a peer already enabled is a no-op; the
+ * claude path is keyed by the peer's projectPath so it never touches another peer.
+ */
+export function enableCapability(opts: EnableOptions): EnableResult {
+  const env = opts.env ?? process.env
+  const peer = resolvePeer(opts)
+  const targetRuntimes = opts.runtimes ?? peer.runtimes
+  const results: RuntimeEnableResult[] = []
+  for (const rt of targetRuntimes) {
+    results.push(rt === 'claude' ? enableClaude(opts.plugin, peer.cwd, env) : enableCodex(opts.plugin, env))
+  }
+
+  // setup: read the manifest from whichever runtime gave us an installPath (the source
+  // is the same plugin regardless of runtime). Called ONLY if declared.
+  const installPath = results.find(r => r.installPath)?.installPath
+  let setupState: SetupState = 'absent'
+  let setupDetail: string | undefined
+  const setup = readSetupDescriptor(installPath)
+  const anyOk = results.some(r => r.state === 'installed' || r.state === 'enabled' || r.state === 'already-enabled')
+  if (setup && anyOk) {
+    if (opts.noSetup) {
+      setupState = 'skipped'
+    } else {
+      const s = callSetup(setup, installPath as string, peer, env)
+      setupState = s.ok ? 'called' : 'failed'
+      setupDetail = s.detail
+    }
+  }
+
+  return {
+    plugin: opts.plugin,
+    personality: peer.personality,
+    cwd: peer.cwd,
+    runtimes: results,
+    setup: setupState,
+    setupDetail,
+  }
+}

package/src/identity/identity.test.ts

@@ -0,0 +1,262 @@
+import { afterEach, beforeEach, describe, expect, test } from 'bun:test'
+import { existsSync, mkdtempSync, rmSync, readFileSync, writeFileSync, mkdirSync } from 'fs'
+import { tmpdir } from 'os'
+import { join } from 'path'
+import {
+  ensurePeerProfile,
+  readPeerProfile,
+  writePeerProfileAtomic,
+  resolveCallerIdentity,
+  type PeerProfileWrite,
+} from './index.ts'
+import { peerProfilePath } from '../storage/index.ts'
+import { isFoundationOwnedPlist, launchdPlistPath } from '../launch/index.ts'
+import { defaultIntelligenceForRuntime } from '../core/constants.ts'
+import type { PeersIndex } from '../registry/index.ts'
+
+let cwd: string
+beforeEach(() => {
+  cwd = mkdtempSync(join(tmpdir(), 'iapeer-identity-'))
+})
+afterEach(() => {
+  rmSync(cwd, { recursive: true, force: true })
+})
+
+function readDisk(): Record<string, unknown> {
+  return JSON.parse(readFileSync(peerProfilePath(cwd), 'utf8'))
+}
+
+// WITNESS: old writePeerProfileAtomic merged-builder (identity.ts:247-263) wrote
+// `intelligence: profile.intelligence` UNCONDITIONALLY. Reproduce the merge so a
+// call site that lost the existing intelligence (passing the runtime default)
+// would clobber a human profile.
+function oldMerged(existing: Record<string, unknown>, profile: {
+  personality: string; runtime: string; runtimes: string[]; description: string; intelligence: string
+}): Record<string, unknown> {
+  return {
+    ...existing,
+    personality: profile.personality,
+    runtime: profile.runtime,
+    runtimes: profile.runtimes,
+    description: profile.description, // empty wipes
+    intelligence: profile.intelligence, // unconditional overwrite
+  }
+}
+
+// ─────────────────────────────────────────────────────────────────────────────
+// writePeerProfileAtomic — H1 preserve + unknown-field preservation
+// ─────────────────────────────────────────────────────────────────────────────
+
+describe('writePeerProfileAtomic H1 preserve', () => {
+  test('write WITHOUT intelligence does NOT downgrade a human profile on disk', () => {
+    // seed a human profile with a foreign (persistent-peer) section + interfaces
+    mkdirSync(join(cwd, '.iapeer'), { recursive: true })
+    writeFileSync(
+      peerProfilePath(cwd),
+      JSON.stringify({
+        personality: 'arthur',
+        runtime: 'telegram',
+        runtimes: ['telegram', 'claude'],
+        description: 'Артур — владелец.',
+        intelligence: 'human',
+        'persistent-peer': { initial_prompt: 'hi', aliases: { '/new': 'x' } },
+        interfaces: { telegram: { user_id: '409502965' } },
+      }),
+    )
+
+    // a runtimes-only update built WITHOUT re-asserting intelligence
+    const update: PeerProfileWrite = {
+      personality: 'arthur',
+      runtime: 'claude',
+      runtimes: ['telegram', 'claude'],
+    }
+    writePeerProfileAtomic(cwd, update)
+
+    const disk = readDisk()
+    // H1 + NO-MIGRATION: the legacy on-disk value is preserved VERBATIM (not
+    // downgraded, and NOT silently rewritten to 'natural' — that migration is a
+    // separate coordinated step that must not happen on a routine write).
