@f-o-h/cli 0.1.13 → 0.1.15

package/README.md

@@ -4,7 +4,7 @@ AI-operator provisioning CLI for Front Of House.
 
 Public mirror: https://github.com/iiko38/front-of-house-cli
 
-Current published baseline: `@f-o-h/cli@0.1.13`
+Current published baseline: `@f-o-h/cli@0.1.15`
 
 This mirror is a generated release artifact. The private product monorepo is not
 published here, and no open-source license is granted unless stated separately.
@@ -62,15 +62,22 @@ foh auth login --email "$FOH_EMAIL" --password "$FOH_PASSWORD" --json
 foh org list --json
 foh org use --org <org-id> --json
 foh setup --org <org-id> --agent-template <template-id> --agent-name "Demo Agent" --json
-foh prove --agent <agent-id> --json --out foh-proof.json
-foh test run --suite ./suite.yml --agent <agent-id> --json --out foh-test-report.json
-foh agent replay --file ./transcript-export.json --json
-foh bug improve --from-file foh-proof.json --out foh-improvement.json --json
-```
-
-`auth signup --web` opens the console signup page when possible and always
-prints the fallback URL. `auth login --web` starts browser device
-authorization, opens `/cli-auth`, waits for console approval, and stores the
+foh prove --agent <agent-id> --json --out foh-proof.json
+foh test run --suite ./suite.yml --agent <agent-id> --json --out foh-test-report.json
+foh agent replay --file ./transcript-export.json --json
+foh bug improve --from-file foh-proof.json --out foh-improvement.json --json
+```
+
+Trusted server-side automation can use a scoped service token without browser
+approval:
+
+```bash
+FOH_SERVICE_TOKEN="$FOH_SERVICE_TOKEN" FOH_ORG_ID="$FOH_ORG_ID" foh auth whoami --json
+```
+
+`auth signup --web` opens the console signup page when possible and always
+prints the fallback URL. `auth login --web` starts browser device
+authorization, opens `/cli-auth`, waits for console approval, and stores the
 returned short-lived token. Credential auth remains available as fallback.
 
 `foh prove` produces a compact signed proof report across auth, org context,

package/dist/foh.js

@@ -10029,9 +10029,56 @@ function resolveApiBaseUrl(cliOverride) {
   return resolveApiUrlOverride(cliOverride) ?? DEFAULT_FOH_API_URL;
 }
 
+// src/lib/org-id.ts
+function isUsableOrgId(value) {
+  const orgId = String(value ?? "").trim();
+  return Boolean(orgId);
+}
+
 // src/lib/credentials.ts
 var CONFIG_PATH = (0, import_path.join)((0, import_os.homedir)(), ".config", "foh", "credentials.json");
+var SERVICE_TOKEN_ENV = "FOH_SERVICE_TOKEN";
+var ORG_ID_ENV = "FOH_ORG_ID";
+var API_URL_ENV = "FOH_API_URL";
+var TOKEN_EXPIRES_AT_ENV = "FOH_TOKEN_EXPIRES_AT";
+function normalizeEnv(value) {
+  const normalized = String(value ?? "").trim();
+  return normalized ? normalized : void 0;
+}
+function decodeBase64UrlJson(value) {
+  try {
+    const padded = value.replace(/-/g, "+").replace(/_/g, "/").padEnd(Math.ceil(value.length / 4) * 4, "=");
+    return JSON.parse(Buffer.from(padded, "base64").toString("utf8"));
+  } catch {
+    return void 0;
+  }
+}
+function expiryFromJwt(token) {
+  const [, payload] = token.split(".");
+  if (!payload) return void 0;
+  const decoded = decodeBase64UrlJson(payload);
+  const exp = Number(decoded?.exp);
+  if (!Number.isFinite(exp) || exp <= 0) return void 0;
+  return new Date(exp * 1e3).toISOString();
+}
+function fallbackExpiry() {
+  return new Date(Date.now() + 60 * 60 * 1e3).toISOString();
+}
+function credentialsFromEnv(apiUrlOverride, env = process.env) {
+  const token = normalizeEnv(env[SERVICE_TOKEN_ENV]);
+  if (!token) return void 0;
+  const apiUrl = resolveApiUrlOverride(apiUrlOverride) ?? normalizeEnv(env[API_URL_ENV]) ?? DEFAULT_FOH_API_URL;
+  const orgId = normalizeEnv(env[ORG_ID_ENV]);
+  return {
+    apiUrl,
+    token,
+    expiresAt: normalizeEnv(env[TOKEN_EXPIRES_AT_ENV]) ?? expiryFromJwt(token) ?? fallbackExpiry(),
+    ...isUsableOrgId(orgId) ? { orgId } : {}
+  };
+}
 function loadCredentials(apiUrlOverride) {
+  const envCreds = credentialsFromEnv(apiUrlOverride);
+  if (envCreds) return envCreds;
   let creds;
   try {
     const raw = (0, import_fs.readFileSync)(CONFIG_PATH, "utf-8");
@@ -10059,12 +10106,6 @@ function clearCredentials() {
   }
 }
 
