@slock-ai/computer 0.0.3 → 0.0.5

package/dist/index.js

@@ -68,15 +68,21 @@ var ComputerAttachClient = class {
   }
   /** POST /api/computer/attach — user-authed; issues sk_computer_*. */
   async attach(serverSlug, name) {
-    const res = await fetch2(this.url("/api/computer/attach"), {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Authorization: `Bearer ${this.accessToken}`
-      },
-      body: JSON.stringify({ serverSlug, name })
-    });
+    let res;
+    try {
+      res = await fetch2(this.url("/api/computer/attach"), {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${this.accessToken}`
+        },
+        body: JSON.stringify({ serverSlug, name })
+      });
+    } catch {
+      return { status: "error", code: "request_failed" };
+    }
     const body = await res.json().catch(() => null);
+    const code = body && typeof body.code === "string" ? body.code : void 0;
     if (res.status === 201 && body && typeof body.apiKey === "string") {
       return {
         status: "success",
@@ -89,9 +95,11 @@ var ComputerAttachClient = class {
     }
     if (res.status === 401) return { status: "error", code: "session_invalid" };
     if (res.status === 403) return { status: "not_authorized" };
-    if (res.status === 404) return { status: "disabled" };
-    const code = body && typeof body.code === "string" ? body.code : `http_${res.status}`;
-    return { status: "error", code };
+    if (res.status === 404) {
+      if (code === "not_authorized" || code === "server_not_found") return { status: "server_not_found" };
+      if (!code || code === "computer_attach_disabled") return { status: "disabled" };
+    }
+    return { status: "error", code: code ?? `http_${res.status}` };
   }
   /**
    * POST /api/computer/adopt-legacy — task #39 PR-J1 (RFC v8.2 §5.11).
@@ -121,15 +129,18 @@ var ComputerAttachClient = class {
         resumed: body.resumed === true
       };
     }
-    const code = body && typeof body.code === "string" ? body.code : `http_${res.status}`;
-    if (res.status === 401 && code === "legacy_key_invalid") {
-      return { status: "legacy_key_invalid" };
+    const code = body && typeof body.code === "string" ? body.code : void 0;
+    if (res.status === 401) {
+      if (code === "legacy_key_invalid") return { status: "legacy_key_invalid" };
+      if (code === "auth_required") return { status: "auth_required" };
+      return { status: "unexpected_response", httpStatus: res.status, ...code ? { code } : {} };
     }
     if (res.status === 409 && code === "legacy_machine_key_migrated") {
       return { status: "legacy_machine_key_migrated" };
     }
     if (res.status === 403) return { status: "not_authorized" };
     if (res.status === 404) return { status: "disabled" };
+    if (!code) return { status: "unexpected_response", httpStatus: res.status };
     return { status: "error", code };
   }
   /**
@@ -512,6 +523,12 @@ async function runAttach(opts) {
       "Not authorized to attach to that server. Check the server slug and that you're a member."
     );
   }
+  if (attached.status === "server_not_found") {
+    fail(
+      "ATTACH_SERVER_NOT_FOUND",
+      `Server ${formatServerSlugDisplay(slugForServer)} was not found on ${baseUrl}. Check the slug spelling and --server-url, then retry.`
+    );
+  }
   if (attached.status === "error") {
     if (attached.code === "session_invalid") {
       fail(
@@ -519,6 +536,12 @@ async function runAttach(opts) {
         "Your user session is no longer valid. Re-run `slock-computer login`."
