svamp-cli 0.2.26 → 0.2.28

package/dist/{agentCommands-MiAH1S9e.mjs → agentCommands-C2yYtmsz.mjs}

@@ -148,7 +148,7 @@ async function sessionBroadcast(action, args) {
   console.log(`Broadcast sent: ${action}`);
 }
 async function connectToMachineService() {
-  const { connectAndGetMachine } = await import('./commands-DRpGTxYD.mjs');
+  const { connectAndGetMachine } = await import('./commands-Bs2vXq8f.mjs');
   return connectAndGetMachine();
 }
 async function inboxSend(targetSessionId, opts) {
@@ -165,7 +165,7 @@ async function inboxSend(targetSessionId, opts) {
   }
   const { server, machine } = await connectToMachineService();
   try {
-    const { resolveSessionId } = await import('./commands-DRpGTxYD.mjs');
+    const { resolveSessionId } = await import('./commands-Bs2vXq8f.mjs');
     const sessions = await machine.listSessions();
     const match = resolveSessionId(sessions, targetSessionId);
     const fullTargetId = match.sessionId;

package/dist/{caddy-fJWXn1kE.mjs → caddy-BMbX-mFX.mjs}

@@ -108,10 +108,20 @@ function generateCaddyConfig(listenPort, mounts, adminPort = ADMIN_PORT) {
         ]
       });
     } else {
+      routes.push({
+        match: [{ path: [`/${mount.name}`] }],
+        handle: [
+          {
+            handler: "static_response",
+            status_code: 302,
+            headers: { Location: [`/${mount.name}/`] }
+          }
+        ]
+      });
       const fileServerHandler = { handler: "file_server", root: mount.directory };
       if (mount.browse !== false) fileServerHandler.browse = {};
       routes.push({
-        match: [{ path: [`/${mount.name}/*`, `/${mount.name}`] }],
+        match: [{ path: [`/${mount.name}/*`, `/${mount.name}/`] }],
         handle: [
           CORS_HEADERS_HANDLER,
           { handler: "rewrite", strip_path_prefix: `/${mount.name}` },

