@f-o-h/cli 0.1.41 → 0.1.42

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/foh.js +15 -4
  2. package/package.json +1 -1
package/dist/foh.js CHANGED
@@ -32801,7 +32801,7 @@ var StdioServerTransport = class {
32801
32801
  };
32802
32802
 
32803
32803
  // src/lib/cli-version.ts
32804
- var CLI_VERSION = "0.1.41";
32804
+ var CLI_VERSION = "0.1.42";
32805
32805
 
32806
32806
  // src/commands/mcp-serve.ts
32807
32807
  var DEFAULT_TIMEOUT_MS = 12e4;
@@ -39123,6 +39123,14 @@ function normalizeCodexSandboxBackend(value) {
39123
39123
  `Unsupported Codex sandbox backend: ${value}. Use default or legacy-landlock.`
39124
39124
  );
39125
39125
  }
39126
+ function normalizeCodexSandboxMode(value) {
39127
+ const normalized = (value || "workspace-write").trim().toLowerCase();
39128
+ if (normalized === "workspace-write" || normalized === "danger-full-access") return normalized;
39129
+ throw new ExternalAgentExecutorError(
39130
+ "invalid_codex_sandbox_mode",
39131
+ `Unsupported Codex sandbox mode: ${value}. Use workspace-write or danger-full-access.`
39132
+ );
39133
+ }
39126
39134
  function codexConfigArgs(input) {
39127
39135
  const args = [];
39128
39136
  if (input.backend === "legacy-landlock") {
@@ -39161,6 +39169,7 @@ function createExternalAgentExecutorPlan(options) {
39161
39169
  const batch = readBatch(batchPath);
39162
39170
  const runnerProbe = validateCodexRunner(options);
39163
39171
  const codexSandboxBackend = normalizeCodexSandboxBackend(options.codexSandboxBackend);
39172
+ const codexSandboxMode = normalizeCodexSandboxMode(options.codexSandboxMode);
39164
39173
  const codexNetworkAccess = options.codexNetworkAccess === true;
39165
39174
  const privateRepoRoot = (0, import_path12.resolve)(options.privateRepoRoot || options.cwd || process.cwd());
39166
39175
  const workspaceRoot = resolveWorkspaceRoot({ batchPath, workspaceRoot: options.workspaceRoot, privateRepoRoot });
@@ -39212,7 +39221,7 @@ function createExternalAgentExecutorPlan(options) {
39212
39221
  "--ephemeral",
39213
39222
  "--ignore-rules",
39214
39223
  "--sandbox",
39215
- "workspace-write",
39224
+ codexSandboxMode,
39216
39225
  ...runnerProbe.execArgs,
39217
39226
  "--json",
39218
39227
  "--output-last-message",
@@ -39260,6 +39269,7 @@ function createExternalAgentExecutorPlan(options) {
39260
39269
  required_flags_checked: runnerProbe.requiredFlagsChecked
39261
39270
  },
39262
39271
  codex_automation_mode: runnerProbe.automationMode,
39272
+ codex_sandbox_mode: codexSandboxMode,
39263
39273
  codex_sandbox_backend: codexSandboxBackend,
39264
39274
  codex_network_access: codexNetworkAccess
39265
39275
  },
@@ -39367,7 +39377,7 @@ ${stderr}`;
39367
39377
  if (/(?:blocked|rejected|declined) by policy|EXEC_POLICY_BLOCKED|command execution was rejected|shell commands were rejected/i.test(combined)) {
39368
39378
  return { status: "hold", reasonCode: "codex_exec_policy_blocked" };
39369
39379
  }
39370
- if (/bwrap:.*(?:RTM_NEWADDR|Operation not permitted)|bubblewrap.*(?:RTM_NEWADDR|Operation not permitted)|Failed RTM_NEWADDR|ENV_SANDBOX_EXEC_BLOCKED/i.test(combined)) {
39380
+ if (/bwrap:.*(?:RTM_NEWADDR|Operation not permitted|setting up uid map: Permission denied)|bubblewrap.*(?:RTM_NEWADDR|Operation not permitted|setting up uid map: Permission denied)|Failed RTM_NEWADDR|ENV_SANDBOX_EXEC_BLOCKED|permission profiles requiring direct runtime enforcement are incompatible with --use-legacy-landlock|legacy[_ -]?landlock.*incompatible/i.test(combined)) {
39371
39381
  return { status: "hold", reasonCode: "codex_sandbox_exec_blocked" };
39372
39382
  }
39373
39383
  if (/ENV_NETWORK_DNS_BLOCK|Could not resolve host|npm ping.*timeout|NO_EXECUTABLE_INSTALL/i.test(combined)) {
@@ -39890,7 +39900,7 @@ Exit the shell to finalize run.json.
39890
39900
  }), { json: Boolean(opts.json) });
39891
39901
  if (!report.ok) process.exitCode = 1;
39892
39902
  });
39893
- external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
39903
+ external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-sandbox-mode <mode>", "Codex sandbox mode: workspace-write|danger-full-access", "workspace-write").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
39894
39904
  try {
39895
39905
  const plan = createExternalAgentExecutorPlan({
39896
39906
  batchPath: String(opts.batch),
@@ -39899,6 +39909,7 @@ Exit the shell to finalize run.json.
39899
39909
  privateRepoRoot: opts.privateRepoRoot ? String(opts.privateRepoRoot) : void 0,
39900
39910
  timeoutMinutes: Number(opts.timeoutMinutes || 30),
39901
39911
  codexSandboxBackend: String(opts.codexSandboxBackend || "default"),
39912
+ codexSandboxMode: String(opts.codexSandboxMode || "workspace-write"),
39902
39913
  codexNetworkAccess: Boolean(opts.codexNetworkAccess),
39903
39914
  skipRunnerProbe: Boolean(opts.skipRunnerProbe),
39904
39915
  cwd: process.cwd()
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@f-o-h/cli",
3
- "version": "0.1.41",
3
+ "version": "0.1.42",
4
4
  "description": "FOH CLI - AI-operator provisioning tool for Front Of House",
5
5
  "license": "UNLICENSED",
6
6
  "bin": {