@agentbridge1/cli 0.0.1

package/dist/commands/handoff.js

@@ -0,0 +1,189 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runHandoff = runHandoff;
+exports.isNoActiveSessionHttpError = isNoActiveSessionHttpError;
+const config_1 = require("../config");
+const http_1 = require("../http");
+const errors_1 = require("../errors");
+const session_state_1 = require("../session-state");
+const server_sync_1 = require("../server-sync");
+const check_1 = require("./check");
+const operator_snapshot_1 = require("../operator-snapshot");
+const proof_guidance_1 = require("../proof-guidance");
+const acceptance_preflight_1 = require("../acceptance-preflight");
+const acceptance_block_1 = require("../acceptance-block");
+const work_context_resolver_1 = require("../work-context-resolver");
+function resolveNetworkContext() {
+    const cfg = (0, config_1.readConfig)();
+    const projectId = process.env.AGENTBRIDGE_PROJECT_ID ?? cfg.projectId;
+    const apiKey = process.env.AGENTBRIDGE_API_KEY ?? cfg.apiKey ?? "";
+    const apiBaseUrl = process.env.AGENTBRIDGE_BASE_URL ?? cfg.apiBaseUrl ?? "https://agentauth-api-production.up.railway.app";
+    if (!projectId) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_PROJECT_ID. Set AGENTBRIDGE_PROJECT_ID (or run `agentbridge init --project ...`).");
+    }
+    if (!apiKey) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_API_KEY. Provide --api-key, set AGENTBRIDGE_API_KEY, or save apiKey in .agentbridge/config.json.");
+    }
+    return { projectId, apiKey, apiBaseUrl };
+}
+function uniqueStrings(values) {
+    return [...new Set(values.map((v) => v.trim()).filter((v) => v.length > 0))];
+}
+function buildProofPrompt(report) {
+    if (report.decision === "stale_evidence" || report.completion.state === "stale_evidence") {
+        return (0, check_1.buildStaleProofPrompt)(report);
+    }
+    const missing = (0, proof_guidance_1.getMissingProofDetails)(report)
+        .map((detail) => `- ${detail.message}\n  Why: ${detail.why}`)
+        .join("\n");
+    return [
+        "Before this work can be accepted, complete the following proof items:",
+        missing || "- (no explicit missing proof listed)",
+        "",
+        "Then run:",
+        `agentbridge check`,
+    ].join("\n");
+}
+function renderHandoffAcceptanceReport(summary, report) {
+    const lines = [];
+    lines.push("HANDOFF ACCEPTANCE REPORT");
+    lines.push("----------------------------------------");
+    lines.push(`CR/session: ${report.change_request_id ?? "none"} / ${report.work_session_id}`);
+    lines.push(`Summary: ${summary}`);
+    lines.push(`Changed files: ${report.changed_files.length > 0 ? report.changed_files.join(", ") : "none"}`);
+    lines.push(`Evidence: ${report.verification_runs.length > 0
+        ? report.verification_runs.map((run) => `[${run.status}] ${run.command}${run.stale ? " (stale)" : ""}`).join(" | ")
+        : "none recorded"}`);
+    const missingDetails = (0, proof_guidance_1.getMissingProofDetails)(report);
+    lines.push(`Missing proof: ${missingDetails.length > 0 ? missingDetails.map((detail) => detail.message).join(" | ") : "none"}`);
+    lines.push(`Risks: ${report.risks_remaining.length > 0 ? report.risks_remaining.join(" | ") : "none detected"}`);
+    lines.push(`Decision: ${report.decision}`);
+    lines.push(`Next action: ${report.next_required_action.join(" | ")}`);
+    return lines.join("\n");
+}
+function renderHandoffBlocked(summary, report) {
+    process.stdout.write(`${renderHandoffAcceptanceReport(summary, report)}\n`);
+    process.stdout.write(`${(0, check_1.renderAcceptanceReport)(report)}\n`);
+    process.stdout.write(`${buildProofPrompt(report)}\n`);
+    process.exitCode = 1;
+}
+async function runHandoff(args, options = {}) {
