@agentbridge1/cli 0.0.1

package/dist/commands/check.js

@@ -0,0 +1,283 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildStaleProofPrompt = buildStaleProofPrompt;
+exports.renderAcceptanceReport = renderAcceptanceReport;
+exports.runCheck = runCheck;
+const config_1 = require("../config");
+const errors_1 = require("../errors");
+const acceptance_preflight_1 = require("../acceptance-preflight");
+const work_context_resolver_1 = require("../work-context-resolver");
+const operator_snapshot_1 = require("../operator-snapshot");
+const proof_guidance_1 = require("../proof-guidance");
+const memory_context_render_1 = require("../memory-context-render");
+const acceptance_block_1 = require("../acceptance-block");
+function resolveNetworkContext() {
+    const cfg = (0, config_1.readConfig)();
+    const projectId = process.env.AGENTBRIDGE_PROJECT_ID ?? cfg.projectId;
+    const apiKey = process.env.AGENTBRIDGE_API_KEY ?? cfg.apiKey ?? "";
+    const apiBaseUrl = process.env.AGENTBRIDGE_BASE_URL ?? cfg.apiBaseUrl ?? "https://agentauth-api-production.up.railway.app";
+    if (!projectId) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_PROJECT_ID. Set AGENTBRIDGE_PROJECT_ID (or run `agentbridge init --project ...`).");
+    }
+    if (!apiKey) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_API_KEY. Provide --api-key, set AGENTBRIDGE_API_KEY, or save apiKey in .agentbridge/config.json.");
+    }
+    return { projectId, apiKey, apiBaseUrl };
+}
+function mark(proof, presentSet) {
+    return `${presentSet.has(proof) ? "[present]" : "[missing]"} ${proof}`;
+}
+function renderNoActiveSessionGuidance(input) {
+    const lines = [
+        "No active tracked work session found.",
+        `Existing project: ${input.projectId ? "yes" : "no"}`,
+        "Next action:",
+        "- run agentbridge watch to start/resume work",
+        "- or resolve work context/start a scoped session",
+    ];
+    if (input.lastAcceptedSessionId) {
+        const suffix = input.lastAcceptedAt ? ` (${input.lastAcceptedAt})` : "";
+        lines.push(`Last accepted session: ${input.lastAcceptedSessionId}${suffix}`);
+        lines.push("Next: agentbridge watch");
+    }
+    return lines.join("\n");
+}
+function buildStaleProofPrompt(report) {
+    const staleFiles = report.stale_files ?? [];
+    const files = staleFiles.length > 0
+        ? staleFiles.join(", ")
+        : report.evidence_missing.length > 0
+            ? report.evidence_missing.join(", ")
+            : report.changed_files.join(", ") || "changed files";
+    return [
+        "Verification is stale — files changed after the last passing proof.",
+        `Affected: ${files}`,
+        "Run `agentbridge verify --command \"<your test command>\"` to refresh proof before handoff or accept.",
+    ].join("\n");
+}
+function renderAcceptanceReport(report) {
+    const lines = [];
+    lines.push(`Current work: ${report.work_session_id}${report.change_request_id ? ` (CR ${report.change_request_id})` : ""}`);
+    lines.push(`Detected work type: ${report.detected_work_type}`);
+    lines.push(`Changed files: ${report.changed_files.length}`);
+    if (report.changed_files.length > 0) {
+        lines.push(`Changed file list: ${report.changed_files.join(", ")}`);
+    }
+    lines.push(`Scope status: ${report.scope_status}`);
+    lines.push(`Boundary status: ${report.boundary_status}`);
+    lines.push("Required proof:");
+    const presentSet = new Set(report.evidence_present);
+    for (const proof of report.required_proof) {
+        lines.push(`  - ${mark(proof, presentSet)}`);
+    }
+    lines.push(`Known traps: ${report.known_traps.length > 0 ? report.known_traps.join(" | ") : "none"}`);
+    if (report.memory_overlay) {
+        const overlay = report.memory_overlay;
+        if (!overlay.enabled) {
+            const reason = overlay.disabled_reason ?? "unknown";
+            lines.push(`Memory overlay: disabled (${reason})`);
+        }
