@equilateral_ai/mindmeld 3.1.2 → 3.3.0

package/hooks/session-start.js

@@ -30,6 +30,57 @@ function generateFingerprint(userId, companyId, tier) {
   return `<!-- fp:${base64Fingerprint} -->`;
 }
 
+/**
+ * Load project standards preferences from local config
+ * @returns {Promise<Object|null>} Preferences or null if not set
+ */
+async function loadStandardsPreferences() {
+  try {
+    const prefsPath = path.join(process.cwd(), '.mindmeld', 'preferences.json');
+    const prefsContent = await fs.readFile(prefsPath, 'utf-8');
+    return JSON.parse(prefsContent);
+  } catch (error) {
+    // Expected: preferences don't exist yet
+    if (error.code !== 'ENOENT' && !(error instanceof SyntaxError)) {
+      console.error('Unexpected error loading standards preferences:', error.message);
+    }
+    return null;
+  }
+}
+
+/**
+ * Filter standards by project preferences
+ * @param {Array} standards - All relevant standards
+ * @param {Object} preferences - Project preferences
+ * @returns {Array} Filtered standards
+ */
+function filterStandardsByPreferences(standards, preferences) {
+  if (!preferences) {
+    return standards; // No preferences = all standards
+  }
+
+  const enabledCategories = preferences.enabled_categories || {};
+  const standardOverrides = preferences.standard_overrides || {};
+
+  return standards.filter(standard => {
+    const category = standard.category;
+    const standardPath = standard.path || `${category}/${standard.element}.md`;
+
+    // Check individual override first (highest priority)
+    if (standardPath in standardOverrides) {
+      return standardOverrides[standardPath] === true;
+    }
+
+    // Check category-level setting
+    if (category in enabledCategories) {
+      return enabledCategories[category] === true;
+    }
+
+    // Default: include if no preference set
+    return true;
+  });
+}
+
 /**
  * Load user and company info from MindMeld config
  * @returns {Promise<{userId: string, companyId: string, tier: string}>}
@@ -45,7 +96,11 @@ async function loadFingerprintConfig() {
       companyId: config.company_id || process.env.MINDMELD_COMPANY_ID || 'unknown',
       tier: config.subscription_tier || process.env.MINDMELD_TIER || 'free'
     };
-  } catch {
+  } catch (error) {
+    // Expected: config doesn't exist or invalid JSON
+    if (error.code !== 'ENOENT' && !(error instanceof SyntaxError)) {
+      console.error('Unexpected error loading fingerprint config:', error.message);
+    }
     // Fallback to environment variables
     return {
       userId: process.env.MINDMELD_USER_ID || 'anonymous',
@@ -55,6 +110,183 @@ async function loadFingerprintConfig() {
   }
 }
 
