@agfpd/iapeer 0.2.12 → 0.2.13

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agfpd/iapeer",
-  "version": "0.2.12",
+  "version": "0.2.13",
   "description": "Foundation core for the iapeer multi-agent ecosystem: identity, registry, storage, codec.",
   "type": "module",
   "bin": {

package/src/cli/index.ts

@@ -368,6 +368,7 @@ const USAGE = `usage: iapeer <verb> [args]
   interrupt <peer> [runtime]                                     interrupt the current turn (Escape) — context intact
   compact <peer> [runtime]                                       compact the peer's context (/compact)
   self-fresh                                                     (agent self-call) mark /new eager-fresh + self-kill — the daemon relaunches fresh
+  native-memory <off|on> (--peer <p> | --all)                    gate/restore runtimes' native memory (canonized lever; контракт «Слот памяти»)
 `
 
 export async function runCli(argv: string[], env: NodeJS.ProcessEnv = process.env): Promise<number> {
@@ -422,6 +423,37 @@ export async function runCli(argv: string[], env: NodeJS.ProcessEnv = process.en
         out(`memory: ${mem.state}${mem.detail ? ` — ${mem.detail}` : ''} (slot: ${memLabel})\n`)
         return r.marketplaces.some(m => m.state === 'failed') || infraFailed ? 1 : 0
       }
+      case 'native-memory': {
+        // The canonized runtime-memory lever (контракт «Слот памяти» §Native-память):
+        // off = explicit disable merged into the peer's runtime config files; on =
+        // remove the key (restore the runtime's own default). Consumers: the operator
+        // and the memory provider's install-time sweep (`--all`). NOT slot-gated here —
+        // an explicit operator/provider action; only the BIRTH-time hook is slot-gated.
+        const state = positionals[0]
+        if (state !== 'off' && state !== 'on') return usage(errOut)
+        const peerName = typeof flags.peer === 'string' ? flags.peer : undefined
+        if (flags.all !== true && !peerName) return usage(errOut)
+        const { applyNativeMemory } = await import('../launch/nativeMemory.ts')
+        const index = readPeersIndex({ env })
+        const targets = flags.all === true ? index.peers : index.peers.filter(p => p.personality === peerName)
+        if (targets.length === 0) {
+          errOut(`peer "${peerName ?? ''}" is not in the iapeer peers index\n`)
+          return 1
+        }
+        let failed = false
+        for (const p of targets) {
+          const outcomes = applyNativeMemory(p.cwd, p.runtimes, state)
+          if (outcomes.length === 0) {
+            out(`${p.personality}: no claude/codex runtime — skipped\n`)
+            continue
+          }
+          for (const o of outcomes) {
+            out(`${p.personality} (${o.runtime}): ${o.state}${o.detail ? ` — ${o.detail}` : ''}\n`)
+            if (o.state === 'failed') failed = true
+          }
+        }
+        return failed ? 1 : 0
+      }
       case 'status': {
         // Host snapshot (контракт «Слот памяти» §status): version + daemon health +
         // the memory-slot line. Exit 1 iff the daemon is unhealthy (usable as a

package/src/index.ts

@@ -28,5 +28,7 @@ export * from './onboard/index.ts'
 // Memory slot — the declarative provider slot (контракт «Слот памяти»): status read + onboard step.
 export * from './status/index.ts'
 export * from './onboard/memory.ts'
+// Native runtime-memory levers (slot contract §Native-память): canonized forms + verb mechanics.
+export * from './launch/nativeMemory.ts'
 export { composeSystemPrompt, gatherPromptInput } from './launch/composeSystemPrompt.ts'
 export type { GatherPromptOptions } from './launch/composeSystemPrompt.ts'

