@agfpd/iapeer 0.2.12 → 0.2.14

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agfpd/iapeer",
-  "version": "0.2.12",
+  "version": "0.2.14",
   "description": "Foundation core for the iapeer multi-agent ecosystem: identity, registry, storage, codec.",
   "type": "module",
   "bin": {

package/src/cli/cli.test.ts

@@ -7,7 +7,7 @@ import { afterEach, beforeEach, describe, expect, test } from 'bun:test'
 import { mkdtempSync, rmSync, writeFileSync } from 'fs'
 import { tmpdir } from 'os'
 import { join } from 'path'
-import { formatListTable, listPeers, parseArgs, removePeerCli, sendMessage, startPeer, stopPeer } from './index.ts'
+import { formatListTable, listPeers, parseArgs, removePeerCli, runCli, sendMessage, startPeer, stopPeer } from './index.ts'
 import { findPeer, readPeersIndex, upsertPeer } from '../registry/index.ts'
 import { isStopped, loadLifecycleConfig, setStopped } from '../lifecycle/index.ts'
 import { launchdPlistPath } from '../launch/launchd.ts'
@@ -132,6 +132,69 @@ describe('send validation', () => {
   })
 })
 
+describe('--help/-h global intercept (CLI hygiene — usage printed, NOTHING executed)', () => {
+  let captured: string
+  let origWrite: typeof process.stdout.write
+  beforeEach(() => {
+    captured = ''
+    origWrite = process.stdout.write
+    process.stdout.write = ((s: string | Uint8Array) => {
+      captured += typeof s === 'string' ? s : Buffer.from(s).toString('utf8')
+      return true
+    }) as typeof process.stdout.write
+  })
+  afterEach(() => {
+    process.stdout.write = origWrite
+  })
+
+  test('every verb with --help prints usage to stdout and exits 0', async () => {
+    // The full verb surface — including verbs with REAL side effects (onboard ran on
+    // prod swallowing --help; stop would set a durable flag; remove would delete).
+    const verbs = [
+      'onboard', 'install', 'update', 'rollback', 'version', 'daemon', 'status',
+      'install-runtime', 'init', 'create', 'list', 'stop', 'start', 'remove', 'send',
+      'enable', 'attach', 'interrupt', 'compact', 'self-fresh', 'native-memory', 'run-infra',
+    ]
+    for (const v of verbs) {
+      captured = ''
+      const code = await runCli([v, '--help'], env())
+      expect({ verb: v, code }).toEqual({ verb: v, code: 0 })
+      expect(captured).toContain('usage: iapeer')
+    }
+  })
+  test('-h works like --help, anywhere on the line', async () => {
+    expect(await runCli(['stop', 'somebody', '-h'], env())).toBe(0)
+    expect(captured).toContain('usage: iapeer')
+  })
+  test('bare `iapeer --help` / `-h` / `help` print usage', async () => {
+    for (const a of [['--help'], ['-h'], ['help']]) {
+      captured = ''
+      expect(await runCli(a, env())).toBe(0)
+      expect(captured).toContain('usage: iapeer')
+    }
+  })
+  test('--help does NOT execute the verb: `stop <peer> --help` leaves no durable stop flag', async () => {
+    await register('helpcheck')
+    const e = env()
+    expect(await runCli(['stop', 'helpcheck', '--help'], e)).toBe(0)
+    expect(isStopped(loadLifecycleConfig(e), 'claude-helpcheck')).toBe(false)
+  })
+  test('--help does NOT execute the verb: `remove <peer> --help` keeps the registry record', async () => {
+    await register('keepme')
+    const e = env()
+    expect(await runCli(['remove', 'keepme', '--help'], e)).toBe(0)
+    expect(findPeer(readPeersIndex({ env: e }), 'keepme')).not.toBeNull()
+  })
+  test('version --help shows usage, not the version number', async () => {
+    expect(await runCli(['version', '--help'], env())).toBe(0)
+    expect(captured).toContain('usage: iapeer')
+    expect(captured.trim().split('\n').length).toBeGreaterThan(3) // usage, not a bare semver line
+  })
+  test('a literal "--help" value stays expressible via --key=--help (not intercepted)', () => {
+    expect(parseArgs(['boris', '--message=--help']).flags.message).toBe('--help')
+  })
+})
+
 describe('parseArgs (audit #27 — value beginning with --)', () => {
   test('--key=value preserves a value that starts with --', () => {
     expect(parseArgs(['send', 'boris', '--message=--look', '--topic=re: x']).flags).toMatchObject({

package/src/cli/index.ts

@@ -60,6 +60,11 @@ export interface PeerListing {
   last_active_runtime?: Runtime
   intelligence: Intelligence
   description: string
+  /** The peer's working directory (registry fact). Machine-readable so host-local
+   *  tooling (e.g. the memory provider's init/verify rendering doctrine into
+   *  <cwd>/.iapeer/) keys on the REGISTRY instead of copying the layout default —
+   *  a layout change must not silently strand consumers (iapeer-memory ask, 10.06). */
+  cwd: string
   runtimes: RuntimeStatus[]
 }
 