package/dist/cli.mjs

@@ -1,4 +1,4 @@
-import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-BTlUAfV3.mjs';
+import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-D_OwNYZr.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -36,7 +36,7 @@ async function main() {
     await logoutFromHypha();
   } else if (subcommand === "daemon") {
     if (daemonSubcommand === "restart") {
-      const { restartDaemon } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.k; });
+      const { restartDaemon } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.k; });
       await restartDaemon();
       process.exit(0);
     }
@@ -238,7 +238,7 @@ async function main() {
       console.error("svamp service: Service commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServiceCommand } = await import('./commands-DV2tFSXm.mjs');
+    const { handleServiceCommand } = await import('./commands-DauapAbb.mjs');
     await handleServiceCommand();
   } else if (subcommand === "serve") {
     const { isSandboxed: isSandboxedServe } = await import('./sandboxDetect-DNTcbgWD.mjs');
@@ -246,7 +246,7 @@ async function main() {
       console.error("svamp serve: Serve commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServeCommand } = await import('./serveCommands-Ci4DE-iQ.mjs');
+    const { handleServeCommand } = await import('./serveCommands-DlblUnsT.mjs');
     await handleServeCommand();
     process.exit(0);
   } else if (subcommand === "process" || subcommand === "proc") {
@@ -255,7 +255,7 @@ async function main() {
       console.error("svamp process: Process commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { processCommand } = await import('./commands-ibBP43SF.mjs');
+    const { processCommand } = await import('./commands-CGfaeJTY.mjs');
     let machineId;
     const processArgs = args.slice(1);
     const mIdx = processArgs.findIndex((a) => a === "--machine" || a === "-m");
@@ -273,7 +273,7 @@ async function main() {
   } else if (!subcommand || subcommand === "start") {
     await handleInteractiveCommand();
   } else if (subcommand === "--version" || subcommand === "-v") {
-    const pkg = await import('./package-BSQTmkvF.mjs').catch(() => ({ default: { version: "unknown" } }));
+    const pkg = await import('./package-CU3zzvb7.mjs').catch(() => ({ default: { version: "unknown" } }));
     console.log(`svamp version: ${pkg.default.version}`);
   } else {
     console.error(`Unknown command: ${subcommand}`);
@@ -282,7 +282,7 @@ async function main() {
   }
 }
 async function handleInteractiveCommand() {
-  const { runInteractive } = await import('./run-DlcgeE63.mjs');
+  const { runInteractive } = await import('./run-B6CGgKUJ.mjs');
   const interactiveArgs = subcommand === "start" ? args.slice(1) : args;
   let directory = process.cwd();
   let resumeSessionId;
@@ -327,7 +327,7 @@ async function handleAgentCommand() {
     return;
   }
   if (agentArgs[0] === "list") {
-    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.i; });
+    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.i; });
     console.log("Known agents:");
     for (const [name, config2] of Object.entries(KNOWN_ACP_AGENTS)) {
       console.log(`  ${name.padEnd(12)} ${config2.command} ${config2.args.join(" ")}  (ACP)`);
@@ -339,7 +339,7 @@ async function handleAgentCommand() {
     console.log('Use "svamp agent -- <command> [args]" for a custom ACP agent.');
     return;
   }
-  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.i; });
+  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.i; });
   let cwd = process.cwd();
   const filteredArgs = [];
   for (let i = 0; i < agentArgs.length; i++) {
@@ -363,12 +363,12 @@ async function handleAgentCommand() {
   console.log(`Starting ${config.agentName} agent in ${cwd}...`);
   let backend;
   if (KNOWN_MCP_AGENTS[config.agentName]) {
-    const { CodexMcpBackend } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.j; });
+    const { CodexMcpBackend } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.j; });
     backend = new CodexMcpBackend({ cwd, log: logFn });
   } else {
-    const { AcpBackend } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.h; });
-    const { GeminiTransport } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.G; });
-    const { DefaultTransport } = await import('./run-BTlUAfV3.mjs').then(function (n) { return n.D; });
+    const { AcpBackend } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.h; });
+    const { GeminiTransport } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.G; });
+    const { DefaultTransport } = await import('./run-D_OwNYZr.mjs').then(function (n) { return n.D; });
     const transportHandler = config.agentName === "gemini" ? new GeminiTransport() : new DefaultTransport(config.agentName);
     backend = new AcpBackend({
       agentName: config.agentName,
@@ -495,7 +495,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
   }
-  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-DRpGTxYD.mjs');
+  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-Bs2vXq8f.mjs');
   const parseFlagStr = (flag, shortFlag) => {
     for (let i = 1; i < sessionArgs.length; i++) {
       if ((sessionArgs[i] === flag || shortFlag) && i + 1 < sessionArgs.length) {
@@ -555,7 +555,7 @@ async function handleSessionCommand() {
         allowDomain.push(sessionArgs[++i]);
       }
     }
-    const { parseShareArg } = await import('./commands-DRpGTxYD.mjs');
+    const { parseShareArg } = await import('./commands-Bs2vXq8f.mjs');
     const shareEntries = share.map((s) => parseShareArg(s));
     await sessionSpawn(agent, dir, targetMachineId, {
       message,
@@ -641,7 +641,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session approve <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionApprove } = await import('./commands-DRpGTxYD.mjs');
+    const { sessionApprove } = await import('./commands-Bs2vXq8f.mjs');