package/src/launch/nativeMemory.test.ts

@@ -0,0 +1,150 @@
+// Native runtime-memory levers — the canonized forms (slot contract §Native-
+// память). The HARD requirement pinned here: NO-CLOBBER — both target files
+// carry foreign blocks (plugin enables, statusline wrappers) that every lever
+// write must preserve byte-meaningfully.
+
+import { afterEach, describe, expect, test } from 'bun:test'
+import { mkdirSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from 'fs'
+import { tmpdir } from 'os'
+import { join } from 'path'
+import {
+  applyNativeMemory,
+  claudeSettingsPath,
+  codexProjectConfigPath,
+  codexGlobalConfigPath,
+  preTrustCodexCwd,
+} from './nativeMemory.ts'
+
+const dirs: string[] = []
+function mkTmp(): string {
+  const d = mkdtempSync(join(tmpdir(), 'iapeer-natmem-'))
+  dirs.push(d)
+  return d
+}
+afterEach(() => {
+  while (dirs.length) rmSync(dirs.pop()!, { recursive: true, force: true })
+})
+
+describe('claude lever (settings.json merge)', () => {
+  test('absent file → created with ONLY the lever key', () => {
+    const cwd = mkTmp()
+    const [o] = applyNativeMemory(cwd, ['claude'], 'off')
+    expect(o?.state).toBe('written')
+    expect(JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))).toEqual({ autoMemoryEnabled: false })
+  })
+
+  test('NO-CLOBBER: foreign keys (plugins, statusline) survive off AND on', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.claude'), { recursive: true })
+    const foreign = { enabledPlugins: { 'MergeMind@agfpd': true }, statusLine: { type: 'command', command: 'x' } }
+    writeFileSync(claudeSettingsPath(cwd), JSON.stringify(foreign))
+    applyNativeMemory(cwd, ['claude'], 'off')
+    const afterOff = JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))
+    expect(afterOff).toEqual({ ...foreign, autoMemoryEnabled: false })
+    const [on] = applyNativeMemory(cwd, ['claude'], 'on')
+    expect(on?.state).toBe('written')
+    expect(JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))).toEqual(foreign) // key REMOVED, default restored
+  })
+
+  test('idempotent: already-false → already; on with no key → already', () => {
+    const cwd = mkTmp()
+    applyNativeMemory(cwd, ['claude'], 'off')
+    expect(applyNativeMemory(cwd, ['claude'], 'off')[0]?.state).toBe('already')
+    applyNativeMemory(cwd, ['claude'], 'on')
+    expect(applyNativeMemory(cwd, ['claude'], 'on')[0]?.state).toBe('already')
+  })
+
+  test('non-object settings.json → failed (refuses to clobber), file untouched', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.claude'), { recursive: true })
+    writeFileSync(claudeSettingsPath(cwd), '"just a string"')
+    const [o] = applyNativeMemory(cwd, ['claude'], 'off')
+    expect(o?.state).toBe('failed')
+    expect(readFileSync(claudeSettingsPath(cwd), 'utf8')).toBe('"just a string"')
+  })
+})
+
+describe('codex lever (config.toml [features] merge)', () => {
+  test('absent file → [features] section with the lever line', () => {
+    const cwd = mkTmp()
+    const [o] = applyNativeMemory(cwd, ['codex'], 'off')
+    expect(o?.state).toBe('written')
+    expect(readFileSync(codexProjectConfigPath(cwd), 'utf8')).toBe('[features]\nmemories = false\n')
+  })
+
+  test('NO-CLOBBER: plugin blocks survive; [features] appended after them (fleet-file shape)', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    const fleet = '[plugins."Inter-Agent-Protocol@agfpd"]\nenabled = true\n\n[plugins."MergeMind@agfpd"]\nenabled = true\n'