       );
     }
+    if (attached.code === "request_failed") {
+      fail(
+        "ATTACH_REQUEST_FAILED",
+        `Could not reach ${baseUrl} while attaching to ${formatServerSlugDisplay(slugForServer)}. Check --server-url / network connectivity, then retry.`
+      );
+    }
     if (attached.code === "COMPUTER_NAME_COLLISION") {
       fail(
         "COMPUTER_NAME_COLLISION",
@@ -688,6 +711,43 @@ async function stopLegacyDaemonByOwnerFile(ownerFile) {
   }
   return { attempted: true, pid, outcome: "timed_out" };
 }
+async function readLegacyOwnerEvidence(ownerFile) {
+  let raw;
+  try {
+    raw = await readFile3(ownerFile, "utf8");
+  } catch {
+    return { ownerFile, reason: "owner_file_absent" };
+  }
+  let owner;
+  try {
+    owner = JSON.parse(raw);
+  } catch {
+    return { ownerFile, reason: "owner_json_unparseable" };
+  }
+  const pid = typeof owner.pid === "number" ? owner.pid : void 0;
+  return {
+    ownerFile,
+    pid,
+    alive: typeof pid === "number" ? isProcessAlive(pid) : void 0,
+    startedAt: typeof owner.startedAt === "string" ? owner.startedAt : void 0,
+    serverUrl: typeof owner.serverUrl === "string" ? owner.serverUrl : void 0,
+    reason: typeof pid === "number" ? void 0 : "owner_json_missing_pid"
+  };
+}
+function formatLegacyOwnerEvidence(slockHome, evidence) {
+  const fields = [
+    `SLOCK_HOME=${slockHome}`,
+    `owner=${evidence.ownerFile}`
+  ];
+  if (typeof evidence.pid === "number") {
+    fields.push(`pid=${evidence.pid}`);
+    if (typeof evidence.alive === "boolean") fields.push(`alive=${evidence.alive}`);
+  }
+  if (evidence.startedAt) fields.push(`startedAt=${evidence.startedAt}`);
+  if (evidence.serverUrl) fields.push(`serverUrl=${evidence.serverUrl}`);
+  if (evidence.reason) fields.push(`ownerStatus=${evidence.reason}`);
+  return fields.join(" ");
+}
 async function runAdoptLegacy(inputs) {
   const slockHome = resolveSlockHome();
   const sessionFile = userSessionPath(slockHome);
@@ -718,6 +778,7 @@ async function runAdoptLegacy(inputs) {
   const client = new ComputerAttachClient(baseUrl, session.accessToken);
   const adoptStartedAt = /* @__PURE__ */ new Date();
   const legacyOwnerFile = legacyLockOwnerPath(slockHome, legacy.rawKey);
+  const ownerEvidence = await readLegacyOwnerEvidence(legacyOwnerFile);
   const result = await client.adoptLegacy(legacy.rawKey, inputs.name);
   legacy.rawKey = void 0;
   if (result.status === "disabled") {
@@ -743,7 +804,7 @@ async function runAdoptLegacy(inputs) {
     });
     fail(
       "LEGACY_KEY_INVALID",
-      "Server rejected the legacy api key (unknown / wrong server / malformed). Verify the key and --server-url."
+      `Server rejected the legacy api key (unknown / wrong server / malformed). Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Verify the key came from this SLOCK_HOME and server, or use a fresh isolated SLOCK_HOME for a clean Computer setup.`
     );
   }
   if (result.status === "legacy_machine_key_migrated") {
@@ -756,7 +817,20 @@ async function runAdoptLegacy(inputs) {
     });
     fail(
       "LEGACY_MACHINE_KEY_MIGRATED",
-      "This machine has already been adopted; the legacy key is no longer accepted. Use `slock-computer attach` to add another Computer attachment."
+      `This machine has already been adopted; the legacy key is no longer accepted. Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Use \`slock-computer attach\` to add another Computer attachment, or use a fresh isolated SLOCK_HOME for a clean setup.`
+    );
+  }
+  if (result.status === "auth_required") {
+    await appendAdoptionLog(slockHome, {
+      mode: legacy.mode,
+      redactedPrefix: legacy.redactedPrefix,
+      startedAt: adoptStartedAt,
+      outcome: "failed",
+      failureReason: "auth_required"
+    });
+    fail(
+      "ADOPT_AUTH_REQUIRED",
+      `Your Computer user session was rejected by the server before legacy adoption. Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Re-run \`slock-computer login\` for this server (use the same \`--server-url\` if not on production), then retry the adopt command. No local Computer state was written.`
     );
   }
   if (result.status === "not_authorized") {
@@ -772,6 +846,21 @@ async function runAdoptLegacy(inputs) {
       "Not authorized to adopt this machine on this server. Check that you are a current member."
