@vm0/cli 9.103.0 → 9.103.1

package/index.js

@@ -61,7 +61,7 @@ import {
   showNextSteps,
   volumeConfigSchema,
   withErrorHandler
-} from "./chunk-LIBXYI24.js";
+} from "./chunk-LQZNYDKG.js";
 
 // src/index.ts
 import { Command as Command44 } from "commander";
@@ -454,7 +454,7 @@ function getConfigPath() {
   return join(homedir(), ".vm0", "config.json");
 }
 var infoCommand = new Command6().name("info").description("Display environment and debug information").action(async () => {
-  console.log(chalk3.bold(`VM0 CLI v${"9.103.0"}`));
+  console.log(chalk3.bold(`VM0 CLI v${"9.103.1"}`));
   console.log();
   const config = await loadConfig();
   const hasEnvToken = !!process.env.VM0_TOKEN;
@@ -1581,7 +1581,7 @@ var composeCommand = new Command7().name("compose").description("Create or updat
         options.autoUpdate = false;
       }
       if (options.autoUpdate !== false) {
-        await startSilentUpgrade("9.103.0");
+        await startSilentUpgrade("9.103.1");
       }
       try {
         let result;
@@ -1655,7 +1655,7 @@ var mainRunCommand = new Command8().name("run").description("Run an agent").argu
   withErrorHandler(
     async (identifier, prompt, options) => {
       if (options.autoUpdate !== false) {
-        await startSilentUpgrade("9.103.0");
+        await startSilentUpgrade("9.103.1");
       }
       const { name, version } = parseIdentifier(identifier);
       let composeId;
@@ -3413,7 +3413,7 @@ var cookAction = new Command35().name("cook").description("Quick start: prepare,
   withErrorHandler(
     async (prompt, options) => {
       if (options.autoUpdate !== false) {
-        const shouldExit = await checkAndUpgrade("9.103.0", prompt);
+        const shouldExit = await checkAndUpgrade("9.103.1", prompt);
         if (shouldExit) {
           process.exit(0);
         }
@@ -4156,13 +4156,13 @@ var upgradeCommand = new Command42().name("upgrade").description("Upgrade vm0 CL
     if (latestVersion === null) {
       throw new Error("Could not check for updates. Please try again later.");
     }
-    if (latestVersion === "9.103.0") {
-      console.log(chalk33.green(`\u2713 Already up to date (${"9.103.0"})`));
+    if (latestVersion === "9.103.1") {
+      console.log(chalk33.green(`\u2713 Already up to date (${"9.103.1"})`));
       return;
     }
     console.log(
       chalk33.yellow(
-        `Current version: ${"9.103.0"} -> Latest version: ${latestVersion}`
+        `Current version: ${"9.103.1"} -> Latest version: ${latestVersion}`
       )
     );
     console.log();
@@ -4189,7 +4189,7 @@ var upgradeCommand = new Command42().name("upgrade").description("Upgrade vm0 CL
     const success = await performUpgrade(packageManager);
     if (success) {
       console.log(
-        chalk33.green(`\u2713 Upgraded from ${"9.103.0"} to ${latestVersion}`)
+        chalk33.green(`\u2713 Upgraded from ${"9.103.1"} to ${latestVersion}`)
       );
       return;
     }
@@ -4257,7 +4257,7 @@ var whoamiCommand = new Command43().name("whoami").description("Show current ide
 
 // src/index.ts
 var program = new Command44();
-program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.103.0");
+program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.103.1");
 program.addCommand(authCommand);
 program.addCommand(infoCommand);
 program.addCommand(composeCommand);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vm0/cli",
-  "version": "9.103.0",
+  "version": "9.103.1",
   "description": "CLI application",
   "repository": {
     "type": "git",

package/zero.js

@@ -115,7 +115,7 @@ import {
   upsertZeroOrgModelProvider,
   withErrorHandler,
   zeroAgentCustomSkillNameSchema
-} from "./chunk-LIBXYI24.js";
+} from "./chunk-LQZNYDKG.js";
 
 // src/zero.ts
 import { Command as Command77 } from "commander";
@@ -2265,6 +2265,9 @@ Notes:
 );
 
 // src/commands/zero/doctor/firewall-deny.ts
+import { Command as Command37, Option as Option2 } from "commander";
+
+// src/commands/zero/doctor/firewall-permissions-change.ts
 import { Command as Command36, Option } from "commander";
 
 // src/commands/zero/doctor/resolve-role.ts
@@ -2294,92 +2297,7 @@ async function resolveAgentRole(agentId) {
   }
 }
 