     const approveReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionApprove(sessionArgs[1], approveReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -651,7 +651,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session deny <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionDeny } = await import('./commands-DRpGTxYD.mjs');
+    const { sessionDeny } = await import('./commands-Bs2vXq8f.mjs');
     const denyReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionDeny(sessionArgs[1], denyReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -687,7 +687,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session set-title <title>");
       process.exit(1);
     }
-    const { sessionSetTitle } = await import('./agentCommands-MiAH1S9e.mjs');
+    const { sessionSetTitle } = await import('./agentCommands-C2yYtmsz.mjs');
     await sessionSetTitle(title);
   } else if (sessionSubcommand === "set-link") {
     const url = sessionArgs[1];
@@ -696,7 +696,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const label = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
-    const { sessionSetLink } = await import('./agentCommands-MiAH1S9e.mjs');
+    const { sessionSetLink } = await import('./agentCommands-C2yYtmsz.mjs');
     await sessionSetLink(url, label);
   } else if (sessionSubcommand === "notify") {
     const message = sessionArgs[1];
@@ -705,7 +705,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const level = parseFlagStr("--level") || "info";
-    const { sessionNotify } = await import('./agentCommands-MiAH1S9e.mjs');
+    const { sessionNotify } = await import('./agentCommands-C2yYtmsz.mjs');
     await sessionNotify(message, level);
   } else if (sessionSubcommand === "broadcast") {
     const action = sessionArgs[1];
@@ -713,7 +713,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session broadcast <action> [args...]\nActions: open-canvas <url> [label], close-canvas, toast <message>");
       process.exit(1);
     }
-    const { sessionBroadcast } = await import('./agentCommands-MiAH1S9e.mjs');
+    const { sessionBroadcast } = await import('./agentCommands-C2yYtmsz.mjs');
     await sessionBroadcast(action, sessionArgs.slice(2).filter((a) => !a.startsWith("--")));
   } else if (sessionSubcommand === "inbox") {
     const inboxSubcmd = sessionArgs[1];
@@ -724,7 +724,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId) {
-        const { inboxSend } = await import('./agentCommands-MiAH1S9e.mjs');
+        const { inboxSend } = await import('./agentCommands-C2yYtmsz.mjs');
         await inboxSend(sessionArgs[2], {
           body: sessionArgs[3],
           subject: parseFlagStr("--subject"),
@@ -739,7 +739,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "list" || inboxSubcmd === "ls") {
       if (agentSessionId && !sessionArgs[2]) {
-        const { inboxList } = await import('./agentCommands-MiAH1S9e.mjs');
+        const { inboxList } = await import('./agentCommands-C2yYtmsz.mjs');
         await inboxList({
           unread: hasFlag("--unread"),
           limit: parseFlagInt("--limit"),
@@ -761,7 +761,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId && !sessionArgs[3]) {
-        const { inboxList } = await import('./agentCommands-MiAH1S9e.mjs');
+        const { inboxList } = await import('./agentCommands-C2yYtmsz.mjs');
         await sessionInboxRead(agentSessionId, sessionArgs[2], targetMachineId);
       } else if (sessionArgs[3]) {
         await sessionInboxRead(sessionArgs[2], sessionArgs[3], targetMachineId);
@@ -771,7 +771,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "reply") {
       if (agentSessionId && sessionArgs[2] && sessionArgs[3] && !sessionArgs[4]) {
-        const { inboxReply } = await import('./agentCommands-MiAH1S9e.mjs');
+        const { inboxReply } = await import('./agentCommands-C2yYtmsz.mjs');
         await inboxReply(sessionArgs[2], sessionArgs[3]);
       } else if (sessionArgs[2] && sessionArgs[3] && sessionArgs[4]) {
         await sessionInboxReply(sessionArgs[2], sessionArgs[3], sessionArgs[4], targetMachineId);
@@ -807,7 +807,7 @@ async function handleMachineCommand() {
     return;
   }
   if (machineSubcommand === "share") {
-    const { machineShare } = await import('./commands-DRpGTxYD.mjs');
+    const { machineShare } = await import('./commands-Bs2vXq8f.mjs');
     let machineId;
     const shareArgs = [];
     for (let i = 1; i < machineArgs.length; i++) {
@@ -837,7 +837,7 @@ async function handleMachineCommand() {
     }
     await machineShare(machineId, { add, remove, list, configPath, showConfig });
   } else if (machineSubcommand === "exec") {
-    const { machineExec } = await import('./commands-DRpGTxYD.mjs');
+    const { machineExec } = await import('./commands-Bs2vXq8f.mjs');
     let machineId;
     let cwd;
     const cmdParts = [];
@@ -857,7 +857,7 @@ async function handleMachineCommand() {
     }
     await machineExec(machineId, command, cwd);
   } else if (machineSubcommand === "info") {
-    const { machineInfo } = await import('./commands-DRpGTxYD.mjs');
+    const { machineInfo } = await import('./commands-Bs2vXq8f.mjs');
     let machineId;
     for (let i = 1; i < machineArgs.length; i++) {
       if ((machineArgs[i] === "--machine" || machineArgs[i] === "-m") && i + 1 < machineArgs.length) {
@@ -877,10 +877,10 @@ async function handleMachineCommand() {
         level = machineArgs[++i];
       }
     }
-    const { machineNotify } = await import('./agentCommands-MiAH1S9e.mjs');
+    const { machineNotify } = await import('./agentCommands-C2yYtmsz.mjs');
     await machineNotify(message, level);
   } else if (machineSubcommand === "ls") {
-    const { machineLs } = await import('./commands-DRpGTxYD.mjs');
+    const { machineLs } = await import('./commands-Bs2vXq8f.mjs');
     let machineId;
     let showHidden = false;
     let path;

