svamp-cli 0.2.38 → 0.2.40

package/dist/{agentCommands-Djr_xWX-.mjs → agentCommands-BvmStLoh.mjs}

@@ -148,7 +148,7 @@ async function sessionBroadcast(action, args) {
   console.log(`Broadcast sent: ${action}`);
 }
 async function connectToMachineService() {
-  const { connectAndGetMachine } = await import('./commands-B8Q1ig7j.mjs');
+  const { connectAndGetMachine } = await import('./commands-CWKFZm9s.mjs');
   return connectAndGetMachine();
 }
 async function inboxSend(targetSessionId, opts) {
@@ -165,7 +165,7 @@ async function inboxSend(targetSessionId, opts) {
   }
   const { server, machine } = await connectToMachineService();
   try {
-    const { resolveSessionId } = await import('./commands-B8Q1ig7j.mjs');
+    const { resolveSessionId } = await import('./commands-CWKFZm9s.mjs');
     const sessions = await machine.listSessions();
     const match = resolveSessionId(sessions, targetSessionId);
     const fullTargetId = match.sessionId;

package/dist/cli.mjs

@@ -1,4 +1,4 @@
-import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-D-1qvfLH.mjs';
+import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-CRwkPQDW.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -36,11 +36,23 @@ async function main() {
     await logoutFromHypha();
   } else if (subcommand === "daemon") {
     if (daemonSubcommand === "restart") {
-      const { restartDaemon } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.k; });
+      try {
+        await applyClaudeAuthFlags(args);
+      } catch (err) {
+        console.error(`svamp daemon restart: ${err.message || err}`);
+        process.exit(1);
+      }
+      const { restartDaemon } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.n; });
       await restartDaemon();
       process.exit(0);
     }
     if (daemonSubcommand === "start") {
+      try {
+        await applyClaudeAuthFlags(args);
+      } catch (err) {
+        console.error(`svamp daemon start: ${err.message || err}`);
+        process.exit(1);
+      }
       const { spawn } = await import('child_process');
       const extraArgs = [];
       if (args.includes("--no-auto-continue")) extraArgs.push("--no-auto-continue");
@@ -222,6 +234,9 @@ async function main() {
     } else if (daemonSubcommand === "uninstall") {
       await uninstallDaemonService();
       process.exit(0);
+    } else if (daemonSubcommand === "auth") {
+      await handleDaemonAuthCommand(args.slice(2));
+      process.exit(0);
     } else {
       printDaemonHelp();
     }
@@ -257,7 +272,7 @@ async function main() {
       console.error("svamp serve: Serve commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServeCommand } = await import('./serveCommands-B2vQJyUt.mjs');
+    const { handleServeCommand } = await import('./serveCommands-B9Dq2loo.mjs');
     await handleServeCommand();
     process.exit(0);
   } else if (subcommand === "process" || subcommand === "proc") {
@@ -266,7 +281,7 @@ async function main() {
       console.error("svamp process: Process commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { processCommand } = await import('./commands-BpW-hioi.mjs');
+    const { processCommand } = await import('./commands-DVXppwx2.mjs');
     let machineId;
     const processArgs = args.slice(1);
     const mIdx = processArgs.findIndex((a) => a === "--machine" || a === "-m");
@@ -284,7 +299,7 @@ async function main() {
   } else if (!subcommand || subcommand === "start") {
     await handleInteractiveCommand();
   } else if (subcommand === "--version" || subcommand === "-v") {
-    const pkg = await import('./package-CcU8sNV_.mjs').catch(() => ({ default: { version: "unknown" } }));
+    const pkg = await import('./package-DwO5YX9e.mjs').catch(() => ({ default: { version: "unknown" } }));
     console.log(`svamp version: ${pkg.default.version}`);
   } else {
     console.error(`Unknown command: ${subcommand}`);
@@ -293,7 +308,7 @@ async function main() {
   }
 }
 async function handleInteractiveCommand() {
-  const { runInteractive } = await import('./run-BStlzTCG.mjs');
+  const { runInteractive } = await import('./run--6SzG2CH.mjs');
   const interactiveArgs = subcommand === "start" ? args.slice(1) : args;
   let directory = process.cwd();
   let resumeSessionId;
@@ -338,7 +353,7 @@ async function handleAgentCommand() {
     return;
   }
   if (agentArgs[0] === "list") {
-    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.i; });
+    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.i; });
     console.log("Known agents:");
     for (const [name, config2] of Object.entries(KNOWN_ACP_AGENTS)) {
       console.log(`  ${name.padEnd(12)} ${config2.command} ${config2.args.join(" ")}  (ACP)`);
