thepopebot 1.2.71 → 1.2.72-beta.1

package/README.md

@@ -206,6 +206,20 @@ If you've made custom changes to managed files (e.g., added extra steps to a Git
 npx thepopebot init --no-managed
 ```
 
+#### Template file conventions
+
+The `templates/` directory contains files scaffolded into user projects by `thepopebot init`. Two naming conventions handle files that npm or AI tools would otherwise misinterpret:
+
+**`.template` suffix** — Files ending in `.template` are scaffolded with the suffix stripped. This is used for files that npm mangles (`.gitignore`) or that AI tools would pick up as real project docs (`CLAUDE.md`).
+
+| In `templates/` | Scaffolded as |
+|-----------------|---------------|
+| `.gitignore.template` | `.gitignore` |
+| `CLAUDE.md.template` | `CLAUDE.md` |
+| `api/CLAUDE.md.template` | `api/CLAUDE.md` |
+
+**`CLAUDE.md` exclusion** — The scaffolding walker skips any file named `CLAUDE.md` (without the `.template` suffix). This is a safety net so a bare `CLAUDE.md` accidentally added to `templates/` never gets copied into user projects where AI tools would confuse it with real project instructions.
+
 ---
 
 ## CLI Commands
@@ -246,22 +260,6 @@ GitHub secrets use a prefix convention so the workflow can route them correctly:
 
 ---
 
-## Template File Conventions
-
-The `templates/` directory contains files scaffolded into user projects by `thepopebot init`. Two naming conventions handle files that npm or AI tools would otherwise misinterpret:
-
-**`.template` suffix** — Files ending in `.template` are scaffolded with the suffix stripped. This is used for files that npm mangles (`.gitignore`) or that AI tools would pick up as real project docs (`CLAUDE.md`).
-
-| In `templates/` | Scaffolded as |
-|-----------------|---------------|
-| `.gitignore.template` | `.gitignore` |
-| `CLAUDE.md.template` | `CLAUDE.md` |
-| `api/CLAUDE.md.template` | `api/CLAUDE.md` |
-
-**`CLAUDE.md` exclusion** — The scaffolding walker skips any file named `CLAUDE.md` (without the `.template` suffix). This is a safety net so a bare `CLAUDE.md` accidentally added to `templates/` never gets copied into user projects where AI tools would confuse it with real project instructions.
-
----
-
 ## Security
 
 thepopebot includes API key authentication, webhook secret validation (fail-closed), session encryption, secret filtering in the Docker agent, and auto-merge path restrictions. However, all software carries risk — thepopebot is provided as-is, and you are responsible for securing your own infrastructure. If you're running locally with a tunnel (ngrok, Cloudflare Tunnel, port forwarding), be aware that your dev server endpoints are publicly accessible with no rate limiting and no TLS on the local hop.
@@ -270,85 +268,11 @@ See [docs/SECURITY.md](docs/SECURITY.md) for full details on what's exposed, the
 
 ---
 
-## Running Different Models Per Job
-
-Every job your agent runs can use a different LLM. Use Claude for one cron, GPT-4o for another, or a local Ollama model for a third — just set `llm_provider` and `llm_model` on the entry.
-
-### Per-job overrides
-
-Add `llm_provider` and `llm_model` to any agent-type entry in `config/CRONS.json` or any action in `config/TRIGGERS.json`. This overrides the default for just that one job:
-
-```json
-{
-  "name": "Code review",
-  "schedule": "0 9 * * 1",
-  "type": "agent",
-  "job": "Review open PRs and leave comments",
-  "llm_provider": "openai",
-  "llm_model": "gpt-4o"
-}
-```
-
-The matching API key must already exist as a GitHub secret (see the table below).
-
-> **Using `custom` on individual crons:** `llm_provider` and `llm_model` travel with the job, but `OPENAI_BASE_URL`, `RUNS_ON`, and `CUSTOM_API_KEY` are repo-level settings — they must be set as GitHub variables/secrets even if your default provider is something else. See [Using the `custom` provider](#using-the-custom-provider) below.