@@ -104,6 +109,7 @@ export function listPeers(opts: CliEnvOptions = {}): PeerListing[] {
       last_active_runtime: lastActive,
       intelligence: peer.intelligence,
       description: peer.description,
+      cwd: peer.cwd,
       runtimes,
     }
   })
@@ -351,6 +357,7 @@ const USAGE = `usage: iapeer <verb> [args]
   update [version] [--force]                                     pull latest (or an exact version) of @agfpd/iapeer from npm + restart the daemon
   rollback                                                       revert to the previous binary (.prev) + restart the daemon
   version | --version | -v                                       print the installed binary's version
+  help | --help | -h                                             print this usage (works appended to any verb; executes nothing)
   daemon [--install-plist]                                       run the host-wide HTTP-MCP router (launchd-held)
   onboard [--dry-run] [--infra <csv>] [--no-memory] [--memory <pkg>]   register the agfpd marketplace (+ infra runtimes; + default memory provider, default YES)
   status                                                         host snapshot: version, daemon health, memory slot (<provider> | none)
@@ -368,10 +375,22 @@ const USAGE = `usage: iapeer <verb> [args]
   interrupt <peer> [runtime]                                     interrupt the current turn (Escape) — context intact
   compact <peer> [runtime]                                       compact the peer's context (/compact)
   self-fresh                                                     (agent self-call) mark /new eager-fresh + self-kill — the daemon relaunches fresh
+  native-memory <off|on> (--peer <p> | --all)                    gate/restore runtimes' native memory (canonized lever; контракт «Слот памяти»)
 `
 
 export async function runCli(argv: string[], env: NodeJS.ProcessEnv = process.env): Promise<number> {
   const [verb, ...rest] = argv
+  // CLI hygiene (design «Onboard костяка» §CLI-гигиена): an explicit help request —
+  // `--help`/`-h` ANYWHERE on the line, or the bare `help` verb — prints usage and
+  // executes NOTHING. Checked on the RAW argv BEFORE the switch: parseArgs would
+  // bury `--help` in flags no case reads (a cold-start `onboard --help` EXECUTED on
+  // prod — idempotency saved it), and `-h` would land in positionals. Token-exact
+  // match is safe: the look-ahead parser never consumes a `--`-token as a value, so
+  // a LITERAL "--help" value is only expressible as `--key=--help` (not intercepted).
+  if (verb === 'help' || argv.includes('--help') || argv.includes('-h')) {
+    process.stdout.write(USAGE)
+    return 0
+  }
   const { positionals, flags } = parseArgs(rest)
   const out = (s: string) => process.stdout.write(s)
   const errOut = (s: string) => process.stderr.write(s)
@@ -422,6 +441,37 @@ export async function runCli(argv: string[], env: NodeJS.ProcessEnv = process.en
         out(`memory: ${mem.state}${mem.detail ? ` — ${mem.detail}` : ''} (slot: ${memLabel})\n`)
         return r.marketplaces.some(m => m.state === 'failed') || infraFailed ? 1 : 0
       }
+      case 'native-memory': {
+        // The canonized runtime-memory lever (контракт «Слот памяти» §Native-память):
+        // off = explicit disable merged into the peer's runtime config files; on =
+        // remove the key (restore the runtime's own default). Consumers: the operator
+        // and the memory provider's install-time sweep (`--all`). NOT slot-gated here —
+        // an explicit operator/provider action; only the BIRTH-time hook is slot-gated.
+        const state = positionals[0]
+        if (state !== 'off' && state !== 'on') return usage(errOut)
+        const peerName = typeof flags.peer === 'string' ? flags.peer : undefined
+        if (flags.all !== true && !peerName) return usage(errOut)
+        const { applyNativeMemory } = await import('../launch/nativeMemory.ts')
+        const index = readPeersIndex({ env })
+        const targets = flags.all === true ? index.peers : index.peers.filter(p => p.personality === peerName)
+        if (targets.length === 0) {
+          errOut(`peer "${peerName ?? ''}" is not in the iapeer peers index\n`)
+          return 1
+        }
+        let failed = false
+        for (const p of targets) {
+          const outcomes = applyNativeMemory(p.cwd, p.runtimes, state)
+          if (outcomes.length === 0) {
+            out(`${p.personality}: no claude/codex runtime — skipped\n`)
+            continue
+          }
+          for (const o of outcomes) {
+            out(`${p.personality} (${o.runtime}): ${o.state}${o.detail ? ` — ${o.detail}` : ''}\n`)
+            if (o.state === 'failed') failed = true
+          }
+        }
+        return failed ? 1 : 0
+      }
       case 'status': {
         // Host snapshot (контракт «Слот памяти» §status): version + daemon health +
         // the memory-slot line. Exit 1 iff the daemon is unhealthy (usable as a

package/src/cli/listTui.test.ts

@@ -10,6 +10,7 @@ function row(over: Partial<PeerListing>): PeerListing {
     default_runtime: 'claude',
     intelligence: 'artificial',
     description: '',
+    cwd: '/tmp/p',
     runtimes: [{ runtime: 'claude', status: 'asleep' }],
     ...over,
   }

