npm - @madarco/agentbox - Versions diffs - 0.8.0 → 0.9.0 - Mend

@madarco/agentbox 0.8.0 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/dist/{_cloud-attach-T727ZPRV.js → _cloud-attach-ZXBCNWJX.js} +4 -4
package/dist/{chunk-67N47KUS.js → chunk-BXQMIEHC.js} +106 -31
package/dist/chunk-BXQMIEHC.js.map +1 -0
package/dist/{chunk-FODMEHD3.js → chunk-GU5LW4B5.js} +341 -25
package/dist/chunk-GU5LW4B5.js.map +1 -0
package/dist/{chunk-BGK32PZE.js → chunk-KL36BRN4.js} +2 -2
package/dist/chunk-KL36BRN4.js.map +1 -0
package/dist/chunk-MTVI44DW.js +662 -0
package/dist/chunk-MTVI44DW.js.map +1 -0
package/dist/{chunk-6OZDFNBF.js → chunk-NCJP5MTN.js} +201 -44
package/dist/chunk-NCJP5MTN.js.map +1 -0
package/dist/{dist-LOZBWMBF.js → dist-32EZBYG4.js} +9 -3
package/dist/{dist-L4LCG5SJ.js → dist-CX5CGVEB.js} +4 -4
package/dist/{dist-ZODPD2I6.js → dist-GDHP34ZK.js} +8 -10
package/dist/dist-GDHP34ZK.js.map +1 -0
package/dist/dist-XML54CNB.js +849 -0
package/dist/dist-XML54CNB.js.map +1 -0
package/dist/index.js +636 -340
package/dist/index.js.map +1 -1
package/dist/{prepared-state-CL4CWXQA-ME4HSKDE.js → prepared-state-CL4CWXQA-H5THETIM.js} +2 -2
package/package.json +7 -5
package/runtime/docker/packages/ctl/dist/bin.cjs +98 -29
package/runtime/docker/packages/sandbox-docker/scripts/agentbox-vnc-start +15 -1
package/runtime/hetzner/agentbox-vnc-start +15 -1
package/runtime/hetzner/ctl.cjs +98 -29
package/runtime/relay/bin.cjs +229 -37
package/runtime/vercel/agentbox-checkpoint-cleanup +52 -0
package/runtime/vercel/agentbox-codex-hooks.json +68 -0
package/runtime/vercel/agentbox-open +28 -0
package/runtime/vercel/agentbox-setup-skill.md +196 -0
package/runtime/vercel/agentbox-vnc-start +91 -0
package/runtime/vercel/claude-managed-settings.json +115 -0
package/runtime/vercel/ctl.cjs +23466 -0
package/runtime/vercel/custom-system-CLAUDE.md +50 -0
package/runtime/vercel/gh-shim +263 -0
package/runtime/vercel/git-shim +131 -0
package/runtime/vercel/scripts/provision.sh +274 -0
package/dist/chunk-67N47KUS.js.map +0 -1
package/dist/chunk-6OZDFNBF.js.map +0 -1
package/dist/chunk-BGK32PZE.js.map +0 -1
package/dist/chunk-FODMEHD3.js.map +0 -1
package/dist/dist-ZODPD2I6.js.map +0 -1
/package/dist/{_cloud-attach-T727ZPRV.js.map → _cloud-attach-ZXBCNWJX.js.map} +0 -0
/package/dist/{dist-LOZBWMBF.js.map → dist-32EZBYG4.js.map} +0 -0
/package/dist/{dist-L4LCG5SJ.js.map → dist-CX5CGVEB.js.map} +0 -0
/package/dist/{prepared-state-CL4CWXQA-ME4HSKDE.js.map → prepared-state-CL4CWXQA-H5THETIM.js.map} +0 -0

package/dist/{_cloud-attach-T727ZPRV.js → _cloud-attach-ZXBCNWJX.js} RENAMED Viewed

@@ -2,12 +2,12 @@
 import {
   buildCloudAttachInnerCommand,
   cloudAgentAttach
-} from "./chunk-FODMEHD3.js";
-import "./chunk-6OZDFNBF.js";
-import "./chunk-BGK32PZE.js";
+} from "./chunk-GU5LW4B5.js";
+import "./chunk-NCJP5MTN.js";
+import "./chunk-KL36BRN4.js";
 import "./chunk-G3H2L3O2.js";
 export {
   buildCloudAttachInnerCommand,
   cloudAgentAttach
 };
-//# sourceMappingURL=_cloud-attach-T727ZPRV.js.map
+//# sourceMappingURL=_cloud-attach-ZXBCNWJX.js.map

package/dist/{chunk-67N47KUS.js → chunk-BXQMIEHC.js} RENAMED Viewed

@@ -1,7 +1,10 @@
 #!/usr/bin/env node
 import {
   CLAUDE_FORWARDED_ENV_KEYS,
+  CODEX_CREDENTIALS_BACKUP_FILE,
   CODEX_FORWARDED_ENV_KEYS,
+  CREDENTIALS_BACKUP_FILE,
+  OPENCODE_CREDENTIALS_BACKUP_FILE,
   OPENCODE_FORWARDED_ENV_KEYS,
   buildHostEnvFindArgs,
   buildTmuxConfigShellSnippet,
@@ -10,6 +13,7 @@ import {
   generateRelayToken,
   generateVncPassword,
   hashProjectPath,
+  isRealAgentCredential,
   portlessAlias,
