@textcortex/zenocode 0.1.9 → 0.1.11

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@textcortex/zenocode",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "description": "Secure, EU-hosted coding agent for TextCortex customers that runs in your terminal, edits files, runs scripts, and more.",
   "keywords": [
     "ai",
@@ -30,6 +30,7 @@
   "scripts": {
     "build-branded-opencode": "node scripts/build-branded-opencode.mjs",
     "prepare-config": "node scripts/run-zenocode.mjs --prepare-only",
+    "prepare-release-version": "node scripts/prepare-release-version.mjs",
     "dev": "node scripts/run-zenocode.mjs",
     "login": "node scripts/run-zenocode.mjs login",
     "logout": "node scripts/run-zenocode.mjs logout"

package/scripts/build-branded-opencode.mjs

@@ -237,6 +237,14 @@ async function packPackage(packageDir) {
   return path.join(packageDir, tarballs[tarballs.length - 1]);
 }
 
+export function buildPublishCommandArgs(tarballPath, { tag } = {}) {
+  const args = ["publish", tarballPath, "--access", "public"];
+  if (tag) {
+    args.push("--tag", tag);
+  }
+  return args;
+}
+
 async function publishTarballIfNeeded(packageName, version, tarballPath, cwd) {
   if (!publishEnabled) return { published: false, skipped: false };
 
@@ -254,11 +262,7 @@ async function publishTarballIfNeeded(packageName, version, tarballPath, cwd) {
   }
 
   const npmCommand = _command("npm");
-  await run(
-    npmCommand,
-    ["publish", tarballPath, "--access", "public", "--tag", publishTag, "--provenance"],
-    { cwd },
-  );
+  await run(npmCommand, buildPublishCommandArgs(tarballPath, { tag: publishTag }), { cwd });
   return { published: true, skipped: false };
 }
 

package/scripts/build-branded-opencode.test.mjs

@@ -1,6 +1,7 @@
 import assert from "node:assert/strict";
 import test from "node:test";
 import {
+  buildPublishCommandArgs,
   buildWrapperBinMap,
   mapBrandedBinaryPackageName,
 } from "./build-branded-opencode.mjs";
@@ -23,3 +24,23 @@ test("buildWrapperBinMap includes package, opencode, and zenocode entrypoints",
     zenocode: "./bin/opencode",
   });
 });
+
+test("buildPublishCommandArgs omits npm provenance for runtime tarball publishing", () => {
+  assert.deepEqual(buildPublishCommandArgs("package.tgz", { tag: "latest" }), [
+    "publish",
+    "package.tgz",
+    "--access",
+    "public",
+    "--tag",
+    "latest",
+  ]);
+});
+
+test("buildPublishCommandArgs omits tag arguments when no tag is provided", () => {
+  assert.deepEqual(buildPublishCommandArgs("package.tgz"), [
+    "publish",
+    "package.tgz",
+    "--access",
+    "public",
+  ]);
+});

