clementine-agent 1.1.28 → 1.1.30

package/dist/cli/index.js

@@ -155,7 +155,7 @@ function ensureDataHome() {
     }
 }
 // ── Commands ─────────────────────────────────────────────────────────
-function cmdLaunch(options) {
+async function cmdLaunch(options) {
     if (options.uninstall) {
         if (process.platform === 'darwin') {
             const plistPath = getLaunchdPlistPath();
@@ -197,6 +197,22 @@ function cmdLaunch(options) {
         }
         return;
     }
+    // Ensure data home exists so the wizard's sentinel write lands somewhere,
+    // then run the one-time keychain ACL repair wizard if applicable. This
+    // happens before --install so the launchd-spawned daemon (no TTY) inherits
+    // already-repaired entries; before --foreground so the user sees the
+    // prompt; and before the daemon spawn for the same reason.
+    ensureDataHome();
+    if (!options.skipWizard) {
+        try {
+            const { runFirstRunKeychainWizardIfNeeded } = await import('../config/keychain-first-run-wizard.js');
+            await runFirstRunKeychainWizardIfNeeded(BASE_DIR);
+        }
+        catch (err) {
+            // Wizard failure must never block launch — log and continue.
+            console.error(`  ${'\x1b[0;90m'}keychain wizard skipped: ${err.message}${'\x1b[0m'}`);
+        }
+    }
     if (options.install) {
         if (process.platform === 'darwin') {
             const plistPath = getLaunchdPlistPath();
@@ -414,7 +430,7 @@ async function cmdRestart(options) {
         }
     }
     catch { /* dashboard module may not be available */ }
-    cmdLaunch({ foreground: options.foreground });
+    await cmdLaunch({ foreground: options.foreground });
     if (dashboardWasRunning) {
         try {
             const { spawn: spawnProc } = await import('node:child_process');
@@ -1317,6 +1333,7 @@ async function cmdConfigHardenPermissions(opts) {
 // ── Config keychain-fix-acl ─────────────────────────────────────────
 async function cmdConfigKeychainFixAcl(opts) {
     const { listClementineKeychainEntries, fixAllClementineEntries } = await import('../config/keychain-fix-acl.js');
+    const { markKeychainWizardDone } = await import('../config/keychain-first-run-wizard.js');
     const DIM = '\x1b[0;90m';
     const BOLD = '\x1b[1m';
     const GREEN = '\x1b[0;32m';
@@ -1332,6 +1349,8 @@ async function cmdConfigKeychainFixAcl(opts) {
     if (entries.length === 0) {
         console.log(`  ${GREEN}Nothing to fix.${RESET}`);
         console.log();
+        // No entries means the launch wizard has nothing to do either.
+        markKeychainWizardDone(BASE_DIR);
         return;
     }
     if (opts.list) {
@@ -1365,6 +1384,9 @@ async function cmdConfigKeychainFixAcl(opts) {
         console.log(`  ${DIM}Failed entries can be fixed manually in Keychain Access.app:${RESET}`);
         console.log(`  ${DIM}  search "clementine-agent" → double-click → Access Control → Allow all applications.${RESET}`);
     }
+    // Always mark the launch wizard satisfied — user has explicitly decided
+    // to deal with this via the manual command.
+    markKeychainWizardDone(BASE_DIR);
     console.log();
 }
 // ── Analytics ────────────────────────────────────────────────────────
@@ -3144,13 +3166,15 @@ async function cmdUpdate(options) {
             console.log(`  ${GREEN}OK${RESET}  Daemon stopped`);
         }
     }
-    // Helper: if update fails after stopping daemon, relaunch before exiting
-    function failAndRestart(backupDir) {
+    // Helper: if update fails after stopping daemon, relaunch before exiting.
+    // Runs cmdLaunch with skipWizard so it doesn't try to prompt mid-recovery —
+    // the wizard, if needed, fires on the user's next intentional `clementine launch`.
