@h-rig/cli 0.0.6-alpha.87 → 0.0.6-alpha.89

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (78) hide show
  1. package/dist/bin/rig.js +1380 -865
  2. package/dist/src/app/board.js +462 -48
  3. package/dist/src/app-opentui/adapters/common.d.ts +3 -0
  4. package/dist/src/app-opentui/adapters/common.js +4 -0
  5. package/dist/src/app-opentui/adapters/doctor.js +458 -46
  6. package/dist/src/app-opentui/adapters/family.js +701 -151
  7. package/dist/src/app-opentui/adapters/fleet.js +477 -46
  8. package/dist/src/app-opentui/adapters/inbox.js +477 -46
  9. package/dist/src/app-opentui/adapters/init.js +497 -74
  10. package/dist/src/app-opentui/adapters/inspect.js +477 -46
  11. package/dist/src/app-opentui/adapters/pi-attach.d.ts +7 -0
  12. package/dist/src/app-opentui/adapters/pi-attach.js +1004 -519
  13. package/dist/src/app-opentui/adapters/run-detail.js +477 -46
  14. package/dist/src/app-opentui/adapters/server.d.ts +26 -0
  15. package/dist/src/app-opentui/adapters/server.js +676 -59
  16. package/dist/src/app-opentui/adapters/tasks.js +621 -549
  17. package/dist/src/app-opentui/autocomplete.js +4 -2
  18. package/dist/src/app-opentui/bootstrap.js +1376 -861
  19. package/dist/src/app-opentui/command-palette.js +37 -10
  20. package/dist/src/app-opentui/index.js +632 -528
  21. package/dist/src/app-opentui/intent.js +33 -8
  22. package/dist/src/app-opentui/keymap.js +43 -414
  23. package/dist/src/app-opentui/pi-host-child.js +496 -57
  24. package/dist/src/app-opentui/pi-pty-host.d.ts +14 -64
  25. package/dist/src/app-opentui/pi-pty-host.js +3 -397
  26. package/dist/src/app-opentui/react/App.js +144 -469
  27. package/dist/src/app-opentui/react/ChromeHost.js +44 -415
  28. package/dist/src/app-opentui/react/launch.js +659 -552
  29. package/dist/src/app-opentui/react/nav.js +1 -1
  30. package/dist/src/app-opentui/registry.js +1181 -742
  31. package/dist/src/app-opentui/remote-link.d.ts +10 -0
  32. package/dist/src/app-opentui/remote-link.js +47 -0
  33. package/dist/src/app-opentui/render/terminal-handoff.d.ts +16 -0
  34. package/dist/src/app-opentui/render/terminal-handoff.js +14 -0
  35. package/dist/src/app-opentui/runtime.js +632 -528
  36. package/dist/src/app-opentui/scenes/doctor.js +1 -1
  37. package/dist/src/app-opentui/scenes/error.js +50 -4
  38. package/dist/src/app-opentui/scenes/family.js +60 -6
  39. package/dist/src/app-opentui/scenes/fleet.js +65 -13
  40. package/dist/src/app-opentui/scenes/help.js +4 -2
  41. package/dist/src/app-opentui/scenes/init.js +12 -12
  42. package/dist/src/app-opentui/scenes/main.js +7 -7
  43. package/dist/src/app-opentui/scenes/server.js +83 -11
  44. package/dist/src/app-opentui/scenes/tasks.js +79 -16
  45. package/dist/src/app-opentui/state.js +25 -5
  46. package/dist/src/app-opentui/surface-catalog.js +4 -2
  47. package/dist/src/app-opentui/types.d.ts +1 -1
  48. package/dist/src/commands/_cli-format.d.ts +10 -1
  49. package/dist/src/commands/_cli-format.js +5 -2
  50. package/dist/src/commands/_connection-state.d.ts +11 -1
  51. package/dist/src/commands/_connection-state.js +50 -5
  52. package/dist/src/commands/_doctor-checks.js +458 -46
  53. package/dist/src/commands/_help-catalog.js +4 -2
  54. package/dist/src/commands/_json-output.js +4 -0
  55. package/dist/src/commands/_operator-view.js +496 -57
  56. package/dist/src/commands/_pi-frontend.d.ts +25 -0
  57. package/dist/src/commands/_pi-frontend.js +497 -57
  58. package/dist/src/commands/_preflight.js +509 -72
  59. package/dist/src/commands/_server-client.d.ts +33 -0