package/scripts/prepare-release-version.mjs

@@ -0,0 +1,164 @@
+#!/usr/bin/env node
+import fs from "node:fs/promises";
+import path from "node:path";
+import process from "node:process";
+import { fileURLToPath } from "node:url";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const defaultPackageJsonPath = path.resolve(__dirname, "..", "package.json");
+
+export function parseSemver(value) {
+  const match = value.match(/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+.*)?$/);
+  if (!match) {
+    throw new Error(`Invalid semver: ${value}`);
+  }
+  return {
+    major: Number(match[1]),
+    minor: Number(match[2]),
+    patch: Number(match[3]),
+    prerelease: match[4] ?? null,
+  };
+}
+
+export function compareSemver(left, right) {
+  const lhs = parseSemver(left);
+  const rhs = parseSemver(right);
+
+  for (const key of ["major", "minor", "patch"]) {
+    if (lhs[key] > rhs[key]) return 1;
+    if (lhs[key] < rhs[key]) return -1;
+  }
+
+  if (lhs.prerelease === rhs.prerelease) return 0;
+  if (lhs.prerelease === null) return 1;
+  if (rhs.prerelease === null) return -1;
+
+  const leftParts = lhs.prerelease.split(".");
+  const rightParts = rhs.prerelease.split(".");
+  const length = Math.max(leftParts.length, rightParts.length);
+  for (let index = 0; index < length; index += 1) {
+    const leftPart = leftParts[index];
+    const rightPart = rightParts[index];
+    if (leftPart === undefined) return -1;
+    if (rightPart === undefined) return 1;
+    const leftNumeric = /^\d+$/.test(leftPart);
+    const rightNumeric = /^\d+$/.test(rightPart);
+    if (leftNumeric && rightNumeric) {
+      const leftValue = Number(leftPart);
+      const rightValue = Number(rightPart);
+      if (leftValue > rightValue) return 1;
+      if (leftValue < rightValue) return -1;
+      continue;
+    }
+    if (leftNumeric && !rightNumeric) return -1;
+    if (!leftNumeric && rightNumeric) return 1;
+    if (leftPart > rightPart) return 1;
+    if (leftPart < rightPart) return -1;
+  }
+
+  return 0;
+}
+
+export function incrementPatchVersion(version) {
+  const parsed = parseSemver(version);
+  return `${parsed.major}.${parsed.minor}.${parsed.patch + 1}`;
+}
+
+export function resolveReleaseVersion(localVersion, publishedVersion) {
+  if (!publishedVersion) {
+    return localVersion;
+  }
+
+  const comparison = compareSemver(localVersion, publishedVersion);
+  if (comparison > 0) {
+    return localVersion;
+  }
+
+  return incrementPatchVersion(publishedVersion);
+}
+
+export async function prepareReleasePackageVersion({
+  packageJsonPath = defaultPackageJsonPath,
+  publishedVersion = null,
+} = {}) {
+  const packageJson = JSON.parse(await fs.readFile(packageJsonPath, "utf-8"));
+  const packageName = String(packageJson.name || "").trim();
+  const localVersion = String(packageJson.version || "").trim();
+
+  if (!packageName) {
+    throw new Error(`Missing package name in ${packageJsonPath}`);
+  }
+  if (!localVersion) {
+    throw new Error(`Missing package version in ${packageJsonPath}`);
+  }
+
+  parseSemver(localVersion);
+  if (publishedVersion) {
+    parseSemver(publishedVersion);
+  }
+
+  const nextVersion = resolveReleaseVersion(localVersion, publishedVersion);
+  const updated = nextVersion !== localVersion;
+
+  if (updated) {
+    packageJson.version = nextVersion;
+    await fs.writeFile(packageJsonPath, `${JSON.stringify(packageJson, null, 2)}\n`, "utf-8");
+  }
+
+  return {
+    packageName,
+    localVersion,
+    nextVersion,
+    publishedVersion,
+    updated,
+  };
+}
+
+export function parseArgs(argv) {
+  const options = {
+    packageJsonPath: defaultPackageJsonPath,
+    publishedVersion: null,
+  };
+
+  for (let index = 0; index < argv.length; index += 1) {
+    const arg = argv[index];
+    if (arg === "--package-json") {
+      if (!argv[index + 1]) {
+        throw new Error("--package-json requires a value");
+      }
+      options.packageJsonPath = path.resolve(argv[index + 1]);
+      index += 1;
+      continue;
+    }
+    if (arg === "--published-version") {
+      options.publishedVersion = (argv[index + 1] || "").trim() || null;
+      index += 1;
+      continue;
+    }
+    throw new Error(`Unknown argument: ${arg}`);
+  }
+
+  return options;
+}
+
+async function main() {
+  const result = await prepareReleasePackageVersion(parseArgs(process.argv.slice(2)));
+  console.log(
+    JSON.stringify(
+      {
+        package_name: result.packageName,
+        local_version: result.localVersion,
+        next_version: result.nextVersion,
+        published_version: result.publishedVersion,
+        updated: result.updated,
+      },
+      null,
+      2,
+    ),
+  );
+}
+
+const invokedPath = process.argv[1] ? path.resolve(process.argv[1]) : "";
+if (invokedPath === fileURLToPath(import.meta.url)) {
+  await main();
+}

