arisa 2.3.46 → 2.3.48

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "arisa",
-  "version": "2.3.46",
+  "version": "2.3.48",
   "description": "Arisa - dynamic agent runtime with daemon/core architecture that evolves through user interaction",
   "keywords": [
     "tinyclaw",

package/src/core/processor.ts

@@ -26,7 +26,7 @@ const PROMPT_PREVIEW_MAX = 220;
 export const CLAUDE_RATE_LIMIT_MESSAGE = "Claude is out of credits right now. Please try again in a few minutes.";
 export const CODEX_AUTH_REQUIRED_MESSAGE = [
   "Codex login is required.",
-  "Check the Arisa daemon logs now and complete the device-auth steps shown there."
+  "Run: codex login --device-auth (or set OPENAI_API_KEY in ~/.arisa/.env) then restart Arisa."
 ].join("\n");
 
 function logActivity(backend: string, model: string | null, durationMs: number, status: string) {

package/src/daemon/setup.ts

@@ -289,7 +289,17 @@ async function isCliAuthenticated(cli: AgentCliName): Promise<boolean> {
       const exitCode = await proc.exited;
       return exitCode === 0 && stdout.includes('"loggedIn": true');
     }
-    // Codex: no simple auth check, assume OK if installed
+    // Codex: has OPENAI_API_KEY or device-auth credentials
+    if (cli === "codex") {
+      if (process.env.OPENAI_API_KEY) return true;
+      // device-auth stores config in ~/.codex/ — try a quick dry-run
+      const cmd = buildBunWrappedAgentCliCommand("codex", ["--help"], { skipPreload: true });
+      const proc = Bun.spawn(cmd, { stdout: "pipe", stderr: "pipe" });
+      const stderr = await new Response(proc.stderr).text();
+      await proc.exited;
+      // If stderr mentions login/auth, not authenticated
+      return !(/login|authenticate|OPENAI_API_KEY/i.test(stderr));
+    }
     return true;
   } catch {
     return false;