-// src/commands/zero/doctor/firewall-deny.ts
-var firewallDenyCommand = new Command36().name("firewall-deny").description(
-  "Diagnose a firewall denial and find the permission that covers it"
-).argument("<firewall-ref>", "The firewall connector type (e.g. github)").addOption(
-  new Option(
-    "--method <method>",
-    "The denied HTTP method"
-  ).makeOptionMandatory()
-).addOption(
-  new Option("--path <path>", "The denied path").makeOptionMandatory()
-).addHelpText(
-  "after",
-  `
-Examples:
-  zero doctor firewall-deny github --method GET --path /repos/owner/repo/pulls
-  zero doctor firewall-deny slack --method POST --path /chat.postMessage
-
-Notes:
-  - Identifies which named permission covers a denied request
-  - Outputs a platform URL for the user to allow the permission`
-).action(
-  withErrorHandler(
-    async (firewallRef, opts) => {
-      if (!isFirewallConnectorType(firewallRef)) {
-        throw new Error(`Unknown firewall connector type: ${firewallRef}`);
-      }
-      const { label } = CONNECTOR_TYPES[firewallRef];
-      const config = getConnectorFirewall(firewallRef);
-      const permissions = findMatchingPermissions(
-        opts.method,
-        opts.path,
-        config
-      );
-      const platformOrigin = await getPlatformOrigin();
-      const agentId = process.env.ZERO_AGENT_ID;
-      const urlParams = new URLSearchParams({
-        ref: firewallRef,
-        method: opts.method,
-        path: opts.path
-      });
-      if (permissions.length > 0) {
-        urlParams.set("permission", permissions[0]);
-      }
-      const pagePath = agentId ? `/agents/${agentId}/permissions` : "/agents";
-      const url = `${platformOrigin}${pagePath}?${urlParams.toString()}`;
-      console.log(
-        `The ${label} firewall blocked ${opts.method} ${opts.path}.`
-      );
-      if (permissions.length > 0) {
-        console.log(`This is covered by the "${permissions[0]}" permission.`);
-      } else {
-        console.log("No named permission was found covering this request.");
-      }
-      if (firewallRef === "slack" && permissions[0] === "chat:write") {
-        console.log("");
-        console.log(
-          "IMPORTANT: Granting chat:write allows sending messages AS THE USER's identity, not as a bot."
-        );
-        console.log(
-          "Use `zero slack message send -c <channel> -t <text>` to send messages as the bot instead \u2014 this is the recommended approach for most use cases."
-        );
-        console.log(
-          "Only request user approval below if acting as the user is specifically required."
-        );
-        console.log("");
-      }
-      const role = agentId ? await resolveAgentRole(agentId) : "unknown";
-      if (role === "admin" || role === "owner") {
-        console.log(
-          `You can allow this permission directly: [Manage ${label} firewall](${url})`
-        );
-      } else if (role === "member") {
-        console.log(
-          `This change requires admin approval. Request access at: [Request ${label} access](${url})`
-        );
-      } else {
-        console.log(
-          `Ask the user to allow it at: [Allow ${label} access](${url})`
-        );
-      }
-    }
-  )
-);
-
 // src/commands/zero/doctor/firewall-permissions-change.ts
-import { Command as Command37, Option as Option2 } from "commander";
 function findPermissionInConfig(ref, permissionName) {
   if (!isFirewallConnectorType(ref)) return false;
   const config = getConnectorFirewall(ref);
@@ -2391,17 +2309,62 @@ function findPermissionInConfig(ref, permissionName) {
   }
   return false;
 }
-var firewallPermissionsChangeCommand = new Command37().name("firewall-permissions-change").description("Request a firewall permission change (enable or disable)").argument("<firewall-ref>", "The firewall connector type (e.g. github)").addOption(
-  new Option2(
+async function outputPermissionChangeMessage(firewallRef, permission, action) {
+  const { label } = CONNECTOR_TYPES[firewallRef];
+  const platformOrigin = await getPlatformOrigin();
+  const agentId = process.env.ZERO_AGENT_ID;
+  const urlParams = new URLSearchParams({
+    ref: firewallRef,
+    permission,
+    action: action === "enable" ? "allow" : "deny"
+  });
+  const pagePath = agentId ? `/agents/${agentId}/permissions` : "/agents";
+  const url = `${platformOrigin}${pagePath}?${urlParams.toString()}`;
+  if (firewallRef === "slack" && permission === "chat:write" && action === "enable") {
+    console.log("");
+    console.log(
+      "IMPORTANT: Granting chat:write allows sending messages AS THE USER's identity, not as a bot."
+    );
+    console.log(
+      "Use `zero slack message send -c <channel> -t <text>` to send messages as the bot instead \u2014 this is the recommended approach for most use cases."
+    );
+    console.log(
+      "Only request user approval below if acting as the user is specifically required."
+    );
+    console.log("");
+  }
+  const role = agentId ? await resolveAgentRole(agentId) : "unknown";
+  if (role === "admin" || role === "owner") {
