@codecora/cli 0.0.3

package/dist/commands/auth.js

@@ -0,0 +1,255 @@
+/**
+ * Authentication Commands
+ *
+ * Handles login/logout for CLI via GitHub OAuth.
+ */
+import { createApiClient } from '../api/client.js';
+import { getLocalConfig, isAuthenticated, setAuthToken, clearAuthToken, setLocalConfig, } from '../config/storage.js';
+import * as http from 'node:http';
+import * as os from 'node:os';
+/**
+ * Login command
+ *
+ * Opens browser for GitHub OAuth flow.
+ * The server now exchanges the OAuth code and returns the session token directly.
+ */
+export async function login(serverUrl) {
+    // Check if already logged in
+    if (await isAuthenticated()) {
+        const config = await getLocalConfig();
+        console.log(`Already logged in as ${config.user?.email}`);
+        console.log('Run "cora auth logout" to sign out first.');
+        return;
+    }
+    // Get server URL from config or parameter
+    const config = await getLocalConfig();
+    const targetServerUrl = serverUrl || config.auth?.serverUrl || 'https://codecora.dev';
+    console.log(`Logging in to ${targetServerUrl}...`);
+    // Create local HTTP server for callback
+    const { port, promise } = createCallbackServer();
+    // Build OAuth URL
+    const redirectUri = `http://localhost:${port}/callback`;
+    const authUrl = `${targetServerUrl}/api/auth/cli?redirect_uri=${encodeURIComponent(redirectUri)}`;
+    // Open browser
+    console.log('\nOpening browser for GitHub authorization...');
+    console.log(`If browser doesn't open, visit:\n  ${authUrl}\n`);
+    try {
+        await openBrowser(authUrl);
+    }
+    catch (error) {
+        console.log(`\nPlease open this URL in your browser:\n  ${authUrl}\n`);
+    }
+    // Wait for callback
+    console.log('Waiting for authorization...');
+    try {
+        const authResult = await promise;
+        if (authResult instanceof Error) {
+            throw authResult;
+        }
+        // Store session directly from server response
+        await setAuthToken(authResult.token, targetServerUrl, authResult.userId, authResult.email, authResult.expiresAt);
+        console.log(`\nSuccessfully logged in as ${authResult.email}`);
+        process.exit(0);
+    }
+    catch (error) {
+        throw new Error(`Login failed: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+/**
+ * Logout command
+ *
+ * Clears stored session token.
+ */
+export async function logout() {
+    if (!(await isAuthenticated())) {
+        console.log('Not logged in.');
+        return;
+    }
+    const config = await getLocalConfig();
+    console.log(`Logging out ${config.user?.email}...`);
+    await clearAuthToken();
+    console.log('Logged out successfully.');
+}
+/**
+ * Status command
+ *
+ * Shows current authentication status.
+ */
+export async function status() {
+    const config = await getLocalConfig();
+    if (!config.auth?.sessionToken) {
+        console.log('Status: Not logged in');
+        console.log('Run "cora auth login" to authenticate.');
+        return;
+    }
+    console.log('Status: Authenticated');
+    console.log(`Email: ${config.user?.email || 'Unknown'}`);
+    console.log(`User ID: ${config.user?.id || 'Unknown'}`);
+    console.log(`Server: ${config.auth?.serverUrl || 'Unknown'}`);
+    // Verify session with server
+    try {
+        const client = await createApiClient();
+        const verification = await client.verifySession();
+        if (verification.valid) {
+            console.log('Session: Valid');
+            if (verification.expiresAt) {
+                const expires = new Date(verification.expiresAt);
+                console.log(`Expires: ${expires.toLocaleString()}`);
+            }
+        }
+        else {
+            console.log('Session: Invalid or expired');
+            console.log('Please run "cora auth login" to re-authenticate.');
+        }
+    }
+    catch (error) {
+        console.log('Session verification failed:', error instanceof Error ? error.message : String(error));
+    }
+}
+/**
+ * Config command
+ *
+ * Set or view configuration.
