@slock-ai/computer 0.0.2 → 0.0.4

package/dist/index.js

@@ -121,15 +121,18 @@ var ComputerAttachClient = class {
         resumed: body.resumed === true
       };
     }
-    const code = body && typeof body.code === "string" ? body.code : `http_${res.status}`;
-    if (res.status === 401 && code === "legacy_key_invalid") {
-      return { status: "legacy_key_invalid" };
+    const code = body && typeof body.code === "string" ? body.code : void 0;
+    if (res.status === 401) {
+      if (code === "legacy_key_invalid") return { status: "legacy_key_invalid" };
+      if (code === "auth_required") return { status: "auth_required" };
+      return { status: "unexpected_response", httpStatus: res.status, ...code ? { code } : {} };
     }
     if (res.status === 409 && code === "legacy_machine_key_migrated") {
       return { status: "legacy_machine_key_migrated" };
     }
     if (res.status === 403) return { status: "not_authorized" };
     if (res.status === 404) return { status: "disabled" };
+    if (!code) return { status: "unexpected_response", httpStatus: res.status };
     return { status: "error", code };
   }
   /**
@@ -306,13 +309,22 @@ function fail(code, message, exitCode = 1) {
   throw new CliExit(exitCode);
 }
 
+// src/serverUrl.ts
+var DEFAULT_SLOCK_SERVER_URL = "https://api.slock.ai";
+function resolveServerUrl(...candidates) {
+  for (const candidate of candidates) {
+    const value = candidate?.trim();
+    if (value) return value;
+  }
+  return DEFAULT_SLOCK_SERVER_URL;
+}
+
 // src/login.ts
 function sleep(ms) {
   return new Promise((r) => setTimeout(r, ms));
 }
 async function runLogin(opts) {
-  const baseUrl = (opts.serverUrl ?? process.env.SLOCK_SERVER_URL ?? "").trim();
-  if (!baseUrl) fail("MISSING_SERVER_URL", "Set SLOCK_SERVER_URL or pass --server-url <url>.");
+  const baseUrl = resolveServerUrl(opts.serverUrl, process.env.SLOCK_SERVER_URL);
   const client = new DeviceAuthClient(baseUrl);
   let grant;
   try {
@@ -482,10 +494,7 @@ async function runAttach(opts) {
       `User session at ${sessionFile} is invalid. Re-run \`slock-computer login\`.`
     );
   }
-  const baseUrl = (opts.serverUrl ?? session.serverUrl ?? process.env.SLOCK_SERVER_URL ?? "").trim();
-  if (!baseUrl) {
-    fail("MISSING_SERVER_URL", "Set SLOCK_SERVER_URL or pass --server-url <url>.");
-  }
+  const baseUrl = resolveServerUrl(opts.serverUrl, session.serverUrl, process.env.SLOCK_SERVER_URL);
   const client = new ComputerAttachClient(baseUrl, session.accessToken);
   const slugForServer = normalizeServerSlug(opts.serverSlug);
   if (!slugForServer) {
@@ -682,6 +691,43 @@ async function stopLegacyDaemonByOwnerFile(ownerFile) {
   }
   return { attempted: true, pid, outcome: "timed_out" };
 }
+async function readLegacyOwnerEvidence(ownerFile) {
+  let raw;
+  try {
+    raw = await readFile3(ownerFile, "utf8");
+  } catch {
+    return { ownerFile, reason: "owner_file_absent" };
+  }
+  let owner;
+  try {
+    owner = JSON.parse(raw);
+  } catch {
+    return { ownerFile, reason: "owner_json_unparseable" };
+  }
+  const pid = typeof owner.pid === "number" ? owner.pid : void 0;
+  return {
+    ownerFile,
+    pid,
+    alive: typeof pid === "number" ? isProcessAlive(pid) : void 0,
+    startedAt: typeof owner.startedAt === "string" ? owner.startedAt : void 0,
+    serverUrl: typeof owner.serverUrl === "string" ? owner.serverUrl : void 0,
+    reason: typeof pid === "number" ? void 0 : "owner_json_missing_pid"
+  };
+}
+function formatLegacyOwnerEvidence(slockHome, evidence) {
+  const fields = [
+    `SLOCK_HOME=${slockHome}`,
