@chenguangyao/devflow-kit 0.1.43

package/src/cli/commands/verify.js

@@ -0,0 +1,354 @@
+'use strict';
+const fs = require('fs/promises');
+const fsSync = require('fs');
+const path = require('path');
+const log = require('../../utils/log.js');
+const state = require('../../core/state.js');
+const change = require('../../core/change.js');
+const checkpoint = require('../../core/checkpoint.js');
+const helpers = require('./_helpers.js');
+const aggregate = require('../../reports/aggregate.js');
+const workflowVerify = require('../../core/workflow-verify.js');
+
+const RISK_VERIFY_GATES = {
+  frontend_change: {
+    label: '前端改动',
+    anyOf: ['joint-test.md', 'e2e-test.md'],
+    evidence: ['reports/test-report.md#joint', 'reports/test-report.md#e2e'],
+    hint: 'run devflow test joint/e2e and include browser or screenshot evidence',
+  },
+  dependency_change: {
+    label: '依赖升级',
+    allOf: ['unit-test.md', 'integration-test.md'],
+    evidence: ['reports/test-report.md#unit', 'reports/test-report.md#integration'],
+    hint: 'run unit + integration compatibility tests and document rollback in deliver notes',
+  },
+  security_sensitive: {
+    label: '安全敏感改动',
+    anyOf: ['contract-test.md', 'integration-test.md', 'e2e-test.md', 'self-test.md'],
+    evidence: ['reports/test-report.md#contract', 'reports/test-report.md#integration', 'reports/test-report.md#e2e', 'reports/test-report.md#self-test'],
+    hint: 'add security verification evidence or an explicit owner-approved risk acceptance',
+  },
+};
+
+async function run({ flags = {}, positional = [], cwd }) {
+  const root = cwd || process.cwd();
+  const isFinalize = positional[0] === 'finalize' || flags.finalize;
+  const slugPositional = isFinalize ? positional.slice(1) : positional;
+  const slug = await helpers.resolveSlug(root, flags, slugPositional);
+  if (!slug) { process.exitCode = 1; return; }
+  const st = await helpers.loadStateOrFail(root, slug);
+  if (!st) { process.exitCode = 1; return; }
+  if (helpers.blockWorkflowStep(root, st, slug, 'verify', 'verify')) return;
+
+  if (isFinalize) {
+    return finalize(root, slug, st, flags);
+  }
+
+  const pendingVerifyStart = checkpoint.latestPendingByType(st, 'verify_start');
+  if (pendingVerifyStart) {
+    if (flags.force === true) {
+      const reason = flags.reason;
+      if (!reason || reason === true) {
+        log.error('verify --force requires --reason="..." when bypassing verify_start checkpoint');
+        process.exitCode = 2;
+        return;
+      }
+      checkpoint.resolveCheckpoint(st, pendingVerifyStart.id, 'force-start-verify', reason);
+      state.logEvent(st, 'checkpoint.resolve', { id: pendingVerifyStart.id, decision: 'force-start-verify' });
+      state.logEvent(st, 'verify.force_start', { checkpointId: pendingVerifyStart.id, reason });
+      log.warn(`verify start checkpoint bypassed — reason: "${reason}"`);
+    } else {
+      state.logEvent(st, 'verify.blocked_pending_start_confirmation', { checkpointId: pendingVerifyStart.id });
+      await state.write(root, slug, st);
+      log.error('verify blocked: pending verify_start checkpoint.');
+      log.raw('');
+      log.raw(checkpoint.renderNextStepCard(pendingVerifyStart));
+      log.raw('');
+      log.dim(`confirm first: devflow checkpoint resolve --id=${pendingVerifyStart.id} --decision=start-verify`);
+      log.dim(`override (audited): devflow verify --slug=${slug} --force --reason="..."`);
+      process.exitCode = 1;
+      return;
+    }
+  }
+
+  // Gate: review must be completed (or force-passed) before verify may start.
