@openape/apes 0.21.2 → 0.22.1

package/dist/cli.js

@@ -63,7 +63,7 @@ import {
 } from "./chunk-IDPV5SNB.js";
 
 // src/cli.ts
-import consola35 from "consola";
+import consola36 from "consola";
 
 // src/ape-shell.ts
 import path from "path";
@@ -379,7 +379,7 @@ async function loginWithPKCE(idp) {
   consola2.success(`Logged in as ${payload.email || payload.sub}`);
 }
 async function loginWithKey(idp, keyPath, agentEmail) {
-  const { readFileSync: readFileSync7 } = await import("fs");
+  const { readFileSync: readFileSync8 } = await import("fs");
   const { sign: sign3 } = await import("crypto");
   const { loadEd25519PrivateKey: loadEd25519PrivateKey2 } = await import("./ssh-key-YBNNG5K5.js");
   const challengeUrl = await getAgentChallengeEndpoint(idp);
@@ -392,7 +392,7 @@ async function loginWithKey(idp, keyPath, agentEmail) {
     throw new CliError(`Challenge failed: ${await challengeResp.text()}`);
   }
   const { challenge } = await challengeResp.json();
-  const keyContent = readFileSync7(keyPath, "utf-8");
+  const keyContent = readFileSync8(keyPath, "utf-8");
   const privateKey = loadEd25519PrivateKey2(keyContent);
   const signature = sign3(null, Buffer2.from(challenge), privateKey).toString("base64");
   const authenticateUrl = await getAgentAuthenticateEndpoint(idp);
@@ -1748,7 +1748,7 @@ import { defineCommand as defineCommand24 } from "citty";
 // src/commands/agents/destroy.ts
 import { execFileSync as execFileSync3 } from "child_process";
 import { mkdtempSync, rmSync, writeFileSync } from "fs";
-import { tmpdir } from "os";
+import { tmpdir, userInfo } from "os";
 import { join as join2 } from "path";
 import { defineCommand as defineCommand20 } from "citty";
 import consola18 from "consola";
@@ -1889,7 +1889,7 @@ echo "OK $NAME uid=$NEXT_UID home=$HOME_DIR"
 `;
 }
 function buildDestroyTeardownScript(input) {
-  const { name, homeDir } = input;
+  const { name, homeDir, adminUser } = input;
   return `#!/bin/bash
 # Best-effort teardown. set -u catches typos; we deliberately do NOT use -e
 # because pkill / launchctl are allowed to fail when the user has no live
@@ -1898,6 +1898,16 @@ set -u
 
 NAME=${shQuote(name)}
 HOME_DIR=${shQuote(homeDir)}
+ADMIN_USER=${shQuote(adminUser)}
+
+# Read the admin password from stdin (line 1). The caller pipes it in.
+# We never accept it as an argv element so it can't show up in process
+# listings or escapes' audit log.
+read -r ADMIN_PASSWORD
+if [ -z "$ADMIN_PASSWORD" ]; then
+  echo "ERROR: no admin password on stdin (expected one line)." >&2
+  exit 2
+fi
 
 UID_OF=$(dscl . -read "/Users/$NAME" UniqueID 2>/dev/null | awk '/UniqueID:/ {print $2}')
 
@@ -1910,25 +1920,32 @@ if [ -d "$HOME_DIR" ] && [ "$HOME_DIR" != "/" ] && [ "$HOME_DIR" != "" ]; then
   rm -rf "$HOME_DIR"
 fi
 
-# Delete the user record. \`sysadminctl -deleteUser\` is the canonical macOS
-# API and removes Open Directory metadata that \`dscl . -delete\` leaves
-# behind. Fall back to dscl if sysadminctl isn't available or rejects the
-# user. Surface a clear error if both fail \u2014 silent failure here is what
-# left orphaned dscl records on previous spawn/destroy round-trips.
-if command -v sysadminctl >/dev/null 2>&1; then
-  if sysadminctl -deleteUser "$NAME" 2>/dev/null; then
-    :
-  elif dscl . -read "/Users/$NAME" >/dev/null 2>&1; then
-    dscl . -delete "/Users/$NAME" || {
-      echo "ERROR: failed to delete user record /Users/$NAME" >&2
-      exit 1
-    }
-  fi
-elif dscl . -read "/Users/$NAME" >/dev/null 2>&1; then
-  dscl . -delete "/Users/$NAME" || {
-    echo "ERROR: failed to delete user record /Users/$NAME" >&2
-    exit 1
-  }
+# \`escapes\` is a plain setuid binary \u2014 opendirectoryd sees no audit/PAM
+# session attached (AUDIT_SESSION_ID=unset) and rejects DirectoryService
+# writes from this context: a bare \`sysadminctl -deleteUser\` or
+# \`dscl . -delete\` hangs ~5 minutes and exits with eUndefinedError -14987
+# at DSRecord.m:563. Passing explicit -adminUser/-adminPassword bypasses
+# opendirectoryd's implicit "is current session admin?" check and
+# authenticates against DirectoryService directly \u2014 the delete then
+# completes in ~1 second.
+if ! command -v sysadminctl >/dev/null 2>&1; then
+  echo "ERROR: sysadminctl not available; cannot delete user record." >&2
+  exit 1
+fi
+
+sysadminctl \\
+  -deleteUser "$NAME" \\
+  -adminUser "$ADMIN_USER" \\
+  -adminPassword "$ADMIN_PASSWORD"
+SYSAD_EC=$?
+unset ADMIN_PASSWORD
+
+if [ $SYSAD_EC -ne 0 ]; then
+  echo "ERROR: sysadminctl -deleteUser failed (exit=$SYSAD_EC)." >&2
+  echo "       Common causes: wrong admin password, admin user '$ADMIN_USER'" >&2
+  echo "       not in admin group, or target user '$NAME' is the last secure" >&2
+  echo "       token holder (run \\\`sysadminctl -secureTokenStatus $NAME\\\`)." >&2
+  exit 1
 fi
 
