npm - @ouro.bot/cli - Versions diffs - 0.1.0-alpha.371 → 0.1.0-alpha.373 - Mend

@ouro.bot/cli 0.1.0-alpha.371 → 0.1.0-alpha.373

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/changelog.json +16 -0
package/dist/heart/daemon/cli-defaults.js +19 -12
package/dist/heart/daemon/provider-discovery.js +26 -2
package/dist/repertoire/vault-unlock.js +4 -0
package/package.json +1 -1

package/changelog.json CHANGED Viewed

@@ -1,6 +1,22 @@
 {
   "_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
   "versions": [
+    {
+      "version": "0.1.0-alpha.373",
+      "changes": [
+        "SerpentGuide bootstrap now discovers provider credentials from unlockable installed agent vaults, so a new hatch can reuse sources such as `minimax from slugger's vault` without creating persistent SerpentGuide credentials.",
+        "SerpentGuide credential options now preserve provenance for installed-agent vault sources and env sources while keeping secret values out of terminal labels.",
+        "`@ouro.bot/cli` and the `ouro.bot` wrapper are version-synced for the SerpentGuide installed-agent credential discovery release."
+      ]
+    },
+    {
+      "version": "0.1.0-alpha.372",
+      "changes": [
+        "Locked-vault errors now explain that provider credentials are still stored in the agent vault and that this computer is missing usable local unlock material.",
+        "The locked-vault guidance now names common machine-local causes, including a new computer, local profile or hostname migration, and removed local unlock entries.",
+        "`@ouro.bot/cli` and the `ouro.bot` wrapper are version-synced for the locked-vault bootstrap copy release."
+      ]
+    },
     {
       "version": "0.1.0-alpha.371",
       "changes": [

package/dist/heart/daemon/cli-defaults.js CHANGED Viewed

@@ -247,10 +247,18 @@ async function defaultRunSerpentGuide() {
     const tempDir = path.join(os.tmpdir(), `ouro-hatch-${crypto.randomUUID()}`);
     try {
         const discovered = [];
-        const existingBundleCount = (0, specialist_orchestrator_1.listExistingBundles)((0, identity_1.getAgentBundlesRoot)()).length;
+        const existingBundles = (0, specialist_orchestrator_1.listExistingBundles)((0, identity_1.getAgentBundlesRoot)());
+        const existingBundleCount = existingBundles.length;
         const hatchVerb = existingBundleCount > 0 ? "let's hatch a new agent." : "let's hatch your first agent.";
         // Default models per provider (used when entering new credentials)
         const defaultModels = provider_models_1.DEFAULT_PROVIDER_MODELS;
+        const installedAgentCreds = await (0, provider_discovery_1.discoverInstalledAgentCredentials)(existingBundles);
+        for (const cred of installedAgentCreds) {
+            discovered.push({
+                ...cred,
+                providerConfig: { model: defaultModels[cred.provider], ...cred.providerConfig },
+            });
+        }
         // Scan environment variables for API keys using the shared helper
         const envCreds = (0, provider_discovery_1.scanEnvVarCredentials)(process.env);
         const envDiscovered = [];
@@ -268,21 +276,21 @@ async function defaultRunSerpentGuide() {
         if (discovered.length > 0) {
             process.stdout.write(`\n\ud83d\udc0d welcome to ouroboros! ${hatchVerb}\n`);
             process.stdout.write("i found existing API credentials:\n\n");
-            const unique = [...new Map(discovered.map((d) => [`${d.provider}`, d])).values()];
-            for (let i = 0; i < unique.length; i++) {
-                const model = unique[i].providerConfig.model || unique[i].providerConfig.deployment || "";
+            const credentialOptions = discovered;
+            for (let i = 0; i < credentialOptions.length; i++) {
+                const model = credentialOptions[i].providerConfig.model || credentialOptions[i].providerConfig.deployment || "";
                 const modelLabel = model ? `, ${model}` : "";
-                const envMatch = envDiscovered.find((e) => e.provider === unique[i].provider && unique[i].agentName === "env");
-                const sourceLabel = envMatch ? `from env: $${envMatch.envVar}` : `from ${unique[i].agentName}`;
-                process.stdout.write(`  ${i + 1}. ${unique[i].provider}${modelLabel} (${sourceLabel})\n`);
+                const envMatch = envDiscovered.find((e) => e.provider === credentialOptions[i].provider && credentialOptions[i].agentName === "env");
+                const sourceLabel = (0, provider_discovery_1.describeDiscoveredCredentialSource)(credentialOptions[i], envMatch?.envVar);
+                process.stdout.write(`  ${i + 1}. ${credentialOptions[i].provider}${modelLabel} (${sourceLabel})\n`);
             }
             process.stdout.write("\n");
             const choice = await coldPrompt("use one of these? enter number, or 'new' for a different key: ");
             const idx = parseInt(choice, 10) - 1;
-            if (idx >= 0 && idx < unique.length) {
-                providerRaw = unique[idx].provider;
-                credentials = unique[idx].credentials;
-                providerConfig = unique[idx].providerConfig;
+            if (idx >= 0 && idx < credentialOptions.length) {
+                providerRaw = credentialOptions[idx].provider;
+                credentials = credentialOptions[idx].credentials;
+                providerConfig = credentialOptions[idx].providerConfig;
             }
             else {
                 const pRaw = await coldPrompt("provider (anthropic/azure/minimax/openai-codex/github-copilot): ");
@@ -354,7 +362,6 @@ async function defaultRunSerpentGuide() {
             process.stdout.write(`credentials didn't work (${pingResult.message}). run 'ouro hatch' to try again.\n`);
             return null;
         }
-        const existingBundles = (0, specialist_orchestrator_1.listExistingBundles)(bundlesRoot);
         const systemPrompt = (0, specialist_prompt_1.buildSpecialistSystemPrompt)(soulText, identity.content, existingBundles, {
             tempDir,
             provider: providerRaw,