@@ -350,7 +365,7 @@ async function handleAgentCommand() {
     console.log('Use "svamp agent -- <command> [args]" for a custom ACP agent.');
     return;
   }
-  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.i; });
+  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.i; });
   let cwd = process.cwd();
   const filteredArgs = [];
   for (let i = 0; i < agentArgs.length; i++) {
@@ -374,12 +389,12 @@ async function handleAgentCommand() {
   console.log(`Starting ${config.agentName} agent in ${cwd}...`);
   let backend;
   if (KNOWN_MCP_AGENTS[config.agentName]) {
-    const { CodexMcpBackend } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.j; });
+    const { CodexMcpBackend } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.j; });
     backend = new CodexMcpBackend({ cwd, log: logFn });
   } else {
-    const { AcpBackend } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.h; });
-    const { GeminiTransport } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.G; });
-    const { DefaultTransport } = await import('./run-D-1qvfLH.mjs').then(function (n) { return n.D; });
+    const { AcpBackend } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.h; });
+    const { GeminiTransport } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.G; });
+    const { DefaultTransport } = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.D; });
     const transportHandler = config.agentName === "gemini" ? new GeminiTransport() : new DefaultTransport(config.agentName);
     backend = new AcpBackend({
       agentName: config.agentName,
@@ -506,7 +521,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
   }
-  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-B8Q1ig7j.mjs');
+  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-CWKFZm9s.mjs');
   const parseFlagStr = (flag, shortFlag) => {
     for (let i = 1; i < sessionArgs.length; i++) {
       if ((sessionArgs[i] === flag || shortFlag) && i + 1 < sessionArgs.length) {
@@ -566,7 +581,7 @@ async function handleSessionCommand() {
         allowDomain.push(sessionArgs[++i]);
       }
     }
-    const { parseShareArg } = await import('./commands-B8Q1ig7j.mjs');
+    const { parseShareArg } = await import('./commands-CWKFZm9s.mjs');
     const shareEntries = share.map((s) => parseShareArg(s));
     await sessionSpawn(agent, dir, targetMachineId, {
       message,
@@ -652,7 +667,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session approve <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionApprove } = await import('./commands-B8Q1ig7j.mjs');
+    const { sessionApprove } = await import('./commands-CWKFZm9s.mjs');
     const approveReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionApprove(sessionArgs[1], approveReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -662,7 +677,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session deny <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionDeny } = await import('./commands-B8Q1ig7j.mjs');
+    const { sessionDeny } = await import('./commands-CWKFZm9s.mjs');
     const denyReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionDeny(sessionArgs[1], denyReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -698,7 +713,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session set-title <title>");
       process.exit(1);
     }
-    const { sessionSetTitle } = await import('./agentCommands-Djr_xWX-.mjs');
+    const { sessionSetTitle } = await import('./agentCommands-BvmStLoh.mjs');
     await sessionSetTitle(title);
   } else if (sessionSubcommand === "set-link") {
     const url = sessionArgs[1];
@@ -707,7 +722,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const label = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
-    const { sessionSetLink } = await import('./agentCommands-Djr_xWX-.mjs');
+    const { sessionSetLink } = await import('./agentCommands-BvmStLoh.mjs');
     await sessionSetLink(url, label);
   } else if (sessionSubcommand === "notify") {
     const message = sessionArgs[1];
@@ -716,7 +731,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const level = parseFlagStr("--level") || "info";
-    const { sessionNotify } = await import('./agentCommands-Djr_xWX-.mjs');
+    const { sessionNotify } = await import('./agentCommands-BvmStLoh.mjs');
     await sessionNotify(message, level);
   } else if (sessionSubcommand === "broadcast") {
     const action = sessionArgs[1];
@@ -724,7 +739,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session broadcast <action> [args...]\nActions: open-canvas <url> [label], close-canvas, toast <message>");
       process.exit(1);
     }
-    const { sessionBroadcast } = await import('./agentCommands-Djr_xWX-.mjs');