+    console.log(
+      `You can ${action} the "${permission}" permission directly: [Manage ${label} firewall](${url})`
+    );
+  } else if (role === "member") {
+    if (action === "enable") {
+      console.log(
+        `Permission changes require admin approval. Request access at: [Request ${label} access](${url})`
+      );
+    } else {
+      console.log(
+        `Permission changes require admin approval. Contact an org admin to disable this permission: [View ${label} firewall](${url})`
+      );
+    }
+  } else {
+    console.log(
+      `To ${action} the "${permission}" permission on the ${label} firewall: [Manage ${label} firewall](${url})`
+    );
+  }
+}
+var firewallPermissionsChangeCommand = new Command36().name("firewall-permissions-change").description("Request a firewall permission change (enable or disable)").argument("<firewall-ref>", "The firewall connector type (e.g. github)").addOption(
+  new Option(
     "--permission <name>",
     "The permission name to change"
   ).makeOptionMandatory()
 ).addOption(
-  new Option2("--enable", "Request to enable the permission").conflicts(
+  new Option("--enable", "Request to enable the permission").conflicts(
     "disable"
   )
 ).addOption(
-  new Option2("--disable", "Request to disable the permission").conflicts(
+  new Option("--disable", "Request to disable the permission").conflicts(
     "enable"
   )
 ).addHelpText(
@@ -2428,36 +2391,59 @@ Notes:
           `Unknown permission "${opts.permission}" for ${firewallRef} firewall`
         );
       }
-      const { label } = CONNECTOR_TYPES[firewallRef];
       const action = opts.enable ? "enable" : "disable";
-      const platformOrigin = await getPlatformOrigin();
-      const agentId = process.env.ZERO_AGENT_ID;
-      const urlParams = new URLSearchParams({
-        ref: firewallRef,
-        permission: opts.permission
-      });
-      const pagePath = agentId ? `/agents/${agentId}/permissions` : "/agents";
-      const url = `${platformOrigin}${pagePath}?${urlParams.toString()}`;
-      const role = agentId ? await resolveAgentRole(agentId) : "unknown";
-      if (role === "admin" || role === "owner") {
-        console.log(
-          `You can ${action} the "${opts.permission}" permission directly: [Manage ${label} firewall](${url})`
-        );
-      } else if (role === "member") {
-        if (action === "enable") {
-          console.log(
-            `Permission changes require admin approval. Request access at: [Request ${label} access](${url})`
-          );
-        } else {
-          console.log(
-            `Permission changes require admin approval. Contact an org admin to disable this permission: [View ${label} firewall](${url})`
-          );
-        }
-      } else {
-        console.log(
-          `To ${action} the "${opts.permission}" permission on the ${label} firewall: [Manage ${label} firewall](${url})`
-        );
+      await outputPermissionChangeMessage(
+        firewallRef,
+        opts.permission,
+        action
+      );
+    }
+  )
+);
+
+// src/commands/zero/doctor/firewall-deny.ts
+var firewallDenyCommand = new Command37().name("firewall-deny").description(
+  "Diagnose a firewall denial and find the permission that covers it"
+).argument("<firewall-ref>", "The firewall connector type (e.g. github)").addOption(
+  new Option2(
+    "--method <method>",
+    "The denied HTTP method"
+  ).makeOptionMandatory()
+).addOption(
+  new Option2("--path <path>", "The denied path").makeOptionMandatory()
+).addHelpText(
+  "after",
+  `
+Examples:
+  zero doctor firewall-deny github --method GET --path /repos/owner/repo/pulls
+  zero doctor firewall-deny slack --method POST --path /chat.postMessage
+
+Notes:
+  - Identifies which named permission covers a denied request
+  - Outputs a platform URL for the user to allow the permission`
+).action(
+  withErrorHandler(
+    async (firewallRef, opts) => {
+      if (!isFirewallConnectorType(firewallRef)) {
+        throw new Error(`Unknown firewall connector type: ${firewallRef}`);
+      }
+      const { label } = CONNECTOR_TYPES[firewallRef];
+      const config = getConnectorFirewall(firewallRef);
+      const permissions = findMatchingPermissions(
+        opts.method,
+        opts.path,
+        config
+      );
+      console.log(
+        `The ${label} firewall blocked ${opts.method} ${opts.path}.`
+      );
+      if (permissions.length === 0) {
+        console.log("No named permission was found covering this request.");
+        return;
       }
+      const permission = permissions[0];
+      console.log(`This is covered by the "${permission}" permission.`);
+      await outputPermissionChangeMessage(firewallRef, permission, "enable");
     }
   )
 );
@@ -5752,7 +5738,7 @@ function registerZeroCommands(prog, commands) {
 var program = new Command77();
 program.name("zero").description(
   "Zero CLI \u2014 interact with the zero platform from inside the sandbox"
-).version("9.103.0").addHelpText(
+).version("9.103.1").addHelpText(
   "after",
   `
 Examples: