@fitlab-ai/agent-infra 0.6.2 → 0.6.4

package/dist/lib/sandbox/commands/enter.js

@@ -5,6 +5,8 @@ import { formatCredentialWarnings, formatRemaining, reconcileClaudeCredentials,
 import { runInteractiveEngine, runSafeEngine } from "../shell.js";
 import { resolveTaskBranch } from "../task-resolver.js";
 import { dotfilesCacheDir, materializeDotfiles } from "../dotfiles.js";
+import { runInteractiveWithClipboardBridge } from "../clipboard/bridge.js";
+import { detectHostTimezone } from "../host-timezone.js";
 const USAGE = `Usage: ai sandbox exec <branch> [cmd...]`;
 const TMUX_ENTRY_PATH = '/usr/local/bin/sandbox-tmux-entry';
 // Terminal-detection variables that interactive TUIs (e.g. claude-code)
@@ -28,6 +30,10 @@ export function terminalEnvFlags(env = process.env) {
     }
     return flags;
 }
+export function hostTimezoneEnvFlags(detect = detectHostTimezone) {
+    const tz = detect();
+    return tz ? ['-e', `TZ=${tz}`] : [];
+}
 export function formatCredentialSyncStatus(result, isTTY = process.stderr.isTTY) {
     if (result.status === 'STALE_ACCESS') {
         return 'Warning: Claude Code credentials on host appear stale. Run "ai sandbox refresh" or "claude /login" to renew.\n';
@@ -51,7 +57,7 @@ export function formatCredentialSyncStatus(result, isTTY = process.stderr.isTTY)
     }
     return null;
 }
-export function enter(args) {
+export async function enter(args) {
     if (args.length === 0 || args[0] === '--help' || args[0] === '-h') {
         process.stdout.write(`${USAGE}\n`);
         if (args.length === 0) {
@@ -83,7 +89,7 @@ export function enter(args) {
             process.stderr.write(`Warning: Failed to sync Claude Code credentials: ${redactCommandError(error instanceof Error ? error.message : 'unknown error')}\n`);
         }
     }
-    const envFlags = terminalEnvFlags();
+    const envFlags = [...terminalEnvFlags(), ...hostTimezoneEnvFlags()];
     if (cmd.length === 0) {
         try {
             materializeDotfiles(config.dotfilesDir, dotfilesCacheDir(config.home, config.project));
@@ -91,7 +97,12 @@ export function enter(args) {
         catch (error) {
             process.stderr.write(`Warning: dotfiles snapshot rebuild failed: ${redactCommandError(error instanceof Error ? error.message : 'unknown error')}\n`);
         }
-        return runInteractiveEngine(engine, 'docker', ['exec', '-it', ...envFlags, container, 'bash', TMUX_ENTRY_PATH]);
+        return runInteractiveWithClipboardBridge({
+            engine,
+            dockerArgs: ['exec', '-it', ...envFlags, container, 'bash', TMUX_ENTRY_PATH],
+            container,
+            home: config.home
+        });
     }
     return runInteractiveEngine(engine, 'docker', ['exec', '-it', ...envFlags, container, ...cmd]);
 }