+    `owner=${evidence.ownerFile}`
+  ];
+  if (typeof evidence.pid === "number") {
+    fields.push(`pid=${evidence.pid}`);
+    if (typeof evidence.alive === "boolean") fields.push(`alive=${evidence.alive}`);
+  }
+  if (evidence.startedAt) fields.push(`startedAt=${evidence.startedAt}`);
+  if (evidence.serverUrl) fields.push(`serverUrl=${evidence.serverUrl}`);
+  if (evidence.reason) fields.push(`ownerStatus=${evidence.reason}`);
+  return fields.join(" ");
+}
 async function runAdoptLegacy(inputs) {
   const slockHome = resolveSlockHome();
   const sessionFile = userSessionPath(slockHome);
@@ -700,10 +746,7 @@ async function runAdoptLegacy(inputs) {
       `User session at ${sessionFile} is invalid. Re-run \`slock-computer login\`.`
     );
   }
-  const baseUrl = (inputs.serverUrl ?? session.serverUrl ?? process.env.SLOCK_SERVER_URL ?? "").trim();
-  if (!baseUrl) {
-    fail("MISSING_SERVER_URL", "Set SLOCK_SERVER_URL or pass --server-url <url>.");
-  }
+  const baseUrl = resolveServerUrl(inputs.serverUrl, session.serverUrl, process.env.SLOCK_SERVER_URL);
   const slugForServer = normalizeServerSlug(inputs.serverSlug);
   if (!slugForServer) {
     fail("ADOPT_NOT_AUTHORIZED", "Server slug must not be empty.");
@@ -715,6 +758,7 @@ async function runAdoptLegacy(inputs) {
   const client = new ComputerAttachClient(baseUrl, session.accessToken);
   const adoptStartedAt = /* @__PURE__ */ new Date();
   const legacyOwnerFile = legacyLockOwnerPath(slockHome, legacy.rawKey);
+  const ownerEvidence = await readLegacyOwnerEvidence(legacyOwnerFile);
   const result = await client.adoptLegacy(legacy.rawKey, inputs.name);
   legacy.rawKey = void 0;
   if (result.status === "disabled") {
@@ -740,7 +784,7 @@ async function runAdoptLegacy(inputs) {
     });
     fail(
       "LEGACY_KEY_INVALID",
-      "Server rejected the legacy api key (unknown / wrong server / malformed). Verify the key and --server-url."
+      `Server rejected the legacy api key (unknown / wrong server / malformed). Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Verify the key came from this SLOCK_HOME and server, or use a fresh isolated SLOCK_HOME for a clean Computer setup.`
     );
   }
   if (result.status === "legacy_machine_key_migrated") {
@@ -753,7 +797,20 @@ async function runAdoptLegacy(inputs) {
     });
     fail(
       "LEGACY_MACHINE_KEY_MIGRATED",
-      "This machine has already been adopted; the legacy key is no longer accepted. Use `slock-computer attach` to add another Computer attachment."
+      `This machine has already been adopted; the legacy key is no longer accepted. Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Use \`slock-computer attach\` to add another Computer attachment, or use a fresh isolated SLOCK_HOME for a clean setup.`
+    );
+  }
+  if (result.status === "auth_required") {
+    await appendAdoptionLog(slockHome, {
+      mode: legacy.mode,
+      redactedPrefix: legacy.redactedPrefix,
+      startedAt: adoptStartedAt,
+      outcome: "failed",
+      failureReason: "auth_required"
+    });
+    fail(
+      "ADOPT_AUTH_REQUIRED",
+      `Your Computer user session was rejected by the server before legacy adoption. Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Re-run \`slock-computer login\` for this server (use the same \`--server-url\` if not on production), then retry the adopt command. No local Computer state was written.`
     );
   }
   if (result.status === "not_authorized") {
@@ -769,6 +826,20 @@ async function runAdoptLegacy(inputs) {
       "Not authorized to adopt this machine on this server. Check that you are a current member."
