PyPI - optio-opencode - Versions diffs - 0.1.8__tar.gz → 0.1.9__tar.gz - Mend

optio-opencode 0.1.8tar.gz → 0.1.9tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: optio-opencode
-Version: 0.1.8
+Version: 0.1.9
 Summary: Run opencode web as an optio task; local subprocess or remote via SSH.
 Author-email: Kristof Csillag <kristof.csillag@deai-labs.com>
 License-Expression: Apache-2.0

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "optio-opencode"
-version = "0.1.8"
+version = "0.1.9"
 description = "Run opencode web as an optio task; local subprocess or remote via SSH."
 readme = "README.md"
 license = "Apache-2.0"

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/src/optio_opencode/session.py RENAMED Viewed

@@ -483,6 +483,24 @@ async def _capture_snapshot(
     opencode_executable: str = "opencode",
     session_blob_encrypt: "Callable[[bytes], bytes] | None" = None,
 ) -> None:
+    # Defense-in-depth (guard #2): refuse to capture a resumable snapshot
+    # unless opencode's auth.json exists and is non-empty on the host. A
+    # credential-less workdir is degenerate — restoring it would relaunch
+    # opencode with no auth, so marking it resumable is worse than useless.
+    # (Live-reach is already covered by the session_id is not None gate at
+    # the call site; this covers the bad/empty-seed edge.)
+    workdir = host.workdir.rstrip("/")
+    chk = await host.run_command(
+        f"test -s {shlex.quote(workdir)}/home/.local/share/opencode/auth.json "
+        f"&& echo OK || true"
+    )
+    if "OK" not in chk.stdout:
+        _LOG.warning(
+            "snapshot capture skipped: opencode auth.json absent/empty; "
+            "refusing to mark resumable"
+        )
+        return
     session_json = await host_actions.opencode_export(
         host, opencode_db, session_id,
         opencode_executable=opencode_executable,

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/src/optio_opencode.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: optio-opencode
-Version: 0.1.8
+Version: 0.1.9
 Summary: Run opencode web as an optio task; local subprocess or remote via SSH.
 Author-email: Kristof Csillag <kristof.csillag@deai-labs.com>
 License-Expression: Apache-2.0

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/tests/test_session_blob_hooks.py RENAMED Viewed

@@ -99,6 +99,11 @@ async def test_capture_writes_through_session_blob_encrypt(monkeypatch):
         yield b"workdir-bytes"
     fake_host = MagicMock()
     fake_host.archive_workdir = _fake_archive
+    # Satisfy the snapshot-capture defense-in-depth guard: it runs a
+    # `test -s .../auth.json && echo OK` probe on the host and refuses to
+    # capture unless the output contains "OK".
+    fake_host.workdir = "/work"
+    fake_host.run_command = AsyncMock(return_value=MagicMock(stdout="OK\n"))
     await _capture_snapshot(
         fake_ctx, fake_host,

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/tests/test_session_local.py RENAMED Viewed

@@ -92,6 +92,21 @@ def _config(scenario: str, deliverable_cb=None, raises: bool = False) -> Opencod
     )
+async def _plant_auth_json(hook_ctx) -> None:
+    """before_execute hook: plant a non-empty opencode auth.json in the workdir.
+    The snapshot-capture defense-in-depth guard refuses to mark a session
+    resumable unless ``home/.local/share/opencode/auth.json`` exists and is
+    non-empty on the host, so capture-expecting tests must plant credentials
+    the same way a real seeded launch would.
+    """
+    await hook_ctx.run_on_host(
+        "mkdir -p home/.local/share/opencode && "
+        "printf '{\"anthropic\": {\"type\": \"api\", \"key\": \"sk-test\"}}' "
+        "> home/.local/share/opencode/auth.json"
+    )
 @pytest.fixture(autouse=True)
 def _supply_scenario(monkeypatch):
     """Substitute fake_opencode.py for the real opencode binary.
@@ -596,11 +611,14 @@ async def test_session_local_supports_resume_true_captures_snapshot(
     ctx_and_captures, _supply_scenario, tmp_workdir,
 ):
     """With supports_resume=True (default), a snapshot IS captured."""
+    import dataclasses
     from optio_opencode.snapshots import SESSION_SNAPSHOT_COLLECTION_SUFFIX
     ctx, _, _ = ctx_and_captures
     _supply_scenario["name"] = "happy"
-    cfg = _config("happy")  # default supports_resume=True
+    # Plant auth.json so the snapshot-capture defense-in-depth guard permits
+    # capture; without credentials it would refuse to mark resumable.
+    cfg = dataclasses.replace(_config("happy"), before_execute=_plant_auth_json)
     await run_opencode_session(ctx, cfg)
     coll_name = f"{ctx._prefix}{SESSION_SNAPSHOT_COLLECTION_SUFFIX}"