package/dist/lib/sandbox/commands/ls.js

@@ -8,7 +8,7 @@ import { detectEngine } from "../engine.js";
 import { runSafeEngine } from "../shell.js";
 import { resolveTools, toolProjectDirCandidates } from "../tools.js";
 const USAGE = 'Usage: ai sandbox ls';
-const CONTAINER_LIST_HEADER = 'NAMES\tSTATUS\tBRANCH';
+const CONTAINER_TABLE_HEADERS = ['NAMES', 'STATUS', 'BRANCH'];
 // Exported to lock the docker/podman-compatible format in unit tests.
 export function containerListFormat() {
     return '{{.Names}}\t{{.Status}}\t{{.Labels}}';
@@ -30,6 +30,19 @@ export function parseLabels(csv) {
     }
     return labels;
 }
+export function formatContainerTable(rows) {
+    const columns = rows.map((row) => [row.name, row.status, row.branch]);
+    const widths = [
+        Math.max(CONTAINER_TABLE_HEADERS[0].length, ...rows.map((row) => row.name.length)),
+        Math.max(CONTAINER_TABLE_HEADERS[1].length, ...rows.map((row) => row.status.length)),
+        Math.max(CONTAINER_TABLE_HEADERS[2].length, ...rows.map((row) => row.branch.length))
+    ];
+    const renderRow = (values) => `${values[0].padEnd(widths[0])}  ${values[1].padEnd(widths[1])}  ${values[2]}`.trimEnd();
+    return [
+        renderRow(CONTAINER_TABLE_HEADERS),
+        ...columns.map((column) => renderRow(column))
+    ];
+}
 function listChildren(dir) {
     if (!fs.existsSync(dir)) {
         return [];
@@ -60,11 +73,13 @@ export function ls(args = []) {
     }
     else {
         const branchKey = sandboxBranchLabel(config);
-        process.stdout.write(`  ${CONTAINER_LIST_HEADER}\n`);
-        for (const line of containers.split('\n')) {
+        const rows = containers.split('\n').map((line) => {
             const [name = '', status = '', labelsCsv = ''] = line.split('\t');
             const branch = parseLabels(labelsCsv)[branchKey] ?? '';
-            process.stdout.write(`  ${name}\t${status}\t${branch}\n`);
+            return { name, status, branch };
+        });
+        for (const line of formatContainerTable(rows)) {
+            process.stdout.write(`  ${line}\n`);
         }
     }
     p.log.step('Worktrees');

