create-merlin-brain 5.3.1 → 5.3.3

package/bin/install.cjs

@@ -1609,6 +1609,78 @@ async function install() {
     quiet: true, // step 2 already printed the detection summary
   });
 
+  // Step 13.4: Allowlist codex Bash patterns (when Codex is installed)
+  if (!process.env.MERLIN_SKIP_PERMISSIONS_PATCH) {
+    try {
+      const { execSync } = require('child_process');
+      const codexInstalledScript = path.join(SCRIPTS_DIR, 'codex-installed.sh');
+
+      // Check if Codex is installed
+      let isCodexInstalled = false;
+      try {
+        if (fs.existsSync(codexInstalledScript)) {
+          execSync(`bash ${codexInstalledScript}`, { stdio: 'pipe' });
+          isCodexInstalled = true;
+        }
+      } catch (err) {
+        // Codex not installed, skip this step
+      }
+
+      if (isCodexInstalled) {
+        const settingsPath = path.join(CLAUDE_DIR, 'settings.json');
+
+        if (fs.existsSync(settingsPath)) {
+          try {
+            const settingsContent = fs.readFileSync(settingsPath, 'utf8');
+            const settings = JSON.parse(settingsContent);
+
+            if (settings.permissions && Array.isArray(settings.permissions.allow)) {
+              const codexRules = [
+                'Bash(which *)',
+                'Bash(codex *)',
+                'Bash(codex exec *)',
+                'Bash(merlin-codex *)',
+                'Bash(~/.claude/scripts/codex-as.sh *)',
+                'Bash(bash ~/.claude/scripts/codex-as.sh *)',
+                'Bash(~/.claude/scripts/duo-codex-call.sh *)',
+                'Bash(bash ~/.claude/scripts/duo-codex-call.sh *)',
+                'Bash(~/.claude/scripts/codex-installed.sh)',
+                'Bash(~/.claude/scripts/duo-*)',
+                'Bash(bash ~/.claude/scripts/duo-*)',
+                'mcp__merlin__*'
+              ];
+
+              let addedCount = 0;
+              for (const rule of codexRules) {
+                if (!settings.permissions.allow.includes(rule)) {
+                  settings.permissions.allow.push(rule);
+                  addedCount++;
+                }
+              }
+
+              if (addedCount > 0) {
+                fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2), 'utf8');
+                logSuccess(`Allowlisted codex/duo commands in ~/.claude/settings.json (${addedCount} new rules)`);
+              } else if (process.env.MERLIN_INSTALL_VERBOSE) {
+                log(`  codex/duo Bash rules already allowlisted`);
+              }
+            } else {
+              logWarn('permissions.allow not found in ~/.claude/settings.json — skipping codex allowlist');
+            }
+          } catch (parseErr) {
+            logWarn(`Could not parse ~/.claude/settings.json — skipping codex allowlist: ${parseErr.message}`);
+          }
+        }
+        // If settings.json doesn't exist, skip silently (don't create it from scratch)
+      }
+    } catch (err) {
+      // Non-fatal: permissions patch failure does not block the installer
+      if (process.env.MERLIN_INSTALL_VERBOSE) {
+        logWarn(`Codex permissions patch skipped: ${err.message}`);
+      }
+    }
+  }
+
   // Step 13.5: Install priority design skills (async, non-blocking)
   if (!process.env.MERLIN_SKIP_DESIGN_SKILLS) {
     try {
@@ -1661,6 +1733,10 @@ ${colors.cyan}Universal Task Optimization (NEW in 5.3.0):${colors.reset}
   • ${colors.bright}/merlin:polish${colors.reset}           - Animation polish via animation-expert
   • ${colors.bright}/merlin:redesign${colors.reset}         - Full redesign via ui-builder
 
+${colors.cyan}Duo reliability (NEW in 5.3.3):${colors.reset}
+  • Portable codex timeout wrapper (no more "gtimeout: not found" on macOS)
+  • codex-as.sh now accepts --timeout for long parallel planning runs
+
 ${colors.cyan}Merlin works with or without Sights:${colors.reset}
   • ${colors.green}With Sights${colors.reset}: Instant context, cross-session memory
   • ${colors.green}Without${colors.reset}: Full workflows, uses file exploration

package/files/rules/duo-routing.md

@@ -256,9 +256,12 @@ When duo is OFF, Merlin runs a pre-route hook at the start of every routing deci
 