  60. package/dist/src/commands/_server-client.js +477 -46
  61. package/dist/src/commands/_server-events.js +446 -41
  62. package/dist/src/commands/_snapshot-upload.js +460 -48
  63. package/dist/src/commands/connect.js +620 -15
  64. package/dist/src/commands/doctor.js +458 -46
  65. package/dist/src/commands/github.js +462 -50
  66. package/dist/src/commands/inbox.js +458 -46
  67. package/dist/src/commands/init.js +497 -74
  68. package/dist/src/commands/inspect.js +458 -46
  69. package/dist/src/commands/run.js +496 -57
  70. package/dist/src/commands/server.js +647 -163
  71. package/dist/src/commands/setup.js +463 -51
  72. package/dist/src/commands/stats.js +462 -48
  73. package/dist/src/commands/task-run-driver.js +464 -52
  74. package/dist/src/commands/task.js +551 -85
  75. package/dist/src/commands.js +701 -151
  76. package/dist/src/index.js +705 -151
  77. package/dist/src/launcher.js +4 -0
  78. package/package.json +8 -8
@@ -104,12 +104,28 @@ function readRepoConnection(projectRoot) {
104
104
  selected,
105
105
  project: typeof record.project === "string" ? record.project : undefined,
106
106
  linkedAt: typeof record.linkedAt === "string" ? record.linkedAt : undefined,
107
- serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined
107
+ serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined,
108
+ serverProjectRootAlias: typeof record.serverProjectRootAlias === "string" && record.serverProjectRootAlias.trim() ? record.serverProjectRootAlias.trim() : undefined,
109
+ serverProjectRootBaseUrl: typeof record.serverProjectRootBaseUrl === "string" && record.serverProjectRootBaseUrl.trim() ? record.serverProjectRootBaseUrl.trim().replace(/\/+$/, "") : undefined
108
110
  };
109
111
  }
110
112
  function writeRepoConnection(projectRoot, state) {
111
113
  writeJsonFile(resolveRepoConnectionPath(projectRoot), state);
112
114
  }
115
+ function rootAllowedForSelection(repo, connection) {
116
+ const root = repo.serverProjectRoot?.trim();
117
+ if (!root)
118
+ return;
119
+ if (connection.kind === "remote") {
120
+ if (repo.serverProjectRootAlias !== repo.selected)
121
+ return;
122
+ if (repo.serverProjectRootBaseUrl !== connection.baseUrl)
123
+ return;
124
+ } else if (repo.serverProjectRootAlias && repo.serverProjectRootAlias !== repo.selected) {
125
+ return;
126
+ }
127
+ return root;
128
+ }
113
129
  function resolveSelectedConnection(projectRoot, options = {}) {
114
130
  const repo = readRepoConnection(projectRoot);
115
131
  if (!repo)
@@ -121,13 +137,41 @@ function resolveSelectedConnection(projectRoot, options = {}) {
121
137
  if (!connection) {
122
138
  throw new CliError(`Selected Rig server "${repo.selected}" was not found. Run \`rig server list\` or \`rig server use local\`.`, 1);
123
139
  }
124
- return { alias: repo.selected, connection, serverProjectRoot: repo.serverProjectRoot };
140
+ return { alias: repo.selected, connection, serverProjectRoot: rootAllowedForSelection(repo, connection) };
141
+ }
142
+ function writeRepoServerProjectRoot(projectRoot, serverProjectRoot, metadata = {}) {
143
+ const repo = readRepoConnection(projectRoot);
144
+ if (!repo)
145
+ return;
146
+ let inferred = metadata;
147
+ if (!inferred.alias || !inferred.baseUrl) {
148
+ try {
149
+ const selected = resolveSelectedConnection(projectRoot);
150
+ if (selected?.connection.kind === "remote") {
151
+ inferred = {
152
+ alias: inferred.alias ?? selected.alias,
153
+ baseUrl: inferred.baseUrl ?? selected.connection.baseUrl
154
+ };
155
+ }
156
+ } catch {}
157
+ }
158