package/dist/lib/sandbox/commands/prune.js

@@ -0,0 +1,176 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { parseArgs } from 'node:util';
+import * as p from '@clack/prompts';
+import pc from 'picocolors';
+import { loadConfig } from "../config.js";
+import { safeNameCandidates, sandboxBranchLabel, sandboxLabel } from "../constants.js";
+import { detectEngine } from "../engine.js";
+import { hostJoin } from "../engines/wsl2-paths.js";
+import { removeManagedDir, removeWorktreeDir } from "../managed-fs.js";
+import { parseLabels } from "./ls.js";
+import { runEngine, runSafe } from "../shell.js";
+import { resolveTools } from "../tools.js";
+const USAGE = `Usage: ai sandbox prune [--dry-run]`;
+function listChildDirs(base) {
+    if (!fs.existsSync(base)) {
+        return [];
+    }
+    return fs.readdirSync(base)
+        .sort()
+        .map((entry) => path.join(base, entry))
+        .filter((entry) => {
+        try {
+            return fs.statSync(entry).isDirectory();
+        }
+        catch {
+            return false;
+        }
+    });
+}
+function activeSafeNames(activeBranches) {
+    const names = new Set();
+    for (const branch of activeBranches) {
+        try {
+            for (const name of safeNameCandidates(branch)) {
+                names.add(name);
+            }
+        }
+        catch {
+            names.add(branch);
+        }
+    }
+    return names;
+}
+function orphanDirs(base, activeNames) {
+    return listChildDirs(base).filter((dir) => !activeNames.has(path.basename(dir)));
+}
+function addGroup(groups, group) {
+    if (group.dirs.length > 0) {
+        groups.push(group);
+    }
+}
+export function collectOrphanGroups(config, tools, activeBranches) {
+    const activeNames = activeSafeNames(activeBranches);
+    const groups = [];
+    const shareBranchesBase = hostJoin(config.shareBase, 'branches');
+    addGroup(groups, {
+        kind: 'shell',
+        label: 'Shell config dirs',
+        base: config.shellConfigBase,
+        dirs: orphanDirs(config.shellConfigBase, activeNames)
+    });
+    addGroup(groups, {
+        kind: 'worktree',
+        label: 'Worktrees',
+        base: config.worktreeBase,
+        dirs: orphanDirs(config.worktreeBase, activeNames)
+    });
+    addGroup(groups, {
+        kind: 'share',
+        label: 'Share branch dirs',
+        base: shareBranchesBase,
+        dirs: orphanDirs(shareBranchesBase, activeNames)
+    });
+    for (const tool of tools) {
+        const base = hostJoin(tool.sandboxBase, config.project);
+        addGroup(groups, {
+            kind: 'tool',
+            label: `${tool.name} state`,
+            base,
+            dirs: orphanDirs(base, activeNames)
+        });
+    }
+    return groups;
+}
+export function removeOrphanGroups(config, groups) {
+    let removedWorktrees = false;
+    for (const group of groups) {
+        for (const dir of group.dirs) {
+            if (group.kind === 'worktree') {
+                removeWorktreeDir(config.repoRoot, group.base, dir);
+                removedWorktrees = true;
+            }
+            else {
+                removeManagedDir(group.base, dir);
+            }
+        }
+    }
+    return removedWorktrees;
+}
+function activeBranchesFromLabels(config, labelsOutput) {
+    const branchKey = sandboxBranchLabel(config);
+    return labelsOutput.split('\n')
+        .map((line) => parseLabels(line)[branchKey] ?? '')
+        .filter(Boolean);
+}
+function orphanCount(groups) {
+    return groups.reduce((sum, group) => sum + group.dirs.length, 0);
+}
+function writeGroups(groups) {
+    for (const group of groups) {
+        p.log.step(group.label);
+        for (const dir of group.dirs) {
+            process.stdout.write(`  ${dir}\n`);
+        }
+    }
+}
+export async function prune(args) {
+    const { values } = parseArgs({
+        args,
+        strict: true,
+        options: {
+            'dry-run': { type: 'boolean' },
+            help: { type: 'boolean', short: 'h' }
+        }
+    });
+    if (values.help) {
+        process.stdout.write(`${USAGE}\n`);
+        return;
+    }
+    const config = loadConfig();
+    const tools = resolveTools(config);
+    const engine = detectEngine(config);
+    const psArgs = [
+        'ps',
+        '-a',
+        '--filter',
+        `label=${sandboxLabel(config)}`,
+        '--format',
+        '{{.Labels}}'
+    ];
+    let labelsOutput;
+    try {
+        labelsOutput = runEngine(engine, 'docker', psArgs);
+    }
+    catch {
+        throw new Error('Unable to determine active sandbox branches: docker ps failed');
+    }
+    const groups = collectOrphanGroups(config, tools, activeBranchesFromLabels(config, labelsOutput));
+    const count = orphanCount(groups);
+    p.intro(pc.cyan(`Pruning orphaned sandbox state for ${config.project}`));
+    if (count === 0) {
+        p.log.success('No orphaned sandbox state dirs found');
+        p.outro(pc.green('Sandbox prune complete'));
+        return;
+    }
+    writeGroups(groups);
+    if (values['dry-run']) {
+        p.outro(pc.green('Dry run complete'));
+        return;
+    }
+    const shouldRemove = await p.confirm({
+        message: `Remove ${count} orphaned sandbox state dirs?`,
+        initialValue: true
+    });
+    if (p.isCancel(shouldRemove) || !shouldRemove) {
+        p.outro('Cancelled');
+        return;
+    }
+    const removedWorktrees = removeOrphanGroups(config, groups);
+    if (removedWorktrees) {
+        runSafe('git', ['-C', config.repoRoot, 'worktree', 'prune']);
+    }
+    p.outro(pc.green('Orphaned sandbox state dirs removed'));
+}
+//# sourceMappingURL=prune.js.map