 `duo-installed.sh` only checks PATH presence. If Codex is on PATH but fails at runtime:
 
-1. Wrap all Codex invocations with a 60s timeout:
-   - With coreutils: `gtimeout 60s codex …`
-   - Without coreutils: `perl -e 'alarm 60; exec @ARGV' codex …`
+1. Wrap all Codex invocations with a timeout using the portable wrapper:
+   - `~/.claude/scripts/with-timeout.sh <seconds> codex exec …`
+   (Auto-detects gtimeout / timeout / perl alarm — DO NOT compose raw `gtimeout`
+   or `timeout` calls; they are not always installed.)
+   - For long-running parallel planning runs, prefer `codex-as.sh --timeout 1800 <agent> "<task>"`
+   - For 60-second probes, the existing `duo-codex-call.sh` already enforces this via MERLIN_CODEX_TIMEOUT_SEC (default 60s)
 2. On Codex error or timeout: log to `~/.claude/merlin-state/duo-decisions.log` with severity `codex_runtime_failure`. Fall back to Claude for that step:
    - Parallel branch: drop the codex result; arbiter receives one input
    - Sequential branch: Claude takes the author role

package/files/scripts/codex-as.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 # codex-as.sh — invoke Codex as a Merlin specialist agent
-# Usage: codex-as.sh <agent-name> <task-text> [--model <model-name>]
+# Usage: codex-as.sh <agent-name> <task-text> [--model <model-name>] [--timeout <seconds>]
 
 set -euo pipefail
 
@@ -10,6 +10,7 @@ command -v codex >/dev/null 2>&1 || exit 0
 AGENT_NAME=""
 TASK_TEXT=""
 MODEL_FLAG=""
+TIMEOUT_SEC="${MERLIN_CODEX_TIMEOUT_SEC:-1800}"
 
 # Parse arguments
 while [[ $# -gt 0 ]]; do
@@ -23,6 +24,15 @@ while [[ $# -gt 0 ]]; do
                 exit 1
             fi
             ;;
+        --timeout)
+            if [[ -n "${2:-}" && "$2" =~ ^[0-9]+$ ]]; then
+                TIMEOUT_SEC="$2"
+                shift 2
+            else
+                echo "Error: --timeout requires a non-negative integer" >&2
+                exit 1
+            fi
+            ;;
         *)
             if [[ -z "$AGENT_NAME" ]]; then
                 AGENT_NAME="$1"
@@ -73,5 +83,13 @@ ${TASK_TEXT}"
 # (The legacy --write flag was removed from `codex exec`; -s workspace-write is the
 #  current equivalent. Use --dangerously-bypass-approvals-and-sandbox only if you
 #  explicitly want to skip all prompts — workspace-write is the safer default.)
-# shellcheck disable=SC2086
-exec codex exec -s workspace-write --cd "$PWD" $MODEL_FLAG "$FULL_PROMPT"
+# Wrap with timeout using the portable with-timeout.sh wrapper.
+WITH_TIMEOUT="$(dirname "${BASH_SOURCE[0]}")/with-timeout.sh"
+if [[ -x "$WITH_TIMEOUT" ]]; then
+    # shellcheck disable=SC2086
+    exec "$WITH_TIMEOUT" "$TIMEOUT_SEC" codex exec -s workspace-write --cd "$PWD" $MODEL_FLAG "$FULL_PROMPT"
+else
+    # Fallback if with-timeout.sh missing (shouldn't happen post-install)
+    # shellcheck disable=SC2086
+    exec codex exec -s workspace-write --cd "$PWD" $MODEL_FLAG "$FULL_PROMPT"
+fi

package/files/scripts/duo-codex-call.sh

@@ -3,10 +3,14 @@
 # Usage: duo-codex-call.sh <codex-command> [args...]
 # Exit 0: success (stdout/stderr forwarded)
 # Exit 75 (TEMPFAIL): codex failed or timed out — caller should fall back to Claude
-# Always exits — never hangs beyond 60s
+# Always exits — never hangs beyond MERLIN_CODEX_TIMEOUT_SEC (default 60s)
+#
+# Environment variables:
+#   MERLIN_CODEX_TIMEOUT_SEC — timeout in seconds (default: 60)
 
 set -euo pipefail
 
+TIMEOUT_SEC="${MERLIN_CODEX_TIMEOUT_SEC:-60}"
 FAILURES_FILE="${HOME}/.claude/merlin-state/.duo-codex-failures"
 DECISIONS_LOG="${HOME}/.claude/merlin-state/duo-decisions.log"
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -47,21 +51,15 @@ _auto_disable_duo() {
     _write_counter 0
 }
 