+/**
+ * Load auth token for API calls
+ * Priority: env var → project credentials.json → global ~/.mindmeld/auth.json
+ * If no token found, spawns background browser login for next session.
+ * @returns {Promise<string|null>} Auth token or null
+ */
+async function loadAuthToken() {
+  // 1. Env var (highest priority)
+  if (process.env.MINDMELD_AUTH_TOKEN) {
+    return process.env.MINDMELD_AUTH_TOKEN;
+  }
+
+  // 2. Project-level credentials.json
+  try {
+    const credPath = path.join(process.cwd(), '.mindmeld', 'credentials.json');
+    const content = await fs.readFile(credPath, 'utf-8');
+    const creds = JSON.parse(content);
+    if (creds.auth_token || creds.token) {
+      return creds.auth_token || creds.token;
+    }
+  } catch (error) {
+    // No project-level credentials
+  }
+
+  // 3. Global ~/.mindmeld/auth.json (from browser login / mindmeld CLI)
+  try {
+    const { AuthManager } = require('../src/core/AuthManager');
+    const cognitoConfig = await loadCognitoConfig();
+    const authManager = new AuthManager(cognitoConfig);
+    const token = await authManager.getValidToken();
+    if (token) {
+      return token;
+    }
+
+    // 4. No valid token — spawn background browser login
+    spawnBackgroundLogin();
+    return null;
+  } catch (error) {
+    return null;
+  }
+}
+
+/**
+ * Load Cognito config from .myworld.json (dev vs prod detection)
+ * @returns {Promise<Object>} Cognito constructor options or empty object (uses prod defaults)
+ */
+async function loadCognitoConfig() {
+  try {
+    const configPath = path.join(process.cwd(), '.myworld.json');
+    const content = await fs.readFile(configPath, 'utf-8');
+    const config = JSON.parse(content);
+    const auth = config.deployments?.backend?.auth;
+    if (auth?.domain && auth?.client_id) {
+      return {
+        cognitoDomain: `${auth.domain}.auth.us-east-2.amazoncognito.com`,
+        cognitoClientId: auth.client_id
+      };
+    }
+  } catch (error) {
+    // No .myworld.json — use production defaults
+  }
+  return {};
+}
+
+/**
+ * Spawn a detached background process to open the browser for Cognito login.
+ * The current session continues with file-based fallback.
+ * Next session will pick up the saved token from ~/.mindmeld/auth.json.
+ */
+function spawnBackgroundLogin() {
+  try {
+    const { spawn } = require('child_process');
+    const loginScript = path.resolve(__dirname, '../scripts/auth-login.js');
+    // Map child's stdout → parent's stderr so it doesn't mix with hook's context output
+    const child = spawn(process.execPath, [loginScript], {
+      detached: true,
+      stdio: ['ignore', 2, 2],
+      cwd: process.cwd()
+    });
+    child.unref();
+    console.error('[MindMeld] No auth token. Opening browser for login...');
+    console.error('[MindMeld] Complete login in your browser. API standards available next session.');
+  } catch (error) {
+    console.error('[MindMeld] Run "mindmeld login" to authenticate for API-backed standards.');
+  }
+}
+
+/**
+ * Load API and Cognito configuration from .myworld.json
+ * @returns {Promise<{apiUrl: string, cognitoDomain?: string, cognitoClientId?: string}>}
+ */
+async function loadApiConfig() {
+  try {
+    const configPath = path.join(process.cwd(), '.myworld.json');
+    const content = await fs.readFile(configPath, 'utf-8');
+    const config = JSON.parse(content);
+    const backend = config.deployments?.backend;
+    const auth = backend?.auth;
+    return {
+      apiUrl: backend?.api?.base_url || 'https://api.mindmeld.dev',
+      cognitoDomain: auth?.domain ? `${auth.domain}.auth.us-east-2.amazoncognito.com` : undefined,
+      cognitoClientId: auth?.client_id || undefined
+    };
+  } catch (error) {
+    return {
+      apiUrl: process.env.MINDMELD_API_URL || 'https://api.mindmeld.dev'
+    };
+  }
+}
+
+/**
+ * Fetch relevant standards from the Cognito-protected API
+ * @param {string} apiUrl - API base URL
+ * @param {string} authToken - Cognito JWT
+ * @param {Object} characteristics - Detected project characteristics
+ * @param {string} projectId - Project ID
+ * @param {Object} preferences - User preferences
+ * @returns {Promise<Array>} Relevant standards
+ */
+async function fetchRelevantStandardsFromAPI(apiUrl, authToken, characteristics, projectId, preferences) {
+  if (!authToken) {
+    throw new Error('No auth token available');
+  }
+
+  const https = require('https');
+  const url = require('url');
+
+  const payload = JSON.stringify({
+    characteristics,
+    projectId: projectId || undefined,
+    preferences: preferences || undefined
+  });
+
+  const parsedUrl = url.parse(`${apiUrl}/api/standards/relevant`);
+
+  const options = {
+    hostname: parsedUrl.hostname,
+    port: parsedUrl.port || 443,
+    path: parsedUrl.path,
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Authorization': `Bearer ${authToken}`,
+      'Content-Length': Buffer.byteLength(payload)
+    },
+    timeout: 3000
+  };
+
+  return new Promise((resolve, reject) => {
+    const req = https.request(options, (res) => {
+      let data = '';
+      res.on('data', chunk => { data += chunk; });
+      res.on('end', () => {
+        try {
+          const parsed = JSON.parse(data);
+          if (res.statusCode >= 400) {
+            reject(new Error(parsed.message || `HTTP ${res.statusCode}`));
+          } else {
+            resolve(parsed.standards || []);
+          }
+        } catch (e) {
+          reject(new Error('Invalid API response'));
+        }
+      });
+    });
+
+    req.on('error', reject);
+    req.on('timeout', () => {
+      req.destroy();
+      reject(new Error('API request timeout'));
+    });
+
+    req.write(payload);
+    req.end();
+  });
+}
+
 /**
  * Main hook execution
  */
@@ -65,54 +297,95 @@ async function injectContext() {
     // Fast bail if MindMeld not configured
     const hasMindmeld = await checkMindmeldConfiguration();
     if (!hasMindmeld) {
+      // Check if user is a subscriber but this project isn't initialized
+      try {
+        const os = require('os');
+        const authPath = path.join(os.homedir(), '.mindmeld', 'auth.json');
+        await fs.access(authPath);
+        console.error('[MindMeld] Project not initialized. Run "mindmeld init" in this directory.');
+      } catch (e) {
+        // No auth file — not a subscriber, stay silent
+      }
       return '';
     }
 