package/dist/lib/sandbox/commands/rm.js

@@ -4,24 +4,17 @@ import { parseArgs } from 'node:util';
 import * as p from '@clack/prompts';
 import pc from 'picocolors';
 import { loadConfig } from "../config.js";
-import { assertValidBranchName, containerNameCandidates, sandboxBranchLabel, sandboxLabel, shareBranchDir, worktreeDirCandidates } from "../constants.js";
+import { assertValidBranchName, containerNameCandidates, sandboxBranchLabel, sandboxLabel, shareBranchDir, shellConfigDirCandidates, worktreeDirCandidates } from "../constants.js";
 import { ENGINES, detectEngine, engineDisplayName, isManagedEngine, stopManagedVm } from "../engine.js";
-import { run, runOk, runSafe, runSafeEngine } from "../shell.js";
+import { removeManagedDir, removeWorktreeDir } from "../managed-fs.js";
+import { runOk, runSafe, runSafeEngine } from "../shell.js";
 import { resolveTaskBranch } from "../task-resolver.js";
 import { resolveTools, toolConfigDirCandidates, toolProjectDirCandidates } from "../tools.js";
 const USAGE = `Usage: ai sandbox rm <branch> [--all]`;
+export { assertManagedPath } from "../managed-fs.js";
 function projectToolDirs(config, tools) {
     return tools.flatMap((tool) => toolProjectDirCandidates(tool, config.project));
 }
-export function assertManagedPath(root, target) {
-    const resolvedRoot = path.resolve(root);
-    const resolvedTarget = path.resolve(target);
-    const relative = path.relative(resolvedRoot, resolvedTarget);
-    if (relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative))) {
-        return;
-    }
-    throw new Error(`Refusing to remove path outside managed sandbox root: ${target}`);
-}
 async function rmOne(config, tools, branch) {
     assertValidBranchName(branch);
     const engine = detectEngine(config);
@@ -73,13 +66,7 @@ async function rmOne(config, tools, branch) {
         }
         if (shouldRemoveWorktree) {
             for (const worktree of existingWorktrees) {
-                try {
-                    run('git', ['-C', config.repoRoot, 'worktree', 'remove', worktree, '--force']);
-                }
-                catch {
-                    assertManagedPath(config.worktreeBase, worktree);
-                    fs.rmSync(worktree, { recursive: true, force: true });
-                }
+                removeWorktreeDir(config.repoRoot, config.worktreeBase, worktree);
             }
             const shouldDeleteBranch = await p.confirm({
                 message: `Also delete local branch '${effectiveBranch}'?`,
@@ -94,11 +81,14 @@ async function rmOne(config, tools, branch) {
     }
     for (const { tool, candidates } of toolCandidates) {
         for (const dir of candidates.filter((candidate) => fs.existsSync(candidate))) {
-            assertManagedPath(tool.sandboxBase, dir);
-            fs.rmSync(dir, { recursive: true, force: true });
+            removeManagedDir(tool.sandboxBase, dir);
             p.log.success(`${tool.name} state removed: ${dir}`);
         }
     }
+    for (const dir of shellConfigDirCandidates(config, effectiveBranch).filter((candidate) => fs.existsSync(candidate))) {
+        removeManagedDir(config.shellConfigBase, dir);