+        else if (overlay.warnings.length === 0) {
+            const domains = overlay.source_domains.length > 0 ? overlay.source_domains.join(", ") : "none";
+            lines.push(`Memory overlay: clean (domains: ${domains})`);
+        }
+        else {
+            lines.push("Memory overlay (memory-derived, advisory):");
+            for (const warning of overlay.warnings) {
+                lines.push(`  - [${warning.code}] ${warning.domain}: ${warning.message}`);
+                if (warning.excerpt) {
+                    lines.push(`      ${warning.excerpt}`);
+                }
+            }
+        }
+        if (overlay.disclaimer) {
+            lines.push(overlay.disclaimer);
+        }
+    }
+    const memoryContextLines = (0, memory_context_render_1.renderMemoryContextLines)(report.memory_context);
+    if (memoryContextLines.length > 0) {
+        lines.push("");
+        lines.push(...memoryContextLines);
+    }
+    lines.push("Evidence:");
+    if (report.verification_runs.length === 0) {
+        lines.push("  - none recorded");
+    }
+    else {
+        const freshRuns = report.verification_runs.filter((run) => !run.stale);
+        const staleRuns = report.verification_runs.filter((run) => run.stale);
+        lines.push("  Fresh:");
+        if (freshRuns.length === 0) {
+            lines.push("  - none");
+        }
+        else {
+            for (const run of freshRuns) {
+                lines.push(`  - [${run.status}] ${run.command}`);
+            }
+        }
+        lines.push("  Stale:");
+        if (staleRuns.length === 0) {
+            lines.push("  - none");
+        }
+        else {
+            for (const run of staleRuns) {
+                lines.push(`  - [${run.status}] ${run.command} (stale)`);
+            }
+        }
+    }
+    lines.push("Missing proof:");
+    const missingProofDetails = (0, proof_guidance_1.getMissingProofDetails)(report);
+    if (missingProofDetails.length === 0) {
+        lines.push("  - none");
+    }
+    else {
+        for (const detail of missingProofDetails) {
+            lines.push(`  - ${detail.message}`);
+            lines.push(`    why: ${detail.why}`);
+            lines.push(`    source/rule: ${detail.source_rule}`);
+            lines.push(`    recipe: ${detail.proof_recipe}`);
+            if (detail.suggested_verify) {
+                lines.push(`    suggested verify: ${detail.suggested_verify}`);
+            }
+        }
+    }
+    lines.push("Suggested verify commands:");
+    const suggested = [
+        ...missingProofDetails
+            .map((detail) => detail.suggested_verify?.trim())
+            .filter((value) => Boolean(value && value.length > 0)),
+        ...(0, proof_guidance_1.suggestVerifyCommands)(report.changed_files, report.detected_work_type),
+    ];
+    for (const command of [...new Set(suggested)]) {
+        lines.push(`  - ${command}`);
+    }
+    lines.push("Risks remaining:");
+    if (report.risks_remaining.length === 0) {
+        lines.push("  - none detected");
+    }
+    else {
+        for (const risk of report.risks_remaining) {
+            lines.push(`  - ${risk}`);
+        }
+    }
+    lines.push("Protocol warnings:");
+    if (!report.protocol_warnings || report.protocol_warnings.length === 0) {
+        lines.push("  - none");
+    }
+    else {
+        for (const warning of report.protocol_warnings) {
+            lines.push(`  - ${warning.code}: ${warning.message}`);
+        }
+    }
+    if (report.proof_quality) {
+        lines.push(`Proof quality confidence: ${report.proof_quality.confidence_level}`);
+        if (report.proof_quality.missing_robustness.length > 0) {
+            lines.push("Missing robustness:");
+            for (const item of report.proof_quality.missing_robustness) {
+                lines.push(`  - ${item}`);
+            }
+        }
+        if (report.proof_quality.warnings.length > 0) {