package/src/index.ts

@@ -28,5 +28,7 @@ export * from './onboard/index.ts'
 // Memory slot — the declarative provider slot (контракт «Слот памяти»): status read + onboard step.
 export * from './status/index.ts'
 export * from './onboard/memory.ts'
+// Native runtime-memory levers (slot contract §Native-память): canonized forms + verb mechanics.
+export * from './launch/nativeMemory.ts'
 export { composeSystemPrompt, gatherPromptInput } from './launch/composeSystemPrompt.ts'
 export type { GatherPromptOptions } from './launch/composeSystemPrompt.ts'

package/src/launch/nativeMemory.test.ts

@@ -0,0 +1,150 @@
+// Native runtime-memory levers — the canonized forms (slot contract §Native-
+// память). The HARD requirement pinned here: NO-CLOBBER — both target files
+// carry foreign blocks (plugin enables, statusline wrappers) that every lever
+// write must preserve byte-meaningfully.
+
+import { afterEach, describe, expect, test } from 'bun:test'
+import { mkdirSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from 'fs'
+import { tmpdir } from 'os'
+import { join } from 'path'
+import {
+  applyNativeMemory,
+  claudeSettingsPath,
+  codexProjectConfigPath,
+  codexGlobalConfigPath,
+  preTrustCodexCwd,
+} from './nativeMemory.ts'
+
+const dirs: string[] = []
+function mkTmp(): string {
+  const d = mkdtempSync(join(tmpdir(), 'iapeer-natmem-'))
+  dirs.push(d)
+  return d
+}
+afterEach(() => {
+  while (dirs.length) rmSync(dirs.pop()!, { recursive: true, force: true })
+})
+
+describe('claude lever (settings.json merge)', () => {
+  test('absent file → created with ONLY the lever key', () => {
+    const cwd = mkTmp()
+    const [o] = applyNativeMemory(cwd, ['claude'], 'off')
+    expect(o?.state).toBe('written')
+    expect(JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))).toEqual({ autoMemoryEnabled: false })
+  })
+
+  test('NO-CLOBBER: foreign keys (plugins, statusline) survive off AND on', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.claude'), { recursive: true })
+    const foreign = { enabledPlugins: { 'MergeMind@agfpd': true }, statusLine: { type: 'command', command: 'x' } }
+    writeFileSync(claudeSettingsPath(cwd), JSON.stringify(foreign))
+    applyNativeMemory(cwd, ['claude'], 'off')
+    const afterOff = JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))
+    expect(afterOff).toEqual({ ...foreign, autoMemoryEnabled: false })
+    const [on] = applyNativeMemory(cwd, ['claude'], 'on')
+    expect(on?.state).toBe('written')
+    expect(JSON.parse(readFileSync(claudeSettingsPath(cwd), 'utf8'))).toEqual(foreign) // key REMOVED, default restored
+  })
+
+  test('idempotent: already-false → already; on with no key → already', () => {
+    const cwd = mkTmp()
+    applyNativeMemory(cwd, ['claude'], 'off')
+    expect(applyNativeMemory(cwd, ['claude'], 'off')[0]?.state).toBe('already')
+    applyNativeMemory(cwd, ['claude'], 'on')
+    expect(applyNativeMemory(cwd, ['claude'], 'on')[0]?.state).toBe('already')
+  })
+
+  test('non-object settings.json → failed (refuses to clobber), file untouched', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.claude'), { recursive: true })
+    writeFileSync(claudeSettingsPath(cwd), '"just a string"')
+    const [o] = applyNativeMemory(cwd, ['claude'], 'off')
+    expect(o?.state).toBe('failed')
+    expect(readFileSync(claudeSettingsPath(cwd), 'utf8')).toBe('"just a string"')
+  })
+})
+
+describe('codex lever (config.toml [features] merge)', () => {
+  test('absent file → [features] section with the lever line', () => {
+    const cwd = mkTmp()
+    const [o] = applyNativeMemory(cwd, ['codex'], 'off')
+    expect(o?.state).toBe('written')
+    expect(readFileSync(codexProjectConfigPath(cwd), 'utf8')).toBe('[features]\nmemories = false\n')
+  })
+
+  test('NO-CLOBBER: plugin blocks survive; [features] appended after them (fleet-file shape)', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    const fleet = '[plugins."Inter-Agent-Protocol@agfpd"]\nenabled = true\n\n[plugins."MergeMind@agfpd"]\nenabled = true\n'
+    writeFileSync(codexProjectConfigPath(cwd), fleet)
+    applyNativeMemory(cwd, ['codex'], 'off')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    expect(text).toContain('[plugins."Inter-Agent-Protocol@agfpd"]\nenabled = true')
+    expect(text).toContain('[plugins."MergeMind@agfpd"]\nenabled = true')
+    expect(text).toContain('[features]\nmemories = false')
+  })
+
+  test('existing [features] WITHOUT memories (followed by another section) → inserted INSIDE the section', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nother = true\n\n[plugins."X@y"]\nenabled = true\n')
+    applyNativeMemory(cwd, ['codex'], 'off')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    // the lever line lands in [features], NOT in [plugins."X@y"]
+    expect(text.indexOf('memories = false')).toBeLessThan(text.indexOf('[plugins."X@y"]'))
+    expect(text).toContain('other = true')
+  })
+
+  test('memories = true → replaced with false; already false → already', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nmemories = true\n')
+    expect(applyNativeMemory(cwd, ['codex'], 'off')[0]?.state).toBe('written')
+    expect(readFileSync(codexProjectConfigPath(cwd), 'utf8')).toContain('memories = false')
+    expect(applyNativeMemory(cwd, ['codex'], 'off')[0]?.state).toBe('already')
+  })
+
+  test('on → the memories line is REMOVED (default restored), section + foreign lines kept', () => {
+    const cwd = mkTmp()
+    mkdirSync(join(cwd, '.codex'), { recursive: true })
+    writeFileSync(codexProjectConfigPath(cwd), '[features]\nmemories = false\nother = true\n')
+    const [o] = applyNativeMemory(cwd, ['codex'], 'on')
+    expect(o?.state).toBe('written')
+    const text = readFileSync(codexProjectConfigPath(cwd), 'utf8')
+    expect(text).not.toContain('memories')
+    expect(text).toContain('other = true')
+    expect(applyNativeMemory(cwd, ['codex'], 'on')[0]?.state).toBe('already')
+  })
+})
+
+describe('applyNativeMemory runtime dispatch', () => {
+  test('both runtimes → both levers; router-only runtimes → no outcomes', () => {
+    const cwd = mkTmp()
+    const both = applyNativeMemory(cwd, ['claude', 'codex'], 'off')
+    expect(both.map(o => o.runtime).sort()).toEqual(['claude', 'codex'])
+    expect(applyNativeMemory(mkTmp(), ['telegram', 'notifier'], 'off')).toEqual([])
+  })
+})
+
+describe('preTrustCodexCwd (birth-time trust, codex global config)', () => {
+  test('appends a [projects] block once; NO-CLOBBER of existing content; idempotent', () => {
+    const home = mkTmp()
+    const env = { HOME: home } as NodeJS.ProcessEnv
+    mkdirSync(join(home, '.codex'), { recursive: true })
+    const existing = '[projects."/already/trusted"]\ntrust_level = "trusted"\n'
+    writeFileSync(codexGlobalConfigPath(env), existing)
+    const first = preTrustCodexCwd('/peers/newborn', env)
+    expect(first.state).toBe('written')
+    const text = readFileSync(codexGlobalConfigPath(env), 'utf8')
+    expect(text).toContain(existing.trim())
+    expect(text).toContain('[projects."/peers/newborn"]\ntrust_level = "trusted"')
+    expect(preTrustCodexCwd('/peers/newborn', env).state).toBe('already')
+  })
+
+  test('absent global config → created with just the block', () => {
+    const home = mkTmp()
+    const env = { HOME: home } as NodeJS.ProcessEnv
+    expect(preTrustCodexCwd('/peers/first', env).state).toBe('written')
+    expect(readFileSync(codexGlobalConfigPath(env), 'utf8')).toBe('[projects."/peers/first"]\ntrust_level = "trusted"\n')
+  })
+})