     );
   }
+  if (result.status === "unexpected_response") {
+    await appendAdoptionLog(slockHome, {
+      mode: legacy.mode,
+      redactedPrefix: legacy.redactedPrefix,
+      startedAt: adoptStartedAt,
+      outcome: "failed",
+      failureReason: result.code ? `unexpected_response_${result.code}` : "unexpected_response_missing_code"
+    });
+    const responseDetail = result.code ? `status ${result.httpStatus}, code ${result.code}` : `status ${result.httpStatus}, missing error code`;
+    const authHint = result.httpStatus === 401 ? " If your server may be on an older release that does not emit `code: auth_required`, re-run `slock-computer login` first to refresh your user session, then retry. If the issue persists, report it as server contract drift." : "";
+    fail(
+      "ADOPT_UNEXPECTED_RESPONSE",
+      `Server returned an unexpected legacy adoption response (${responseDetail}).${authHint} Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Please report this with the command, server URL, and SLOCK_HOME; no local Computer state was written.`
+    );
+  }
   if (result.status === "error") {
     await appendAdoptionLog(slockHome, {
       mode: legacy.mode,
@@ -780,7 +869,10 @@ async function runAdoptLegacy(inputs) {
       outcome: "failed",
       failureReason: result.code
     });
-    fail("ADOPT_FAILED", `Adoption failed (${result.code}).`);
+    fail(
+      "ADOPT_FAILED",
+      `Adoption failed at server exchange (${result.code}). Local legacy owner evidence for this key: ${formatLegacyOwnerEvidence(slockHome, ownerEvidence)}. Confirm the user session is valid, the legacy key belongs to this server/SLOCK_HOME, and the server URL is correct. No local Computer state was written.`
+    );
   }
   info(result.resumed ? "Adopted (resumed prior attachment); running preflight\u2026" : "Adopted; running preflight\u2026");
   const pre = await client.preflight(result.apiKey);
@@ -900,8 +992,9 @@ async function appendAdoptionLog(slockHome, line) {
 }
 
 // src/setup.ts
-import { readdir as readdir3, readFile as readFile6 } from "fs/promises";
-import { join as join3 } from "path";
+import { chmod as chmod4, mkdir as mkdir8, readdir as readdir3, readFile as readFile6, rename as rename3, rm as rm2, writeFile as writeFile7 } from "fs/promises";
+import { dirname as dirname8, join as join3 } from "path";
+import { fetch as fetch3 } from "undici";
 
 // src/supervisor.ts
 import { spawn as spawn2 } from "child_process";
@@ -1591,14 +1684,74 @@ async function bestEffortServerRevoke(serverUrl, apiKey, serverId) {
 }
 
 // src/setup.ts
+var USER_SESSION_EXPIRY_LEEWAY_MS = 3e4;
 async function hasValidUserSession(slockHome) {
   try {
     const parsed = JSON.parse(await readFile6(userSessionPath(slockHome), "utf8"));
-    return parsed.kind === "user-session" && typeof parsed.accessToken === "string" && parsed.accessToken.length > 0;
+    return parsed.kind === "user-session" && typeof parsed.accessToken === "string" && parsed.accessToken.length > 0 && !isJwtExpired(parsed.accessToken);
   } catch {
     return false;
   }
 }
+function isJwtExpired(token, nowMs = Date.now()) {
+  const [, payload] = token.split(".");
+  if (!payload) return false;
