@bastani/atomic 0.5.28-0 → 0.5.28-2

package/src/commands/cli/workflow-command.test.ts

@@ -34,6 +34,7 @@ import { join } from "node:path";
 import { tmpdir } from "node:os";
 import * as realWorkflows from "../../sdk/workflows/index.ts";
 import * as realDetect from "../../services/system/detect.ts";
+import * as realAuth from "../../services/system/auth.ts";
 import * as realSpawn from "../../lib/spawn.ts";
 import { AGENT_CONFIG } from "../../services/config/index.ts";
 import type {
@@ -99,6 +100,14 @@ const ensureBunInstalledMock = mock<typeof realSpawn.ensureBunInstalled>(
   async () => {},
 );
 
+// Default: pretend auth succeeded. Real probes spawn the agent CLI via
+// its SDK to talk to an auth RPC — that's network/process-heavy and
+// non-deterministic on CI runners, so the auth branch is faked here and
+// exercised directly by `auth.test.ts`.
+const checkAgentAuthMock = mock<typeof realAuth.checkAgentAuth>(async () => ({
+  loggedIn: true,
+}));
+
 mock.module("../../sdk/workflows/index.ts", () => ({
   ...realWorkflows,
   executeWorkflow: executeWorkflowMock,
@@ -110,6 +119,10 @@ mock.module("../../services/system/detect.ts", () => ({
   ...realDetect,
   isCommandInstalled: isCommandInstalledMock,
 }));
+mock.module("../../services/system/auth.ts", () => ({
+  ...realAuth,
+  checkAgentAuth: checkAgentAuthMock,
+}));
 mock.module("../../lib/spawn.ts", () => ({
   ...realSpawn,
   ensureTmuxInstalled: ensureTmuxInstalledMock,
@@ -226,6 +239,8 @@ beforeEach(async () => {
   ensureTmuxInstalledMock.mockImplementation(async () => {});
   ensureBunInstalledMock.mockClear();
   ensureBunInstalledMock.mockImplementation(async () => {});
+  checkAgentAuthMock.mockClear();
+  checkAgentAuthMock.mockImplementation(async () => ({ loggedIn: true }));
 });
 
 afterEach(async () => {
@@ -908,6 +923,31 @@ describe("workflowCommand prereq checks", () => {
     expect(cap.stderr).toMatch(/(tmux|psmux) is not installed/);
   });
 
+  test("returns 1 with a login hint when the user isn't authenticated", async () => {
+    // Auth probe runs after `isCommandInstalled` and before tmux/bun
+    // installer checks — the workflow must bail before spawning a tmux
+    // session users would then have to kill manually.
+    checkAgentAuthMock.mockImplementationOnce(async () => ({
+      loggedIn: false,
+      detail: "oauth token missing",
+    }));
+
+    const cap = captureOutput();
+    const code = await workflowCommand({
+      name: "anything",
+      agent: "copilot",
+      cwd: tempDir,
+    });
+    cap.restore();
+
+    expect(code).toBe(1);
+    expect(cap.stderr).toContain("Not logged in to GitHub Copilot CLI");
+    expect(cap.stderr).toContain("oauth token missing");
+    expect(cap.stderr).toContain("copilot");
+    // Downstream installers never run — the auth gate short-circuits.
+    expect(ensureTmuxInstalledMock).not.toHaveBeenCalled();
+  });
+
   test("best-effort tmux installer errors are swallowed", async () => {
     // Even if the installer throws, runPrereqChecks falls through to a
     // second `isTmuxInstalled()` check — if that still says false, we

package/src/commands/cli/workflow.ts

@@ -13,6 +13,7 @@
 import { AGENT_CONFIG, type AgentKey } from "../../services/config/index.ts";
 import { COLORS, createPainter, type PaletteKey } from "../../theme/colors.ts";
 import { isCommandInstalled } from "../../services/system/detect.ts";
+import { checkAgentAuth, printAuthError } from "../../services/system/auth.ts";
 import { ensureTmuxInstalled, ensureBunInstalled } from "../../lib/spawn.ts";
 import { ensureProjectSetup } from "./init/index.ts";
 import { ensureAtomicGlobalAgentConfigs } from "../../services/config/atomic-global-config.ts";
@@ -299,6 +300,15 @@ async function runPrereqChecks(agent: AgentKey): Promise<number> {
     return 1;
   }
 