package/scripts/prepare-release-version.test.mjs

@@ -0,0 +1,96 @@
+import assert from "node:assert/strict";
+import fs from "node:fs/promises";
+import os from "node:os";
+import path from "node:path";
+import test from "node:test";
+
+import {
+  parseArgs,
+  prepareReleasePackageVersion,
+  resolveReleaseVersion,
+} from "./prepare-release-version.mjs";
+
+test("resolveReleaseVersion keeps the local version when nothing is published yet", () => {
+  assert.equal(resolveReleaseVersion("0.1.10", null), "0.1.10");
+});
+
+test("resolveReleaseVersion bumps the patch version when the local version matches the published version", () => {
+  assert.equal(resolveReleaseVersion("0.1.10", "0.1.10"), "0.1.11");
+});
+
+test("resolveReleaseVersion bumps from the published version when the local version is behind", () => {
+  assert.equal(resolveReleaseVersion("0.1.9", "0.1.10"), "0.1.11");
+});
+
+test("resolveReleaseVersion keeps an already-ahead local version", () => {
+  assert.equal(resolveReleaseVersion("0.1.11", "0.1.10"), "0.1.11");
+});
+
+test("resolveReleaseVersion rejects invalid semver values", () => {
+  assert.throws(() => resolveReleaseVersion("invalid", "0.1.10"), /Invalid semver/);
+});
+
+test("prepareReleasePackageVersion rewrites package.json when an automatic bump is required", async () => {
+  const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "zenocode-version-"));
+  const packageJsonPath = path.join(tempDir, "package.json");
+  await fs.writeFile(
+    packageJsonPath,
+    `${JSON.stringify(
+      {
+        name: "@textcortex/zenocode",
+        version: "0.1.10",
+      },
+      null,
+      2,
+    )}\n`,
+    "utf-8",
+  );
+
+  const result = await prepareReleasePackageVersion({
+    packageJsonPath,
+    publishedVersion: "0.1.10",
+  });
+
+  const packageJson = JSON.parse(await fs.readFile(packageJsonPath, "utf-8"));
+  assert.deepEqual(result, {
+    packageName: "@textcortex/zenocode",
+    localVersion: "0.1.10",
+    nextVersion: "0.1.11",
+    publishedVersion: "0.1.10",
+    updated: true,
+  });
+  assert.equal(packageJson.version, "0.1.11");
+});
+
+test("prepareReleasePackageVersion leaves package.json untouched when the local version is already ahead", async () => {
+  const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "zenocode-version-"));
+  const packageJsonPath = path.join(tempDir, "package.json");
+  const originalContents = `${JSON.stringify(
+    {
+      name: "@textcortex/zenocode",
+      version: "0.1.11",
+    },
+    null,
+    2,
+  )}\n`;
+  await fs.writeFile(packageJsonPath, originalContents, "utf-8");
+
+  const result = await prepareReleasePackageVersion({
+    packageJsonPath,
+    publishedVersion: "0.1.10",
+  });
+
+  const packageJson = await fs.readFile(packageJsonPath, "utf-8");
+  assert.deepEqual(result, {
+    packageName: "@textcortex/zenocode",
+    localVersion: "0.1.11",
+    nextVersion: "0.1.11",
+    publishedVersion: "0.1.10",
+    updated: false,
+  });
+  assert.equal(packageJson, originalContents);
+});
+
+test("parseArgs requires a value after --package-json", () => {
+  assert.throws(() => parseArgs(["--package-json"]), /--package-json requires a value/);
+});

package/scripts/run-zenocode.mjs

@@ -31,6 +31,7 @@ const modelsPath = path.join(runtimeDir, "models.json");
 const configPath = path.join(runtimeDir, "opencode.jsonc");
 const localBaseUrlDefault = "http://127.0.0.1:8080";
 const cloudBaseUrlDefault = "https://api.textcortex.com";
+const localBaseUrlFlags = new Set(["--local", "--localhost"]);
 
 const providerID = "textcortex";
 const configuredOpencodePackage =
@@ -492,6 +493,15 @@ function sleep(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
 