+            lines.push("Proof quality warnings:");
+            for (const warning of report.proof_quality.warnings) {
+                lines.push(`  - ${warning.code}: ${warning.message}`);
+            }
+        }
+    }
+    lines.push(`Decision: ${report.decision}`);
+    if (report.decision === "needs_proof") {
+        lines.push("✗ Error code: PROOF_MISSING");
+        lines.push("  What happened: No verification proof exists for this work session.");
+        lines.push("  Why it matters: Unverified work cannot be accepted — proof is required.");
+        lines.push("  Next action: Run `agentbridge verify -- <your test command>`");
+    }
+    if (report.decision === "stale_evidence") {
+        lines.push("✗ Error code: PROOF_STALE_AFTER_CHANGE");
+        lines.push("  What happened: Proof existed but files changed after verification.");
+        lines.push("  Why it matters: Stale proof does not cover recent changes — re-verification required.");
+        const files = (report.stale_files ?? []).length > 0
+            ? (report.stale_files ?? []).join(", ")
+            : report.evidence_missing.length > 0
+                ? report.evidence_missing.join(", ")
+                : report.changed_files.join(", ") || "changed files";
+        lines.push(`  Affected files: ${files}`);
+        lines.push("  Next action: Run `agentbridge verify -- <your test command>` to refresh proof.");
+        if (report.evidence_missing.length > 0) {
+            lines.push("  Files needing re-verification:");
+            for (const file of report.evidence_missing) {
+                lines.push(`    - ${file}`);
+            }
+        }
+        lines.push("Copy this back to the agent:");
+        lines.push(buildStaleProofPrompt(report));
+    }
+    if (report.out_of_scope_files && report.out_of_scope_files.length > 0) {
+        lines.push("✗ Error code: SCOPE_DRIFT_OUT_OF_SCOPE_FILE");
+        lines.push("  What happened: Files changed outside the declared work scope.");
+        lines.push("  Why it matters: Out-of-scope changes require review before acceptance.");
+        lines.push("  Out-of-scope changed files:");
+        for (const file of report.out_of_scope_files) {
+            lines.push(`    - ${file}`);
+        }
+        lines.push("  Next action: Revert/remove out-of-scope files, then rerun `agentbridge check`.");
+    }
+    if (report.decision === "needs_review" && (!report.out_of_scope_files || report.out_of_scope_files.length === 0)) {
+        lines.push("✗ Error code: ACCEPTANCE_BLOCKED");
+        lines.push("  What happened: Work session requires manual review before it can be accepted.");
+        lines.push("  Why it matters: Automated acceptance gates are not satisfied.");
+        lines.push("  Next action: Address all blocking issues listed above, then re-run `agentbridge check`.");
+    }
+    if (report.decision === "failed") {
+        lines.push("✗ Error code: ACCEPTANCE_BLOCKED");
+        lines.push("  What happened: Verification proof failed — tests or checks did not pass.");
+        lines.push("  Why it matters: Failed proof cannot be used to accept work.");
+        lines.push("  Next action: Fix the failing tests and re-run `agentbridge verify -- <your test command>`.");
+    }
+    lines.push("Next action:");
+    for (const action of report.next_required_action) {
+        lines.push(`  - ${action}`);
+    }
+    return lines.join("\n");
+}
+async function runCheck(options = {}) {
+    const ctx = resolveNetworkContext();
+    const { resolution, report } = await (0, acceptance_preflight_1.resolveAcceptanceWorkContext)(ctx);
+    const snapshot = (0, operator_snapshot_1.buildOperatorSnapshot)(resolution);
+    if (resolution.state !== "current_session_resolved" || !report) {
+        if (options.json) {
+            process.stdout.write(`${JSON.stringify({ snapshot }, null, 2)}\n`);
+            process.exitCode = 1;
+            return;
+        }
+        const cfg = (0, config_1.readConfig)();