+ */
+export async function config(key, value) {
+    const currentConfig = await getLocalConfig();
+    if (!key) {
+        // Show all config
+        console.log('Current configuration:');
+        console.log(JSON.stringify(currentConfig, null, 2));
+        return;
+    }
+    if (value === undefined) {
+        // Show specific config value
+        const keys = key.split('.');
+        let currentValue = currentConfig;
+        for (const k of keys) {
+            currentValue = currentValue?.[k];
+        }
+        console.log(`${key}: ${currentValue !== undefined ? JSON.stringify(currentValue) : 'not set'}`);
+        return;
+    }
+    // Set config value
+    console.log(`Setting ${key} = ${value}`);
+    const updates = {};
+    let updateTarget = updates;
+    const keys = key.split('.');
+    for (let i = 0; i < keys.length - 1; i++) {
+        const k = keys[i];
+        if (k) {
+            updateTarget[k] = {};
+            updateTarget = updateTarget[k];
+        }
+    }
+    const lastKey = keys[keys.length - 1];
+    if (lastKey) {
+        updateTarget[lastKey] = value;
+    }
+    await setLocalConfig({ ...currentConfig, ...updates });
+    console.log('Configuration updated.');
+}
+/**
+ * Create local HTTP server for OAuth callback
+ *
+ * Uses a fixed port (4200) for GitHub OAuth redirect URI configuration.
+ * GitHub OAuth requires pre-configured redirect URIs, so we use
+ * http://localhost:4200/callback consistently.
+ *
+ * The server now receives the session token directly from the server
+ * instead of the OAuth code, simplifying the flow.
+ */
+function createCallbackServer() {
+    let resolvePromise;
+    const promise = new Promise((resolve) => {
+        resolvePromise = resolve;
+    });
+    // Use fixed port for GitHub OAuth compatibility
+    // Users must add http://localhost:4200/callback to their GitHub App redirect URIs
+    const FIXED_PORT = 4200;
+    const server = http.createServer((req, res) => {
+        if (req.url?.startsWith('/callback')) {
+            const url = new URL(req.url, `http://localhost:${FIXED_PORT}`);
+            const token = url.searchParams.get('token');
+            const userId = url.searchParams.get('userId');
+            const email = url.searchParams.get('email');
+            const expiresAt = url.searchParams.get('expiresAt');
+            const error = url.searchParams.get('error');
+            if (error) {
+                res.writeHead(400, { 'Content-Type': 'text/plain' });
+                res.end(`Authentication error: ${error}`);
+                resolvePromise(error);
+                server.close();
+                return;
+            }
+            if (token && userId && email && expiresAt) {
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end(`
+          <!DOCTYPE html>
+          <html>
+          <head><title>Authentication Successful</title></head>
+          <body>
+            <h1>Authentication Successful!</h1>
+            <p>You can close this window and return to the terminal.</p>
+          </body>
+          </html>
+        `);
+                resolvePromise({ token, userId, email, expiresAt });
+                server.close();
+            }
+            else {
+                res.writeHead(400, { 'Content-Type': 'text/plain' });
+                res.end('Missing required parameters');
+                resolvePromise(new Error('Missing required parameters'));
+                server.close();
+            }
+        }
+    });
+    server.listen(FIXED_PORT, () => {
+        // Server started on fixed port
+    });
+    // Handle port already in use
+    server.on('error', (error) => {
+        if (error.code === 'EADDRINUSE') {
+            resolvePromise(new Error(`Port ${FIXED_PORT} is already in use. Please stop the other process and try again.`));
+        }
+        else {
+            resolvePromise(error);
+        }
+        server.close();
+    });
+    return { port: FIXED_PORT, promise };
+}
+/**
+ * Open browser for OAuth flow
+ */
+async function openBrowser(url) {
+    const platform = os.platform();
+    let command;
+    let args;
+    switch (platform) {
+        case 'darwin':
+            command = 'open';
+            args = [url];
+            break;
+        case 'win32':
+            command = 'cmd';
+            args = ['/c', 'start', '', url];
+            break;
+        default:
+            command = 'xdg-open';
+            args = [url];
+            break;
+    }
+    const { execFile } = await import('node:child_process');
+    return new Promise((resolve, reject) => {
+        execFile(command, args, (error) => {
+            if (error) {
+                // Browser open failed, but user can open URL manually
+                reject(error);
+            }
+            else {
+                resolve();
+            }
+        });
+    });
+}

package/dist/commands/hook.js

@@ -0,0 +1,160 @@
+/**
+ * Hook Commands
+ *
+ * Manage git hooks for automatic code review.
