feat(deva): persist containers and refresh container management

.gitignore

@@ -1,6 +1,8 @@
 # Created by https://www.toptal.com/developers/gitignore/api/node
 # Edit at https://www.toptal.com/developers/gitignore?templates=node
 
+*.bak
+
 ### Node ###
 # Logs
 logs

DEV-LOGS.md

@@ -13,6 +13,15 @@
 - Minimal markdown markers, no unnecessary formatting, minimal emojis.
 - Reference issue numbers in the format `#<issue-number>` for easy linking.
 
+# [2025-09-30] Dev Log: Persistent container reuse with tmux-style UX (#108)
+- Why: Per-invocation containers were slow, stateless, and clobbered each other; we wanted tmux-like persistence.
+- What:
+  - Container naming settles on `deva-<parent>-<project>` for the shared instance and `--rm` for throwaway runs, avoiding cross-repo collisions.
+  - Subcommands (`ps`, `attach`, `shell`, `stop`, `rm`, `clean`) mirror docker/tmux; smart auto-select handles the single-container case; `attach` boots an agent, `shell` drops into zsh.
+  - Global mode (`-g`) exposes containers outside the current tree while keeping local defaults sane; lifecycle keeps containers detached but exec-ready.
+  - Cleanup: removed Linux-only flock, dead attach helpers, and stray comments to stay shellcheck-clean without breaking macOS.
+- Result: Containers now persist per project with faster warm starts, intuitive control flow, and no platform regressions.
+
 # [2025-09-23] Dev Log: Multi-auth design for deva framework
 - Why: Port mature multi-auth system from claude.sh to support different AI providers (Anthropic, OpenAI, AWS, Google, GitHub) across all agents.
 - What:

Dockerfile

@@ -1,5 +1,4 @@
 # syntax=docker/dockerfile:1.4
-
 # deva.sh - Docker Image
 # Provides a fully isolated Claude Code environment with sensible development tools
 
@@ -23,7 +22,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache && \
     apt-get update && \
     apt-get install -y --no-install-recommends \
-        ca-certificates curl wget git git-lfs gnupg lsb-release locales sudo \
+        ca-certificates curl wget git git-lfs gnupg lsb-release locales tzdata sudo \
         software-properties-common build-essential pkg-config libssl-dev \
         unzip zip bzip2 xz-utils tini gosu less man-db \
         python3-dev libffi-dev \
@@ -53,15 +52,32 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     apt-get install -y --no-install-recommends nodejs && \
     apt-get -y clean && rm -rf /var/lib/apt/lists/*
 
-RUN --mount=type=cache,target=/root/.npm,sharing=locked \
-    npm install -g npm@latest pnpm copilot-api@latest && \
-    npm cache clean --force
-
+# Install bun runtime before building Copilot API fork
 RUN curl -fsSL https://bun.sh/install | bash && \
     ln -s /root/.bun/bin/bun /usr/local/bin/bun
 
+# Install Copilot API branch with GPT-5 Codex responses support (PR #119 from caozhiyuan fork)
+# Pinned to specific commit for reproducibility and security
+ARG COPILOT_API_REPO=https://github.com/caozhiyuan/copilot-api.git
+ARG COPILOT_API_BRANCH=feature/gpt-5-codex
+ARG COPILOT_API_COMMIT=HEAD
+
+RUN --mount=type=cache,target=/root/.npm,sharing=locked \
+    npm install -g npm@latest pnpm && \
+    git clone --branch "${COPILOT_API_BRANCH}" "${COPILOT_API_REPO}" /tmp/copilot-api && \
+    cd /tmp/copilot-api && \
+    git checkout "${COPILOT_API_COMMIT}" && \
+    git log --oneline -5 && \
+    bun install --frozen-lockfile && bun run build && \
+    cd /tmp && npm install -g --ignore-scripts /tmp/copilot-api && \
+    rm -rf /tmp/copilot-api && \
+    npm cache clean --force
+
 RUN curl -LsSf https://astral.sh/uv/install.sh | sh
 
+# Pre-install Python 3.14t (free-threaded) for uv
+RUN /root/.local/bin/uv python install 3.14t
+
 RUN --mount=type=cache,target=/tmp/go-cache,sharing=locked \
     ARCH=$(dpkg --print-architecture) && \
     GO_ARCH=$([ "$ARCH" = "amd64" ] && echo "amd64" || echo "arm64") && \
@@ -138,14 +154,29 @@ RUN mkdir -p "$DEVA_HOME/.npm-global" && \
 