+    const { sessionBroadcast } = await import('./agentCommands-BvmStLoh.mjs');
     await sessionBroadcast(action, sessionArgs.slice(2).filter((a) => !a.startsWith("--")));
   } else if (sessionSubcommand === "inbox") {
     const inboxSubcmd = sessionArgs[1];
@@ -735,7 +750,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId) {
-        const { inboxSend } = await import('./agentCommands-Djr_xWX-.mjs');
+        const { inboxSend } = await import('./agentCommands-BvmStLoh.mjs');
         await inboxSend(sessionArgs[2], {
           body: sessionArgs[3],
           subject: parseFlagStr("--subject"),
@@ -750,7 +765,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "list" || inboxSubcmd === "ls") {
       if (agentSessionId && !sessionArgs[2]) {
-        const { inboxList } = await import('./agentCommands-Djr_xWX-.mjs');
+        const { inboxList } = await import('./agentCommands-BvmStLoh.mjs');
         await inboxList({
           unread: hasFlag("--unread"),
           limit: parseFlagInt("--limit"),
@@ -772,7 +787,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId && !sessionArgs[3]) {
-        const { inboxList } = await import('./agentCommands-Djr_xWX-.mjs');
+        const { inboxList } = await import('./agentCommands-BvmStLoh.mjs');
         await sessionInboxRead(agentSessionId, sessionArgs[2], targetMachineId);
       } else if (sessionArgs[3]) {
         await sessionInboxRead(sessionArgs[2], sessionArgs[3], targetMachineId);
@@ -782,7 +797,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "reply") {
       if (agentSessionId && sessionArgs[2] && sessionArgs[3] && !sessionArgs[4]) {
-        const { inboxReply } = await import('./agentCommands-Djr_xWX-.mjs');
+        const { inboxReply } = await import('./agentCommands-BvmStLoh.mjs');
         await inboxReply(sessionArgs[2], sessionArgs[3]);
       } else if (sessionArgs[2] && sessionArgs[3] && sessionArgs[4]) {
         await sessionInboxReply(sessionArgs[2], sessionArgs[3], sessionArgs[4], targetMachineId);
@@ -818,7 +833,7 @@ async function handleMachineCommand() {
     return;
   }
   if (machineSubcommand === "share") {
-    const { machineShare } = await import('./commands-B8Q1ig7j.mjs');
+    const { machineShare } = await import('./commands-CWKFZm9s.mjs');
     let machineId;
     const shareArgs = [];
     for (let i = 1; i < machineArgs.length; i++) {
@@ -848,7 +863,7 @@ async function handleMachineCommand() {
     }
     await machineShare(machineId, { add, remove, list, configPath, showConfig });
   } else if (machineSubcommand === "exec") {
-    const { machineExec } = await import('./commands-B8Q1ig7j.mjs');
+    const { machineExec } = await import('./commands-CWKFZm9s.mjs');
     let machineId;
     let cwd;
     const cmdParts = [];
@@ -868,7 +883,7 @@ async function handleMachineCommand() {
     }
     await machineExec(machineId, command, cwd);
   } else if (machineSubcommand === "info") {
-    const { machineInfo } = await import('./commands-B8Q1ig7j.mjs');
+    const { machineInfo } = await import('./commands-CWKFZm9s.mjs');
     let machineId;
     for (let i = 1; i < machineArgs.length; i++) {
       if ((machineArgs[i] === "--machine" || machineArgs[i] === "-m") && i + 1 < machineArgs.length) {
@@ -888,10 +903,10 @@ async function handleMachineCommand() {
         level = machineArgs[++i];
       }
     }
-    const { machineNotify } = await import('./agentCommands-Djr_xWX-.mjs');
+    const { machineNotify } = await import('./agentCommands-BvmStLoh.mjs');
     await machineNotify(message, level);
   } else if (machineSubcommand === "ls") {
-    const { machineLs } = await import('./commands-B8Q1ig7j.mjs');
+    const { machineLs } = await import('./commands-CWKFZm9s.mjs');
     let machineId;
     let showHidden = false;
     let path;
@@ -1329,8 +1344,113 @@ Usage:
   svamp daemon status                 Show daemon status
   svamp daemon install                Install as login service (macOS/Linux) \u2014 auto-start at login
   svamp daemon uninstall              Remove login service
+  svamp daemon auth                   Show Claude API auth mode used for spawned sessions
+  svamp daemon auth use-hypha-proxy   Route Claude through https://proxy.hypha.aicell.io with HYPHA_TOKEN
+  svamp daemon auth use-login         Use ~/.claude credentials (run "claude login" to set them)
+  svamp daemon auth set <URL> <KEY>   Use a custom Anthropic gateway (base URL must not end in /v1)
+
+Claude auth flags (take effect on next start/restart):
+  svamp daemon start --use-hypha-proxy
+  svamp daemon start --use-claude-login
+  svamp daemon start --anthropic-base-url URL --anthropic-api-key KEY
 `);
 }
+async function applyClaudeAuthFlags(argv) {