package/dist/{commands-DRpGTxYD.mjs → commands-Bs2vXq8f.mjs}

@@ -2,7 +2,7 @@ import { existsSync, readFileSync } from 'node:fs';
 import { execSync } from 'node:child_process';
 import { resolve, join } from 'node:path';
 import os from 'node:os';
-import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-BTlUAfV3.mjs';
+import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-D_OwNYZr.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{commands-ibBP43SF.mjs → commands-CGfaeJTY.mjs}

@@ -1,11 +1,11 @@
 import { writeFileSync, readFileSync } from 'fs';
 import { resolve } from 'path';
-import { connectAndGetMachine } from './commands-DRpGTxYD.mjs';
+import { connectAndGetMachine } from './commands-Bs2vXq8f.mjs';
 import 'node:fs';
 import 'node:child_process';
 import 'node:path';
 import 'node:os';
-import './run-BTlUAfV3.mjs';
+import './run-D_OwNYZr.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';

package/dist/{commands-DV2tFSXm.mjs → commands-DauapAbb.mjs}

@@ -78,7 +78,7 @@ async function serviceServe(args) {
     const resolvedDir = path.resolve(directory);
     console.log(`Serving ${resolvedDir}`);
     const caddyPort = 18080;
-    const { CaddyManager } = await import('./caddy-fJWXn1kE.mjs');
+    const { CaddyManager } = await import('./caddy-BMbX-mFX.mjs');
     const caddy = new CaddyManager({ listenPort: caddyPort });
     await caddy.addMount(name, resolvedDir, !noListing);
     await caddy.start();

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-BTlUAfV3.mjs';
+export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-D_OwNYZr.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{package-BSQTmkvF.mjs → package-CU3zzvb7.mjs}

@@ -1,5 +1,5 @@
 var name = "svamp-cli";
-var version = "0.2.26";
+var version = "0.2.28";
 var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
 var author = "Amun AI AB";
 var license = "SEE LICENSE IN LICENSE";

package/dist/{run-DlcgeE63.mjs → run-B6CGgKUJ.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { join, resolve } from 'node:path';
 import { mkdirSync, writeFileSync, existsSync, unlinkSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as registerSessionService } from './run-BTlUAfV3.mjs';
+import { c as connectToHypha, a as registerSessionService } from './run-D_OwNYZr.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';

package/dist/{run-BTlUAfV3.mjs → run-D_OwNYZr.mjs}

@@ -15,7 +15,7 @@ import { Client } from '@modelcontextprotocol/sdk/client/index.js';
 import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
 import { ElicitRequestSchema } from '@modelcontextprotocol/sdk/types.js';
 import { z } from 'zod';
-import { mkdir, rm, chmod, access, mkdtemp, copyFile, writeFile, stat, readdir } from 'node:fs/promises';
+import { mkdir, rm, chmod, access, mkdtemp, copyFile, writeFile, stat, readdir, readFile as readFile$1 } from 'node:fs/promises';
 import { promisify } from 'node:util';
 
