loki-mode 7.44.0 → 7.45.0

package/README.md

@@ -105,7 +105,8 @@ loki quick "build a landing page with a signup form"
 |--------|---------|-------|
 | **Bun (recommended)** | `bun install -g loki-mode` | Fastest startup for CLI commands. |
 | **Homebrew** | `brew tap asklokesh/tap && brew install loki-mode` | Auto-installs Bun as a dep |
-| **Docker** | `docker pull asklokesh/loki-mode:7.40.0 && docker run --rm asklokesh/loki-mode:7.40.0 start prd.md` | Bun pre-installed in image |
+| **Docker (easiest)** | `loki docker start prd.md` | Host wrapper: runs loki in the published image with zero config. Bind-mounts the current folder so `.loki` state, resume, and continuity work exactly like local. Auto-detects auth (`ANTHROPIC_API_KEY`, else your host Claude Code login). Needs loki + Docker on the host. See DOCKER_README.md |
+| **Docker (raw)** | `docker pull asklokesh/loki-mode:7.45.0 && docker run --rm -e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" asklokesh/loki-mode:7.45.0 start prd.md` | Bun + Claude CLI pre-installed; needs an API key, or use docker compose with a .env file, see DOCKER_README.md |
 | **npm (compat)** | `npm install -g loki-mode` | Works without Bun (bash fallback). Migrate any time with `loki self-update --to bun`. |
 
 **Upgrading:**
@@ -165,7 +166,7 @@ The next major release sunsets the Bash runtime entirely. There is no firm calen
 | Method | Command |
 |--------|---------|
 | **Homebrew** | `brew tap asklokesh/tap && brew install loki-mode` |
-| **Docker** | `docker pull asklokesh/loki-mode:7.40.0` |
+| **Docker** | `docker pull asklokesh/loki-mode:7.45.0` |
 | **Inside Claude Code** | `claude --dangerously-skip-permissions` then type "Loki Mode" |
 | **Git clone** | `git clone https://github.com/asklokesh/loki-mode.git` |
 

package/SKILL.md

@@ -3,7 +3,7 @@ name: loki-mode
 description: Autonomous spec-driven build system with a built-in trust layer. It does not call work done until it is verified (RARV-C closure loop, 11 quality gates, completion council, verified-completion evidence gate). Triggers on "Loki Mode". Takes a spec (PRD, GitHub issue, OpenAPI doc, etc.) to deployed product with minimal human intervention. Provider-agnostic. Requires --dangerously-skip-permissions flag.
 ---
 
-# Loki Mode v7.44.0
+# Loki Mode v7.45.0
 
 **You are an autonomous agent. You make decisions. You do not ask questions. You do not stop.**
 
@@ -219,6 +219,15 @@ loki start --provider aider ./prd.md         # Aider (18+ providers), degraded m
 loki start ./prd.md --parallel
 loki start 123 --ship                        # Issue -> PR -> auto-merge
 
+# Run any loki command inside the published Docker image, zero config (v7.45.0).
+# Bind-mounts the current folder to /workspace so .loki state, resume, and
+# continuity behave exactly like the local CLI. Auth auto-detected: ANTHROPIC_API_KEY,
+# else the host Claude Code login (Max/Pro), else an honest error. Requires loki + Docker on the host.
+loki docker start prd.md                      # full local experience in Docker
+loki docker status                            # any loki command works
+loki docker --dry-run start prd.md            # print the docker command, do not run
+loki docker --image IMG start prd.md          # override the image
+
 # Legacy: `loki run <issue>` still works but prints a deprecation notice.
 # It is an alias for `loki start <issue>` and will be removed in a future major.
 ```
@@ -398,4 +407,4 @@ See `CHANGELOG.md` entries [7.5.7], [7.5.8], [7.5.13] for the per-fix list and r
 
 ---
 
-**v7.44.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**
+**v7.45.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**

package/VERSION

@@ -1 +1 @@
-7.44.0
+7.45.0

package/autonomy/docker-run.sh

@@ -0,0 +1,243 @@
+#!/usr/bin/env bash
+#===============================================================================
+# Loki Mode - zero-friction Docker host wrapper
+#
+# Lets a user run loki inside the published Docker image with the SAME
+# experience as the local CLI: run it in a project folder and it just works.
+# .loki/ state (memory, session, queue, checkpoints) persists via the workspace
+# bind mount, so resume and continuity behave exactly like `loki start` on the
+# host.
+#
+# Auth precedence (zero config for Claude Code subscribers):
+#   1. ANTHROPIC_API_KEY set in the environment  -> passed through (explicit).
+#   2. else host Claude Code login auto-detected  -> credentials extracted to a
+#      per-run temp copy and mounted read-write so the in-container claude can
+#      refresh the short-lived token for the duration of the run. Each run
+#      re-extracts a fresh token from the host store, so a long-idle token is
+#      never an issue. (The temp copy is wiped on exit; refreshes are not written
+#      back to the host store, which is why per-run re-extraction matters.)
+#   3. else                                        -> honest error with guidance.
+#
+# Token handling: the extracted credentials file is written to a private temp
+# path (0600) and removed on exit. It is NEVER written into the project, never
+# committed, never logged.
+#
+# Sourced by autonomy/loki (cmd_docker). Also runnable standalone for tests:
+#   loki_docker_detect_auth   -> prints: apikey | oauth | none
+#   loki_docker_extract_creds <dest>  -> writes host OAuth creds to <dest>
+#   loki_docker_build_argv ...        -> prints the docker argv it would run
+#===============================================================================
+
+# Default image. Overridable for local builds / pinning.
+: "${LOKI_DOCKER_IMAGE:=asklokesh/loki-mode:latest}"
+# In-container path claude reads OAuth credentials from (Linux, no keychain).
+_LOKI_DOCKER_CRED_DEST="/home/loki/.claude/.credentials.json"
+# Dashboard port (kept identical to the local default).
+: "${LOKI_DASHBOARD_PORT:=57374}"
+
+# Detect which auth method is available on this host.
