@damn-dev/cli 0.19.2 → 0.19.4

package/README.md

@@ -5,10 +5,13 @@ Self-hosted workspace OS for human + AI agent collaboration.
 ## Install
 
 ```sh
-npm install -g @damn-dev/cli
+pnpm add -g @damn-dev/cli
 ```
 
-This installs the `damn-dev` command. Requires **Node.js 18+**.
+This installs the `damn-dev` command. Requires **Node.js 22+**. Install with
+**pnpm**, not npm — a native dependency (`impit`, pulled in by browser-builtin)
+ships an `only-allow pnpm` guard that fails npm-based installs. If you don't have
+pnpm, `corepack enable pnpm` (bundled with Node 22) provides it.
 
 You will also need **OpenClaw** (the agent runtime):
 
@@ -62,7 +65,7 @@ From the CLI:
 
 ```sh
 damn-dev stop
-npm install -g @damn-dev/cli@latest
+pnpm add -g @damn-dev/cli@latest
 damn-dev start
 ```
 

package/lib/commands/start.js

@@ -53,7 +53,7 @@ function run(args) {
   if (!fs.existsSync(BACKEND_ENTRY)) {
     console.error(`[damn.dev] Bundled backend not found at ${BACKEND_ENTRY}.`)
     console.error('[damn.dev] This usually means the package was installed from a broken tarball.')
-    console.error('[damn.dev] Try: npm install -g @damn-dev/cli@latest')
+    console.error('[damn.dev] Try: pnpm add -g @damn-dev/cli@latest')
     process.exit(1)
   }
   if (!fs.existsSync(PRISMA_SCHEMA)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@damn-dev/cli",
-  "version": "0.19.2",
+  "version": "0.19.4",
   "description": "damn.dev — self-hosted workspace OS for human + AI agent collaboration.",
   "license": "Apache-2.0",
   "homepage": "https://damn.dev",

package/runtime/apps/backend/dist/resources/coo/WORKSPACE_GUIDE.md

@@ -275,6 +275,36 @@ When `Settings → Workspace → Test Mode` is ON:
 When the user turns Test Mode off, the `## Testing Mode` section is cleanly
 removed from every agent's `AGENTS.md`.
 
+## Oversight (Trace · Policy · Pending)
+
+The operator/CISO governance surface, at the **Oversight** icon in the sidebar
+(a speedometer/gauge). One page, three tabs:
+
+- **Pending** — the live approval queue (what needs a human decision now). Filter
+  by agent. This replaces the old standalone "Approvals" panel.
+- **Trace** — the immutable, tamper-evident **audit log**: every meaningful action
+  recorded with who/what/when. Captures agent work (shell commands), approval
+  decisions, and **configuration changes** (agent created/edited/deleted, abilities
+  enabled/disabled, policy changes) — config changes are flagged as the **drift
+  signal**. Filter by category or by agent; export as NDJSON for an auditor; an
+  integrity badge confirms the chain hasn't been tampered with. It is the system
+  of record — "what are the agents set up to do, what did they actually do, and
+  what changed."
+- **Policy** — the CISO-configurable governance policy (what employees and their
+  agents may do): which actions employees can self-approve vs. escalate,
+  capabilities (shell/browsing/external messaging), keep-sensitive-data-on-local-
+  models, visibility, budgets, agent lifecycle. Pick a template (Regulated /
+  Standard / Open) and tune. Granular auto-approve rules live here too.
+
+**Who sees what.** Oversight is visible to everyone but role-scoped: **operators**
+(owner/admin) see the whole workspace, edit policy, export, and verify; **daily
+users** (members) see *their own* activity in Trace and a *read-only* Policy. The
+boundary is enforced server-side, not just hidden in the UI.
+
+When the user asks "what did my agents do?", "did anything change/drift?", "who
+approved X?", or "what are employees allowed to do?", point them to **Oversight**.
+This is damn.dev's enterprise governance layer and a core differentiator.
+
 ## Skills
 Three sources:
 - **ClawHub** — community marketplace. Browse and install from the Skills page.
@@ -938,9 +968,11 @@ on another machine, point them at the right one:
 - **Docker** (recommended for most users) — `curl -fsSL install.damn.dev/docker | bash`.
   Native backend + Dockerized OpenClaw. Works on macOS, Linux. Auto-updates
   via in-app banner.
-- **npm** (devs who have Node 18+) — `curl -fsSL install.damn.dev/npm | bash` or
-  `npm install -g @damn-dev/cli` then `damn-dev start`. `@damn-dev/cli` is the
-  canonical npm package; the binary is `damn-dev`. Auto-updates via in-app banner.
+- **npm** (devs who have Node 22+) — `curl -fsSL install.damn.dev/npm | bash` or,
+  manually, `pnpm add -g @damn-dev/cli` then `damn-dev start`. Install with **pnpm**,
+  not npm: a native dependency (`impit`, via browser-builtin) ships an `only-allow
+  pnpm` guard that fails npm-based installs. `@damn-dev/cli` is the canonical
+  package; the binary is `damn-dev`. Auto-updates via in-app banner.
 - **Tauri desktop app** — download the DMG (macOS) / deb / rpm from
   https://github.com/LethoDeter/damn-dev-install/releases/latest. Native app
   with system tray, in-app updater polls for new releases automatically.
@@ -977,8 +1009,9 @@ the rest is automatic.
   as the network heals.
 - **Per-step failure messages.** When an update fails, the banner shows WHICH
   step failed (e.g. `Step 'compose-pull' failed: <stderr>`). Common diagnoses:
-  - `npm-install-cli` failure → user's npm prefix likely needs sudo (Mac default
-    `/usr/local`); they should `npm config set prefix ~/.npm-global` once.
+  - `pnpm-install-cli` failure → pnpm/corepack couldn't install the CLI. Confirm
+    `corepack` is available (it ships with Node 22; `corepack enable` if not) and
+    that pnpm's global bin dir is on PATH.
   - `compose-pull` failure → Docker daemon unreachable or network timeout. Have
     them confirm `docker info` works.
   - `compose-up` failure → port conflict or compose syntax issue. `docker