+  // Fail fast when the SDK reports the user isn't authenticated —
+  // otherwise the workflow spawns the agent CLI in a detached tmux pane
+  // and silently stalls on a login screen the user never sees.
+  const auth = await checkAgentAuth(agent);
+  if (!auth.loggedIn) {
+    printAuthError(agent, auth);
+    return 1;
+  }
+
   if (!isTmuxInstalled()) {
     console.log("Terminal multiplexer not found. Installing...");
     try {

package/src/lib/merge.ts

@@ -10,28 +10,41 @@ type McpConfig = Record<string, unknown>;
 /** Keys that hold named-object maps (server registries). */
 const SERVER_MAP_KEYS = ["mcpServers", "servers", "lspServers"] as const;
 
+function stripKeys(config: McpConfig, keys: readonly string[]): McpConfig {
+  if (keys.length === 0) return config;
+  const next: McpConfig = { ...config };
+  for (const key of keys) delete next[key];
+  return next;
+}
+
 /**
  * Merge source JSON file into destination JSON file
  * - Preserves all existing keys in destination
  * - Adds/updates keys from source
  * - For MCP server maps: preserves user's servers, adds/updates CLI-managed servers
+ * - `excludeKeys` are stripped from the source before merging so they
+ *   never propagate to the destination (destination keeps its own value).
  *
  * @param srcPath Path to source JSON file
  * @param destPath Path to destination JSON file (will be modified in place)
+ * @param excludeKeys Top-level source keys to drop before merging
  */
 export async function mergeJsonFile(
   srcPath: string,
-  destPath: string
+  destPath: string,
+  excludeKeys: readonly string[] = [],
 ): Promise<void> {
   if (resolve(srcPath) === resolve(destPath)) {
     return;
   }
 
-  const [srcConfig, destConfig] = await Promise.all([
+  const [rawSrcConfig, destConfig] = await Promise.all([
     Bun.file(srcPath).json() as Promise<McpConfig>,
     Bun.file(destPath).json() as Promise<McpConfig>,
   ]);
 
+  const srcConfig = stripKeys(rawSrcConfig, excludeKeys);
+
   // Merge top-level config - preserve destination's other keys
   const mergedConfig: McpConfig = {
     ...destConfig,
@@ -59,6 +72,9 @@ export async function mergeJsonFile(
  *   merges via {@link mergeJsonFile} (source keys win, server maps
  *   are merged individually)
  * - Otherwise copies the source as-is
+ * - `excludeKeys` drops top-level keys from the source before writing,
+ *   so they never land in the destination (applies to both the merge
+ *   and no-destination-yet code paths).
  *
  * This is the single entry-point for the merge-or-copy pattern used
  * by both project-level onboarding and global config sync.
@@ -67,12 +83,21 @@ export async function syncJsonFile(
   srcPath: string,
   destPath: string,
   merge: boolean = true,
+  excludeKeys: readonly string[] = [],
 ): Promise<void> {
   await ensureDir(dirname(destPath));
 
   if (merge && (await pathExists(destPath))) {
-    await mergeJsonFile(srcPath, destPath);
-  } else {
+    await mergeJsonFile(srcPath, destPath, excludeKeys);
+    return;
+  }
+
+  if (excludeKeys.length === 0) {
     await copyFile(srcPath, destPath);
+    return;
   }
+
+  const srcConfig = (await Bun.file(srcPath).json()) as McpConfig;
+  const stripped = stripKeys(srcConfig, excludeKeys);
+  await Bun.write(destPath, JSON.stringify(stripped, null, 2) + "\n");
 }

package/src/sdk/providers/claude.ts

@@ -71,6 +71,12 @@ export async function clearClaudeSession(paneId: string): Promise<void> {
       // Best-effort — if release fails the hook will still exit on its
       // own safety timeout.
     }
+    try {
+      await unlinkAtomicPidFile(state.claudeSessionId);
+    } catch {
+      // Best-effort — stale pid file is inert; the next session writes a
+      // fresh one under its own UUID.
+    }
   }
   initializedPanes.delete(paneId);
 }
@@ -258,6 +264,12 @@ export async function createClaudeSession(options: ClaudeSessionOptions): Promis
     chatFlags,
     readyTimeoutMs,
   });
+
+  // Write our PID so the Stop hook can detect an orphaned session if we
+  // crash/get SIGKILL'd without running teardown. Best-effort; failures just
+  // mean the hook falls back to waiting out Claude's own hook timeout.
+  await writeAtomicPidFile(claudeSessionId);
+
   return claudeSessionId;
 }
 