     );
   }
+  if (result.status === "unexpected_response") {
+    await appendAdoptionLog(slockHome, {
+      mode: legacy.mode,
+      redactedPrefix: legacy.redactedPrefix,
+      startedAt: adoptStartedAt,
+      outcome: "failed",
+      failureReason: result.code ? `unexpected_response_${result.code}` : "unexpected_response_missing_code"
+    });
+    const responseDetail = result.code ? `status ${result.httpStatus}, code ${result.code}` : `status ${result.httpStatus}, missing error code`;
+    fail(
+      "ADOPT_UNEXPECTED_RESPONSE",
+      `Server returned an unexpected legacy adoption response (${responseDetail}). Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Please report this with the command, server URL, and SLOCK_HOME; no local Computer state was written.`
+    );
+  }
   if (result.status === "error") {
     await appendAdoptionLog(slockHome, {
       mode: legacy.mode,
@@ -777,7 +848,10 @@ async function runAdoptLegacy(inputs) {
       outcome: "failed",
       failureReason: result.code
     });
-    fail("ADOPT_FAILED", `Adoption failed (${result.code}).`);
+    fail(
+      "ADOPT_FAILED",
+      `Adoption failed at server exchange (${result.code}). Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Confirm the user session is valid, the legacy key belongs to this server/SLOCK_HOME, and the server URL is correct. No local Computer state was written.`
+    );
   }
   info(result.resumed ? "Adopted (resumed prior attachment); running preflight\u2026" : "Adopted; running preflight\u2026");
   const pre = await client.preflight(result.apiKey);
@@ -1663,7 +1737,7 @@ async function runSetup(opts, deps = {}) {
     if (!opts.adoptLegacy && liveLegacy) {
       fail(
         "LEGACY_DAEMON_RUNNING",
-        "A legacy daemon appears to be running in this SLOCK_HOME. Re-run with `--adopt-legacy` and a legacy key, or stop the legacy daemon before fresh setup."
+        `A legacy daemon appears to be running in ${slockHome}, so Computer setup stopped before creating a second attachment. To proceed: try the Computer beta in an isolated home with \`SLOCK_HOME=$HOME/.slock-computer-beta slock-computer setup ${label}\`; or stop the legacy daemon with \`pkill -f slock-daemon && rm -f ~/.slock/daemon.pid\`; or migrate the existing daemon with \`--adopt-legacy --legacy-api-key <key>\`.`
       );
     }
     if (opts.adoptLegacy && hasLegacyKey) {
@@ -1678,7 +1752,7 @@ async function runSetup(opts, deps = {}) {
     } else if (opts.adoptLegacy && liveLegacy) {
       fail(
         "LEGACY_DAEMON_RUNNING",
-        "A legacy daemon is running, but no legacy key was provided. Provide --legacy-api-key-file/--legacy-api-key/--legacy-api-key-stdin, or stop the legacy daemon before falling back to a fresh attach."
+        `A legacy daemon is running in ${slockHome}, but no legacy key was provided. To proceed: provide --legacy-api-key-file/--legacy-api-key/--legacy-api-key-stdin to adopt it; or stop the legacy daemon with \`pkill -f slock-daemon && rm -f ~/.slock/daemon.pid\`; or use an isolated home with \`SLOCK_HOME=$HOME/.slock-computer-beta slock-computer setup ${label}\` for a clean beta trial.`
       );
     } else {
       if (opts.adoptLegacy) {
@@ -3634,16 +3708,16 @@ function withCliExit(fn) {
   };
 }
 var program = new Command();
-program.name("slock-computer").description("Slock Computer \u2014 local-machine control plane (login + N per-server attachments).").version("0.0.1");
-program.command("login").description("Log in via device-code (one user identity per Computer / SLOCK_HOME).").option("--server-url <url>", "Slock API base URL; defaults to SLOCK_SERVER_URL").action(withCliExit(async (opts) => {
+program.name("slock-computer").description("Slock Computer \u2014 local-machine control plane (login + N per-server attachments).").version("0.0.3");
+program.command("login").description("Log in via device-code (one user identity per Computer / SLOCK_HOME).").option("--server-url <url>", `Slock API base URL; defaults to SLOCK_SERVER_URL or ${DEFAULT_SLOCK_SERVER_URL}`).action(withCliExit(async (opts) => {
   await runLogin({ serverUrl: opts.serverUrl });
 }));
-program.command("attach").argument("<serverSlug>", "target Slock server slug (canonical form `/myserver`; bare `myserver` accepted)").description("Attach this Computer to one Slock server (add-not-replace; multi-server OK).").option("--server-url <url>", "Slock API base URL; defaults to SLOCK_SERVER_URL").option("--name <name>", "Computer display name; defaults to a sanitized hostname").option("--no-run", "only authorize + write local state; do not start the supervisor").option("--foreground", "run the supervisor in this terminal instead of the background").action(withCliExit(async (serverSlug, opts) => {