+    expect(disk.intelligence).toBe('human')
+    // READ-COMPAT: but reading it back normalizes legacy human → contract natural
+    expect(readPeerProfile(cwd)!.intelligence).toBe('natural')
+    // WITNESS: old builder fed the claude runtime-default would write artificial
+    expect(oldMerged(disk, {
+      personality: 'arthur', runtime: 'claude', runtimes: ['claude'],
+      description: '', intelligence: defaultIntelligenceForRuntime('claude'),
+    }).intelligence).toBe('artificial')
+    // unknown foreign section preserved
+    expect(disk['persistent-peer']).toEqual({ initial_prompt: 'hi', aliases: { '/new': 'x' } })
+    // interfaces preserved
+    expect(disk.interfaces).toEqual({ telegram: { user_id: '409502965' } })
+    // empty description not written over the existing one
+    expect(disk.description).toBe('Артур — владелец.')
+  })
+
+  test('explicit intelligence in write IS applied', () => {
+    writePeerProfileAtomic(cwd, {
+      personality: 'p', runtime: 'webhook', runtimes: ['webhook'], intelligence: 'absent',
+    })
+    expect(readDisk().intelligence).toBe('absent')
+  })
+
+  test('new profile (no disk) without intelligence → runtime default', () => {
+    writePeerProfileAtomic(cwd, { personality: 'p', runtime: 'telegram', runtimes: ['telegram'] })
+    expect(readDisk().intelligence).toBe('natural') // telegram default
+  })
+
+  test('round-trips through readPeerProfile preserving foreign fields', () => {
+    writePeerProfileAtomic(cwd, {
+      personality: 'p', runtime: 'claude', runtimes: ['claude'],
+      description: 'desc', intelligence: 'artificial',
+    })
+    // inject a foreign field, then a second write must keep it
+    const disk = readDisk()
+    disk['persistent-peer'] = { initial_prompt: 'keep me' }
+    writeFileSync(peerProfilePath(cwd), JSON.stringify(disk))
+    writePeerProfileAtomic(cwd, { personality: 'p', runtime: 'claude', runtimes: ['claude', 'codex'] })
+    const after = readDisk()
+    expect(after['persistent-peer']).toEqual({ initial_prompt: 'keep me' })
+    expect(after.intelligence).toBe('artificial') // still preserved
+    expect(after.runtimes).toEqual(['claude', 'codex'])
+    const parsed = readPeerProfile(cwd)!
+    expect(parsed.intelligence).toBe('artificial')
+  })
+})
+
+// ─────────────────────────────────────────────────────────────────────────────
+// resolveCallerIdentity — per-request, NO process.cwd()
+// ─────────────────────────────────────────────────────────────────────────────
+
+const index: PeersIndex = {
+  version: 2,
+  peers: [
+    {
+      personality: 'arthur',
+      runtime: 'telegram',
+      runtimes: ['telegram', 'claude'],
+      description: 'Артур — владелец.',
+      intelligence: 'natural',
+      cwd: '/Users/macmini/Peers/arthur',
+      interfaces: { telegram: { user_id: '409502965' } },
+    },
+    {
+      personality: 'boris',
+      runtime: 'claude',
+      runtimes: ['claude'],
+      description: 'Напарник.',
+      intelligence: 'artificial',
+      cwd: '/Users/macmini/Peers/boris',
+    },
+  ],
+}
+
+describe('resolveCallerIdentity (per-request)', () => {
+  test('resolves caller from registry record, builds address', () => {
+    const r = resolveCallerIdentity({ personality: 'boris', runtime: 'claude' }, index)
+    expect(r.address).toBe('claude-boris')
+    expect(r.cwd).toBe('/Users/macmini/Peers/boris')
+    expect(r.intelligence).toBe('artificial')
+  })
+
+  test('multi-runtime peer resolves each declared runtime to a distinct address', () => {
+    expect(resolveCallerIdentity({ personality: 'arthur', runtime: 'telegram' }, index).address).toBe(
+      'telegram-arthur',
+    )
+    expect(resolveCallerIdentity({ personality: 'arthur', runtime: 'claude' }, index).address).toBe(
+      'claude-arthur',
+    )
+  })
+
+  test('does NOT depend on process.cwd() — chdir does not change the result', () => {
+    const before = resolveCallerIdentity({ personality: 'arthur', runtime: 'claude' }, index)
+    const original = process.cwd()
+    const elsewhere = mkdtempSync(join(tmpdir(), 'iapeer-chdir-'))