package/src/launch/nativeMemory.ts

@@ -0,0 +1,185 @@
+// Native runtime-memory levers (контракт «Слот памяти» §Native-память рантаймов
+// при занятом слоте, agreed 10.06). The CORE canonizes the lever FORMS — runtime
+// knowledge lives in the runtime layer, like deliveryMarkers/buildArgv:
+//
+//   claude: merge `"autoMemoryEnabled": false` into `<cwd>/.claude/settings.json`
+//   codex:  merge `memories = false` into the `[features]` section of
+//           `<cwd>/.codex/config.toml`
+//
+// Both files CARRY FOREIGN BLOCKS (plugin enables, statusline wrappers, …) —
+// every write here is a NO-CLOBBER merge (parse/patch + atomic temp+rename),
+// never a rewrite. Forms verified live on the fleet (12/12 + behavioral smoke
+// 09.06; codex reads project-local config when the cwd is TRUSTED — see
+// preTrustCodexCwd).
+//
+// `off` writes the explicit disable; `on` REMOVES the key (restores the
+// runtime's own default rather than baking an explicit enable — the core has
+// no opinion beyond "parallel store off while a memory provider owns the host").
+//
+// Consumers: the operator verb `iapeer native-memory <off|on>`, the provider's
+// install-time sweep (calls the verb), and provisionPeer's birth-time hook
+// (slot-gated, see provision/index.ts).
+
+import { existsSync, mkdirSync, readFileSync, realpathSync } from 'fs'
+import { dirname, join } from 'path'
+import { homedir } from 'os'
+import type { Runtime } from '../core/constants.ts'
+import { writeFileAtomic } from '../storage/index.ts'
+
+export type NativeMemoryState = 'off' | 'on'
+
+export interface LeverOutcome {
+  runtime: 'claude' | 'codex'
+  path: string
+  state: 'written' | 'already' | 'failed'
+  detail?: string
+}
+
+// ─── claude: <cwd>/.claude/settings.json — JSON merge ───────────────────────
+
+export function claudeSettingsPath(cwd: string): string {
+  return join(cwd, '.claude', 'settings.json')
+}
+
+function applyClaudeLever(cwd: string, state: NativeMemoryState): LeverOutcome {
+  const path = claudeSettingsPath(cwd)
+  try {
+    let obj: Record<string, unknown> = {}
+    if (existsSync(path)) {
+      const raw = JSON.parse(readFileSync(path, 'utf8')) as unknown
+      if (!raw || typeof raw !== 'object' || Array.isArray(raw)) {
+        return { runtime: 'claude', path, state: 'failed', detail: 'settings.json is not a JSON object — refusing to clobber' }
+      }
+      obj = raw as Record<string, unknown>
+    }
+    if (state === 'off') {
+      if (obj.autoMemoryEnabled === false) return { runtime: 'claude', path, state: 'already' }
+      obj.autoMemoryEnabled = false
+    } else {
+      if (!('autoMemoryEnabled' in obj)) return { runtime: 'claude', path, state: 'already' }
+      delete obj.autoMemoryEnabled // restore the runtime's own default
+    }
+    mkdirSync(dirname(path), { recursive: true })
+    writeFileAtomic(path, `${JSON.stringify(obj, null, 2)}\n`)
+    return { runtime: 'claude', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'claude', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── codex: <cwd>/.codex/config.toml — section-scoped line merge ─────────────
+
+export function codexProjectConfigPath(cwd: string): string {
+  return join(cwd, '.codex', 'config.toml')
+}
+
+/** Locate the `[features]` section bounds: [startLine, endLine) of its BODY
+ *  (after the header, up to the next `[…]` header or EOF). null = no section. */
+function featuresBounds(lines: string[]): { header: number; start: number; end: number } | null {
+  const header = lines.findIndex(l => l.trim() === '[features]')
+  if (header < 0) return null
+  let end = lines.length
+  for (let i = header + 1; i < lines.length; i++) {
+    if (/^\s*\[/.test(lines[i]!)) {
+      end = i
+      break
+    }
+  }
+  return { header, start: header + 1, end }
+}
+
+function applyCodexLever(cwd: string, state: NativeMemoryState): LeverOutcome {
+  const path = codexProjectConfigPath(cwd)
+  try {
+    const text = existsSync(path) ? readFileSync(path, 'utf8') : ''
+    const lines = text.length ? text.split('\n') : []
+    const bounds = featuresBounds(lines)
