@fractary/faber-cli 1.3.2 → 1.3.4

package/dist/lib/sdk-config-adapter.js

@@ -2,7 +2,107 @@
  * SDK Configuration Adapter
  *
  * Converts FABER CLI configuration to @fractary/core SDK configuration format
+ * Supports both PAT and GitHub App authentication methods.
  */
+import { GitHubAppAuth, StaticTokenProvider, GitHubAppTokenProvider, } from './github-app-auth.js';
+// Singleton token provider for reuse across SDK instances
+let tokenProvider = null;
+let tokenProviderConfig = null;
+/**
+ * Get or create a token provider based on configuration
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns TokenProvider instance
+ */
+function getTokenProvider(faberConfig) {
+    const appConfig = faberConfig.github?.app;
+    const patToken = faberConfig.github?.token;
+    // Determine which auth method to use
+    // GitHub App takes precedence over PAT if configured
+    if (appConfig?.id && appConfig?.installation_id) {
+        // Check if we can reuse existing provider
+        if (tokenProvider && tokenProviderConfig === appConfig) {
+            return tokenProvider;
+        }
+        // Create new GitHub App token provider
+        const auth = new GitHubAppAuth(appConfig);
+        tokenProvider = new GitHubAppTokenProvider(auth);
+        tokenProviderConfig = appConfig;
+        return tokenProvider;
+    }
+    // Fall back to PAT
+    if (patToken) {
+        // Check if we can reuse existing provider
+        if (tokenProvider && tokenProviderConfig === patToken) {
+            return tokenProvider;
+        }
+        tokenProvider = new StaticTokenProvider(patToken);
+        tokenProviderConfig = patToken;
+        return tokenProvider;
+    }
+    throw new Error('GitHub authentication not configured. Either:\n' +
+        '  1. Set GITHUB_TOKEN environment variable, or\n' +
+        '  2. Configure GitHub App in .fractary/settings.json:\n' +
+        '     {\n' +
+        '       "github": {\n' +
+        '         "app": {\n' +
+        '           "id": "<app-id>",\n' +
+        '           "installation_id": "<installation-id>",\n' +
+        '           "private_key_path": "~/.github/your-app.pem"\n' +
+        '         }\n' +
+        '       }\n' +
+        '     }');
+}
+/**
+ * Get the current token from the provider
+ * Used internally and for SDK configuration
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns Promise resolving to the current token
+ */
+export async function getToken(faberConfig) {
+    const provider = getTokenProvider(faberConfig);
+    return provider.getToken();
+}
+/**
+ * Get the token provider for dynamic token refresh
+ * Useful for long-running operations that need fresh tokens
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns TokenProvider instance
+ */
+export function getTokenProviderInstance(faberConfig) {
+    return getTokenProvider(faberConfig);
+}
+/**
+ * Validate GitHub authentication configuration
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @throws Error if configuration is invalid
+ */
+export async function validateGitHubAuth(faberConfig) {
+    const appConfig = faberConfig.github?.app;
+    if (appConfig?.id && appConfig?.installation_id) {
+        // Validate GitHub App configuration
+        const auth = new GitHubAppAuth(appConfig);
+        await auth.validate();
+        return;
+    }
+    // Validate PAT
+    if (!faberConfig.github?.token) {
+        throw new Error('GitHub token not found. Set GITHUB_TOKEN environment variable or configure in .fractary/settings.json');
+    }
+}
+/**
+ * Check if GitHub App authentication is configured
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns true if GitHub App is configured
+ */
+export function isGitHubAppConfigured(faberConfig) {
+    const appConfig = faberConfig.github?.app;
+    return !!(appConfig?.id && appConfig?.installation_id);