+export function hasLocalBaseUrlFlag(args = []) {
+  const normalizedArgs = args[0] === "--" ? args.slice(1) : args;
+  return normalizedArgs.some((arg) => localBaseUrlFlags.has(arg));
+}
+
+function stripLocalBaseUrlFlags(args = []) {
+  return args.filter((arg) => !localBaseUrlFlags.has(arg));
+}
+
 async function parseLoginArgs(args) {
   const normalizedArgs = args[0] === "--" ? args.slice(1) : args;
   let emailHint = process.env.TEXTCORTEX_LOGIN_EMAIL || null;
@@ -499,6 +509,9 @@ async function parseLoginArgs(args) {
 
   for (let idx = 0; idx < normalizedArgs.length; idx += 1) {
     const arg = normalizedArgs[idx];
+    if (localBaseUrlFlags.has(arg)) {
+      continue;
+    }
     if (arg === "--no-launch-browser") {
       launchBrowser = false;
       continue;
@@ -515,6 +528,7 @@ async function parseLoginArgs(args) {
     if (arg === "--help" || arg === "-h") {
       console.log("Zenocode login options:");
       console.log("  --email <address>      Optional email hint for tenant/SSO routing");
+      console.log(`  --local                Use the local FastAPI backend at ${localBaseUrlDefault}`);
       console.log("  --no-launch-browser    Do not open browser automatically");
       process.exit(0);
     }
@@ -543,10 +557,39 @@ function isLoginRouteNotFoundError(error) {
   return message.includes("Login initiate failed (404)");
 }
 
+export function shouldFallbackLoginToCloud({ baseUrl, hasExplicitBaseUrl, error }) {
+  if (hasExplicitBaseUrl || baseUrl !== localBaseUrlDefault) {
+    return false;
+  }
+
+  return isFetchFailedError(error) || isLoginRouteNotFoundError(error);
+}
+
+export function resolveTextCortexBaseUrl({
+  envBaseUrl,
+  storedBaseUrl,
+  preferLocalhost = false,
+} = {}) {
+  if (preferLocalhost) {
+    return localBaseUrlDefault;
+  }
+  return envBaseUrl || storedBaseUrl || cloudBaseUrlDefault;
+}
+
+export function resolveLoginBaseUrl({
+  envBaseUrl,
+  preferLocalhost = false,
+} = {}) {
+  if (preferLocalhost) {
+    return localBaseUrlDefault;
+  }
+  return envBaseUrl || cloudBaseUrlDefault;
+}
+
 function _loginConnectivityHelp(baseUrl) {
   return [
     `Cannot reach Zenocode auth endpoint at ${baseUrl}.`,
-    "Run local backend FastAPI (`cd backend && uv run dev_fastapi`) or set TEXTCORTEX_BASE_URL to a reachable backend API.",
+    `Set TEXTCORTEX_BASE_URL to ${cloudBaseUrlDefault} or, for local development, run local backend FastAPI (\`cd backend && uv run dev_fastapi\`).`,
   ].join(" ");
 }
 
@@ -655,18 +698,20 @@ async function saveRuntimeCredentials(baseUrl, tokenData) {
   await clearLogoutMarker();
 }
 