+  try {
+    const parsed = JSON.parse(Buffer.from(payload, "base64url").toString("utf8"));
+    return typeof parsed.exp === "number" && parsed.exp * 1e3 <= nowMs + USER_SESSION_EXPIRY_LEEWAY_MS;
+  } catch {
+    return false;
+  }
+}
+async function refreshUserSession(slockHome, serverUrl) {
+  const file = userSessionPath(slockHome);
+  let session;
+  try {
+    session = JSON.parse(await readFile6(file, "utf8"));
+  } catch {
+    return false;
+  }
+  if (session.kind !== "user-session" || typeof session.refreshToken !== "string" || session.refreshToken.length === 0) {
+    return false;
+  }
+  const baseUrl = resolveServerUrl(serverUrl, session.serverUrl, process.env.SLOCK_SERVER_URL);
+  const tmpFile = `${file}.${process.pid}.${Date.now()}.tmp`;
+  try {
+    const res = await fetch3(new URL("/api/auth/refresh", baseUrl).toString(), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ refreshToken: session.refreshToken })
+    });
+    const body = await res.json().catch(() => null);
+    if (res.status !== 200 || typeof body?.accessToken !== "string" || typeof body.refreshToken !== "string") {
+      return false;
+    }
+    await mkdir8(dirname8(file), { recursive: true });
+    await writeFile7(
+      tmpFile,
+      JSON.stringify(
+        {
+          kind: "user-session",
+          userId: session.userId,
+          accessToken: body.accessToken,
+          refreshToken: body.refreshToken,
+          serverUrl: baseUrl,
+          createdAt: session.createdAt ?? (/* @__PURE__ */ new Date()).toISOString(),
+          refreshedAt: (/* @__PURE__ */ new Date()).toISOString()
+        },
+        null,
+        2
+      ),
+      { mode: 384 }
+    );
+    await chmod4(tmpFile, 384);
+    await rename3(tmpFile, file);
+    return true;
+  } catch {
+    await rm2(tmpFile, { force: true }).catch(() => void 0);
+    return false;
+  }
+}
 async function hasLiveLegacyDaemon(slockHome) {
   let machineDirs;
   try {
@@ -1630,6 +1783,7 @@ async function runSetup(opts, deps = {}) {
   const attach = deps.runAttach ?? runAttach;
   const adopt = deps.runAdoptLegacy ?? runAdoptLegacy;
   const start = deps.runStart ?? runStart;
+  const refreshSession = deps.refreshUserSession ?? refreshUserSession;
   const legacyDaemonCheck = deps.hasLiveLegacyDaemon ?? hasLiveLegacyDaemon;
   if (!isTty && !opts.yes) {
     fail(
@@ -1646,13 +1800,18 @@ async function runSetup(opts, deps = {}) {
   const label = formatServerSlugDisplay(opts.serverSlug);
   info(`Setting up Slock Computer for ${label}\u2026`);
   if (!await hasValidUserSession(slockHome)) {
-    if (!isTty) {
-      fail(
-        "NON_INTERACTIVE_SETUP_REQUIRES_FLAGS",
-        "No user session is available and setup is running non-interactively. Run `slock-computer login` in a terminal first, then re-run setup with --yes."
-      );
+    if (await refreshSession(slockHome, opts.serverUrl)) {
+      info("User session: refreshed.");
+    } else {
+      if (!isTty) {
+        fail(
+          "NON_INTERACTIVE_SETUP_REQUIRES_FLAGS",
+          "No valid user session is available and setup is running non-interactively. Run `slock-computer login` in a terminal first, then re-run setup with --yes."