+    if (!args.summary || args.summary.trim().length === 0) {
+        throw new errors_1.SafeCliError({
+            code: "HANDOFF_SUMMARY_REQUIRED",
+            what: "Handoff summary is required.",
+            why: "A summary is needed so reviewers understand what was done and why.",
+            next: 'Provide a summary with --summary \"<description of what was done>\" (at least 10 characters).',
+        });
+    }
+    if (args.summary.trim().length < 10) {
+        throw new errors_1.SafeCliError({
+            code: "HANDOFF_SUMMARY_TOO_SHORT",
+            what: "Handoff summary must be at least 10 characters.",
+            why: "Summaries shorter than 10 characters do not provide useful context for reviewers.",
+            next: 'Provide a more descriptive summary with --summary \"<description of what was done>\".',
+        });
+    }
+    const summary = args.summary.trim();
+    const ctx = resolveNetworkContext();
+    const { resolution, preflight, report: beforeReport } = await (0, acceptance_preflight_1.resolveAcceptanceWorkContext)(ctx);
+    if (resolution.state !== "current_session_resolved" || !beforeReport) {
+        if (options.json) {
+            const snapshot = (0, operator_snapshot_1.buildOperatorSnapshot)(resolution);
+            process.stdout.write(`${JSON.stringify({ snapshot }, null, 2)}\n`);
+            process.exitCode = 1;
+            return;
+        }
+        process.stdout.write(`${(0, work_context_resolver_1.renderWorkContextLines)(resolution).join("\n")}\n`);
+        process.exitCode = 1;
+        return;
+    }
+    const binding = (0, work_context_resolver_1.requireWorkContextBinding)(resolution, "handoff");
+    const preSyncedChangedFiles = preflight.observedFiles;
+    if ((0, acceptance_block_1.shouldBlockAcceptanceAction)(beforeReport)) {
+        if (options.json) {
+            const snapshot = (0, operator_snapshot_1.buildOperatorSnapshot)(resolution);
+            process.stdout.write(`${JSON.stringify({
+                snapshot,
+                blocked: true,
+                acceptance_report: beforeReport,
+            }, null, 2)}\n`);
+            process.exitCode = 1;
+            return;
+        }
+        renderHandoffBlocked(summary, beforeReport);
+        return;
+    }
+    const commandsRun = uniqueStrings(beforeReport.verification_runs.map((run) => run.command));
+    const state = (0, session_state_1.readSessionState)();
+    const domainsTouched = uniqueStrings([
+        state?.laneDomain ?? "",
+        ...state?.crossings.map((crossing) => crossing.domain ?? "") ?? [],
+    ]);
+    const changedFiles = uniqueStrings([
+        ...preSyncedChangedFiles,
+        ...beforeReport.changed_files,
+    ]);
+    await (0, server_sync_1.postHandoff)(ctx, {
+        summary,
+        changedFiles: changedFiles.length > 0 ? changedFiles : ["(no changed files captured)"],
+        commandsRun: commandsRun.length > 0 ? commandsRun : ["no verification command recorded"],
+        domainsTouched: domainsTouched.length > 0 ? domainsTouched : ["general"],
+        reviewRequired: beforeReport.boundary_status !== "clean" || beforeReport.decision === "needs_review",
+        risksRemaining: args.risksRemaining ?? null,
+        workSessionId: binding.workSessionId,
+    });
+    const { report } = await (0, acceptance_preflight_1.resolveAcceptanceWorkContext)(ctx);
+    const afterReport = report ?? beforeReport;
+    if (options.json) {
+        const snapshot = (0, operator_snapshot_1.buildOperatorSnapshot)({
+            ...resolution,
+            binding: {
+                workSessionId: afterReport.work_session_id,
+                changeRequestId: afterReport.change_request_id ?? null,
+                report: afterReport,
+            },