+        p.log.success(`Shell config removed: ${dir}`);
+    }
     const shareBranch = shareBranchDir(config, effectiveBranch);
     if (fs.existsSync(shareBranch)) {
         const shouldRemoveShare = await p.confirm({
@@ -106,8 +96,7 @@ async function rmOne(config, tools, branch) {
             initialValue: true
         });
         if (!p.isCancel(shouldRemoveShare) && shouldRemoveShare) {
-            assertManagedPath(config.shareBase, shareBranch);
-            fs.rmSync(shareBranch, { recursive: true, force: true });
+            removeManagedDir(config.shareBase, shareBranch);
             p.log.success(`Share dir removed: ${shareBranch}`);
         }
     }
@@ -144,32 +133,37 @@ async function rmAll(config, tools) {
         if (!p.isCancel(shouldRemoveWorktrees) && shouldRemoveWorktrees) {
             for (const entry of fs.readdirSync(config.worktreeBase)) {
                 const dir = path.join(config.worktreeBase, entry);
-                try {
-                    run('git', ['-C', config.repoRoot, 'worktree', 'remove', dir, '--force']);
-                }
-                catch {
-                    assertManagedPath(config.worktreeBase, dir);
-                    fs.rmSync(dir, { recursive: true, force: true });
-                }
+                removeWorktreeDir(config.repoRoot, config.worktreeBase, dir);
             }
             runSafe('git', ['-C', config.repoRoot, 'worktree', 'prune']);
         }
     }
     for (const dir of projectToolDirs(config, tools)) {
         if (fs.existsSync(dir)) {
-            assertManagedPath(path.dirname(dir), dir);
-            fs.rmSync(dir, { recursive: true, force: true });
+            removeManagedDir(path.dirname(dir), dir);
             p.log.success(`Removed tool state: ${dir}`);
         }
     }
+    if (fs.existsSync(config.shellConfigBase) && fs.readdirSync(config.shellConfigBase).length > 0) {
+        const shouldRemoveShellConfigs = await p.confirm({
+            message: `Remove all shell config dirs in ${config.shellConfigBase}?`,
+            initialValue: true
+        });
+        if (!p.isCancel(shouldRemoveShellConfigs) && shouldRemoveShellConfigs) {
+            for (const entry of fs.readdirSync(config.shellConfigBase)) {
+                const dir = path.join(config.shellConfigBase, entry);
+                removeManagedDir(config.shellConfigBase, dir);
+            }
+            p.log.success(`Project shell config dirs removed: ${config.shellConfigBase}`);
+        }
+    }
     if (fs.existsSync(config.shareBase) && fs.readdirSync(config.shareBase).length > 0) {
         const shouldRemoveAllShares = await p.confirm({
             message: `Remove all share dirs for project (${config.shareBase})?`,
             initialValue: true
         });
         if (!p.isCancel(shouldRemoveAllShares) && shouldRemoveAllShares) {
-            assertManagedPath(path.dirname(config.shareBase), config.shareBase);
-            fs.rmSync(config.shareBase, { recursive: true, force: true });
+            removeManagedDir(path.dirname(config.shareBase), config.shareBase);
             p.log.success(`Project share dirs removed: ${config.shareBase}`);
         }
     }