+    const memRe = /^\s*memories\s*=/
+    if (state === 'off') {
+      if (bounds) {
+        const idx = lines.slice(bounds.start, bounds.end).findIndex(l => memRe.test(l))
+        if (idx >= 0) {
+          const abs = bounds.start + idx
+          if (/^\s*memories\s*=\s*false\s*$/.test(lines[abs]!)) return { runtime: 'codex', path, state: 'already' }
+          lines[abs] = 'memories = false'
+        } else {
+          lines.splice(bounds.start, 0, 'memories = false')
+        }
+      } else {
+        if (lines.length && lines[lines.length - 1]!.trim() !== '') lines.push('')
+        lines.push('[features]', 'memories = false')
+      }
+    } else {
+      if (!bounds) return { runtime: 'codex', path, state: 'already' }
+      const idx = lines.slice(bounds.start, bounds.end).findIndex(l => memRe.test(l))
+      if (idx < 0) return { runtime: 'codex', path, state: 'already' }
+      lines.splice(bounds.start + idx, 1) // restore the runtime's own default
+    }
+    mkdirSync(dirname(path), { recursive: true })
+    const outText = lines.join('\n')
+    writeFileAtomic(path, outText.endsWith('\n') ? outText : `${outText}\n`)
+    return { runtime: 'codex', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'codex', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── codex trust (birth-time only) ───────────────────────────────────────────
+
+/** The codex GLOBAL config (`~/.codex/config.toml`) — where trust lives as
+ *  `[projects."<path>"] trust_level = "trusted"` blocks. */
+export function codexGlobalConfigPath(env: NodeJS.ProcessEnv = process.env): string {
+  const home = env.HOME?.trim() || homedir()
+  return join(home, '.codex', 'config.toml')
+}
+
+/**
+ * Pre-trust a NEWBORN codex peer's cwd by appending its `[projects."<cwd>"]`
+ * block to the codex global config (no-clobber: only when no block for this
+ * path exists). Closes the contract requirement «рычаг действует с ПЕРВОЙ
+ * сессии» DETERMINISTICALLY: codex reads project-local config only for a
+ * trusted cwd, and without pre-trust the first session's trust is granted
+ * mid-boot by the adapter's dialog auto-accept — whether the project config is
+ * (re)read after that grant within the same run is codex-internal. Birth-time
+ * only — existing peers are already trusted through their boot history.
+ */
+export function preTrustCodexCwd(cwd: string, env: NodeJS.ProcessEnv = process.env): LeverOutcome {
+  const path = codexGlobalConfigPath(env)
+  try {
+    // Codex keys trust on the RESOLVED real path (live fact, 10.06 acceptance: the
+    // /tmp → /private/tmp symlink made a literal-path entry MISS and left the lever
+    // inert — trust entries written by codex itself are all /private/tmp/...).
+    let real = cwd
+    try {
+      real = realpathSync(cwd)
+    } catch {
+      /* cwd not on disk yet → keep as given */
+    }
+    const text = existsSync(path) ? readFileSync(path, 'utf8') : ''
+    if (text.includes(`[projects."${real}"]`)) return { runtime: 'codex', path, state: 'already' }
+    const block = `${text.length && !text.endsWith('\n') ? '\n' : ''}${text.trim().length ? '\n' : ''}[projects."${real}"]\ntrust_level = "trusted"\n`
+    mkdirSync(dirname(path), { recursive: true })
+    writeFileAtomic(path, text + block)
+    return { runtime: 'codex', path, state: 'written' }
+  } catch (e) {
+    return { runtime: 'codex', path, state: 'failed', detail: e instanceof Error ? e.message : String(e) }
+  }
+}
+
+// ─── public entry ────────────────────────────────────────────────────────────
+
+/**
+ * Apply the native-memory lever for one peer cwd across its declared runtimes
+ * (∩ {claude, codex} — other runtimes carry no native memory). Idempotent;
+ * every outcome is reported (a 'failed' lever never throws).
+ */
+export function applyNativeMemory(
+  cwd: string,
+  runtimes: readonly Runtime[],
+  state: NativeMemoryState,
+): LeverOutcome[] {
+  const out: LeverOutcome[] = []
+  if (runtimes.includes('claude')) out.push(applyClaudeLever(cwd, state))
+  if (runtimes.includes('codex')) out.push(applyCodexLever(cwd, state))
+  return out
+}