-async function runLoginCommand(baseUrl, args) {
+async function runLoginCommand(baseUrl, args, options = {}) {
+  const preferLocalhost = options.preferLocalhost === true;
   const { emailHint, launchBrowser } = await parseLoginArgs(args);
-  let resolvedBaseUrl = baseUrl;
+  let resolvedBaseUrl = preferLocalhost ? localBaseUrlDefault : baseUrl;
   let login;
   try {
     login = await initiateDeviceLogin(resolvedBaseUrl, emailHint);
   } catch (error) {
-    if (
-      !process.env.TEXTCORTEX_BASE_URL &&
-      resolvedBaseUrl === localBaseUrlDefault &&
-      isFetchFailedError(error)
-    ) {
+    if (shouldFallbackLoginToCloud({
+      baseUrl: resolvedBaseUrl,
+      hasExplicitBaseUrl:
+        Boolean(process.env.TEXTCORTEX_BASE_URL) || preferLocalhost,
+      error,
+    })) {
       resolvedBaseUrl = cloudBaseUrlDefault;
       console.log(
         `Local backend not reachable at ${localBaseUrlDefault}. Falling back to ${cloudBaseUrlDefault}.`,
@@ -1225,6 +1270,7 @@ export async function runRuntimeWithSessionRecovery({
   token,
   childOptions,
   canAutoLoginRuntime,
+  preferLocalhost = false,
   refreshTokenFn = refreshStoredCredentials,
   runLogin = runLoginCommand,
   resolveTokenFn = resolveToken,
@@ -1283,9 +1329,16 @@ export async function runRuntimeWithSessionRecovery({
     }
 
     console.log("Zenocode session expired. Starting login flow...\n");
-    await runLogin(activeBaseUrl, buildAutoLoginArgs());
+    await runLogin(activeBaseUrl, buildAutoLoginArgs({ preferLocalhost }), {
+      preferLocalhost,
+    });
     activeToken = await resolveTokenFn();
-    activeBaseUrl = process.env.TEXTCORTEX_BASE_URL || (await resolveStoredBaseUrlFn()) || activeBaseUrl;
+    activeBaseUrl =
+      resolveTextCortexBaseUrl({
+        envBaseUrl: process.env.TEXTCORTEX_BASE_URL,
+        storedBaseUrl: await resolveStoredBaseUrlFn(),
+        preferLocalhost,
+      }) || activeBaseUrl;
     await prepareRuntimeFn(activeBaseUrl, activeToken);
     const retryDelayMs = Math.min(
       Math.max(recoveryDelayMs, 0) * recoveryAttempts,
@@ -1366,11 +1419,18 @@ function maybeRenderBanner(args) {
   console.log(`${buildZenocodeBanner()}\n`);
 }
 
-function buildAutoLoginArgs() {
-  return process.env.ZENOCODE_AUTO_LOGIN_NO_BROWSER === "1" ||
+function buildAutoLoginArgs({ preferLocalhost = false } = {}) {
+  const loginArgs = [];
+  if (preferLocalhost) {
+    loginArgs.push("--local");
+  }
+  if (
+    process.env.ZENOCODE_AUTO_LOGIN_NO_BROWSER === "1" ||
     process.env.CODECORTEX_AUTO_LOGIN_NO_BROWSER === "1"
-    ? ["--no-launch-browser"]
-    : [];
+  ) {
+    loginArgs.push("--no-launch-browser");
+  }
+  return loginArgs;
 }
 
 function isMissingTokenError(error) {
@@ -1443,7 +1503,8 @@ function shouldAttemptAutoLogin(error, args) {
   return canAutoLogin(args);
 }
 
-async function resolveTokenWithAutoLogin(baseUrl, args) {
+async function resolveTokenWithAutoLogin(baseUrl, args, options = {}) {
+  const preferLocalhost = options.preferLocalhost === true;
   try {
     const token = await resolveToken();
     return { token, baseUrl };
@@ -1453,14 +1514,21 @@ async function resolveTokenWithAutoLogin(baseUrl, args) {
     }
 
     console.log("No local Zenocode credentials found. Starting login flow...\n");
-    await runLoginCommand(baseUrl, buildAutoLoginArgs());
+    await runLoginCommand(baseUrl, buildAutoLoginArgs({ preferLocalhost }), {
+      preferLocalhost,
+    });
     const token = await resolveToken();
-    const persistedBaseUrl = process.env.TEXTCORTEX_BASE_URL || (await resolveStoredBaseUrl()) || baseUrl;
+    const persistedBaseUrl = resolveTextCortexBaseUrl({
+      envBaseUrl: process.env.TEXTCORTEX_BASE_URL,
+      storedBaseUrl: await resolveStoredBaseUrl(),
+      preferLocalhost,
+    });
     return { token, baseUrl: persistedBaseUrl };
   }
 }
 
