Lines 1-34javascript
2// anon-pi CLI: the THIN impure launch path. Parses grammar A (pure
3// parseLaunchArgs), reads config.json / machine.json + resolves the machine,
4// composes the LaunchIntent, resolves the RunPlan (pure resolveRunPlan), decides
5// run-vs-start against real netcage for `--keep`, and spawns netcage with
6// inherited stdio (so -it is a real interactive TTY), propagating the exit code.
8// All the DECISIONS live in the pure module (anon-pi.ts); this file only does
9// I/O: fs reads/mkdirs, the netcage query, the spawn, and the TTY discipline.
10// The forced-egress invariant is the RunPlan's guarantee: the composed argv
11// ALWAYS carries --proxy + the one --allow-direct; the CLI never strips or adds
13import { existsSync, mkdirSync, readdirSync, readFileSync, rmSync, writeFileSync, } from 'node:fs';
14import { readSync } from 'node:fs';
15import { spawnSync, execFileSync } from 'node:child_process';
16import { join, dirname, resolve } from 'node:path';
17import { AnonPiError, HELP, MODELS_FILE, SETTINGS_FILE, SETTINGS_SEED_FILE, SEED_MARKER, DEFAULT_MACHINE, envFromProcess, buildMenuChoiceList, buildMenuEntries, builtinProjectsRoot, deriveProjectUsage, expandTilde, findingsFromNetcageDetect, processNoteFromNetcageDetect, resolveNetcageGraphroot, globalModelsSeedPath, globalSettingsSeedPath, machineAgentDir, machineDir, machineHomeDir, machineJsonPath, machineModelsSeedPath, machineSessionsDir, mergeModelSelection, resolveModelsSeedPath, resolveSettingsSeedPath, validateName, resolveDeleteHome, resolveDeleteProject, parseConfigJson, parseLaunch ...
18// The netcage label anon-pi stamps its launch-identity key onto (keptContainerKey)
19// so a `--keep` re-entry can find and `netcage start` the same kept container.
20// netcage's `netcage.managed` label marks it a managed container; this adds the
21// anon-pi identity ON TOP (netcage's label IS the registry; anon-pi adds no file).
22const ANON_PI_KEY_LABEL = 'anon-pi.key';
24 const args = argv.slice(2);
25 // `--version`/`-V` prints anon-pi's own version and exits (before the launch
26 // grammar, so it is never parsed as a project/flag). For pi's version inside
27 // the jail, forward it: `anon-pi pi --version`.
28 if (args[0] === '--version' || args[0] === '-V') {
29 process.stdout.write(`anon-pi ${anonPiVersion() ?? '(unknown)'}\n`);
32 // The global `--help`/`-h` prints the top-level HELP, EXCEPT when the first
33 // token is a subcommand that owns its own `--help` (so `anon-pi init --help`
34 // and `anon-pi machine --help` show THEIR help, not the global one). Those
Long lines were clipped for display.