@@ -609,6 +621,38 @@ export async function releaseClaudeSession(claudeSessionId: string): Promise<voi
   await writeFile(releasePath(claudeSessionId), "");
 }
 
+/** @internal */
+function pidDir(): string {
+  return claudeHookDirs().pid;
+}
+
+/** @internal */
+function pidFilePath(claudeSessionId: string): string {
+  return join(pidDir(), claudeSessionId);
+}
+
+/**
+ * Write `process.pid` to `~/.atomic/claude-pid/<session_id>` so the Stop hook
+ * can use it as a liveness signal. If atomic is SIGKILL'd (no chance to run
+ * `clearClaudeSession`), the hook detects the dead PID via `process.kill(..,0)`
+ * and self-exits instead of parking Claude for the full 24-day timeout.
+ */
+async function writeAtomicPidFile(claudeSessionId: string): Promise<void> {
+  await mkdir(pidDir(), { recursive: true });
+  await writeFile(pidFilePath(claudeSessionId), String(process.pid), "utf-8");
+}
+
+/** Remove the pid file for a session. Idempotent — ENOENT is swallowed. */
+async function unlinkAtomicPidFile(claudeSessionId: string): Promise<void> {
+  try {
+    await unlink(pidFilePath(claudeSessionId));
+  } catch (e: unknown) {
+    if (!(e instanceof Error && "code" in e && (e as NodeJS.ErrnoException).code === "ENOENT")) {
+      throw e;
+    }
+  }
+}
+
 // ---------------------------------------------------------------------------
 // Idle detection via marker file watch
 // ---------------------------------------------------------------------------
@@ -1045,6 +1089,40 @@ export class HeadlessClaudeClientWrapper {
   async stop(): Promise<void> {}
 }
 
+/**
+ * Resolve the `claude` CLI binary for headless SDK queries.
+ *
+ * Pins the SDK to the same binary interactive stages already spawn via tmux
+ * (`AGENT_CONFIG.claude.cmd` on PATH), bypassing
+ * `@anthropic-ai/claude-agent-sdk`'s built-in resolver. That resolver probes
+ * optional native packages in a fixed order — on Linux it tries
+ * `linux-${arch}-musl` before `linux-${arch}` and returns whichever
+ * `require.resolve` finds first — so on a glibc host where both optional
+ * packages got installed (Bun installs every optionalDependency by default)
+ * it picks the musl binary, which can't exec because its dynamic linker
+ * (`/lib/ld-musl-*.so.1`) is absent. The SDK surfaces the resulting ENOENT
+ * as a misleading "Claude Code native binary not found" error.
+ *
+ * `chatCommand` and `workflowCommand` already fail fast when `claude` isn't
+ * on PATH (see `isCommandInstalled` in each), so in practice this lookup
+ * always succeeds. The throw here is a belt-and-suspenders guard that
+ * prefers a clear failure over silently falling back to the SDK's resolver.
+ */
+export function resolveHeadlessClaudeBin(): string {
+  // Pass PATH explicitly — the 1-arg form of Bun.which caches the value
+  // captured at process start, which makes the lookup insensitive to later
+  // env mutations (and un-exercisable from tests that tweak `process.env.PATH`).
+  const onPath = Bun.which("claude", { PATH: process.env.PATH ?? "" });
+  if (!onPath) {
+    throw new Error(
+      "`claude` CLI not found on PATH. Install Claude Code via the native " +
+        "installer (https://docs.claude.com/en/docs/claude-code/overview) " +
+        "and retry.",
+    );
+  }
+  return onPath;
+}
+
 /**
  * Headless session wrapper for Claude stages. Uses the Agent SDK's `query()`
  * directly instead of tmux pane operations. Implements the same `query()`
@@ -1080,6 +1158,8 @@ export class HeadlessClaudeSessionWrapper {
     const sdkOpts = options ?? {};
     const headlessSdkOpts: Partial<SDKOptions> = {
       ...sdkOpts,
+      pathToClaudeCodeExecutable:
+        sdkOpts.pathToClaudeCodeExecutable ?? resolveHeadlessClaudeBin(),
       disallowedTools: mergeDisallowedTools(sdkOpts.disallowedTools, [
         "AskUserQuestion",
       ]),

package/src/sdk/providers/copilot.ts

@@ -7,6 +7,26 @@
 
 import { createProviderValidator } from "../types.ts";
 
