orchestrating 0.1.39 → 0.3.0

package/bin/orch

@@ -242,6 +242,50 @@ if (firstArg === "logout") {
   process.exit(0);
 }
 
+// --- Config subcommand: manage API key and settings ---
+const CONFIG_FILE = path.join(CONFIG_DIR, "config.json");
+
+function loadConfig() {
+  try {
+    return JSON.parse(readFileSync(CONFIG_FILE, "utf-8"));
+  } catch {
+    return {};
+  }
+}
+
+function saveConfig(data) {
+  mkdirSync(CONFIG_DIR, { recursive: true });
+  writeFileSync(CONFIG_FILE, JSON.stringify(data, null, 2) + "\n");
+}
+
+if (firstArg === "config") {
+  const configArgs = process.argv.slice(3);
+  if (configArgs[0] === "set" && configArgs[1] === "api-key" && configArgs[2]) {
+    const config = loadConfig();
+    config.anthropic_api_key = configArgs[2];
+    saveConfig(config);
+    console.log("Anthropic API key saved. Claude Code will use this key automatically.");
+  } else if (configArgs[0] === "get" && configArgs[1] === "api-key") {
+    const config = loadConfig();
+    if (config.anthropic_api_key) {
+      console.log(`API key: ${config.anthropic_api_key.slice(0, 10)}…${config.anthropic_api_key.slice(-4)}`);
+    } else {
+      console.log("No API key configured. Run: orch config set api-key <your-anthropic-key>");
+    }
+  } else if (configArgs[0] === "unset" && configArgs[1] === "api-key") {
+    const config = loadConfig();
+    delete config.anthropic_api_key;
+    saveConfig(config);
+    console.log("API key removed.");
+  } else {
+    console.error("Usage:");
+    console.error("  orch config set api-key <key>   Save your Anthropic API key");
+    console.error("  orch config get api-key          Show stored API key");
+    console.error("  orch config unset api-key        Remove stored API key");
+  }
+  process.exit(0);
+}
+
 if (firstArg === "daemon") {
   const daemonArgs = process.argv.slice(3);
   const pidFile = path.join(os.homedir(), ".orch-daemon.pid");
@@ -706,14 +750,14 @@ const ADAPTERS = {
     buildArgs(prompt, flags) {
       const args = [
         "--output-format", "stream-json",
+        "--input-format", "stream-json",
         "--verbose",
       ];
       if (flags.continue) {
         args.push("-c");
-        if (prompt) args.push("-p", prompt);
-      } else {
-        args.push("-p", prompt);
       }
+      // With --input-format stream-json, the initial prompt is sent via stdin
+      // so we don't use -p here. The prompt is sent after spawn.
       return args;
     },
     mode: "structured",
@@ -740,6 +784,7 @@ while (i < args.length) {
     console.error("Usage: orch [-l label] [-y] <command> [args...]");
     console.error("       orch login    — Authenticate with orchestrat.ing");
     console.error("       orch logout   — Clear stored credentials");
+    console.error("       orch config   — Manage settings (API keys, etc.)");
     console.error("       orch daemon   — Run background daemon for remote session launching");
     console.error("");
     console.error("  -l <label>          Optional human-readable session label");
@@ -763,6 +808,10 @@ while (i < args.length) {
     console.error("  orch daemon -b");
     console.error("  orch daemon --enable");
     console.error("");
+    console.error("Setup (one-time):");
+    console.error("  orch login");
+    console.error('  orch config set api-key sk-ant-...   # Your Anthropic API key');
+    console.error("");
     console.error("Environment:");
     console.error("  ORC_URL      WebSocket server URL (default: wss://api.orchestrat.ing/ws)");
     console.error("  ORC_TOKEN    Auth token (overrides stored credentials)");
@@ -779,7 +828,19 @@ if (commandArgs.length === 0) {
   process.exit(1);
 }
 
-const command = commandArgs[0];
+// Resolve claude binary: prefer bundled @anthropic-ai/claude-code, fall back to system PATH
+let command = commandArgs[0];
+let claudeBundled = false;
+if (command === "claude") {
+  try {
+    // The npm package has a bin entry that npm links globally; for local use, resolve directly
+    const bundledBin = path.join(__dirname, "..", "node_modules", ".bin", "claude");
+    if (existsSync(bundledBin)) {
+      command = bundledBin;
+      claudeBundled = true;
+    }
+  } catch {}
+}
 const spawnArgs = commandArgs.slice(1);
 let sessionId;
 const hostname = os.hostname().replace(/\.(lan|local|home|internal)$/i, "");
@@ -943,18 +1004,25 @@ if (adapter) {
   // Confirmation-type tools — these need "yes" response, not permission grants
   const CONFIRMATION_TOOLS = new Set(["ExitPlanMode", "EnterPlanMode"]);
 