+    writeFileSync(codexProjectConfigPath(cwd), fleet)
+    applyNativeMemory(cwd, ['codex'], 'off')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    expect(text).toContain('[plugins."Inter-Agent-Protocol@agfpd"]\nenabled = true')
+    expect(text).toContain('[plugins."MergeMind@agfpd"]\nenabled = true')
+    expect(text).toContain('[features]\nmemories = false')
+  })
+
+  test('existing [features] WITHOUT memories (followed by another section) → inserted INSIDE the section', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nother = true\n\n[plugins."X@y"]\nenabled = true\n')
+    applyNativeMemory(cwd, ['codex'], 'off')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    // the lever line lands in [features], NOT in [plugins."X@y"]
+    expect(text.indexOf('memories = false')).toBeLessThan(text.indexOf('[plugins."X@y"]'))
+    expect(text).toContain('other = true')
+  })
+
+  test('memories = true → replaced with false; already false → already', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nmemories = true\n')
+    expect(applyNativeMemory(cwd, ['codex'], 'off')[0]?.state).toBe('written')
+    expect(readFileSync(codexProjectConfigPath(cwd), 'utf8')).toContain('memories = false')
+    expect(applyNativeMemory(cwd, ['codex'], 'off')[0]?.state).toBe('already')
+  })
+
+  test('on → the memories line is REMOVED (default restored), section + foreign lines kept', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nmemories = false\nother = true\n')
+    const [o] = applyNativeMemory(cwd, ['codex'], 'on')
+    expect(o?.state).toBe('written')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    expect(text).not.toContain('memories')
+    expect(text).toContain('other = true')
+    expect(applyNativeMemory(cwd, ['codex'], 'on')[0]?.state).toBe('already')
+  })
+})
+
+describe('applyNativeMemory runtime dispatch', () => {
+  test('both runtimes → both levers; router-only runtimes → no outcomes', () => {
+    const cwd = mkTmp()
+    const both = applyNativeMemory(cwd, ['claude', 'codex'], 'off')
+    expect(both.map(o => o.runtime).sort()).toEqual(['claude', 'codex'])
+    expect(applyNativeMemory(mkTmp(), ['telegram', 'notifier'], 'off')).toEqual([])
+  })
+})
+
+describe('preTrustCodexCwd (birth-time trust, codex global config)', () => {
+  test('appends a [projects] block once; NO-CLOBBER of existing content; idempotent', () => {
+    const home = mkTmp()
+    const env = { HOME: home } as NodeJS.ProcessEnv
+    mkdirSync(join(home, '.codex'), { recursive: true })
+    const existing = '[projects."/already/trusted"]\ntrust_level = "trusted"\n'
+    writeFileSync(codexGlobalConfigPath(env), existing)
+    const first = preTrustCodexCwd('/peers/newborn', env)
+    expect(first.state).toBe('written')
+    const text = readFileSync(codexGlobalConfigPath(env), 'utf8')
+    expect(text).toContain(existing.trim())
+    expect(text).toContain('[projects."/peers/newborn"]\ntrust_level = "trusted"')
+    expect(preTrustCodexCwd('/peers/newborn', env).state).toBe('already')
+  })
+
+  test('absent global config → created with just the block', () => {
+    const home = mkTmp()
+    const env = { HOME: home } as NodeJS.ProcessEnv
+    expect(preTrustCodexCwd('/peers/first', env).state).toBe('written')
+    expect(readFileSync(codexGlobalConfigPath(env), 'utf8')).toBe('[projects."/peers/first"]\ntrust_level = "trusted"\n')
+  })
+})

