PR #1903 fixed a pipe buffer deadlock in awsCli() by draining both
stdout and stderr before awaiting proc.exited. The same pattern existed
in runServerCapture() across 4 cloud providers and waitForCloudInit()
across 3 providers. If SSH produces >64KB of stderr, the child blocks
writing to the full pipe while the parent blocks waiting for exit.
Fixes: hetzner, aws, digitalocean, gcp — 7 locations total.
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
- Always show instance size picker (remove SPAWN_CUSTOM gate) so users
can choose bigger instances instead of silently defaulting to nano
- Add 1GB swap in cloud-init so curl installer doesn't get OOM-killed
on 512MB nano instances
- Set N_PREFIX=$HOME/.n in installClaudeCode so the Node.js fallback
via `n` works as non-root (ubuntu user can't write to /usr/local/n)
- Add $HOME/.n/bin to Claude Code PATH so node is found after fallback
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com>
SSH scans every byte for ~ escape sequences by default, adding
per-keystroke overhead. Disable this for interactive agent sessions
where escape sequences aren't needed. Also add AddressFamily=inet
to skip IPv6 resolution stalls.
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: L <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com>
* fix: run bun in foreground in DigitalOcean scripts to unfreeze interactive prompts
The _run_with_restart function backgrounded bun with `& + wait` so a SIGTERM
trap could forward the signal. But backgrounding removes bun from the terminal's
foreground process group, which prevents @clack/prompts multiselect from entering
raw mode — arrow keys print as raw escape sequences (^[[A^[[B) and the SSH key
selection prompt freezes.
Fix: run bun in the foreground and detect SIGTERM from exit code 143 (128+15)
instead of using a trap flag + PID tracking. This preserves the restart-on-signal
behavior while giving bun full terminal access for interactive prompts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: replace @clack/prompts multiselect with /dev/tty picker for SSH keys
When the CLI (parent bun) spawns bash → child bun for cloud scripts,
the parent's event loop keeps fd 0 registered and races with the child's
@clack/prompts for terminal input. This causes the SSH key multiselect
to render but freeze — arrow keys print as raw escape sequences.
Fix: add multiPickToTTY() in picker.ts that opens /dev/tty directly,
bypassing process.stdin entirely. Replace the @clack/prompts multiselect
in ssh-keys.ts with this new function. Also add process.stdin.unref()
to prepareStdinForHandoff() so the parent stops polling fd 0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* perf: disable SSH compression for interactive sessions
Compression=yes adds per-keystroke CPU overhead that causes
noticeable input lag on normal connections. Only beneficial
on slow/high-latency links.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: drain piped stderr before awaiting process exit to prevent deadlock
Awaiting `proc.exited` before reading piped stderr causes a deadlock when
the child process writes enough stderr output to fill the OS pipe buffer
(~64KB). The process blocks waiting for the buffer to drain, but we never
drain it because we're waiting for the process to exit first.
Fix sprite/sprite.ts (createSprite, uploadFileSprite) and aws/aws.ts
(awsCli) to start draining stderr before awaiting exit, matching the
established pattern in gcp/gcp.ts and shared/ssh.ts.
Agent: code-health
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: apply biome format fixes to pass CI
Agent: team-lead
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
The standard SSH path in cmdEnterAgent() interpolated remoteCmd into a
single-quoted bash -lc wrapper without escaping embedded single quotes.
If launch_cmd (from history.json) or the manifest's launch/pre_launch
fields contained a single quote, the shell quoting would break, allowing
unintended command execution on the remote server.
The Fly.io path already had this escaping (PR #1880, #1893) but the
generic SSH fallback did not. This adds the same replace(/'/g, "'\\''")
pattern used everywhere else in the codebase.
Agent: security-auditor
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
The isValidManifest copy in manifest-cache-lifecycle.test.ts was already
out of sync with the real implementation (missing typeof check,
!Array.isArray guard, and "in" operator checks added since the copy was
made). Export the real function and import it so tests break when the
source changes.
Also remove the CSRF state generation describe block from do-oauth.test.ts —
it tested an inline copy of a private function, not the real source.