+            resolvedServerSessionId: afterReport.work_session_id,
+            resolvedChangeRequestId: afterReport.change_request_id ?? null,
+        });
+        process.stdout.write(`${JSON.stringify({
+            snapshot,
+            handoff: {
+                summary,
+                work_session_id: afterReport.work_session_id,
+                change_request_id: afterReport.change_request_id ?? null,
+                changed_files: changedFiles,
+                commands_run: commandsRun,
+                domains_touched: domainsTouched,
+                risks_remaining: args.risksRemaining ?? null,
+                decision: afterReport.decision,
+                next_required_action: afterReport.next_required_action,
+            },
+        }, null, 2)}\n`);
+        if ((0, acceptance_block_1.shouldBlockAcceptanceAction)(afterReport)) {
+            process.exitCode = 1;
+        }
+        return;
+    }
+    process.stdout.write(`${renderHandoffAcceptanceReport(summary, afterReport)}\n`);
+    process.stdout.write(`${(0, check_1.renderAcceptanceReport)(afterReport)}\n`);
+    if ((0, acceptance_block_1.shouldBlockAcceptanceAction)(afterReport)) {
+        process.stdout.write(`${buildProofPrompt(afterReport)}\n`);
+        process.exitCode = 1;
+        return;
+    }
+    if (afterReport.completion.state === "ready_to_accept") {
+        process.stdout.write("Ready to accept. Run agentbridge accept.\n");
+    }
+}
+function isNoActiveSessionHttpError(err) {
+    if (!(err instanceof http_1.CliHttpError) || err.status !== 404)
+        return false;
+    try {
+        const parsed = JSON.parse(err.body);
+        return parsed.code === "active_work_session_not_found" || parsed.error === "active_work_session_not_found";
+    }
+    catch {
+        return false;
+    }
+}

package/dist/commands/handshake.js

@@ -0,0 +1,78 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateHandshakeCreateFields = validateHandshakeCreateFields;
+exports.runHandshakeCreate = runHandshakeCreate;
+exports.runHandshakeAcknowledge = runHandshakeAcknowledge;
+exports.runHandshakeResolve = runHandshakeResolve;
+exports.runHandshakeList = runHandshakeList;
+const config_1 = require("../config");
+const errors_1 = require("../errors");
+const server_sync_1 = require("../server-sync");
+const work_context_resolver_1 = require("../work-context-resolver");
+const MIN_FIELD_LEN = 20;
+function resolveNetworkContext() {
+    const cfg = (0, config_1.readConfig)();
+    const projectId = process.env.AGENTBRIDGE_PROJECT_ID ?? cfg.projectId;
+    const apiKey = process.env.AGENTBRIDGE_API_KEY ?? cfg.apiKey ?? "";
+    const apiBaseUrl = process.env.AGENTBRIDGE_BASE_URL ?? cfg.apiBaseUrl ?? "https://agentauth-api-production.up.railway.app";
+    if (!projectId) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_PROJECT_ID. Set AGENTBRIDGE_PROJECT_ID (or run `agentbridge init --project ...`).");
+    }
+    if (!apiKey) {
+        throw new errors_1.SafeCliError("Missing AGENTBRIDGE_API_KEY. Provide --api-key, set AGENTBRIDGE_API_KEY, or save apiKey in .agentbridge/config.json.");
+    }
+    return { projectId, apiKey, apiBaseUrl };
+}
+function validateHandshakeCreateFields(action, reason) {
+    if (action.trim().length < MIN_FIELD_LEN) {
+        return `requested_action must be at least ${MIN_FIELD_LEN} characters (describe the exact change, not just the domain).`;
+    }
+    if (reason.trim().length < MIN_FIELD_LEN) {
+        return `reason must be at least ${MIN_FIELD_LEN} characters (explain why cross-domain access is needed).`;
+    }
+    return null;
+}
+async function runHandshakeCreate(options) {
+    const validationError = validateHandshakeCreateFields(options.action, options.reason);
+    if (validationError) {
+        process.stderr.write(`${validationError}\n`);
+        process.exitCode = 1;
+        return;
+    }
+    const ctx = resolveNetworkContext();
+    const resolution = await (0, work_context_resolver_1.resolveWorkContext)(ctx, {
+        changeRequestId: options.changeRequestId,
+        preferredWorkSessionId: options.workSessionId,
+    });
+    if (resolution.state !== "current_session_resolved" || !resolution.binding) {
+        process.stdout.write(`${(0, work_context_resolver_1.renderWorkContextLines)(resolution).join("\n")}\n`);
+        return;
+    }
+    const binding = (0, work_context_resolver_1.requireWorkContextBinding)(resolution, "handshake create");
+    const result = await (0, server_sync_1.createAgentHandshake)(ctx, {
+        changeRequestId: binding.changeRequestId ?? options.changeRequestId ?? "",
+        workSessionId: binding.workSessionId,
+        requestedDomain: options.domain,
+        requestedAction: options.action.trim(),
+        reason: options.reason.trim(),
+    });
+    process.stdout.write([
+        result.was_existing ? "Handshake already open (reused)." : "Handshake created.",
+        `ID: ${result.id}`,
+        `Target: ${result.target_work_identity_name} (${result.target_work_identity_id})`,
+        `Domain: ${result.requested_domain}`,
+        `Action: ${result.requested_action}`,
+        `Status: ${result.status}`,
+        `Expires: ${result.expires_at}`,
+        `CR/session: ${result.change_request_id} / ${result.work_session_id}`,
+    ].join("\n") + "\n");
+}
+async function runHandshakeAcknowledge() {
+    process.stdout.write("Handshake acknowledge is not yet available in the CLI. Use the dashboard.\n");
+}
+async function runHandshakeResolve() {
+    process.stdout.write("Handshake resolve is not yet available in the CLI. Use the dashboard.\n");
+}
+async function runHandshakeList() {
+    process.stdout.write("Handshake list is not yet available in the CLI. Use the dashboard.\n");
+}

package/dist/commands/health.js

@@ -0,0 +1,154 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.renderHealthSummaryRollup = renderHealthSummaryRollup;
+exports.deriveHealthRollup = deriveHealthRollup;
+exports.buildHealthChecks = buildHealthChecks;
+exports.collectHealthSummary = collectHealthSummary;
+exports.runHealth = runHealth;
+const config_1 = require("../config");
+const operator_snapshot_1 = require("../operator-snapshot");
+const work_context_resolver_1 = require("../work-context-resolver");
+function resolveNetworkContext() {
+    const cfg = (0, config_1.readConfig)();
+    const projectId = process.env.AGENTBRIDGE_PROJECT_ID ?? cfg.projectId;
+    const apiKey = process.env.AGENTBRIDGE_API_KEY ?? cfg.apiKey ?? "";
+    const apiBaseUrl = process.env.AGENTBRIDGE_BASE_URL ?? cfg.apiBaseUrl ?? "https://agentauth-api-production.up.railway.app";
+    if (!projectId || !apiKey)
+        return null;
+    return { projectId, apiKey, apiBaseUrl };
+}
+function checkLabel(ok) {
+    return ok ? "PASS" : "WARN";
+}
+function renderHealthSummaryRollup(rollup) {
+    const overall = rollup.overall_status === "pass" ? "PASS" : "WARN";
+    const flags = [
+        rollup.has_current_session ? "session:yes" : "session:no",
+        rollup.has_missing_proof ? "proof:missing" : "proof:ok",
+        rollup.has_protocol_warnings ? "protocol:warn" : "protocol:ok",
+    ];
+    return `Summary: ${overall} | completion:${rollup.completion_state} | ${flags.join(" | ")} | next:${rollup.next_action}`;
+}
+function deriveHealthRollup(summary) {
+    const pass_count = summary.checks.filter((check) => check.status === "pass").length;
+    const warn_count = summary.checks.length - pass_count;
+    return {
+        overall_status: warn_count > 0 ? "warn" : "pass",
+        pass_count,
+        warn_count,
+        completion_state: summary.snapshot.completion_state,
+        next_action: summary.snapshot.next_action,
+        has_current_session: summary.snapshot.has_current_session,
+        has_other_active_sessions: summary.snapshot.other_active_sessions_count > 0,
+        has_missing_proof: summary.snapshot.evidence_missing_count > 0,
+        has_protocol_warnings: summary.snapshot.protocol_warnings_count > 0,
+    };
+}
+function buildHealthChecks(input) {
+    return [
+        {
+            id: "config-project-id",
+            status: input.configProjectId ? "pass" : "warn",
+            detail: input.configProjectId ? "project configured" : "project missing in local config",
+        },
+        {
+            id: "config-api-key",
+            status: input.configApiKey ? "pass" : "warn",
+            detail: input.configApiKey ? "api key configured" : "api key missing in local config",
+        },
+        {
+            id: "work-context",
+            status: input.workContextResolved ? "pass" : "warn",
+            detail: input.workContextResolved ? "current session resolved" : "no active server session",
+        },
+        {
+            id: "protocol-warnings",
+            status: input.protocolWarnings > 0 ? "warn" : "pass",
+            detail: input.protocolWarnings > 0 ? `${input.protocolWarnings} warning(s)` : "no protocol warnings",
+        },
+        {
+            id: "missing-proof",
+            status: input.evidenceMissing > 0 ? "warn" : "pass",
+            detail: input.evidenceMissing > 0
+                ? `${input.evidenceMissing} missing proof artifact(s)`
+                : "no proof gaps detected",
+        },
+    ];
+}
+async function collectHealthSummary(options = {}) {
+    const cfg = (0, config_1.readConfig)();
+    const ctx = resolveNetworkContext();
+    if (!ctx) {
+        const fallbackSnapshot = (0, operator_snapshot_1.buildOperatorSnapshot)({
+            state: "no_current_session",
+            contextSource: "none",
+            requestedChangeRequestId: null,
+            ambiguousSessions: [],
+            message: "No network context available.",
+            localServerSessionId: null,
+            resolvedServerSessionId: null,
+            resolvedChangeRequestId: null,
+            binding: null,
+            otherActiveSessions: [],
+        });
+        const checks = buildHealthChecks({
+            configProjectId: !!cfg.projectId,
+            configApiKey: !!cfg.apiKey,
+            workContextResolved: false,
+            protocolWarnings: 0,
+            evidenceMissing: 0,
+        });
+        checks[2] = {
+            id: "network-context",
+            status: "warn",
+            detail: "no active API context",
+        };
+        return {
+            snapshot: fallbackSnapshot,
+            checks,
+            rollup: deriveHealthRollup({ snapshot: fallbackSnapshot, checks }),
+        };
+    }
+    const resolution = await (0, work_context_resolver_1.resolveWorkContext)(ctx, {
+        includeOtherActiveSessions: options.includeOtherActiveSessions === true,
+    });
+    const snapshot = (0, operator_snapshot_1.buildOperatorSnapshot)(resolution);
+    const checks = buildHealthChecks({
+        configProjectId: !!cfg.projectId,
+        configApiKey: !!cfg.apiKey,
+        workContextResolved: resolution.state === "current_session_resolved",
+        protocolWarnings: snapshot.protocol_warnings_count,
+        evidenceMissing: snapshot.evidence_missing_count,
+    });
+    return {
+        snapshot,
+        checks,
+        rollup: deriveHealthRollup({ snapshot, checks }),
+    };
+}
+async function runHealth(options = {}) {
+    const summary = await collectHealthSummary({
+        includeOtherActiveSessions: options.json === true,
+    });
+    if (options.json) {
+        process.stdout.write(`${JSON.stringify(summary, null, 2)}\n`);
+        return;
+    }
+    const lines = [];
+    lines.push("AgentBridge Health");
+    lines.push(renderHealthSummaryRollup(summary.rollup));
+    lines.push(...(0, operator_snapshot_1.renderOperatorSnapshotHuman)(summary.snapshot).split("\n"));
+    lines.push("");
+    lines.push("Checks:");
+    for (const check of summary.checks) {
+        lines.push(`- ${check.status === "pass" ? "PASS" : "WARN"} ${check.id}: ${check.detail}`);
+    }
+    lines.push("");
+    lines.push("Rollup:");
+    lines.push(`- ${checkLabel(summary.rollup.overall_status === "pass")} overall`);
+    lines.push(`- completion: ${summary.rollup.completion_state}`);
+    lines.push(`- pass: ${summary.rollup.pass_count}`);
+    lines.push(`- warn: ${summary.rollup.warn_count}`);
+    lines.push(`- next: ${summary.rollup.next_action}`);
+    process.stdout.write(`${lines.join("\n")}\n`);
+}

package/dist/commands/identity.js

@@ -0,0 +1,57 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runIdentityList = runIdentityList;
+const config_1 = require("../config");
+const server_sync_1 = require("../server-sync");
+function normalize(value) {
+    const trimmed = value?.trim();
+    return trimmed && trimmed.length > 0 ? trimmed : "unknown";
+}
+async function runIdentityList() {
+    const cfg = (0, config_1.readConfig)();
+    const configuredActiveAgentId = cfg.activeAgentId?.trim() || "(none)";
+    const ctx = (0, config_1.contextFromConfig)();
+    const [callerPacket, identities] = await Promise.all([
+        (0, server_sync_1.fetchCallerIdentityPacket)(ctx),
+        (0, server_sync_1.listWorkIdentities)(ctx),
+    ]);
+    const callerWorkIdentityId = callerPacket?.work_identity?.id ?? null;
+    const callerIdentity = callerWorkIdentityId
+        ? identities.find((identity) => identity.id === callerWorkIdentityId) ?? null
+        : null;
+    const suggestedActiveAgentId = callerIdentity?.name?.trim() ||
+        callerPacket?.work_identity?.name?.trim() ||
+        "(none)";
+    const rows = identities.map((identity) => ({
+        id: identity.id,
+        name: normalize(identity.name),
+        domainName: normalize(identity.domain?.name ?? identity.domain?.displayName ?? null),
+        isCaller: callerWorkIdentityId === identity.id,
+        matchesConfigured: configuredActiveAgentId !== "(none)" &&
+            (identity.id === configuredActiveAgentId ||
+                identity.name?.toLowerCase() === configuredActiveAgentId.toLowerCase()),
+    }));
+    const lines = [
+        "AgentBridge identities",
+        `Project: ${ctx.projectId}`,
+        `Configured active agent: ${configuredActiveAgentId}`,
+        `Caller WorkIdentity: ${callerWorkIdentityId ?? "unresolved"}`,
+        "Available project identities:",
+    ];
+    if (rows.length === 0) {
+        lines.push("- (none)");
+    }
+    else {
+        for (const row of rows) {
+            const tags = [];
+            if (row.isCaller)
+                tags.push("current caller");
+            if (row.matchesConfigured)
+                tags.push("configured active agent");
+            const tagSuffix = tags.length > 0 ? ` / ${tags.join(", ")}` : "";
+            lines.push(`- agent: ${row.name} / work identity: ${row.id} / domain: ${row.domainName}${tagSuffix}`);
+        }
+    }
+    lines.push(`Suggested activeAgentId: ${suggestedActiveAgentId}`);
+    process.stdout.write(`${lines.join("\n")}\n`);
+}

package/dist/commands/init.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runInit = void 0;
+var init_1 = require("../init");
+Object.defineProperty(exports, "runInit", { enumerable: true, get: function () { return init_1.runInit; } });