+}
 /**
  * Create WorkConfig for WorkManager from FaberConfig
  *
@@ -11,15 +111,49 @@
  * @throws Error if required fields are missing
  */
 export function createWorkConfig(faberConfig) {
-    const token = faberConfig.github?.token;
     const owner = faberConfig.github?.organization;
     const repo = faberConfig.github?.project;
-    if (!token) {
-        throw new Error('GitHub token not found. Set GITHUB_TOKEN environment variable or configure in .fractary/settings.json');
+    if (!owner || !repo) {
+        throw new Error('GitHub organization and project must be configured in .fractary/settings.json');
+    }
+    // Get token provider (validates auth config)
+    const provider = getTokenProvider(faberConfig);
+    // For SDK config, we need a synchronous token
+    // The SDK will use this initially; for long-running operations,
+    // use createWorkConfigAsync or the token provider directly
+    let token;
+    if (provider instanceof StaticTokenProvider) {
+        // For PAT, we can get token synchronously via internal access
+        token = faberConfig.github?.token || '';
     }
+    else {
+        // For GitHub App, throw helpful error - use async version
+        throw new Error('GitHub App authentication requires async initialization. ' +
+            'Use createWorkConfigAsync() instead of createWorkConfig().');
+    }
+    return {
+        platform: 'github',
+        owner,
+        repo,
+        token,
+    };
+}
+/**
+ * Create WorkConfig for WorkManager from FaberConfig (async version)
+ *
+ * This version supports both PAT and GitHub App authentication.
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns Promise resolving to WorkConfig for @fractary/core WorkManager
+ * @throws Error if required fields are missing
+ */
+export async function createWorkConfigAsync(faberConfig) {
+    const owner = faberConfig.github?.organization;
+    const repo = faberConfig.github?.project;
     if (!owner || !repo) {
         throw new Error('GitHub organization and project must be configured in .fractary/settings.json');
     }
+    const token = await getToken(faberConfig);
     return {
         platform: 'github',
         owner,
@@ -35,12 +169,39 @@ export function createWorkConfig(faberConfig) {
  * @throws Error if required fields are missing
  */
 export function createRepoConfig(faberConfig) {
-    const token = faberConfig.github?.token;
     const owner = faberConfig.github?.organization;
     const repo = faberConfig.github?.project;
-    if (!token) {
-        throw new Error('GitHub token not found. Set GITHUB_TOKEN environment variable or configure in .fractary/settings.json');
+    // Get token provider (validates auth config)
+    const provider = getTokenProvider(faberConfig);
+    // For SDK config, we need a synchronous token
+    let token;
+    if (provider instanceof StaticTokenProvider) {
+        token = faberConfig.github?.token || '';
     }
+    else {
+        throw new Error('GitHub App authentication requires async initialization. ' +
+            'Use createRepoConfigAsync() instead of createRepoConfig().');
+    }
+    return {
+        platform: 'github',
+        owner,
+        repo,
+        token,
+    };
+}
+/**
+ * Create RepoConfig for RepoManager from FaberConfig (async version)
+ *
+ * This version supports both PAT and GitHub App authentication.
+ *
+ * @param faberConfig - FABER CLI configuration
+ * @returns Promise resolving to RepoConfig for @fractary/core RepoManager
+ * @throws Error if required fields are missing
+ */
+export async function createRepoConfigAsync(faberConfig) {
+    const owner = faberConfig.github?.organization;
+    const repo = faberConfig.github?.project;
+    const token = await getToken(faberConfig);
     return {
         platform: 'github',
         owner,