+    async function failAndRestart(backupDir) {
         if (wasRunning) {
             console.log();
             console.log(`  Restarting daemon (was running before update)...`);
             try {
-                cmdLaunch({});
+                await cmdLaunch({ skipWizard: true });
                 console.log(`  ${GREEN}OK${RESET}  Daemon restarted`);
             }
             catch {
@@ -3242,7 +3266,7 @@ async function cmdUpdate(options) {
             }
             catch { /* best effort */ }
         }
-        failAndRestart(backupDir);
+        await failAndRestart(backupDir);
     }
     // 6. npm install
     console.log(`  ${S()} Installing dependencies...`);
@@ -3255,7 +3279,7 @@ async function cmdUpdate(options) {
     }
     catch (err) {
         console.error(`  ${RED}FAIL${RESET}  npm install failed: ${String(err).slice(0, 200)}`);
-        failAndRestart(backupDir);
+        await failAndRestart(backupDir);
     }
     // 6b. Rebuild native modules (better-sqlite3) for current Node version
     try {
@@ -3347,7 +3371,7 @@ async function cmdUpdate(options) {
         }
         catch (retryErr) {
             console.error(`  ${RED}FAIL${RESET}  Build failed after update: ${String(retryErr).slice(0, 200)}`);
-            failAndRestart(backupDir);
+            await failAndRestart(backupDir);
         }
     }
     // 7b. Verify build output is fresh
@@ -3363,7 +3387,7 @@ async function cmdUpdate(options) {
             }
             catch (err) {
                 console.error(`  ${RED}FAIL${RESET}  Clean rebuild failed: ${String(err).slice(0, 200)}`);
-                failAndRestart(backupDir);
+                await failAndRestart(backupDir);
             }
         }
     }
@@ -3615,7 +3639,7 @@ async function cmdUpdate(options) {
         // Ensure build output is fully flushed before spawning new process
         execSync('sync', { stdio: 'pipe' });
         console.log(`  ${S()} Restarting daemon...`);
-        cmdLaunch({});
+        await cmdLaunch({ skipWizard: true });
     }
     // 13. Post-restart health check — verify daemon started and channels connected
     if (options.restart || wasRunning) {
@@ -3862,20 +3886,175 @@ const siCmd = program
     .description('Manage Clementine self-improvement');
 siCmd
     .command('status')
-    .description('Show self-improvement state and baseline metrics')
-    .action(async () => {
+    .description('Show self-improvement health — last cycle, infra errors, per-agent runs, recent activity')
+    .option('--json', 'Emit machine-readable JSON')
+    .action(async (opts) => {
+    const BOLD = '\x1b[1m';
+    const DIM = '\x1b[0;90m';
+    const GREEN = '\x1b[0;32m';
+    const YELLOW = '\x1b[1;33m';
+    const RED = '\x1b[0;31m';
+    const CYAN = '\x1b[0;36m';
+    const RESET = '\x1b[0m';
     try {
+        process.env.CLEMENTINE_HOME = BASE_DIR;
         const { SelfImproveLoop } = await import('../agent/self-improve.js');
         const { PersonalAssistant } = await import('../agent/assistant.js');
         const assistant = new PersonalAssistant();
         const loop = new SelfImproveLoop(assistant);
         const state = loop.loadState();
-        const m = state.baselineMetrics;
-        console.log(`Status: ${state.status}`);
-        console.log(`Last run: ${state.lastRunAt || 'never'}`);
-        console.log(`Total experiments: ${state.totalExperiments}`);
-        console.log(`Pending approvals: ${state.pendingApprovals}`);
-        console.log(`Baseline — Feedback: ${(m.feedbackPositiveRatio * 100).toFixed(0)}% positive, Cron: ${(m.cronSuccessRate * 100).toFixed(0)}% success, Quality: ${m.avgResponseQuality.toFixed(2)}`);
+        const log = loop.loadExperimentLog();
+        const pending = loop.getPendingChanges();
+        // Compute "last successful cycle" — most recent log entry that wasn't
+        // a plateau record or pure infra failure. Different from lastRunAt
+        // (which moves on every attempt, even crashed ones).
+        const lastSuccessful = [...log].reverse().find(e => e.area !== 'soul' || e.hypothesis !== 'No new hypothesis — diversity constraint exhausted');
+        const nowMs = Date.now();
+        const formatAge = (iso) => {
+            if (!iso)
+                return 'never';
+            const ms = nowMs - Date.parse(iso);
+            const h = Math.floor(ms / 3_600_000);
+            if (h < 1)
+                return `${Math.floor(ms / 60_000)}m ago`;
+            if (h < 48)
+                return `${h}h ago`;
+            return `${Math.floor(h / 24)}d ago`;
+        };
+        // Auto-applied count over the last 7 days = experiments with status 'approved'
+        const since7d = nowMs - 7 * 86_400_000;
+        const autoAppliedRecent = log.filter(e => e.approvalStatus === 'approved' && Date.parse(e.startedAt) >= since7d).length;
+        // Per-agent SI runs from heartbeat state file.