   portlessGetUrl,
   portlessUnalias,
@@ -23,22 +27,24 @@ import {
   stageOpencodeCredentialsForUpload,
   stageOpencodeStateForUpload,
   stageOpencodeStaticForUpload
-} from "./chunk-6OZDFNBF.js";
+} from "./chunk-NCJP5MTN.js";
 import {
   allocateProjectIndex,
   detectGitRepos,
   readState,
   recordBox,
   removeBoxRecord
-} from "./chunk-BGK32PZE.js";
+} from "./chunk-KL36BRN4.js";
 // ../../packages/sandbox-cloud/dist/index.js
 import { randomBytes } from "crypto";
 import { basename as basename2 } from "path";
-import { mkdir, readFile, readdir, rm, writeFile } from "fs/promises";
+import { chmod, mkdir, writeFile } from "fs/promises";
+import { dirname } from "path";
+import { mkdir as mkdir2, readFile, readdir, rm, writeFile as writeFile2 } from "fs/promises";
 import { homedir } from "os";
 import { basename, join } from "path";
-import { mkdtemp, rm as rm2, writeFile as writeFile2 } from "fs/promises";
+import { mkdtemp, rm as rm2, writeFile as writeFile3 } from "fs/promises";
 import { tmpdir } from "os";
 import { join as join2 } from "path";
 import { execa } from "execa";
@@ -228,6 +234,39 @@ function agentSpecsForCloud() {
     credentialsSubpath: s.credentialsSubpath
   }));
 }
+var EXTRACT_SPECS = [
+  { kind: "claude", boxPath: "/home/vscode/.claude/.credentials.json", hostBackup: CREDENTIALS_BACKUP_FILE },
+  { kind: "codex", boxPath: "/home/vscode/.codex/auth.json", hostBackup: CODEX_CREDENTIALS_BACKUP_FILE },
+  {
+    kind: "opencode",
+    boxPath: "/home/vscode/.local/share/opencode/auth.json",
+    hostBackup: OPENCODE_CREDENTIALS_BACKUP_FILE
+  }
+];
+async function extractCloudAgentCredentials(backend, handle, opts = {}) {
+  const log = opts.onLog ?? (() => {
+  });
+  const extracted = [];
+  for (const spec of EXTRACT_SPECS) {
+    const hostBackup = opts.backups?.[spec.kind] ?? spec.hostBackup;
+    try {
+      const r = await backend.exec(handle, `cat ${spec.boxPath} 2>/dev/null`, { noRetry: true });
+      const text = r.stdout;
+      if (r.exitCode !== 0 || !text || !isRealAgentCredential(spec.kind, text)) continue;
+      await mkdir(dirname(hostBackup), { recursive: true });
+      await writeFile(hostBackup, text, { mode: 384 });
+      await chmod(hostBackup, 384).catch(() => {
+      });
+      extracted.push(spec.kind);
+      log(`extracted ${spec.kind} login from box to ${hostBackup}`);
+    } catch (err) {
+      log(
+        `WARN: ${spec.kind} credential extract failed (${err instanceof Error ? err.message : String(err)}) \u2014 skipping`
+      );
+    }
+  }
+  return extracted;
+}
 var CLOUD_CHECKPOINTS_ROOT = join(homedir(), ".agentbox", "cloud-checkpoints");
 var CLOUD_SNAPSHOT_NAME_PREFIX = "agentbox-ckpt-";
 function cloudSnapshotName(projectRoot, name) {
@@ -275,7 +314,7 @@ async function resolveCloudCheckpoint(projectRoot, backend, ref) {
 }
 async function writeCloudCheckpointManifest(projectRoot, backend, name, fields) {
   const dir = checkpointDir(backend, projectRoot, name);
-  await mkdir(dir, { recursive: true });
+  await mkdir2(dir, { recursive: true });
   const manifest = {
     schema: 1,
     name,
@@ -285,7 +324,7 @@ async function writeCloudCheckpointManifest(projectRoot, backend, name, fields)
     sourceBoxName: fields.sourceBoxName,
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  await writeFile(join(dir, "manifest.json"), JSON.stringify(manifest, null, 2) + "\n", "utf8");
+  await writeFile2(join(dir, "manifest.json"), JSON.stringify(manifest, null, 2) + "\n", "utf8");
   return { name, dir, manifest };
 }