+ writeRepoConnection(projectRoot, {
159
+ ...repo,
160
+ ...metadata.project ? { project: metadata.project } : {},
161
+ serverProjectRoot,
162
+ ...inferred.alias ? { serverProjectRootAlias: inferred.alias } : {},
163
+ ...inferred.baseUrl ? { serverProjectRootBaseUrl: inferred.baseUrl.replace(/\/+$/, "") } : {}
164
+ });
125
165
  }
126
- function writeRepoServerProjectRoot(projectRoot, serverProjectRoot) {
166
+ function clearRepoServerProjectRoot(projectRoot) {
127
167
  const repo = readRepoConnection(projectRoot);
128
168
  if (!repo)
129
169
  return;
130
- writeRepoConnection(projectRoot, { ...repo, serverProjectRoot });
170
+ writeRepoConnection(projectRoot, {
171
+ selected: repo.selected,
172
+ ...repo.project ? { project: repo.project } : {},
173
+ ...repo.linkedAt ? { linkedAt: repo.linkedAt } : {}
174
+ });
131
175
  }
132
176
  var init__connection_state = __esm(() => {
133
177
  init_runner();
@@ -151,12 +195,16 @@ __export(exports__server_client, {
151
195
  respondRunPiExtensionUiViaServer: () => respondRunPiExtensionUiViaServer,
152
196
  resolveServerConnectionLabel: () => resolveServerConnectionLabel,
153
197
  requestServerJson: () => requestServerJson,
198
+ repairRemoteProjectRootLink: () => repairRemoteProjectRootLink,
154
199
  registerProjectViaServer: () => registerProjectViaServer,
155
200
  prepareRemoteCheckoutViaServer: () => prepareRemoteCheckoutViaServer,
156
201
  postGitHubTokenViaServer: () => postGitHubTokenViaServer,
202
+ normalizeRepoSlug: () => normalizeRepoSlug,
157
203
  listWorkspaceTasksViaServer: () => listWorkspaceTasksViaServer,
158
204
  listRunsViaServer: () => listRunsViaServer,
159
205
  listGitHubProjectsViaServer: () => listGitHubProjectsViaServer,
206
+ isRemoteProjectRootLinkError: () => isRemoteProjectRootLinkError,
207
+ inspectRemoteProjectLink: () => inspectRemoteProjectLink,
160
208
  getWorkspaceTaskViaServer: () => getWorkspaceTaskViaServer,
161
209
  getRunTimelineViaServer: () => getRunTimelineViaServer,
162
210
  getRunPiStatusViaServer: () => getRunPiStatusViaServer,
@@ -168,13 +216,15 @@ __export(exports__server_client, {
168
216
  getRunDetailsViaServer: () => getRunDetailsViaServer,
169
217
  getGitHubProjectStatusFieldViaServer: () => getGitHubProjectStatusFieldViaServer,
170
218
  getGitHubAuthStatusViaServer: () => getGitHubAuthStatusViaServer,
219
+ formatRemoteProjectLinkHint: () => formatRemoteProjectLinkHint,
171
220
  ensureTaskLabelsViaServer: () => ensureTaskLabelsViaServer,
172
221
  ensureServerForCli: () => ensureServerForCli,
222
+ ensureRemoteProjectRootLink: () => ensureRemoteProjectRootLink,
173
223
  buildRunPiEventsWebSocketUrl: () => buildRunPiEventsWebSocketUrl,
174
224
  abortRunPiViaServer: () => abortRunPiViaServer
175
225
  });
176
- import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs";
177
- import { resolve as resolve2 } from "path";
226
+ import { existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "fs";
227
+ import { dirname as dirname2, isAbsolute, resolve as resolve2 } from "path";
178
228
  import { ensureLocalRigServerConnection } from "@rig/runtime/local-server";
179
229
  function setServerPhaseListener(listener) {
180
230
  const previous = serverPhaseListener;
@@ -220,11 +270,10 @@ function readStoredGitHubAuthToken(projectRoot) {
220
270
  const parsed = readRemoteAuthState(projectRoot);
221
271
  return parsed ? cleanToken(typeof parsed.token === "string" ? parsed.token : undefined) : null;
222
272
  }
223
- function inferRemoteServerProjectRootFromAuthState(projectRoot) {
224