-async function prepareRuntimeWithAutoLogin(baseUrl, token, args) {
+async function prepareRuntimeWithAutoLogin(baseUrl, token, args, options = {}) {
+  const preferLocalhost = options.preferLocalhost === true;
   try {
     const model = await prepareRuntime(baseUrl, token);
     return { model, token, baseUrl };
@@ -1484,9 +1552,15 @@ async function prepareRuntimeWithAutoLogin(baseUrl, token, args) {
     }
 
     console.log("Zenocode session expired. Starting login flow...\n");
-    await runLoginCommand(baseUrl, buildAutoLoginArgs());
+    await runLoginCommand(baseUrl, buildAutoLoginArgs({ preferLocalhost }), {
+      preferLocalhost,
+    });
     const refreshedToken = await resolveToken();
-    const refreshedBaseUrl = process.env.TEXTCORTEX_BASE_URL || (await resolveStoredBaseUrl()) || baseUrl;
+    const refreshedBaseUrl = resolveTextCortexBaseUrl({
+      envBaseUrl: process.env.TEXTCORTEX_BASE_URL,
+      storedBaseUrl: await resolveStoredBaseUrl(),
+      preferLocalhost,
+    });
     const model = await prepareRuntime(refreshedBaseUrl, refreshedToken);
     return { model, token: refreshedToken, baseUrl: refreshedBaseUrl };
   }
@@ -1503,12 +1577,25 @@ async function main() {
     passthrough.shift();
   }
 
+  const preferLocalhost = hasLocalBaseUrlFlag(passthrough);
+  const runtimeArgs = stripLocalBaseUrlFlags(passthrough);
   const storedBaseUrl = await resolveStoredBaseUrl();
-  const baseUrl = process.env.TEXTCORTEX_BASE_URL || storedBaseUrl || localBaseUrlDefault;
-  const subcommand = passthrough[0];
+  const baseUrl = resolveTextCortexBaseUrl({
+    envBaseUrl: process.env.TEXTCORTEX_BASE_URL,
+    storedBaseUrl,
+    preferLocalhost,
+  });
+  const subcommand = runtimeArgs[0];
 
   if (subcommand === "login") {
-    await runLoginCommand(baseUrl, passthrough.slice(1));
+    await runLoginCommand(
+      resolveLoginBaseUrl({
+        envBaseUrl: process.env.TEXTCORTEX_BASE_URL,
+        preferLocalhost,
+      }),
+      runtimeArgs.slice(1),
+      { preferLocalhost },
+    );
     return;
   }
 
@@ -1517,12 +1604,15 @@ async function main() {
     return;
   }
 
-  maybeRenderBanner(passthrough);
-  const tokenResolution = await resolveTokenWithAutoLogin(baseUrl, passthrough);
+  maybeRenderBanner(runtimeArgs);
+  const tokenResolution = await resolveTokenWithAutoLogin(baseUrl, runtimeArgs, {
+    preferLocalhost,
+  });
   const runtime = await prepareRuntimeWithAutoLogin(
     tokenResolution.baseUrl,
     tokenResolution.token,
-    passthrough,
+    runtimeArgs,
+    { preferLocalhost },
   );
   const token = runtime.token;
   const model = runtime.model;
@@ -1539,14 +1629,15 @@ async function main() {
       TEXTCORTEX_API_KEY: token,
     },
   };
-  const monitorRuntimeSession = canAutoLogin(passthrough);
+  const monitorRuntimeSession = canAutoLogin(runtimeArgs);
 