package/src/launch/nativeMemory.ts

@@ -0,0 +1,185 @@
+// Native runtime-memory levers (контракт «Слот памяти» §Native-память рантаймов
+// при занятом слоте, agreed 10.06). The CORE canonizes the lever FORMS — runtime
+// knowledge lives in the runtime layer, like deliveryMarkers/buildArgv:
+//
+//   claude: merge `"autoMemoryEnabled": false` into `<cwd>/.claude/settings.json`
+//   codex:  merge `memories = false` into the `[features]` section of
+//           `<cwd>/.codex/config.toml`
+//
+// Both files CARRY FOREIGN BLOCKS (plugin enables, statusline wrappers, …) —
+// every write here is a NO-CLOBBER merge (parse/patch + atomic temp+rename),
+// never a rewrite. Forms verified live on the fleet (12/12 + behavioral smoke
+// 09.06; codex reads project-local config when the cwd is TRUSTED — see
+// preTrustCodexCwd).
+//
+// `off` writes the explicit disable; `on` REMOVES the key (restores the
+// runtime's own default rather than baking an explicit enable — the core has
+// no opinion beyond "parallel store off while a memory provider owns the host").
+//
+// Consumers: the operator verb `iapeer native-memory <off|on>`, the provider's
+// install-time sweep (calls the verb), and provisionPeer's birth-time hook
+// (slot-gated, see provision/index.ts).
+
+import { existsSync, mkdirSync, readFileSync, realpathSync } from 'fs'
+import { dirname, join } from 'path'
+import { homedir } from 'os'
+import type { Runtime } from '../core/constants.ts'
+import { writeFileAtomic } from '../storage/index.ts'
+
+export type NativeMemoryState = 'off' | 'on'
+
+export interface LeverOutcome {
+  runtime: 'claude' | 'codex'
+  path: string
+  state: 'written' | 'already' | 'failed'
+  detail?: string
+}
+
+// ─── claude: <cwd>/.claude/settings.json — JSON merge ───────────────────────
+
+export function claudeSettingsPath(cwd: string): string {
+  return join(cwd, '.claude', 'settings.json')
+}
+
+function applyClaudeLever(cwd: string, state: NativeMemoryState): LeverOutcome {
+  const path = claudeSettingsPath(cwd)
+  try {
+    let obj: Record<string, unknown> = {}
+    if (existsSync(path)) {
+      const raw = JSON.parse(readFileSync(path, 'utf8')) as unknown
+      if (!raw || typeof raw !== 'object' || Array.isArray(raw)) {
+        return { runtime: 'claude', path, state: 'failed', detail: 'settings.json is not a JSON object — refusing to clobber' }
+      }
+      obj = raw as Record<string, unknown>
+    }
+    if (state === 'off') {
+      if (obj.autoMemoryEnabled === false) return { runtime: 'claude', path, state: 'already' }
+      obj.autoMemoryEnabled = false
+    } else {
+      if (!('autoMemoryEnabled' in obj)) return { runtime: 'claude', path, state: 'already' }
+      delete obj.autoMemoryEnabled // restore the runtime's own default
+    }
+    mkdirSync(dirname(path), { recursive: true })
+    writeFileAtomic(path, `${JSON.stringify(obj, null, 2)}\n`)
+    return { runtime: 'claude', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'claude', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── codex: <cwd>/.codex/config.toml — section-scoped line merge ─────────────
+
+export function codexProjectConfigPath(cwd: string): string {
+  return join(cwd, '.codex', 'config.toml')
+}
+
+/** Locate the `[features]` section bounds: [startLine, endLine) of its BODY
+ *  (after the header, up to the next `[…]` header or EOF). null = no section. */
+function featuresBounds(lines: string[]): { header: number; start: number; end: number } | null {
+  const header = lines.findIndex(l => l.trim() === '[features]')
+  if (header < 0) return null
+  let end = lines.length
+  for (let i = header + 1; i < lines.length; i++) {
+    if (/^\s*\[/.test(lines[i]!)) {
+      end = i
+      break
+    }
+  }
+  return { header, start: header + 1, end }
+}
+
+function applyCodexLever(cwd: string, state: NativeMemoryState): LeverOutcome {
+  const path = codexProjectConfigPath(cwd)
+  try {
+    const text = existsSync(path) ? readFileSync(path, 'utf8') : ''
+    const lines = text.length ? text.split('\n') : []