Agent: test-engineer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Move shared biome.json from lint/ to repo root so it's the single root
config. Nested configs (packages/cli, .claude/skills/setup-spa) get
`"root": false` via `biome migrate`. This fixes lint failing when run
from the repo root.
Co-authored-by: lab <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* ci: add Mock Tests job to satisfy required status check
Split the unit-tests job into mock-tests (runs bun test) and unit-tests
(verifies cloud bundles build). The repo ruleset requires "Mock Tests",
"Unit Tests", and "Biome Lint" checks — the missing "Mock Tests" job was
blocking all PR merges.
Fixes#1901
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* style: fix pre-existing Biome format issues in 9 files
Auto-applied Biome formatter to src/ to resolve failing "Biome Lint"
required status check. No logic changes — formatting only.
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
E2E tests now run as a 4th teammate alongside test-runner,
dedup-scanner, and code-quality-reviewer during schedule-triggered
QA cycles. The standalone e2e mode is preserved for on-demand use.
- Add e2e-tester teammate to qa-quality-prompt.md
- Increase quality mode timeout from 35 to 40 min
- Add "e2e" to trigger-server valid reasons
- Re-enable daily schedule in qa.yml, default to "schedule"
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
JSON.stringify double-quoting caused two bugs in the restart wrapper:
1. Literal \n instead of newlines (bash doesn't interpret \n in "...")
2. Shell variables ($vars) expanded to empty strings before script ran
Affected clouds: fly, gcp, hetzner, digitalocean, aws.
Daytona already had the correct single-quote escaping.
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
The `packages/shared/src/type-guards.ts` file had 4 `biome-ignore lint/plugin:`
comments that were ineffective because the shared package does not configure the
GritQL plugin in its biome config. Biome reported these as `suppressions/unused`
warnings. Removing them brings the shared package to zero lint warnings.
Fixes#1889
Agent: code-health
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Using Node's child_process.spawn() to launch interactive SSH/shell sessions
from inside a Bun process adds unnecessary overhead: an extra process fork,
PTY negotiation indirection, and a forced Bun→Node stdio context switch.
Switch all interactiveSession() functions to Bun.spawn() with
stdio: ["inherit","inherit","inherit"], which hands off file descriptors
directly without forking a Node wrapper process.
Also removes the 500ms hardcoded sleep in orchestrate.ts that was a
band-aid for the old child_process handoff latency. The synchronous
prepareStdinForHandoff() is sufficient on its own.
Affected clouds: hetzner, aws, gcp, digitalocean, fly, daytona, sprite, local
Also fixes runInteractiveCommand() in commands.ts (spawn connect).
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat: add live input/output E2E verification for agents
The E2E suite previously only verified static artifacts (binaries, config
files, env vars). An agent with a broken API key or crash-on-launch bug
would pass all checks. This adds an input test phase that sends a real
prompt to each agent and verifies the response contains a marker string.
- Add fly_ssh_long() with configurable timeout for long-running commands
- Add per-agent input test functions (claude -p, codex -q, openclaw -p,
zeroclaw agent -p; opencode/kilocode skip as TUI-only)
- Add run_input_test() dispatcher with SKIP_INPUT_TEST env var support
- Add --skip-input-test CLI flag to fly-e2e.sh
- Chain input test after verify in run_single_agent() pipeline
- Add INPUT_TEST_TIMEOUT constant (default 120s, env-overridable)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: format p.text({ message }) to multi-line for biome
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix: correct CLI entry point path in E2E provision script
The path resolution went up 2 levels (../../) from sh/e2e/lib/ which
landed in sh/ instead of the repo root. After the monorepo restructure,
packages/cli/src/index.ts is at the repo root — need 3 levels (../../..).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: format p.text({ message }) to multi-line for biome
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Set SPAWN_NAME_KEBAB alongside SPAWN_NAME in runBash/runBashHeadless
so cloud scripts (DO, Fly, AWS, etc.) skip their redundant name prompts
- Call prepareStdinForHandoff() before spawnBash() to clean up stdin
state left by @clack/prompts, preventing child process hangs
- Race prompt() against stdin close event so it rejects with an error
instead of hanging forever when stdin dies unexpectedly
- Bump CLI version to 0.10.5
Fixes#1884
Agent: code-health
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
GCP instance creation was failing with 'Invalid value for field
resource.networkInterfaces[0].subnetwork' when the project VPC uses
custom subnet mode. Add --network and --subnet flags defaulting to
'default', with GCP_NETWORK and GCP_SUBNET env var overrides for
custom VPC setups.