+# Echoes one of: apikey | oauth | none
+loki_docker_detect_auth() {
+    if [ -n "${ANTHROPIC_API_KEY:-}" ]; then
+        echo "apikey"
+        return 0
+    fi
+    # macOS: token in the login keychain under "Claude Code-credentials".
+    if command -v security >/dev/null 2>&1; then
+        if security find-generic-password -s "Claude Code-credentials" -w >/dev/null 2>&1; then
+            echo "oauth"
+            return 0
+        fi
+    fi
+    # Linux / non-keychain: claude stores creds as a plain file.
+    if [ -f "${HOME}/.claude/.credentials.json" ]; then
+        echo "oauth"
+        return 0
+    fi
+    echo "none"
+    return 0
+}
+
+# Extract host Claude Code OAuth credentials into $1 (0600). Returns non-zero
+# if no host login is found. Writes ONLY the claudeAiOauth object claude needs;
+# never the unrelated mcpOAuth blobs.
+loki_docker_extract_creds() {
+    local dest="$1"
+    [ -n "$dest" ] || { echo "loki_docker_extract_creds: missing dest" >&2; return 2; }
+
+    # Create the file privately BEFORE writing the token (no race on perms).
+    ( umask 077; : > "$dest" ) || return 2
+    chmod 600 "$dest" 2>/dev/null || true
+
+    local raw=""
+    if command -v security >/dev/null 2>&1; then
+        raw="$(security find-generic-password -s "Claude Code-credentials" -w 2>/dev/null || true)"
+    fi
+    if [ -z "$raw" ] && [ -f "${HOME}/.claude/.credentials.json" ]; then
+        raw="$(cat "${HOME}/.claude/.credentials.json" 2>/dev/null || true)"
+    fi
+    if [ -z "$raw" ]; then
+        echo "loki_docker_extract_creds: no host Claude Code login found" >&2
+        return 1
+    fi
+
+    # Normalize to {"claudeAiOauth": {...}}. Prefer jq; fall back to raw if jq
+    # is absent and the payload already looks like the right shape.
+    if command -v jq >/dev/null 2>&1; then
+        if ! printf '%s' "$raw" | jq -e 'has("claudeAiOauth")' >/dev/null 2>&1; then
+            echo "loki_docker_extract_creds: host credentials missing claudeAiOauth" >&2
+            return 1
+        fi
+        printf '%s' "$raw" | jq '{claudeAiOauth}' > "$dest" 2>/dev/null || return 2
+    else
+        printf '%s' "$raw" > "$dest"
+    fi
+    chmod 600 "$dest" 2>/dev/null || true
+    return 0
+}
+
+# Assemble the docker argv (printed one arg per line so callers can read it
+# into an array safely). $1 = auth method (apikey|oauth|none), $2 = creds path
+# (for oauth), remaining args = the loki command to run in the container.
+# $1 = auth, $2 = creds path, $3 = with_api (1 to publish the dashboard port +
+# enable the dashboard, like local `loki start --api`; 0 for a plain one-shot
+# build). Remaining args = the loki command.
+loki_docker_build_argv() {
+    local auth="$1"; shift
+    local creds="$1"; shift
+    local with_api="${1:-0}"; shift
+    local workspace; workspace="$(pwd)"
+
+    local -a argv=(docker run --rm)
+    # Allocate a TTY / keep stdin open ONLY when we actually have a terminal.
+    # `-it` against a non-terminal (piped, CI, headless) fails with
+    # "cannot attach stdin to a TTY-enabled container because stdin is not a
+    # terminal". Probe stdin (-t 0) and stdout (-t 1) and add the flags
+    # conditionally so the wrapper works both interactively and headless.
+    # Override with LOKI_DOCKER_TTY=1 (force) or =0 (never).
+    local _tty="${LOKI_DOCKER_TTY:-auto}"
+    if [ "$_tty" = "1" ]; then
+        argv+=(-it)
+    elif [ "$_tty" = "auto" ] && [ -t 0 ] && [ -t 1 ]; then
+        argv+=(-it)
+    elif [ "$_tty" = "auto" ] && [ -t 0 ]; then
+        argv+=(-i)
+    fi
+    # Workspace mount: this is what makes .loki state (and thus resume +
+    # continuity) persist exactly like the local CLI.
+    argv+=(-v "${workspace}:/workspace:rw" -w /workspace)
+    # Dashboard: OFF by default, exactly like local `loki start` (which only
+    # starts the dashboard with --api). A plain one-shot build does not need it,
+    # and publishing a fixed host port made two `loki docker` runs collide on
+    # 57374 and left a lingering container holding the port. With --api we both
+    # enable the dashboard inside the container AND publish the port.
+    if [ "$with_api" = "1" ]; then
+        argv+=(-p "${LOKI_DASHBOARD_PORT}:${LOKI_DASHBOARD_PORT}")
+        argv+=(-e "LOKI_DASHBOARD=true" -e "LOKI_DASHBOARD_PORT=${LOKI_DASHBOARD_PORT}")
+    else
+        argv+=(-e "LOKI_DASHBOARD=false")
+    fi
+    # Forward git/gh identity so commits + PRs work like local. Mounting just
+    # ~/.gitconfig is NOT enough: it commonly uses `includeIf` to pull the real
+    # identity from per-host files (e.g. a github.com identity in a separate
+    # included file). Those includes are absent in the container, so git would
+    # silently fall back to the top-level [user] -- which can be a corporate
+    # default -- and mis-attribute commits. A `loki docker` build is destined for
+    # github.com, so the container must commit with the GitHub identity. We
+    # resolve it by preference:
+    #   1. the identity from the user's github includeIf target (the file pulled
+    #      in for github.com remotes), if we can find it -- this is the correct
+    #      identity for the autonomous greenfield flow (build -> add github
+    #      remote -> commit -> push), which a workspace-context lookup would miss
+    #      because a fresh repo has no github remote yet;
+    #   2. else the host's globally-configured identity.