 async function removeCloudCheckpointDir(projectRoot, backend, name) {
@@ -324,7 +363,7 @@ async function uploadEnvFiles(args) {
       log(`env-file tar pack failed: ${String(packed.stderr).slice(0, 300)}`);
       return { copied: 0 };
     }
-    await writeFile2(join2(stage, ".marker"), "").catch(() => {
+    await writeFile3(join2(stage, ".marker"), "").catch(() => {
     });
     await args.backend.uploadFile(args.handle, localTar, REMOTE_TAR_PATH);
     const extract = await args.backend.exec(
@@ -418,7 +457,8 @@ async function uploadOneEntry(args) {
   }
   parts.push(`rm -f ${remoteTar}`);
   const cmd = parts.join(" && ");
-  const res = await args.backend.exec(args.handle, cmd);
+  const execOpts = args.backend.name === "vercel" ? { user: "root" } : void 0;
+  const res = await args.backend.exec(args.handle, cmd, execOpts);
   if (res.exitCode !== 0) {
     throw new Error(
       `in-box extract failed (exit ${String(res.exitCode)}): ${(res.stderr || res.stdout).slice(-300)}`
@@ -687,6 +727,7 @@ async function seedCloudWorkspace(args) {
       workspaceDir,
       bundleDepth: args.bundleDepth,
       fromBranch: args.fromBranch,
+      useBranch: args.useBranch,
       onLog: log
     });
     for (const r of nested) {
@@ -725,8 +766,8 @@ async function seedFromGitClone(args) {
   const cloneDir = join5(stage, "clone");
   const tarPath = join5(stage, "workspace.tar.gz");
   const untrackedTarPath = join5(stage, "untracked.tar.gz");
-  const stashSha = await safeStashCreate(args.hostRepo);
-  const untrackedSize = await maybeBuildUntrackedTar(args.hostRepo, untrackedTarPath);
+  const stashSha = args.useBranch ? null : await safeStashCreate(args.hostRepo);
+  const untrackedSize = args.useBranch ? 0 : await maybeBuildUntrackedTar(args.hostRepo, untrackedTarPath);
   let stashRefCreated = false;
   try {
     if (stashSha) {
@@ -743,7 +784,8 @@ async function seedFromGitClone(args) {
     log(
       adaptive ? `clone: depth=${String(DEFAULT_BUNDLE_DEPTH)} (default, adaptive)` : initialDepth === null ? "clone: depth=full (configured)" : `clone: depth=${String(initialDepth)} (configured)`
     );
-    await runShallowClone(args.hostRepo, cloneDir, initialDepth, stashRefCreated, args.fromBranch);
+    const cloneBranch = args.useBranch ?? args.fromBranch;
+    await runShallowClone(args.hostRepo, cloneDir, initialDepth, stashRefCreated, cloneBranch);
     await tarCloneDir(cloneDir, tarPath);
     if (adaptive && initialDepth !== null) {
       const size = await safeFileSize(tarPath);
@@ -754,7 +796,7 @@ async function seedFromGitClone(args) {
         );
         await rm5(cloneDir, { recursive: true, force: true });
         await rm5(tarPath, { force: true });
-        await runShallowClone(args.hostRepo, cloneDir, LARGE_BUNDLE_DEPTH, stashRefCreated, args.fromBranch);
+        await runShallowClone(args.hostRepo, cloneDir, LARGE_BUNDLE_DEPTH, stashRefCreated, cloneBranch);
         await tarCloneDir(cloneDir, tarPath);
       }
     }
@@ -791,7 +833,10 @@ async function seedFromGitClone(args) {
       `$SUDO chown "$(id -un):$(id -gn)" ${quoteShellArgv([args.workspaceDir])}`,
       `tar -C ${quoteShellArgv([args.workspaceDir])} -xzf ${quoteShellArgv([remoteTar])}`,
       setOrigin,
-      `git -C ${quoteShellArgv([args.workspaceDir])} checkout -B ${quoteShellArgv([args.branch])}`,
+      // reuse: the clone already landed on `<branch>` (pinned via `--branch`);
+      // a plain checkout materializes the working tree without resetting the
+      // ref. fork: `-B` (re)points `<branch>` at the clone HEAD.