package/src/lifecycle/index.ts

@@ -572,6 +572,26 @@ function sessionAlive(sock: string, identity: string): boolean {
   return tmux(sock, 'has-session', '-t', identity).ok
 }
 
+/** Death-class tag for a gone session (live case: iapeer-memory 10.06 — the WHOLE
+ *  tmux server died by SIGKILL-class and exits.log stayed empty, because the
+ *  pane-died hook needs a living tmux event loop). Two distinguishable classes:
+ *  - `session-gone` — the server on the socket still ANSWERS but the session is not
+ *    there: a pane died inside a living server → the pane-died hook had its chance,
+ *    exits.log should carry the cause.
+ *  - `server-dead` — the server itself is gone: the socket file is missing, or it
+ *    exists but nothing serves it (stale socket — the SIGKILL/OOM class). pane-died
+ *    could never fire, so the lifecycle.log line is the only durable trace. */
+export function classifyGoneSession(sock: string): { death: 'server-dead' | 'session-gone'; reason: string } {
+  if (!existsSync(sock)) {
+    return { death: 'server-dead', reason: 'tmux server gone (socket file missing)' }
+  }
+  // Ask the SERVER, not the session: any server-level command answering (exit 0)
+  // proves the server is alive and merely lost this session.
+  return tmux(sock, 'list-sessions').ok
+    ? { death: 'session-gone', reason: 'session gone, tmux server alive (exit cause should be in exits.log)' }
+    : { death: 'server-dead', reason: 'tmux server dead — stale socket (SIGKILL/OOM class; exits.log has no entry)' }
+}
+
 // ─────────────────────────────────────────────────────────────────────────────
 // System-prompt composition for a woken peer (delegates the jq doctrine-merge to
 // launch/composeSystemPrompt). The tmux launch + boot/ready + activity-proxy all
@@ -1007,8 +1027,13 @@ export function superviseTick(cfg: LifecycleConfig, deps: SuperviseDeps = {}): S
       }
       // Crash / self-close: NO marker written, NO eager relaunch — the peer stays
       // asleep and wakes FRESH lazily on the next message (resolveWakeMode branch 3a).
-      out.push({ identity: s.identity, action: 'reaped-gone', reason: 'session no longer live' })
-      trace({ identity: s.identity, action: 'reaped-gone', reason: 'session no longer live', outcome: 'fresh-next-msg' })
+      // The death-class tag (classifyGoneSession) makes the two gone-classes
+      // distinguishable in lifecycle.log: `session-gone` (pane died, server alive →
+      // exits.log should have the cause) vs `server-dead` (whole tmux server died →
+      // exits.log structurally empty; this line is the only durable trace).
+      const gone = classifyGoneSession(sock)
+      out.push({ identity: s.identity, action: 'reaped-gone', reason: gone.reason })
+      trace({ identity: s.identity, action: 'reaped-gone', death: gone.death, reason: gone.reason, outcome: 'fresh-next-msg' })
       continue
     }
     // Idle accounting via the runtime adapter's activity proxy (claude transcript

package/src/lifecycle/lifecycle.test.ts

@@ -4,6 +4,7 @@ import { tmpdir } from 'os'
 import { join } from 'path'
 import {
   attachPeer,
+  classifyGoneSession,
   clearEphemeralArmed,
   clearNewEager,
   clearStopped,
@@ -229,6 +230,8 @@ describe('superviseTick H4 guard', () => {
     const logged = readFileSync(join(c.eventLogDir, 'lifecycle.log'), 'utf8')
     expect(logged).toContain(`ev=supervise identity=${id} action=reaped-gone`)
     expect(logged).toContain('outcome=fresh-next-msg')
+    // death-class tag: no socket file at all in this sandbox → the server is gone
+    expect(logged).toContain('death=server-dead')
   })
 
   test('empty state dir → no outcomes', () => {
@@ -621,6 +624,83 @@ describe('ephemeral-armed marker + config', () => {
   })
 })
 
