@ouro.bot/cli 0.1.0-alpha.384 → 0.1.0-alpha.386
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/changelog.json
CHANGED
|
@@ -1,6 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
|
|
3
3
|
"versions": [
|
|
4
|
+
{
|
|
5
|
+
"version": "0.1.0-alpha.386",
|
|
6
|
+
"changes": [
|
|
7
|
+
"`ouro vault recover --help` and `ouro help vault recover` now show the recovery-specific flags instead of generic vault help.",
|
|
8
|
+
"Nested command help now preserves subcommand words before flags, so help output can be specific to commands like `vault recover`.",
|
|
9
|
+
"`@ouro.bot/cli` and the `ouro.bot` wrapper are version-synced for the vault recovery help release."
|
|
10
|
+
]
|
|
11
|
+
},
|
|
12
|
+
{
|
|
13
|
+
"version": "0.1.0-alpha.385",
|
|
14
|
+
"changes": [
|
|
15
|
+
"`ouro up` provider-check repair hints for locked agent vaults now mention both normal unlock and lost-secret `ouro vault recover --agent <agent> --from <json>` recovery.",
|
|
16
|
+
"Provider health checks now share the locked-vault unlock-or-recover wording so compact degraded summaries do not send operators back to a secret they never saved.",
|
|
17
|
+
"`@ouro.bot/cli` and the `ouro.bot` wrapper are version-synced for the locked-vault repair-hint release."
|
|
18
|
+
]
|
|
19
|
+
},
|
|
4
20
|
{
|
|
5
21
|
"version": "0.1.0-alpha.384",
|
|
6
22
|
"changes": [
|
|
@@ -33,6 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.vaultUnlockOrRecoverFix = vaultUnlockOrRecoverFix;
|
|
36
37
|
exports.checkAgentConfig = checkAgentConfig;
|
|
37
38
|
exports.checkAgentConfigWithProviderHealth = checkAgentConfigWithProviderHealth;
|
|
38
39
|
const fs = __importStar(require("fs"));
|
|
@@ -238,7 +239,7 @@ function invalidPoolResult(agentName, lane, provider, model, pool) {
|
|
|
238
239
|
return {
|
|
239
240
|
ok: false,
|
|
240
241
|
error: `${lane} provider ${provider} model ${model} cannot read provider credentials because ${agentName}'s credential vault is locked on this machine.`,
|
|
241
|
-
fix:
|
|
242
|
+
fix: vaultUnlockOrRecoverFix(agentName),
|
|
242
243
|
};
|
|
243
244
|
}
|
|
244
245
|
if (pool.reason === "invalid") {
|
|
@@ -251,13 +252,20 @@ function invalidPoolResult(agentName, lane, provider, model, pool) {
|
|
|
251
252
|
return {
|
|
252
253
|
ok: false,
|
|
253
254
|
error: `${lane} provider ${provider} model ${model} cannot read provider credentials from ${agentName}'s vault at ${pool.poolPath}: ${pool.error}`,
|
|
254
|
-
fix:
|
|
255
|
+
fix: vaultUnlockOrRecoverFix(agentName, `Then run 'ouro up' again. If the credential is missing or stale after unlock or recovery, run 'ouro auth --agent ${agentName} --provider ${provider}'.`),
|
|
255
256
|
};
|
|
256
257
|
}
|
|
257
258
|
function isVaultLockedError(error) {
|
|
258
259
|
const normalized = error.toLowerCase();
|
|
259
260
|
return /(?:ouro )?credential vault is locked|vault(?: is)? locked/.test(normalized);
|
|
260
261
|
}
|
|
262
|
+
function vaultUnlockOrRecoverFix(agentName, nextStep = "Then run 'ouro up' again.") {
|
|
263
|
+
return [
|
|
264
|
+
`Run 'ouro vault unlock --agent ${agentName}' if you have the saved vault unlock secret.`,
|
|
265
|
+
`If nobody saved it, run 'ouro vault recover --agent ${agentName} --from <json>' with a local credential export.`,
|
|
266
|
+
nextStep,
|
|
267
|
+
].join(" ");
|
|
268
|
+
}
|
|
261
269
|
function failedPingResult(agentName, lane, provider, model, result) {
|
|
262
270
|
return {
|
|
263
271
|
ok: false,
|
|
@@ -229,6 +229,38 @@ exports.COMMAND_REGISTRY = {
|
|
|
229
229
|
subcommands: ["replay"],
|
|
230
230
|
},
|
|
231
231
|
};
|
|
232
|
+
const SUBCOMMAND_HELP = {
|
|
233
|
+
"vault create": {
|
|
234
|
+
description: "Create an agent credential vault and store local unlock material",
|
|
235
|
+