Fixes#1882
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
The SSH key multiselect (@clack/prompts) creates and destroys its own
readline interface on stdin. Due to Bun #1707, subsequent Node readline
interfaces silently receive an immediate "close" event — causing the
model selection prompt to exit the process without reading input.
Fix: replace the readline-based prompt() with p.text() from @clack/prompts,
so all stdin interactions use the same library and never trigger the bug.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Replace JSON.stringify double-quoting with single-quote escaping for the
cmd argument in interactiveSession(). Double-quoted strings in bash allow
$() and ${} expansion, making the previous pattern vulnerable to injection
if cmd ever contained shell metacharacters. Single-quoted strings prevent
ALL shell expansion, matching the defense-in-depth approach Fly already uses.
Fixes#1879
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
When bun is freshly installed, rc file patching only takes effect
in new shells. Strengthen the post-install PATH export to include
both hard-coded $HOME/.bun/bin and $HOME/.local/bin alongside
$BUN_INSTALL/bin, so bun and spawn are available in the current
execution context immediately after install.
Fixes#1874
Agent: ux-engineer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: remove broken clone_cli() — go straight to pre-built binary
The clone_cli() function (added before the monorepo migration, PR #1853)
only fetches top-level .ts files via the GitHub Contents API. Since the
monorepo reorganised source code into subdirectories (aws/, fly/, hetzner/,
shared/, etc.), clone_cli() silently downloads an incomplete source tree.
bun run build then always fails because cross-directory imports cannot
resolve, and the installer falls through to the pre-built binary anyway.
Every install was burning ~12 unnecessary GitHub API requests (rate-limited
at 60/hr for unauthenticated clients) and several seconds of wasted bun
install + failed build time.
Fix: remove clone_cli() entirely, replace build_and_install() with a
direct binary download. Behaviour is identical for all users (binary path
was already the universal outcome); installs are now faster and cheaper on
the API rate limit.
Agent: code-health
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* test: update install.sh tests for simplified binary-only installer
Remove tests for clone_cli() and source builds which were removed in
the parent commit. Add tests verifying the direct binary download
approach and asserting that the old clone/build code is gone.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* style: fix biome format errors in commands.ts and duplicate-detection test
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
SPA now searches both open and closed issues for keyword matches before
filing. If a closed issue matches, it verifies the fix is still in the
codebase before deciding to skip, reopen, or create new.
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When `spawn <agent> <cloud> --name "foo"` is run and an active instance
named "foo" already exists for that agent + cloud, cmdRun now checks
getActiveServers() after resolving the spawn name. On a match it shows
a warning and presents the same action picker the user gets from
`spawn ls` (Enter agent / SSH / Spawn a new VM / Delete), instead of
silently provisioning a duplicate VM.
When "Spawn a new VM" is chosen from the picker, SPAWN_NAME is cleared
so the user is prompted for a fresh name, preventing an infinite
duplicate-detection loop.
Bumps CLI to 0.10.3.
Fixes#1864
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
The linter was running in CI with --warn-only, meaning it never
blocked anything — effectively vaporware. This removes --warn-only
to make it a real gate.
Also adds rules for bash 4.0+ features that were documented in
CLAUDE.md but not enforced:
- MC014: readarray/mapfile (bash 4.0+)
- MC015: coproc (bash 4.0+)
- MC016: &>> redirect (bash 4.0+)
- MC017: relative source paths (breaks curl|bash)
- MC018: wait -n (bash 4.3+)
- MC019: declare -g (bash 4.2+)
Excludes .claude/worktrees/ from scanning (temp copies, not
committed code).
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- `shared/*.sh` → `sh/shared/*.sh` (scripts moved to sh/ directory)
- Remove hardcoded `test/record.sh`, `test/mock.sh`, `test/e2e.sh`,
`test/run.sh` references — the old `test/` directory at repo root
no longer exists. Replace with general guidance pointing to the
current file structure (`sh/`, `packages/cli/src/`, etc.)