+        const hbStateFile = path.join(BASE_DIR, '.heartbeat_state.json');
+        let perAgentRuns = {};
+        try {
+            if (existsSync(hbStateFile)) {
+                const hb = JSON.parse(readFileSync(hbStateFile, 'utf-8'));
+                perAgentRuns = (hb.lastAgentSiRuns ?? {});
+            }
+        }
+        catch { /* non-fatal */ }
+        if (opts.json) {
+            console.log(JSON.stringify({
+                state,
+                lastSuccessfulAt: lastSuccessful?.startedAt ?? null,
+                autoAppliedLast7d: autoAppliedRecent,
+                pendingCount: pending.length,
+                perAgentRuns,
+                recent: log.slice(-5).reverse(),
+            }, null, 2));
+            return;
+        }
+        // ── Header ─────────────────────────────────────────────────────
+        console.log();
+        console.log(`  ${BOLD}Self-improve loop${RESET}`);
+        console.log(`  ${DIM}Status:           ${RESET}${state.status}`);
+        console.log(`  ${DIM}Last attempted:   ${RESET}${state.lastRunAt || 'never'} ${DIM}(${formatAge(state.lastRunAt)})${RESET}`);
+        // Stalled-loop warning: if we have a lastRunAt but no successful cycle
+        // in 36+ hours, surface red. That's the visibility gap from pillar #4.
+        const lastSuccAt = lastSuccessful?.startedAt;
+        const hoursSinceSuccess = lastSuccAt ? (nowMs - Date.parse(lastSuccAt)) / 3_600_000 : null;
+        if (lastSuccAt) {
+            const stallTag = hoursSinceSuccess !== null && hoursSinceSuccess > 36 ? `  ${YELLOW}⚠ stalled${RESET}` : `  ${GREEN}✓${RESET}`;
+            console.log(`  ${DIM}Last successful:  ${RESET}${lastSuccAt} ${DIM}(${formatAge(lastSuccAt)})${RESET}${stallTag}`);
+        }
+        else {
+            console.log(`  ${DIM}Last successful:  ${RESET}never  ${YELLOW}⚠ no cycles yet${RESET}`);
+        }
+        console.log(`  ${DIM}Total experiments:${RESET} ${state.totalExperiments}`);
+        console.log(`  ${DIM}Auto-applied (7d):${RESET} ${autoAppliedRecent}`);
+        console.log(`  ${DIM}Pending review:   ${RESET}${pending.length > 0 ? `${YELLOW}${pending.length}${RESET}` : '0'}`);
+        if (state.infraError) {
+            console.log();
+            console.log(`  ${RED}⚠ Infra error blocking the loop:${RESET}`);
+            console.log(`    Category:   ${state.infraError.category}`);
+            console.log(`    Diagnostic: ${state.infraError.diagnostic.slice(0, 200)}`);
+        }
+        else {
+            console.log(`  ${DIM}Infra errors:     ${RESET}${GREEN}none${RESET}`);
+        }
+        // ── Per-agent cycles ───────────────────────────────────────────
+        const agentEntries = Object.entries(perAgentRuns);
+        if (agentEntries.length > 0) {
+            console.log();
+            console.log(`  ${BOLD}Per-agent cycles${RESET}  ${DIM}(weekly cadence, 2 AM)${RESET}`);
+            for (const [slug, iso] of agentEntries) {
+                console.log(`    ${CYAN}${slug.padEnd(28)}${RESET}${DIM}last run ${formatAge(iso)}${RESET}`);
+            }
+        }
+        // ── Recent activity ────────────────────────────────────────────
+        const recent = log.slice(-5).reverse();
+        if (recent.length > 0) {
+            console.log();
+            console.log(`  ${BOLD}Recent activity${RESET}`);
+            for (const e of recent) {
+                const score = (e.score * 10).toFixed(1);
+                let icon = '❌';
+                if (e.approvalStatus === 'approved')
+                    icon = '✅';
+                else if (e.approvalStatus === 'pending')
+                    icon = '⏳';
+                else if (e.approvalStatus === 'unsurfaced')
+                    icon = '⛔';
+                const what = e.hypothesis.slice(0, 60);
+                console.log(`    ${icon} ${DIM}#${String(e.iteration).padEnd(3)}${RESET} ${e.area.padEnd(16)} ${score.padStart(4)}/10  "${what}"`);
+            }
+        }
+        if (pending.length > 0) {
+            console.log();
+            console.log(`  ${YELLOW}${pending.length} change(s) pending your review${RESET}`);
+            console.log(`    ${BOLD}clementine self-improve pending${RESET} ${DIM}— see what they propose${RESET}`);
+            console.log(`    ${BOLD}clementine self-improve apply <id>${RESET} ${DIM}— approve and apply one${RESET}`);