+        const workContextLines = (0, work_context_resolver_1.renderWorkContextLines)(resolution);
+        const lines = resolution.state === "no_current_session"
+            ? [
+                ...workContextLines,
+                "",
+                renderNoActiveSessionGuidance({
+                    projectId: ctx.projectId,
+                    lastAcceptedSessionId: cfg.lastAcceptedSessionId,
+                    lastAcceptedAt: cfg.lastAcceptedAt,
+                }),
+            ]
+            : workContextLines;
+        process.stdout.write(`${lines.join("\n")}\n`);
+        process.exitCode = 1;
+        return;
+    }
+    const reportResolved = report;
+    if (options.json) {
+        process.stdout.write(`${JSON.stringify({ snapshot, acceptance_report: reportResolved }, null, 2)}\n`);
+        // Phase 6: exit 1 for blocking states even in JSON mode
+        if ((0, acceptance_block_1.shouldBlockAcceptanceAction)(reportResolved)) {
+            process.exitCode = 1;
+        }
+        return;
+    }
+    process.stdout.write(`${renderAcceptanceReport(reportResolved)}\n`);
+    // Phase 6: exit 1 for blocking states so CI pipelines can trust the exit code
+    if ((0, acceptance_block_1.shouldBlockAcceptanceAction)(reportResolved)) {
+        process.exitCode = 1;
+    }
+}

package/dist/commands/connect.js

@@ -0,0 +1,159 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runConnect = runConnect;
+const config_1 = require("../config");
+const errors_1 = require("../errors");
+const http_1 = require("../http");
+function resolveBaseUrl(override) {
+    return (override ??
+        process.env.AGENTBRIDGE_BASE_URL ??
+        "https://agentauth-api-production.up.railway.app");
+}
+async function verifyCredentials(projectId, apiKey, apiBaseUrl) {
+    const url = `${apiBaseUrl}/v1/dev/projects/${projectId}/health`;
+    let res;
+    try {
+        res = await fetch(url, {
+            method: "GET",
+            headers: {
+                Authorization: `Bearer ${apiKey}`,
+                "Content-Type": "application/json",
+            },
+        });
+    }
+    catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        throw new errors_1.SafeCliError(`Could not reach AgentBridge server at ${apiBaseUrl}.\nNetwork error: ${msg}\n\nCheck your AGENTBRIDGE_BASE_URL or internet connection.`);
+    }
+    if (res.status === 401 || res.status === 403) {
+        throw new errors_1.SafeCliError(`API key rejected (HTTP ${res.status}).\n\nGet a valid key at https://agentbridge.dev/dashboard and set AGENTBRIDGE_API_KEY.`);
+    }
+    if (res.status === 404) {
+        throw new errors_1.SafeCliError(`Project ${projectId} not found (HTTP 404).\n\nConfirm AGENTBRIDGE_PROJECT_ID is correct for this project.`);
+    }
+    if (!res.ok) {
+        const text = await res.text();
+        throw new http_1.CliHttpError(`GET ${url} failed (${res.status}): ${text || "<empty>"}`, res.status, text);
+    }
+    const body = (await res.json());
+    return {
+        projectName: body.projectName ?? projectId,
+        agentCount: Array.isArray(body.agents) ? body.agents.length : 0,
+    };
+}
+async function listAgents(projectId, apiKey, apiBaseUrl) {
+    const url = `${apiBaseUrl}/v1/dev/projects/${projectId}/agents`;
+    const res = await fetch(url, {
+        headers: { Authorization: `Bearer ${apiKey}` },
+    });
+    if (!res.ok)
+        return [];
+    const body = (await res.json());
+    return Array.isArray(body.agents) ? body.agents : [];
+}
+async function runConnect(options = {}) {
+    process.stdout.write("AgentBridge connect\n");
+    process.stdout.write("─────────────────────────────────────────\n");
+    const cfg = (0, config_1.readConfig)();
+    const projectId = options.projectId ??
+        process.env.AGENTBRIDGE_PROJECT_ID ??
+        cfg.projectId;
+    const apiKey = options.apiKey ??
+        process.env.AGENTBRIDGE_API_KEY ??
