npm - @linzumi/cli - Versions diffs - 0.0.30-beta → 0.0.31-beta - Mend

@linzumi/cli 0.0.30-beta → 0.0.31-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -46,8 +46,8 @@ Terms:
 - **Bootstrapper Codex**: the outer Codex started by the pasted command. It
   sets up Linzumi and local processes, but does not edit the demo app.
 - **Linzumi Commander**: the long-running local bridge started with
-  `linzumi commander`; it owns the secure tunnel, trusted folder, browser
-  editor, and inner Codex launch.
+  `linzumi commander`; it runs as the claimed human's Commander and owns the
+  secure tunnel, trusted folder, browser editor, and inner Codex launch.
 - **Linzumi Codex session**: the inner agent running inside the Linzumi thread;
   it edits `/tmp/hello_linzumi` and posts progress.
 - **Human**: the workspace owner who opens the one-time login link and watches
@@ -152,12 +152,12 @@ npx -y @linzumi/cli@latest commander daemon \
 npx -y @linzumi/cli@latest commander wait --runner-id "$commander_id" --timeout-ms 30000
 ```
-The agent-owned Commander reads `~/.linzumi/agent-token.json`, uses the
-workspace/channel scope from the approval flow, reads trusted folders from
-`~/.linzumi/config.json`, marks approved project directories trusted in
-Codex's normal project config so Codex does not stop for an interactive trust
-prompt, advertises the explicit preview port, and listens only to the
-approving human unless `--listen-user` is explicitly passed. Use a unique
+The human-owned Commander reads `~/.linzumi/agent-token.json`, uses the
+claimed human Commander token and workspace/channel scope from the approval
+flow, reads trusted folders from `~/.linzumi/config.json`, marks approved
+project directories trusted in Codex's normal project config so Codex does not
+stop for an interactive trust prompt, advertises the explicit preview port, and
+listens only to the approving human unless `--listen-user` is explicitly passed. Use a unique
 Commander id per launch. `linzumi commander daemon` writes a status record and
 log under `~/.linzumi/commanders`, and `linzumi commander wait` returns only
 after the Commander is connected.
@@ -293,7 +293,7 @@ intentionally. Every action is auditable from the thread.
 ## Pinning a version
 ```bash
-npm install -g @linzumi/cli@0.0.30-beta
+npm install -g @linzumi/cli@0.0.31-beta
 linzumi --version
 ```
@@ -316,7 +316,7 @@ linzumi connect \
 ### All the flags
 ```text
---agent-token-file <path>   Agent token cache for `linzumi commander`
+--agent-token-file <path>   Bootstrap token cache for `linzumi commander`
 --oauth-callback-host <ip>  Sign-in callback host your browser can reach
 --codex-bin <path>          Codex executable, default `codex`
 --model <name>              Model requested for Codex sessions and labelled in Linzumi

package/dist/index.js CHANGED Viewed

@@ -7759,6 +7759,8 @@ async function runClaim(command, deps) {
   const tokenFile = {
     apiUrl: command.apiUrl,
     agentToken: requiredString(response, "agent_token"),
+    commanderToken: requiredString(response, "commander_token"),
+    commanderTokenExpiresInSeconds: numberValue2(response.commander_token_expires_in_seconds),
     agentId: requiredString(response, "agent_id"),
     workspaceId: requiredString(response, "workspace_id"),
     workspaceName: stringValue(response.workspace_name),
@@ -7772,7 +7774,7 @@ async function runClaim(command, deps) {
     cursors: {}
   };
   writeTokenFile(command.tokenFile, tokenFile, deps.writeTextFile);
-  deps.stdout.write(`Logged in as agent ${tokenFile.agentId}
+  deps.stdout.write(`Logged in as ${tokenFile.ownerUsername ?? "claimed user"}
 `);
   if (tokenFile.workspaceName !== undefined) {
     deps.stdout.write(`workspace_name: ${tokenFile.workspaceName}
@@ -8014,6 +8016,8 @@ function readStoredAgentTokenFile(path, readTextFile = readOptionalTextFile) {
   return {
     apiUrl: requiredString(parsed, "apiUrl"),
     agentToken: requiredString(parsed, "agentToken"),
+    commanderToken: requiredString(parsed, "commanderToken"),
+    commanderTokenExpiresInSeconds: numberValue2(parsed.commanderTokenExpiresInSeconds),
     agentId: requiredString(parsed, "agentId"),
     workspaceId: requiredString(parsed, "workspaceId"),
     workspaceName: stringValue(parsed.workspaceName),
@@ -8912,7 +8916,7 @@ async function main(args) {
       process.stdout.write(connectGuideText());
       return;
     case "version":
-      process.stdout.write(`linzumi 0.0.30-beta
+      process.stdout.write(`linzumi 0.0.31-beta
 `);
       return;
     case "auth":
@@ -9308,7 +9312,7 @@ async function parseAgentRunnerArgs(args, deps = {
   assertStartDependencies(initialDependencyStatus);
   const editorRuntime = await deps.resolveEditorRuntime({
     kandanUrl,
-    token: tokenFile.agentToken,
+    token: tokenFile.commanderToken,
     customCodeServerBin,
     fetchImpl: trustedFetch(kandanTlsTrustFromEnv())
   });
@@ -9321,7 +9325,7 @@ async function parseAgentRunnerArgs(args, deps = {
   assertStartDependencies(dependencyStatus);
   return {
     kandanUrl,
-    token: tokenFile.agentToken,
+    token: tokenFile.commanderToken,
     runnerId: stringValue3(values, "runner-id") ?? `agent-runner-${randomUUID3()}`,
     cwd,
     codexBin,
@@ -9352,9 +9356,15 @@ function readAgentTokenTextFile(path) {
   return existsSync10(path) ? readFileSync9(path, "utf8") : undefined;
 }
 function rejectAgentRunnerTargetingFlags(values) {
-  const unsupportedFlags = ["workspace", "channel", "token", "auth-file", "oauth-callback-host"].filter((flag) => values.has(flag));
+  const unsupportedFlags = [
+    "workspace",
+    "channel",
+    "token",
+    "auth-file",
+    "oauth-callback-host"
+  ].filter((flag) => values.has(flag));
   if (unsupportedFlags.length > 0) {
-    throw new Error(`linzumi commander uses the claimed agent token scope; remove ${unsupportedFlags.map((flag) => `--${flag}`).join(", ")}.`);
+    throw new Error(`linzumi commander uses the claimed human Commander token scope; remove ${unsupportedFlags.map((flag) => `--${flag}`).join(", ")}.`);
   }
 }
 function requiredStoredAgentChannel(channelId) {
@@ -9419,7 +9429,7 @@ async function parseRunnerArgs(args, deps = {
     process.exit(0);
   }
   if (values.get("version") === true) {
-    process.stdout.write(`linzumi 0.0.30-beta
+    process.stdout.write(`linzumi 0.0.31-beta
 `);
     process.exit(0);
   }
@@ -9846,7 +9856,7 @@ Usage:
   linzumi agent runner <folder> [options]
 What it does:
-  Starts this computer as the claimed agent's scoped Linzumi Commander. The command
+  Starts this computer as the claimed human's scoped Linzumi Commander. The command
   reads ~/.linzumi/agent-token.json, uses its workspace/channel scope, reads
   trusted folders from ~/.linzumi/config.json when no folder is passed, and
   listens only to the owning human recorded during claim unless --listen-user is

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@linzumi/cli",
-  "version": "0.0.30-beta",
+  "version": "0.0.31-beta",
   "description": "Linzumi CLI — point a Codex agent at the real code on your laptop, with your team watching and steering from shared threads.",
   "type": "module",
   "bin": {