 let connectToServerFn = null;
@@ -1306,6 +1306,25 @@ function loadMessagesFromDisk(messagesDir, afterSeq, limit) {
     return { messages: [], hasMore: false };
   }
 }
+function loadMessagesFromDiskReverse(messagesDir, beforeSeq, limit) {
+  const filePath = join$1(messagesDir, "messages.jsonl");
+  if (!existsSync(filePath)) return { messages: [], hasMore: false };
+  try {
+    const lines = readFileSync(filePath, "utf-8").split("\n").filter((l) => l.trim());
+    const filtered = [];
+    for (const line of lines) {
+      try {
+        const msg = JSON.parse(line);
+        if (msg.seq < beforeSeq) filtered.push(msg);
+      } catch {
+      }
+    }
+    const page = filtered.slice(-limit);
+    return { messages: page, hasMore: filtered.length > limit };
+  } catch {
+    return { messages: [], hasMore: false };
+  }
+}
 function appendMessage(messagesDir, sessionId, msg) {
   try {
     const filePath = join$1(messagesDir, "messages.jsonl");
@@ -1445,6 +1464,25 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
         hasMore: filtered.length > lim
       };
     },
+    getLatestMessages: async (beforeSeq, limit, context) => {
+      authorizeRequest(context, metadata.sharing, "view");
+      const lim = Math.min(limit ?? 100, 500);
+      const latestSeq = nextSeq - 1;
+      const targetBeforeSeq = beforeSeq ?? Infinity;
+      const minInMemorySeq = messages.length > 0 ? messages[0].seq : Infinity;
+      let pool;
+      if (targetBeforeSeq <= minInMemorySeq && options?.messagesDir) {
+        const diskResult = loadMessagesFromDiskReverse(options.messagesDir, targetBeforeSeq, lim);
+        return { messages: diskResult.messages, hasMore: diskResult.hasMore, latestSeq };
+      } else {
+        const filtered = messages.filter((m) => targetBeforeSeq === Infinity ? true : m.seq < targetBeforeSeq);
+        pool = filtered.slice(-lim);
+        const minReturnedSeq = pool.length > 0 ? pool[0].seq : 0;
+        const hasMoreInMemory = filtered.length > lim;
+        const hasMoreOnDisk = minReturnedSeq > 1 && options?.messagesDir && minInMemorySeq > 1;
+        return { messages: pool, hasMore: hasMoreInMemory || !!hasMoreOnDisk, latestSeq };
+      }
+    },
     sendMessage: async (content, localId, meta, context) => {
       authorizeRequest(context, metadata.sharing, "interact");
       if (localId) {
@@ -4878,6 +4916,12 @@ async function copyDirRecursive(src, dest) {
   }
 }
 
+var credentialStaging = /*#__PURE__*/Object.freeze({
+    __proto__: null,
+    sanitizeEnvForSharing: sanitizeEnvForSharing,
+    stageCredentialsForSharing: stageCredentialsForSharing
+});
+
 const DEFAULT_PROBE_INTERVAL_S = 10;
 const DEFAULT_PROBE_TIMEOUT_S = 5;
 const DEFAULT_PROBE_FAILURE_THRESHOLD = 3;
@@ -5370,6 +5414,89 @@ class ProcessSupervisor {
   }
 }
 