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
The project is ESM-only ("type": "module") and CLAUDE.md bans
require(). All 9 `const { homedir } = require("node:os")` calls
replaced with a single top-level `import { homedir } from "node:os"`.
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: clean up SPA code — extract helpers, use isString, DRY Slack calls
helpers.ts:
- Extract parseAssistantEvent/parseUserEvent/formatToolHint from parseStreamEvent
- Eliminate redundant second scans for toolName and isError (captured during loop)
- Use isString() from @openrouter/spawn-shared instead of typeof checks
- Split long node:fs import across multiple lines
main.ts:
- Extract postOrUpdate() to DRY the post-vs-update pattern (was 3 copy-paste blocks)
- Add SlackClient type alias (replaces 4x InstanceType<typeof App>["client"])
- Remove unused Mapping import
- Inline REQUIRED_VARS into for loop
- Rename currentMsgTs → msgTs
- Tighten formatting throughout
spa.test.ts:
- Remove unused beforeEach import
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: add biome config to SPA, fix all lint/format, add PostToolUse hook
- Add biome.json extending lint/biome.json (2-space indent, 120 line width,
useBlockStatements, expand:always, etc.)
- Fix all 36 useBlockStatements violations (braceless if/continue/return)
- Fix all format issues (line width, expand, trailing commas)
- Add biome lint+format to PostToolUse hook — runs automatically on any
.ts file edit when a biome.json is found in the file's directory
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* style: enforce separated type imports via biome useImportType
Add `style: "separatedType"` to the base biome config's useImportType
rule. This enforces `import type { T }` on its own line instead of
mixing `type` into value imports (`import { type T, foo }`).
Auto-fixed 21 violations across CLI (18) and SPA (3).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When an agent process dies on a cloud VM (SIGTERM, OOM, crash), it now
automatically restarts after 5 seconds, up to 10 times. Clean exits
(code 0) break out immediately. Local execution is unaffected.
Fixes#1860
Agent: code-health
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Agent processes on DigitalOcean droplets were dying silently on SIGTERM
with no logging or recovery. This adds:
- SIGTERM trap handler that logs signal, timestamp, and dashboard URL
- SIGHUP trap handler for terminal disconnection
- Restart loop with exponential backoff (up to 3 attempts) on SIGTERM
- Child process forwarding so bun receives the signal cleanly
Replaces bare `exec bun run` with a managed foreground process that
the shell can monitor and restart.
Fixes#1859
Agent: ux-engineer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: add swap space before ZeroClaw install to prevent OOM on nano instances
ZeroClaw's Rust compilation gets OOM-killed on nano_3_0 (512 MB) — build
fails at a random dependency each run. Add ensureSwapSpace() that creates
a 1 GB swap file before running the installer:
- Idempotent: skips silently if swap already exists
- Non-fatal: logs a warning if sudo fails (larger instances won't need it)
- Timeout bumped from 5 min to 10 min (swap-backed builds are slower)
- Defense-in-depth: --prefer-prebuilt avoids compilation in the common
case, but fallback source builds still need memory
Fixes#1840
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: add input validation to ensureSwapSpace() to prevent command injection
Validate sizeMb is a positive integer before interpolating into shell
commands, as requested in security review.
Agent: pr-maintainer
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: convert Markdown to Slack mrkdwn in SPA assistant output
Claude Code outputs standard Markdown but Slack uses its own mrkdwn
format. Add markdownToSlack() converter that handles:
- **bold** → *bold* (Slack uses single asterisks)
- [text](url) → <url|text> (Slack link format)
-  → <url|alt> (image links)
- ## Headers → *Headers* (bold line)
- ~~strike~~ → ~strike~ (strikethrough)
Code blocks (```) and inline code (`) are preserved untouched.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: use slackify-markdown library for Markdown→Slack conversion
Replace hand-rolled markdownToSlack() with the slackify-markdown
package (179K weekly downloads, actively maintained). Handles bold,
links, headers, strikethrough, code blocks, tables, blockquotes,
and more edge cases than a custom regex approach.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
All 6 Hetzner agent scripts silently ignored bun installation failures.
Now matches the robust pattern used by every other cloud (aws, fly, gcp,
digitalocean, daytona, local, sprite): prints status, exits on curl failure,
and verifies bun is available after install.