-// src/lib/org-id.ts
-function isUsableOrgId(value) {
-  const orgId = String(value ?? "").trim();
-  return Boolean(orgId);
-}
-
 // src/lib/command-runtime.ts
 function markCommandFailed(code = 1) {
   const normalized = Number.isFinite(code) ? Math.max(1, Math.trunc(code)) : 1;
@@ -16034,9 +16075,9 @@ function registerVoice(program3) {
     const outputPath = String(opts.out || `foh-voice-preview-${provider}-${voiceId}.mp3`).trim();
     const audio = Buffer.from(await res.arrayBuffer());
     const { mkdirSync: mkdirSync7, writeFileSync: writeFileSync9 } = await import("fs");
-    const { dirname: dirname5, resolve: resolve12 } = await import("path");
+    const { dirname: dirname6, resolve: resolve12 } = await import("path");
     const absolutePath = resolve12(outputPath);
-    mkdirSync7(dirname5(absolutePath), { recursive: true });
+    mkdirSync7(dirname6(absolutePath), { recursive: true });
     writeFileSync9(absolutePath, audio);
     format({
       status: "ok",
@@ -32640,7 +32681,7 @@ var StdioServerTransport = class {
 };
 
 // src/lib/cli-version.ts
-var CLI_VERSION = "0.1.13";
+var CLI_VERSION = "0.1.15";
 