+    # Forwarded as authoritative GIT_AUTHOR_*/GIT_COMMITTER_* env. NOTE: this
+    # freezes the identity for the run (env overrides per-commit includeIf
+    # re-evaluation), which is the intended behavior here -- the container has
+    # ONE purpose (github.com builds) so one frozen GitHub identity is correct.
+    [ -f "${HOME}/.gitconfig" ] && argv+=(-v "${HOME}/.gitconfig:/home/loki/.gitconfig:ro")
+    if command -v git >/dev/null 2>&1; then
+        local _gname="" _gemail="" _ghinc=""
+        # Find the path referenced by a github includeIf, if any.
+        if [ -f "${HOME}/.gitconfig" ]; then
+            _ghinc="$(git config --file "${HOME}/.gitconfig" --get-regexp 'includeif\..*github.*\.path' 2>/dev/null | awk '{print $2; exit}')"
+            # Expand a leading ~ to $HOME. (The "~/" here is a literal case
+            # pattern we are matching against, not a path to expand.)
+            # shellcheck disable=SC2088
+            case "$_ghinc" in "~/"*) _ghinc="${HOME}/${_ghinc#\~/}";; esac
+        fi
+        if [ -n "$_ghinc" ] && [ -f "$_ghinc" ]; then
+            _gname="$(git config --file "$_ghinc" --get user.name 2>/dev/null || true)"
+            _gemail="$(git config --file "$_ghinc" --get user.email 2>/dev/null || true)"
+        fi
+        # Fallback to the globally-resolved identity if the github include did
+        # not yield one.
+        [ -z "$_gname" ] && _gname="$(git config --get user.name 2>/dev/null || true)"
+        [ -z "$_gemail" ] && _gemail="$(git config --get user.email 2>/dev/null || true)"
+        if [ -n "$_gname" ]; then
+            argv+=(-e "GIT_AUTHOR_NAME=${_gname}" -e "GIT_COMMITTER_NAME=${_gname}")
+        fi
+        if [ -n "$_gemail" ]; then
+            argv+=(-e "GIT_AUTHOR_EMAIL=${_gemail}" -e "GIT_COMMITTER_EMAIL=${_gemail}")
+        fi
+    fi
+    [ -d "${HOME}/.config/gh" ] && argv+=(-v "${HOME}/.config/gh:/home/loki/.config/gh:ro")
+    # Forward GitHub tokens if set.
+    [ -n "${GITHUB_TOKEN:-}" ] && argv+=(-e "GITHUB_TOKEN=${GITHUB_TOKEN}")
+    [ -n "${GH_TOKEN:-}" ] && argv+=(-e "GH_TOKEN=${GH_TOKEN}")
+    # No desktop notifications inside a container.
+    argv+=(-e "LOKI_NOTIFICATIONS=false")
+    # Multi-repo unified dashboard (Option B): the in-container run.sh must NOT
+    # register into the project registry. A container only sees /workspace, not
+    # the real host path, and registry.register_project() hard-fails on a path
+    # that does not exist inside the container -- so in-container registration
+    # is both wrong (every repo would key as /workspace) and a silent no-op.
+    # Instead cmd_docker registers on the HOST with the real $(pwd), no pid, so
+    # the existing host dashboard aggregates every `loki docker` repo exactly
+    # like it aggregates host `loki start` repos (state read from the
+    # bind-mounted .loki/session.json). See loki_register_running_project.
+    argv+=(-e "LOKI_SKIP_PROJECT_REGISTRY=1")
+    # Deterministic per-host-path container name: two repos get two distinct
+    # concurrent containers (multi-repo parity with the host CLI) and a stable
+    # handle for `loki docker stop`. Hash the workspace path; fall back to a
+    # sanitized basename if no sha tool is present.
+    local _name_hash=""
+    if command -v shasum >/dev/null 2>&1; then
+        _name_hash="$(printf '%s' "$workspace" | shasum -a 256 2>/dev/null | cut -c1-12)"
+    elif command -v sha256sum >/dev/null 2>&1; then
+        _name_hash="$(printf '%s' "$workspace" | sha256sum 2>/dev/null | cut -c1-12)"
+    fi
+    if [ -n "$_name_hash" ]; then
+        argv+=(--name "loki-${_name_hash}")
+    else
+        argv+=(--name "loki-$(basename "$workspace" | tr -c 'A-Za-z0-9_.-' '_')")
+    fi
+    # The container IS the session boundary, so the runner must NOT setsid into
+    # a new, detached session: setsid detach inside a `--rm` container makes the
+    # `docker run` exit code report 0 even when the runner failed (a user with
+    # an expired token would get RC=0 and a silently empty folder). Running the
+    # runner in the foreground propagates the real exit code out through
+    # `docker run`, so the wrapper exits non-zero on a failed build -- exactly
+    # like the local CLI. Stop semantics still work: `docker stop` / Ctrl+C
+    # signals the container's main process.
+    argv+=(-e "LOKI_NO_NEW_SESSION=1")
+
+    case "$auth" in
+        apikey)
+            argv+=(-e "ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}")
+            ;;
+        oauth)
+            # rw so the in-container claude can refresh the short-lived token
+            # for the duration of THIS run. (The mounted file is a per-run temp
+            # copy that is wiped on exit, so the refresh does not persist to the
+            # host store -- but each run re-extracts a fresh, host-refreshed
+            # token, so an idle token is never a problem.)
+            argv+=(-v "${creds}:${_LOKI_DOCKER_CRED_DEST}:rw")
+            ;;
+    esac
+
+    argv+=("$LOKI_DOCKER_IMAGE")
+    argv+=("$@")
+
+    printf '%s\n' "${argv[@]}"
+}

package/autonomy/loki

@@ -1931,6 +1931,21 @@ cmd_start() {
     if [ -f "$_start_pid_file" ]; then
         local _existing_pid
         _existing_pid=$(cat "$_start_pid_file" 2>/dev/null | tr -dc '0-9')
+        # Docker resume fix: in a `--rm` container every run starts a fresh PID
+        # namespace where the orchestrator is PID 1. A prior run that wrote
+        # loki.pid=1 leaves that marker in the bind-mounted .loki on the host;
+        # the NEXT container is ALSO PID 1, so `kill -0 1` (a self-signal) always
+        # succeeds and the lock falsely reads "another instance is running",
+        # making resume in the same folder impossible. Two cases are NOT a live
+        # sibling and must be cleared: (a) the recorded pid equals OUR OWN pid
+        # ($$) -- this is the in-container resume case, where the new run is PID 1
+        # and the stale marker is also 1; (b) the recorded pid is 1 but we are
+        # NOT pid 1 (a host reading a container's leftover marker). Mirrors the
+        # downstream guard in run.sh. A genuine concurrent sibling can never
+        # share our $$, so this never masks a real running instance.
+        if [ "$_existing_pid" = "$$" ] || { [ "$_existing_pid" = "1" ] && [ "$$" != "1" ]; }; then
+            _existing_pid=""
+        fi
         if [ -n "$_existing_pid" ] && kill -0 "$_existing_pid" 2>/dev/null; then
             echo -e "${RED}Error: another loki instance is running (pid $_existing_pid).${NC}" >&2
             echo -e "${YELLOW}Run 'loki stop' first, then retry 'loki start'.${NC}" >&2
@@ -14370,6 +14385,9 @@ main() {
         web)
             cmd_web "$@"
             ;;
+        docker)
+            cmd_docker "$@"
+            ;;
         preview)
             cmd_preview "$@"
             ;;
@@ -28360,4 +28378,178 @@ PYEOF
     esac
 }
 
+# ---------------------------------------------------------------------------
+# loki docker - zero-friction Docker host wrapper
+#
+# Runs loki inside the published image with the SAME experience as the local
+# CLI: invoke it in a project folder and it just works. The current directory
+# is bind-mounted to /workspace, so .loki/ state (memory, session, queue,
+# checkpoints) persists on the host and resume + continuity behave exactly like
+# `loki start` locally. Auth is auto-detected (ANTHROPIC_API_KEY if set, else
+# the host Claude Code login), so Claude Code subscribers get zero-config runs.
+#
+# Usage:
+#   loki docker start prd.md       # run a build in the container, .loki persists
+#   loki docker <any-loki-command> # forwards any command into the container
+#   loki docker --dry-run start    # print the docker argv without running
+#   loki docker --image IMG ...    # override the image (default published tag)
+# ---------------------------------------------------------------------------
+cmd_docker() {
+    local docker_mod="$_LOKI_SCRIPT_DIR/docker-run.sh"
+    if [ ! -f "$docker_mod" ]; then
+        echo -e "${RED}Error: docker wrapper module not found at $docker_mod${NC}" >&2
+        return 3
+    fi
+
+    local sub="${1:-}"
+    case "$sub" in
+        ""|--help|-h|help)
+            echo -e "${BOLD}loki docker${NC} - run loki inside the Docker image, zero config"
+            echo ""
+            echo "Usage: loki docker [--image IMG] [--dry-run] <loki-command> [args]"
+            echo ""
+            echo "Runs the published Loki image with your current folder mounted at"
+            echo "/workspace, so .loki state persists and resume works exactly like"
+            echo "the local CLI. Auth is auto-detected:"
+            echo "  1. ANTHROPIC_API_KEY (if set in your environment), else"
+            echo "  2. your host Claude Code login (Max/Pro subscription), else"
+            echo "  3. an error with setup guidance."
+            echo ""
+            echo "Examples:"
+            echo "  loki docker start prd.md"
+            echo "  loki docker status"
+            echo "  loki docker --dry-run start prd.md"
+            echo ""
+            echo "Options:"
+            echo "  --image IMG   Override the image (default: ${LOKI_DOCKER_IMAGE:-asklokesh/loki-mode:latest})"
+            echo "  --dry-run     Print the docker command that would run, then exit"
+            [ "$sub" = "" ] && return 1
+            return 0
+            ;;
+    esac
+
+    if ! command -v docker >/dev/null 2>&1; then
+        echo -e "${RED}Error: docker is not installed or not on PATH.${NC}" >&2
+        echo "Install Docker Desktop (https://www.docker.com/products/docker-desktop/) and retry." >&2
+        return 4
+    fi
+
+    # Parse wrapper-only flags (everything else is the loki command to forward).
+    # --api is BOTH a forwarded loki flag (start --api) and a wrapper signal to
+    # publish the dashboard port, so we detect it without consuming it.
+    local dry_run=0
+    local with_api=0
+    local -a fwd=()
+    while [ $# -gt 0 ]; do
+        case "$1" in
+            --image) shift; export LOKI_DOCKER_IMAGE="${1:-}"; shift ;;
+            --dry-run) dry_run=1; shift ;;
+            --api) with_api=1; fwd+=("$1"); shift ;;
+            *) fwd+=("$1"); shift ;;
+        esac
+    done
+
+    # shellcheck source=/dev/null
+    source "$docker_mod"
+
+    local auth; auth="$(loki_docker_detect_auth)"
+    local creds=""
+    local cleanup_creds=0
+
+    case "$auth" in
+        apikey)
+            echo -e "${DIM:-}Auth: ANTHROPIC_API_KEY (from environment)${NC}" >&2
+            ;;
+        oauth)
+            creds="$(mktemp "${TMPDIR:-/tmp}/loki-docker-creds.XXXXXX")" || {
+                echo -e "${RED}Error: could not create a temp file for credentials.${NC}" >&2
+                return 2
+            }
+            cleanup_creds=1
+            # Wipe the token file on any exit path.
+            # shellcheck disable=SC2064
+            trap "rm -f '$creds' 2>/dev/null || true" EXIT INT TERM
+            if ! loki_docker_extract_creds "$creds"; then
+                echo -e "${RED}Error: found a host Claude Code login but could not read its token.${NC}" >&2
+                return 2
+            fi
+            echo -e "${DIM:-}Auth: host Claude Code login (auto-detected, mounted read-write)${NC}" >&2
+            ;;
+        none)
+            echo -e "${RED}Error: no auth available for the Docker run.${NC}" >&2
+            echo "Do ONE of the following, then retry:" >&2
+            echo "  - export ANTHROPIC_API_KEY=sk-ant-...   (get one at https://console.anthropic.com/settings/keys)" >&2
+            echo "  - or log in to Claude Code on this host (claude) so loki can reuse it." >&2
+            return 5
+            ;;
+    esac
+
+    # Default the command to 'help' if the user passed only wrapper flags.
+    [ ${#fwd[@]} -eq 0 ] && fwd=(help)
+
+    local -a docker_argv=()
+    while IFS= read -r line; do docker_argv+=("$line"); done < <(loki_docker_build_argv "$auth" "$creds" "$with_api" "${fwd[@]}")
+
+    if [ "$dry_run" = "1" ]; then
+        echo "Would run:"
+        # Mask the API key value: dry-run output is exactly what users paste into
+        # bug reports / CI logs, so never print the secret.
+        local _a
+        for _a in "${docker_argv[@]}"; do
+            case "$_a" in
+                ANTHROPIC_API_KEY=*) printf '  %q' "ANTHROPIC_API_KEY=***" ;;
+                *) printf '  %q' "$_a" ;;
+            esac
+        done
+        echo ""
+        [ "$cleanup_creds" = "1" ] && rm -f "$creds" 2>/dev/null || true
+        return 0
+    fi
+
+    # Multi-repo unified dashboard (Option B): register THIS project on the host
+    # with the real cwd and NO pid, so the existing host dashboard
+    # (`loki dashboard`) lists it alongside host `loki start` projects and reads
+    # its live status from the bind-mounted .loki/session.json. Best-effort and
+    # failure-swallowed: registry bookkeeping must never block a build.
+    _loki_docker_register_host running
+    "${docker_argv[@]}"
+    local rc=$?
+    _loki_docker_register_host stopped
+    [ "$cleanup_creds" = "1" ] && rm -f "$creds" 2>/dev/null || true
+    return $rc
+}
+
+# Host-side project registry bookkeeping for `loki docker` (Option B). Registers
+# $(pwd) in ~/.loki/dashboard/projects.json with NO pid (pid=None) so the
+# dashboard's "running" decision falls back to .loki/session.json (which the
+# container writes into the bind-mounted workspace). $1 = running|stopped.
+_loki_docker_register_host() {
+    local _state="${1:-running}"
+    command -v python3 >/dev/null 2>&1 || return 0
+    local _skill="${SKILL_DIR:-$_LOKI_SCRIPT_DIR/..}"
+    LOKI_REG_TARGET="$(pwd)" LOKI_REG_SKILL="$_skill" LOKI_REG_STATE="$_state" \
+    python3 - <<'PYDOCKERREG' >/dev/null 2>&1 || true
+import os, sys
+sys.path.insert(0, os.environ.get("LOKI_REG_SKILL", "."))
+try:
+    from dashboard import registry
+    target = os.path.abspath(os.environ["LOKI_REG_TARGET"])
+    state = os.environ.get("LOKI_REG_STATE", "running")
+    if state == "stopped":
+        registry.mark_project_stopped(target)
+    else:
+        registry.register_project(target)
+        reg = registry._load_registry()
+        pid_key = registry._generate_project_id(target)
+        if pid_key in reg.get("projects", {}):
+            # No host pid for a containerized run: the dashboard uses the
+            # bind-mounted .loki/session.json to decide "running".
+            reg["projects"][pid_key]["pid"] = None
+            reg["projects"][pid_key]["status"] = "running"
+            registry._save_registry(reg)
+except Exception:
+    pass
+PYDOCKERREG
+}
+
 main "$@"

package/autonomy/run.sh

@@ -1550,7 +1550,24 @@ validate_api_keys() {
 
     local key_var=""
     case "$provider" in
-        claude) key_var="ANTHROPIC_API_KEY" ;;
+        claude)
+            # Inside Docker, the Claude Code CLI can authenticate either via
+            # ANTHROPIC_API_KEY OR via a mounted OAuth credentials file (the
+            # zero-friction `loki docker` wrapper mounts the host login at
+            # ~/.claude/.credentials.json). If that file is present, the CLI
+            # has a valid login and we must NOT block on the env var -- doing
+            # so was the bug that made OAuth-based Docker runs exit at
+            # pre-flight with "Required API key ... is not set". Mirror the
+            # OAuth-aware doctor check (run.sh:9268).
+            if [[ -z "${ANTHROPIC_API_KEY:-}" ]]; then
+                local _claude_creds="${CLAUDE_CONFIG_DIR:-$HOME/.claude}/.credentials.json"
+                if [[ -s "$_claude_creds" ]]; then
+                    log_info "Claude Code OAuth credentials detected ($_claude_creds); using CLI login."
+                    return 0
+                fi
+            fi
+            key_var="ANTHROPIC_API_KEY"
+            ;;
         codex)  key_var="OPENAI_API_KEY" ;;
         cline)  # Cline manages its own keys via `cline auth`
             if ! command -v cline &>/dev/null; then

package/dashboard/__init__.py

@@ -7,7 +7,7 @@ Modules:
     control: Session control API (start/stop/pause/resume)
 """
 
-__version__ = "7.44.0"
+__version__ = "7.45.0"
 
 # Expose the control app for easy import
 try:

package/dashboard/server.py

@@ -2911,13 +2911,28 @@ async def stop_running_project(request: Request, body: RunningProjectStopRequest
 
     pid = project.get("pid")
     if not isinstance(pid, int) or pid <= 0:
-        # Already not running: nothing to signal, just reconcile the registry.
+        # No host pid. Two sub-cases:
+        #  - A `loki docker` project registers with pid=None but may still be
+        #    actively building inside a container. Its runner polls .loki/STOP
+        #    (bind-mounted to the host path), so writing STOP here actually
+        #    stops the containerized build -- this is the unified-dashboard Stop
+        #    parity for Docker projects (the container pid is meaningless on the
+        #    host, so os.kill is not an option).
+        #  - A genuinely stopped project: the STOP write is harmless.
+        # Write STOP when we resolved a real .loki dir, then reconcile.
+        stop_signaled = False
+        if loki_dir is not None:
+            try:
+                (loki_dir / "STOP").write_text(datetime.now(timezone.utc).isoformat())
+                stop_signaled = True
+            except OSError:
+                pass
         registry.mark_project_stopped(project_id)
         return {
             "success": True,
             "project_id": project_id,
-            "stopped": False,
-            "already_stopped": True,
+            "stopped": stop_signaled,
+            "already_stopped": not stop_signaled,
         }
 
     # Write the STOP file so the runner's own cleanup STOP-branch fires for a

package/docs/INSTALLATION.md

@@ -2,7 +2,7 @@
 
 The flagship product of [Autonomi](https://www.autonomi.dev/). Loki Mode is a spec-driven autonomous builder with a built-in trust layer that takes any spec to a deployed product and verifies completion with evidence (quality gates plus a completion council), not just a "done" claim. Complete installation instructions for all platforms and use cases.
 
-**Version:** v7.44.0
+**Version:** v7.45.0
 
 ---
 
@@ -341,20 +341,86 @@ loki start ./my-spec.md --provider cline
 
 #### Docker
 
-Pass the provider as an environment variable:
+Docker is where sandboxes and runs happen. The easiest way to run Loki in a
+container is the `loki docker` host wrapper, which gives you the full local
+experience (including `.loki/` state, resume, and continuity) in one command.
+The raw `docker run` and `docker compose` methods below remain as alternatives.
+
+##### loki docker (easiest)
+
+If you have loki installed on the host (npm/brew/bun) plus Docker, `loki docker`
+runs any loki command inside the published `asklokesh/loki-mode` image with zero
+config:
 
 ```bash
-# Use Codex with Docker
-docker run -e LOKI_PROVIDER=codex \
-  -v $(pwd):/workspace -w /workspace \
-  asklokesh/loki-mode:latest start ./my-spec.md
+loki docker start prd.md             # full local experience in Docker
+loki docker status                   # any loki command works
+loki docker --dry-run start prd.md   # print the docker command, do not run
+```
 
-# Use Cline with Docker
-docker run -e LOKI_PROVIDER=cline \
+It bind-mounts the current folder to `/workspace`, so `.loki/` state (memory,
+session, queue, checkpoints) persists on the host and resume and continuity
+behave exactly like the local `loki` CLI. Auth is auto-detected:
+`ANTHROPIC_API_KEY` if set, else your host's existing Claude Code login
+(Max/Pro subscribers need no API key), else an honest error with guidance. It
+also forwards `~/.gitconfig` and `~/.config/gh` (read-only) plus
+`GITHUB_TOKEN`/`GH_TOKEN` if set, so commits and PRs work like local, and
+exposes the dashboard on port 57374. Use `--image IMG` to override the image.
+
+`loki docker` is a thin host wrapper around the image; it requires loki and
+Docker installed on the host.
+
+Multi-repo + unified dashboard: you can run `loki docker start` in several
+different repos at once, exactly like the host CLI. Each repo gets its own
+container (deterministic name `loki-<hash-of-path>`) and its own bind-mounted
+`.loki/` state. Every `loki docker` project registers with the host dashboard,
+so running `loki dashboard` on the host shows ALL your projects in one unified
+view, whether they run via local `loki start` or via `loki docker start`. Builds
+run with the dashboard off by default (so concurrent runs do not collide on port
+57374); use the host `loki dashboard`, or `loki docker start --api` for a single
+containerized run's UI.
+
+##### docker run
+
+As of v7.45.0 the image ships the Claude Code CLI, so the default `claude`
+provider works inside the container. Provide auth with your Anthropic API key:
+
+```bash
+# Run Loki Mode in Docker (Claude provider, API-key auth)
+docker run --rm -e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
   -v $(pwd):/workspace -w /workspace \
-  asklokesh/loki-mode:latest start ./my-spec.md
+  asklokesh/loki-mode:7.45.0 start ./my-spec.md
+```
+
+##### docker compose + .env (no host install)
+
+If you prefer not to install loki on the host, the repo ships a
+`docker-compose.yml` with `env_file: .env`. Copy the example,
+set your key once, then run without retyping long `-e` flags:
+
+```bash
+cp .env.example .env          # then edit .env and set ANTHROPIC_API_KEY
+docker compose run loki start prd.md
 ```
 
+`.env` is gitignored. Edit it and re-run any time; compose reloads it
+automatically.
+
+##### Host OAuth (Claude Code Max/Pro subscribers, no API key)
+
+If you have a Claude Code subscription and no API key, you can reuse your host
+login by mounting your credentials file at
+`/home/loki/.claude/.credentials.json` instead of setting `ANTHROPIC_API_KEY`.
+See [DOCKER_README.md](../DOCKER_README.md) "Option 2: host OAuth" for the
+one-line export command and the compose volume to uncomment.
+
+##### Other providers in Docker
+
+The image ships only the Claude Code CLI. Codex, Cline, and Aider are
+bring-your-own-CLI: install the provider CLI in a derived image (or mount it),
+then select it with `-e LOKI_PROVIDER=<name>`. See
+[DOCKER_README.md](../DOCKER_README.md) for details.
+
 ### Degraded Mode
 
 When using `codex`, `cline`, or `aider` providers, Loki Mode operates in **degraded mode**:

package/loki-ts/dist/loki.js

@@ -1,5 +1,5 @@
 // @bun
-var n6=Object.defineProperty;var a6=($)=>$;function s6($,Q){this[$]=a6.bind(null,Q)}var h=($,Q)=>{for(var Z in Q)n6($,Z,{get:Q[Z],enumerable:!0,configurable:!0,set:s6.bind(Q,Z)})};var L=($,Q)=>()=>($&&(Q=$($=0)),Q);var K$=import.meta.require;var S1={};h(S1,{lokiDir:()=>P,homeLokiDir:()=>o$,findRepoRootForVersion:()=>d$,REPO_ROOT:()=>m});import{resolve as n,dirname as l$}from"path";import{fileURLToPath as t6}from"url";import{existsSync as P$}from"fs";import{homedir as r6}from"os";function i6(){let $=N1;for(let Q=0;Q<6;Q++){if(P$(n($,"VERSION"))&&P$(n($,"autonomy/run.sh")))return $;let Z=l$($);if(Z===$)break;$=Z}return n(N1,"..","..","..")}function d$($){let Q=$;for(let Z=0;Z<6;Z++){if(P$(n(Q,"VERSION"))&&P$(n(Q,"autonomy/run.sh")))return Q;let z=l$(Q);if(z===Q)break;Q=z}return n($,"..","..","..")}function P(){return process.env.LOKI_DIR??n(process.cwd(),".loki")}function o$(){return n(r6(),".loki")}var N1,m;var C=L(()=>{N1=l$(t6(import.meta.url));m=i6()});import{readFileSync as e6}from"fs";import{resolve as $Q,dirname as QQ}from"path";import{fileURLToPath as ZQ}from"url";function F$(){if($$!==null)return $$;let $="7.44.0";if(typeof $==="string"&&$.length>0)return $$=$,$$;try{let Q=QQ(ZQ(import.meta.url)),Z=d$(Q);$$=e6($Q(Z,"VERSION"),"utf-8").trim()}catch{$$="unknown"}return $$}var $$=null;var n$=L(()=>{C()});var C1={};h(C1,{runOrThrow:()=>zQ,run:()=>j,commandVersion:()=>KQ,commandExists:()=>f,ShellError:()=>a$});async function j($,Q={}){let Z=Bun.spawn({cmd:[...$],stdout:"pipe",stderr:"pipe",env:Q.env?{...process.env,...Q.env}:process.env,cwd:Q.cwd}),z,X;if(Q.timeoutMs&&Q.timeoutMs>0)z=setTimeout(()=>{try{Z.kill("SIGTERM")}catch{}X=setTimeout(()=>{try{Z.kill("SIGKILL")}catch{}},2000)},Q.timeoutMs);try{let[W,K,U]=await Promise.all([new Response(Z.stdout).text(),new Response(Z.stderr).text(),Z.exited]);return{stdout:W,stderr:K,exitCode:U}}finally{if(z)clearTimeout(z);if(X)clearTimeout(X)}}async function zQ($,Q={}){let Z=await j($,Q);if(Z.exitCode!==0)throw new a$(`command failed (${Z.exitCode}): ${$.join(" ")}`,Z.exitCode,Z.stdout,Z.stderr);return Z}async function f($){let Q=XQ($),Z=await j(["sh","-c",`command -v ${Q}`],{timeoutMs:5000});if(Z.exitCode===0)return Z.stdout.trim()||null;return null}function XQ($){if(!/^[A-Za-z0-9._/-]+$/.test($))throw Error(`refused to shell-escape suspect token: ${$}`);return $}async function KQ($,Q="--version"){if(!await f($))return null;let z=await j([$,Q],{timeoutMs:5000});if(z.exitCode!==0)return null;return((z.stdout||z.stderr).split(/\r?\n/)[0]?.trim()??"")||null}var a$;var d=L(()=>{a$=class a$ extends Error{message;exitCode;stdout;stderr;constructor($,Q,Z,z){super($);this.message=$;this.exitCode=Q;this.stdout=Z;this.stderr=z;this.name="ShellError"}}});function a($){return WQ?"":$}var WQ,T,S,I,TZ,w,R,y,q;var c=L(()=>{WQ=(process.env.NO_COLOR??"").length>0;T=a("\x1B[0;31m"),S=a("\x1B[0;32m"),I=a("\x1B[1;33m"),TZ=a("\x1B[0;34m"),w=a("\x1B[0;36m"),R=a("\x1B[1m"),y=a("\x1B[2m"),q=a("\x1B[0m")});import{existsSync as TQ}from"fs";async function Q$(){if(B$!==void 0)return B$;let $="/opt/homebrew/bin/python3.12";if(TQ($))return B$=$,$;let Q=await f("python3.12");if(Q)return B$=Q,Q;let Z=await f("python3");return B$=Z,Z}async function Z$($,Q={}){let Z=await Q$();if(!Z)return{stdout:"",stderr:"python3 not found",exitCode:127};return j([Z,"-c",$],Q)}var B$;var W$=L(()=>{d()});var t1={};h(t1,{runStatus:()=>gQ});import{existsSync as v,readFileSync as U$,readdirSync as l1,statSync as d1}from"fs";import{resolve as D,basename as xQ}from"path";import{homedir as NQ}from"os";async function DQ(){if(await f("jq"))return!0;return process.stdout.write(`${T}Error: jq is required but not installed.${q}
+var n6=Object.defineProperty;var a6=($)=>$;function s6($,Q){this[$]=a6.bind(null,Q)}var h=($,Q)=>{for(var Z in Q)n6($,Z,{get:Q[Z],enumerable:!0,configurable:!0,set:s6.bind(Q,Z)})};var L=($,Q)=>()=>($&&(Q=$($=0)),Q);var K$=import.meta.require;var S1={};h(S1,{lokiDir:()=>P,homeLokiDir:()=>o$,findRepoRootForVersion:()=>d$,REPO_ROOT:()=>m});import{resolve as n,dirname as l$}from"path";import{fileURLToPath as t6}from"url";import{existsSync as P$}from"fs";import{homedir as r6}from"os";function i6(){let $=N1;for(let Q=0;Q<6;Q++){if(P$(n($,"VERSION"))&&P$(n($,"autonomy/run.sh")))return $;let Z=l$($);if(Z===$)break;$=Z}return n(N1,"..","..","..")}function d$($){let Q=$;for(let Z=0;Z<6;Z++){if(P$(n(Q,"VERSION"))&&P$(n(Q,"autonomy/run.sh")))return Q;let z=l$(Q);if(z===Q)break;Q=z}return n($,"..","..","..")