- const repo = readRepoConnection(projectRoot);
225
- const slug = repo?.project?.trim();
226
- if (!slug || !/^[^/]+\/[^/]+$/.test(slug))
273
+ function inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug) {
274
+ if (!/^[^/]+\/[^/]+$/.test(repoSlug))
227
275
  return null;
276
+ const repo = readRepoConnection(projectRoot);
228
277
  const auth = readRemoteAuthState(projectRoot);
229
278
  const authUpdatedAt = typeof auth?.updatedAt === "string" ? Date.parse(auth.updatedAt) : Number.NaN;
230
279
  const repoLinkedAt = typeof repo?.linkedAt === "string" ? Date.parse(repo.linkedAt) : Number.NaN;
@@ -233,25 +282,426 @@ function inferRemoteServerProjectRootFromAuthState(projectRoot) {
233
282
  const checkoutBaseDir = typeof auth?.checkoutBaseDir === "string" && auth.checkoutBaseDir.trim() ? auth.checkoutBaseDir.trim() : null;
234
283
  if (!checkoutBaseDir)
235
284
  return null;
236
- const inferred = `${checkoutBaseDir.replace(/\/+$/, "")}/${slug}`;
237
- writeRepoServerProjectRoot(projectRoot, inferred);
238
- return inferred;
285
+ return `${checkoutBaseDir.replace(/\/+$/, "")}/${repoSlug}`;
239
286
  }
240
287
  function readLocalConnectionFallbackToken(projectRoot) {
241
288
  return readGitHubBearerTokenForRemote(projectRoot) ?? cleanToken(process.env.RIG_GITHUB_TOKEN) ?? readStoredGitHubAuthToken(projectRoot);
242
289
  }
290
+ function normalizeRepoSlug(value) {
291
+ const slug = value?.trim();
292
+ return slug && /^[^/\s]+\/[^/\s]+$/.test(slug) ? slug : null;
293
+ }
294
+ function readProjectLinkSlug(projectRoot) {
295
+ const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
296
+ if (!existsSync2(path))
297
+ return null;
298
+ try {
299
+ const parsed = JSON.parse(readFileSync2(path, "utf8"));
300
+ if (!parsed || typeof parsed !== "object" || Array.isArray(parsed))
301
+ return null;
302
+ return normalizeRepoSlug(typeof parsed.repoSlug === "string" ? String(parsed.repoSlug) : null);
303
+ } catch {
304
+ return null;
305
+ }
306
+ }
307
+ function writeProjectLinkConnection(projectRoot, repoSlug, alias) {
308
+ const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
309
+ mkdirSync2(dirname2(path), { recursive: true });
310
+ writeFileSync2(path, `${JSON.stringify({ repoSlug, connection: alias, linkedAt: new Date().toISOString() }, null, 2)}
311
+ `, "utf8");
312
+ }
313
+ function remoteLinkRepairCommand(repoSlug) {
314
+ return repoSlug ? `rig server repair-link --repo ${repoSlug}` : "rig server repair-link --repo owner/repo";
315
+ }
316
+ function isRemoteProjectRootLinkError(error) {
317
+ const text = error instanceof Error ? error.message : String(error ?? "");
318
+ return /no server-host project root link|remote project(?:-root)? link|x-rig-project-root|serverProjectRoot/i.test(text);
319
+ }
320
+ function formatRemoteProjectLinkHint(resolution) {
321
+ const repair = remoteLinkRepairCommand(resolution.repoSlug);
322
+ if (resolution.status === "auth_required") {
323
+ return `Authenticate the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}, then run \`${repair}\`. Use \`rig github auth import-gh\` or \`rig init --repair --server remote --github-auth device${resolution.repoSlug ? ` --repo ${resolution.repoSlug}` : ""}\`.`;
324
+ }
325
+ if (resolution.status === "missing_project") {
326
+ return `Record the repo slug, then run \`${repair}\` (or \`rig init --repo owner/repo --server remote --github-auth device\`).`;
327
+ }
328
+ if (resolution.status === "not_remote")
329
+ return "Select a remote server with `rig server use <alias>` before repairing a remote project link.";
330