+        );
+      }
+      info("User session: missing or expired; starting login.");
+      await login({ serverUrl: opts.serverUrl });
     }
-    await login({ serverUrl: opts.serverUrl });
   } else {
     info("User session: already logged in.");
   }
@@ -1715,11 +1874,22 @@ async function runSetup(opts, deps = {}) {
 
 // src/status.ts
 import { readFile as readFile7 } from "fs/promises";
-async function readJsonSafe(path2) {
+async function readUserSession(path2) {
   try {
-    return JSON.parse(await readFile7(path2, "utf8"));
-  } catch {
-    return null;
+    const parsed = JSON.parse(await readFile7(path2, "utf8"));
+    if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+      return { state: "present", session: parsed, error: null };
+    }
+    return { state: "invalid", session: null, error: "not a JSON object" };
+  } catch (err) {
+    if (err && typeof err === "object" && "code" in err && err.code === "ENOENT") {
+      return { state: "missing", session: null, error: null };
+    }
+    return {
+      state: "invalid",
+      session: null,
+      error: err instanceof Error ? err.message : String(err)
+    };
   }
 }
 function str(v) {
@@ -1736,7 +1906,8 @@ async function deriveHealth(slockHome, serverId, daemon) {
 }
 async function buildStatusReport() {
   const slockHome = resolveSlockHome();
-  const session = await readJsonSafe(userSessionPath(slockHome));
+  const sessionRead = await readUserSession(userSessionPath(slockHome));
+  const session = sessionRead.session;
   const attachments = await listServerAttachments(slockHome);
   const supervisor = {
     ...await pidStatus(supervisorPidPath(slockHome)),
@@ -1762,6 +1933,7 @@ async function buildStatusReport() {
     loggedIn,
     userId: session ? str(session.userId) : null,
     loginServerUrl: session ? str(session.serverUrl) : null,
+    userSessionError: sessionRead.state === "invalid" ? sessionRead.error : null,
     supervisor,
     servers
   };
@@ -1777,8 +1949,9 @@ async function runStatus(opts) {
   }
   info("");
   info(`SLOCK_HOME:   ${report.slockHome}`);
+  const loginDetail = report.userSessionError ? "no \u2014 user session file is invalid; re-run `slock-computer login`" : report.loggedIn ? `yes (user ${report.userId ?? "?"})` : "no \u2014 run `slock-computer login`";
   info(
-    `Logged in:    ${report.loggedIn ? `yes (user ${report.userId ?? "?"})` : "no \u2014 run `slock-computer login`"}`
+    `Logged in:    ${loginDetail}`
   );
   if (report.loginServerUrl) info(`Login server: ${report.loginServerUrl}`);
   info(
@@ -1957,7 +2130,7 @@ async function runDoctorChecks() {
   const checks = [];
   checks.push({ name: "SLOCK_HOME", ok: true, detail: report.slockHome });
   checks.push(
-    report.loggedIn ? { name: "user session", ok: true, detail: `logged in (user ${report.userId ?? "?"})` } : { name: "user session", ok: false, detail: "not logged in \u2014 run `slock-computer login`" }
+    report.userSessionError ? { name: "user session", ok: false, detail: "invalid user session file \u2014 re-run `slock-computer login`" } : report.loggedIn ? { name: "user session", ok: true, detail: `logged in (user ${report.userId ?? "?"})` } : { name: "user session", ok: false, detail: "not logged in \u2014 run `slock-computer login`" }
   );
   checks.push(
     report.supervisor.running ? { name: "supervisor", ok: true, detail: `running (pid ${report.supervisor.pid})` } : {
@@ -2100,13 +2273,13 @@ async function runLogs(opts) {
 