-
-### Providers
-
-| Provider | What it is | Example model | GitHub secret needed |
-|----------|------------|---------------|----------------------|
-| `anthropic` | Anthropic (default) | `claude-sonnet-4-20250514` | `AGENT_ANTHROPIC_API_KEY` |
-| `openai` | OpenAI | `gpt-4o` | `AGENT_OPENAI_API_KEY` |
-| `google` | Google Gemini | `gemini-2.5-pro` | `AGENT_GOOGLE_API_KEY` |
-| `custom` | Any OpenAI-compatible API (DeepSeek, Ollama, Together AI, etc.) | `deepseek-chat` | `AGENT_CUSTOM_API_KEY` *(if required — see below)* |
-
-### Changing the default for all jobs
-
-If you want every job to use the same non-Anthropic model, set `LLM_PROVIDER` and `LLM_MODEL` as GitHub repo variables:
-
-```bash
-npx thepopebot set-var LLM_PROVIDER openai
-npx thepopebot set-var LLM_MODEL gpt-4o
-```
-
-Per-job overrides in `CRONS.json` and `TRIGGERS.json` still take priority over these defaults.
-
-### Using the `custom` provider
-
-`custom` means "any server that speaks the OpenAI chat-completions API." This covers two cases: cloud APIs and local models.
-
-#### Cloud custom (DeepSeek, Together AI, Fireworks, etc.)
-
-Point at the provider's endpoint and add your API key:
-
-```bash
-npx thepopebot set-var LLM_PROVIDER custom
-npx thepopebot set-var LLM_MODEL deepseek-chat
-npx thepopebot set-var OPENAI_BASE_URL https://api.deepseek.com/v1
-```
-
-Then set the API key as a GitHub secret:
-
-```bash
-npx thepopebot set-agent-secret CUSTOM_API_KEY sk-...
-```
-
-Cloud custom APIs are reachable from any runner — no other changes needed.
-
-#### Local custom (Ollama, LM Studio, vLLM, etc.)
-
-For a model running on your own machine you need a [self-hosted runner](https://docs.github.com/en/actions/hosting-your-own-runners) so the job executes on your hardware:
-
-```bash
-npx thepopebot set-var RUNS_ON self-hosted
-npx thepopebot set-var LLM_PROVIDER custom
-npx thepopebot set-var LLM_MODEL qwen3:8b
-npx thepopebot set-var OPENAI_BASE_URL http://host.docker.internal:11434/v1
-```
+## Running Different Models
 
-Most local servers don't need an API key. If yours does, set `AGENT_CUSTOM_API_KEY` as a GitHub secret.
+The Event Handler (chat, Telegram, webhooks) and Jobs (Docker agent) are two independent layers — each can run a different LLM. Use Claude for interactive chat and a cheaper or local model for long-running jobs, mix providers per cron entry, or run everything on a single model.
 
-> **Important:** `RUNS_ON=self-hosted` is only needed when the model runs on your machine. Jobs run inside Docker, so use `host.docker.internal` to reach a model server on the host.
+See [docs/RUNNING_DIFFERENT_MODELS.md](docs/RUNNING_DIFFERENT_MODELS.md) for the full guide: Event Handler config, job defaults, per-job overrides, provider table, and custom provider setup.
 
 ---
 
@@ -360,6 +284,7 @@ Most local servers don't need an API key. If yours does, set `AGENT_CUSTOM_API_K
 | [Configuration](docs/CONFIGURATION.md) | Environment variables, GitHub secrets, repo variables, ngrok, Telegram setup |
 | [Customization](docs/CUSTOMIZATION.md) | Personality, skills, operating system files, using your bot, security details |
 | [Chat Integrations](docs/CHAT_INTEGRATIONS.md) | Web chat, Telegram, adding new channels |
+| [Running Different Models](docs/RUNNING_DIFFERENT_MODELS.md) | Event Handler vs job model config, per-job overrides, providers, custom provider |
 | [Auto-Merge](docs/AUTO_MERGE.md) | Auto-merge controls, ALLOWED_PATHS configuration |
 | [Deployment](docs/DEPLOYMENT.md) | VPS setup, Docker Compose, HTTPS with Let's Encrypt |
 | [How to Use Pi](docs/HOW_TO_USE_PI.md) | Guide to the Pi coding agent |

package/bin/cli.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 
-import { execSync } from 'child_process';
+import { execSync, execFileSync } from 'child_process';
 import fs from 'fs';
 import path from 'path';
 import { fileURLToPath } from 'url';
@@ -18,6 +18,7 @@ const args = process.argv.slice(3);
 const MANAGED_PATHS = [
   '.github/workflows/',