+ return `Run \`${repair}\` to backfill or prepare a server-host checkout for the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}.`;
331
+ }
332
+ function remoteProjectLinkFailure(input) {
333
+ const partial = {
334
+ status: input.status,
335
+ alias: input.alias,
336
+ baseUrl: input.baseUrl,
337
+ repoSlug: input.repoSlug
338
+ };
339
+ return {
340
+ ok: false,
341
+ ...input,
342
+ hint: formatRemoteProjectLinkHint(partial),
343
+ next: remoteLinkRepairCommand(input.repoSlug)
344
+ };
345
+ }
346
+ function remoteProjectLinkSuccess(input) {
347
+ return {
348
+ ok: true,
349
+ status: input.status,
350
+ alias: input.alias,
351
+ baseUrl: input.baseUrl,
352
+ repoSlug: input.repoSlug,
353
+ serverProjectRoot: input.serverProjectRoot,
354
+ source: input.source,
355
+ prepared: input.prepared ?? input.status === "prepared",
356
+ validated: input.validated ?? false,
357
+ message: input.message ?? `Remote project link ready for ${input.repoSlug}.`,
358
+ hint: "Remote-scoped task/run/status requests will send x-rig-project-root for this server-host checkout.",
359
+ next: "rig task list"
360
+ };
361
+ }
362
+ function localCheckoutPathCandidate(projectRoot, candidate) {
363
+ try {
364
+ const local = resolve2(projectRoot);
365
+ const resolved = resolve2(candidate);
366
+ return resolved === local || resolved.startsWith(`${local}/`);
367
+ } catch {
368
+ return false;
369
+ }
370
+ }
371
+ async function requestRemoteProjectLinkJson(baseUrl, pathname, authToken, init = {}) {
372
+ const requestUrl = new URL(`${baseUrl}${pathname}`);
373
+ if (authToken && queryAuthFallbackEnabled())
374
+ requestUrl.searchParams.set("rt", authToken);
375
+ const response = await fetch(requestUrl, {
376
+ ...init,
377
+ headers: mergeHeaders(init.headers, authToken)
378
+ });
379
+ const text = await response.text();
380
+ const payload = text.trim().length > 0 ? (() => {
381
+ try {
382
+ return JSON.parse(text);
383
+ } catch {
384
+ return null;
385
+ }
386
+ })() : null;
387
+ return { ok: response.ok, status: response.status, payload, text };
388
+ }
389
+ function payloadError(payload, fallback) {
390
+ if (payload && typeof payload === "object" && !Array.isArray(payload)) {
391
+ const record = payload;
392
+ const value = record.error ?? record.message ?? record.reason;
393
+ if (typeof value === "string" && value.trim())
394
+ return value.trim();
395
+ }
396
+ return fallback;
397
+ }
398
+ function checkoutPathsFromProjectPayload(payload) {
399
+ if (!payload || typeof payload !== "object" || Array.isArray(payload))
400
+ return [];
401
+ const project = payload.project;
402
+ if (!project || typeof project !== "object" || Array.isArray(project))
403
+ return [];
404
+ const checkouts = project.checkouts;
405
+ if (!Array.isArray(checkouts))
406
+ return [];
407
+ return [...checkouts].reverse().flatMap((entry) => {
408
+ if (!entry || typeof entry !== "object" || Array.isArray(entry))
409
+ return [];
410
+ const path = entry.path;
411
+ return typeof path === "string" && path.trim() ? [path.trim()] : [];
412
+ });
413
+ }
414
+ function checkoutPathFromPreparePayload(payload) {
415
+ if (!payload || typeof payload !== "object" || Array.isArray(payload))
416
+ return null;
417
+ const checkout = payload.checkout;
418
+ if (!checkout || typeof checkout !== "object" || Array.isArray(checkout))
419
+ return null;
420
+ const path = checkout.path;
421
+ return typeof path === "string" && path.trim() ? path.trim() : null;
422
+ }
423
+ async function validateAndPersistRemoteRoot(input) {
424