+  const review = (st.phases && st.phases.review) || {};
+  const skipGate = flags['skip-review-gate'] === true || flags.skipReviewGate === true;
+  if (!skipGate) {
+    if (review.status === 'blocked') {
+      log.error('verify blocked: review is at status=blocked.');
+      log.dim(`fix MUSTs + devflow review --slug=${slug} --round --continue-rounds, or devflow review --slug=${slug} --force-pass --reason="..."`);
+      log.dim(`override (audited): devflow verify --slug=${slug} --skip-review-gate --reason="..."`);
+      process.exitCode = 1; return;
+    }
+    if (review.status !== 'completed') {
+      const rounds = (review.rounds || []).length;
+      if (rounds === 0) {
+        log.error(`verify blocked: no review rounds recorded. run "devflow review --slug=${slug} --round" first.`);
+      } else {
+        const last = review.rounds[rounds - 1];
+        log.error(`verify blocked: last review round outcome=${last.outcome}. status=${review.status}`);
+        log.dim('run more rounds until pass, or force-pass with reason.');
+      }
+      log.dim(`override (audited): devflow verify --slug=${slug} --skip-review-gate --reason="..."`);
+      process.exitCode = 1; return;
+    }
+  } else {
+    const reason = flags.reason;
+    if (!reason || reason === true) {
+      log.error('--skip-review-gate requires --reason="..." (audited)');
+      process.exitCode = 2; return;
+    }
+    state.logEvent(st, 'verify.skip_review_gate', { reason });
+    log.warn(`review gate skipped — reason: "${reason}"`);
+  }
+
+  await helpers.writePhaseArtifact(root, slug, st, 'verify.md', 'verify.md', {});
+  state.setPhase(st, 'review', 'completed');
+  state.setPhase(st, 'verify', 'in_progress');
+  state.logEvent(st, 'verify scaffold');
+  await state.write(root, slug, st);
+  log.dim(`run "devflow test <kind> --slug=${slug}" for each enabled kind, then "devflow verify finalize --slug=${slug}"`);
+}
+
+async function finalize(root, slug, st, flags = {}) {
+  const reportsDir = path.join(change.resolveChangeDir(root, slug), 'reports');
+  const required = workflowVerify.requiredReportsForState(st);
+  const missing = [];
+  for (const r of required) {
+    if (!reportExists(reportsDir, r)) missing.push(r);
+  }
+  if (missing.length) {
+    const cp = ensureVerificationEvidenceCheckpoint(st, missing, slug);
+    const missingText = missing.map(reportDisplayName).join(', ');
+    if (flags.force === true) {
+      const reason = flags.reason;
+      if (!reason || reason === true) {
+        log.error('verify finalize --force requires --reason="..."');
+        process.exitCode = 2;
+        return;
+      }
+      checkpoint.resolveCheckpoint(st, cp.id, 'accept_missing_evidence', reason);
+      state.logEvent(st, 'checkpoint.resolve', { id: cp.id, decision: 'accept_missing_evidence' });
+      state.logEvent(st, 'verify.force_missing_reports', { missing, reason });
+      log.warn(`verify finalize: force-accepted missing report sections — ${missingText}; reason: "${reason}"`);
+    } else {
+      state.logEvent(st, 'verify.finalize_blocked_missing_reports', { missing, checkpoint: cp.id });
+      await state.write(root, slug, st);
+      log.error(`verify finalize blocked. missing report sections: ${missingText}`);
+      log.dim(`hint: run "devflow test unit --slug=${slug}" / "devflow test integration --slug=${slug}" / "devflow test joint --slug=${slug}" / "devflow report self-test --slug=${slug}" etc.`);
+      log.raw('');
+      log.raw(checkpoint.renderNextStepCard(cp));
+      log.dim(`override (audited): devflow verify finalize --slug=${slug} --force --reason="..."`);
+      process.exitCode = 1;
+      return;
+    }
+  }