+  const hasHypha = argv.includes("--use-hypha-proxy");
+  const hasLogin = argv.includes("--use-claude-login") || argv.includes("--use-login");
+  const baseUrlIdx = argv.indexOf("--anthropic-base-url");
+  const apiKeyIdx = argv.indexOf("--anthropic-api-key");
+  const hasCustom = baseUrlIdx !== -1 || apiKeyIdx !== -1;
+  const chosen = [hasHypha, hasLogin, hasCustom].filter(Boolean).length;
+  if (chosen === 0) return;
+  if (chosen > 1) {
+    throw new Error(
+      "--use-hypha-proxy, --use-claude-login, and --anthropic-base-url/--anthropic-api-key are mutually exclusive"
+    );
+  }
+  const mod = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.k; });
+  if (hasHypha) {
+    mod.setClaudeAuthHyphaProxy();
+    console.log("Claude auth configured: hypha-proxy (uses HYPHA_TOKEN live at each spawn).");
+    return;
+  }
+  if (hasLogin) {
+    mod.setClaudeAuthLogin();
+    console.log('Claude auth configured: login (uses ~/.claude credentials \u2014 run "claude login" if needed).');
+    return;
+  }
+  if (baseUrlIdx === -1 || apiKeyIdx === -1) {
+    throw new Error("--anthropic-base-url and --anthropic-api-key must be passed together");
+  }
+  const baseUrl = argv[baseUrlIdx + 1];
+  const apiKey = argv[apiKeyIdx + 1];
+  if (!baseUrl || baseUrl.startsWith("--")) throw new Error("--anthropic-base-url requires a value");
+  if (!apiKey || apiKey.startsWith("--")) throw new Error("--anthropic-api-key requires a value");
+  mod.setClaudeAuthCustom(baseUrl, apiKey);
+  console.log(`Claude auth configured: custom (base URL ${baseUrl}).`);
+}
+async function handleDaemonAuthCommand(argv) {
+  const sub = (argv[0] || "status").toLowerCase();
+  const mod = await import('./run-CRwkPQDW.mjs').then(function (n) { return n.k; });
+  if (sub === "--help" || sub === "-h" || sub === "help") {
+    console.log(`
+svamp daemon auth \u2014 Configure how Claude subprocesses authenticate
+
+Subcommands:
+  svamp daemon auth                      Show current mode + base URL + redacted API key
+  svamp daemon auth use-hypha-proxy      Route Claude through the Hypha LLM proxy
+                                         (https://proxy.hypha.aicell.io) using HYPHA_TOKEN.
+                                         Token is resolved live at each spawn, so a
+                                         \`svamp login\` refresh takes effect immediately.
+  svamp daemon auth use-login            Use ~/.claude credentials written by \`claude login\`.
+                                         Removes managed ANTHROPIC_BASE_URL / ANTHROPIC_API_KEY.
+  svamp daemon auth set <URL> <KEY>      Use a custom Anthropic gateway. URL must NOT end
+                                         in /v1 (the SDK appends it automatically).
+
+All mutations are persisted to ~/.svamp/.env. Run \`svamp daemon restart\` afterwards
+(or use the equivalent flags on \`svamp daemon start/restart\` to configure + restart in
+one step: --use-hypha-proxy / --use-claude-login / --anthropic-base-url URL --anthropic-api-key KEY).
+`);
+    return;
+  }
+  if (sub === "status" || sub === "show") {
+    const s = mod.getClaudeAuthStatus();
+    console.log(`Claude auth mode: ${s.mode}`);
+    if (s.baseUrl) console.log(`  ANTHROPIC_BASE_URL: ${s.baseUrl}`);
+    if (s.apiKeyPreview) console.log(`  ANTHROPIC_API_KEY : ${s.apiKeyPreview}`);
+    if (s.mode === "login") {
+      console.log('  (Claude subprocesses will use credentials from ~/.claude \u2014 run "claude login" to set them.)');
+    }
+    if (s.hyphaTokenMissing) {
+      console.log('  WARNING: mode=hypha but HYPHA_TOKEN is not set \u2014 run "svamp login" first.');
+    }
+    return;
+  }
+  if (sub === "use-hypha-proxy") {
+    mod.setClaudeAuthHyphaProxy();
+    console.log('Claude auth set to hypha-proxy. Run "svamp daemon restart" to apply.');
+    return;
+  }
+  if (sub === "use-login" || sub === "use-claude-login") {
+    mod.setClaudeAuthLogin();
+    console.log('Claude auth set to login (~/.claude credentials). Run "svamp daemon restart" to apply.');
+    return;
+  }
+  if (sub === "set") {
+    const baseUrl = argv[1];
+    const apiKey = argv[2];
+    if (!baseUrl || !apiKey) {
+      console.error("Usage: svamp daemon auth set <base-url> <api-key>");
+      process.exit(1);
+    }
+    mod.setClaudeAuthCustom(baseUrl, apiKey);
+    console.log(`Claude auth set to custom (${baseUrl}). Run "svamp daemon restart" to apply.`);
+    return;
+  }
+  console.error(`Unknown subcommand: svamp daemon auth ${sub}`);
+  console.error("Available: status, use-hypha-proxy, use-login, set <URL> <KEY>");
+  process.exit(1);
+}
 function printSessionHelp() {
   console.log(`
 svamp session \u2014 Spawn and manage AI agent sessions

