@f-o-h/cli 0.1.57 → 0.1.59

package/dist/foh.js

@@ -32853,7 +32853,7 @@ var StdioServerTransport = class {
 };
 
 // src/lib/cli-version.ts
-var CLI_VERSION = "0.1.57";
+var CLI_VERSION = "0.1.59";
 
 // src/commands/mcp-serve.ts
 var DEFAULT_TIMEOUT_MS = 12e4;
@@ -39244,6 +39244,7 @@ function readExternalAgentMetadata(runDir) {
 }
 
 // src/lib/external-agent-executor.ts
+var GEMINI_HEADLESS_PROBE_TIMEOUT_MS = 15e3;
 var CODEX_EXECUTOR_DENIED_ENV_PREFIXES = [
   "SUPABASE_",
   "DATABASE_",
@@ -39411,11 +39412,16 @@ function readBatch(batchPath) {
   return parsed;
 }
 function defaultRunnerProbe(command, args) {
+  const isGeminiHeadlessSmoke = args.includes("FOH_GEMINI_HEADLESS_PROBE");
+  const spawnOptions = {
+    encoding: "utf8",
+    timeout: isGeminiHeadlessSmoke ? GEMINI_HEADLESS_PROBE_TIMEOUT_MS : void 0
+  };
   const result = process.platform === "win32" && command.toLowerCase().endsWith(".cmd") ? (0, import_child_process4.spawnSync)(
     "powershell.exe",
     ["-NoLogo", "-NoProfile", "-ExecutionPolicy", "Bypass", "-Command", `& ${[command, ...args].map(quotePowerShellArg).join(" ")}`],
-    { encoding: "utf8" }
-  ) : (0, import_child_process4.spawnSync)(command, args, { encoding: "utf8" });
+    spawnOptions
+  ) : (0, import_child_process4.spawnSync)(command, args, spawnOptions);
   return {
     status: typeof result.status === "number" ? result.status : null,
     stdout: String(result.stdout || ""),
@@ -39423,6 +39429,9 @@ function defaultRunnerProbe(command, args) {
     error: result.error
   };
 }
+function geminiCapacityUnavailable(text) {
+  return /MODEL_CAPACITY_EXHAUSTED|RESOURCE_EXHAUSTED|No capacity available|rateLimitExceeded|exhausted your capacity|status 429/i.test(text);
+}
 function quotePowerShellArg(value) {
   return `'${value.replace(/'/g, "''")}'`;
 }
@@ -39562,15 +39571,14 @@ ${yoloHelp.stderr}`;
   };
 }
 function validateGeminiRunner(options) {
+  const geminiSandboxMode = normalizeGeminiSandboxMode(options.geminiSandboxMode);
   const execArgs = [
     "--approval-mode",
     "yolo",
-    "--sandbox",
     "--output-format",
-    "stream-json",
-    "--prompt",
-    "Execute the FOH external-agent prompt supplied on stdin."
+    "stream-json"
   ];
+  if (geminiSandboxMode === "required") execArgs.splice(2, 0, "--sandbox");
   if (options.skipRunnerProbe) {
     return {
       runner: "gemini",
@@ -39584,6 +39592,9 @@ function validateGeminiRunner(options) {
       supportsYoloAlias: null,
       yoloPolicy: "not_checked",
       supportsGeminiHeadless: true,
+      supportsGeminiSandbox: geminiSandboxMode === "required",
+      geminiSandboxMode,
+      headlessInvocationChecked: false,
       automationMode: "gemini-yolo",
       globalArgs: [],
       execArgs
@@ -39603,7 +39614,8 @@ ${version2.stderr}`.trim() || null;
   }
   const helpText = `${help.stdout}
 ${help.stderr}`;
-  const requiredFlags = ["--prompt", "--approval-mode", "--sandbox", "--output-format"];
+  const requiredFlags = ["--approval-mode", "--output-format"];
+  if (geminiSandboxMode === "required") requiredFlags.push("--sandbox");
   const missing = requiredFlags.filter((flag) => !helpText.includes(flag));
   if (missing.length > 0) {
     throw new ExternalAgentExecutorError(
@@ -39611,6 +39623,39 @@ ${help.stderr}`;
       `Gemini runner is missing required headless flag(s): ${missing.join(", ")}`
     );
   }
+  const smoke = probe(probeCommand, [...execArgs, "FOH_GEMINI_HEADLESS_PROBE"]);
+  const smokeText = `${smoke.stdout}
+${smoke.stderr}`;
+  if (/Cannot use both a positional prompt and the --prompt/i.test(smokeText)) {
+    throw new ExternalAgentExecutorError(
+      "external_agent_runner_headless_probe_failed",