+ const candidate = input.candidate.trim();
425
+ if (!candidate || !isAbsolute(candidate)) {
426
+ return remoteProjectLinkFailure({
427
+ status: "invalid_root",
428
+ alias: input.alias,
429
+ baseUrl: input.baseUrl,
430
+ repoSlug: input.repoSlug,
431
+ message: `Remote project root candidate is not an absolute server-host path: ${candidate || "(empty)"}.`
432
+ });
433
+ }
434
+ if (localCheckoutPathCandidate(input.projectRoot, candidate)) {
435
+ return remoteProjectLinkFailure({
436
+ status: "invalid_root",
437
+ alias: input.alias,
438
+ baseUrl: input.baseUrl,
439
+ repoSlug: input.repoSlug,
440
+ message: `Refusing to use local checkout path ${candidate} as a remote server project root.`
441
+ });
442
+ }
443
+ let response;
444
+ try {
445
+ response = await requestRemoteProjectLinkJson(input.baseUrl, "/api/server/project-root", input.authToken, {
446
+ method: "POST",
447
+ headers: { "content-type": "application/json" },
448
+ body: JSON.stringify({ projectRoot: candidate })
449
+ });
450
+ } catch (error) {
451
+ return remoteProjectLinkFailure({
452
+ status: "error",
453
+ alias: input.alias,
454
+ baseUrl: input.baseUrl,
455
+ repoSlug: input.repoSlug,
456
+ message: `Could not validate remote project root ${candidate}: ${error instanceof Error ? error.message : String(error)}`
457
+ });
458
+ }
459
+ if (response.status === 401 || response.status === 403) {
460
+ return remoteProjectLinkFailure({
461
+ status: "auth_required",
462
+ alias: input.alias,
463
+ baseUrl: input.baseUrl,
464
+ repoSlug: input.repoSlug,
465
+ statusCode: response.status,
466
+ message: `Remote server ${input.alias} requires authentication before validating project root ${candidate}.`
467
+ });
468
+ }
469
+ if (!response.ok) {
470
+ return remoteProjectLinkFailure({
471
+ status: "invalid_root",
472
+ alias: input.alias,
473
+ baseUrl: input.baseUrl,
474
+ repoSlug: input.repoSlug,
475
+ statusCode: response.status,
476
+ message: `Remote server rejected project root ${candidate} (${response.status}): ${payloadError(response.payload, response.text || "project-root validation failed")}`
477
+ });
478
+ }
479
+ const record = response.payload && typeof response.payload === "object" && !Array.isArray(response.payload) ? response.payload : {};
480
+ if (record.ok !== true) {
481
+ return remoteProjectLinkFailure({
482
+ status: "invalid_root",
483
+ alias: input.alias,
484
+ baseUrl: input.baseUrl,
485
+ repoSlug: input.repoSlug,
486
+ message: `Remote server did not accept project root ${candidate}: ${payloadError(response.payload, "project-root validation failed")}`
487
+ });
488
+ }
489
+ const accepted = typeof record.projectRoot === "string" && record.projectRoot.trim() ? record.projectRoot.trim() : typeof record.requestedProjectRoot === "string" && record.requestedProjectRoot.trim() ? record.requestedProjectRoot.trim() : candidate;
490
+ writeRepoServerProjectRoot(input.projectRoot, accepted, { alias: input.alias, baseUrl: input.baseUrl, project: input.repoSlug });
491
+ writeProjectLinkConnection(input.projectRoot, input.repoSlug, input.alias);
492
+ const status = input.status ?? (input.prepared ? "prepared" : "backfilled");
493
+ return remoteProjectLinkSuccess({
494
+ status,
495
+ alias: input.alias,
496
+ baseUrl: input.baseUrl,
497
+ repoSlug: input.repoSlug,
498
+ serverProjectRoot: accepted,
499
+ source: input.source,
500
+ prepared: input.prepared,
501
+ validated: true,
502
+ message: status === "ready" ? `Remote project link already points to ${accepted} and was validated on ${input.alias}.` : input.prepared ? `Prepared and linked remote checkout ${accepted} for ${input.repoSlug}.` : `Backfilled remote checkout ${accepted} for ${input.repoSlug}.`