+/**
+ * Env inherited by the Copilot CLI subprocess the SDK spawns.
+ *
+ * `NODE_NO_WARNINGS=1` silences the
+ * `ExperimentalWarning: SQLite is an experimental feature` banner that
+ * Node prints via the CLI's bundled `require("node:sqlite")`. The SDK
+ * pipes the subprocess's stderr through `process.stderr` with a
+ * `[CLI subprocess]` prefix, so without this override the warning
+ * leaks into every `atomic chat -a copilot` and `atomic workflow -a
+ * copilot` invocation.
+ *
+ * The SDK uses `options.env ?? process.env` as-is (no merge) when
+ * spawning, so we must fold the existing env in ourselves. Returns a
+ * fresh object per call so callers can layer additional env without
+ * mutating shared state.
+ */
+export function copilotSubprocessEnv(): Record<string, string | undefined> {
+  return { ...process.env, NODE_NO_WARNINGS: "1" };
+}
+
 /**
  * Validate a Copilot workflow source file for common mistakes.
  */

package/src/sdk/providers/headless-hil-policy.test.ts

@@ -8,7 +8,10 @@
  */
 
 import { test, expect, describe } from "bun:test";
-import { mergeDisallowedTools } from "./claude.ts";
+import { chmodSync, mkdtempSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { mergeDisallowedTools, resolveHeadlessClaudeBin } from "./claude.ts";
 import {
   HEADLESS_OPENCODE_CLIENT_ID,
   withHeadlessOpencodeEnv,
@@ -63,6 +66,43 @@ describe("mergeExcludedTools (Copilot)", () => {
   });
 });
 
+// ---------------------------------------------------------------------------
+// Claude — headless binary resolution pins to the PATH `claude` CLI
+// ---------------------------------------------------------------------------
+
+describe("resolveHeadlessClaudeBin", () => {
+  const withPath = (path: string, fn: () => void) => {
+    const before = process.env.PATH;
+    process.env.PATH = path;
+    try {
+      fn();
+    } finally {
+      if (before === undefined) delete process.env.PATH;
+      else process.env.PATH = before;
+    }
+  };
+
+  test("returns the `claude` binary when present on PATH", () => {
+    const dir = mkdtempSync(join(tmpdir(), "atomic-claude-bin-"));
+    const bin = join(dir, "claude");
+    writeFileSync(bin, "#!/usr/bin/env sh\nexit 0\n");
+    chmodSync(bin, 0o755);
+    withPath(dir, () => {
+      expect(resolveHeadlessClaudeBin()).toBe(bin);
+    });
+  });
+
+  test("throws with installer URL when PATH has no `claude`", () => {
+    const empty = mkdtempSync(join(tmpdir(), "atomic-empty-path-"));
+    withPath(empty, () => {
+      expect(() => resolveHeadlessClaudeBin()).toThrow(/CLI not found on PATH/);
+      expect(() => resolveHeadlessClaudeBin()).toThrow(
+        /docs\.claude\.com.*claude-code/,
+      );
+    });
+  });
+});
+
 // ---------------------------------------------------------------------------
 // OpenCode — OPENCODE_CLIENT override excludes the question tool
 // ---------------------------------------------------------------------------

package/src/sdk/runtime/executor.ts

@@ -1207,12 +1207,21 @@ async function initProviderClientAndSession<A extends AgentType>(
   switch (agent) {
     case "copilot": {
       const { CopilotClient, approveAll } = await import("@github/copilot-sdk");
+      const { copilotSubprocessEnv } = await import("../providers/copilot.ts");
       const copilotClientOpts = clientOpts as StageClientOptions<"copilot">;
       const copilotSessionOpts = sessionOpts as StageSessionOptions<"copilot">;
       // Headless: let the SDK spawn its own CLI process (no cliUrl).
       // Non-headless: connect to the CLI server running in a tmux pane.
+      // `env` is only meaningful in the headless path — the SDK ignores
+      // it when `cliUrl` is set — but layering in `copilotSubprocessEnv`
+      // when the caller didn't supply their own env keeps the
+      // SQLite `ExperimentalWarning` from leaking through the SDK's
+      // `[CLI subprocess]` stderr forwarder.
       const client = headless
-        ? new CopilotClient({ ...copilotClientOpts })
+        ? new CopilotClient({
+            env: copilotSubprocessEnv(),
+            ...copilotClientOpts,
+          })
         : new CopilotClient({ ...copilotClientOpts, cliUrl: serverUrl });
       await client.start();
       // In headless stages, add `ask_user` to the session's excludedTools so