+      "Gemini runner rejected the planned headless invocation before auth."
+    );
+  }
+  if (/GEMINI_SANDBOX.*failed|failed to determine command for sandbox|install docker or podman/i.test(smokeText)) {
+    throw new ExternalAgentExecutorError(
+      "external_agent_runner_sandbox_unavailable",
+      "Gemini runner sandbox is unavailable on this host. Install/configure Docker/Podman or rerun only on an externally isolated host with --gemini-sandbox-mode disabled."
+    );
+  }
+  if (geminiCapacityUnavailable(smokeText)) {
+    throw new ExternalAgentExecutorError(
+      "external_agent_runner_capacity_unavailable",
+      "Gemini runner reached the provider but the selected model has no available capacity. Retry later or configure a supported lower-contention Gemini model before live eval."
+    );
+  }
+  if (smoke.error || smoke.status !== 0 && !/Auth method|GEMINI_API_KEY|GOOGLE_GENAI_USE_VERTEXAI|GOOGLE_GENAI_USE_GCA/i.test(smokeText)) {
+    if (smoke.error?.code === "ETIMEDOUT") {
+      throw new ExternalAgentExecutorError(
+        "external_agent_runner_headless_probe_timed_out",
+        "Gemini runner headless invocation probe timed out before reaching an auth boundary or provider response."
+      );
+    }
+    throw new ExternalAgentExecutorError(
+      "external_agent_runner_headless_probe_failed",
+      "Gemini runner headless invocation probe failed before reaching an auth boundary."
+    );
+  }
   return {
     runner: "gemini",
     binaryChecked: true,
@@ -39623,6 +39668,9 @@ ${help.stderr}`;
     supportsYoloAlias: helpText.includes("--yolo"),
     yoloPolicy: helpText.includes("--yolo") ? "observed_not_canonical" : "unsupported",
     supportsGeminiHeadless: true,
+    supportsGeminiSandbox: geminiSandboxMode === "required",
+    geminiSandboxMode,
+    headlessInvocationChecked: true,
     automationMode: "gemini-yolo",
     globalArgs: [],
     execArgs
@@ -39648,6 +39696,14 @@ function normalizeCodexSandboxMode(value) {
     `Unsupported Codex sandbox mode: ${value}. Use workspace-write or danger-full-access.`
   );
 }
+function normalizeGeminiSandboxMode(value) {
+  const normalized = (value || "required").trim().toLowerCase();
+  if (normalized === "required" || normalized === "disabled") return normalized;
+  throw new ExternalAgentExecutorError(
+    "invalid_gemini_sandbox_mode",
+    `Unsupported Gemini sandbox mode: ${value}. Use required or disabled.`
+  );
+}
 function codexConfigArgs(input) {
   const args = [];
   if (input.backend === "legacy-landlock") {
@@ -39798,7 +39854,12 @@ function createExternalAgentExecutorPlan(options) {
         selected_automation_mode: runnerProbe.automationMode,
         canonical_command_policy: "explicit-flags",
         yolo_policy: runnerProbe.yoloPolicy,
-        ...runnerProbe.runner === "gemini" ? { supports_gemini_headless: runnerProbe.supportsGeminiHeadless } : {}
+        ...runnerProbe.runner === "gemini" ? {
+          supports_gemini_headless: runnerProbe.supportsGeminiHeadless,
+          supports_gemini_sandbox: runnerProbe.supportsGeminiSandbox,
+          gemini_sandbox_mode: runnerProbe.geminiSandboxMode,
+          headless_invocation_checked: runnerProbe.headlessInvocationChecked
+        } : {}
       },
       runner_automation_mode: runnerProbe.automationMode,
       codex_automation_mode: runner === "codex" ? runnerProbe.automationMode : null,
@@ -40276,6 +40337,34 @@ function executorRecoveryCommands(reasonCode, runner) {
       "Upgrade or reinstall the runner CLI on the isolated eval host, then rerun the dry-run executor plan."
     ];
   }
+  if (reasonCode === "external_agent_runner_sandbox_unavailable") {
+    return [
+      "gemini --version",
+      "gemini --help",