 // src/commands/mcp-serve.ts
 var DEFAULT_TIMEOUT_MS = 12e4;
@@ -36437,8 +36478,13 @@ function inferReasonCode(artifact) {
   }
   return nonEmpty2(getPath2(artifact, "status"));
 }
-function inferPromotionDecision(sourceType) {
-  if (sourceType === "external_agent_run") return "fix_docs";
+function inferPromotionDecision(sourceType, reasonCode) {
+  const reason = String(reasonCode || "").toLowerCase();
+  if (sourceType === "external_agent_run") {
+    if (reason.includes("exec_policy") || reason.includes("policy_blocked") || reason.includes("auth") || reason.includes("config")) return "fix_config";
+    if (reason.includes("cli") || reason.includes("command") || reason.includes("flag")) return "fix_cli";
+    return "fix_docs";
+  }
   if (sourceType === "knowledge_miss") return "fix_docs";
   if (sourceType === "setup_failure" || sourceType === "proof_failure" || sourceType === "live_proof_failure") return "fix_config";
   if (sourceType === "replay_failure" || sourceType === "runtime_miss") return "add_test";
@@ -36526,7 +36572,6 @@ function readSourceArtifact(path2) {
 function buildImprovementPacket(input) {
   const artifact = input.sourceArtifact ?? null;
   const sourceType = parseEnum(input.sourceType, IMPROVEMENT_SOURCE_TYPES, "--source-type") ?? inferSourceType(artifact);
-  const promotionDecision = parseEnum(input.promotionDecision, IMPROVEMENT_DECISIONS, "--recommendation") ?? inferPromotionDecision(sourceType);
   const ids = collectIds(artifact, input.ids);
   assertOrgBoundary(artifact, input.ids?.org_id);
   const reasonCode = nonEmpty2(input.reasonCode) ?? inferReasonCode(artifact);
@@ -36538,6 +36583,7 @@ function buildImprovementPacket(input) {
       statusCode: 400
     });
   }
+  const promotionDecision = parseEnum(input.promotionDecision, IMPROVEMENT_DECISIONS, "--recommendation") ?? inferPromotionDecision(sourceType, reasonCode);
   const evidenceSummary = redactString(
     nonEmpty2(input.evidenceSummary) ?? nonEmpty2(getPath2(artifact, "summary")) ?? `Improvement candidate generated from ${sourceType} with reason ${reasonCode}.`
   );
@@ -38276,7 +38322,8 @@ var TEXT_ARTIFACT_NAMES = /* @__PURE__ */ new Set([
   "run.json",
   "terminal-transcript.txt"
 ]);
-var SECRET_RE2 = /\b(?:Bearer\s+)?(?:sk|pk|xai|whsec|EAAN|ghp|gho|github_pat|npm_)[A-Za-z0-9_\-.]{12,}\b/gi;
+var SECRET_RE2 = /\b(?:Bearer\s+[A-Za-z0-9_\-.]{12,}|(?:sk|pk|xai|whsec|EAAN|ghp|gho|github_pat)[A-Za-z0-9_\-.]{12,}|npm_[A-Za-z0-9]{20,})\b/g;
+var SECRET_QUERY_PARAM_RE = /\b((?:device_code|access_token|refresh_token|api_key|token)=)[A-Za-z0-9_.~-]{12,}/gi;
 var EMAIL_RE2 = /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi;
 var PHONE_RE2 = /(?<!\w)(?:\+?\d[\d\s().-]{7,}\d)(?!\w)/g;
 function escapeRegExp(value) {
@@ -38303,6 +38350,9 @@ function matchesFor(pattern, text) {
   const matches = text.match(pattern);
   return matches ? matches.length : 0;
 }
+function secretMatches(text) {
+  return matchesFor(SECRET_RE2, text) + matchesFor(SECRET_QUERY_PARAM_RE, text);
+}
 function redactionPatterns(input) {
   return {
     secret: SECRET_RE2,
@@ -38314,11 +38364,14 @@ function redactionPatterns(input) {
 }
 function redactExternalAgentArtifactText(text, input = {}) {
   const patterns = redactionPatterns(input);
-  let redacted = text.replace(patterns.secret, "[redacted_secret]").replace(patterns.email, "[redacted_email]").replace(patterns.phone, "[redacted_phone]");
+  let redacted = redactExternalAgentSecretText(text).replace(patterns.email, "[redacted_email]").replace(patterns.phone, "[redacted_phone]");
   if (patterns.privateRepo) redacted = redacted.replace(patterns.privateRepo, "[redacted_private_repo_path]");
   if (patterns.home) redacted = redacted.replace(patterns.home, "[redacted_home_path]");
   return redacted;
 }
+function redactExternalAgentSecretText(text) {
+  return text.replace(SECRET_QUERY_PARAM_RE, "$1[redacted_secret]").replace(SECRET_RE2, "[redacted_secret]");
+}
 function artifactFiles(runDir) {
   if (!(0, import_fs12.existsSync)(runDir)) return [];
   return (0, import_fs12.readdirSync)(runDir).map((name) => (0, import_path10.join)(runDir, name)).filter((path2) => {
@@ -38338,7 +38391,7 @@ function finding(kind, file2, count) {
 function scanText(input) {
   const patterns = redactionPatterns(input);
   return [
-    finding("secret_like_token", input.file, matchesFor(patterns.secret, input.text)),
+    finding("secret_like_token", input.file, secretMatches(input.text)),
     finding("private_repo_path", input.file, matchesFor(patterns.privateRepo, input.text)),
     finding("local_home_path", input.file, matchesFor(patterns.home, input.text)),
     finding("email_address", input.file, matchesFor(patterns.email, input.text)),
@@ -38478,6 +38531,12 @@ var CHILD_ENV_ALLOWLIST = [
   "USERPROFILE",
   "WINDIR"
 ];
+var EXTERNAL_AGENT_EVAL_AUTH_ENV_MAP = {
+  FOH_EXTERNAL_AGENT_EVAL_TOKEN: "FOH_SERVICE_TOKEN",
+  FOH_EXTERNAL_AGENT_EVAL_ORG_ID: "FOH_ORG_ID",
+  FOH_EXTERNAL_AGENT_EVAL_API_URL: "FOH_API_URL",
+  FOH_EXTERNAL_AGENT_EVAL_TOKEN_EXPIRES_AT: "FOH_TOKEN_EXPIRES_AT"
+};
 var ExternalAgentExecutorError = class extends Error {
   reasonCode;
   constructor(reasonCode, message) {
@@ -38500,6 +38559,12 @@ function buildCodexExecutorEnv(input) {