   if (opencodeBinaryPath) {
     const result = await runRuntimeWithSessionRecovery({
-      args: passthrough,
+      args: runtimeArgs,
       baseUrl: runtime.baseUrl,
       token,
       childOptions,
+      preferLocalhost,
       canAutoLoginRuntime: monitorRuntimeSession,
       launchRuntimeFn: ({ args, childOptions }) =>
         runRuntimeBinary(opencodeBinaryPath, args, childOptions, monitorRuntimeSession),
@@ -1559,10 +1650,11 @@ async function main() {
   const pinnedRuntimePath = await resolvePinnedRuntimeBinary(launchPackage, childOptions);
   if (pinnedRuntimePath) {
     const result = await runRuntimeWithSessionRecovery({
-      args: passthrough,
+      args: runtimeArgs,
       baseUrl: runtime.baseUrl,
       token,
       childOptions,
+      preferLocalhost,
       canAutoLoginRuntime: monitorRuntimeSession,
       launchRuntimeFn: ({ args, childOptions }) =>
         runRuntimeBinary(pinnedRuntimePath, args, childOptions, monitorRuntimeSession),
@@ -1570,7 +1662,7 @@ async function main() {
     exitWithChildResult(result);
     return;
   }
-  await runPackageLauncher(launchPackage, passthrough, childOptions);
+  await runPackageLauncher(launchPackage, runtimeArgs, childOptions);
 }
 
 const resolveExecutablePath = (value) => {

package/scripts/run-zenocode.test.mjs

@@ -15,8 +15,12 @@ import {
   canRecoverRuntimeSessionFromTranscript,
   buildZenocodeBanner,
   chooseDefaults,
+  hasLocalBaseUrlFlag,
+  resolveLoginBaseUrl,
   resolveLoginSuccessIdentifier,
+  resolveTextCortexBaseUrl,
   runRuntimeWithSessionRecovery,
+  shouldFallbackLoginToCloud,
   writePrivateJsonFile,
 } from "./run-zenocode.mjs";
 
@@ -33,6 +37,93 @@ test("chooseDefaults prefers kimi k2.5 thinking for Zenocode", () => {
   });
 });
 