+    const bounds = featuresBounds(lines)
+    const memRe = /^\s*memories\s*=/
+    if (state === 'off') {
+      if (bounds) {
+        const idx = lines.slice(bounds.start, bounds.end).findIndex(l => memRe.test(l))
+        if (idx >= 0) {
+          const abs = bounds.start + idx
+          if (/^\s*memories\s*=\s*false\s*$/.test(lines[abs]!)) return { runtime: 'codex', path, state: 'already' }
+          lines[abs] = 'memories = false'
+        } else {
+          lines.splice(bounds.start, 0, 'memories = false')
+        }
+      } else {
+        if (lines.length && lines[lines.length - 1]!.trim() !== '') lines.push('')
+        lines.push('[features]', 'memories = false')
+      }
+    } else {
+      if (!bounds) return { runtime: 'codex', path, state: 'already' }
+      const idx = lines.slice(bounds.start, bounds.end).findIndex(l => memRe.test(l))
+      if (idx < 0) return { runtime: 'codex', path, state: 'already' }
+      lines.splice(bounds.start + idx, 1) // restore the runtime's own default
+    }
+    mkdirSync(dirname(path), { recursive: true })
+    const outText = lines.join('\n')
+    writeFileAtomic(path, outText.endsWith('\n') ? outText : `${outText}\n`)
+    return { runtime: 'codex', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'codex', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── codex trust (birth-time only) ───────────────────────────────────────────
+
+/** The codex GLOBAL config (`~/.codex/config.toml`) — where trust lives as
+ *  `[projects."<path>"] trust_level = "trusted"` blocks. */
+export function codexGlobalConfigPath(env: NodeJS.ProcessEnv = process.env): string {
+  const home = env.HOME?.trim() || homedir()
+  return join(home, '.codex', 'config.toml')
+}
+
+/**
+ * Pre-trust a NEWBORN codex peer's cwd by appending its `[projects."<cwd>"]`
+ * block to the codex global config (no-clobber: only when no block for this
+ * path exists). Closes the contract requirement «рычаг действует с ПЕРВОЙ
+ * сессии» DETERMINISTICALLY: codex reads project-local config only for a
+ * trusted cwd, and without pre-trust the first session's trust is granted
+ * mid-boot by the adapter's dialog auto-accept — whether the project config is
+ * (re)read after that grant within the same run is codex-internal. Birth-time
+ * only — existing peers are already trusted through their boot history.
+ */
+export function preTrustCodexCwd(cwd: string, env: NodeJS.ProcessEnv = process.env): LeverOutcome {
+  const path = codexGlobalConfigPath(env)
+  try {
+    // Codex keys trust on the RESOLVED real path (live fact, 10.06 acceptance: the
+    // /tmp → /private/tmp symlink made a literal-path entry MISS and left the lever
+    // inert — trust entries written by codex itself are all /private/tmp/...).
+    let real = cwd
+    try {
+      real = realpathSync(cwd)
+    } catch {
+      /* cwd not on disk yet → keep as given */
+    }
+    const text = existsSync(path) ? readFileSync(path, 'utf8') : ''
+    if (text.includes(`[projects."${real}"]`)) return { runtime: 'codex', path, state: 'already' }
+    const block = `${text.length && !text.endsWith('\n') ? '\n' : ''}${text.trim().length ? '\n' : ''}[projects."${real}"]\ntrust_level = "trusted"\n`
+    mkdirSync(dirname(path), { recursive: true })
+    writeFileAtomic(path, text + block)
+    return { runtime: 'codex', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'codex', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── public entry ────────────────────────────────────────────────────────────
+
+/**
+ * Apply the native-memory lever for one peer cwd across its declared runtimes
+ * (∩ {claude, codex} — other runtimes carry no native memory). Idempotent;
+ * every outcome is reported (a 'failed' lever never throws).
+ */
+export function applyNativeMemory(
+  cwd: string,
+  runtimes: readonly Runtime[],
+  state: NativeMemoryState,
+): LeverOutcome[] {
+  const out: LeverOutcome[] = []
+  if (runtimes.includes('claude')) out.push(applyClaudeLever(cwd, state))
+  if (runtimes.includes('codex')) out.push(applyCodexLever(cwd, state))
+  return out
+}

