stack/packages/cli
Bilal Godil a2590be68e fix(cli): fall back to installed CLI when npx auto-update fails
`hexclave dev` re-execs through `npx <pkg>@latest` to pick up the latest
dashboard. If that npx run failed (npm error, blocked download, lock
contention, offline) it exited nonzero and `maybeReexecToLatest` propagated
the code via process.exit, killing `hexclave dev` even though a perfectly good
CLI was already installed.

This bites users behind a package firewall (e.g. Socket Firewall on Replit),
which blocks the @hexclave/cli download and surfaces as `npm error
Lock compromised` (ECOMPROMISED) from npx's own cache lock.

Use a startup-marker handshake to tell apart an npx/install failure (our CLI
never ran -> fall back to the installed CLI) from a genuine nonzero exit of
the wrapped command (our CLI ran -> propagate). The marker only needs file
create/exists, so it's robust on sandboxed/networked filesystems. If the
marker can't be created we keep the old always-propagate behavior.

decidePostReexec + signalReexecStartedIfChild are pure and unit-tested.
2026-06-16 14:18:26 -07:00
..
scripts feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 2026-06-03 18:57:09 -07:00
src fix(cli): fall back to installed CLI when npx auto-update fails 2026-06-16 14:18:26 -07:00
.eslintrc.cjs feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 2026-06-03 18:57:09 -07:00
package.json chore: update package versions 2026-06-16 19:32:53 +00:00
tsconfig.json feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 2026-06-03 18:57:09 -07:00
tsdown.config.ts feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 2026-06-03 18:57:09 -07:00
vitest.config.ts feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 2026-06-03 18:57:09 -07:00