+ */
+import { existsSync, mkdirSync, writeFileSync, readFileSync, unlinkSync } from 'node:fs';
+import * as path from 'node:path';
+import { execFileSafe } from '../utils/exec.js';
+/**
+ * Hook script template
+ */
+const HOOK_SCRIPT = `#!/bin/sh
+# CORA Pre-commit Hook
+# Auto-generated by cora cli
+
+# Skip if CORA_SKIP is set
+if [ -n "$CORA_SKIP" ]; then
+  exit 0
+fi
+
+# Run cora review
+npx cora review --staged --quiet
+
+# Exit with cora's exit code
+exit $?
+`;
+/**
+ * Install git hook
+ *
+ * Installs pre-commit hook for automatic review.
+ */
+export async function installHook(type = 'pre-commit') {
+    const gitDir = getGitDir();
+    if (!gitDir) {
+        throw new Error('Not in a git repository');
+    }
+    const hooksDir = path.join(gitDir, 'hooks');
+    // Create hooks directory if it doesn't exist
+    if (!existsSync(hooksDir)) {
+        mkdirSync(hooksDir, { recursive: true });
+    }
+    const hookPath = path.join(hooksDir, type);
+    // Check if hook already exists
+    if (existsSync(hookPath)) {
+        const existing = readFileSync(hookPath, 'utf-8');
+        if (existing.includes('# CORA Pre-commit Hook')) {
+            console.log(`Hook already installed: ${hookPath}`);
+            console.log('Use "cora hook uninstall" to remove it first.');
+            return;
+        }
+        // Backup existing hook
+        const backupPath = `${hookPath}.backup`;
+        writeFileSync(backupPath, existing, { mode: 0o755 });
+        console.log(`Backed up existing hook to: ${backupPath}`);
+    }
+    // Write hook script
+    writeFileSync(hookPath, HOOK_SCRIPT, { mode: 0o755 });
+    console.log(`Installed ${type} hook: ${hookPath}`);
+    console.log('\nHook will run automatically on git ${type}.');
+    console.log('Skip temporarily with: CORA_SKIP=1 git commit');
+}
+/**
+ * Uninstall git hook
+ *
+ * Removes pre-commit hook.
+ */
+export async function uninstallHook(type = 'pre-commit') {
+    const gitDir = getGitDir();
+    if (!gitDir) {
+        throw new Error('Not in a git repository');
+    }
+    const hookPath = path.join(gitDir, 'hooks', type);
+    if (!existsSync(hookPath)) {
+        console.log(`Hook not installed: ${type}`);
+        return;
+    }
+    // Check if it's a cora hook
+    const content = readFileSync(hookPath, 'utf-8');
+    if (!content.includes('# CORA Pre-commit Hook')) {
+        console.log(`Hook exists but was not installed by cora: ${type}`);
+        console.log('To remove it manually, delete:', hookPath);
+        return;
+    }
+    // Remove hook
+    unlinkSync(hookPath);
+    console.log(`Uninstalled ${type} hook`);
+    // Restore backup if exists
+    const backupPath = `${hookPath}.backup`;
+    if (existsSync(backupPath)) {
+        const backup = readFileSync(backupPath, 'utf-8');
+        writeFileSync(hookPath, backup, { mode: 0o755 });
+        console.log(`Restored backup from: ${backupPath}`);
+    }
+}
+/**
+ * List installed hooks
+ */
+export async function listHooks() {
+    const gitDir = getGitDir();
+    if (!gitDir) {
+        throw new Error('Not in a git repository');
+    }
+    const hooksDir = path.join(gitDir, 'hooks');
+    const hookTypes = ['pre-commit', 'pre-push'];
+    console.log('Installed hooks:\n');
+    let found = false;
+    for (const type of hookTypes) {
+        const hookPath = path.join(hooksDir, type);
+        if (!existsSync(hookPath)) {
+            console.log(`  ${type}: Not installed`);
+            continue;
+        }
+        const content = readFileSync(hookPath, 'utf-8');
+        const isCoraHook = content.includes('# CORA Pre-commit Hook');
+        if (isCoraHook) {
+            console.log(`  ${type}: ✓ Installed`);
+            found = true;
+        }
+        else {
+            console.log(`  ${type}: Other hook (not managed by cora)`);
+            found = true;
+        }
+    }
+    if (!found) {
+        console.log('  No hooks installed');
+    }
+}
+/**
+ * Get .git directory path
+ */
+function getGitDir() {
+    // Try git rev-parse --git-dir
+    const result = execFileSafe('git', ['rev-parse', '--git-dir']);
+    if (result.status === 0 && result.stdout.trim()) {
+        return result.stdout.trim();
+    }
+    // Fallback to .git in current directory
+    const cwd = process.cwd();
+    const gitPath = path.join(cwd, '.git');
+    if (existsSync(gitPath)) {
+        return gitPath;
+    }
+    return null;
+}
+/**
+ * Enable auto-review
+ *
+ * Alias for installHook for convenience.