+        cfg.apiKey;
+    const apiBaseUrl = resolveBaseUrl(options.apiBaseUrl);
+    if (!projectId) {
+        process.stderr.write([
+            "",
+            "Missing project ID.",
+            "",
+            "  Option 1 — pass it directly:",
+            "    agentbridge connect --project <project-id> --api-key <key>",
+            "",
+            "  Option 2 — set env vars in your shell or .env:",
+            "    export AGENTBRIDGE_PROJECT_ID=<project-id>",
+            "    export AGENTBRIDGE_API_KEY=<key>",
+            "",
+            "  Option 3 — run the interactive setup wizard:",
+            "    agentbridge init",
+            "",
+            "Get your project ID from https://agentbridge.dev/dashboard",
+            "",
+        ].join("\n"));
+        process.exit(1);
+    }
+    if (!apiKey) {
+        process.stderr.write([
+            "",
+            "Missing API key.",
+            "",
+            "  Set AGENTBRIDGE_API_KEY in your environment:",
+            "    export AGENTBRIDGE_API_KEY=<key>",
+            "",
+            "  Or pass it directly:",
+            "    agentbridge connect --project <id> --api-key <key>",
+            "",
+            "Get an API key from https://agentbridge.dev/dashboard",
+            "",
+        ].join("\n"));
+        process.exit(1);
+    }
+    process.stdout.write(`Connecting to project ${projectId} … `);
+    let projectName;
+    let agentCount;
+    try {
+        ({ projectName, agentCount } = await verifyCredentials(projectId, apiKey, apiBaseUrl));
+    }
+    catch (err) {
+        process.stdout.write("FAILED\n");
+        throw err;
+    }
+    process.stdout.write("OK\n");
+    // Persist credentials
+    (0, config_1.updateConfig)({ projectId, apiKey, apiBaseUrl });
+    process.stdout.write("Credentials saved to .agentbridge/config.json\n");
+    // Pick or auto-select an agent identity
+    let activeAgentId = options.agentId ?? cfg.activeAgentId;
+    if (!activeAgentId) {
+        const agents = await listAgents(projectId, apiKey, apiBaseUrl);
+        if (agents.length === 1 && agents[0]) {
+            activeAgentId = agents[0].id;
+            (0, config_1.updateConfig)({ activeAgentId });
+            process.stdout.write(`Agent identity set to: ${agents[0].name ?? activeAgentId} (${activeAgentId})\n`);
+        }
+        else if (agents.length > 1) {
+            process.stdout.write("\nAvailable agent identities:\n");
+            for (const a of agents) {
+                process.stdout.write(`  ${a.id}  ${a.name ?? ""}  ${a.role ?? ""}\n`.trimEnd() + "\n");
+            }
+            process.stdout.write('\nRun `agentbridge use <agent-id>` to select one, then `agentbridge watch` to start.\n');
+        }
+    }
+    else {
+        (0, config_1.updateConfig)({ activeAgentId });
+        process.stdout.write(`Agent identity: ${activeAgentId}\n`);
+    }
+    process.stdout.write("\n");
+    process.stdout.write(`Project:  ${projectName}\n`);
+    process.stdout.write(`Agents:   ${agentCount}\n`);
+    process.stdout.write(`Server:   ${apiBaseUrl}\n`);
+    process.stdout.write("\n");
+    if (activeAgentId) {
+        process.stdout.write("✓ Connected. Next steps:\n");
+        process.stdout.write([
+            "",
+            "  1. Start a work session:",
+            "       agentbridge start --summary \"your task\" --scope \"src/\"",
+            "",
+            "  2. Run the watcher (keep it running in a terminal):",
+            "       agentbridge watch",
+            "",
+            "  3. Code normally — AgentBridge watches in the background.",
+            "     Approvals surface when you cross domain boundaries.",
+            "",
+        ].join("\n"));
+    }
+    else {
+        process.stdout.write("✓ Connected. Run `agentbridge use <agent-id>` then `agentbridge watch`.\n");
+    }
+}

package/dist/commands/dist-freshness.js