package/dist/{commands-B8Q1ig7j.mjs → commands-CWKFZm9s.mjs}

@@ -2,7 +2,7 @@ import { existsSync, readFileSync } from 'node:fs';
 import { execSync } from 'node:child_process';
 import { resolve, join } from 'node:path';
 import os from 'node:os';
-import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-D-1qvfLH.mjs';
+import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-CRwkPQDW.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{commands-BpW-hioi.mjs → commands-DVXppwx2.mjs}

@@ -1,11 +1,11 @@
 import { writeFileSync, readFileSync } from 'fs';
 import { resolve } from 'path';
-import { connectAndGetMachine } from './commands-B8Q1ig7j.mjs';
+import { connectAndGetMachine } from './commands-CWKFZm9s.mjs';
 import 'node:fs';
 import 'node:child_process';
 import 'node:path';
 import 'node:os';
-import './run-D-1qvfLH.mjs';
+import './run-CRwkPQDW.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-D-1qvfLH.mjs';
+export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-CRwkPQDW.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{package-CcU8sNV_.mjs → package-DwO5YX9e.mjs}

@@ -1,5 +1,5 @@
 var name = "svamp-cli";
-var version = "0.2.38";
+var version = "0.2.40";
 var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
 var author = "Amun AI AB";
 var license = "SEE LICENSE IN LICENSE";
@@ -19,7 +19,7 @@ var exports$1 = {
 var scripts = {
 	build: "rm -rf dist && tsc --noEmit && pkgroll",
 	typecheck: "tsc --noEmit",
-	test: "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
+	test: "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
 	"test:hypha": "node --no-warnings test/test-hypha-service.mjs",
 	dev: "tsx src/cli.ts",
 	"dev:daemon": "tsx src/cli.ts daemon start-sync",
@@ -29,7 +29,7 @@ var scripts = {
 var dependencies = {
 	"@agentclientprotocol/sdk": "^0.14.1",
 	"@modelcontextprotocol/sdk": "^1.25.3",
-	"hypha-rpc": "0.21.36",
+	"hypha-rpc": "0.21.40",
 	"node-pty": "1.2.0-beta.11",
 	ws: "^8.18.0",
 	yaml: "^2.8.2",

package/dist/{run-BStlzTCG.mjs → run--6SzG2CH.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { join, resolve } from 'node:path';
 import { mkdirSync, writeFileSync, existsSync, unlinkSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as registerSessionService } from './run-D-1qvfLH.mjs';
+import { c as connectToHypha, a as registerSessionService } from './run-CRwkPQDW.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';

package/dist/{run-D-1qvfLH.mjs → run-CRwkPQDW.mjs}

@@ -4930,6 +4930,162 @@ function shouldIsolate(input) {
   return input.optionsSecurityContext !== null && input.optionsSecurityContext !== void 0;
 }
 