+const OAUTH_TOKEN_ENDPOINT = "https://platform.claude.com/v1/oauth/token";
+const OAUTH_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+const OAUTH_SCOPES = "user:profile user:inference user:sessions:claude_code user:mcp_servers user:file_upload";
+const REFRESH_BUFFER_MS = 60 * 60 * 1e3;
+const OAUTH_CHECK_INTERVAL_MS = 5 * 60 * 1e3;
+const REFRESH_TIMEOUT_MS = 15e3;
+function getCredentialsPath() {
+  return join$1(homedir(), ".claude", ".credentials.json");
+}
+async function readCredentials() {
+  const path = getCredentialsPath();
+  if (!existsSync(path)) return null;
+  try {
+    const raw = await readFile$1(path, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return null;
+  }
+}
+async function writeCredentials(creds) {
+  const path = getCredentialsPath();
+  await writeFile(path, JSON.stringify(creds), { mode: 384 });
+}
+async function checkAndRefreshOAuthToken(force = false, logger) {
+  const log = logger?.log ?? (() => {
+  });
+  const creds = await readCredentials();
+  if (!creds?.claudeAiOauth) {
+    return { refreshed: false, error: "No Claude OAuth credentials found" };
+  }
+  const oauth = creds.claudeAiOauth;
+  if (!oauth.refreshToken) {
+    return { refreshed: false, error: "No refresh token available" };
+  }
+  const now = Date.now();
+  const timeUntilExpiry = oauth.expiresAt - now;
+  if (!force && timeUntilExpiry > REFRESH_BUFFER_MS) {
+    return { refreshed: false, expiresAt: oauth.expiresAt };
+  }
+  const expiryDesc = timeUntilExpiry > 0 ? `expires in ${Math.round(timeUntilExpiry / 6e4)}min` : `expired ${Math.round(-timeUntilExpiry / 6e4)}min ago`;
+  log(`Claude OAuth token ${expiryDesc} \u2014 refreshing...`);
+  try {
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), REFRESH_TIMEOUT_MS);
+    const response = await fetch(OAUTH_TOKEN_ENDPOINT, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        grant_type: "refresh_token",
+        refresh_token: oauth.refreshToken,
+        client_id: OAUTH_CLIENT_ID,
+        scope: OAUTH_SCOPES
+      }),
+      signal: controller.signal
+    });
+    clearTimeout(timeout);
+    if (!response.ok) {
+      const body = await response.text().catch(() => "");
+      const error = `OAuth refresh failed: HTTP ${response.status} \u2014 ${body.slice(0, 200)}`;
+      log(error);
+      return { refreshed: false, error };
+    }
+    const data = await response.json();
+    const newExpiresAt = now + data.expires_in * 1e3;
+    creds.claudeAiOauth = {
+      ...oauth,
+      accessToken: data.access_token,
+      refreshToken: data.refresh_token,
+      expiresAt: newExpiresAt,
+      ...data.scope ? { scopes: data.scope.split(" ") } : {}
+    };
+    await writeCredentials(creds);
+    const newExpiryMin = Math.round(data.expires_in / 60);
+    log(`Claude OAuth token refreshed \u2014 new expiry in ${newExpiryMin}min (${new Date(newExpiresAt).toISOString()})`);
+    return { refreshed: true, expiresAt: newExpiresAt };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    const error = `OAuth refresh error: ${msg}`;
+    log(error);
+    return { refreshed: false, error };
+  }
+}
+
 const __filename$1 = fileURLToPath(import.meta.url);
 const __dirname$1 = dirname(__filename$1);
 const CLAUDE_SKILLS_DIR = join(os.homedir(), ".claude", "skills");
@@ -6297,7 +6424,7 @@ async function startDaemon(options) {
   const supervisor = new ProcessSupervisor(join(SVAMP_HOME, "processes"));
   await supervisor.init();
   const tunnels = /* @__PURE__ */ new Map();
-  const { ServeManager } = await import('./serveManager-BTbXyL0i.mjs');
+  const { ServeManager } = await import('./serveManager-CdJgafp4.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -6822,6 +6949,14 @@ async function startDaemon(options) {
                         if (isBillingIssue) {
                           hint = "\n\nCheck your Claude account credits or subscription at https://console.anthropic.com.";
                         } else if (isLoginIssue) {
+                          checkAndRefreshOAuthToken(true, logger).then((r) => {
+                            if (r.refreshed) {
+                              logger.log(`[Session ${sessionId}] OAuth token refreshed after auth error \u2014 retrying on next message`);
+                              sessionService.pushMessage({ type: "message", message: "Authentication token was refreshed automatically. Please retry your message.", level: "warning" }, "event");
+                            }
+                          }).catch((err) => {
+                            logger.log(`[Session ${sessionId}] Reactive OAuth refresh failed: ${err.message}`);
+                          });
                           hint = "\n\nRun `claude login` in your terminal on the machine running the daemon to re-authenticate.";
                         } else if (isResumeIssue) {
                           hint = "\n\nThe conversation history may be corrupted. Try starting a fresh session.";
@@ -8876,10 +9011,34 @@ The automated loop has finished. Review the progress above and let me know if yo
       proxyTokenRefreshInterval = setInterval(refreshProxyToken, PROXY_TOKEN_REFRESH_INTERVAL_MS);
       logger.log("Proxy token auto-refresh enabled (every 7 days)");
     }
+    let oauthRefreshInterval;
+    const refreshOAuthAndRestageCredentials = async () => {
+      try {
+        const result = await checkAndRefreshOAuthToken(false, logger);
+        if (result.refreshed) {
+          for (const [, session] of pidToTrackedSession) {
+            if (session.cleanupCredentials) {
+              try {
+                const { stageCredentialsForSharing: stageCredentialsForSharing2 } = await Promise.resolve().then(function () { return credentialStaging; });
+                await stageCredentialsForSharing2(session.svampSessionId);
+              } catch (err) {
+                logger.log(`Failed to re-stage credentials for session ${session.svampSessionId}: ${err.message}`);
+              }
+            }
+          }
+        }
+      } catch (err) {
+        logger.log(`OAuth refresh check error: ${err.message}`);
+      }
+    };
+    refreshOAuthAndRestageCredentials();
+    oauthRefreshInterval = setInterval(refreshOAuthAndRestageCredentials, OAUTH_CHECK_INTERVAL_MS);
+    logger.log("Claude OAuth token auto-refresh enabled (checking every 5 min)");
     const cleanup = async (source) => {
       logger.log(`Cleaning up (source: ${source})...`);
       clearInterval(heartbeatInterval);
       if (proxyTokenRefreshInterval) clearInterval(proxyTokenRefreshInterval);
+      if (oauthRefreshInterval) clearInterval(oauthRefreshInterval);
       if (unhandledRejectionResetTimer) clearTimeout(unhandledRejectionResetTimer);
       for (const [, session] of pidToTrackedSession) {
         session.stopped = true;