 # Verify the record is actually gone.
@@ -2122,14 +2139,20 @@ ${consequences.join("\n")}`);
       if (!escapes) {
         throw new CliError("`escapes` not found on PATH; OS teardown requires escapes.");
       }
+      const adminUser = userInfo().username;
+      const adminPassword = await collectAdminPassword({ adminUser, force: !!args.force });
       const scratch = mkdtempSync(join2(tmpdir(), `apes-destroy-${name}-`));
       const scriptPath = join2(scratch, "teardown.sh");
       try {
-        const script = buildDestroyTeardownScript({ name, homeDir: `/Users/${name}` });
+        const script = buildDestroyTeardownScript({ name, homeDir: `/Users/${name}`, adminUser });
         writeFileSync(scriptPath, script, { mode: 448 });
         consola18.start("Running teardown as root via `apes run --as root --wait`\u2026");
         consola18.info("You will be asked to approve the as=root grant in your DDISA inbox; this command blocks until you do.");
-        execFileSync3(apes, ["run", "--as", "root", "--wait", "--", "bash", scriptPath], { stdio: "inherit" });
+        execFileSync3(apes, ["run", "--as", "root", "--wait", "--", "bash", scriptPath], {
+          input: `${adminPassword}
+`,
+          stdio: ["pipe", "inherit", "inherit"]
+        });
       } finally {
         rmSync(scratch, { recursive: true, force: true });
       }
@@ -2139,6 +2162,21 @@ ${consequences.join("\n")}`);
     consola18.success(`Destroyed ${name}.`);
   }
 });
+async function collectAdminPassword(opts) {
+  const fromEnv = process.env.APES_ADMIN_PASSWORD;
+  if (fromEnv && fromEnv.length > 0) return fromEnv;
+  if (!process.stdin.isTTY) {
+    throw new CliError(
+      `Admin password required for sysadminctl -deleteUser. No TTY available for the silent prompt; set APES_ADMIN_PASSWORD in the environment (local admin password for ${opts.adminUser}). The teardown reads it from stdin and never stores it.`
+    );
+  }
+  consola18.info(`Local admin password for ${opts.adminUser} (used for sysadminctl -deleteUser; not stored):`);
+  const pw = await consola18.prompt("Admin password", { type: "text", mask: "*" });
+  if (typeof pw === "symbol" || !pw || pw.length === 0) {
+    throw new CliExit(0);
+  }
+  return pw;
+}
 
 // src/commands/agents/list.ts
 import { defineCommand as defineCommand21 } from "citty";
@@ -3770,7 +3808,7 @@ var mcpCommand = defineCommand32({
     if (transport !== "stdio" && transport !== "sse") {
       throw new Error('Transport must be "stdio" or "sse"');
     }
-    const { startMcpServer } = await import("./server-FO4XBTPU.js");
+    const { startMcpServer } = await import("./server-WBR7VEDY.js");
     await startMcpServer(transport, port);
   }
 });
@@ -4408,7 +4446,7 @@ async function bestEffortGrantCount(idp) {
   }
 }
 async function runHealth(args) {
-  const version = true ? "0.21.2" : "0.0.0";
+  const version = true ? "0.22.1" : "0.0.0";
   const auth = loadAuth();
   if (!auth) {
     throw new CliError("Not logged in. Run `apes login` first.", 1);
@@ -4600,6 +4638,77 @@ var workflowsCommand = defineCommand43({
   }
 });
 