Fixes#1854
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* refactor: split SPA into helpers + main, add build script and tests
Split slack-bot.ts into helpers.ts (pure functions) and main.ts (entry
point) for testability. Add build.ts to bundle SPA into spa.js. Add
spa.test.ts with 19 tests covering stream parsing and text helpers.
Improved streaming: tool_use and tool_result events get their own Slack
messages instead of concatenating everything into one. Prompt is passed
via stdin to avoid CLI flag parsing issues with user content.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* chore: drop build.ts — run main.ts directly via bun
Bun runs TypeScript natively, no bundling step needed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: move Result monad to shared, add Claude Code fixtures, use Result in SPA
- Move Result type/Ok/Err from packages/cli/src/shared/result.ts to
packages/shared/src/result.ts and re-export from @openrouter/spawn-shared
- Update CLI imports (ui.ts) to use the shared package
- Add fixtures/claude-code/ with realistic stream-json events covering
all event types (assistant text, tool_use, user tool_result, result)
- Refactor SPA helpers to return Result<T> instead of throwing/returning null:
loadState() → Result<State>, saveState() → Result<void>,
downloadSlackFile() → Result<string>, addMapping() → Result<void>
- Update main.ts call sites to handle Result returns
- Update SPA tests to import events from fixtures and test Result returns
- Bump CLI version 0.10.0 → 0.10.1
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: biome format issues in aws.test.ts, aws.ts, daytona.ts
Expand inline objects/arrays to multi-line format to satisfy biome
formatter rules. No logic changes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Restructure the repo as a Bun workspace monorepo:
- Move cli/ → packages/cli/
- Create packages/shared/ (@openrouter/spawn-shared) with type-guards and parse utilities
- Add root package.json with workspace configuration
- Update all CLI imports to use @openrouter/spawn-shared
- Deduplicate toRecord/toObjectArray helpers from 4 cloud modules
- Update SPA (slack-bot) to use shared package instead of local toObj()
- Update 48 agent shell scripts for new packages/cli/ path
- Update install.sh, install.ps1, e2e, and test scripts
- Update all GitHub workflows, .gitignore, pre-commit hooks
- Update CLAUDE.md, README.md, and skill prompt references
- Pin all dependency versions (no ^ ranges)
- Bump CLI version 0.9.1 → 0.10.0
All 1908 tests pass. Lint clean. All 8 cloud bundles build.
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds an "Existing PR Check" guard to refactor-issue-prompt.md that
runs before the fix workflow. If a PR already exists for the issue:
- Open PR: review it (run tests, approve or comment) instead of
creating a duplicate
- Merged PR with open issue: verify the fix shipped and close the
issue, or note the prior attempt if a new fix is needed
- No PR: proceed normally
Co-authored-by: lab <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After a successful interactive credential entry, credentials are now
saved to ~/.config/spawn/aws.json (chmod 600). On the next run, cached
credentials are loaded and validated before prompting again.
Supports --reauth flag / SPAWN_REAUTH=1 to force fresh credential entry.
Fixes#1841
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Adds a Prerequisites section to sh/aws/README.md (updated path after
shell scripts reorganization in #1843) with the Lightsail activation
URL as the first step
- Surfaces the Lightsail activation URL in createInstance error hints
for both CLI and REST paths so users get actionable guidance on failure
- Bumps CLI to 0.9.1
Fixes#1838
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* refactor: move test fixtures to root /fixtures directory
Moves test/fixtures/ → fixtures/ at the repo root for easier
discoverability. Updates all references in CLAUDE.md and QA
prompt files.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: move install.ps1 to sh/cli/ and fixtures to root
- Moves cli/install.ps1 → sh/cli/install.ps1 (consistent with install.sh)
- Moves test/fixtures/ → fixtures/ at the repo root
- Updates all references in README, CLAUDE.md, QA prompts, and the ps1 itself
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: lab <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reorganizes the project so all shell scripts live under a dedicated
/sh directory, enabling the OpenRouter rewrite URL to point at /sh/
instead of the repository root.