+ */
+export async function enable() {
+    await installHook();
+}
+/**
+ * Disable auto-review
+ *
+ * Alias for uninstallHook for convenience.
+ */
+export async function disable() {
+    await uninstallHook();
+}

package/dist/commands/index.js

@@ -0,0 +1,8 @@
+/**
+ * CLI Commands Export
+ *
+ * Central export for all CLI commands.
+ */
+export { login, logout, status, config as authConfig } from './auth.js';
+export { review, autoReview } from './review.js';
+export { installHook, uninstallHook, listHooks, enable, disable } from './hook.js';

package/dist/commands/review.js

@@ -0,0 +1,215 @@
+/**
+ * Review Command
+ *
+ * Main command for reviewing code diffs.
+ */
+import { CLIApiClient, createApiClient } from '../api/client.js';
+import { isAuthenticated } from '../config/storage.js';
+import { getReviewDiff, getRepoInfo, validateDiffSize, isGitRepo, } from '../git/diff.js';
+/**
+ * Review code changes
+ *
+ * @param options - Review options from command line
+ * @returns Exit code
+ */
+export async function review(options = {}) {
+    // Check authentication
+    if (!(await isAuthenticated())) {
+        console.error('Error: Not authenticated. Run "cora auth login" first.');
+        return 2; // CLIExitCode.AuthError
+    }
+    // Check if in git repo
+    const cwd = process.cwd();
+    if (!isGitRepo(cwd)) {
+        console.error('Error: Not in a git repository.');
+        return 1; // CLIExitCode.GeneralError
+    }
+    // Get repository info
+    const repoInfo = getRepoInfo(cwd);
+    const repository = options.repository || `${repoInfo.owner}/${repoInfo.repo}`;
+    const branch = options.branch || repoInfo.branch;
+    // Get diff
+    console.log('Fetching code changes...');
+    let diff;
+    try {
+        diff = getReviewDiff({
+            staged: options.staged !== false,
+            files: options.files,
+            cwd,
+        });
+    }
+    catch (error) {
+        console.error(`Error: Failed to get diff: ${error instanceof Error ? error.message : String(error)}`);
+        return 1; // CLIExitCode.GeneralError
+    }
+    if (!diff.trim()) {
+        console.log('No changes to review.');
+        return 0; // CLIExitCode.Success
+    }
+    // Validate diff size
+    const sizeCheck = validateDiffSize(diff);
+    if (!sizeCheck.valid) {
+        console.error(`Error: ${sizeCheck.error}`);
+        return 1; // CLIExitCode.GeneralError
+    }
+    console.log(`Diff size: ${(sizeCheck.size / 1024).toFixed(2)} KB`);
+    // Mock mode for testing
+    if (options.mock) {
+        return mockReview(diff, options);
+    }
+    // Create API client
+    let client;
+    try {
+        client = await createApiClient();
+    }
+    catch (error) {
+        console.error(`Error: Failed to create API client: ${error instanceof Error ? error.message : String(error)}`);
+        return 1; // CLIExitCode.GeneralError
+    }
+    // Send review request
+    console.log('Reviewing code...');
+    try {
+        const response = await client.reviewDiff({
+            diff,
+            workspaceId: options.workspace,
+            repository,
+            branch,
+        });
+        return displayResults(response, options.format);
+    }
+    catch (error) {
+        const apiError = error;
+        if (apiError.statusCode === 429) {
+            console.error('Error: Quota exceeded. Please upgrade your plan or wait for quota reset.');
+            return 3; // CLIExitCode.QuotaExceeded
+        }
+        console.error(`Error: Review failed: ${apiError.message || String(error)}`);
+        return 1; // CLIExitCode.GeneralError
+    }
+}
+/**
+ * Display review results
+ */
+function displayResults(response, format = 'pretty') {
+    const { success, issues, summary, walkthrough, tokensUsed, quotaRemaining, quotaResetAt, shouldBlock, blockReason } = response;
+    // Clear the "Reviewing code..." line
+    process.stdout.write('\r' + ' '.repeat(50) + '\r');
+    // Display summary
+    console.log('\n' + '='.repeat(60));
+    console.log('REVIEW SUMMARY');