+      args.useBranch ? `git -C ${quoteShellArgv([args.workspaceDir])} checkout ${quoteShellArgv([args.branch])}` : `git -C ${quoteShellArgv([args.workspaceDir])} checkout -B ${quoteShellArgv([args.branch])}`,
       ...carryOverSteps,
       `rm -f ${quoteShellArgv([remoteTar])}`
     ].join("\n");
@@ -989,7 +1034,9 @@ function createCloudProvider(backend, opts = {}) {
     return {
       id,
       name,
-      branch: `agentbox/${name}`
+      // --use-branch reuses the named branch directly; otherwise fork a fresh
+      // per-box branch. The CLI validated `useBranch` exists host-side.
+      branch: req.useBranch ?? `agentbox/${name}`
     };
   }
   async function probe(box) {
@@ -1008,7 +1055,13 @@ function createCloudProvider(backend, opts = {}) {
       });
       const { id, name, branch } = mintBox(req);
       const image = opts.provisionImage ? await opts.provisionImage(req) : req.image ?? FALLBACK_IMAGE;
-      const resources = opts.defaultResources ?? { cpu: 2, memory: 4, disk: 8 };
+      const baseResources = opts.defaultResources ?? { cpu: 2, memory: 4, disk: 8 };
+      const vcpuOverride = req.providerOptions?.["vcpus"];
+      const resources = typeof vcpuOverride === "number" && vcpuOverride > 0 ? { ...baseResources, cpu: vcpuOverride } : baseResources;
+      const timeoutOverride = req.providerOptions?.["timeoutMs"];
+      const timeoutMs = typeof timeoutOverride === "number" && timeoutOverride > 0 ? timeoutOverride : void 0;
+      const networkPolicyOpt = req.providerOptions?.["networkPolicy"];
+      const networkPolicy = typeof networkPolicyOpt === "string" && networkPolicyOpt.trim() !== "" ? networkPolicyOpt.trim() : void 0;
       const relayToken = generateRelayToken();
       const bridgeToken = generateRelayToken();
       try {
@@ -1031,6 +1084,7 @@ function createCloudProvider(backend, opts = {}) {
         }
       }
       const agentVolumes = await ensureAgentVolumesForCloud(backend, { onLog: log });
+      const exposeServicePorts = await readExposedServicePorts(req.workspacePath);
       log(
         snapshotName ? `provisioning ${providerName} sandbox from snapshot` : `provisioning ${providerName} sandbox`
       );
@@ -1039,6 +1093,9 @@ function createCloudProvider(backend, opts = {}) {
         image,
         snapshot: snapshotName,
         resources,
+        timeoutMs,
+        exposePorts: exposeServicePorts,
+        networkPolicy,
         env: {
           AGENTBOX_BOX_ID: id,
           AGENTBOX_BOX_NAME: name,
@@ -1066,6 +1123,7 @@ function createCloudProvider(backend, opts = {}) {
             workspaceDir: CLOUD_WORKSPACE_DIR,
             bundleDepth: req.bundleDepth,
             fromBranch: req.fromBranch,
+            useBranch: req.useBranch,
             onLog: log
           });
         }
@@ -1113,12 +1171,14 @@ function createCloudProvider(backend, opts = {}) {
           relayToken,
           bridgeToken
         });
-        log("launching in-box dockerd");
-        try {
-          const dockerd = await launchCloudDockerdDaemon({ backend, handle, timeoutMs: 6e4 });
-          if (!dockerd.up) log(`dockerd did not become ready (continuing): ${dockerd.reason ?? "unknown"}`);
-        } catch (err) {
-          log(`dockerd daemon launch failed (continuing): ${err instanceof Error ? err.message : String(err)}`);
+        if (opts.launchDockerd !== false) {
+          log("launching in-box dockerd");
+          try {
+            const dockerd = await launchCloudDockerdDaemon({ backend, handle, timeoutMs: 6e4 });
+            if (!dockerd.up) log(`dockerd did not become ready (continuing): ${dockerd.reason ?? "unknown"}`);