 // src/concurrency.ts
 import lockfile from "proper-lockfile";
-import { mkdir as mkdir8 } from "fs/promises";
+import { mkdir as mkdir9 } from "fs/promises";
 import { join as join4 } from "path";
 var STALE_LOCK_THRESHOLD_MS = 6e4;
 async function withMutationLock(fn) {
   const slockHome = resolveSlockHome();
   const lockTarget = computerDir(slockHome);
-  await mkdir8(lockTarget, { recursive: true });
+  await mkdir9(lockTarget, { recursive: true });
   const lockfilePath = join4(lockTarget, ".lock");
   let release = null;
   try {
@@ -2144,8 +2317,8 @@ async function withMutationLock(fn) {
 }
 
 // src/channel.ts
-import { readFile as readFile9, writeFile as writeFile7, mkdir as mkdir9 } from "fs/promises";
-import { dirname as dirname8 } from "path";
+import { readFile as readFile9, writeFile as writeFile8, mkdir as mkdir10 } from "fs/promises";
+import { dirname as dirname9 } from "path";
 var DEFAULT_CHANNEL = "latest";
 var SEMVER_RE = /^\d+\.\d+\.\d+(-[\w.]+)?$/;
 function parseChannel(raw) {
@@ -2169,8 +2342,8 @@ async function readChannel(slockHome) {
 }
 async function writeChannel(slockHome, channel2) {
   const p = channelPath(slockHome);
-  await mkdir9(dirname8(p), { recursive: true });
-  await writeFile7(p, `${channel2}
+  await mkdir10(dirname9(p), { recursive: true });
+  await writeFile8(p, `${channel2}
 `, { mode: 384 });
 }
 async function runChannelShow(slockHome) {
@@ -2194,11 +2367,11 @@ async function runChannelSet(slockHome, raw) {
 // src/upgradeCli.ts
 import { readFile as readFile12 } from "fs/promises";
 import { fileURLToPath as fileURLToPath2 } from "url";
-import { dirname as dirname9, join as join7 } from "path";
+import { dirname as dirname10, join as join7 } from "path";
 
 // src/upgrade.ts
 import { spawn as spawn4 } from "child_process";
-import { mkdir as mkdir10, readFile as readFile11, writeFile as writeFile8, rm as rm2, rename as rename3 } from "fs/promises";
+import { mkdir as mkdir11, readFile as readFile11, writeFile as writeFile9, rm as rm3, rename as rename4 } from "fs/promises";
 import { join as join6 } from "path";
 import { createHash as createHash3 } from "crypto";
 
@@ -2476,7 +2649,7 @@ async function stagePhase(slockHome, version, deps = {}) {
   const npmPack = deps.npmPack ?? defaultNpmPack;
   const fsReadFile = deps.fsReadFile ?? readFile11;
   const stagedPath = upgradeStagingDir(slockHome, version);
-  await mkdir10(stagedPath, { recursive: true });
+  await mkdir11(stagedPath, { recursive: true });
   const packageRef = `@slock-ai/computer@${version}`;
   const result = await npmPack(stagedPath, packageRef);
   if (result.exitCode !== 0) {
@@ -2577,7 +2750,7 @@ async function defaultFetchAdvertisedHash(version) {
 }
 async function cleanupStaged(slockHome, version) {
   try {
-    await rm2(upgradeStagingDir(slockHome, version), { recursive: true, force: true });
+    await rm3(upgradeStagingDir(slockHome, version), { recursive: true, force: true });
   } catch {
   }
 }
@@ -2587,9 +2760,9 @@ function upgradeSnapshotPath(slockHome) {
 async function snapshotPhase(slockHome, snap) {
   const path2 = upgradeSnapshotPath(slockHome);
   const tmp = `${path2}.tmp`;
-  await mkdir10(computerDir(slockHome), { recursive: true });
-  await writeFile8(tmp, JSON.stringify(snap, null, 2), { mode: 384 });
-  await rename3(tmp, path2);
+  await mkdir11(computerDir(slockHome), { recursive: true });
+  await writeFile9(tmp, JSON.stringify(snap, null, 2), { mode: 384 });
