@controlvector/cv-agent 1.3.0 → 1.4.0

package/dist/bundle.cjs

@@ -960,7 +960,7 @@ var require_command = __commonJS({
     var EventEmitter = require("node:events").EventEmitter;
     var childProcess = require("node:child_process");
     var path = require("node:path");
-    var fs2 = require("node:fs");
+    var fs3 = require("node:fs");
     var process3 = require("node:process");
     var { Argument: Argument2, humanReadableArgName } = require_argument();
     var { CommanderError: CommanderError2 } = require_error();
@@ -1893,10 +1893,10 @@ Expecting one of '${allowedValues.join("', '")}'`);
         const sourceExt = [".js", ".ts", ".tsx", ".mjs", ".cjs"];
         function findFile(baseDir, baseName) {
           const localBin = path.resolve(baseDir, baseName);
-          if (fs2.existsSync(localBin)) return localBin;
+          if (fs3.existsSync(localBin)) return localBin;
           if (sourceExt.includes(path.extname(baseName))) return void 0;
           const foundExt = sourceExt.find(
-            (ext) => fs2.existsSync(`${localBin}${ext}`)
+            (ext) => fs3.existsSync(`${localBin}${ext}`)
           );
           if (foundExt) return `${localBin}${foundExt}`;
           return void 0;
@@ -1908,7 +1908,7 @@ Expecting one of '${allowedValues.join("', '")}'`);
         if (this._scriptPath) {
           let resolvedScriptPath;
           try {
-            resolvedScriptPath = fs2.realpathSync(this._scriptPath);
+            resolvedScriptPath = fs3.realpathSync(this._scriptPath);
           } catch (err) {
             resolvedScriptPath = this._scriptPath;
           }
@@ -3697,12 +3697,13 @@ async function failTask(creds, executorId, taskId, error) {
   const res = await apiCall(creds, "POST", `/api/v1/executors/${executorId}/tasks/${taskId}/fail`, { error });
   if (!res.ok) throw new Error(`Fail failed: ${res.status}`);
 }
-async function sendHeartbeat(creds, executorId, taskId, message) {
-  await apiCall(creds, "POST", `/api/v1/executors/${executorId}/heartbeat`).catch(() => {
+async function sendHeartbeat(creds, executorId, taskId, message, authStatus2) {
+  const body = authStatus2 ? { auth_status: authStatus2 } : void 0;
+  await apiCall(creds, "POST", `/api/v1/executors/${executorId}/heartbeat`, body).catch(() => {
   });
   if (taskId) {
-    const body = message ? { message, log_type: "heartbeat" } : void 0;
-    await apiCall(creds, "POST", `/api/v1/executors/${executorId}/tasks/${taskId}/heartbeat`, body).catch(() => {
+    const taskBody = message ? { message, log_type: "heartbeat" } : void 0;
+    await apiCall(creds, "POST", `/api/v1/executors/${executorId}/tasks/${taskId}/heartbeat`, taskBody).catch(() => {
     });
   }
 }
@@ -4067,7 +4068,95 @@ ${source_default.yellow("\u26A0")} ${label} failed, retrying in ${delay}s... (${
   throw new Error("unreachable");
 }
 
+// src/utils/config.ts
+var import_fs2 = require("fs");
+var import_os2 = require("os");
+var import_path2 = require("path");
+function getConfigPath() {
+  return (0, import_path2.join)((0, import_os2.homedir)(), ".config", "cva", "config.json");
+}
+async function readConfig() {
+  try {
+    const content = await import_fs2.promises.readFile(getConfigPath(), "utf-8");
+    return JSON.parse(content);
+  } catch {
+    return {};
+  }
+}
+async function writeConfig(config) {
+  const configPath = getConfigPath();
+  await import_fs2.promises.mkdir((0, import_path2.dirname)(configPath), { recursive: true });
+  await import_fs2.promises.writeFile(configPath, JSON.stringify(config, null, 2) + "\n", { mode: 384 });
+}
+
 // src/commands/agent.ts
+var AUTH_ERROR_PATTERNS = [
+  "Not logged in",
+  "Please run /login",
+  "authentication required",