package/src/provision/index.ts

@@ -91,6 +91,40 @@ export async function provisionPeer(opts: ProvisionPeerOptions): Promise<Provisi
     runtimeBin,
     warn: opts.warn,
   })
+  // Birth-time native-memory lever (контракт «Слот памяти» §Native-память рантаймов):
+  // an OCCUPIED memory slot gates the AUTOMATIC lever at peer birth — zero window of
+  // a parallel, uncurated native store (the criterion). Empty slot → native memory is
+  // legitimate, untouched. Best-effort with a LOUD warn (a lever hiccup must not kill
+  // the provision — the operator verb `iapeer native-memory off` is the repair).
+  try {
+    const { readMemoryProvider } = await import('../status/index.ts')
+    if (readMemoryProvider(env)) {
+      const { applyNativeMemory, preTrustCodexCwd } = await import('../launch/nativeMemory.ts')
+      for (const o of applyNativeMemory(cwd, profile.runtimes, 'off')) {
+        if (o.state === 'failed') {
+          opts.warn?.(
+            `native-memory lever (${o.runtime}) FAILED for "${profile.personality}": ${o.detail} — ` +
+              `the peer may accumulate a parallel native store; repair: iapeer native-memory off --peer ${profile.personality}`,
+          )
+        }
+      }
+      // Codex reads project-local config only for a TRUSTED cwd — pre-trust the
+      // newborn so the lever acts from the FIRST session (contract requirement),
+      // not from whenever the boot dialog's trust grant takes effect.
+      if (profile.runtimes.includes('codex')) {
+        const t = preTrustCodexCwd(cwd, env)
+        if (t.state === 'failed') {
+          opts.warn?.(
+            `codex pre-trust FAILED for "${profile.personality}": ${t.detail} — ` +
+              `the lever may be inert until the first boot's trust dialog`,
+          )
+        }
+      }
+    }
+  } catch (e) {
+    opts.warn?.(`native-memory birth-time hook failed: ${e instanceof Error ? e.message : String(e)}`)
+  }
+
   // wake_policy:"ephemeral" sanity (M2 edge cases — warn, don't refuse: the policy
   // lives in the hand-editable local profile, provision just surfaces the mismatch):
   //   • + interfaces.telegram: ephemeral WINS in resolveWakeMode (explicit policy

package/src/provision/provision.test.ts

@@ -158,3 +158,44 @@ describe('provisionPeer ephemeral warnings', () => {
     expect(warns.some(w => /ephemeral/.test(w) && /inert|launchd/i.test(w))).toBe(true)
   })
 })
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Birth-time native-memory lever (slot contract §Native-память): an OCCUPIED
+// slot gates the automatic lever at provision; empty slot → untouched.
+// ─────────────────────────────────────────────────────────────────────────────
+
+describe('provisionPeer birth-time native-memory lever', () => {
+  test('slot OCCUPIED → claude+codex levers written + codex cwd pre-trusted', async () => {
+    const root = mkTmp()
+    const env = envFor(root)
+    // occupy the slot (as the provider's init would)
+    mkdirSync(join(root, 'iapeer'), { recursive: true })
+    writeFileSync(
+      join(root, 'iapeer', 'memory-provider.json'),
+      JSON.stringify({ provider: 'iapeer-memory', package: '@agfpd/iapeer-memory', version: '0.1.0', registeredAt: 'x' }),
+    )
+    const cwd = join(root, 'wnat')
+    mkdirSync(join(cwd, '.iapeer'), { recursive: true })
+    writeFileSync(
+      peerProfilePath(cwd),
+      JSON.stringify({ personality: 'wnat', runtime: 'claude', runtimes: ['claude', 'codex'] }),
+    )
+    await provisionPeer({ cwd, runtime: 'claude', env })
+    expect(JSON.parse(readFileSync(join(cwd, '.claude', 'settings.json'), 'utf8')).autoMemoryEnabled).toBe(false)
+    expect(readFileSync(join(cwd, '.codex', 'config.toml'), 'utf8')).toContain('memories = false')
+    // codex newborn pre-trusted in the GLOBAL codex config (HOME-scoped → temp root).
+    // Codex keys trust on the RESOLVED real path (macOS /var → /private/var), so the
+    // entry must carry realpath(cwd) — the literal-path miss was a live-caught bug.
+    const { realpathSync } = await import('fs')
+    expect(readFileSync(join(root, '.codex', 'config.toml'), 'utf8')).toContain(`[projects."${realpathSync(cwd)}"]`)
+  })
+
+  test('slot EMPTY → native memory untouched (legitimate without a provider)', async () => {
+    const root = mkTmp()
+    const env = envFor(root)
+    const cwd = join(root, 'wbare')
+    await provisionPeer({ cwd, runtime: 'claude', env })
+    expect(existsSync(join(cwd, '.claude', 'settings.json'))).toBe(false)
+    expect(existsSync(join(cwd, '.codex', 'config.toml'))).toBe(false)
+  })
+})