+  const riskProblems = evaluateRiskVerifyGates(st, reportsDir);
+  if (riskProblems.length) {
+    const cp = ensureRiskAcceptanceCheckpoint(st, riskProblems, slug);
+    if (flags.force === true) {
+      const reason = flags.reason;
+      if (!reason || reason === true) {
+        log.error('verify finalize --force requires --reason="..." when accepting open risk signals');
+        process.exitCode = 2;
+        return;
+      }
+      checkpoint.resolveCheckpoint(st, cp.id, 'accept-risk', reason);
+      state.logEvent(st, 'checkpoint.resolve', { id: cp.id, decision: 'accept-risk' });
+      for (const p of riskProblems) {
+        state.acceptRiskSignal(st, p.type, { reason, evidence: p.expectedEvidence });
+      }
+      state.logEvent(st, 'verify.force_risk_signals', { riskSignals: riskProblems.map((p) => p.type), reason });
+      log.warn(`verify finalize: force-accepted risk signals — ${riskProblems.map((p) => p.type).join(', ')}; reason: "${reason}"`);
+    } else {
+      state.logEvent(st, 'verify.finalize_blocked_risk_signals', {
+        riskSignals: riskProblems.map((p) => ({ type: p.type, missing: p.missing, anyOf: p.anyOf })),
+        checkpoint: cp.id,
+      });
+      await state.write(root, slug, st);
+      log.error(`verify finalize blocked. unresolved risk signals: ${riskProblems.map((p) => p.type).join(', ')}`);
+      for (const p of riskProblems) log.dim(`  - ${p.label}: ${p.hint}`);
+      log.raw('');
+      log.raw(checkpoint.renderNextStepCard(cp));
+      log.dim(`override (audited): devflow verify finalize --slug=${slug} --force --reason="..."`);
+      process.exitCode = 1;
+      return;
+    }
+  } else {
+    resolveSatisfiedRiskSignals(st, reportsDir);
+  }
+  const failedReports = [];
+  const reportFiles = await listReportFiles(reportsDir);
+  for (const r of reportFiles) {
+    const meta = readReportMeta(path.join(reportsDir, r));
+    if (meta.status === 'fail' || meta.status === 'blocked') {
+      failedReports.push({ file: r, status: meta.status, failureType: meta.failureType || meta.failure_type || '-' });
+    }
+  }
+  const aggregateReport = aggregate.readAggregate(reportsDir);
+  for (const r of aggregateReport.reports) {
+    if (r.status === 'fail' || r.status === 'blocked') {
+      failedReports.push({ file: `test-report.md#${r.kind}`, status: r.status, failureType: r.failureType || '-' });
+    }
+  }
+  if (failedReports.length) {
+    const detail = failedReports.map((r) => `${r.file}:${r.status}${r.failureType !== '-' ? `(${r.failureType})` : ''}`).join(', ');
+    if (flags.force === true) {
+      const reason = flags.reason;
+      if (!reason || reason === true) {
+        log.error('verify finalize --force requires --reason="..." when accepting failed reports');
+        process.exitCode = 2;
+        return;
+      }
+      state.logEvent(st, 'verify.force_failed_reports', { failedReports, reason });
+      log.warn(`verify finalize: force-accepted failed reports — ${detail}; reason: "${reason}"`);
+    } else {
+      state.logEvent(st, 'verify.finalize_blocked_failed_reports', { failedReports });
+      await state.write(root, slug, st);
+      log.error(`verify finalize blocked. failed reports: ${detail}`);
+      const hasEnv = failedReports.some((r) => r.failureType === 'env_error');
+      const hasCode = failedReports.some((r) => r.failureType === 'code_error');
+      if (hasCode) log.dim('next: fix code via apply, rerun the failed test, then verify finalize.');
+      if (hasEnv) log.dim('next: fix/start test environment or browser/API tooling, rerun the failed test, then verify finalize.');
+      log.dim(`override (audited): devflow verify finalize --slug=${slug} --force --reason="..."`);