+const HYPHA_PROXY_BASE_URL = "https://proxy.hypha.aicell.io";
+const MODE_KEY = "SVAMP_CLAUDE_PROXY";
+const MANAGED_KEYS = /* @__PURE__ */ new Set([
+  MODE_KEY,
+  "ANTHROPIC_BASE_URL",
+  "ANTHROPIC_API_KEY"
+]);
+function envFilePath() {
+  const svampHome = process.env.SVAMP_HOME || join$1(homedir(), ".svamp");
+  return join$1(svampHome, ".env");
+}
+function readEnvLines() {
+  const file = envFilePath();
+  if (!existsSync(file)) return [];
+  return readFileSync(file, "utf-8").split("\n");
+}
+function writeEnvLines(lines) {
+  const file = envFilePath();
+  const dir = join$1(file, "..");
+  if (!existsSync(dir)) mkdirSync$1(dir, { recursive: true });
+  while (lines.length > 0 && lines[lines.length - 1].trim() === "") {
+    lines.pop();
+  }
+  writeFileSync$1(file, lines.join("\n") + "\n", "utf-8");
+}
+function updateEnvFile(updates) {
+  const lines = readEnvLines();
+  const kept = [];
+  const remainingUpdates = new Map(Object.entries(updates));
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) {
+      kept.push(line);
+      continue;
+    }
+    const eq = trimmed.indexOf("=");
+    const key = eq === -1 ? trimmed : trimmed.slice(0, eq);
+    if (remainingUpdates.has(key)) {
+      const v = remainingUpdates.get(key);
+      remainingUpdates.delete(key);
+      if (v === void 0) continue;
+      kept.push(`${key}=${v}`);
+      continue;
+    }
+    kept.push(line);
+  }
+  for (const [key, v] of remainingUpdates) {
+    if (v === void 0) continue;
+    kept.push(`${key}=${v}`);
+  }
+  writeEnvLines(kept);
+}
+function currentMode() {
+  const raw = (process.env[MODE_KEY] || "").trim().toLowerCase();
+  if (raw === "hypha" || raw === "hypha-proxy") return "hypha";
+  if (raw === "custom") return "custom";
+  return "login";
+}
+function redactKey(key) {
+  if (!key) return void 0;
+  if (key.length <= 12) return "***";
+  return `${key.slice(0, 8)}\u2026${key.slice(-4)}`;
+}
+function getClaudeAuthStatus() {
+  const mode = currentMode();
+  if (mode === "hypha") {
+    const token = process.env.HYPHA_TOKEN;
+    return {
+      mode,
+      baseUrl: HYPHA_PROXY_BASE_URL,
+      apiKeyPreview: redactKey(token),
+      hyphaTokenMissing: !token
+    };
+  }
+  if (mode === "custom") {
+    return {
+      mode,
+      baseUrl: process.env.ANTHROPIC_BASE_URL,
+      apiKeyPreview: redactKey(process.env.ANTHROPIC_API_KEY)
+    };
+  }
+  return { mode: "login" };
+}
+function setClaudeAuthHyphaProxy() {
+  updateEnvFile({
+    [MODE_KEY]: "hypha",
+    // Hypha mode resolves token live at spawn — no stored copy.
+    ANTHROPIC_BASE_URL: void 0,
+    ANTHROPIC_API_KEY: void 0
+  });
+}
+function setClaudeAuthLogin() {
+  updateEnvFile({
+    [MODE_KEY]: void 0,
+    ANTHROPIC_BASE_URL: void 0,
+    ANTHROPIC_API_KEY: void 0
+  });
+}
+function setClaudeAuthCustom(baseUrl, apiKey) {
+  if (!baseUrl) throw new Error("ANTHROPIC_BASE_URL is required for custom mode");
+  if (!apiKey) throw new Error("ANTHROPIC_API_KEY is required for custom mode");
+  const trimmed = baseUrl.replace(/\/+$/, "");
+  if (trimmed.endsWith("/v1")) {
+    throw new Error(
+      "ANTHROPIC_BASE_URL must not end in /v1 \u2014 the SDK appends it, producing double /v1/v1/messages"
+    );
+  }
+  updateEnvFile({
+    [MODE_KEY]: "custom",
+    ANTHROPIC_BASE_URL: trimmed,
+    ANTHROPIC_API_KEY: apiKey
+  });
+}
+function applyClaudeProxyEnv(spawnEnv) {
+  const mode = currentMode();
+  if (mode === "hypha") {
+    const token = process.env.HYPHA_TOKEN;
+    if (!token) {
+      delete spawnEnv.ANTHROPIC_BASE_URL;
+      delete spawnEnv.ANTHROPIC_API_KEY;
+      return "hypha mode but HYPHA_TOKEN missing \u2014 falling back to login";
+    }
+    spawnEnv.ANTHROPIC_BASE_URL = HYPHA_PROXY_BASE_URL;