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/tests/test_session_resume.py RENAMED Viewed

@@ -121,9 +121,30 @@ async def _make_ctx(mongo_db, process_id: str, *, resume: bool):
     return ctx, proc["_id"]
-async def _run_one_cycle(mongo_db, process_id: str, resume: bool) -> None:
+async def _plant_auth_json(hook_ctx) -> None:
+    """before_execute hook: plant a non-empty opencode auth.json in the workdir.
+    The snapshot-capture defense-in-depth guard refuses to mark a session
+    resumable unless ``home/.local/share/opencode/auth.json`` exists and is
+    non-empty on the host. Capture-expecting tests must therefore plant a
+    credentials file the same way a real seeded launch would, mirroring how
+    claudecode tests plant ``.credentials.json``.
+    """
+    await hook_ctx.run_on_host(
+        "mkdir -p home/.local/share/opencode && "
+        "printf '{\"anthropic\": {\"type\": \"api\", \"key\": \"sk-test\"}}' "
+        "> home/.local/share/opencode/auth.json"
+    )
+async def _run_one_cycle(
+    mongo_db, process_id: str, resume: bool, *, plant_auth: bool = True,
+) -> None:
     ctx, _ = await _make_ctx(mongo_db, process_id, resume=resume)
-    cfg = OpencodeTaskConfig(consumer_instructions=f"(scenario: happy {process_id})")
+    cfg = OpencodeTaskConfig(
+        consumer_instructions=f"(scenario: happy {process_id})",
+        before_execute=_plant_auth_json if plant_auth else None,
+    )
     await run_opencode_session(ctx, cfg)
@@ -142,6 +163,27 @@ async def test_terminal_flow_captures_snapshot_and_wipes_workdir(mongo_db, task_
     assert not wd.exists() or not any(wd.iterdir())
+async def test_no_auth_json_refuses_to_capture_snapshot(mongo_db, task_root):
+    """Defense-in-depth: a normal launch (session_id created) but with NO
+    opencode auth.json on the host must NOT capture a snapshot or mark the
+    process resumable. Guards against marking a degenerate, credential-less
+    workdir as resumable.
+    """
+    pid = "oc_no_auth_1"
+    await _run_one_cycle(mongo_db, pid, resume=False, plant_auth=False)
+    snap = await load_latest_snapshot(mongo_db, prefix="test", process_id=pid)
+    assert snap is None
+    count = await mongo_db[f"test{SESSION_SNAPSHOT_COLLECTION_SUFFIX}"].count_documents(
+        {"processId": pid}
+    )
+    assert count == 0
+    proc = await mongo_db["test_processes"].find_one({"processId": pid})
+    assert proc.get("hasSavedState") is not True
 async def test_resume_creates_second_snapshot(mongo_db, task_root):
     pid = "oc_resume_1"
     await _run_one_cycle(mongo_db, pid, resume=False)

{optio_opencode-0.1.8 → optio_opencode-0.1.9}/tests/test_session_seed.py RENAMED Viewed

@@ -330,6 +330,10 @@ async def test_auto_start_posts_on_fresh_and_not_on_resume(
     await run_opencode_session(ctx_fresh, OpencodeTaskConfig(
         consumer_instructions="(scenario: happy)",
         auto_start=True,
+        # Plant auth.json so the snapshot-capture defense-in-depth guard does
+        # not refuse to mark this resumable; otherwise the resume leg would
+        # fall back to a fresh launch and POST the kickoff prompt again.
+        before_execute=_plant_env,
     ))
     assert len(posts) == 1
     posted_session_id, posted_message = posts[0]
@@ -341,6 +345,7 @@ async def test_auto_start_posts_on_fresh_and_not_on_resume(
     await run_opencode_session(ctx_resume, OpencodeTaskConfig(
         consumer_instructions="(scenario: happy)",
         auto_start=True,
+        before_execute=_plant_env,
     ))
     assert len(posts) == 1, posts