+// ─────────────────────────────────────────────────────────────────────────────
+// classifyGoneSession — the death-class tag for reaped-gone (server-dead vs
+// session-gone). Live case: iapeer-memory 10.06 — the whole tmux server died
+// (SIGKILL class), exits.log stayed empty; lifecycle.log must carry the class.
+// ─────────────────────────────────────────────────────────────────────────────
+
+describe('classifyGoneSession (death-class tag)', () => {
+  const tmuxAvailable = spawnSync('tmux', ['-V'], { stdio: 'ignore' }).status === 0
+
+  test('missing socket file → server-dead', () => {
+    const r = classifyGoneSession(join(tmpdir(), 'iapeer-no-such-sock-ever.sock'))
+    expect(r.death).toBe('server-dead')
+    expect(r.reason).toContain('socket file missing')
+  })
+
+  test('stale socket (file exists, nothing serves it) → server-dead', () => {
+    // The SIGKILL/OOM class: the killed server never unlinks its socket file.
+    const dir = mkdtempSync(join(tmpdir(), 'iapeer-stale-sock-'))
+    const sock = join(dir, 'tmux-iap-claude-stale.sock')
+    try {
+      writeFileSync(sock, '') // a plain file — tmux cannot connect to it
+      const r = classifyGoneSession(sock)
+      expect(r.death).toBe('server-dead')
+      expect(r.reason).toContain('stale socket')
+    } finally {
+      rmSync(dir, { recursive: true, force: true })
+    }
+  })
+
+  test.if(tmuxAvailable)('server alive but the session is not there → session-gone', () => {
+    const dir = mkdtempSync(join(tmpdir(), 'iapeer-sg-sock-'))
+    const sock = join(dir, 'tmux-iap-claude-sg.sock')
+    try {
+      // a LIVING server on the socket holding some OTHER session
+      spawnSync('tmux', ['-S', sock, 'new-session', '-d', '-s', 'other-session', 'sleep', '60'])
+      const r = classifyGoneSession(sock)
+      expect(r.death).toBe('session-gone')
+      expect(r.reason).toContain('server alive')
+    } finally {
+      spawnSync('tmux', ['-S', sock, 'kill-server'], { stdio: 'ignore' })
+      rmSync(dir, { recursive: true, force: true })
+    }
+  })
+
+  test.if(tmuxAvailable)('superviseTick logs death=session-gone when the pane died inside a living server', () => {
+    const root = mkdtempSync(join(tmpdir(), 'iapeer-sg-root-'))
+    const laDir = mkdtempSync(join(tmpdir(), 'iapeer-sg-la-')) // empty → not launchd-managed
+    const env = {
+      ...process.env,
+      IAPEER_ROOT: root,
+      IAPEER_LAUNCHAGENTS_DIR: laDir,
+      IAPEER_SOCK_DIR: join(root, 'socks'),
+    }
+    const cfg = loadLifecycleConfig(env)
+    const identity = 'claude-sg'
+    const sock = join(root, 'socks', 'tmux-iap-claude-sg.sock')
+    try {
+      mkdirSync(join(root, 'socks'), { recursive: true })
+      mkdirSync(cfg.stateDir, { recursive: true })
+      // the server LIVES (another session holds it) but claude-sg's session is gone
+      spawnSync('tmux', ['-S', sock, 'new-session', '-d', '-s', 'placeholder', 'sleep', '60'])
+      writeFileSync(
+        join(cfg.stateDir, `${identity}.session`),
+        JSON.stringify({ identity, runtime: 'claude', personality: 'sg', cwd: '/tmp/none', wokeAt: 0 }),
+      )
+      const out = superviseTick(cfg, { env })
+      expect(out.find(x => x.identity === identity)?.action).toBe('reaped-gone')
+      const logged = readFileSync(join(cfg.eventLogDir, 'lifecycle.log'), 'utf8')
+      expect(logged).toContain(`identity=${identity} action=reaped-gone death=session-gone`)
+    } finally {
+      spawnSync('tmux', ['-S', sock, 'kill-server'], { stdio: 'ignore' })
+      rmSync(root, { recursive: true, force: true })
+      rmSync(laDir, { recursive: true, force: true })
+    }
+  })
+})
+
 describe('superviseTick quiet-reap (M2 die-after-reply, real tmux)', () => {
   const tmuxAvailable = spawnSync('tmux', ['-V'], { stdio: 'ignore' }).status === 0
 