@@ -0,0 +1,105 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDistFreshnessReport = getDistFreshnessReport;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+function readJsonFile(path) {
+    if (!(0, node_fs_1.existsSync)(path))
+        return null;
+    return JSON.parse((0, node_fs_1.readFileSync)(path, "utf8"));
+}
+function collectSourceTsFiles(dir, acc = []) {
+    if (!(0, node_fs_1.existsSync)(dir))
+        return acc;
+    for (const entry of (0, node_fs_1.readdirSync)(dir, { withFileTypes: true })) {
+        if (entry.name === "node_modules" || entry.name === "dist")
+            continue;
+        const full = (0, node_path_1.resolve)(dir, entry.name);
+        if (entry.isDirectory()) {
+            collectSourceTsFiles(full, acc);
+        }
+        else if (entry.isFile() &&
+            entry.name.endsWith(".ts") &&
+            !entry.name.endsWith(".test.ts")) {
+            acc.push(full);
+        }
+    }
+    return acc;
+}
+function getTrackedSourceCandidates(cliRoot) {
+    const srcDir = (0, node_path_1.resolve)(cliRoot, "src");
+    return [
+        ...collectSourceTsFiles(srcDir),
+        (0, node_path_1.resolve)(cliRoot, "build.mjs"),
+        (0, node_path_1.resolve)(cliRoot, "..", "package.json"),
+    ];
+}
+function getDistFreshnessReport(cliRoot) {
+    const toCliRelativePath = (path) => {
+        const rel = (0, node_path_1.relative)(cliRoot, path);
+        return rel === "" ? "." : rel;
+    };
+    const buildInfoPath = (0, node_path_1.resolve)(cliRoot, "dist", "build-info.json");
+    const buildInfo = readJsonFile(buildInfoPath);
+    if (!buildInfo?.builtAt) {
+        return {
+            state: "unknown",
+            sourceNewerThanDist: "unknown",
+            reason: "build-info missing builtAt",
+            staleFiles: [],
+        };
+    }
+    const builtAtMs = Date.parse(buildInfo.builtAt);
+    if (!Number.isFinite(builtAtMs)) {
+        return {
+            state: "unknown",
+            sourceNewerThanDist: "unknown",
+            builtAt: buildInfo.builtAt,
+            gitHead: buildInfo.gitHead,
+            reason: "build-info builtAt is invalid",
+            staleFiles: [],
+            sourceLatestMtime: buildInfo.sourceLatestMtime,
+            sourceLatestFile: buildInfo.sourceLatestFile,
+        };
+    }
+    const existingCandidates = getTrackedSourceCandidates(cliRoot).filter((path) => (0, node_fs_1.existsSync)(path));
+    if (existingCandidates.length === 0) {
+        return {
+            state: "unknown",
+            sourceNewerThanDist: "unknown",
+            builtAt: buildInfo.builtAt,
+            gitHead: buildInfo.gitHead,
+            reason: "source files not available in current runtime path",
+            staleFiles: [],
+            sourceLatestMtime: buildInfo.sourceLatestMtime,
+            sourceLatestFile: buildInfo.sourceLatestFile,
+        };
+    }
+    const staleFiles = existingCandidates
+        .filter((path) => (0, node_fs_1.statSync)(path).mtimeMs > builtAtMs)
+        .map((path) => toCliRelativePath(path))
+        .sort();
+    if (staleFiles.length > 0) {
+        const sample = staleFiles.slice(0, 3).join(", ");
+        const more = staleFiles.length > 3 ? ` (+${staleFiles.length - 3} more)` : "";
+        return {
+            state: "stale",
+            sourceNewerThanDist: "yes",
+            builtAt: buildInfo.builtAt,
+            gitHead: buildInfo.gitHead,
+            reason: `source newer than build (${sample}${more})`,
+            staleFiles,
+            sourceLatestMtime: buildInfo.sourceLatestMtime,
+            sourceLatestFile: buildInfo.sourceLatestFile,
+        };
+    }
+    return {
+        state: "fresh",
+        sourceNewerThanDist: "no",
+        builtAt: buildInfo.builtAt,
+        gitHead: buildInfo.gitHead,
+        staleFiles: [],
+        sourceLatestMtime: buildInfo.sourceLatestMtime,
+        sourceLatestFile: buildInfo.sourceLatestFile,
+    };
+}