package/src/services/config/definitions.ts

@@ -22,6 +22,13 @@ export interface AgentConfig {
     source: string;
     destination: string;
     merge: boolean;
+    /**
+     * Top-level keys to strip from the source before copying or merging.
+     * Useful when a key is project-local by design (e.g. Claude's
+     * `disabledMcpjsonServers`) and must not leak into a global
+     * destination like `~/.claude/settings.json`.
+     */
+    excludeConfigKeys?: readonly string[];
   }>;
 }
 
@@ -55,6 +62,9 @@ export const AGENT_CONFIG: Record<AgentKey, AgentConfig> = {
         source: ".claude/settings.json",
         destination: "~/.claude/settings.json",
         merge: true,
+        // `disabledMcpjsonServers` is reconciled per-project by scm-sync
+        // and must not leak into the user's global Claude settings.
+        excludeConfigKeys: ["disabledMcpjsonServers"],
       },
     ],
   },

package/src/services/system/auth.test.ts

@@ -0,0 +1,194 @@
+/**
+ * Tests for the SDK-level auth probes in `auth.ts`.
+ *
+ * Both the Copilot SDK and Claude Agent SDK spawn native agent binaries
+ * under the hood, which makes the probes unsuitable for unit tests on a
+ * CI runner that has neither binary installed. We `mock.module()` each
+ * SDK so the probes read from in-test fakes, then assert the wrapper's
+ * translation into `AuthCheckResult` shape.
+ */
+
+import {
+  describe,
+  test,
+  expect,
+  beforeEach,
+  mock,
+} from "bun:test";
+
+// ─── Copilot SDK fake ──────────────────────────────────────────────────────
+// `CopilotClient` is a class; the constructor captures latest test state.
+// We swap `start` / `stop` / `getAuthStatus` per-test via mockable fns.
+
+interface CopilotAuthStatus {
+  isAuthenticated: boolean;
+  login?: string;
+  statusMessage?: string;
+}
+
+let copilotStart = mock(async () => {});
+let copilotStop = mock(async () => [] as unknown[]);
+let copilotGetAuthStatus = mock<() => Promise<CopilotAuthStatus>>(async () => ({
+  isAuthenticated: true,
+  login: "octocat",
+}));
+
+class FakeCopilotClient {
+  async start(): Promise<void> {
+    await copilotStart();
+  }
+  async stop(): Promise<unknown[]> {
+    return copilotStop();
+  }
+  async getAuthStatus(): Promise<CopilotAuthStatus> {
+    return copilotGetAuthStatus();
+  }
+}
+
+mock.module("@github/copilot-sdk", () => ({
+  CopilotClient: FakeCopilotClient,
+}));
+
+// ─── Claude Agent SDK fake ────────────────────────────────────────────────
+// `query()` returns something with `initializationResult()` and `close()`.
+// We ignore the `prompt` stream — the real SDK consumes it lazily, and the
+// probe only calls `initializationResult()` before closing.
+
+interface ClaudeAccount {
+  email?: string;
+  tokenSource?: string;
+  apiKeySource?: string;
+}
+
+let claudeInit = mock<() => Promise<{ account: ClaudeAccount }>>(async () => ({
+  account: { email: "user@example.com", tokenSource: "oauth" },
+}));
+let claudeClose = mock(() => {});
+
+mock.module("@anthropic-ai/claude-agent-sdk", () => ({
+  query: () => ({
+    initializationResult: () => claudeInit(),
+    close: () => claudeClose(),
+  }),
+}));
+
+// Stub the claude provider module so we don't probe PATH for `claude`.
+mock.module("../../sdk/providers/claude.ts", () => ({
+  resolveHeadlessClaudeBin: () => "/usr/local/bin/claude",
+}));
+
+const { checkAgentAuth } = await import("./auth.ts");
+
+beforeEach(() => {
+  copilotStart.mockClear();
+  copilotStart.mockImplementation(async () => {});
+  copilotStop.mockClear();
+  copilotStop.mockImplementation(async () => []);
+  copilotGetAuthStatus.mockClear();
+  copilotGetAuthStatus.mockImplementation(async () => ({
+    isAuthenticated: true,
+    login: "octocat",
+  }));
+  claudeInit.mockClear();
+  claudeInit.mockImplementation(async () => ({
+    account: { email: "user@example.com", tokenSource: "oauth" },
+  }));