-# --- Build timeout command ---
-_TIMEOUT=""
-if command -v gtimeout >/dev/null 2>&1; then
-    _TIMEOUT="gtimeout 60"
-elif timeout --version >/dev/null 2>&1; then
-    _TIMEOUT="timeout 60"
-fi
-
-# --- Execute (capture exit code without triggering set -e) ---
+# --- Execute with timeout (capture exit code without triggering set -e) ---
+WITH_TIMEOUT="${SCRIPT_DIR}/with-timeout.sh"
 EXIT_CODE=0
-if [[ -n "$_TIMEOUT" ]]; then
-    $_TIMEOUT "$@" || EXIT_CODE=$?
+
+if [[ -x "$WITH_TIMEOUT" ]]; then
+    "$WITH_TIMEOUT" "$TIMEOUT_SEC" "$@" || EXIT_CODE=$?
 else
-    # perl alarm fallback for macOS without coreutils
-    perl -e 'alarm 60; exec @ARGV or exit 127' -- "$@" || EXIT_CODE=$?
+    # Fallback if with-timeout.sh missing (shouldn't happen post-install)
+    perl -e 'alarm shift; exec @ARGV or exit 127' "$TIMEOUT_SEC" -- "$@" || EXIT_CODE=$?
 fi
 
 if [[ $EXIT_CODE -eq 0 ]]; then

package/files/scripts/with-timeout.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+# with-timeout.sh — portable timeout wrapper (gtimeout → timeout → perl alarm)
+# Usage: with-timeout.sh <seconds> <command> [args...]
+# Exit 124 on timeout (GNU convention). Otherwise the wrapped command's exit code.
+
+set -euo pipefail
+
+if [[ $# -lt 2 ]]; then
+    echo "Usage: with-timeout.sh <seconds> <command> [args...]" >&2
+    exit 2
+fi
+
+SECS="$1"
+shift
+
+if ! [[ "$SECS" =~ ^[0-9]+$ ]]; then
+    echo "with-timeout.sh: timeout must be a non-negative integer (got: $SECS)" >&2
+    exit 2
+fi
+
+if command -v gtimeout >/dev/null 2>&1; then
+    exec gtimeout --preserve-status --signal=TERM "${SECS}s" "$@"
+elif command -v timeout >/dev/null 2>&1; then
+    exec timeout --preserve-status --signal=TERM "${SECS}s" "$@"
+else
+    # Perl fork+alarm fallback (always available on macOS+Linux).
+    # Must fork — exec replaces the perl process and discards the SIGALRM handler,
+    # so the alarm would never reach our exit-124 code path.
+    exec perl -e '
+        my $secs = shift;
+        my $pid  = fork();
+        die "with-timeout.sh: fork failed: $!\n" unless defined $pid;
+        if ($pid == 0) {
+            exec { $ARGV[0] } @ARGV
+                or do { print STDERR "with-timeout.sh: exec failed: $!\n"; exit 127 };
+        }
+        $SIG{ALRM} = sub {
+            kill "TERM", $pid;
+            select(undef, undef, undef, 0.5);
+            kill "KILL", $pid if kill(0, $pid);
+            waitpid $pid, 0;
+            exit 124;
+        };
+        alarm $secs;
+        waitpid $pid, 0;
+        my $rc = $?;
+        if ($rc & 127) { exit 128 + ($rc & 127); }
+        exit($rc >> 8);
+    ' "$SECS" "$@"
+fi

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-merlin-brain",
-  "version": "5.3.1",
+  "version": "5.3.3",
   "description": "Merlin - The Ultimate AI Brain for Claude Code, Codex, and other AI CLIs. One install: workflows, agents, loop, and Sights MCP server.",
   "type": "module",
   "main": "./dist/server/index.js",