+    console.log('='.repeat(60));
+    console.log(summary);
+    console.log('='.repeat(60));
+    // Group issues by severity
+    const bySeverity = {
+        critical: issues.filter((i) => i.severity === 'critical'),
+        major: issues.filter((i) => i.severity === 'major'),
+        minor: issues.filter((i) => i.severity === 'minor'),
+        info: issues.filter((i) => i.severity === 'info'),
+    };
+    // Display issues by severity
+    for (const severity of ['critical', 'major', 'minor', 'info']) {
+        const severityIssues = bySeverity[severity] ?? [];
+        if (severityIssues.length === 0)
+            continue;
+        console.log(`\n${severity.toUpperCase()} (${severityIssues.length}):`);
+        console.log('-'.repeat(60));
+        for (const issue of severityIssues) {
+            displayIssue(issue, format);
+        }
+    }
+    // Display walkthrough if requested
+    if (walkthrough) {
+        console.log('\n' + '='.repeat(60));
+        console.log('WALKTHROUGH');
+        console.log('='.repeat(60));
+        console.log(walkthrough);
+        console.log('='.repeat(60));
+    }
+    // Display usage info
+    console.log(`\nTokens used: ${tokensUsed.toLocaleString()}`);
+    console.log(`Quota remaining: ${quotaRemaining.toLocaleString()}`);
+    if (quotaResetAt) {
+        const resetDate = new Date(quotaResetAt);
+        console.log(`Quota resets: ${resetDate.toLocaleString()}`);
+    }
+    // Handle blocking
+    if (shouldBlock) {
+        console.error(`\n❌ COMMIT BLOCKED: ${blockReason || 'Issues found that must be resolved.'}`);
+        return 4; // CLIExitCode.BlockedByIssues
+    }
+    if (issues.some((i) => i.severity === 'critical')) {
+        console.log('\n⚠️  Critical issues found. Please review before committing.');
+    }
+    return success ? 0 : 1;
+}
+/**
+ * Display a single issue
+ */
+function displayIssue(issue, format) {
+    const location = issue.line ? `${issue.file}:${issue.line}` : issue.file;
+    if (format === 'json') {
+        console.log(JSON.stringify(issue));
+        return;
+    }
+    if (format === 'compact') {
+        console.log(`  [${issue.severity.toUpperCase()}] ${location}: ${issue.title}`);
+        return;
+    }
+    // Pretty format (default)
+    const severityIcons = {
+        critical: '🔴',
+        major: '🟠',
+        minor: '🟡',
+        info: '🔵',
+    };
+    console.log(`\n${severityIcons[issue.severity] || '•'} ${issue.title}`);
+    console.log(`  Location: ${location}`);
+    console.log(`  Type: ${issue.issueType}`);
+    if (issue.body) {
+        console.log(`  Description: ${issue.body}`);
+    }
+    if (issue.suggestedFix) {
+        console.log(`  Suggested fix: ${issue.suggestedFix}`);
+    }
+}
+/**
+ * Mock review for testing
+ */
+function mockReview(diff, options) {
+    console.log('Running in MOCK mode (no API call)');
+    const lines = diff.split('\n').length;
+    const files = diff.match(/^diff --git a\/(.+?) b/m)?.[1] || 'unknown';
+    return displayResults({
+        success: true,
+        issues: [
+            {
+                file: files,
+                line: 1,
+                severity: 'info',
+                issueType: 'best_practice',
+                title: 'Mock Review (Testing Mode)',
+                body: `This is a mock review result. The actual diff has ${lines} lines.`,
+                suggestedFix: 'Run without --mock flag for real review.',
+            },
+        ],
+        summary: 'Mock review completed successfully.',
+        walkthrough: options.includeWalkthrough ? 'This is a mock walkthrough for testing purposes.' : undefined,
+        tokensUsed: 100,
+        quotaRemaining: 99900,
+        shouldBlock: false,
+    }, options.format);
+}
+/**
+ * Auto-review for pre-commit hook
+ *
+ * Simplified output suitable for git hooks.
+ */
+export async function autoReview(options = {}) {
+    // Force quiet mode for hooks
+    const result = await review({
+        ...options,
+        format: 'compact',
+    });
+    return result;
+}