+  await rename4(tmp, path2);
 }
 async function clearUpgradeSnapshot(slockHome) {
   try {
@@ -2600,7 +2773,7 @@ async function clearUpgradeSnapshot(slockHome) {
 }
 async function extractTarball(tarballPath, destDir, deps = {}) {
   const tarSpawn = deps.tarSpawn ?? defaultTarSpawn;
-  await mkdir10(destDir, { recursive: true });
+  await mkdir11(destDir, { recursive: true });
   const result = await tarSpawn(tarballPath, destDir);
   if (result.exitCode !== 0) {
     const err = new Error(
@@ -2629,8 +2802,8 @@ function defaultTarSpawn(tarballPath, destDir) {
   });
 }
 async function swapPhase(currentBinaryDir, stagedBinaryDir, deps = {}) {
-  const fsRename = deps.fsRename ?? rename3;
-  const fsRm = deps.fsRm ?? ((p) => rm2(p, { recursive: true, force: true }));
+  const fsRename = deps.fsRename ?? rename4;
+  const fsRm = deps.fsRm ?? ((p) => rm3(p, { recursive: true, force: true }));
   const prevBinaryDir = `${currentBinaryDir}.prev`;
   try {
     await fsRm(prevBinaryDir);
@@ -2652,8 +2825,8 @@ async function swapPhase(currentBinaryDir, stagedBinaryDir, deps = {}) {
   return { prevBinaryDir, newBinaryDir: currentBinaryDir };
 }
 async function rollbackSwap(currentBinaryDir, deps = {}) {
-  const fsRename = deps.fsRename ?? rename3;
-  const fsRm = deps.fsRm ?? ((p) => rm2(p, { recursive: true, force: true }));
+  const fsRename = deps.fsRename ?? rename4;
+  const fsRm = deps.fsRm ?? ((p) => rm3(p, { recursive: true, force: true }));
   const prevBinaryDir = `${currentBinaryDir}.prev`;
   try {
     await fsRm(currentBinaryDir);
@@ -2871,7 +3044,7 @@ async function cleanupSuccessPhase(slockHome, version, prevBinaryDir) {
   await cleanupStaged(slockHome, version);
   await clearUpgradeSnapshot(slockHome);
   try {
-    await rm2(prevBinaryDir, { recursive: true, force: true });
+    await rm3(prevBinaryDir, { recursive: true, force: true });
   } catch {
   }
 }
@@ -3284,7 +3457,7 @@ async function defaultFetchDistTags() {
 }
 function defaultCurrentBinaryDir() {
   const here = fileURLToPath2(import.meta.url);
-  return dirname9(dirname9(here));
+  return dirname10(dirname10(here));
 }
 async function defaultCurrentVersion() {
   const pkgPath = join7(defaultCurrentBinaryDir(), "package.json");
@@ -3300,7 +3473,7 @@ async function defaultCurrentVersion() {
 }
 
 // src/upgradeTestHarness.ts
-import { mkdir as mkdir11, readdir as readdir4, stat as stat3, writeFile as writeFile9 } from "fs/promises";
+import { mkdir as mkdir12, readdir as readdir4, stat as stat3, writeFile as writeFile10 } from "fs/promises";
 import { join as join8 } from "path";
 import { createHash as createHash4 } from "crypto";
 var PHASES = /* @__PURE__ */ new Set([
@@ -3359,7 +3532,7 @@ function buildSimulatedDeps(slockHome, opts) {
             return { tarballPath: "", exitCode: 1, stderr: "simulated stage failure" };
           }
           const filename = `slock-ai-computer-${targetVersion}.tgz`;
-          await writeFile9(join8(cwd, filename), tarballBytes);
+          await writeFile10(join8(cwd, filename), tarballBytes);
           return { tarballPath: join8(cwd, filename), exitCode: 0, stderr: "" };
         },
         fetchAdvertisedHash: async () => {
@@ -3371,8 +3544,8 @@ function buildSimulatedDeps(slockHome, opts) {
           if (opts.simulateFail === "extract") {
             return { exitCode: 1, stderr: "simulated extract failure" };
           }
-          await mkdir11(join8(destDir, "package"), { recursive: true });