-  // Build clean env for child processes (no nesting detection, no leaked keys)
+  // Build clean env for child processes
+  // Inject stored Anthropic API key if available (so users don't need separate `claude login`)
   const childEnv = (() => {
     const e = { ...process.env };
     delete e.CLAUDECODE;
-    delete e.ANTHROPIC_API_KEY;
+    const config = loadConfig();
+    if (config.anthropic_api_key && !e.ANTHROPIC_API_KEY) {
+      e.ANTHROPIC_API_KEY = config.anthropic_api_key;
+    }
     return e;
   })();
 
-  // Spawn a claude process and wire up output handling
+  // Spawn claude with bidirectional stdin/stdout (stream-json mode)
+  // Follow-ups are sent via stdin — no more kill/respawn.
+  let claudeSessionId = null; // Claude's internal session ID (from init event)
+
   function spawnClaude(claudeArgs) {
     const proc = spawn(command, claudeArgs, {
-      stdio: ["ignore", "pipe", "pipe"],
+      stdio: ["pipe", "pipe", "pipe"],
       cwd: process.cwd(),
       env: childEnv,
     });
@@ -978,18 +1046,28 @@ if (adapter) {
         return;
       }
 
+      // Capture Claude's session ID for follow-ups
+      if (raw.type === "system" && raw.subtype === "init" && raw.session_id) {
+        claudeSessionId = raw.session_id;
+      }
+
+      // Detect turn completion — Claude finished responding, ready for next input
+      if (raw.type === "result") {
+        childRunning = false; // "idle" — accepting input
+      }
+
       // Normalize and relay each event
       const events = normalizeClaudeEvent(raw);
       for (const event of events) {
         printLocalEvent(event);
         sendToServer({ type: "agent_event", sessionId, event });
 
-        // Yolo mode: auto-approve permission denials — save to settings,
-        // claude will pick it up on respawn via pendingPermissionGrant
+        // Yolo mode: auto-approve permission denials
         if (yoloMode && event.kind === "permission_denied") {
           process.stderr.write(`${GREEN}[yolo] Auto-approving: ${event.toolName}${RESET}\n`);
           approvePermission(event.toolName, "session");
-          pendingPermissionGrant = event.toolName;
+          // Send follow-up via stdin to retry (no respawn needed)
+          sendFollowUp(`Permission for ${event.toolName} was granted. Please retry your last action.`);
         }
       }
     });
@@ -1001,21 +1079,8 @@ if (adapter) {
     proc.on("exit", (code) => {
       childRunning = false;
       const exitCode = code ?? 0;
-      if (exitCode !== 0 || exitRequested) {
-        sendToServer({ type: "exit", sessionId, exitCode });
-        setTimeout(() => process.exit(exitCode), 200);
-      } else if (pendingPermissionGrant) {
-        // Permission was granted while claude was running — respawn to retry
-        const tool = pendingPermissionGrant;
-        pendingPermissionGrant = null;
-        process.stderr.write(`${GREEN}Retrying with new permission: ${tool}${RESET}\n`);
-        respawnWithContinue(`Permission for ${tool} was granted. Please retry your last action.`);
-      } else {
-        sendToServer({
-          type: "agent_event", sessionId,
-          event: { kind: "status", status: "idle" },
-        });
-      }
+      sendToServer({ type: "exit", sessionId, exitCode });
+      setTimeout(() => process.exit(exitCode), 200);
     });
 
     proc.on("error", (err) => {
@@ -1027,6 +1092,24 @@ if (adapter) {
     return proc;
   }
 
+  // Send a follow-up message via stdin (no respawn!)
+  function sendFollowUp(text) {
+    if (!child || child.exitCode !== null) return;
+    const msg = {
+      type: "user",
+      message: {
+        role: "user",
+        content: text,
+      },
+    };
+    try {
+      child.stdin.write(JSON.stringify(msg) + "\n");
+      childRunning = true; // Claude is now processing
+    } catch (err) {
+      process.stderr.write(`${RED}[orch] Failed to send via stdin: ${err.message}${RESET}\n`);
+    }
+  }
+
   // Auto-approve a tool permission (used by yolo mode and manual approval)
   function approvePermission(toolName, scope) {
     let permEntry = toolName;
@@ -1129,37 +1212,29 @@ if (adapter) {
     }
   }
 