+program.command("attach").argument("<serverSlug>", "target Slock server slug (canonical form `/myserver`; bare `myserver` accepted)").description("Attach this Computer to one Slock server (add-not-replace; multi-server OK).").option("--server-url <url>", `Slock API base URL; defaults to the saved user session, SLOCK_SERVER_URL, or ${DEFAULT_SLOCK_SERVER_URL}`).option("--name <name>", "Computer display name; defaults to a sanitized hostname").option("--no-run", "only authorize + write local state; do not start the supervisor").option("--foreground", "run the supervisor in this terminal instead of the background").action(withCliExit(async (serverSlug, opts) => {
   await withMutationLock(
     () => runAttach({ serverSlug, serverUrl: opts.serverUrl, name: opts.name, run: opts.run, foreground: opts.foreground })
   );
 }));
-program.command("setup").argument("<serverSlug>", "target Slock server slug (canonical form `/myserver`; bare `myserver` accepted)").description("Set up this Computer for one server: login if needed, attach/adopt if needed, then start.").option("--server-url <url>", "Slock API base URL; defaults to SLOCK_SERVER_URL or the saved user session").option("--name <name>", "Computer display name for a new attachment/adoption; defaults to a sanitized hostname").option("--adopt-legacy", "attempt one-time migration from a legacy daemon before fresh attach fallback").option("--legacy-api-key <key>", "legacy key for --adopt-legacy (migration-only; prefer file/stdin)").option("--legacy-api-key-file <path>", "path to a file containing the legacy key for --adopt-legacy").option("--legacy-api-key-stdin", "read the legacy key from stdin for --adopt-legacy").option("--no-start", "stop after login + attach/adopt; do not start the supervisor").option("--foreground", "run the supervisor in this terminal instead of the background").option("-y, --yes", "allow non-interactive setup after confirming the planned actions").action(
+program.command("setup").argument("<serverSlug>", "target Slock server slug (canonical form `/myserver`; bare `myserver` accepted)").description("Set up this Computer for one server: login if needed, attach/adopt if needed, then start.").option("--server-url <url>", `Slock API base URL; defaults to the saved user session, SLOCK_SERVER_URL, or ${DEFAULT_SLOCK_SERVER_URL}`).option("--name <name>", "Computer display name for a new attachment/adoption; defaults to a sanitized hostname").option("--adopt-legacy", "attempt one-time migration from a legacy daemon before fresh attach fallback").option("--legacy-api-key <key>", "legacy key for --adopt-legacy (migration-only; prefer file/stdin)").option("--legacy-api-key-file <path>", "path to a file containing the legacy key for --adopt-legacy").option("--legacy-api-key-stdin", "read the legacy key from stdin for --adopt-legacy").option("--no-start", "stop after login + attach/adopt; do not start the supervisor").option("--foreground", "run the supervisor in this terminal instead of the background").option("-y, --yes", "allow non-interactive setup after confirming the planned actions").action(
   withCliExit(async (serverSlug, opts) => {
     await withMutationLock(
       () => runSetup({
@@ -3663,7 +3737,7 @@ program.command("setup").argument("<serverSlug>", "target Slock server slug (can
 );
 program.command("adopt-legacy").argument("<serverSlug>", "target Slock server slug (the legacy machine's server)").description(
   "One-time migration: trade a legacy sk_machine_* / sk_daemon_* key for a fresh Computer attachment (sk_computer_*)."
-).option("--server-url <url>", "Slock API base URL; defaults to SLOCK_SERVER_URL").option("--name <name>", "name to record on the new Computer attachment (default: existing machine name)").option("--legacy-api-key <key>", "raw legacy key on argv (insecure on shared shells; prefer --legacy-api-key-file or stdin)").option("--legacy-api-key-file <path>", "path to a 0600 file containing the legacy key (one line)").option("--legacy-api-key-stdin", "read the legacy key from stdin").action(
+).option("--server-url <url>", `Slock API base URL; defaults to the saved user session, SLOCK_SERVER_URL, or ${DEFAULT_SLOCK_SERVER_URL}`).option("--name <name>", "name to record on the new Computer attachment (default: existing machine name)").option("--legacy-api-key <key>", "raw legacy key on argv (insecure on shared shells; prefer --legacy-api-key-file or stdin)").option("--legacy-api-key-file <path>", "path to a 0600 file containing the legacy key (one line)").option("--legacy-api-key-stdin", "read the legacy key from stdin").action(
   withCliExit(async (serverSlug, opts) => {
     await withMutationLock(
       () => runAdoptLegacy({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slock-ai/computer",
-  "version": "0.0.2",
+  "version": "0.0.4",
   "description": "Slock Computer — standalone human/local-machine control-plane CLI (login + attach). Distinct from the agent-facing @slock-ai/cli.",
   "type": "module",
   "bin": {
@@ -21,7 +21,7 @@
     "commander": "^12.1.0",
     "proper-lockfile": "^4.1.2",
     "undici": "^7.24.7",
-    "@slock-ai/daemon": "0.52.2"
+    "@slock-ai/daemon": "0.53.0"
   },
   "devDependencies": {
     "@types/node": "^25.5.0",