package/dist/lib/sandbox/config.js

@@ -86,6 +86,7 @@ export function loadConfig({ platformFn = platform, writeStderr = (chunk) => pro
         imageName: `${project}-sandbox:latest`,
         worktreeBase: hostJoin(home, '.agent-infra', 'worktrees', project),
         shareBase: hostJoin(home, '.agent-infra', 'share', project),
+        shellConfigBase: hostJoin(home, '.agent-infra', 'config', project),
         dotfilesDir: hostJoin(home, '.agent-infra', 'dotfiles'),
         engine,
         runtimes,

package/dist/lib/sandbox/constants.js

@@ -57,6 +57,12 @@ export function shareCommonDir(config) {
 export function shareBranchDir(config, branch) {
     return hostJoin(config.shareBase, 'branches', sanitizeBranchName(branch));
 }
+export function shellConfigDir(config, branch) {
+    return hostJoin(config.shellConfigBase, sanitizeBranchName(branch));
+}
+export function shellConfigDirCandidates(config, branch) {
+    return safeNameCandidates(branch).map((name) => hostJoin(config.shellConfigBase, name));
+}
 export function sandboxLabel(config) {
     return `${config.project}.sandbox`;
 }

package/dist/lib/sandbox/host-timezone.js

@@ -0,0 +1,33 @@
+import fs from 'node:fs';
+import os from 'node:os';
+const ZONEINFO_MARK = '/zoneinfo/';
+const IANA_ZONE_RE = /^[A-Za-z][A-Za-z0-9_+-]*(\/[A-Za-z0-9_+-]+)*$/;
+function safeTimezone(value) {
+    if (!value || !IANA_ZONE_RE.test(value)) {
+        return null;
+    }
+    return value;
+}
+export function detectHostTimezone(options = {}) {
+    const platform = options.platform ?? os.platform();
+    const env = options.env ?? process.env;
+    if (env.TZ) {
+        return safeTimezone(env.TZ);
+    }
+    if (platform !== 'darwin' && platform !== 'linux') {
+        return null;
+    }
+    const readlink = options.readlink ?? fs.readlinkSync;
+    try {
+        const target = readlink('/etc/localtime');
+        const idx = target.indexOf(ZONEINFO_MARK);
+        if (idx < 0) {
+            return null;
+        }
+        return safeTimezone(target.slice(idx + ZONEINFO_MARK.length));
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=host-timezone.js.map

package/dist/lib/sandbox/index.js

@@ -6,6 +6,7 @@ Commands:
   refresh                      Sync host Claude Code credentials to all sandbox copies
   ls                           List sandboxes for the current project
   rm <branch> [--all]          Remove a sandbox or all sandboxes
+  prune [--dry-run]            Remove orphaned per-branch state dirs
   vm status|start|stop         Manage the sandbox VM (macOS) or check the backend (Windows)
   rebuild [--quiet]            Rebuild the sandbox image
 
@@ -29,7 +30,7 @@ export async function runSandbox(args) {
         }
         case 'exec': {
             const { enter } = await import("./commands/enter.js");
-            const exitCode = enter(rest);
+            const exitCode = await enter(rest);
             if (typeof exitCode === 'number' && exitCode !== 0) {
                 process.exitCode = exitCode;
             }
@@ -53,6 +54,11 @@ export async function runSandbox(args) {
             await rm(rest);
             break;
         }
+        case 'prune': {
+            const { prune } = await import("./commands/prune.js");
+            await prune(rest);
+            break;
+        }
         case 'vm': {
             const { vm } = await import("./commands/vm.js");
             await vm(rest);

package/dist/lib/sandbox/managed-fs.js

@@ -0,0 +1,25 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { run } from "./shell.js";
+export function assertManagedPath(root, target) {
+    const resolvedRoot = path.resolve(root);
+    const resolvedTarget = path.resolve(target);
+    const relative = path.relative(resolvedRoot, resolvedTarget);
+    if (relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative))) {
+        return;
+    }
+    throw new Error(`Refusing to remove path outside managed sandbox root: ${target}`);
+}
+export function removeManagedDir(root, dir) {
+    assertManagedPath(root, dir);
+    fs.rmSync(dir, { recursive: true, force: true });
+}
+export function removeWorktreeDir(repoRoot, worktreeBase, dir) {
+    try {
+        run('git', ['-C', repoRoot, 'worktree', 'remove', dir, '--force']);
+    }
+    catch {
+        removeManagedDir(worktreeBase, dir);
+    }
+}
+//# sourceMappingURL=managed-fs.js.map

package/dist/lib/sandbox/runtimes/base.dockerfile

@@ -3,7 +3,6 @@ FROM ubuntu:22.04
 LABEL description="AI coding sandbox"
 
 ENV DEBIAN_FRONTEND=noninteractive
-ENV TZ=Asia/Shanghai
 
 ARG HOST_UID=1000
 ARG HOST_GID=1000
@@ -22,7 +21,7 @@ RUN apt-get update && apt-get install -y \
     build-essential ca-certificates gnupg lsb-release \
     libevent-core-2.1-7 libncursesw6 libtinfo6 \
     pkg-config bison libevent-dev libncurses-dev \
-    locales \
+    locales tzdata \
     && locale-gen en_US.UTF-8 \
     && (curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \
         | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg) \
@@ -45,13 +44,13 @@ RUN apt-get update && apt-get install -y \
     && rm -rf /var/lib/apt/lists/*
 
