moflo 4.8.77 → 4.8.79

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "moflo",
-  "version": "4.8.77",
+  "version": "4.8.79",
   "description": "MoFlo — AI agent orchestration for Claude Code. Forked from ruflo/claude-flow with patches applied to source, plus feature-level orchestration.",
   "main": "dist/index.js",
   "type": "module",
@@ -112,7 +112,7 @@
     "@types/js-yaml": "^4.0.9",
     "@types/node": "^20.19.37",
     "eslint": "^8.0.0",
-    "moflo": "^4.8.76",
+    "moflo": "^4.8.78",
     "tsx": "^4.21.0",
     "typescript": "^5.9.3",
     "vitest": "^4.0.0"

package/src/modules/cli/dist/src/version.js

@@ -2,5 +2,5 @@
  * Auto-generated by build. Do not edit manually.
  * Source of truth: root package.json → scripts/sync-version.mjs
  */
-export const VERSION = '4.8.77';
+export const VERSION = '4.8.79';
 //# sourceMappingURL=version.js.map

package/src/modules/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@moflo/cli",
-  "version": "4.8.77",
+  "version": "4.8.79",
   "type": "module",
   "main": "dist/src/index.js",
   "types": "dist/src/index.d.ts",

package/src/modules/spells/dist/core/docker-sandbox.js

@@ -21,6 +21,7 @@
  *
  * @see https://github.com/eric-cielo/moflo/issues/412
  */
+import { execFileSync } from 'node:child_process';
 import { homedir } from 'node:os';
 import { posix, isAbsolute, relative } from 'node:path';
 /** Container path where projectRoot is mounted. */
@@ -58,6 +59,42 @@ const TOOL_HOME_PATHS = [
 function needsToolHomeAccess(level) {
     return level === 'elevated' || level === 'autonomous';
 }
+/**
+ * Cached GitHub token resolution. `null` means resolution was attempted
+ * and produced no token (gh missing or not authenticated); we cache the
+ * negative result too so we don't shell out on every step.
+ */
+let cachedGhToken;
+/**
+ * Resolve the GitHub auth token from the host's gh CLI.
+ *
+ * Synchronous because the docker-sandbox API is synchronous (callers
+ * build args in-line). Cached per-process — gh tokens don't change
+ * during a session. Failure is silent and returns null; the caller will
+ * still attempt the docker run (which may fail later if the step needs
+ * git auth) rather than blocking unrelated bash steps on gh availability.
+ */
+export function resolveGhToken() {
+    if (cachedGhToken !== undefined)
+        return cachedGhToken;
+    try {
+        const out = execFileSync('gh', ['auth', 'token'], {
+            encoding: 'utf8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+            timeout: 5000,
+            windowsHide: true,
+        }).trim();
+        cachedGhToken = out.length > 0 ? out : null;
+    }
+    catch {
+        cachedGhToken = null;
+    }
+    return cachedGhToken;
+}
+/** Reset the cached token. Test-only — production code should never call this. */
+export function _resetGhTokenCacheForTesting() {
+    cachedGhToken = undefined;
+}
 /**
  * Normalise a host path into the form Docker Desktop accepts on `-v` mounts.
  * Docker for Windows accepts either native Windows paths or the `/c/...`
@@ -173,6 +210,28 @@ export function buildDockerArgs(command, capabilities, projectRoot, options) {
                 mountedContainerPaths.add(containerPath);
             }
         }
+        // Override git credential.helper to the gh CLI helper. The host's
+        // bind-mounted .gitconfig declares a helper that can't run in the
+        // Linux container (Windows: `manager` .exe; macOS: `osxkeychain`;
+        // Linux: libsecret/etc — all host-OS-specific). gh is installed in
+        // the sandbox image; with GH_TOKEN supplied via env (below), `gh
+        // auth git-credential` resolves credentials for HTTPS git ops.
+        // First entry (empty value) resets the inherited helper list; the
+        // second entry installs the gh helper as the only one. Applied via
+        // GIT_CONFIG_* env vars so no config file is modified.
+        args.push('-e', 'GIT_CONFIG_COUNT=2');
+        args.push('-e', 'GIT_CONFIG_KEY_0=credential.helper');
+        args.push('-e', 'GIT_CONFIG_VALUE_0=');
+        args.push('-e', 'GIT_CONFIG_KEY_1=credential.helper');
+        args.push('-e', 'GIT_CONFIG_VALUE_1=!gh auth git-credential');
+        // Inject GH_TOKEN so gh recognises the user as authenticated inside
+        // the container. Without this the credential.helper above runs but
+        // returns nothing — gh's host config file (`hosts.yml`) only stores
+        // the username when the token lives in the OS keyring, which is
+        // unreachable from a Linux container on Windows or macOS.
+        if (options.ghToken) {
+            args.push('-e', `GH_TOKEN=${options.ghToken}`);
+        }
     }
     // ── Network isolation ───────────────────────────────────────────────
     const hasNet = capabilities.some(c => c.type === 'net');
@@ -191,7 +250,13 @@ export function buildDockerArgs(command, capabilities, projectRoot, options) {
  * wrappers. `--rm` handles container cleanup, so `cleanup()` is a no-op.
  */
 export function wrapWithDocker(command, capabilities, projectRoot, options) {
-    const args = buildDockerArgs(command, capabilities, projectRoot, options);
+    // For elevated/autonomous steps, auto-resolve the host gh token if the
+    // caller didn't supply one. Tests inject `ghToken` explicitly so the
+    // host's gh CLI never needs to run during unit tests.
+    const resolvedOptions = options.ghToken === undefined && needsToolHomeAccess(options.permissionLevel)
+        ? { ...options, ghToken: resolveGhToken() ?? undefined }
+        : options;
+    const args = buildDockerArgs(command, capabilities, projectRoot, resolvedOptions);
     return {
         bin: options.dockerBin ?? 'docker',
         args,