}function P(){return process.env.LOKI_DIR??n(process.cwd(),".loki")}function o$(){return n(r6(),".loki")}var N1,m;var C=L(()=>{N1=l$(t6(import.meta.url));m=i6()});import{readFileSync as e6}from"fs";import{resolve as $Q,dirname as QQ}from"path";import{fileURLToPath as ZQ}from"url";function F$(){if($$!==null)return $$;let $="7.45.0";if(typeof $==="string"&&$.length>0)return $$=$,$$;try{let Q=QQ(ZQ(import.meta.url)),Z=d$(Q);$$=e6($Q(Z,"VERSION"),"utf-8").trim()}catch{$$="unknown"}return $$}var $$=null;var n$=L(()=>{C()});var C1={};h(C1,{runOrThrow:()=>zQ,run:()=>j,commandVersion:()=>KQ,commandExists:()=>f,ShellError:()=>a$});async function j($,Q={}){let Z=Bun.spawn({cmd:[...$],stdout:"pipe",stderr:"pipe",env:Q.env?{...process.env,...Q.env}:process.env,cwd:Q.cwd}),z,X;if(Q.timeoutMs&&Q.timeoutMs>0)z=setTimeout(()=>{try{Z.kill("SIGTERM")}catch{}X=setTimeout(()=>{try{Z.kill("SIGKILL")}catch{}},2000)},Q.timeoutMs);try{let[W,K,U]=await Promise.all([new Response(Z.stdout).text(),new Response(Z.stderr).text(),Z.exited]);return{stdout:W,stderr:K,exitCode:U}}finally{if(z)clearTimeout(z);if(X)clearTimeout(X)}}async function zQ($,Q={}){let Z=await j($,Q);if(Z.exitCode!==0)throw new a$(`command failed (${Z.exitCode}): ${$.join(" ")}`,Z.exitCode,Z.stdout,Z.stderr);return Z}async function f($){let Q=XQ($),Z=await j(["sh","-c",`command -v ${Q}`],{timeoutMs:5000});if(Z.exitCode===0)return Z.stdout.trim()||null;return null}function XQ($){if(!/^[A-Za-z0-9._/-]+$/.test($))throw Error(`refused to shell-escape suspect token: ${$}`);return $}async function KQ($,Q="--version"){if(!await f($))return null;let z=await j([$,Q],{timeoutMs:5000});if(z.exitCode!==0)return null;return((z.stdout||z.stderr).split(/\r?\n/)[0]?.trim()??"")||null}var a$;var d=L(()=>{a$=class a$ extends Error{message;exitCode;stdout;stderr;constructor($,Q,Z,z){super($);this.message=$;this.exitCode=Q;this.stdout=Z;this.stderr=z;this.name="ShellError"}}});function a($){return WQ?"":$}var WQ,T,S,I,TZ,w,R,y,q;var c=L(()=>{WQ=(process.env.NO_COLOR??"").length>0;T=a("\x1B[0;31m"),S=a("\x1B[0;32m"),I=a("\x1B[1;33m"),TZ=a("\x1B[0;34m"),w=a("\x1B[0;36m"),R=a("\x1B[1m"),y=a("\x1B[2m"),q=a("\x1B[0m")});import{existsSync as TQ}from"fs";async function Q$(){if(B$!==void 0)return B$;let $="/opt/homebrew/bin/python3.12";if(TQ($))return B$=$,$;let Q=await f("python3.12");if(Q)return B$=Q,Q;let Z=await f("python3");return B$=Z,Z}async function Z$($,Q={}){let Z=await Q$();if(!Z)return{stdout:"",stderr:"python3 not found",exitCode:127};return j([Z,"-c",$],Q)}var B$;var W$=L(()=>{d()});var t1={};h(t1,{runStatus:()=>gQ});import{existsSync as v,readFileSync as U$,readdirSync as l1,statSync as d1}from"fs";import{resolve as D,basename as xQ}from"path";import{homedir as NQ}from"os";async function DQ(){if(await f("jq"))return!0;return process.stdout.write(`${T}Error: jq is required but not installed.${q}
 `),process.stdout.write(`Install with:
 `),process.stdout.write(`  brew install jq    (macOS)
 `),process.stdout.write(`  apt install jq     (Debian/Ubuntu)
@@ -789,4 +789,4 @@ Set LOKI_LEGACY_BASH=1 to force the bash CLI for every command.
 `),2}default:return process.stderr.write(`Unknown command: ${Q}
 `),process.stderr.write(o6),2}}p1();process.on("SIGINT",()=>process.exit(130));process.on("SIGTERM",()=>process.exit(143));var ZZ=await QZ(Bun.argv.slice(2));process.exit(ZZ);
 
-//# debugId=EAB4A25E0B3FC92864756E2164756E21
+//# debugId=7FCBCE9F1C748AE964756E2164756E21

package/mcp/__init__.py

@@ -57,4 +57,4 @@ try:
 except ImportError:
     __all__ = ['mcp']
 
-__version__ = '7.44.0'
+__version__ = '7.45.0'

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "loki-mode",
   "mcpName": "io.github.asklokesh/loki-mode",
-  "version": "7.44.0",
+  "version": "7.45.0",
   "description": "Loki Mode by Autonomi. Autonomous spec-to-product system: takes a PRD, GitHub issue, OpenAPI/JSON/YAML, or one-line brief to a deployed app via the RARV-C closure loop with 11 quality gates. Provider-agnostic (Claude Code, OpenAI Codex, Cline, Aider).",
   "keywords": [
     "agent",

package/plugins/loki-mode/.claude-plugin/plugin.json

@@ -2,7 +2,7 @@
   "$schema": "https://json.schemastore.org/claude-code-plugin-manifest.json",
   "name": "loki-mode",
   "displayName": "Loki Mode",
-  "version": "7.44.0",
+  "version": "7.45.0",
   "description": "Autonomous spec-to-product build system with a built-in trust layer (RARV-C closure loop, 11 quality gates, completion council). Ships Loki's spec-hardening, drift-detection, and deterministic PR verification commands plus the Loki MCP server.",
   "author": {
     "name": "Autonomi",