+      process.exitCode = 1;
+      return;
+    }
+  }
+  state.setPhase(st, 'verify', 'completed');
+  helpers.completeWorkflowStep(st, 'verify');
+  state.passCheckpoint(st, 'verify-finalize');
+  state.logEvent(st, 'verify finalize ok');
+  await state.write(root, slug, st);
+  log.ok('verify: all required report sections present.');
+  log.dim(`next: devflow deliver --slug=${slug}`);
+}
+
+function evaluateRiskVerifyGates(st, reportsDir) {
+  const out = [];
+  for (const sig of state.openRiskSignals(st, Object.keys(RISK_VERIFY_GATES))) {
+    const gate = RISK_VERIFY_GATES[sig.type];
+    const missing = (gate.allOf || []).filter((name) => !reportExists(reportsDir, name));
+    const anyOf = gate.anyOf || [];
+    const anySatisfied = !anyOf.length || anyOf.some((name) => reportExists(reportsDir, name));
+    if (missing.length || !anySatisfied) {
+      out.push({
+        type: sig.type,
+        label: gate.label,
+        missing,
+        anyOf: anySatisfied ? [] : anyOf,
+        expectedEvidence: gate.evidence,
+        hint: gate.hint,
+      });
+    }
+  }
+  return out;
+}
+
+function resolveSatisfiedRiskSignals(st, reportsDir) {
+  for (const sig of state.openRiskSignals(st, Object.keys(RISK_VERIFY_GATES))) {
+    const gate = RISK_VERIFY_GATES[sig.type];
+    const missing = (gate.allOf || []).filter((name) => !reportExists(reportsDir, name));
+    const anyOf = gate.anyOf || [];
+    const anySatisfied = !anyOf.length || anyOf.some((name) => reportExists(reportsDir, name));
+    if (!missing.length && anySatisfied) {
+      state.resolveRiskSignal(st, sig.type, { evidence: gate.evidence, reason: 'verify evidence satisfied' });
+    }
+  }
+}
+
+function ensureRiskAcceptanceCheckpoint(st, problems, slug) {
+  const existing = checkpoint.latestPendingByType(st, 'risk_acceptance');
+  if (existing) return existing;
+  const summary = `风险信号缺少验证证据：${problems.map((p) => p.label).join(', ')}`;
+  const nextCommands = problems.flatMap((p) => p.expectedEvidence || []);
+  const cp = checkpoint.addCheckpoint(st, {
+    type: 'risk_acceptance',
+    phase: 'verify',
+    summary,
+    question: '补齐风险验证证据，还是带原因接受风险？',
+    options: [
+      { id: 'add-evidence', label: '补齐风险证据', command: 'devflow test <kind> --slug=<slug>' },
+      { id: 'accept-risk', label: '接受风险', command: `devflow verify finalize --slug=${slug} --force --reason="..."` },
+    ],
+    nextAction: 'devflow test <kind> --slug=<slug>',
+    evidence: nextCommands,
+    risks: problems.map((p) => `${p.label}: ${p.hint}`),
+  });
+  state.logEvent(st, 'checkpoint.add', { id: cp.id, type: cp.type, phase: cp.phase });
+  return cp;
+}
+
+function ensureVerificationEvidenceCheckpoint(st, missing, slug) {
+  const existing = checkpoint.latestPendingByType(st, 'verification_evidence');
+  if (existing) return existing;
+  const cp = checkpoint.addCheckpoint(st, {
+    type: 'verification_evidence',
+    phase: 'verify',
+    summary: `缺少必需验证报告：${missing.map(reportDisplayName).join(', ')}`,
+    question: '补齐验证报告，还是带原因接受缺失证据风险？',
+    options: [
+      { id: 'add-reports', label: '补齐报告', command: `devflow test <kind> --slug=${slug} / devflow report self-test --slug=${slug}` },
+      { id: 'accept-risk', label: '接受缺失证据风险', command: `devflow verify finalize --slug=${slug} --force --reason="..."` },
+    ],
+    nextAction: `devflow test <kind> --slug=${slug} / devflow report self-test --slug=${slug}`,
+    evidence: missing.map((name) => `reports/${reportDisplayName(name)}`),
+    risks: ['缺少验证报告时交付，后续 reviewer 和发布人无法复查实际验证证据。'],
+  });
+  state.logEvent(st, 'checkpoint.add', { id: cp.id, type: cp.type, phase: cp.phase });
