@openape/apes 1.14.0 → 1.16.0

package/dist/cli.js

@@ -2643,6 +2643,12 @@ if dscl . -read "/Users/$NAME" >/dev/null 2>&1; then
   exit 1
 fi
 
+# Phase G: agent home dirs live under /var/openape/homes/, not
+# /Users/. Pre-create the parent and chmod it world-traversable
+# so per-agent dirs can be reached by their respective uids.
+mkdir -p /var/openape/homes
+chmod 755 /var/openape/homes
+
 # Pick the next free UID in the [200, 500) hidden service-account range.
 # Starts the running max at 199 so an empty range yields 200 after the
 # floor check; otherwise NEXT_UID = max(existing in-range UIDs) + 1.
@@ -2707,6 +2713,35 @@ mkdir -p "$HOME_DIR/Library/Logs" "$HOME_DIR/.openape/agent/tasks"
 function buildTroopBootstrapBlock(_troop, _name) {
   return "";
 }
+function buildPhaseGTeardownScript(input) {
+  const { name, homeDir } = input;
+  return `#!/bin/bash
+set -u
+
+NAME=${shQuote(name)}
+HOME_DIR=${shQuote(homeDir)}
+
+UID_OF=$(dscl . -read "/Users/$NAME" UniqueID 2>/dev/null | awk '/UniqueID:/ {print $2}')
+
+if [ -n "$UID_OF" ]; then
+  launchctl bootout "user/$UID_OF" 2>/dev/null || true
+  pkill -9 -u "$UID_OF" 2>/dev/null || true
+fi
+
+# Per-agent ecosystem files written by the Nest's pm2-supervisor.
+rm -rf "/var/openape/agents/$NAME"
+
+# Home dir lives under /var/openape/homes/ \u2014 no FDA wall, root can
+# remove directly.
+if [ -d "$HOME_DIR" ] && [ "$HOME_DIR" != "/" ] && [ "$HOME_DIR" != "" ]; then
+  rm -rf "$HOME_DIR"
+fi
+
+# dscl record stays as a tombstone. Operators run
+# \`sudo sysadminctl -deleteUser $NAME\` to fully clean up if desired.
+echo "OK Phase-G teardown done for $NAME (dscl record kept as tombstone)"
+`;
+}
 function buildDestroyTeardownScript(input) {
   const { name, homeDir, adminUser } = input;
   return `#!/bin/bash
@@ -2846,10 +2881,12 @@ function readMacOSUser(name) {
   }
   const uidMatch = output.match(/UniqueID:\s*(\d+)/);
   const shellMatch = output.match(/UserShell:\s*(\S.*)$/m);
+  const homeMatch = output.match(/NFSHomeDirectory:\s*(\S.*)$/m);
   return {
     name,
     uid: uidMatch ? Number.parseInt(uidMatch[1], 10) : null,
-    shell: shellMatch ? shellMatch[1].trim() : null
+    shell: shellMatch ? shellMatch[1].trim() : null,
+    homeDir: homeMatch ? homeMatch[1].trim() : null
   };
 }
 function listMacOSUserNames() {
@@ -3107,14 +3144,18 @@ var destroyAgentCommand = defineCommand21({
     const owned = await apiFetch("/api/my-agents", { idp });
     const idpAgent = owned.find((u) => u.name === name);
     const idpExists = idpAgent !== void 0;
-    const osUserExists = !args["keep-os-user"] && isDarwin() && readMacOSUser(name) !== null;
+    const osUser = isDarwin() ? readMacOSUser(name) : null;
+    const osUserExists = !args["keep-os-user"] && osUser !== null;
     if (!idpExists && !osUserExists) {
       consola19.info(`Nothing to destroy: no IdP agent and no OS user named "${name}".`);
       return;
     }
     if (!args.force) {
       const consequences = [];
-      if (osUserExists) consequences.push(`\u2022 Remove macOS user ${name} and rm -rf /Users/${name}`);
+      if (osUserExists) {
+        const home = osUser?.homeDir ?? `/Users/${name}`;
+        consequences.push(`\u2022 Remove macOS user ${name} and rm -rf ${home}`);
+      }
       if (idpExists) {
         consequences.push(args.soft ? `\u2022 Deactivate IdP agent ${idpAgent.email} (PATCH isActive=false)` : `\u2022 Hard-delete IdP agent ${idpAgent.email} and all its SSH keys`);
       }
@@ -3143,26 +3184,42 @@ ${consequences.join("\n")}`);
       consola19.info("No IdP agent to remove (skipped).");
     }
     if (osUserExists) {
-      const sudo = whichBinary("sudo");
-      if (!sudo) {
-        throw new CliError("`sudo` not found on PATH; required for OS teardown.");
-      }
-      const adminUser = userInfo().username;
-      const adminPassword = await collectAdminPassword({ adminUser });
-      const scratch = mkdtempSync(join3(tmpdir(), `apes-destroy-${name}-`));
-      const scriptPath = join3(scratch, "teardown.sh");
-      try {
-        const script = buildDestroyTeardownScript({ name, homeDir: `/Users/${name}`, adminUser });
-        writeFileSync2(scriptPath, script, { mode: 448 });
-        consola19.start("Running teardown via sudo\u2026");
-        execFileSync4(sudo, ["-S", "--prompt=", "--", "bash", scriptPath], {
-          input: `${adminPassword}
+      const homeDir = osUser?.homeDir ?? `/Users/${name}`;
+      const isPhaseG = homeDir.startsWith("/var/openape/homes/");
+      if (isPhaseG) {
+        const scratch = mkdtempSync(join3(tmpdir(), `apes-destroy-${name}-`));
+        const scriptPath = join3(scratch, "teardown.sh");
+        try {
+          const script = buildPhaseGTeardownScript({ name, homeDir });
+          writeFileSync2(scriptPath, script, { mode: 448 });