+        }
+        console.log();
+    }
+    catch (err) {
+        console.error('Error:', err);
+        process.exit(1);
+    }
+});
+siCmd
+    .command('pending')
+    .description('List pending self-improve changes — what needs your review')
+    .option('--json', 'Emit machine-readable JSON')
+    .action(async (opts) => {
+    const BOLD = '\x1b[1m';
+    const DIM = '\x1b[0;90m';
+    const YELLOW = '\x1b[1;33m';
+    const CYAN = '\x1b[0;36m';
+    const RESET = '\x1b[0m';
+    try {
+        process.env.CLEMENTINE_HOME = BASE_DIR;
+        const { SelfImproveLoop } = await import('../agent/self-improve.js');
+        const { PersonalAssistant } = await import('../agent/assistant.js');
+        const assistant = new PersonalAssistant();
+        const loop = new SelfImproveLoop(assistant);
+        const pending = loop.getPendingChanges();
+        if (opts.json) {
+            console.log(JSON.stringify(pending.map(p => ({
+                id: p.id, area: p.area, target: p.target,
+                score: p.score, hypothesis: p.hypothesis, reason: p.reason,
+            })), null, 2));
+            return;
+        }
+        if (pending.length === 0) {
+            console.log();
+            console.log(`  ${DIM}No changes pending review.${RESET}`);
+            console.log();
+            return;
+        }
+        console.log();
+        console.log(`  ${YELLOW}${pending.length} change${pending.length === 1 ? '' : 's'} pending${RESET}`);
+        console.log();
+        for (const p of pending) {
+            const score = (p.score * 10).toFixed(1);
+            console.log(`  ${BOLD}#${p.id}${RESET}  ${CYAN}${p.area}${RESET} ${DIM}→${RESET} ${p.target}  ${DIM}(score ${score}/10)${RESET}`);
+            console.log(`    ${p.hypothesis}`);
+            console.log(`    ${DIM}${p.reason}${RESET}`);
+            console.log();
+        }
+        console.log(`  Apply: ${BOLD}clementine self-improve apply <id>${RESET}`);
+        console.log();
     }
     catch (err) {
         console.error('Error:', err);

package/dist/config/keychain-first-run-wizard.d.ts

@@ -0,0 +1,26 @@
+/**
+ * One-time interactive wizard that repairs ACLs on legacy clementine-agent
+ * keychain entries during `clementine launch`.
+ *
+ * Why this exists: entries written before commit 88cfd99 used
+ * `add-generic-password -T ''` (no apps pre-approved), so every Clementine
+ * read would trigger a per-app approval dialog. Newer writes use
+ * `-T /usr/bin/security` and read silently. Existing users have legacy
+ * entries that need a one-time partition-list repair to stop the prompt
+ * cascade.
+ *
+ * The manual fix is `clementine config keychain-fix-acl`. This wizard runs
+ * the same fix automatically on the next `clementine launch` (where we
+ * know we have a TTY for the macOS login-keychain password prompt), then
+ * writes a sentinel so we never prompt again on this machine.
+ *
+ * Skipped when:
+ *   - non-darwin platform (no keychain),
+ *   - non-TTY stdin (launchd, systemd, CI — no way to prompt),
+ *   - sentinel already exists (already offered + decided),
+ *   - no clementine-agent entries exist (nothing to repair).
+ */
+/** Write the sentinel so the wizard skips on subsequent launches. */
+export declare function markKeychainWizardDone(baseDir: string): void;
+export declare function runFirstRunKeychainWizardIfNeeded(baseDir: string): Promise<void>;
+//# sourceMappingURL=keychain-first-run-wizard.d.ts.map

package/dist/config/keychain-first-run-wizard.js

@@ -0,0 +1,115 @@
+/**
+ * One-time interactive wizard that repairs ACLs on legacy clementine-agent
+ * keychain entries during `clementine launch`.
+ *
+ * Why this exists: entries written before commit 88cfd99 used
+ * `add-generic-password -T ''` (no apps pre-approved), so every Clementine
+ * read would trigger a per-app approval dialog. Newer writes use
+ * `-T /usr/bin/security` and read silently. Existing users have legacy
+ * entries that need a one-time partition-list repair to stop the prompt
+ * cascade.
+ *
+ * The manual fix is `clementine config keychain-fix-acl`. This wizard runs
+ * the same fix automatically on the next `clementine launch` (where we
+ * know we have a TTY for the macOS login-keychain password prompt), then
+ * writes a sentinel so we never prompt again on this machine.