503
+ });
504
+ }
505
+ async function ensureRemoteProjectRootLink(projectRoot, options = {}) {
506
+ let selected;
507
+ try {
508
+ selected = resolveSelectedConnection(projectRoot);
509
+ } catch (error) {
510
+ return remoteProjectLinkFailure({ status: "error", message: error instanceof Error ? error.message : String(error) });
511
+ }
512
+ if (!selected || selected.connection.kind !== "remote") {
513
+ return remoteProjectLinkFailure({ status: "not_remote", message: "No remote Rig server is selected for this repo." });
514
+ }
515
+ const repo = readRepoConnection(projectRoot);
516
+ const explicitRepoRequested = options.repoSlug !== undefined;
517
+ const explicitRepoSlug = explicitRepoRequested ? normalizeRepoSlug(options.repoSlug) : null;
518
+ const repoProjectSlug = normalizeRepoSlug(repo?.project);
519
+ const repoSlug = explicitRepoSlug ?? repoProjectSlug ?? readProjectLinkSlug(projectRoot);
520
+ const alias = selected.alias;
521
+ const baseUrl = selected.connection.baseUrl;
522
+ const authToken = options.authToken === undefined ? readGitHubBearerTokenForRemote(projectRoot) : options.authToken;
523
+ const mode = options.mode ?? "backfill-only";
524
+ if (explicitRepoRequested && !explicitRepoSlug) {
525
+ return remoteProjectLinkFailure({
526
+ status: "missing_project",
527
+ alias,
528
+ baseUrl,
529
+ message: `Invalid --repo value ${JSON.stringify(options.repoSlug)}. Expected owner/repo.`
530
+ });
531
+ }
532
+ if (!repoSlug) {
533
+ return remoteProjectLinkFailure({
534
+ status: "missing_project",
535
+ alias,
536
+ baseUrl,
537
+ message: `Remote server ${alias} is selected, but this checkout has no GitHub repo slug recorded.`
538
+ });
539
+ }
540
+ const skippedCandidates = [];
541
+ const storedRoot = selected.serverProjectRoot?.trim() || null;
542
+ const storedRootMatchesResolvedRepo = repoProjectSlug === repoSlug;
543
+ if (storedRoot && storedRootMatchesResolvedRepo) {
544
+ if (localCheckoutPathCandidate(projectRoot, storedRoot)) {
545
+ clearRepoServerProjectRoot(projectRoot);
546
+ skippedCandidates.push(storedRoot);
547
+ } else {
548
+ const storedResult = await validateAndPersistRemoteRoot({
549
+ projectRoot,
550
+ alias,
551
+ baseUrl,
552
+ authToken,
553
+ repoSlug,
554
+ candidate: storedRoot,
555
+ source: "stored",
556
+ status: "ready"
557
+ });
558
+ if (storedResult.ok || storedResult.status === "auth_required" || storedResult.status === "error")
559
+ return storedResult;
560
+ clearRepoServerProjectRoot(projectRoot);
561
+ skippedCandidates.push(storedRoot);
562
+ }
563
+ } else if (storedRoot) {
564
+ skippedCandidates.push(storedRoot);
565
+ }
566
+ const authCandidate = inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug);
567
+ if (authCandidate) {
568
+ const authResult = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: authCandidate, source: "auth-state" });
569
+ if (authResult.ok || authResult.status === "auth_required")
570
+ return authResult;
571
+ }
572
+ let registryResponse;
573
+ try {
574
+ registryResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}`, authToken);
575
+ } catch (error) {
576
+ return remoteProjectLinkFailure({
577
+ status: "error",
578
+ alias,
579
+ baseUrl,
580
+ repoSlug,
581
+ message: `Could not read remote project registry for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
582
+ });
583
+ }
584
+ if (registryResponse.status === 401 || registryResponse.status === 403) {