 # Enable extended keys in CSI u format so Shift+Enter and other modified
-# keys are forwarded through tmux. Preserve terminal-detection variables
+# keys are forwarded through tmux. Preserve terminal/timezone variables
 # injected at `docker exec` time when new tmux sessions are created.
 RUN printf '%s\n' \
       'set -g extended-keys always' \
       'set -g extended-keys-format csi-u' \
       "set -as terminal-features 'xterm*:extkeys'" \
-      "set -ga update-environment 'TERM_PROGRAM TERM_PROGRAM_VERSION LC_TERMINAL LC_TERMINAL_VERSION'" \
+      "set -ga update-environment 'TERM_PROGRAM TERM_PROGRAM_VERSION LC_TERMINAL LC_TERMINAL_VERSION TZ'" \
       'set -g mouse on' \
       'set -g status-interval 1' \
       'set -g status-right-length 80' \
@@ -146,7 +145,7 @@ RUN cat > /usr/local/bin/sandbox-tmux-entry <<'SCRIPT' && chmod +x /usr/local/bi
 #!/bin/sh
 set -eu
 
-sandbox-dotfiles-link >/dev/null || true
+sandbox-dotfiles-link >/dev/null 2>&1 || true
 
 SESSION=work
 
@@ -154,20 +153,26 @@ if ! command -v tmux >/dev/null 2>&1; then
   exec bash
 fi
 
-if ! tmux has-session -t "$SESSION" 2>/dev/null; then
-  exec tmux new-session -s "$SESSION"
-fi
-
-tmux list-sessions -F '#{session_name} #{session_attached}' 2>/dev/null | \
-  while read -r name attached; do
-    [ "$name" = "$SESSION" ] && continue
+# Drop stale grouped sessions left by older entry-script versions (the windows
+# live on $SESSION, so killing the group members only removes view entries).
+tmux list-sessions -F '#{session_name}' 2>/dev/null | while IFS= read -r name; do
     case "$name" in
-      ''|*[!0-9]*) continue ;;
+      "$SESSION"-*) tmux kill-session -t "$name" 2>/dev/null || true ;;
     esac
-    [ "$attached" = "0" ] && tmux kill-session -t "$name" 2>/dev/null || true
-  done
+done
+
+# Reuse the single $SESSION; -d detaches any pre-existing client so the new
+# one becomes the sole owner of window-size, eliminating size races.
+if tmux has-session -t "$SESSION" 2>/dev/null; then
+  # Push the per-exec TZ into the running session's env so new
+  # windows/panes pick up the host timezone without a session kill.
+  if [ -n "${TZ:-}" ]; then
+    tmux set-environment -t "$SESSION" TZ "$TZ" 2>/dev/null || true
+  fi
+  exec tmux attach -d -t "$SESSION"
+fi
 
-exec tmux new-session -t "$SESSION"
+exec tmux new-session -s "$SESSION"
 SCRIPT
 
 ENV LANG=en_US.UTF-8

package/dist/lib/sandbox/tools.js

@@ -5,7 +5,7 @@ function createBuiltinTools(home, project) {
         'claude-code': {
             id: 'claude-code',
             name: 'Claude Code',
-            npmPackage: '@anthropic-ai/claude-code',
+            npmPackage: '@anthropic-ai/claude-code@stable',
             sandboxBase: hostJoin(home, '.agent-infra', 'sandboxes', 'claude-code'),
             containerMount: '/home/devuser/.claude',
             versionCmd: 'claude --version',

package/dist/lib/version.js

@@ -1,5 +1,12 @@
-import { readFileSync } from 'node:fs';
-const { version } = JSON.parse(readFileSync(new URL('../package.json', import.meta.url), 'utf8'));
+import { existsSync, readFileSync } from 'node:fs';
+const packageJsonUrl = [
+    new URL('../package.json', import.meta.url),
+    new URL('../../package.json', import.meta.url),
+].find((url) => existsSync(url));
+if (!packageJsonUrl) {
+    throw new Error('Unable to locate package.json for agent-infra version');
+}
+const { version } = JSON.parse(readFileSync(packageJsonUrl, 'utf8'));
 const VERSION = `v${version}`;
 export { VERSION };
 //# sourceMappingURL=version.js.map