 # Set npm configuration for deva user and install CLI tooling
 USER $DEVA_USER
-ARG CLAUDE_CODE_VERSION=1.0.115
-ARG CODEX_VERSION=0.36.0
-RUN npm config set prefix "$DEVA_HOME/.npm-global" && \
-    npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION} @mariozechner/claude-trace @openai/codex@${CODEX_VERSION} && \
-    npm cache clean --force
+ARG CLAUDE_CODE_VERSION
+ARG CODEX_VERSION
+
+# Record key tool versions as labels for quick inspection
+LABEL org.opencontainers.image.claude_code_version=${CLAUDE_CODE_VERSION}
+LABEL org.opencontainers.image.codex_version=${CODEX_VERSION}
+
+# Speed up npm installs and avoid noisy audits/funds prompts
+ENV NPM_CONFIG_AUDIT=false \
+    NPM_CONFIG_FUND=false
+
+# Use BuildKit cache for npm to speed up repeated builds
+RUN --mount=type=cache,target=/home/deva/.npm,uid=${DEVA_UID},gid=${DEVA_GID},sharing=locked \
+    npm config set prefix "$DEVA_HOME/.npm-global" && \
+    npm install -g --no-audit --no-fund \
+        @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION} \
+        @mariozechner/claude-trace \
+        @openai/codex@${CODEX_VERSION} && \
+    npm cache clean --force && \
+    npm list -g --depth=0 @anthropic-ai/claude-code @openai/codex || true
 
 # Install Go tools for Atlassian integration (Confluence/Jira/Bitbucket)
-RUN go install github.com/lroolle/atlas-cli/cmd/atl@main && \
+RUN go install github.com/lroolle/atlas-cli/cmd/atl@5f6a20c4d164bf6fe6f5c60f9ac12dfccf210758 && \
     sudo mv $HOME/go/bin/atl /usr/local/bin/
 
 RUN git clone --depth=1 https://github.com/ohmyzsh/ohmyzsh "$DEVA_HOME/.oh-my-zsh" && \
@@ -159,6 +190,10 @@ RUN echo 'export ZSH="$HOME/.oh-my-zsh"' > "$DEVA_HOME/.zshrc" && \
     echo 'source $ZSH/oh-my-zsh.sh' >> "$DEVA_HOME/.zshrc" && \
     echo 'export PATH=$HOME/.local/bin:$HOME/.npm-global/bin:$HOME/go/bin:/usr/local/go/bin:$PATH' >> "$DEVA_HOME/.zshrc"
 
+# Pre-install uv for deva user and warm Python 3.14t
+RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \
+    $DEVA_HOME/.local/bin/uv python install 3.14t
+
 USER root
 
 COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

Dockerfile.rust

@@ -1,5 +1,4 @@
 # syntax=docker/dockerfile:1.4
-
 # deva.sh - Rust Developer Image
 # Extends main deva image with Rust toolchain and ecosystem tools
 

Makefile

@@ -7,16 +7,47 @@ RUST_DOCKERFILE := Dockerfile.rust
 MAIN_IMAGE := $(IMAGE_NAME):$(TAG)
 RUST_IMAGE := $(IMAGE_NAME):$(RUST_TAG)
 CONTAINER_NAME := deva-$(shell basename $(PWD))-$(shell date +%s)
-CLAUDE_CODE_VERSION := 1.0.119
-CODEX_VERSION := 0.39.0
+CLAUDE_CODE_VERSION := $(shell npm view @anthropic-ai/claude-code version 2>/dev/null || echo "2.0.1")
+CODEX_VERSION := $(shell npm view @openai/codex version 2>/dev/null || echo "0.42.0")
 