+  "unauthorized",
+  "expired token",
+  "not authenticated",
+  "login required"
+];
+function containsAuthError(text) {
+  const lower = text.toLowerCase();
+  for (const pattern of AUTH_ERROR_PATTERNS) {
+    if (lower.includes(pattern.toLowerCase())) {
+      return pattern;
+    }
+  }
+  return null;
+}
+async function checkClaudeAuth() {
+  try {
+    const output = (0, import_node_child_process2.execSync)("claude --version 2>&1", {
+      encoding: "utf8",
+      timeout: 1e4,
+      env: { ...process.env }
+    });
+    const authError = containsAuthError(output);
+    if (authError) {
+      return { status: "expired", error: authError };
+    }
+    return { status: "authenticated" };
+  } catch (err) {
+    const output = (err.stdout || "") + (err.stderr || "") + (err.message || "");
+    const authError = containsAuthError(output);
+    if (authError) {
+      return { status: "expired", error: authError };
+    }
+    return { status: "not_configured", error: output.slice(0, 500) };
+  }
+}
+async function getClaudeEnv() {
+  const env2 = { ...process.env };
+  let usingApiKey = false;
+  if (!env2.ANTHROPIC_API_KEY) {
+    try {
+      const config = await readConfig();
+      if (config.anthropic_api_key) {
+        env2.ANTHROPIC_API_KEY = config.anthropic_api_key;
+        usingApiKey = true;
+      }
+    } catch {
+    }
+  }
+  return { env: env2, usingApiKey };
+}
+function buildAuthFailureMessage(errorString, machineName, hasApiKeyFallback) {
+  let msg = `CLAUDE_AUTH_REQUIRED: ${errorString}
+`;
+  msg += `Machine: ${machineName}
+`;
+  msg += `Fix: SSH into ${machineName} and run: claude /login
+`;
+  if (!hasApiKeyFallback) {
+    msg += `Alternative: Set an API key fallback with: cva auth set-api-key sk-ant-...
+`;
+  }
+  return msg;
+}
 function buildClaudePrompt(task) {
   let prompt = "";
   prompt += `You are executing a task dispatched via CV-Hub.
@@ -4235,11 +4324,13 @@ async function launchAutoApproveMode(prompt, options) {
       const child = (0, import_node_child_process2.spawn)("claude", args, {
         cwd: options.cwd,
         stdio: ["inherit", "pipe", "pipe"],
-        env: { ...process.env }
+        env: options.spawnEnv || { ...process.env }
       });
       _activeChild = child;
       let stderr = "";
       let lineBuffer = "";
+      let authFailure = false;
+      const spawnTime = Date.now();
       child.stdout?.on("data", (data) => {
         const text = data.toString();
         process.stdout.write(data);
@@ -4247,6 +4338,23 @@ async function launchAutoApproveMode(prompt, options) {
         if (fullOutput.length > MAX_OUTPUT_BYTES) {
           fullOutput = fullOutput.slice(-MAX_OUTPUT_BYTES);
         }
+        if (Date.now() - spawnTime < 1e4) {
+          const authError = containsAuthError(fullOutput + stderr);
+          if (authError) {
+            authFailure = true;
+            console.log(`
+${source_default.red("!")} Claude Code auth failure detected: "${authError}"`);
+            console.log(source_default.yellow(`  Killing process \u2014 it won't recover without re-authentication.`));
+            if (options.machineName) {
+              console.log(source_default.cyan(`  Fix: SSH into ${options.machineName} and run: claude /login`));
+            }
+            try {
+              child.kill("SIGTERM");
+            } catch {
+            }
+            return;
+          }
+        }
         if (options.creds && options.taskId) {
           lineBuffer += text;
           const lines = lineBuffer.split("\n");
@@ -4289,12 +4397,30 @@ async function launchAutoApproveMode(prompt, options) {
         }
       });
       child.stderr?.on("data", (data) => {
-        stderr += data.toString();