+// src/version-check.ts
+import { existsSync as existsSync9, mkdirSync as mkdirSync2, readFileSync as readFileSync7, writeFileSync as writeFileSync6 } from "fs";
+import { homedir as homedir5 } from "os";
+import { join as join6 } from "path";
+import consola35 from "consola";
+var PACKAGE_NAME = "@openape/apes";
+var CACHE_TTL_MS = 24 * 60 * 60 * 1e3;
+var CACHE_FILE = join6(homedir5(), ".config", "apes", ".version-check.json");
+function readCache() {
+  if (!existsSync9(CACHE_FILE)) return null;
+  try {
+    return JSON.parse(readFileSync7(CACHE_FILE, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function writeCache(entry) {
+  try {
+    const dir = join6(homedir5(), ".config", "apes");
+    if (!existsSync9(dir)) mkdirSync2(dir, { recursive: true, mode: 448 });
+    writeFileSync6(CACHE_FILE, JSON.stringify(entry), { mode: 384 });
+  } catch {
+  }
+}
+function compareSemver(a, b) {
+  const pa = a.split(".").map(Number);
+  const pb = b.split(".").map(Number);
+  for (let i = 0; i < Math.max(pa.length, pb.length); i++) {
+    const x = pa[i] ?? 0;
+    const y = pb[i] ?? 0;
+    if (x !== y) return x - y;
+  }
+  return 0;
+}
+async function fetchLatestVersion() {
+  try {
+    const res = await fetch(`https://registry.npmjs.org/${encodeURIComponent(PACKAGE_NAME)}/latest`, {
+      headers: { Accept: "application/json" },
+      signal: AbortSignal.timeout(2e3)
+    });
+    if (!res.ok) return null;
+    const body = await res.json();
+    return typeof body.version === "string" ? body.version : null;
+  } catch {
+    return null;
+  }
+}
+function warnIfBehind(currentVersion, latest) {
+  if (compareSemver(currentVersion, latest) < 0) {
+    consola35.warn(
+      `apes ${currentVersion} is behind latest @openape/apes@${latest}. Run \`npm i -g @openape/apes@latest\` to update. (Suppress with APES_NO_UPDATE_CHECK=1.)`
+    );
+  }
+}
+async function maybeWarnStaleVersion(currentVersion) {
+  if (process.env.APES_NO_UPDATE_CHECK) return;
+  if (!currentVersion || currentVersion === "unknown") return;
+  const cached = readCache();
+  const now = Date.now();
+  if (cached) {
+    warnIfBehind(currentVersion, cached.latest);
+  }
+  if (!cached || now - cached.checkedAt >= CACHE_TTL_MS) {
+    const latest = await fetchLatestVersion();
+    if (latest) {
+      writeCache({ latest, checkedAt: now });
+      if (!cached) warnIfBehind(currentVersion, latest);
+    }
+  }
+}
+
 // src/cli.ts
 process.stdout.on("error", (err) => {
   if (err.code === "EPIPE") process.exit(0);
@@ -4610,10 +4719,10 @@ if (shellRewrite) {
   if (shellRewrite.action === "rewrite") {
     process.argv = shellRewrite.argv;
   } else if (shellRewrite.action === "version") {
-    console.log(`ape-shell ${"0.21.2"} (OpenApe DDISA shell wrapper)`);
+    console.log(`ape-shell ${"0.22.1"} (OpenApe DDISA shell wrapper)`);
     process.exit(0);
   } else if (shellRewrite.action === "help") {
-    console.log(`ape-shell ${"0.21.2"} \u2014 OpenApe DDISA shell wrapper`);
+    console.log(`ape-shell ${"0.22.1"} \u2014 OpenApe DDISA shell wrapper`);
     console.log("");
     console.log("Usage:");
     console.log("  ape-shell                 Start interactive grant-mediated REPL");
@@ -4671,7 +4780,7 @@ var configCommand = defineCommand44({
 var main = defineCommand44({
   meta: {
     name: "apes",
-    version: "0.21.2",
+    version: "0.22.1",
     description: "Unified CLI for OpenApe"
   },
   subCommands: {
@@ -4726,18 +4835,20 @@ async function maybeRefreshAuth() {
   }
 }
 await maybeRefreshAuth();
+await maybeWarnStaleVersion("0.22.1").catch(() => {
+});
 runMain(main).catch((err) => {
   if (err instanceof CliExit) {
     process.exit(err.exitCode);
   }
   if (err instanceof CliError) {
-    consola35.error(err.message);
+    consola36.error(err.message);
     process.exit(err.exitCode);
   }
   if (debug) {
-    consola35.error(err);
+    consola36.error(err);
   } else {
-    consola35.error(err instanceof ApiError ? err.message : err instanceof Error ? err.message : String(err));
+    consola36.error(err instanceof ApiError ? err.message : err instanceof Error ? err.message : String(err));
   }
   process.exit(1);
 });