npm - yolocage - Versions diffs - 0.1.1 → 0.1.3 - Mend

yolocage 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/config.js CHANGED Viewed

@@ -54,8 +54,13 @@ function normalize(raw) {
     ? path.resolve(raw.config_dir)
     : td.configDirHost;
-  // bind_dirs (replace): if the user set it, use ONLY those + the
-  // workspace + the config_dir. If unset, generate the type defaults.
+  // bind_dirs (replace): if the user set it, use ONLY those. If unset,
+  // generate the type defaults — workspace, config dir, and any
+  // type-declared single-file mounts (e.g. claude's ~/.claude.json).
+  // The bind_dirs=… semantic is documented as a full replace, so the
+  // type-default file mounts get dropped along with the dir defaults
+  // if the user opts in to bind_dirs. extra_bind_dirs= remains the
+  // append-style escape hatch for adding mounts back on top.
   let bindDirs;
   if (Array.isArray(raw.bind_dirs) && raw.bind_dirs.length > 0) {
     bindDirs = raw.bind_dirs.map(parseBindSpec);
@@ -64,6 +69,17 @@ function normalize(raw) {
       { host: workspace, container: '/workspace', mode: 'rw' },
       { host: configDirHost, container: td.configDirContainer, mode: 'rw' },
     ];
+    // Type-declared single-file binds. Tagged `kind: 'file'` so
+    // lib/docker.js can touch them into existence at exec time —
+    // docker auto-creates an empty *directory* on the host when the
+    // path is missing (long-standing footgun), which breaks the
+    // mount on the container side. Side-effect kept out of this
+    // pure-data layer so tests don't write to the operator's $HOME.
+    for (const f of td.extraHostFiles || []) {
+      bindDirs.push({
+        host: f.host, container: f.container, mode: 'rw', kind: 'file',
+      });
+    }
   }
   const extraBindDirs = (raw.extra_bind_dirs || []).map(parseBindSpec);

package/lib/docker.js CHANGED Viewed

@@ -10,8 +10,30 @@
 'use strict';
+const fs = require('fs');
+const path = require('path');
 const { spawnSync, execFileSync } = require('child_process');
+// Touch any bind specs tagged `kind: 'file'` into existence on the host.
+// `docker run -v <host>:<container>` auto-creates an empty DIRECTORY
+// at the host path when it's missing (long-standing footgun); single-
+// file binds (e.g. claude's ~/.claude.json) need an actual file there
+// or the mount goes wrong. No-op for paths that already exist; no-op
+// for entries without the `kind: 'file'` tag. Best-effort: an EACCES
+// or similar isn't fatal — docker will surface its own error later.
+function materializeFileBinds(spec) {
+  for (const b of spec.bindDirs || []) {
+    if (b.kind !== 'file') continue;
+    if (fs.existsSync(b.host)) continue;
+    try {
+      fs.mkdirSync(path.dirname(b.host), { recursive: true });
+      fs.writeFileSync(b.host, '', { mode: 0o600 });
+    } catch (_e) {
+      // swallow — surface as docker's own error if it matters
+    }
+  }
+}
 let _sudoChecked = false;
 let _useSudo = false;
 let _noticePrinted = false;
@@ -75,6 +97,7 @@ function _printNoticeOnce(stderr) {
 //   { argv: [...], cmd: [...] }   for piping into spawnSync(argv[0], argv.slice(1).concat(cmd))
 function buildRunArgs(spec, opts) {
   opts = opts || {};
+  materializeFileBinds(spec);
   const args = ['run'];
   if (opts.rm !== false) args.push('--rm');
   if (opts.interactive !== false) args.push('-it');

package/lib/types.js CHANGED Viewed

@@ -27,11 +27,27 @@ const TYPE_DEFAULTS = {
     image: 'ghcr.io/jlamendo/yolocage-claude:latest',
     configDirHost: path.join(HOME, '.claude'),
     configDirContainer: '/home/agent/.claude',
-    // --continue auto-resumes the most recent in-cwd conversation; harmless on
-    // first run (claude falls back to a fresh session). With per-cwd persistent
-    // cages, this is what the operator wants by default — `yc claude` always
-    // either resumes or starts fresh, never re-introduces itself mid-project.
-    cmd: ['claude', '--continue', '--dangerously-skip-permissions'],
+    // claude-code reads config from BOTH `~/.claude/` (directory, project
+    // sessions + backups) AND `~/.claude.json` (file, anchored auth +
+    // global config). The dir is the `configDir*` mount above; the
+    // file lives at the same level outside the dir, so it needs its
+    // own bind. Without this, the container starts with no auth and
+    // the CLI prompts the operator to log in fresh every cage.
+    // (`extraHostFiles` is touched into existence at normalize time if
+    // missing on the host, so a never-logged-in operator gets an empty
+    // host file that claude-code populates on first sign-in.)
+    extraHostFiles: [
+      { host: path.join(HOME, '.claude.json'), container: '/home/agent/.claude.json' },
+    ],
+    // Default to a fresh interactive session. We used to pass --continue
+    // here on the assumption that it was a no-op on the first run; in
+    // current claude-code versions --continue exits with "No conversation
+    // found to continue" instead of falling back, which made the very
+    // first `yc claude` in a fresh cwd kick the operator straight back
+    // out. Operators who want resume can pass it via `yc claude --
+    // --continue` (everything after `--` is appended to the in-container
+    // argv via `passthrough`).
+    cmd: ['claude', '--dangerously-skip-permissions'],
   },
   codex: {
     v0: true,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "yolocage",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Sandboxed claude-code / codex container with built-in egress credential scrubber. Run AI coding agents in --dangerously-skip-permissions mode with a safety net.",
   "license": "MIT",
   "author": "yolocage contributors",