-    // Load fingerprint config
-    const fingerprintConfig = await loadFingerprintConfig();
+    // 1. Parallel local reads (no network, no DB)
+    const [fingerprintConfig, authToken, apiConfig, preferences] = await Promise.all([
+      loadFingerprintConfig(),
+      loadAuthToken(),
+      loadApiConfig(),
+      loadStandardsPreferences()
+    ]);
 
-    // Load MindmeldClient with graceful degradation
+    // 2. Initialize MindmeldClient (used for project detection, session tracking, team context)
     const { MindmeldClient } = require('../src/index');
-
     const mindmeld = new MindmeldClient({
       projectPath: process.cwd(),
-      standardsPath: path.join(process.cwd(), '.equilateral-standards')
+      standardsPath: path.join(process.cwd(), '.equilateral-standards'),
+      authToken: authToken,
+      apiUrl: apiConfig.apiUrl
     });
 
-    // 1. Ensure standards are ingested (cached, fast check)
-    await mindmeld.ensureStandardsIngested();
-
-    // 2. Detect project context
+    // 3. Detect project from local config
     const context = await mindmeld.detectProject();
-
     if (!context) {
       return ''; // No MindMeld project
     }
 
-    // 3. Generate session ID for tracking
     const sessionId = mindmeld.generateSessionId();
 
-    // 4. Identify relevant standards (NOT all 80+)
-    const relevance = await mindmeld.getRelevantStandards(context);
-    const relevantStandards = relevance.standards.slice(0, 10); // Top 10 most relevant
+    // 4. Detect project characteristics locally (file system only, no DB)
+    const characteristics = await mindmeld.relevanceDetector.detectProjectCharacteristics();
+
+    // 5. Parallel API calls: standards + team context
+    const [standardsResult, projectContextResult] = await Promise.allSettled([
+      fetchRelevantStandardsFromAPI(apiConfig.apiUrl, authToken, characteristics, context.projectId, preferences),
+      mindmeld.loadProjectContext(context.projectId)
+    ]);
+
+    // 6. Resolve standards: API → file-based fallback
+    let relevantStandards = [];
+    if (standardsResult.status === 'fulfilled' && standardsResult.value.length > 0) {
+      relevantStandards = standardsResult.value;
+      console.error(`[MindMeld] ${relevantStandards.length} standards from API`);
+    } else {
+      if (standardsResult.status === 'rejected') {
+        console.error(`[MindMeld] API fallback: ${standardsResult.reason.message}`);
+      }
+      const categories = mindmeld.relevanceDetector.mapCharacteristicsToCategories(characteristics);
+      relevantStandards = await mindmeld.relevanceDetector.loadStandardsFromFiles(categories);
+      console.error(`[MindMeld] ${relevantStandards.length} standards from file fallback`);
+    }
 
-    // 5. Record standards shown (Phase 7 - fire and forget, non-blocking)
-    mindmeld.recordStandardsShown(sessionId, relevantStandards);
+    // 7. Filter by project preferences
+    if (preferences) {
+      relevantStandards = filterStandardsByPreferences(relevantStandards, preferences);
+      console.error(`[MindMeld] Filtered to ${relevantStandards.length} standards by preferences`);
+    }
+
+    // Take top 10 most relevant after filtering
+    relevantStandards = relevantStandards.slice(0, 10);
 
-    // 6. Load team patterns
-    const teamPatterns = await mindmeld.loadProjectContext(context.projectId);
+    // 8. Record standards shown (fire-and-forget, non-blocking)
+    mindmeld.recordStandardsShown(sessionId, relevantStandards);
 
-    // 7. Get recent learning (last 7 days)
-    const recentLearning = await mindmeld.getRecentLearning(context.projectId, 7);
+    // 9. Resolve team context from parallel API call
+    const projectContext = projectContextResult.status === 'fulfilled' ? projectContextResult.value : null;
+    const teamPatterns = projectContext && projectContext.patterns
+      ? projectContext.patterns.filter(p => p.confidence > 0.7)
+      : [];
+    const recentLearning = projectContext && projectContext.recentLearning
+      ? projectContext.recentLearning
+      : [];
 