+  claudeClose.mockClear();
+  claudeClose.mockImplementation(() => {});
+});
+
+describe("checkAgentAuth(copilot)", () => {
+  test("returns loggedIn=true when the SDK reports isAuthenticated", async () => {
+    const result = await checkAgentAuth("copilot");
+    expect(result.loggedIn).toBe(true);
+    expect(result.identity).toBe("octocat");
+    // Hygiene: client must be stopped even on the happy path so we
+    // don't leak a long-running CLI subprocess.
+    expect(copilotStop).toHaveBeenCalledTimes(1);
+  });
+
+  test("returns loggedIn=false when the SDK reports isAuthenticated=false", async () => {
+    copilotGetAuthStatus.mockImplementationOnce(async () => ({
+      isAuthenticated: false,
+      statusMessage: "no credentials on disk",
+    }));
+    const result = await checkAgentAuth("copilot");
+    expect(result.loggedIn).toBe(false);
+    expect(result.detail).toBe("no credentials on disk");
+  });
+
+  test("returns loggedIn=false when the SDK throws on start", async () => {
+    copilotStart.mockImplementationOnce(async () => {
+      throw new Error("CLI not installed");
+    });
+    const result = await checkAgentAuth("copilot");
+    expect(result.loggedIn).toBe(false);
+    expect(result.detail).toContain("CLI not installed");
+  });
+
+  test("swallows errors from stop() on the failure path", async () => {
+    copilotGetAuthStatus.mockImplementationOnce(async () => {
+      throw new Error("auth probe failed");
+    });
+    copilotStop.mockImplementationOnce(async () => {
+      throw new Error("stop crashed");
+    });
+    const result = await checkAgentAuth("copilot");
+    expect(result.loggedIn).toBe(false);
+    expect(result.detail).toContain("auth probe failed");
+    // The stop failure must not shadow the probe result.
+    expect(result.detail).not.toContain("stop crashed");
+  });
+});
+
+describe("checkAgentAuth(claude)", () => {
+  test("returns loggedIn=true when initializationResult has account email", async () => {
+    const result = await checkAgentAuth("claude");
+    expect(result.loggedIn).toBe(true);
+    expect(result.identity).toBe("user@example.com");
+    expect(claudeClose).toHaveBeenCalledTimes(1);
+  });
+
+  test("returns loggedIn=true when only tokenSource is populated", async () => {
+    claudeInit.mockImplementationOnce(async () => ({
+      account: { tokenSource: "oauth" },
+    }));
+    const result = await checkAgentAuth("claude");
+    expect(result.loggedIn).toBe(true);
+  });
+
+  test("returns loggedIn=true when only apiKeySource is populated", async () => {
+    claudeInit.mockImplementationOnce(async () => ({
+      account: { apiKeySource: "env" },
+    }));
+    const result = await checkAgentAuth("claude");
+    expect(result.loggedIn).toBe(true);
+  });
+
+  test("returns loggedIn=false when account is empty", async () => {
+    claudeInit.mockImplementationOnce(async () => ({ account: {} }));
+    const result = await checkAgentAuth("claude");
+    expect(result.loggedIn).toBe(false);
+  });
+
+  test("returns loggedIn=false when initializationResult throws", async () => {
+    claudeInit.mockImplementationOnce(async () => {
+      throw new Error("subprocess init failed — check authentication");
+    });
+    const result = await checkAgentAuth("claude");
+    expect(result.loggedIn).toBe(false);
+    expect(result.detail).toContain("subprocess init failed");
+  });
+});
+
+describe("checkAgentAuth(opencode)", () => {
+  test("is a no-op — returns loggedIn=true without probing the SDK", async () => {
+    // OpenCode handles auth interactively on first use; there's no
+    // equivalent RPC probe, so the wrapper short-circuits.
+    const result = await checkAgentAuth("opencode");
+    expect(result.loggedIn).toBe(true);
+    // Confirm neither SDK fake was touched.
+    expect(copilotStart).not.toHaveBeenCalled();
+    expect(claudeInit).not.toHaveBeenCalled();
+  });
+});