Moves:
- cli/install.sh → sh/cli/install.sh
- shared/*.sh → sh/shared/*.sh
- {cloud}/{agent}.sh → sh/{cloud}/{agent}.sh (48 scripts)
- {cloud}/README.md → sh/{cloud}/README.md
- e2e/*.sh → sh/e2e/*.sh
- test/macos-compat.sh → sh/test/macos-compat.sh
- test/fixtures/**/*.sh → sh/test/fixtures/**/*.sh
Updates all references:
- RAW_BASE path construction in commands.ts, update-check.ts
- GitHub auth URL in agent-setup.ts
- Self-referencing URLs in install.sh, github-auth.sh
- CI workflow paths in lint.yml, cli-release.yml
- Test file paths in install-script-validation, manifest-integrity
- Documentation in README.md, cli/README.md, CLAUDE.md
- QA scripts in .claude/skills/
Co-authored-by: lab <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The pinned scripts/install.sh is deprecated and does `git clone --depth 1`
of the latest ZeroClaw main branch, pulling in commit 63f485e which added
leak_detector.rs with Rust 2021 edition string literal errors.
Fix by switching to scripts/bootstrap.sh (the canonical installer) and
adding --prefer-prebuilt so ZeroClaw installs from a pre-built release
binary instead of compiling from source. The v0.1.6 release binary was
compiled before the problematic code was merged.
Fixes#1829
Agent: issue-fixer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: route `spawn <cloud>` to cloud info in interactive TTY mode
When a user runs `spawn digitalocean` in interactive mode, the CLI was
treating "digitalocean" as an agent name, producing "Unknown agent: digitalocean".
This broke the error message in credential checks which tells users to
"Run spawn <cloud> for setup instructions."
Fix: Before routing a single argument to `cmdAgentInteractive`, check if
it resolves to a cloud name and route to `cmdCloudInfo` instead. This
matches documented behavior (`spawn <cloud>` = show available agents).
Fixes#1830
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: expand stdout/stderr mock objects to pass Biome format check
The node:child_process mock had stdout and stderr property values
on single lines, which Biome's formatter requires to be expanded
to multi-line object style.
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: install openclaw with npm instead of bun to fix gateway plugin loading
The OpenClaw gateway daemon runs on Node.js, but openclaw was being
installed via `bun install -g`. Bun and Node use incompatible module
resolution strategies, causing channel plugins (Telegram, Discord, etc.)
to silently fail to load at gateway startup.
Switch both install paths to `npm install -g openclaw` so the daemon's
Node runtime can resolve its dependencies correctly.
Fixes#1828
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: apply biome formatting to commands-update-download.test.ts
The file was added in #1831 without passing Biome's format check.
Auto-formatted with `bunx @biomejs/biome format --write`.
Agent: issue-fixer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* fix: use bun install/runtime for openclaw instead of npm
npm install is broken on target VMs. Switch all openclaw install
commands back to bun and remove npm prefix from gateway PATH.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
Claude Code emits complete messages, not Anthropic streaming deltas:
- {"type":"assistant","message":{"content":[...]}} for text + tool_use
- {"type":"user","message":{"content":[{"type":"tool_result",...}]}}
- {"type":"result","session_id":"..."}
The old code looked for stream_event/content_block_delta which is the
raw Anthropic API format — Claude Code wraps these into full messages.
Also shows tool input hints (command, pattern, file_path) alongside
the tool name for better context in Slack.
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The "should handle update failure gracefully" test triggered a real
execSync("curl -fsSL .../install.sh | bash") via performUpdate() when
the mocked remote version differed from the current version. In isolation
this completes in ~5s, but under full-suite concurrency (52 files, 1897
tests) network contention caused it to timeout at 58267ms — far exceeding
the 5000ms limit. This also violated CLAUDE.md: "no subprocess spawning".
Also mock spawn() used by spawnBash() for cmdRun tests, firing the "close"
event immediately (exit code 0) so Promise-based callers resolve without
hanging. Result: 1897 pass, 0 fail, full suite runs in 3.15s.
