diff --git a/Dockerfile b/Dockerfile index e6a6f26..f510c3d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -255,9 +255,17 @@ RUN set -eux; \ # build pulls latest, which is non-reproducible and skips the patch # auto-merge gate. # renovate: datasource=npm depName=@anthropic-ai/claude-code -ARG CLAUDE_CODE_VERSION=2.1.133 +ARG CLAUDE_CODE_VERSION=2.1.139 # renovate: datasource=npm depName=@openai/codex -ARG OPENAI_CODEX_VERSION=0.129.0 +ARG OPENAI_CODEX_VERSION=0.130.0 + +# Disable Claude Code's runtime auto-updater. Version is pinned via the +# ARG above and bumped by Renovate PRs, not at runtime — that matches +# the rest of the codex-shell pinning model. The auto-updater also can't +# succeed inside the container anyway (npm rename within /usr/bin/ +# requires root, which the agent user is not), so leaving it enabled +# just produces a noisy banner at TUI startup. +ENV DISABLE_AUTOUPDATER=true # Install as root (writes to /usr/lib/node_modules), then chown the # scope directory + entrypoint symlink to uid/gid 10001 so the agent # user can run `npm install -g` for auto-updates without EACCES on the diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh index 91fe3ef..4112074 100644 --- a/bin/entrypoint.sh +++ b/bin/entrypoint.sh @@ -93,7 +93,11 @@ claude) INSTRUCTIONS_LINK="${AGENT_CONFIG_DIR}/CLAUDE.md" # Continue the most recent session; fall back to fresh claude if # none exists, then bash if claude exits. - AGENT_LAUNCH_CMD='claude --continue 2>/dev/null || claude; exec bash -l' + # --dangerously-skip-permissions: the pod is the sandbox boundary, + # and the agent is meant to operate without per-tool approval + # prompts. Without this flag every session has to re-enable it + # manually post-restart, which breaks unattended task execution. + AGENT_LAUNCH_CMD='claude --dangerously-skip-permissions --continue 2>/dev/null || claude --dangerously-skip-permissions; exec bash -l' mkdir -p "${AGENT_CONFIG_DIR}" # Claude Code uses interactive `/login` on first connect; credentials