+  return cp;
+}
+
+function readReportMeta(file) {
+  let txt = '';
+  try { txt = fsSync.readFileSync(file, 'utf8'); } catch (_) { return {}; }
+  if (!txt.startsWith('---')) return {};
+  const end = txt.indexOf('\n---', 3);
+  if (end < 0) return {};
+  const yaml = txt.slice(3, end).trim();
+  const out = {};
+  for (const line of yaml.split('\n')) {
+    const m = /^([A-Za-z_][A-Za-z0-9_-]*)\s*:\s*(.*)$/.exec(line.trim());
+    if (m) out[m[1]] = m[2].trim();
+  }
+  return out;
+}
+
+async function listReportFiles(reportsDir) {
+  let entries = [];
+  try { entries = await fs.readdir(reportsDir); } catch (_) { return []; }
+  return entries
+    .filter((name) => name.endsWith('.md'))
+    .filter((name) => !['submit.md', 'test-report.md'].includes(name))
+    .sort();
+}
+
+function reportExists(reportsDir, name) {
+  if (fsSync.existsSync(path.join(reportsDir, name))) return true;
+  const kind = reportKindFromName(name);
+  const aggregateReport = aggregate.readAggregate(reportsDir);
+  return aggregateReport.reports.some((r) => r.kind === kind);
+}
+
+function reportKindFromName(name) {
+  if (name === 'self-test.md') return 'self-test';
+  return name.replace(/-test\.md$/, '').replace(/\.md$/, '');
+}
+
+function reportDisplayName(name) {
+  return `test-report.md#${reportKindFromName(name)}`;
+}
+
+module.exports = {
+  run,
+  _internals: {
+    readReportMeta,
+    listReportFiles,
+    reportExists,
+    reportKindFromName,
+    reportDisplayName,
+    evaluateRiskVerifyGates,
+  },
+};

package/src/cli/commands/worktree.js

@@ -0,0 +1,78 @@
+'use strict';
+const path = require('path');
+const log = require('../../utils/log.js');
+const wt = require('../../core/worktree.js');
+const change = require('../../core/change.js');
+
+async function run({ sub, positional = [], flags = {}, cwd }) {
+  const root = cwd || process.cwd();
+  const action = sub || positional.shift();
+  switch (action) {
+    case 'create':  return create(root, positional, flags);
+    case 'list':    return list(root, positional, flags);
+    case 'cleanup': return cleanup(root, positional, flags);
+    case undefined:
+    case 'help':    return help();
+    default:
+      log.error(`unknown subcommand: ${action}`);
+      help();
+      process.exitCode = 2;
+  }
+}
+
+async function create(root, positional, flags) {
+  const slug = positional[0] || flags.slug || (await change.getCurrent(root));
+  if (!slug) { log.error('usage: devflow worktree create <slug> [--task=N] [--base=branch]'); process.exitCode = 2; return; }
+  try {
+    const r = await wt.create(root, slug, {
+      task: flags.task,
+      base: flags.base,
+      title: flags.title,
+    });
+    if (r.created) log.ok(`created worktree: ${path.relative(root, r.path)}  branch=${r.branch}`);
+    else log.info(`worktree exists: ${path.relative(root, r.path)}  branch=${r.branch}`);
+    log.dim(`cd ${path.relative(root, r.path)}     # then code & commit on this branch`);
+  } catch (e) {
+    log.error(e.message);
+    process.exitCode = 1;
+  }
+}
+
+async function list(root, positional, flags) {
+  const slug = positional[0] || flags.slug;
+  const items = await wt.list(root, slug);
+  if (!items.length) { log.info('no worktrees recorded'); return; }
+  for (const it of items) {
+    const tag = it.gitTracked ? 'git✓' : 'orphan';
+    log.raw(`  ${it.slug.padEnd(26)} ${String(it.task).padEnd(10)} ${it.status.padEnd(11)} ${tag.padEnd(7)} ${path.relative(root, it.path)}`);
+  }
+}
+
+async function cleanup(root, positional, flags) {
+  const slug = positional[0] || flags.slug || (await change.getCurrent(root));
+  if (!slug) { log.error('usage: devflow worktree cleanup <slug> [--task=N] [--keep-branch]'); process.exitCode = 2; return; }
+  try {
+    const r = await wt.cleanup(root, slug, {
+      task: flags.task,
+      keepBranch: flags['keep-branch'] === true || flags.keepBranch === true,
+      force: flags.force === false ? false : true,
+    });
+    log.ok(`removed worktree (branch ${r.kept ? 'kept' : 'deleted'}: ${r.branch})`);
+  } catch (e) {
+    log.error(e.message);
+    process.exitCode = 1;
+  }
+}
+
+function help() {
+  log.raw(`devflow worktree <create|list|cleanup> [args]
+
+  create [<slug>] [--task=N] [--base=branch] [--title=...]
+                                    create .devflow-worktrees/<slug>[/task-N]/ + branch devflow/<slug>[/task-N]
+  list [<slug>]                     list worktrees (cross-checked with git worktree)
+  cleanup [<slug>] [--task=N] [--keep-branch]
+                                    git worktree remove + delete branch (unless --keep-branch)
+`);
+}
+
+module.exports = { run };

package/src/cli/index.js

@@ -0,0 +1,72 @@
+'use strict';
+const path = require('path');
+const log = require('../utils/log.js');
+const { parse } = require('./parse-args.js');
+
+const VERSION = require('../../package.json').version;
+
+const commands = {
+  init:        require('./commands/init.js'),
+  ingest:      require('./commands/ingest.js'),
+  new:         require('./commands/new.js'),
+  propose:     require('./commands/propose.js'),
+  requirement: require('./commands/requirement.js'),
+  design:      require('./commands/design.js'),
+  plan:        require('./commands/plan.js'),
+  apply:       require('./commands/apply.js'),
+  review:      require('./commands/review.js'),
+  verify:      require('./commands/verify.js'),
+  deploy:      require('./commands/deploy.js'),
+  deliver:     require('./commands/deliver.js'),
+  archive:     require('./commands/archive.js'),
+  checkpoint:  require('./commands/checkpoint.js'),
+  status:      require('./commands/status.js'),
+  doctor:      require('./commands/doctor.js'),
+  enable:      require('./commands/enable.js'),
+  disable:     require('./commands/disable.js'),
+  provider:    require('./commands/provider.js'),
+  knowledge:   require('./commands/knowledge.js'),
+  skills:      require('./commands/skills.js'),
+  test:        require('./commands/test.js'),
+  report:      require('./commands/report.js'),
+  flow:        require('./commands/flow.js'),
+  sync:        require('./commands/sync.js'),
+  logs:        require('./commands/logs.js'),
+  switch:      require('./commands/switch.js'),
+  update:      require('./commands/update.js'),
+  uninstall:   require('./commands/uninstall.js'),
+  worktree:    require('./commands/worktree.js'),
+  help:        require('./commands/help.js'),
+};
+
+async function main(argv) {
+  const args = parse(argv);
+
+  if (args.flags.version || args.command === 'version') {
+    log.raw(`@chenguangyao/devflow-kit ${VERSION}  (cmd: devflow / dfk)`);
+    return;
+  }
+  if (!args.command || args.flags.help || args.command === 'help') {
+    if (args.command === 'help' && args.positional[0]) {
+      return commands.help.run({ topic: args.positional[0] });
+    }
+    return commands.help.run({});
+  }
+
+  const cmd = commands[args.command];
+  if (!cmd) {
+    log.error(`unknown command: ${args.command}`);
+    log.dim(`run "devflow help" to see available commands`);
+    process.exitCode = 2;
+    return;
+  }
+
+  await cmd.run({
+    sub: args.sub,
+    positional: args.positional,
+    flags: args.flags,
+    cwd: process.cwd(),
+  });
+}
+
+module.exports = { main };

package/src/cli/parse-args.js

@@ -0,0 +1,102 @@
+'use strict';
+/**
+ * Minimal argv parser. No external dependency.