+        const text = data.toString();
+        stderr += text;
         process.stderr.write(data);
+        if (Date.now() - spawnTime < 1e4 && !authFailure) {
+          const authError = containsAuthError(text);
+          if (authError) {
+            authFailure = true;
+            console.log(`
+${source_default.red("!")} Claude Code auth failure (stderr): "${authError}"`);
+            try {
+              child.kill("SIGTERM");
+            } catch {
+            }
+          }
+        }
       });
       child.on("close", (code, signal) => {
         _activeChild = null;
-        resolve({ exitCode: signal === "SIGKILL" ? 137 : code ?? 1, stderr, output: fullOutput });
+        resolve({
+          exitCode: signal === "SIGKILL" ? 137 : code ?? 1,
+          stderr,
+          output: fullOutput,
+          authFailure
+        });
       });
       child.on("error", (err) => {
         _activeChild = null;
@@ -4332,13 +4458,15 @@ async function launchRelayMode(prompt, options) {
     const child = (0, import_node_child_process2.spawn)("claude", [], {
       cwd: options.cwd,
       stdio: ["pipe", "pipe", "pipe"],
-      env: { ...process.env }
+      env: options.spawnEnv || { ...process.env }
     });
     _activeChild = child;
     let stderr = "";
     let stdoutBuffer = "";
     let fullOutput = "";
     let lastProgressBytes = 0;
+    let authFailure = false;
+    const spawnTime = Date.now();
     child.stdin?.write(prompt + "\n");
     let lastRedirectCheck = Date.now();
     let lineBuffer = "";
@@ -4350,6 +4478,19 @@ async function launchRelayMode(prompt, options) {
       if (fullOutput.length > MAX_OUTPUT_BYTES) {
         fullOutput = fullOutput.slice(-MAX_OUTPUT_BYTES);
       }
+      if (Date.now() - spawnTime < 1e4 && !authFailure) {
+        const authError = containsAuthError(fullOutput + stderr);
+        if (authError) {
+          authFailure = true;
+          console.log(`
+${source_default.red("!")} Claude Code auth failure detected: "${authError}"`);
+          try {
+            child.kill("SIGTERM");
+          } catch {
+          }
+          return;
+        }
+      }
       lineBuffer += text;
       const lines = lineBuffer.split("\n");
       lineBuffer = lines.pop() ?? "";
@@ -4490,13 +4631,25 @@ async function launchRelayMode(prompt, options) {
       const text = data.toString();
       stderr += text;
       process.stderr.write(data);
+      if (Date.now() - spawnTime < 1e4 && !authFailure) {
+        const authError = containsAuthError(text);
+        if (authError) {
+          authFailure = true;
+          console.log(`
+${source_default.red("!")} Claude Code auth failure (stderr): "${authError}"`);
+          try {
+            child.kill("SIGTERM");
+          } catch {
+          }
+        }
+      }
     });
     child.on("close", (code, signal) => {
       _activeChild = null;
       if (signal === "SIGKILL") {
-        resolve({ exitCode: 137, stderr, output: fullOutput });
+        resolve({ exitCode: 137, stderr, output: fullOutput, authFailure });
       } else {
-        resolve({ exitCode: code ?? 1, stderr, output: fullOutput });
+        resolve({ exitCode: code ?? 1, stderr, output: fullOutput, authFailure });
       }
     });
     child.on("error", (err) => {
@@ -4606,6 +4759,26 @@ async function runAgent(options) {
     console.log();
     process.exit(1);
   }
+  const { env: claudeEnv, usingApiKey } = await getClaudeEnv();
+  const authCheck = await checkClaudeAuth();
+  let currentAuthStatus = authCheck.status;
+  if (authCheck.status === "expired") {
+    if (usingApiKey) {
+      console.log(source_default.yellow("!") + " Claude Code OAuth expired, but API key fallback is configured.");