-          await writeFile9(join8(destDir, "package", "marker.txt"), `NEW@${targetVersion}`);
+          await mkdir12(join8(destDir, "package"), { recursive: true });
+          await writeFile10(join8(destDir, "package", "marker.txt"), `NEW@${targetVersion}`);
           return { exitCode: 0, stderr: "" };
         },
         fsRename: opts.simulateFail === "swap" ? async () => {
@@ -3432,7 +3605,7 @@ function buildSimulatedDeps(slockHome, opts) {
 }
 async function arrangeSnapshotFailure(slockHome) {
   const snapshotPath = join8(slockHome, "computer", "upgrade-snapshot.json");
-  await mkdir11(snapshotPath, { recursive: true });
+  await mkdir12(snapshotPath, { recursive: true });
 }
 async function pathInfo(path2) {
   try {
@@ -3487,12 +3660,12 @@ async function runUpgradeTestHarness(slockHome, opts, writer = (s) => process.st
     process.exitCode = 1;
     return;
   }
-  await mkdir11(slockHome, { recursive: true });
+  await mkdir12(slockHome, { recursive: true });
   if (opts.simulateFail === "snapshot") {
     await arrangeSnapshotFailure(slockHome);
   }
   const { opts: upgradeOpts } = buildSimulatedDeps(slockHome, opts);
-  await mkdir11(upgradeOpts.currentBinaryDir, { recursive: true });
+  await mkdir12(upgradeOpts.currentBinaryDir, { recursive: true });
   let outcome;
   try {
     outcome = await runUpgrade(slockHome, upgradeOpts);
@@ -3529,9 +3702,9 @@ async function runUpgradeTestHarness(slockHome, opts, writer = (s) => process.st
 }
 
 // src/upgradeInstallSmoke.ts
-import { copyFile, mkdir as mkdir12, readFile as readFile13 } from "fs/promises";
+import { copyFile, mkdir as mkdir13, readFile as readFile13 } from "fs/promises";
 import { createHash as createHash5 } from "crypto";
-import { dirname as dirname10, isAbsolute, join as join9, resolve as pathResolve } from "path";
+import { dirname as dirname11, isAbsolute, join as join9, resolve as pathResolve } from "path";
 import { fileURLToPath as fileURLToPath3 } from "url";
 async function runUpgradeInstallSmoke(slockHome, opts, deps = {}) {
   if (typeof opts.packageTarball !== "string" || opts.packageTarball.trim().length === 0) {
@@ -3552,7 +3725,7 @@ async function runUpgradeInstallSmoke(slockHome, opts, deps = {}) {
   const spawnFreshSupervisor = deps.spawnFreshSupervisor ?? (async (h) => {
     await spawnDetachedSupervisor(h);
   });
-  await mkdir12(slockHome, { recursive: true });
+  await mkdir13(slockHome, { recursive: true });
   const outcome = await runUpgrade(slockHome, {
     targetVersion: opts.targetVersion,
     fromVersion,
@@ -3605,7 +3778,7 @@ async function runUpgradeInstallSmokeCli(slockHome, opts, writer = (s) => proces
 }
 function defaultCurrentBinaryDirLocal() {
   const here = fileURLToPath3(import.meta.url);
-  return dirname10(dirname10(here));
+  return dirname11(dirname11(here));
 }
 async function defaultCurrentVersionLocal() {
   const pkgPath = join9(defaultCurrentBinaryDirLocal(), "package.json");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slock-ai/computer",
-  "version": "0.0.3",
+  "version": "0.0.5",
   "description": "Slock Computer — standalone human/local-machine control-plane CLI (login + attach). Distinct from the agent-facing @slock-ai/cli.",
   "type": "module",
   "bin": {
@@ -21,7 +21,7 @@
     "commander": "^12.1.0",
     "proper-lockfile": "^4.1.2",
     "undici": "^7.24.7",
-    "@slock-ai/daemon": "0.52.2"
+    "@slock-ai/daemon": "0.53.0"
   },
   "devDependencies": {
     "@types/node": "^25.5.0",