package/dist/{serveCommands-Ci4DE-iQ.mjs → serveCommands-DlblUnsT.mjs}

@@ -52,7 +52,7 @@ async function handleServeCommand() {
   }
 }
 async function serveAdd(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-DRpGTxYD.mjs');
+  const { connectAndGetMachine } = await import('./commands-Bs2vXq8f.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -84,7 +84,7 @@ async function serveAdd(args, machineId) {
   }
 }
 async function serveRemove(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-DRpGTxYD.mjs');
+  const { connectAndGetMachine } = await import('./commands-Bs2vXq8f.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -104,7 +104,7 @@ async function serveRemove(args, machineId) {
   }
 }
 async function serveList(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-DRpGTxYD.mjs');
+  const { connectAndGetMachine } = await import('./commands-Bs2vXq8f.mjs');
   const all = hasFlag(args, "--all", "-a");
   const json = hasFlag(args, "--json");
   const sessionId = getFlag(args, "--session");
@@ -137,7 +137,7 @@ async function serveList(args, machineId) {
   }
 }
 async function serveInfo(machineId) {
-  const { connectAndGetMachine } = await import('./commands-DRpGTxYD.mjs');
+  const { connectAndGetMachine } = await import('./commands-Bs2vXq8f.mjs');
   const { machine, server } = await connectAndGetMachine(machineId);
   try {
     const info = await machine.serveInfo();

package/dist/{serveManager-BTbXyL0i.mjs → serveManager-CdJgafp4.mjs}

@@ -425,7 +425,7 @@ class ServeManager {
     this.caddyPort = await findFreePort();
     this.port = await findFreePort();
     const adminPort = await findFreePort();
-    const { CaddyManager } = await import('./caddy-fJWXn1kE.mjs');
+    const { CaddyManager } = await import('./caddy-BMbX-mFX.mjs');
     this.caddy = new CaddyManager({
       listenPort: this.caddyPort,
       adminPort,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svamp-cli",
-  "version": "0.2.26",
+  "version": "0.2.28",
   "description": "Svamp CLI — AI workspace daemon on Hypha Cloud",
   "author": "Amun AI AB",
   "license": "SEE LICENSE IN LICENSE",