+ *
+ * Skipped when:
+ *   - non-darwin platform (no keychain),
+ *   - non-TTY stdin (launchd, systemd, CI — no way to prompt),
+ *   - sentinel already exists (already offered + decided),
+ *   - no clementine-agent entries exist (nothing to repair).
+ */
+import { existsSync, writeFileSync } from 'node:fs';
+import path from 'node:path';
+import readline from 'node:readline/promises';
+import { stdin as input, stdout as output } from 'node:process';
+const SENTINEL_FILE = '.keychain-acl-wizard-done';
+function sentinelPath(baseDir) {
+    return path.join(baseDir, SENTINEL_FILE);
+}
+/** Write the sentinel so the wizard skips on subsequent launches. */
+export function markKeychainWizardDone(baseDir) {
+    try {
+        writeFileSync(sentinelPath(baseDir), new Date().toISOString() + '\n');
+    }
+    catch {
+        // Best-effort. If we can't write the sentinel the user gets re-prompted
+        // next launch — annoying but not broken.
+    }
+}
+export async function runFirstRunKeychainWizardIfNeeded(baseDir) {
+    if (process.platform !== 'darwin')
+        return;
+    if (!input.isTTY)
+        return;
+    if (existsSync(sentinelPath(baseDir)))
+        return;
+    const { listClementineKeychainEntries, fixAllClementineEntries } = await import('./keychain-fix-acl.js');
+    const entries = listClementineKeychainEntries().filter((e) => e.isClementine);
+    if (entries.length === 0) {
+        // Nothing to fix — write sentinel so we don't re-scan every launch.
+        markKeychainWizardDone(baseDir);
+        return;
+    }
+    const DIM = '\x1b[0;90m';
+    const BOLD = '\x1b[1m';
+    const YELLOW = '\x1b[0;33m';
+    const GREEN = '\x1b[0;32m';
+    const RED = '\x1b[0;31m';
+    const RESET = '\x1b[0m';
+    console.log();
+    console.log(`  ${BOLD}One-time keychain setup${RESET}`);
+    console.log(`  ${DIM}${entries.length} keychain entr${entries.length === 1 ? 'y' : 'ies'} from a previous version need an${RESET}`);
+    console.log(`  ${DIM}access-control update so Clementine can read them${RESET}`);
+    console.log(`  ${DIM}silently — otherwise macOS will prompt on every read.${RESET}`);
+    console.log();
+    console.log(`  ${DIM}macOS will ask once for your login-keychain password.${RESET}`);
+    console.log(`  ${DIM}After that, no more prompts. We won't ask again.${RESET}`);
+    console.log();
+    const rl = readline.createInterface({ input, output });
+    let answer;
+    try {
+        answer = (await rl.question(`  Repair now? ${DIM}[Y/n]${RESET} `)).trim().toLowerCase();
+    }
+    finally {
+        rl.close();
+    }
+    if (answer === 'n' || answer === 'no') {
+        console.log();
+        console.log(`  ${YELLOW}Skipped.${RESET} ${DIM}Run later with: clementine config keychain-fix-acl${RESET}`);
+        console.log();
+        markKeychainWizardDone(baseDir);
+        return;
+    }
+    console.log();
+    console.log(`  ${BOLD}Repairing ACLs...${RESET}`);
+    console.log();
+    const results = fixAllClementineEntries();
+    let okCount = 0;
+    let failCount = 0;
+    for (const r of results) {
+        if (r.status === 'fixed') {
+            console.log(`    ${GREEN}✓${RESET} ${r.account}`);
+            okCount++;
+        }
+        else if (r.status === 'failed') {
+            console.log(`    ${RED}✗${RESET} ${r.account} ${DIM}— ${r.error ?? 'unknown'}${RESET}`);
+            failCount++;
+        }
+    }
+    console.log();
+    if (failCount === 0) {
+        console.log(`  ${GREEN}Done — ${okCount} entr${okCount === 1 ? 'y' : 'ies'} repaired.${RESET} ${DIM}Future reads silent.${RESET}`);
+    }
+    else {
+        console.log(`  ${YELLOW}${okCount} fixed, ${failCount} failed.${RESET}`);
+        console.log(`  ${DIM}Failed entries can be fixed manually in Keychain Access.app:${RESET}`);
+        console.log(`  ${DIM}  search "clementine-agent" → right-click → Get Info → Access Control.${RESET}`);
+    }
+    console.log();
+    // Always mark done — even on partial failure we don't want to re-prompt
+    // every launch. The user can re-run the manual command if they want.
+    markKeychainWizardDone(baseDir);
+}
+//# sourceMappingURL=keychain-first-run-wizard.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.1.28",
+  "version": "1.1.30",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",