package/dist/types/config.d.ts

@@ -6,11 +6,23 @@
 export interface AnthropicConfig {
     api_key?: string;
 }
+/**
+ * GitHub App authentication configuration
+ */
+export interface GitHubAppConfig {
+    id: string;
+    installation_id: string;
+    private_key_path?: string;
+    private_key_env_var?: string;
+    created_via?: 'manifest-flow' | 'manual';
+    created_at?: string;
+}
 export interface GitHubConfig {
     token?: string;
     organization?: string;
     project?: string;
     repo?: string;
+    app?: GitHubAppConfig;
 }
 export interface WorktreeConfig {
     location?: string;

package/dist/types/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/types/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,MAAM,CAAC,EAAE,YAAY,CAAC;IACtB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE;QACT,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;CACH"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/types/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,WAAW,CAAC,EAAE,eAAe,GAAG,QAAQ,CAAC;IACzC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,eAAe,CAAC;CACvB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,MAAM,CAAC,EAAE,YAAY,CAAC;IACtB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE;QACT,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;CACH"}

package/dist/utils/github-manifest.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Helper utilities for GitHub App Manifest flow
+ */
+/**
+ * Parse code parameter from GitHub redirect URL or direct code input
+ *
+ * @param input - Either a full GitHub URL or just the code
+ * @returns The extracted code, or null if invalid
+ */
+export declare function parseCodeFromUrl(input: string): string | null;
+/**
+ * Validate manifest code format
+ *
+ * GitHub manifest codes are typically long alphanumeric strings
+ * with underscores and hyphens, at least 20 characters long.
+ *
+ * @param code - The code to validate
+ * @returns true if code appears valid
+ */
+export declare function validateManifestCode(code: string): boolean;
+/**
+ * Detect GitHub context from git remote
+ *
+ * Parses the git remote URL to extract organization and repository names.
+ * Supports both HTTPS and SSH URL formats.
+ *
+ * @returns Object with org and repo, or null if not detectable
+ */
+export declare function detectGitHubContext(): {
+    org: string;
+    repo: string;
+} | null;
+/**
+ * Validate if current directory is a git repository
+ *
+ * @returns true if current directory is a git repository
+ */
+export declare function isGitRepository(): boolean;
+//# sourceMappingURL=github-manifest.d.ts.map

package/dist/utils/github-manifest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"github-manifest.d.ts","sourceRoot":"","sources":["../../src/utils/github-manifest.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAoB7D;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,IAAI;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAqB1E;AAED;;;;GAIG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAQzC"}

package/dist/utils/github-manifest.js

@@ -0,0 +1,84 @@
+/**
+ * Helper utilities for GitHub App Manifest flow
+ */
+import { Git } from '@fractary/faber';
+/**
+ * Parse code parameter from GitHub redirect URL or direct code input
+ *
+ * @param input - Either a full GitHub URL or just the code
+ * @returns The extracted code, or null if invalid
+ */
+export function parseCodeFromUrl(input) {
+    const trimmed = input.trim();
+    // Try to parse as URL first
+    try {
+        const url = new URL(trimmed);
+        const code = url.searchParams.get('code');
+        if (code) {
+            return code;
+        }
+    }
+    catch {
+        // Not a valid URL, check if it's just the code itself
+    }
+    // Check if input looks like a code (alphanumeric, underscores, hyphens)
+    if (/^[a-zA-Z0-9_-]+$/.test(trimmed)) {
+        return trimmed;
+    }
+    return null;
+}
+/**
+ * Validate manifest code format
+ *
+ * GitHub manifest codes are typically long alphanumeric strings
+ * with underscores and hyphens, at least 20 characters long.
+ *
+ * @param code - The code to validate
+ * @returns true if code appears valid
+ */
+export function validateManifestCode(code) {
+    return /^[a-zA-Z0-9_-]{20,}$/.test(code);
+}
+/**
+ * Detect GitHub context from git remote
+ *
+ * Parses the git remote URL to extract organization and repository names.
+ * Supports both HTTPS and SSH URL formats.
+ *
+ * @returns Object with org and repo, or null if not detectable
+ */
+export function detectGitHubContext() {
+    try {
+        const git = new Git();
+        const remoteUrl = git.exec('remote get-url origin').trim();
+        // Parse various GitHub URL formats
+        // HTTPS: https://github.com/org/repo.git
+        // SSH: git@github.com:org/repo.git
+        const match = remoteUrl.match(/github\.com[/:]([^/]+)\/([^/]+?)(\.git)?$/);
+        if (match) {
+            const org = match[1];
+            const repo = match[2].replace(/\.git$/, '');
+            return { org, repo };
+        }
+        return null;
+    }
+    catch {
+        // Not a git repository or no origin remote
+        return null;
+    }
+}
+/**
+ * Validate if current directory is a git repository
+ *
+ * @returns true if current directory is a git repository
+ */
+export function isGitRepository() {
+    try {
+        const git = new Git();
+        git.exec('rev-parse --git-dir');
+        return true;
+    }
+    catch {
+        return false;
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fractary/faber-cli",
-  "version": "1.3.2",
+  "version": "1.3.4",
   "description": "FABER CLI - Command-line interface for FABER development toolkit",
   "main": "dist/index.js",
   "bin": {
@@ -40,10 +40,12 @@
     "@fractary/faber": "^2.1.1",
     "ajv": "^8.12.0",
     "chalk": "^5.0.0",
-    "commander": "^12.0.0"
+    "commander": "^12.0.0",
+    "jsonwebtoken": "^9.0.0"
   },
   "devDependencies": {
     "@types/jest": "^30.0.0",
+    "@types/jsonwebtoken": "^9.0.0",
     "@types/node": "^20.19.26",
     "@typescript-eslint/eslint-plugin": "^6.19.0",
     "@typescript-eslint/parser": "^6.19.0",