   'docker/event-handler/',
+  'docker/job/',
   'docker-compose.yml',
   '.dockerignore',
 ];
@@ -400,7 +401,7 @@ function copyDirSyncForce(src, dest, templateRelBase = '') {
 function setup() {
   const setupScript = path.join(__dirname, '..', 'setup', 'setup.mjs');
   try {
-    execSync(`node ${setupScript}`, { stdio: 'inherit', cwd: process.cwd() });
+    execFileSync(process.execPath, [setupScript], { stdio: 'inherit', cwd: process.cwd() });
   } catch {
     process.exit(1);
   }
@@ -409,7 +410,7 @@ function setup() {
 function setupTelegram() {
   const setupScript = path.join(__dirname, '..', 'setup', 'setup-telegram.mjs');
   try {
-    execSync(`node ${setupScript}`, { stdio: 'inherit', cwd: process.cwd() });
+    execFileSync(process.execPath, [setupScript], { stdio: 'inherit', cwd: process.cwd() });
   } catch {
     process.exit(1);
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "thepopebot",
-  "version": "1.2.71",
+  "version": "1.2.72-beta.1",
   "type": "module",
   "description": "Create autonomous AI agents with a two-layer architecture: Next.js Event Handler + Docker Agent.",
   "bin": {

package/setup/setup.mjs

@@ -237,12 +237,12 @@ async function main() {
 
       try {
         const url = remoteUrl.replace(/\/$/, '').replace(/\.git$/, '') + '.git';
-        execSync(`git remote add origin ${url}`, { stdio: 'ignore' });
+        execSync(`git remote add origin "${url}"`, { stdio: 'ignore' });
         remoteAdded = true;
       } catch {
         try {
           const url = remoteUrl.replace(/\/$/, '').replace(/\.git$/, '') + '.git';
-          execSync(`git remote set-url origin ${url}`, { stdio: 'ignore' });
+          execSync(`git remote set-url origin "${url}"`, { stdio: 'ignore' });
           remoteAdded = true;
         } catch {
           clack.log.error('Failed to set remote. Try again.');
@@ -355,7 +355,7 @@ async function main() {
     let pushed = false;
     while (!pushed) {
       const authedUrl = remote.replace('https://github.com/', `https://x-access-token:${pat}@github.com/`);
-      execSync(`git remote set-url origin ${authedUrl}`, { stdio: 'ignore' });
+      execSync(`git remote set-url origin "${authedUrl}"`, { stdio: 'ignore' });
 
       const pushSpinner = clack.spinner();
       pushSpinner.start('Pushing to GitHub...');
@@ -368,7 +368,7 @@ async function main() {
         pushSpinner.stop('Failed to push');
         const output = (err.stdout || '') + (err.stderr || '');
         if (output) clack.log.error(output.trim());
-        execSync(`git remote set-url origin ${remote}`, { stdio: 'ignore' });
+        execSync(`git remote set-url origin "${remote}"`, { stdio: 'ignore' });
         clack.log.info('Your PAT may not have write access to this repository.');
         pat = await promptForPAT();
         collected.GH_TOKEN = pat;
@@ -376,7 +376,7 @@ async function main() {
       }
 
       // Reset remote URL back to clean HTTPS (no token embedded)
-      execSync(`git remote set-url origin ${remote}`, { stdio: 'ignore' });
+      execSync(`git remote set-url origin "${remote}"`, { stdio: 'ignore' });
     }
   }
 

package/templates/docker/job/entrypoint.sh

@@ -12,13 +12,13 @@ echo "Job ID: ${JOB_ID}"
 # Export SECRETS (JSON) as flat env vars (GH_TOKEN, ANTHROPIC_API_KEY, etc.)
 # These are filtered from LLM's bash subprocess by env-sanitizer extension
 if [ -n "$SECRETS" ]; then
-    eval $(echo "$SECRETS" | jq -r 'to_entries | .[] | "export \(.key)=\"\(.value)\""')
+    eval $(echo "$SECRETS" | jq -r 'to_entries | .[] | "export \(.key)=\(.value | @sh)"')
 fi
 
 # Export LLM_SECRETS (JSON) as flat env vars
 # These are NOT filtered - LLM can access these (browser logins, skill API keys, etc.)
 if [ -n "$LLM_SECRETS" ]; then
-    eval $(echo "$LLM_SECRETS" | jq -r 'to_entries | .[] | "export \(.key)=\"\(.value)\""')
+    eval $(echo "$LLM_SECRETS" | jq -r 'to_entries | .[] | "export \(.key)=\(.value | @sh)"')
 fi
 
 # Git setup - derive identity from GitHub token