+      currentAuthStatus = "api_key_fallback";
+    } else {
+      console.log();
+      console.log(source_default.red("Claude Code auth expired: ") + source_default.yellow(authCheck.error || "unknown"));
+      console.log(`   Fix: Run ${source_default.cyan("claude /login")} to re-authenticate.`);
+      console.log(`   Alternative: ${source_default.cyan("cva auth set-api-key sk-ant-...")} for API key fallback.`);
+      console.log();
+      console.log(source_default.gray("Agent will start but pause task claims until auth is resolved."));
+      console.log();
+    }
+  } else if (usingApiKey) {
+    console.log(source_default.gray("   Using Anthropic API key from config as fallback."));
+    currentAuthStatus = "api_key_fallback";
+  }
   try {
     (0, import_node_child_process2.execSync)("cv --version", { stdio: "pipe", timeout: 5e3 });
   } catch {
@@ -4672,7 +4845,9 @@ async function runAgent(options) {
     failedCount: 0,
     lastPoll: Date.now(),
     lastTaskEnd: Date.now(),
-    running: true
+    running: true,
+    authStatus: currentAuthStatus,
+    machineName
   };
   installSignalHandlers(
     () => state,
@@ -4683,13 +4858,26 @@ async function runAgent(options) {
   );
   while (state.running) {
     try {
+      if (state.authStatus === "expired") {
+        const recheck = await checkClaudeAuth();
+        if (recheck.status === "authenticated") {
+          state.authStatus = "authenticated";
+          console.log(`
+${source_default.green("\u2713")} Claude Code auth restored. Resuming task claims.`);
+        } else {
+          sendHeartbeat(creds, state.executorId, void 0, void 0, state.authStatus).catch(() => {
+          });
+          await new Promise((r) => setTimeout(r, pollInterval));
+          continue;
+        }
+      }
       const task = await withRetry(
         () => pollForTask(creds, state.executorId),
         "Task poll"
       );
       state.lastPoll = Date.now();
       if (task) {
-        await executeTask(task, state, creds, options);
+        await executeTask(task, state, creds, options, claudeEnv);
       } else {
         updateStatusLine(
           formatDuration(Date.now() - state.lastTaskEnd),
@@ -4705,7 +4893,7 @@ ${source_default.red("!")} Error: ${err.message}`);
     await new Promise((r) => setTimeout(r, pollInterval));
   }
 }
-async function executeTask(task, state, creds, options) {
+async function executeTask(task, state, creds, options, claudeEnv) {
   const startTime = Date.now();
   state.currentTaskId = task.id;
   if (task.task_type === "_system_update") {
@@ -4733,7 +4921,7 @@ async function executeTask(task, state, creds, options) {
     try {
       const elapsed = formatDuration(Date.now() - startTime);
       setTerminalTitle(`cva: ${task.title} (${elapsed})`);
-      await sendHeartbeat(creds, state.executorId, task.id, `Claude Code running (${elapsed} elapsed)`);
+      await sendHeartbeat(creds, state.executorId, task.id, `Claude Code running (${elapsed} elapsed)`, state.authStatus);
     } catch {
     }
   }, 3e4);
@@ -4767,14 +4955,18 @@ ${source_default.red("Timeout")} Task timed out after ${formatDuration(timeoutMs
         cwd: options.workingDir,
         creds,
         taskId: task.id,
-        executorId: state.executorId
+        executorId: state.executorId,
+        spawnEnv: claudeEnv,
+        machineName: state.machineName
       });
     } else {
       result = await launchRelayMode(prompt, {
         cwd: options.workingDir,
         creds,
         executorId: state.executorId,
-        taskId: task.id
+        taskId: task.id,
+        spawnEnv: claudeEnv,
+        machineName: state.machineName
       });
     }