+test("resolveTextCortexBaseUrl defaults to the cloud API for packaged usage", () => {
+  assert.equal(
+    resolveTextCortexBaseUrl({
+      envBaseUrl: "",
+      storedBaseUrl: null,
+    }),
+    "https://api.textcortex.com",
+  );
+});
+
+test("resolveTextCortexBaseUrl prefers the explicit env var over stored credentials", () => {
+  assert.equal(
+    resolveTextCortexBaseUrl({
+      envBaseUrl: "https://staging.textcortex.com",
+      storedBaseUrl: "http://127.0.0.1:8080",
+    }),
+    "https://staging.textcortex.com",
+  );
+});
+
+test("resolveTextCortexBaseUrl prefers localhost when the local flag is enabled", () => {
+  assert.equal(
+    resolveTextCortexBaseUrl({
+      envBaseUrl: "https://staging.textcortex.com",
+      storedBaseUrl: "https://api.textcortex.com",
+      preferLocalhost: true,
+    }),
+    "http://127.0.0.1:8080",
+  );
+});
+
+test("resolveLoginBaseUrl ignores stored credentials and defaults explicit login to cloud", () => {
+  assert.equal(
+    resolveLoginBaseUrl({
+      envBaseUrl: "",
+    }),
+    "https://api.textcortex.com",
+  );
+});
+
+test("resolveLoginBaseUrl still respects explicit env overrides", () => {
+  assert.equal(
+    resolveLoginBaseUrl({
+      envBaseUrl: "https://staging.textcortex.com",
+    }),
+    "https://staging.textcortex.com",
+  );
+});
+
+test("resolveLoginBaseUrl prefers localhost when the local flag is enabled", () => {
+  assert.equal(
+    resolveLoginBaseUrl({
+      envBaseUrl: "https://staging.textcortex.com",
+      preferLocalhost: true,
+    }),
+    "http://127.0.0.1:8080",
+  );
+});
+
+test("hasLocalBaseUrlFlag detects localhost flags", () => {
+  assert.equal(hasLocalBaseUrlFlag(["login", "--local"]), true);
+  assert.equal(hasLocalBaseUrlFlag(["--localhost", "run"]), true);
+  assert.equal(hasLocalBaseUrlFlag(["run", "--help"]), false);
+});
+
+test("shouldFallbackLoginToCloud retries the cloud API when the local auth route returns 404", () => {
+  assert.equal(
+    shouldFallbackLoginToCloud({
+      baseUrl: "http://127.0.0.1:8080",
+      hasExplicitBaseUrl: false,
+      error: new Error("Login initiate failed (404): not found"),
+    }),
+    true,
+  );
+});
+
+test("shouldFallbackLoginToCloud does not override an explicit base URL", () => {
+  assert.equal(
+    shouldFallbackLoginToCloud({
+      baseUrl: "http://127.0.0.1:8080",
+      hasExplicitBaseUrl: true,
+      error: new Error("fetch failed"),
+    }),
+    false,
+  );
+});
+
 test("buildOpenCodeConfig includes an openai stub for fallback runtime auth plugins", () => {
   const config = buildOpenCodeConfig({
     baseUrl: "http://127.0.0.1:8080",
@@ -253,6 +344,61 @@ test("runRuntimeWithSessionRecovery refreshes stored credentials before forcing
   assert.deepEqual(result, { code: 0, signal: null, expiredSession: false });
 });
 
+test("runRuntimeWithSessionRecovery preserves explicit localhost preference during login recovery", async () => {
+  const events = [];
+  let launchCount = 0;
+
+  const result = await runRuntimeWithSessionRecovery({
+    args: ["run"],
+    baseUrl: "http://127.0.0.1:8080",
+    token: "token-1",
+    childOptions: {
+      cwd: process.cwd(),
+      env: {},
+    },
+    canAutoLoginRuntime: true,
+    preferLocalhost: true,
+    refreshTokenFn: async (baseUrl) => {
+      events.push(["refresh", baseUrl]);
+      throw new Error("refresh failed");
+    },
+    runLogin: async (baseUrl, loginArgs, options) => {
+      events.push(["login", baseUrl, loginArgs, options]);
+    },
+    resolveTokenFn: async () => {
+      events.push(["resolve-token"]);
+      return "token-2";
+    },
+    resolveStoredBaseUrlFn: async () => {
+      events.push(["resolve-base-url"]);
+      return "https://api.textcortex.com";
+    },
+    prepareRuntimeFn: async (baseUrl, token) => {
+      events.push(["prepare", baseUrl, token]);
+      return "kimi-k2-5-thinking";
+    },
+    launchRuntimeFn: async ({ childOptions }) => {
+      launchCount += 1;
+      events.push(["launch", launchCount, childOptions.env.TEXTCORTEX_API_KEY]);
+      if (launchCount === 1) {
+        return { expiredSession: true };
+      }
+      return { code: 0, signal: null, expiredSession: false };
+    },
+  });
+
+  assert.deepEqual(events, [
+    ["launch", 1, "token-1"],
+    ["refresh", "http://127.0.0.1:8080"],
+    ["login", "http://127.0.0.1:8080", ["--local"], { preferLocalhost: true }],
+    ["resolve-token"],
+    ["resolve-base-url"],
+    ["prepare", "http://127.0.0.1:8080", "token-2"],
+    ["launch", 2, "token-2"],
+  ]);
+  assert.deepEqual(result, { code: 0, signal: null, expiredSession: false });
+});
+
 test("runRuntimeWithSessionRecovery stops after repeated recovery failures", async () => {
   const events = [];
   let launchCount = 0;