Agent: test-engineer
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
- Stream all Claude Code events (tool calls, results, text) to Slack
- Add --verbose flag required by stream-json output format
- Use named import { App } from @slack/bolt (Bun compatibility)
- Only respond to @mentions, not every thread reply
- Download Slack files/images to /tmp/spa-downloads/{threadTs}/
- Hourly cleanup of stale downloads (30+ days) with persisted timestamp
- System prompt reads .github/ISSUE_TEMPLATE/ for issue title format
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add Slack issue bot for #proj-spawn
Socket Mode bot that listens for @mentions in a configured Slack channel,
files GitHub issues via `gh` CLI, and syncs thread replies as issue comments.
State persisted to ~/.config/spawn/slack-issues.json.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: rewrite Spawnis to pipe threads into Claude Code sessions
- @mention triggers Claude Code with full thread as prompt
- Subsequent thread replies in tracked threads auto-trigger new runs
- System prompt focuses on GitHub issue management via `gh` CLI
- Streams Claude Code responses back to Slack in real-time
- Bot resolves own user ID at startup to skip self-messages
- Adds slack-manifest.yml for one-click Slack app creation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: lowercase display name to spawnis
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: rename to SPA — Spawn Processes Autonomously
Display name: spa
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: SPA — Spawn's Personal Agent
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: lowercase app name to Spa
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: add biome config and fix lint/format to match CLI rules
Adds local biome.json mirroring cli/biome.json rules (minus GritQL
plugins). Fixes all useBlockStatements errors and applies expand:always
formatting to match the project style.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: share biome config via root biome.json + extends
Move shared linter rules, formatter, and JS formatter settings to a
root-level biome.json. Both cli/ and .claude/skills/slack-bot/ extend
from it — CLI adds its GritQL plugins and test overrides, slack-bot
just overrides includes and disables VCS.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: move GritQL lint rules to repo root lint/
Move no-type-assertion.grit and no-typeof-string-number.grit from
cli/lint/ to lint/ at the repo root. Both cli/ and slack-bot share
the no-type-assertion rule; cli/ additionally uses no-typeof-string-number.
Plugin paths live in each child biome.json (not root) because biome
resolves plugin paths relative to the consumer config, not the extended
config.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: move shared biome.json into lint/
All shared lint config now lives under lint/:
lint/biome.json
lint/no-type-assertion.grit
lint/no-typeof-string-number.grit
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: add no-banner-comments lint rule, fix slack-bot
GritQL can't match comments (they're trivia in biome's CST), so this
is a Bun script at lint/no-banner-comments.ts that catches decorative
// --------- separator blocks and suggests /** Section */ or #region.
Replace all 9 banner blocks in slack-bot.ts with /** */ headers.
Usage: bun run lint/no-banner-comments.ts [files...]
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: use // #region instead of /** */ section headers
Switch slack-bot.ts to // #region / // #endregion for all section
markers (collapsible in most editors). Update no-banner-comments lint
script to recommend #region as the preferred style.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: replace lint script with PostToolUse hook for banner comments
Move banner comment detection into the existing PostToolUse hook on
Write|Edit in .claude/settings.json. Runs inline on every .ts file
edit — no separate bun script needed. Delete lint/no-banner-comments.ts.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: simplify Slack manifest description
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* refactor: rename skill from slack-bot to setup-spa
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: use named import for @slack/bolt App class
Bun resolves `import App from "@slack/bolt"` as the App constructor
directly, not a module with a `.default` property. Switch to named
import `{ App }` and remove all `.default` usage.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: add --verbose flag required by stream-json output format
Claude Code requires --verbose when using --output-format=stream-json
with --print. Also fix systemd PATH to include ~/.local/bin for claude.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: stream all Claude Code events to Slack (tools, results, text)
Replace text-only streaming with full event parsing:
- Tool use: shows 🛠️ *ToolName*
- Tool result: shows truncated output in code block
- Text delta: accumulates as before
- Errors: shows ❌ prefix
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: enforce issue title templates in system prompt
Add mandatory bracket prefix format matching the repo's issue templates:
[Bug]:, [CLI]:, [Agent]:, [Cloud]:, [Team]:. Also instructs Claude to
apply matching labels (bug + pending-review, cli + enhancement, etc.).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: reference issue templates at runtime instead of hardcoding
Tell Claude to read .github/ISSUE_TEMPLATE/ for the correct title
prefix, labels, and fields rather than hardcoding them in the prompt.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude <claude@anthropic.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