package/dist/heart/daemon/provider-discovery.js CHANGED Viewed

@@ -8,6 +8,8 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.scanEnvVarCredentials = scanEnvVarCredentials;
+exports.discoverInstalledAgentCredentials = discoverInstalledAgentCredentials;
+exports.describeDiscoveredCredentialSource = describeDiscoveredCredentialSource;
 exports.discoverWorkingProvider = discoverWorkingProvider;
 const identity_1 = require("../identity");
 const provider_credentials_1 = require("../provider-credentials");
@@ -45,14 +47,36 @@ function stringifyProviderFields(fields) {
     }
     return result;
 }
-function discoveredFromVaultRecord(record) {
+function discoveredFromVaultRecord(record, agentName = "vault") {
     return {
         provider: record.provider,
-        agentName: "vault",
+        agentName,
         credentials: stringifyProviderFields(record.credentials),
         providerConfig: stringifyProviderFields(record.config),
     };
 }
+async function discoverInstalledAgentCredentials(agentNames) {
+    const discovered = [];
+    for (const agentName of agentNames) {
+        if (agentName === "SerpentGuide")
+            continue;
+        const poolResult = await (0, provider_credentials_1.refreshProviderCredentialPool)(agentName, { preserveCachedOnFailure: true });
+        if (!poolResult.ok)
+            continue;
+        for (const record of Object.values(poolResult.pool.providers)) {
+            if (!record)
+                continue;
+            discovered.push(discoveredFromVaultRecord(record, agentName));
+        }
+    }
+    return discovered;
+}
+function describeDiscoveredCredentialSource(credential, envVar) {
+    if (credential.agentName === "env") {
+        return envVar ? `from env: $${envVar}` : "from env";
+    }
+    return `from ${credential.agentName}'s vault`;
+}
 async function discoverWorkingProvider(deps) {
     const poolResult = await (0, provider_credentials_1.refreshProviderCredentialPool)(deps.agentName);
     if (!poolResult.ok) {

package/dist/repertoire/vault-unlock.js CHANGED Viewed

@@ -106,6 +106,10 @@ function lockedMessage(config, store) {
         `Vault: ${vaultLabel(config)}`,
         `Local unlock store: ${store.kind} (${store.location})`,
         "",
+        "Provider credentials are still stored in the agent vault.",
+        "This computer does not currently have usable local unlock material for that vault.",
+        "This can happen on a new computer, after a local profile or hostname migration, or if the local unlock entry was removed.",
+        "",
         `Run \`${command}\` and enter the vault unlock secret from the operator password manager.`,
     ].join("\n");
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ouro.bot/cli",
-  "version": "0.1.0-alpha.371",
+  "version": "0.1.0-alpha.373",
   "main": "dist/heart/daemon/ouro-entry.js",
   "bin": {
     "cli": "dist/heart/daemon/ouro-bot-entry.js",