-    // 8. Build context injection with fingerprint
+    // 10. Build context injection with fingerprint
     const injection = formatContextInjection({
       project: context.projectName,
       sessionId: sessionId,
       collaborators: context.collaborators,
       relevantStandards: relevantStandards,
-      teamPatterns: teamPatterns ? teamPatterns.filter(p => p.correlation > 0.7) : [],
-      recentLearning: recentLearning || [],
+      teamPatterns: teamPatterns,
+      recentLearning: recentLearning,
       fingerprint: fingerprintConfig
     });
 
@@ -136,7 +409,11 @@ async function checkMindmeldConfiguration() {
     const mindmeldConfig = path.join(process.cwd(), '.mindmeld', 'config.json');
     await fs.access(mindmeldConfig);
     return true;
-  } catch {
+  } catch (error) {
+    // Expected: config doesn't exist
+    if (error.code !== 'ENOENT') {
+      console.error('Unexpected error checking MindMeld config:', error.message);
+    }
     return false;
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@equilateral_ai/mindmeld",
-  "version": "3.1.2",
+  "version": "3.3.0",
   "description": "Intelligent standards injection for AI coding sessions - context-aware, self-documenting, scales to large codebases",
   "main": "src/index.js",
   "bin": {
@@ -10,8 +10,10 @@
     "src/",
     "hooks/",
     "scripts/init-project.js",
+    "scripts/auth-login.js",
     "scripts/inject.js",
     "scripts/harvest.js",
+    "scripts/repo-analyzer.js",
     "README.md"
   ],
   "publishConfig": {
@@ -46,7 +48,8 @@
   "claudeCode": {
     "hooks": {
       "sessionStart": "hooks/session-start.js",
-      "preCompact": "hooks/pre-compact.js"
+      "preCompact": "hooks/pre-compact.js",
+      "sessionEnd": "hooks/session-end.js"
     },
     "config": {
       "standardsPath": ".equilateral-standards",

package/scripts/auth-login.js

@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+/**
+ * MindMeld Auth Login - Standalone browser authentication
+ *
+ * Spawned by the session-start hook as a detached background process
+ * when no auth token is found. Opens browser for Cognito PKCE login,
+ * waits for callback, saves tokens to ~/.mindmeld/auth.json.
+ *
+ * Reads .myworld.json from CWD to detect dev vs prod Cognito pool.
+ *
+ * Usage:
+ *   node scripts/auth-login.js
+ *
+ * @equilateral_ai/mindmeld
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { AuthManager } = require('../src/core/AuthManager');
+
+/**
+ * Load Cognito config from .myworld.json if present
+ */
+function loadCognitoConfig() {
+    try {
+        const configPath = path.join(process.cwd(), '.myworld.json');
+        const content = fs.readFileSync(configPath, 'utf-8');
+        const config = JSON.parse(content);
+        const auth = config.deployments?.backend?.auth;
+        if (auth?.domain && auth?.client_id) {
+            return {
+                cognitoDomain: `${auth.domain}.auth.us-east-2.amazoncognito.com`,
+                cognitoClientId: auth.client_id
+            };
+        }
+    } catch (error) {
+        // No .myworld.json — use production defaults
+    }
+    return {};
+}
+
+const cognitoConfig = loadCognitoConfig();
+const authManager = new AuthManager(cognitoConfig);
+
+authManager.browserAuth()
+    .then(tokens => {
+        console.log(`Logged in as ${tokens.email}`);
+        process.exit(0);
+    })
+    .catch(err => {
+        console.error('Login failed:', err.message);
+        process.exit(1);
+    });

package/scripts/harvest.js

@@ -71,13 +71,27 @@ async function getGitHistory(projectPath, options = {}) {
   try {
     const { stdout: log } = await execAsync(
       `git log --since="${since}" -n ${maxCommits} --format="%H|%s|%an|%ai" --stat`,
-      { cwd: projectPath, maxBuffer: 1024 * 1024 }
+      { cwd: projectPath, maxBuffer: 10 * 1024 * 1024 }
     );
 