 export DOCKER_BUILDKIT := 1
 
 .DEFAULT_GOAL := help
 
 .PHONY: build
-build:
+build: build-all
+
+.PHONY: build-main
+build-main:
 	@echo "🔨 Building Docker image with $(DOCKERFILE)..."
+	@if command -v npm >/dev/null 2>&1; then \
+		echo "🔎 Resolving latest versions from npm..."; \
+	else \
+		echo "ℹ npm not found; using defaults/fallbacks"; \
+	fi
+	@# Inspect existing image labels; print direct diff lines
+	@prev_claude=$$(docker inspect --format='{{ index .Config.Labels "org.opencontainers.image.claude_code_version" }}' $(MAIN_IMAGE) 2>/dev/null || true); \
+	 prev_codex=$$(docker inspect --format='{{ index .Config.Labels "org.opencontainers.image.codex_version" }}' $(MAIN_IMAGE) 2>/dev/null || true); \
+	 fmt() { v="$$1"; if [ -z "$$v" ] || [ "$$v" = "<no value>" ]; then echo "-"; else case "$$v" in v*) echo "$$v";; *) echo "v$$v";; esac; fi; }; \
+	 curC=$$(fmt "$$prev_claude"); curX=$$(fmt "$$prev_codex"); \
+	 tgtC=$$(fmt "$(CLAUDE_CODE_VERSION)"); tgtX=$$(fmt "$(CODEX_VERSION)"); \
+		 if [ "$$curC" = "$$tgtC" ] && [ "$$curX" = "$$tgtX" ]; then \
+		   echo "Claude: $$tgtC (no change)"; \
+		   echo "Codex:  $$tgtX (no change)"; \
+		   echo "Already up-to-date"; \
+		 else \
+		   if [ "$$curC" = "$$tgtC" ]; then \
+		     echo "Claude: $$tgtC (no change)"; \
+		   else \
+		     echo "Claude: $$curC -> $$tgtC"; \
+		   fi; \
+		   if [ "$$curX" = "$$tgtX" ]; then \
+		     echo "Codex:  $$tgtX (no change)"; \
+		   else \
+		     echo "Codex:  $$curX -> $$tgtX"; \
+		   fi; \
+		 fi
+	@echo "Hint: override via CLAUDE_CODE_VERSION=... CODEX_VERSION=... or run 'make bump-versions' to pin"
 	docker build -f $(DOCKERFILE) --build-arg CLAUDE_CODE_VERSION=$(CLAUDE_CODE_VERSION) --build-arg CODEX_VERSION=$(CODEX_VERSION) -t $(MAIN_IMAGE) .
 	@echo "✅ Build completed: $(MAIN_IMAGE)"
 
@@ -36,7 +67,7 @@ build-rust:
 .PHONY: build-all
 build-all:
 	@echo "🔨 Building all images with versions: Claude $(CLAUDE_CODE_VERSION), Codex $(CODEX_VERSION)..."
-	@$(MAKE) build CLAUDE_CODE_VERSION=$(CLAUDE_CODE_VERSION) CODEX_VERSION=$(CODEX_VERSION)
+	@$(MAKE) build-main CLAUDE_CODE_VERSION=$(CLAUDE_CODE_VERSION) CODEX_VERSION=$(CODEX_VERSION)
 	@$(MAKE) build-rust BASE_IMAGE=$(MAIN_IMAGE)
 	@echo "✅ All images built successfully"
 
@@ -72,6 +103,17 @@ buildx-multi-local:
 		-t $(MAIN_IMAGE) .
 	@echo "✅ Multi-arch build completed locally: $(MAIN_IMAGE)"
 
+.PHONY: bump-versions
+bump-versions:
+	@./scripts/bump-versions.sh
+
+.PHONY: versions
+versions:
+	@CLAUDE_CODE_VERSION=$(CLAUDE_CODE_VERSION) \
+	 CODEX_VERSION=$(CODEX_VERSION) \
+	 MAIN_IMAGE=$(MAIN_IMAGE) \
+	 ./scripts/version-report.sh
+
 .PHONY: clean
 clean:
 	@echo "🧹 Cleaning up Docker artifacts..."
@@ -191,13 +233,16 @@ help:
 	@echo "Usage: make [target]"
 	@echo ""
 	@echo "Available targets:"
-	@echo "  build                Build main Docker image"
+	@echo "  build                Build all images (auto-detects latest npm versions)"
+	@echo "  build-main           Build main Docker image only"
 	@echo "  build-rust           Build Rust Docker image"
-	@echo "  build-all            Build all images"
+	@echo "  build-all            Build all images (main + rust)"
 	@echo "  rebuild              Rebuild without cache"
 	@echo "  buildx               Build with buildx"
 	@echo "  buildx-multi         Build multi-arch and push"
 	@echo "  buildx-multi-rust    Build multi-arch Rust and push"
+		@echo "  versions             Show version status (current/built)"
+		@echo "  bump-versions        Pin Makefile to latest npm versions"
 	@echo "  test                 Test main image"
 	@echo "  test-rust            Test Rust image"
 	@echo "  shell                Open shell in container"
@@ -218,8 +263,9 @@ help:
 	@echo "  CODEX_VERSION        Codex CLI version (default: $(CODEX_VERSION))"
 	@echo ""
 	@echo "Examples:"
-	@echo "  make build                                    # Build main image"
-	@echo "  make build-rust                               # Build Rust image"
-	@echo "  make DOCKERFILE=$(RUST_DOCKERFILE) build         # Build with specific Dockerfile"
-	@echo "  make TAG=dev build-all                        # Build all with custom tag"
-	@echo "  make CLAUDE_CODE_VERSION=1.0.117 build       # Build with specific Claude version"
+	@echo "  make build                                    # Build all images with latest versions"
+	@echo "  make build-main                               # Build main image only"
+	@echo "  make build-rust                               # Build Rust image only"
+	@echo "  make TAG=dev build                            # Build all with custom tag"
+	@echo "  make CLAUDE_CODE_VERSION=2.0.5 build          # Override with specific version"
+	@echo "  make versions                                 # Check current versions"