+ *
+ * Supports:
+ *   devflow <command> [subcommand] [positional...] [--flag] [--key=value] [--key value] [-k value]
+ *
+ * Returns:
+ *   { command, sub, positional: [...], flags: { ... } }
+ */
+
+function parse(argv) {
+  const result = { command: null, sub: null, positional: [], flags: {} };
+  const tokens = argv.slice();
+
+  if (tokens.length === 0) return result;
+
+  // First non-flag token is the command
+  let i = 0;
+  while (i < tokens.length && tokens[i].startsWith('-')) {
+    consumeFlag(tokens, i, result.flags);
+    i = advance(tokens, i);
+  }
+  if (i < tokens.length) {
+    result.command = tokens[i++];
+  }
+
+  // Optional subcommand: also non-flag (commands like `devflow provider list`, `devflow knowledge query`)
+  if (i < tokens.length && !tokens[i].startsWith('-')) {
+    // Heuristic: if the command is a known multi-level command, second token is subcommand
+    const multiLevel = new Set(['provider', 'knowledge', 'skills', 'switch', 'sync', 'test', 'report', 'worktree', 'logs', 'flow']);
+    if (multiLevel.has(result.command)) {
+      result.sub = tokens[i++];
+    }
+  }
+
+  while (i < tokens.length) {
+    const t = tokens[i];
+    if (t.startsWith('-')) {
+      consumeFlag(tokens, i, result.flags);
+      i = advance(tokens, i);
+    } else {
+      result.positional.push(t);
+      i++;
+    }
+  }
+  return result;
+}
+
+function consumeFlag(tokens, i, flags) {
+  const t = tokens[i];
+  let key, val;
+  if (t.startsWith('--')) {
+    const eq = t.indexOf('=');
+    if (eq !== -1) {
+      key = t.slice(2, eq);
+      val = t.slice(eq + 1);
+    } else {
+      key = t.slice(2);
+      const next = tokens[i + 1];
+      if (next !== undefined && !next.startsWith('-')) {
+        val = next;
+      } else {
+        val = true;
+      }
+    }
+  } else {
+    key = t.slice(1);
+    const next = tokens[i + 1];
+    if (next !== undefined && !next.startsWith('-')) {
+      val = next;
+    } else {
+      val = true;
+    }
+  }
+  // boolean negation: --no-foo
+  if (typeof val !== 'string' && key.startsWith('no-')) {
+    const k = key.slice(3);
+    flags[k] = false;
+    flags[camel(k)] = false;
+  } else {
+    flags[key] = val;
+    flags[camel(key)] = val;
+  }
+}
+
+function camel(s) {
+  return s.replace(/-([a-zA-Z0-9])/g, (_, c) => c.toUpperCase());
+}
+
+function advance(tokens, i) {
+  const t = tokens[i];
+  if (t.startsWith('--') && t.indexOf('=') !== -1) return i + 1;
+  if (t.startsWith('-')) {
+    const next = tokens[i + 1];
+    if (next !== undefined && !next.startsWith('-')) return i + 2;
+    return i + 1;
+  }
+  return i + 1;
+}
+
+module.exports = { parse };