npm - arisa - Versions diffs - 2.3.20 → 2.3.22 - Mend

arisa 2.3.20 → 2.3.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bin/arisa.js CHANGED Viewed

@@ -3,7 +3,6 @@
 const { spawn, spawnSync } = require("node:child_process");
 const {
   closeSync,
-  cpSync,
   existsSync,
   mkdirSync,
   openSync,
@@ -12,7 +11,7 @@ const {
   writeFileSync,
 } = require("node:fs");
 const { homedir, platform } = require("node:os");
-const { join, resolve } = require("node:path");
+const { dirname, join, resolve } = require("node:path");
 const pkgRoot = resolve(__dirname, "..");
 const daemonEntry = join(pkgRoot, "src", "daemon", "index.ts");
@@ -474,10 +473,8 @@ if (isRoot() && arisaUserExists()) {
   // One-time migration from root's data dir
   if (existsSync(rootDataDir) && !existsSync(arisaDataDir)) {
-    try {
-      cpSync(rootDataDir, arisaDataDir, { recursive: true });
-      spawnSync("chown", ["-R", "arisa:arisa", arisaDataDir], { stdio: "ignore" });
-    } catch {}
+    spawnSync("cp", ["-r", rootDataDir, arisaDataDir], { stdio: "ignore" });
+    spawnSync("chown", ["-R", "arisa:arisa", arisaDataDir], { stdio: "ignore" });
   }
   // Ensure arisa data dir exists with correct ownership
@@ -486,11 +483,22 @@ if (isRoot() && arisaUserExists()) {
     spawnSync("chown", ["-R", "arisa:arisa", arisaDataDir], { stdio: "ignore" });
   }
-  // Ensure arisa can read project files (Core runs as arisa with bun --watch)
+  // Ensure arisa can traverse to and read project files.
+  // When installed globally under /root/.bun/..., parent dirs are mode 700.
+  // Add o+x (traverse only, not read) on each ancestor so arisa can reach pkgRoot.
+  let traverseDir = pkgRoot;
+  while (traverseDir !== "/") {
+    spawnSync("chmod", ["o+x", traverseDir], { stdio: "ignore" });
+    traverseDir = dirname(traverseDir);
+  }
   spawnSync("chmod", ["-R", "o+rX", pkgRoot], { stdio: "ignore" });
   // All processes use arisa's data dir (inherited by Daemon → Core)
   process.env.ARISA_DATA_DIR = arisaDataDir;
+  // Permissive umask so files Daemon (root) creates at runtime in the shared
+  // data dir are readable/writable by Core (arisa). Safe in Docker containers.
+  process.umask(0o000);
 }
 // Then fall through to normal daemon startup

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "arisa",
-  "version": "2.3.20",
+  "version": "2.3.22",
   "description": "Arisa - dynamic agent runtime with daemon/core architecture that evolves through user interaction",
   "keywords": [
     "tinyclaw",

package/src/daemon/lifecycle.ts CHANGED Viewed

@@ -15,6 +15,7 @@ import { config } from "../shared/config";
 import { createLogger } from "../shared/logger";
 import { attemptAutoFix } from "./autofix";
 import { isRunningAsRoot } from "../shared/ai-cli";
+import { spawnSync } from "child_process";
 import { join } from "path";
 const log = createLogger("daemon");
@@ -126,6 +127,10 @@ export function startCore() {
   // (tokens, ARISA_DATA_DIR, API keys). We only override HOME/BUN/PATH.
   let cmd: string[];
   if (isRunningAsRoot()) {
+    // Ensure arisa owns all data dir files created during Daemon init
+    // (encryption keys, DB, PID files, etc.) before Core reads them.
+    spawnSync("chown", ["-R", "arisa:arisa", config.arisaDir], { stdio: "ignore" });
     const bunEnv = "export HOME=/home/arisa && export BUN_INSTALL=/home/arisa/.bun && export PATH=/home/arisa/.bun/bin:$PATH";
     const inner = `${bunEnv} && cd ${config.projectDir} && exec bun --watch ${coreEntry}`;
     cmd = ["su", "arisa", "-s", "/bin/bash", "-c", inner];