+          } catch (err) {
+            log(`dockerd daemon launch failed (continuing): ${err instanceof Error ? err.message : String(err)}`);
+          }
         }
         const vncEnabled = req.vnc?.enabled !== false;
         const vncPassword = vncEnabled ? generateVncPassword() : void 0;
@@ -1176,7 +1236,7 @@ function createCloudProvider(backend, opts = {}) {
             portlessVncUrlResolved = url;
           }
         }
-        const servicePorts = await readExposedServicePorts(req.workspacePath);
+        const servicePorts = exposeServicePorts;
         const servicePreviews = {};
         for (const port of servicePorts) {
           if (port === CLOUD_WEB_PROXY_PORT) continue;
@@ -1192,12 +1252,15 @@ function createCloudProvider(backend, opts = {}) {
         } catch {
           relayPreview = void 0;
         }
+        const state = await readState();
+        const projectIndex = req.projectRoot ? allocateProjectIndex(state, req.projectRoot) : void 0;
         if (relayPreview) {
           try {
             await registerBoxWithRelay({
               boxId: id,
               token: relayToken,
               name,
+              projectIndex,
               kind: "cloud",
               backend: backend.name,
               previewUrl: relayPreview.url,
@@ -1211,8 +1274,6 @@ function createCloudProvider(backend, opts = {}) {
             );
           }
         }
-        const state = await readState();
-        const projectIndex = req.projectRoot ? allocateProjectIndex(state, req.projectRoot) : void 0;
         const record = {
           id,
           name,
@@ -1365,11 +1426,13 @@ function createCloudProvider(backend, opts = {}) {
         relayToken: box.relayToken ?? "",
         bridgeToken: box.cloud?.bridgeToken
       });
-      try {
-        const dockerd = await launchCloudDockerdDaemon({ backend, handle: h, timeoutMs: 6e4 });
-        if (!dockerd.up) {
+      if (opts.launchDockerd !== false) {
+        try {
+          const dockerd = await launchCloudDockerdDaemon({ backend, handle: h, timeoutMs: 6e4 });
+          if (!dockerd.up) {
+          }
+        } catch {
         }
-      } catch {
       }
       if (box.vncEnabled && box.vncPassword) {
         try {
@@ -1530,7 +1593,16 @@ function createCloudProvider(backend, opts = {}) {
     // capability stub whose methods throw — the CLI's `agentbox checkpoint
     // create` then surfaces a clean "not supported" error rather than a
     // silent no-op.
-    checkpoint: makeCloudCheckpoint(backend)
+    checkpoint: makeCloudCheckpoint(backend),
+    // Extract the box's agent login(s) back to the host (~/.agentbox) so the
+    // next box inherits the login. Lives on the base cloud provider (not inside
+    // `checkpoint.create`) so it works even for providers that override the
+    // whole `checkpoint` capability (vercel). The CLI calls this on
+    // `checkpoint create --set-default`, while the box is guaranteed running.
+    async extractAgentCredentials(box) {
+      if (!box.cloud?.sandboxId) return [];
+      return extractCloudAgentCredentials(backend, { sandboxId: box.cloud.sandboxId });
+    }
     // stats is provider-optional; cloud backends without a metrics API just
     // omit it. Backends that have one can decorate the returned provider.
   };
@@ -1635,6 +1707,9 @@ export {
   agentSpecsForCloud,
   listCloudCheckpoints,
   resolveCloudCheckpoint,
-  createCloudProvider
+  writeCloudCheckpointManifest,
+  removeCloudCheckpointDir,
+  createCloudProvider,
+  renderInnerCommand
 };
-//# sourceMappingURL=chunk-67N47KUS.js.map
+//# sourceMappingURL=chunk-BXQMIEHC.js.map