fix(cli): host fingerprint v2 — survive Mac restarts (1.34.17)
v1's sha256(host_id || mac) used the lex-first non-virtual interface's MAC — usually en0 on Wi-Fi Macs, whose MAC Apple's privacy feature re-randomizes across reboots. After a restart the recomputed hash no longer matched the stored one and the daemon entered a launchd respawn loop until manual `claudemesh daemon accept-host`. v2 reads IOPlatformUUID via ioreg on macOS (burned into EFI, stable), rejects locally-administered MACs in the picker, extends the ignored- interface list with anpi/bridge/ap[N], and prepends "v2\0" to the hash so v1 and v2 hashes can never collide on the same inputs. Migration is silent: a stored v1 fingerprint that still matches under the v1 algorithm is transparently rewritten as v2 with no error; v1 stores that fail v1 are reported as genuine mismatches as before; unknown future schema_versions return `unavailable` without overwriting. Drive-by fixes for two pre-existing test-infra papercuts found while validating: turbo's `test` task now depends on `build`, and a new vitest globalSetup rebuilds the CLI on demand with ~/.bun/bin and Homebrew layered into PATH — golden tests (whoami, --version) no longer fail opaquely after a clean checkout. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Alejandro Gutiérrez
@@ -4,6 +4,10 @@ import { resolve } from "node:path";
|
||||
export default defineConfig({
|
||||
test: {
|
||||
include: ["tests/**/*.test.ts", "src/**/*.test.ts"],
|
||||
// Builds the CLI on demand when `dist/entrypoints/cli.js` is
|
||||
// missing or older than its sources. Required by the golden
|
||||
// tests in `tests/golden/` which spawn the built artifact.
|
||||
globalSetup: ["tests/setup/ensure-built.ts"],
|
||||
alias: {
|
||||
"~": resolve(__dirname, "src"),
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user