+    spawnEnv.ANTHROPIC_API_KEY = token;
+    return `hypha proxy (${HYPHA_PROXY_BASE_URL})`;
+  }
+  if (mode === "custom") {
+    const url = process.env.ANTHROPIC_BASE_URL;
+    const key = process.env.ANTHROPIC_API_KEY;
+    if (!url || !key) {
+      delete spawnEnv.ANTHROPIC_BASE_URL;
+      delete spawnEnv.ANTHROPIC_API_KEY;
+      return "custom mode but ANTHROPIC_BASE_URL/API_KEY missing \u2014 falling back to login";
+    }
+    spawnEnv.ANTHROPIC_BASE_URL = url;
+    spawnEnv.ANTHROPIC_API_KEY = key;
+    return `custom proxy (${url})`;
+  }
+  delete spawnEnv.ANTHROPIC_BASE_URL;
+  delete spawnEnv.ANTHROPIC_API_KEY;
+  return null;
+}
+const MANAGED_ENV_KEYS = Array.from(MANAGED_KEYS);
+
+var claudeAuth = /*#__PURE__*/Object.freeze({
+    __proto__: null,
+    HYPHA_PROXY_BASE_URL: HYPHA_PROXY_BASE_URL,
+    MANAGED_ENV_KEYS: MANAGED_ENV_KEYS,
+    applyClaudeProxyEnv: applyClaudeProxyEnv,
+    getClaudeAuthStatus: getClaudeAuthStatus,
+    setClaudeAuthCustom: setClaudeAuthCustom,
+    setClaudeAuthHyphaProxy: setClaudeAuthHyphaProxy,
+    setClaudeAuthLogin: setClaudeAuthLogin,
+    updateEnvFile: updateEnvFile
+});
+
 const DEFAULT_PROBE_INTERVAL_S = 10;
 const DEFAULT_PROBE_TIMEOUT_S = 5;
 const DEFAULT_PROBE_FAILURE_THRESHOLD = 3;
@@ -6824,6 +6980,10 @@ async function startDaemon(options) {
           delete spawnEnv.CLAUDECODE;
           spawnEnv.SVAMP_SESSION_ID = sessionId;
           delete spawnEnv.SVAMP_SANDBOXED;
+          const proxyDesc = applyClaudeProxyEnv(spawnEnv);
+          if (proxyDesc) {
+            logger.log(`[Session ${sessionId}] Claude auth: ${proxyDesc}`);
+          }
           if (isoConfig && stagedCredentials) {
             Object.assign(spawnEnv, stagedCredentials.env);
             const filtered = {};
@@ -9047,18 +9207,31 @@ The automated loop has finished. Review the progress above and let me know if yo
     }, HEARTBEAT_INTERVAL_MS);
     const PROXY_TOKEN_REFRESH_INTERVAL_MS = 7 * 24 * 60 * 60 * 1e3;
     let proxyTokenRefreshInterval;
-    if (process.env.ANTHROPIC_BASE_URL) {
+    const proxyMode = (process.env.SVAMP_CLAUDE_PROXY || "").toLowerCase();
+    if (proxyMode === "hypha" || proxyMode === "hypha-proxy") {
+      const refreshProxyToken = async () => {
+        try {
+          const freshToken = await server.generateToken({ expires_in: 30 * 24 * 3600 });
+          process.env.HYPHA_TOKEN = freshToken;
+          logger.log("Hypha proxy token refreshed (30-day expiry)");
+        } catch (err) {
+          logger.log(`Hypha proxy token refresh failed (will retry in 7 days): ${err}`);
+        }
+      };
+      proxyTokenRefreshInterval = setInterval(refreshProxyToken, PROXY_TOKEN_REFRESH_INTERVAL_MS);
+      logger.log("Hypha proxy token auto-refresh enabled (every 7 days)");
+    } else if (process.env.ANTHROPIC_BASE_URL && !process.env.SVAMP_CLAUDE_PROXY) {
       const refreshProxyToken = async () => {
         try {
           const freshToken = await server.generateToken({ expires_in: 30 * 24 * 3600 });
           process.env.ANTHROPIC_API_KEY = freshToken;
-          logger.log("Proxy token refreshed (30-day expiry)");
+          logger.log("Proxy token refreshed (legacy, 30-day expiry)");
         } catch (err) {
           logger.log(`Proxy token refresh failed (will retry in 7 days): ${err}`);
         }
       };
       proxyTokenRefreshInterval = setInterval(refreshProxyToken, PROXY_TOKEN_REFRESH_INTERVAL_MS);
-      logger.log("Proxy token auto-refresh enabled (every 7 days)");
+      logger.log("Proxy token auto-refresh enabled (legacy mode, every 7 days)");
     }
     let oauthRefreshInterval;
     const refreshOAuthAndRestageCredentials = async () => {
@@ -9396,4 +9569,4 @@ var run = /*#__PURE__*/Object.freeze({
     stopDaemon: stopDaemon
 });
 