+          consola19.start("Running teardown (Phase G \u2014 no admin password needed)\u2026");
+          execFileSync4("apes", ["run", "--as", "root", "--wait", "--", "bash", scriptPath], { stdio: "inherit" });
+        } finally {
+          rmSync(scratch, { recursive: true, force: true });
+        }
+        consola19.info(`dscl record /Users/${name} kept as tombstone (hidden, no home). Run \`sudo sysadminctl -deleteUser ${name}\` to fully remove.`);
+      } else {
+        const sudo = whichBinary("sudo");
+        if (!sudo) {
+          throw new CliError("`sudo` not found on PATH; required for OS teardown.");
+        }
+        const adminUser = userInfo().username;
+        const adminPassword = await collectAdminPassword({ adminUser });
+        const scratch = mkdtempSync(join3(tmpdir(), `apes-destroy-${name}-`));
+        const scriptPath = join3(scratch, "teardown.sh");
+        try {
+          const script = buildDestroyTeardownScript({ name, homeDir, adminUser });
+          writeFileSync2(scriptPath, script, { mode: 448 });
+          consola19.start("Running teardown via sudo\u2026");
+          execFileSync4(sudo, ["-S", "--prompt=", "--", "bash", scriptPath], {
+            input: `${adminPassword}
 ${adminPassword}
 `,
-          stdio: ["pipe", "inherit", "inherit"]
-        });
-      } finally {
-        rmSync(scratch, { recursive: true, force: true });
+            stdio: ["pipe", "inherit", "inherit"]
+          });
+        } finally {
+          rmSync(scratch, { recursive: true, force: true });
+        }
       }
     } else if (!args["keep-os-user"] && isDarwin()) {
       consola19.info("No macOS user to remove (skipped).");
@@ -3215,13 +3272,17 @@ var listAgentsCommand = defineCommand22({
     const all = await apiFetch("/api/my-agents", { idp });
     const filtered = args["include-inactive"] ? all : all.filter((u) => u.isActive !== false);
     const osUsers = isDarwin() ? listMacOSUserNames() : /* @__PURE__ */ new Set();
-    const home = (name) => `/Users/${name}`;
+    const homeOf = (name) => {
+      if (!osUsers.has(name)) return null;
+      const u = readMacOSUser(name);
+      return u?.homeDir ?? `/Users/${name}`;
+    };
     const rows = filtered.map((u) => ({
       name: u.name,
       email: u.email,
       isActive: u.isActive !== false,
       osUser: osUsers.has(u.name),
-      home: osUsers.has(u.name) ? home(u.name) : null
+      home: homeOf(u.name)
     }));
     if (args.json) {
       process.stdout.write(`${JSON.stringify(rows, null, 2)}
@@ -4029,7 +4090,7 @@ and try again.`
     if (existing) {
       throw new CliError(`macOS user "${name}" already exists (uid=${existing.uid ?? "?"}). Refusing to overwrite.`);
     }
-    const homeDir = `/Users/${name}`;
+    const homeDir = `/var/openape/homes/${name}`;
     const scratch = mkdtempSync2(join7(tmpdir2(), `apes-spawn-${name}-`));
     const scriptPath = join7(scratch, "setup.sh");
     try {
@@ -6306,7 +6367,7 @@ var mcpCommand = defineCommand48({
     if (transport !== "stdio" && transport !== "sse") {
       throw new Error('Transport must be "stdio" or "sse"');
     }
-    const { startMcpServer } = await import("./server-P2XXAHS5.js");
+    const { startMcpServer } = await import("./server-FVFFPVVN.js");
     await startMcpServer(transport, port);
   }
 });
@@ -6944,7 +7005,7 @@ async function bestEffortGrantCount(idp) {
   }
 }
 async function runHealth(args) {
-  const version = true ? "1.14.0" : "0.0.0";
+  const version = true ? "1.16.0" : "0.0.0";
   const auth = loadAuth();
   if (!auth) {
     throw new CliError("Not logged in. Run `apes login` first.", 1);
@@ -7217,10 +7278,10 @@ if (shellRewrite) {
   if (shellRewrite.action === "rewrite") {
     process.argv = shellRewrite.argv;
   } else if (shellRewrite.action === "version") {
-    console.log(`ape-shell ${"1.14.0"} (OpenApe DDISA shell wrapper)`);
+    console.log(`ape-shell ${"1.16.0"} (OpenApe DDISA shell wrapper)`);
     process.exit(0);
   } else if (shellRewrite.action === "help") {
-    console.log(`ape-shell ${"1.14.0"} \u2014 OpenApe DDISA shell wrapper`);
+    console.log(`ape-shell ${"1.16.0"} \u2014 OpenApe DDISA shell wrapper`);
     console.log("");
     console.log("Usage:");
     console.log("  ape-shell                 Start interactive grant-mediated REPL");
@@ -7278,7 +7339,7 @@ var configCommand = defineCommand60({
 var main = defineCommand60({
   meta: {
     name: "apes",
-    version: "1.14.0",
+    version: "1.16.0",
     description: "Unified CLI for OpenApe"
   },
   subCommands: {
@@ -7335,7 +7396,7 @@ async function maybeRefreshAuth() {
   }
 }
 await maybeRefreshAuth();
-await maybeWarnStaleVersion("1.14.0").catch(() => {
+await maybeWarnStaleVersion("1.16.0").catch(() => {
 });
 runMain(main).catch((err) => {
   if (err instanceof CliExit) {