kly 0.1.1 → 0.2.0

package/dist/bin/kly.mjs

@@ -950,9 +950,10 @@ function createResourceProvider(options) {
 * 4. Returns execution result
 */
 async function launchSandbox(options) {
-	const { scriptPath, args: args$1, appId, sandboxConfig, allowApiKey } = options;
+	const { scriptPath, args: args$1, appId, invokeDir, sandboxConfig, allowApiKey } = options;
 	await SandboxManager.initialize(sandboxConfig);
 	const absoluteScriptPath = resolve(process.cwd(), scriptPath);
+	const _scriptDir = absoluteScriptPath.substring(0, absoluteScriptPath.lastIndexOf("/"));
 	const executorPath = resolve(__dirname, "../sandbox/bundled-executor.mjs");
 	if (!SandboxManager.isSandboxingEnabled()) {
 		console.warn("⚠️  Sandboxing is not supported on this platform.");
@@ -973,6 +974,7 @@ async function launchSandbox(options) {
 			"inherit",
 			"ipc"
 		],
+		cwd: _scriptDir,
 		env: {
 			...process.env,
 			KLY_SANDBOX_MODE: "true"
@@ -994,6 +996,7 @@ async function launchSandbox(options) {
 		scriptPath: absoluteScriptPath,
 		args: args$1,
 		appId,
+		invokeDir,
 		permissions: {
 			allowApiKey,
 			sandboxConfig
@@ -1843,12 +1846,14 @@ async function clearAllPermissionsAction() {
 */
 const PROTECTED_PATHS = {
 	alwaysDenyWrite: [
-		join(homedir(), ".kly"),
+		join(homedir(), ".kly/config"),
+		join(homedir(), ".kly/permissions.json"),
+		join(homedir(), ".kly/kly.sum"),
 		join(homedir(), ".ssh"),
 		join(homedir(), ".aws"),
 		join(homedir(), ".gnupg")
 	],
-	alwaysDenyRead: [join(homedir(), ".kly")]
+	alwaysDenyRead: [join(homedir(), ".kly/config"), join(homedir(), ".kly/permissions.json")]
 };
 /**
 * Resolve filesystem path with special marker support
@@ -1909,7 +1914,8 @@ function buildSandboxConfig(permissions) {
 			denyRead,
 			allowWrite,
 			denyWrite: PROTECTED_PATHS.alwaysDenyWrite
-		}
+		},
+		allowPty: true
 	};
 }
 /**
@@ -2348,9 +2354,13 @@ const ENTRY_CANDIDATES = [
 ];
 /**
 * Resolve entry point for a kly app
-* Priority: main field > convention candidates
+* Priority: convention candidates > main field
+*
+* We prioritize convention-based source files over package.json main field
+* because remote apps are run from source, not from built artifacts.
 */
 function resolveEntryPoint(repoPath) {
+	for (const candidate of ENTRY_CANDIDATES) if (existsSync(join(repoPath, candidate))) return candidate;
 	const pkgPath = join(repoPath, "package.json");
 	if (existsSync(pkgPath)) try {
 		const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
@@ -2358,7 +2368,6 @@ function resolveEntryPoint(repoPath) {
 			if (existsSync(join(repoPath, pkg.main))) return pkg.main;
 		}
 	} catch {}
-	for (const candidate of ENTRY_CANDIDATES) if (existsSync(join(repoPath, candidate))) return candidate;
 	return null;
 }
 /**
@@ -2764,6 +2773,7 @@ async function executeApp(ref, repoPath, args$1, mcp) {
 				process.exit(1);
 			}
 		}
+		if (!sandboxConfig.filesystem.allowWrite.includes(repoPath)) sandboxConfig.filesystem.allowWrite.push(repoPath);
 		if (mcp) {
 			console.warn("⚠️  MCP mode with remote repos not yet fully supported in new architecture");
 			process.env[ENV_VARS.MCP_MODE] = "true";
@@ -2775,6 +2785,7 @@ async function executeApp(ref, repoPath, args$1, mcp) {
 			scriptPath: absoluteEntryPath,
 			args: args$1,
 			appId,
+			invokeDir: process.cwd(),
 			sandboxConfig,
 			allowApiKey
 		});
@@ -2846,6 +2857,7 @@ async function main() {
 }
 async function runFile(filePath, appArgs) {
 	const absolutePath = resolve(process.cwd(), filePath);
+	const invokeDir = process.cwd();
 	const prevLocalRef = process.env.KLY_LOCAL_REF;
 	process.env.KLY_LOCAL_REF = `local:${absolutePath}`;
 	try {
@@ -2870,6 +2882,7 @@ async function runFile(filePath, appArgs) {
 			scriptPath: absolutePath,
 			args: appArgs,
 			appId,
+			invokeDir,
 			sandboxConfig,
 			allowApiKey
 		});