-export { DefaultTransport$1 as D, GeminiTransport$1 as G, registerSessionService as a, stopDaemon as b, connectToHypha as c, daemonStatus as d, resolveSecurityContext as e, buildSecurityContextFromFlags as f, getHyphaServerUrl as g, acpBackend as h, acpAgentConfig as i, codexMcpBackend as j, run as k, loadSecurityContextConfig as l, mergeSecurityContexts as m, registerMachineService as r, startDaemon as s };
+export { DefaultTransport$1 as D, GeminiTransport$1 as G, registerSessionService as a, stopDaemon as b, connectToHypha as c, daemonStatus as d, resolveSecurityContext as e, buildSecurityContextFromFlags as f, getHyphaServerUrl as g, acpBackend as h, acpAgentConfig as i, codexMcpBackend as j, claudeAuth as k, loadSecurityContextConfig as l, mergeSecurityContexts as m, run as n, registerMachineService as r, startDaemon as s };

package/dist/{serveCommands-B2vQJyUt.mjs → serveCommands-B9Dq2loo.mjs}

@@ -52,7 +52,7 @@ async function handleServeCommand() {
   }
 }
 async function serveAdd(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B8Q1ig7j.mjs');
+  const { connectAndGetMachine } = await import('./commands-CWKFZm9s.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -84,7 +84,7 @@ async function serveAdd(args, machineId) {
   }
 }
 async function serveRemove(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B8Q1ig7j.mjs');
+  const { connectAndGetMachine } = await import('./commands-CWKFZm9s.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -104,7 +104,7 @@ async function serveRemove(args, machineId) {
   }
 }
 async function serveList(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-B8Q1ig7j.mjs');
+  const { connectAndGetMachine } = await import('./commands-CWKFZm9s.mjs');
   const all = hasFlag(args, "--all", "-a");
   const json = hasFlag(args, "--json");
   const sessionId = getFlag(args, "--session");
@@ -137,7 +137,7 @@ async function serveList(args, machineId) {
   }
 }
 async function serveInfo(machineId) {
-  const { connectAndGetMachine } = await import('./commands-B8Q1ig7j.mjs');
+  const { connectAndGetMachine } = await import('./commands-CWKFZm9s.mjs');
   const { machine, server } = await connectAndGetMachine(machineId);
   try {
     const info = await machine.serveInfo();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svamp-cli",
-  "version": "0.2.38",
+  "version": "0.2.40",
   "description": "Svamp CLI — AI workspace daemon on Hypha Cloud",
   "author": "Amun AI AB",
   "license": "SEE LICENSE IN LICENSE",
@@ -20,7 +20,7 @@
   "scripts": {
     "build": "rm -rf dist && tsc --noEmit && pkgroll",
     "typecheck": "tsc --noEmit",
-    "test": "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
+    "test": "npx tsx test/test-authorize.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-ralph-loop.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-ralph-loop-integration.mjs && npx tsx test/test-ralph-loop-modes.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only",
     "test:hypha": "node --no-warnings test/test-hypha-service.mjs",
     "dev": "tsx src/cli.ts",
     "dev:daemon": "tsx src/cli.ts daemon start-sync",
@@ -30,7 +30,7 @@
   "dependencies": {
     "@agentclientprotocol/sdk": "^0.14.1",
     "@modelcontextprotocol/sdk": "^1.25.3",
-    "hypha-rpc": "0.21.36",
+    "hypha-rpc": "0.21.40",
     "node-pty": "1.2.0-beta.11",
     "ws": "^8.18.0",
     "yaml": "^2.8.2",