+      "Install/configure Docker or Podman for Gemini sandboxing, or rerun only on an externally isolated host with `--gemini-sandbox-mode disabled` after confirming no private repo or runtime secrets are present."
+    ];
+  }
+  if (reasonCode === "external_agent_runner_headless_probe_failed") {
+    return [
+      `${normalizedRunner} --version`,
+      `${normalizedRunner} --help`,
+      "Upgrade, downgrade, or reconfigure the runner CLI until the planned non-interactive invocation reaches an auth boundary without parser errors."
+    ];
+  }
+  if (reasonCode === "external_agent_runner_headless_probe_timed_out") {
+    return [
+      `${normalizedRunner} --version`,
+      `${normalizedRunner} --help`,
+      "Retry the dry-run once. If it repeats, reduce the probe/model contention or use a different subscribed runner before launching live evals."
+    ];
+  }
+  if (reasonCode === "external_agent_runner_capacity_unavailable") {
+    return [
+      "gemini --version",
+      "gemini --help",
+      "Retry after the Gemini capacity window resets, or configure a supported lower-contention Gemini model before rerunning the same executor dry-run."
+    ];
+  }
   return [
     "Fix the executor plan input or workspace path and rerun with --dry-run."
   ];
@@ -40586,7 +40675,7 @@ Exit the shell to finalize run.json.
     }), { json: Boolean(opts.json) });
     if (!report.ok) process.exitCode = 1;
   });
-  external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-sandbox-mode <mode>", "Codex sandbox mode: workspace-write|danger-full-access", "workspace-write").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
+  external.command("execute").description("Create a guarded dry-run executor plan for programmable external-agent runners").requiredOption("--batch <path>", "Path to external_agent_batch_plan.v1 batch.json").option("--runner <runner>", "Runner implementation", "codex").option("--workspace-root <path>", "Clean executor workspace root; must be outside the private repo").option("--private-repo-root <path>", "Private repository root to guard against").option("--timeout-minutes <minutes>", "Per-run timeout planned for future execution", "30").option("--codex-sandbox-backend <backend>", "Codex sandbox backend override: default|legacy-landlock", "default").option("--codex-sandbox-mode <mode>", "Codex sandbox mode: workspace-write|danger-full-access", "workspace-write").option("--codex-network-access", "Allow Codex workspace-write sandbox network access for public docs/npm probes").option("--gemini-sandbox-mode <mode>", "Gemini sandbox mode: required|disabled", "required").option("--skip-runner-probe", "Skip local runner binary/help probing").option("--dry-run", "Write the executor plan without launching the runner", true).option("--live", "Launch one controlled external-agent run after writing the guarded plan").option("--json", "Output as JSON").action(async (opts) => {
     try {
       const plan = createExternalAgentExecutorPlan({
         batchPath: String(opts.batch),
@@ -40597,6 +40686,7 @@ Exit the shell to finalize run.json.
         codexSandboxBackend: String(opts.codexSandboxBackend || "default"),
         codexSandboxMode: String(opts.codexSandboxMode || "workspace-write"),
         codexNetworkAccess: Boolean(opts.codexNetworkAccess),
+        geminiSandboxMode: String(opts.geminiSandboxMode || "required"),
         skipRunnerProbe: Boolean(opts.skipRunnerProbe),
         cwd: process.cwd()
       });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@f-o-h/cli",
-  "version": "0.1.57",
+  "version": "0.1.59",
   "description": "FOH CLI - AI-operator provisioning tool for Front Of House",
   "license": "UNLICENSED",
   "bin": {