+    try {
+      process.chdir(elsewhere)
+      const after = resolveCallerIdentity({ personality: 'arthur', runtime: 'claude' }, index)
+      expect(after).toEqual(before)
+      expect(after.cwd).toBe('/Users/macmini/Peers/arthur') // from registry, not process.cwd()
+    } finally {
+      process.chdir(original)
+      rmSync(elsewhere, { recursive: true, force: true })
+    }
+  })
+
+  test('unknown caller → throws (spoofing guard)', () => {
+    expect(() => resolveCallerIdentity({ personality: 'ghost', runtime: 'claude' }, index)).toThrow(
+      /unknown caller/,
+    )
+  })
+
+  test('undeclared runtime for a known caller → throws', () => {
+    // boris declares only claude; codex must be rejected
+    expect(() => resolveCallerIdentity({ personality: 'boris', runtime: 'codex' }, index)).toThrow(
+      /not declared/,
+    )
+  })
+
+  test('invalid personality format → throws', () => {
+    expect(() => resolveCallerIdentity({ personality: 'Bad Name', runtime: 'claude' }, index)).toThrow()
+  })
+})
+
+// ─────────────────────────────────────────────────────────────────────────────
+// ensurePeerProfile — create-peer path installs the always-on plist for INFRA
+// runtimes (and ONLY those). Always under IAPEER_LAUNCHAGENTS_DIR so the suite
+// never writes into the real ~/Library/LaunchAgents.
+// ─────────────────────────────────────────────────────────────────────────────
+
+describe('ensurePeerProfile create-peer → always-on plist (infra only)', () => {
+  let root: string
+  beforeEach(() => {
+    root = mkdtempSync(join(tmpdir(), 'iapeer-provision-'))
+  })
+  afterEach(() => {
+    rmSync(root, { recursive: true, force: true })
+  })
+  const laEnv = () =>
+    // IAPEER_ROOT isolates the now-GLOBAL infra log dir (~/.iapeer/logs/<p>, Фаза §8)
+    // under the sandbox — without it installAlwaysOnPlist's log mkdir resolves to the
+    // real home.
+    ({ IAPEER_LAUNCHAGENTS_DIR: join(root, 'LaunchAgents'), IAPEER_ROOT: join(root, 'iapeer') }) as NodeJS.ProcessEnv
+
+  test('provisioning a NEW infra (notifier) peer installs a foundation-owned plist', () => {
+    const env = laEnv()
+    const peerCwd = join(root, 'timer') // basename → personality "timer"
+    const profile = ensurePeerProfile({ cwd: peerCwd, env, runtime: 'notifier' })
+    expect(profile.personality).toBe('timer')
+    expect(profile.intelligence).toBe('absent') // notifier zone default
+
+    const plist = launchdPlistPath('timer', env)
+    expect(existsSync(plist)).toBe(true)
+    expect(isFoundationOwnedPlist(plist)).toBe(true)
+    // and the profile was written (full provision)
+    expect(existsSync(peerProfilePath(peerCwd))).toBe(true)
+  })
+
+  test('provisioning a NEW warm-on-demand (claude) peer installs NO plist (unchanged)', () => {
+    const env = laEnv()
+    const peerCwd = join(root, 'worker') // personality "worker"
+    ensurePeerProfile({ cwd: peerCwd, env, runtime: 'claude' })
+    expect(existsSync(launchdPlistPath('worker', env))).toBe(false)
+    expect(existsSync(peerProfilePath(peerCwd))).toBe(true) // profile still created
+  })
+
+  test('infra provision whose Label collides with a FOREIGN plist is refused — no profile written', () => {
+    const env = laEnv()
+    const laDir = join(root, 'LaunchAgents')
+    mkdirSync(laDir, { recursive: true })
+    // a live persistent-peer "boris" already owns com.iapeer.boris.plist (no sentinel)
+    const foreign = '<?xml version="1.0"?>\n<plist><dict><key>Label</key><string>com.iapeer.boris</string></dict></plist>\n'
+    const plist = launchdPlistPath('boris', env)
+    writeFileSync(plist, foreign)
+
+    const peerCwd = join(root, 'boris') // would derive personality "boris" → collision
+    expect(() => ensurePeerProfile({ cwd: peerCwd, env, runtime: 'notifier' })).toThrow(
+      /foundation-managed|refus/i,
+    )
+    // the live PP plist is untouched, and the half-provision left NO peer-profile.json
+    expect(readFileSync(plist, 'utf8')).toBe(foreign)
+    expect(existsSync(peerProfilePath(peerCwd))).toBe(false)
+  })
+})