     console.log(source_default.gray("\n" + "-".repeat(60)));
@@ -4849,6 +5041,31 @@ ${source_default.red("Timeout")} Task timed out after ${formatDuration(timeoutMs
       } catch {
       }
       state.failedCount++;
+    } else if (result.authFailure) {
+      const authErrorStr = containsAuthError(result.output + result.stderr) || "auth failure";
+      const hasApiKey = !!claudeEnv?.ANTHROPIC_API_KEY;
+      const authMsg = buildAuthFailureMessage(authErrorStr, state.machineName, hasApiKey);
+      sendTaskLog(creds, state.executorId, task.id, "error", authMsg);
+      console.log();
+      console.log(`\u{1F511} ${source_default.bold.red("AUTH FAILED")} \u2014 Claude Code is not authenticated`);
+      console.log(source_default.yellow(`   ${authMsg.replace(/\n/g, "\n   ")}`));
+      postTaskEvent(creds, task.id, {
+        event_type: "auth_failure",
+        content: {
+          error: authErrorStr,
+          machine: state.machineName,
+          fix_command: `claude /login`,
+          api_key_configured: hasApiKey
+        }
+      }).catch(() => {
+      });
+      await withRetry(
+        () => failTask(creds, state.executorId, task.id, authMsg),
+        "Report auth failure"
+      );
+      state.failedCount++;
+      state.authStatus = "expired";
+      console.log(source_default.yellow("   Pausing task claims until auth is restored."));
     } else {
       const stderrTail = result.stderr.trim().slice(-500);
       sendTaskLog(
@@ -4978,11 +5195,35 @@ async function authStatus() {
     console.log(`Status: ${source_default.red("unreachable")} (${err.message})`);
   }
 }
+async function authSetApiKey(key) {
+  if (!key.startsWith("sk-ant-")) {
+    console.log(source_default.red("Invalid API key.") + " Anthropic API keys start with sk-ant-");
+    process.exit(1);
+  }
+  const config = await readConfig();
+  config.anthropic_api_key = key;
+  await writeConfig(config);
+  const masked = key.substring(0, 10) + "..." + key.slice(-4);
+  console.log(source_default.green("API key saved") + ` (${masked})`);
+  console.log(source_default.gray("This key will be used as fallback when Claude Code OAuth expires."));
+}
+async function authRemoveApiKey() {
+  const config = await readConfig();
+  if (!config.anthropic_api_key) {
+    console.log(source_default.yellow("No API key configured."));
+    return;
+  }
+  delete config.anthropic_api_key;
+  await writeConfig(config);
+  console.log(source_default.green("API key removed."));
+}
 function authCommand() {
   const cmd = new Command("auth");
   cmd.description("Manage CV-Hub authentication");
   cmd.command("login").description("Authenticate with CV-Hub using a PAT token").option("--token <token>", "PAT token (or enter interactively)").option("--api-url <url>", "CV-Hub API URL", "https://api.hub.controlvector.io").action(authLogin);
   cmd.command("status").description("Show current authentication status").action(authStatus);
+  cmd.command("set-api-key").description("Set Anthropic API key as fallback for Claude Code OAuth").argument("<key>", "Anthropic API key (sk-ant-...)").action(authSetApiKey);
+  cmd.command("remove-api-key").description("Remove stored Anthropic API key").action(authRemoveApiKey);
   return cmd;
 }
 
@@ -5203,7 +5444,7 @@ function statusCommand() {
 
 // src/index.ts
 var program2 = new Command();
-program2.name("cva").description("CV-Hub Agent \u2014 bridges Claude Code with CV-Hub task dispatch").version(true ? "1.3.0" : "1.1.0");
+program2.name("cva").description("CV-Hub Agent \u2014 bridges Claude Code with CV-Hub task dispatch").version(true ? "1.4.0" : "1.1.0");
 program2.addCommand(agentCommand());
 program2.addCommand(authCommand());
 program2.addCommand(remoteCommand());