usage: "ouro vault create --agent <name> --email <email> [--server <url>] [--store <store>] [--generate-unlock-secret]",
|
|
236
|
+
example: "ouro vault create --agent ouroboros --email ouroboros@ouro.bot --generate-unlock-secret",
|
|
237
|
+
},
|
|
238
|
+
"vault recover": {
|
|
239
|
+
description: "Create a replacement agent vault and import local JSON credential exports",
|
|
240
|
+
usage: "ouro vault recover --agent <name> --from <json> [--from <json>] [--email <email>] [--server <url>] [--store <store>] [--generate-unlock-secret]",
|
|
241
|
+
example: "ouro vault recover --agent ouroboros --from ./credentials.json --generate-unlock-secret",
|
|
242
|
+
},
|
|
243
|
+
"vault unlock": {
|
|
244
|
+
description: "Unlock an existing agent credential vault on this machine",
|
|
245
|
+
usage: "ouro vault unlock --agent <name> [--store <store>]",
|
|
246
|
+
example: "ouro vault unlock --agent ouroboros",
|
|
247
|
+
},
|
|
248
|
+
"vault status": {
|
|
249
|
+
description: "Show whether this machine can unlock an agent credential vault",
|
|
250
|
+
usage: "ouro vault status --agent <name> [--store <store>]",
|
|
251
|
+
example: "ouro vault status --agent ouroboros",
|
|
252
|
+
},
|
|
253
|
+
"vault config set": {
|
|
254
|
+
description: "Write runtime configuration into the agent credential vault",
|
|
255
|
+
usage: "ouro vault config set --agent <name> --key <path> [--value <value>]",
|
|
256
|
+
example: "ouro vault config set --agent ouroboros --key senses/outlook/clientId",
|
|
257
|
+
},
|
|
258
|
+
"vault config status": {
|
|
259
|
+
description: "List runtime configuration keys stored in the agent credential vault",
|
|
260
|
+
usage: "ouro vault config status --agent <name>",
|
|
261
|
+
example: "ouro vault config status --agent ouroboros",
|
|
262
|
+
},
|
|
263
|
+
};
|
|
232
264
|
// ── Levenshtein distance ──
|
|
233
265
|
function levenshteinDistance(a, b) {
|
|
234
266
|
if (a.length === 0)
|
|
@@ -296,7 +328,7 @@ function getGroupedHelp() {
|
|
|
296
328
|
}
|
|
297
329
|
// ── Per-command help ──
|
|
298
330
|
function getCommandHelp(name) {
|
|
299
|
-
const entry = exports.COMMAND_REGISTRY[name];
|
|
331
|
+
const entry = SUBCOMMAND_HELP[name] ?? exports.COMMAND_REGISTRY[name];
|
|
300
332
|
if (!entry)
|
|
301
333
|
return null;
|
|
302
334
|
const lines = [
|
|
@@ -42,6 +42,17 @@ function facingToProviderLane(facing) {
|
|
|
42
42
|
function isProviderLane(value) {
|
|
43
43
|
return value === "outward" || value === "inner";
|
|
44
44
|
}
|
|
45
|
+
function helpCommandName(args) {
|
|
46
|
+
const positional = [];
|
|
47
|
+
for (const arg of args) {
|
|
48
|
+
if (arg === "--help" || arg === "-h")
|
|
49
|
+
break;
|
|
50
|
+
if (arg.startsWith("-"))
|
|
51
|
+
break;
|
|
52
|
+
positional.push(arg);
|
|
53
|
+
}
|
|
54
|
+
return positional.length > 0 ? positional.join(" ") : undefined;
|
|
55
|
+
}
|
|
45
56
|
function extractLaneFlag(args) {
|
|
46
57
|
const idx = args.indexOf("--lane");
|
|
47
58
|
if (idx === -1 || idx + 1 >= args.length)
|
|
@@ -932,11 +943,13 @@ function parseOuroCommand(args) {
|
|
|
932
943
|
return { kind: "daemon.up" };
|
|
933
944
|
// ── help command ──
|
|
934
945
|
if (head === "help") {
|
|
935
|
-
|
|
946
|
+
const command = helpCommandName(args.slice(1));
|
|
947
|
+
return command ? { kind: "help", command } : { kind: "help" };
|
|
936
948
|
}
|
|
937
949
|
// ── per-command --help ──
|
|
938
|
-
if (args.includes("--help")) {
|
|
939
|
-
|
|
950
|
+
if (args.includes("--help") || args.includes("-h")) {
|
|
951
|
+
const command = helpCommandName(args);
|
|
952
|
+
return command ? { kind: "help", command } : { kind: "help" };
|
|
940
953
|
}
|
|
941
954
|
if (head === "--agent" && second) {
|
|
942
955
|
return parseOuroCommand(args.slice(2));
|