-  // Start the initial claude process
+  // Start the claude process (single process for entire session — no respawning)
   const initialArgs = adapter.buildArgs(prompt, adapterFlags);
   if (yoloMode) {
     initialArgs.push("--dangerously-skip-permissions");
   }
   spawnClaude(initialArgs);
 
-  // Emit the initial prompt as a user message so the dashboard shows it
+  // Send initial prompt via stdin (not -p flag)
   if (prompt) {
+    sendFollowUp(prompt);
+    // Emit the initial prompt as a user message so the dashboard shows it
     sendToServer({
       type: "agent_event", sessionId,
       event: { kind: "user_message", text: prompt },
     });
   }
 
-  // Respawn claude with -c to continue after permission grants or follow-up
-  function respawnWithContinue(prompt) {
-    const args = ["--output-format", "stream-json", "--verbose", "-c"];
-    if (prompt) args.push("-p", prompt);
-    if (yoloMode) args.push("--dangerously-skip-permissions");
-    spawnClaude(args);
-  }
-
-  // Queue of permission grants received while claude is still running
-  let pendingPermissionGrant = null;
-
   handleServerMessage = (msg) => {
     if (msg.type === "agent_input" && (msg.text || msg.images)) {
-      // Follow-up from dashboard — spawn new claude with -c (continue)
+      // Follow-up from dashboard — send via stdin (no respawn!)
       if (childRunning) {
-        process.stderr.write(`${DIM}[orch] Ignoring input — claude is still running${RESET}\n`);
+        process.stderr.write(`${DIM}[orch] Queuing input — claude is still processing${RESET}\n`);
+        // TODO: queue and send after current turn completes
         return;
       }
       let promptText = msg.text || "continue";
@@ -1176,28 +1251,16 @@ if (adapter) {
         const fileList = imagePaths.map((p) => `[Attached image: ${p} — use Read tool to view]`).join("\n");
         promptText = `${fileList}\n\n${promptText}`;
       }
-      respawnWithContinue(promptText);
+      sendFollowUp(promptText);
     } else if (msg.type === "agent_permission" && msg.tool && msg.action === "allow") {
       const scope = msg.scope || "session";
       approvePermission(msg.tool, scope);
       process.stderr.write(`${GREEN}Permission granted (${scope}): ${msg.tool}${RESET}\n`);
-
-      if (childRunning) {
-        // Claude is still running — remember the grant and respawn when it exits
-        pendingPermissionGrant = msg.tool;
-      } else {
-        // Claude already finished — respawn with -c to retry with new permission
-        respawnWithContinue(`Permission for ${msg.tool} was granted. Please retry your last action.`);
-      }
+      // Send permission grant as follow-up via stdin
+      sendFollowUp(`Permission for ${msg.tool} was granted. Please retry your last action.`);
     } else if (msg.type === "agent_permission" && msg.tool && msg.action === "deny") {
       process.stderr.write(`${RED}Permission denied: ${msg.tool}${RESET}\n`);
-
-      if (childRunning) {
-        // Claude is still running — remember and respawn when it exits
-        pendingPermissionGrant = null;
-      } else {
-        respawnWithContinue(`Permission for ${msg.tool} was denied by the user. Do not retry this tool — find an alternative approach or skip this step.`);
-      }
+      sendFollowUp(`Permission for ${msg.tool} was denied by the user. Do not retry this tool — find an alternative approach or skip this step.`);
     } else if (msg.type === "agent_permission" && msg.tool && msg.action === "revoke") {
       removePermission(msg.tool);
       broadcastPermissions();
@@ -1209,7 +1272,7 @@ if (adapter) {
     } else if (msg.type === "stop_session") {
       process.stderr.write(`${RED}[orch] Stopped from dashboard${RESET}\n`);
       exitRequested = true;
-      if (childRunning) {
+      if (child && child.exitCode === null) {
         child.kill("SIGINT");
       } else {
         cleanup();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "orchestrating",
-  "version": "0.1.39",
+  "version": "0.3.0",
   "description": "Stream terminal sessions to the orchestrat.ing dashboard",
   "type": "module",
   "bin": {
@@ -30,6 +30,7 @@
     "dashboard"
   ],
   "dependencies": {
-    "ws": "^8.18.0"
+    "ws": "^8.18.0",
+    "@anthropic-ai/claude-code": "^2.1.0"
   }
 }