-    const { stdout: diff } = await execAsync(
-      `git log --since="${since}" -n ${maxCommits} -p --diff-filter=M`,
-      { cwd: projectPath, maxBuffer: 5 * 1024 * 1024 }
-    );
+    // For large repos, limit diff output to avoid buffer overflow
+    let diff = '';
+    try {
+      const { stdout } = await execAsync(
+        `git log --since="${since}" -n ${maxCommits} -p --diff-filter=M -- '*.js' '*.ts' '*.py' '*.java' '*.go' '*.rs'`,
+        { cwd: projectPath, maxBuffer: 20 * 1024 * 1024 }
+      );
+      diff = stdout;
+    } catch (diffError) {
+      // If diff is too large, try with fewer commits
+      if (diffError.message.includes('maxBuffer')) {
+        const { stdout } = await execAsync(
+          `git log --since="${since}" -n 10 -p --diff-filter=M -- '*.js' '*.ts'`,
+          { cwd: projectPath, maxBuffer: 10 * 1024 * 1024 }
+        );
+        diff = stdout;
+      }
+    }
 
     return { log, diff };
   } catch (error) {
@@ -268,8 +282,11 @@ async function harvest(options = {}) {
       console.error('\n[MindMeld] LLM-powered detection available for deeper analysis.');
       console.error('[MindMeld] Set MINDMELD_USE_LLM=true for semantic pattern detection.');
     }
-  } catch {
-    // LLM module not available
+  } catch (error) {
+    // Expected: LLM module not available
+    if (error.code !== 'MODULE_NOT_FOUND') {
+      console.error('Unexpected error loading LLM module:', error.message);
+    }
   }
 }
 
@@ -304,8 +321,11 @@ async function promotePatterns(projectPath, patterns, options = {}) {
     try {
       await fs.access(filePath);
       continue;
-    } catch {
-      // File doesn't exist, safe to create
+    } catch (error) {
+      // Expected: file doesn't exist, safe to create
+      if (error.code !== 'ENOENT') {
+        console.error(`Unexpected error checking ${filePath}:`, error.message);
+      }
     }
 
     const content = [
@@ -358,7 +378,11 @@ async function harvestPlans(projectPath) {
     const indexContent = await fs.readFile(sessionIndexPath, 'utf-8');
     const index = JSON.parse(indexContent);
     sessions = index.entries || [];
-  } catch {
+  } catch (error) {
+    // Expected: no sessions file
+    if (error.code !== 'ENOENT' && !(error instanceof SyntaxError)) {
+      console.error('Unexpected error reading sessions:', error.message);
+    }
     return []; // No sessions found for this project
   }
 
@@ -383,7 +407,11 @@ async function harvestPlans(projectPath) {
         planFiles.push({ path: filePath, name: entry, mtime });
       }
     }
-  } catch {
+  } catch (error) {
+    // Expected: no plans directory
+    if (error.code !== 'ENOENT') {
+      console.error('Unexpected error reading plans:', error.message);
+    }
     return []; // No plans directory
   }
 
@@ -409,8 +437,11 @@ async function harvestPlans(projectPath) {
         try {
           await fs.access(path.join(projectPath, cleanRef));
           relevance += 3; // File exists in this project
-        } catch {
-          // File doesn't exist here
+        } catch (error) {
+          // Expected: file doesn't exist here
+          if (error.code !== 'ENOENT') {
+            console.error(`Unexpected error checking ${cleanRef}:`, error.message);
+          }
         }
       }
 
@@ -422,8 +453,11 @@ async function harvestPlans(projectPath) {
         planFile.content = content;
         relevantPlans.push(planFile);
       }
-    } catch {
-      // Skip unreadable
+    } catch (error) {
+      // Expected: file not readable
+      if (error.code !== 'ENOENT' && error.code !== 'EACCES') {
+        console.error(`Unexpected error reading plan ${planFile.path}:`, error.message);
+      }
     }
   }
 
@@ -484,8 +518,11 @@ async function harvestPlans(projectPath) {
           });
         }
       }
-    } catch {
-      // Skip unreadable plans
+    } catch (error) {
+      // Expected: file not readable
+      if (error.code !== 'ENOENT' && error.code !== 'EACCES') {
+        console.error(`Unexpected error processing plan:`, error.message);
+      }
     }
   }
 
@@ -526,8 +563,11 @@ async function promoteDecisions(projectPath, decisions, options = {}) {
     try {
       await fs.access(filePath);
       continue;
-    } catch {
-      // Safe to create
+    } catch (error) {
+      // Expected: file doesn't exist, safe to create
+      if (error.code !== 'ENOENT') {
+        console.error(`Unexpected error checking ${filePath}:`, error.message);
+      }
     }
 
     const content = [