       env[key] = value;
     }
   }
+  for (const [sourceKey, childKey] of Object.entries(EXTERNAL_AGENT_EVAL_AUTH_ENV_MAP)) {
+    const value = source[sourceKey];
+    if (typeof value === "string" && value.trim() && !isDeniedEnvKey(childKey)) {
+      env[childKey] = value;
+    }
+  }
   env[EXTERNAL_AGENT_RUN_DIR_ENV] = input.runDir;
   env[EXTERNAL_AGENT_PROMPT_VERSION_ENV] = input.promptVersion;
   env.FOH_CLI_SUPPRESS_BANNER = "1";
@@ -38666,7 +38731,6 @@ function createExternalAgentExecutorPlan(options) {
       "--skip-git-repo-check",
       "--ephemeral",
       "--ignore-rules",
-      "--ignore-user-config",
       "--sandbox",
       "workspace-write",
       "--full-auto",
@@ -38739,6 +38803,22 @@ function proofArtifactPasses(runDir) {
 function readIfExists(path2) {
   return (0, import_fs14.existsSync)(path2) ? (0, import_fs14.readFileSync)(path2, "utf8") : "";
 }
+function redactSecretLikeFile(path2) {
+  if (!(0, import_fs14.existsSync)(path2)) return;
+  const original = (0, import_fs14.readFileSync)(path2, "utf8");
+  const redacted = redactExternalAgentSecretText(original);
+  if (redacted !== original) (0, import_fs14.writeFileSync)(path2, redacted, "utf8");
+}
+function redactSecretLikeOutputArtifacts(run) {
+  redactSecretLikeFile(run.outputs.jsonl);
+  redactSecretLikeFile(run.outputs.last_message);
+  redactSecretLikeFile(run.outputs.stderr);
+}
+function copyCommandCaptureArtifacts(input) {
+  const commandLog = (0, import_path12.join)(input.captureDir, "commands.ndjson");
+  if (!(0, import_fs14.existsSync)(commandLog)) return;
+  (0, import_fs14.writeFileSync)((0, import_path12.join)(input.runDir, "commands.ndjson"), (0, import_fs14.readFileSync)(commandLog, "utf8"), "utf8");
+}
 function relativeArtifactName(path2) {
   return (0, import_path12.basename)(path2);
 }
@@ -38752,6 +38832,9 @@ ${stderr}`;
   if (/need[^.\n]*(?:private|source)[^.\n]*repo|cannot[^.\n]*without[^.\n]*(?:private|source)[^.\n]*repo|clone[^.\n]*(?:private|source)[^.\n]*repo/i.test(combined)) {
     return { status: "fail", reasonCode: "private_repo_assumption_detected" };
   }
+  if (/(?:blocked|rejected|declined) by policy|EXEC_POLICY_BLOCKED|command execution was rejected|shell commands were rejected/i.test(combined)) {
+    return { status: "hold", reasonCode: "codex_exec_policy_blocked" };
+  }
   if (/browser|approve|approval|login|auth|sign in/i.test(combined) && !proofArtifactPasses(input.run.run_dir)) {
     return { status: "hold", reasonCode: "auth_browser_approval_required" };
   }
@@ -38816,11 +38899,11 @@ function buildExecutedRunArtifact(input) {
 function spawnCodex(input) {
   return new Promise((resolveRun) => {
     const started = Date.now();
-    const useShell = process.platform === "win32" && input.command.toLowerCase().endsWith(".cmd");
-    const child = (0, import_child_process4.spawn)(input.command, input.args, {
+    const commandInvocation = buildCommandInvocation(input.command, input.args);
+    const child = (0, import_child_process4.spawn)(commandInvocation.command, commandInvocation.args, {
       cwd: input.cwd,
       env: input.env,
-      shell: useShell,
+      shell: false,
       stdio: ["pipe", "pipe", "pipe"],
       windowsHide: true
     });
@@ -38860,15 +38943,24 @@ function spawnCodex(input) {
     });
   });
 }
+function buildCommandInvocation(command, args) {
+  if (process.platform === "win32" && command.toLowerCase().endsWith(".cmd")) {
+    const codexEntrypoint = (0, import_path12.join)((0, import_path12.dirname)(command), "node_modules", "@openai", "codex", "bin", "codex.js");
+    if ((0, import_fs14.existsSync)(codexEntrypoint)) return { command: process.execPath, args: [codexEntrypoint, ...args] };
+  }
+  return { command, args };
+}
 async function executeExternalAgentExecutorPlan(plan, options = {}) {
   const startedAt = (/* @__PURE__ */ new Date()).toISOString();
   const results = [];
   const runnerCommand = options.runnerCommand || resolveCodexExecutionCommand();
   for (const run of plan.runs) {
     const runStartedAt = (/* @__PURE__ */ new Date()).toISOString();
+    const commandCaptureDir = (0, import_path12.join)(run.workspace_dir, ".foh-capture");
+    (0, import_fs14.mkdirSync)(commandCaptureDir, { recursive: true });
     const env = buildCodexExecutorEnv({
       sourceEnv: options.env,
-      runDir: run.run_dir,
+      runDir: commandCaptureDir,
       promptVersion: run.prompt_version
     });
     const spawned = await spawnCodex({
@@ -38881,6 +38973,8 @@ async function executeExternalAgentExecutorPlan(plan, options = {}) {
       stderrPath: run.outputs.stderr,
       timeoutMs: plan.timeout_minutes * 60 * 1e3
     });
+    copyCommandCaptureArtifacts({ captureDir: commandCaptureDir, runDir: run.run_dir });
+    redactSecretLikeOutputArtifacts(run);
     const artifactSafety = scanExternalAgentArtifacts({
       runDir: run.run_dir,
       privateRepoRoot: options.privateRepoRoot || plan.private_repo_root,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@f-o-h/cli",
-  "version": "0.1.13",
+  "version": "0.1.15",
   "description": "FOH CLI - AI-operator provisioning tool for Front Of House",
   "license": "UNLICENSED",
   "bin": {