package/src/provision/index.ts

@@ -91,6 +91,40 @@ export async function provisionPeer(opts: ProvisionPeerOptions): Promise<Provisi
     runtimeBin,
     warn: opts.warn,
   })
+  // Birth-time native-memory lever (контракт «Слот памяти» §Native-память рантаймов):
+  // an OCCUPIED memory slot gates the AUTOMATIC lever at peer birth — zero window of
+  // a parallel, uncurated native store (the criterion). Empty slot → native memory is
+  // legitimate, untouched. Best-effort with a LOUD warn (a lever hiccup must not kill
+  // the provision — the operator verb `iapeer native-memory off` is the repair).
+  try {
+    const { readMemoryProvider } = await import('../status/index.ts')
+    if (readMemoryProvider(env)) {
+      const { applyNativeMemory, preTrustCodexCwd } = await import('../launch/nativeMemory.ts')
+      for (const o of applyNativeMemory(cwd, profile.runtimes, 'off')) {
+        if (o.state === 'failed') {
+          opts.warn?.(
+            `native-memory lever (${o.runtime}) FAILED for "${profile.personality}": ${o.detail} — ` +
+              `the peer may accumulate a parallel native store; repair: iapeer native-memory off --peer ${profile.personality}`,
+          )
+        }
+      }
+      // Codex reads project-local config only for a TRUSTED cwd — pre-trust the
+      // newborn so the lever acts from the FIRST session (contract requirement),
+      // not from whenever the boot dialog's trust grant takes effect.
+      if (profile.runtimes.includes('codex')) {
+        const t = preTrustCodexCwd(cwd, env)
+        if (t.state === 'failed') {
+          opts.warn?.(
+            `codex pre-trust FAILED for "${profile.personality}": ${t.detail} — ` +
+              `the lever may be inert until the first boot's trust dialog`,
+          )
+        }
+      }
+    }
+  } catch (e) {
+    opts.warn?.(`native-memory birth-time hook failed: ${e instanceof Error ? e.message : String(e)}`)
+  }
+
   // wake_policy:"ephemeral" sanity (M2 edge cases — warn, don't refuse: the policy
   // lives in the hand-editable local profile, provision just surfaces the mismatch):
   //   • + interfaces.telegram: ephemeral WINS in resolveWakeMode (explicit policy

package/src/provision/provision.test.ts

@@ -158,3 +158,44 @@ describe('provisionPeer ephemeral warnings', () => {
     expect(warns.some(w => /ephemeral/.test(w) && /inert|launchd/i.test(w))).toBe(true)
   })
 })
+
+// ─────────────────────────────────────────────────────────────────────────────
+// Birth-time native-memory lever (slot contract §Native-память): an OCCUPIED
+// slot gates the automatic lever at provision; empty slot → untouched.
+// ─────────────────────────────────────────────────────────────────────────────
+
+describe('provisionPeer birth-time native-memory lever', () => {
+  test('slot OCCUPIED → claude+codex levers written + codex cwd pre-trusted', async () => {
+    const root = mkTmp()
+    const env = envFor(root)
+    // occupy the slot (as the provider's init would)
+    mkdirSync(join(root, 'iapeer'), { recursive: true })
+    writeFileSync(
+      join(root, 'iapeer', 'memory-provider.json'),
+      JSON.stringify({ provider: 'iapeer-memory', package: '@agfpd/iapeer-memory', version: '0.1.0', registeredAt: 'x' }),
+    )
+    const cwd = join(root, 'wnat')
+    mkdirSync(join(cwd, '.iapeer'), { recursive: true })
+    writeFileSync(
+      peerProfilePath(cwd),
+      JSON.stringify({ personality: 'wnat', runtime: 'claude', runtimes: ['claude', 'codex'] }),
+    )
+    await provisionPeer({ cwd, runtime: 'claude', env })
+    expect(JSON.parse(readFileSync(join(cwd, '.claude', 'settings.json'), 'utf8')).autoMemoryEnabled).toBe(false)
+    expect(readFileSync(join(cwd, '.codex', 'config.toml'), 'utf8')).toContain('memories = false')
+    // codex newborn pre-trusted in the GLOBAL codex config (HOME-scoped → temp root).
+    // Codex keys trust on the RESOLVED real path (macOS /var → /private/var), so the
+    // entry must carry realpath(cwd) — the literal-path miss was a live-caught bug.
+    const { realpathSync } = await import('fs')
+    expect(readFileSync(join(root, '.codex', 'config.toml'), 'utf8')).toContain(`[projects."${realpathSync(cwd)}"]`)
+  })
+
+  test('slot EMPTY → native memory untouched (legitimate without a provider)', async () => {
+    const root = mkTmp()
+    const env = envFor(root)
+    const cwd = join(root, 'wbare')
+    await provisionPeer({ cwd, runtime: 'claude', env })
+    expect(existsSync(join(cwd, '.claude', 'settings.json'))).toBe(false)
+    expect(existsSync(join(cwd, '.codex', 'config.toml'))).toBe(false)
+  })
+})

package/src/update/index.ts

@@ -226,7 +226,18 @@ export function updateIapeer(deps: UpdateDeps = {}): UpdateResult {
 
   const runInstall = deps.runInstall ?? defaultRunInstall
   if (!runInstall(desired, env)) {
-    return { status: 'failed', from, latest: desired, reason: `\`npx ${IAPEER_PACKAGE}@${desired} install\` failed` }
+    // NB: the installer is the DETERMINISTIC pack+build path (no npx — see
+    // defaultRunInstall); the most common cause right after a publish is the npm
+    // CDN tarball lagging the version metadata (live-hit 10.06: `npm view` already
+    // showed the version, `npm pack` still failed; a retry ~1 min later succeeded).
+    return {
+      status: 'failed',
+      from,
+      latest: desired,
+      reason:
+        `deterministic install of ${IAPEER_PACKAGE}@${desired} failed (npm pack/deps/build) — ` +
+        `if just published, the registry tarball may still be propagating; retry in ~1 min`,
+    }
   }
 
   const restart = deps.restartDaemon ?? kickstartDaemon