585
+ return remoteProjectLinkFailure({
586
+ status: "auth_required",
587
+ alias,
588
+ baseUrl,
589
+ repoSlug,
590
+ statusCode: registryResponse.status,
591
+ message: `Remote server ${alias} requires authentication before reading the ${repoSlug} project registry.`
592
+ });
593
+ }
594
+ if (registryResponse.ok) {
595
+ const candidates = checkoutPathsFromProjectPayload(registryResponse.payload);
596
+ for (const candidate of candidates) {
597
+ const result = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate, source: "registry" });
598
+ if (result.ok || result.status === "auth_required")
599
+ return result;
600
+ skippedCandidates.push(candidate);
601
+ }
602
+ if (mode === "backfill-only") {
603
+ return remoteProjectLinkFailure({
604
+ status: candidates.length > 0 ? "invalid_root" : "no_server_checkout",
605
+ alias,
606
+ baseUrl,
607
+ repoSlug,
608
+ message: candidates.length > 0 ? `Remote registry has checkout candidates for ${repoSlug}, but none validated for ${alias}.` : `Remote registry has ${repoSlug}, but no server checkout path is linked yet.`,
609
+ skippedCandidates
610
+ });
611
+ }
612
+ } else if (registryResponse.status === 404) {
613
+ if (mode === "backfill-only") {
614
+ return remoteProjectLinkFailure({
615
+ status: "project_not_registered",
616
+ alias,
617
+ baseUrl,
618
+ repoSlug,
619
+ statusCode: registryResponse.status,
620
+ message: `Remote server ${alias} has no registered project record for ${repoSlug}.`
621
+ });
622
+ }
623
+ } else {
624
+ return remoteProjectLinkFailure({
625
+ status: "error",
626
+ alias,
627
+ baseUrl,
628
+ repoSlug,
629
+ statusCode: registryResponse.status,
630
+ message: `Could not backfill ${repoSlug} from remote registry (${registryResponse.status}): ${payloadError(registryResponse.payload, registryResponse.text || "registry lookup failed")}`,
631
+ skippedCandidates
632
+ });
633
+ }
634
+ let prepareResponse;
635
+ try {
636
+ prepareResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}/prepare-checkout`, authToken, {
637
+ method: "POST",
638
+ headers: { "content-type": "application/json" },
639
+ body: JSON.stringify({ checkout: { kind: "managed-clone" }, repoUrl: `https://github.com/${repoSlug}.git` })
640
+ });
641
+ } catch (error) {
642
+ return remoteProjectLinkFailure({
643
+ status: "error",
644
+ alias,
645
+ baseUrl,
646
+ repoSlug,
647
+ message: `Could not prepare remote checkout for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
648
+ });
649
+ }
650
+ if (prepareResponse.status === 401 || prepareResponse.status === 403) {
651
+ return remoteProjectLinkFailure({
652
+ status: "auth_required",
653
+ alias,
654
+ baseUrl,
655
+ repoSlug,
656
+ statusCode: prepareResponse.status,
657
+ message: `Remote server ${alias} requires authentication before preparing ${repoSlug}.`
658
+ });
659
+ }
660
+ if (!prepareResponse.ok) {
661
+ return remoteProjectLinkFailure({
662
+ status: "error",
663
+ alias,
664
+ baseUrl,
665
+ repoSlug,
666
+ statusCode: prepareResponse.status,
667
+ message: `Remote checkout prepare failed for ${repoSlug} (${prepareResponse.status}): ${payloadError(prepareResponse.payload, prepareResponse.text || "prepare-checkout failed")}`,
668
+ skippedCandidates
669
+ });
670
+ }
671
+ const preparedPath = checkoutPathFromPreparePayload(prepareResponse.payload);
672
+ if (!preparedPath) {
673
+ return remoteProjectLinkFailure({
674
+ status: "invalid_root",
675
+ alias,
676
+ baseUrl,
677
+ repoSlug,
678
+ message: `Remote checkout prepare for ${repoSlug} did not return a checkout.path.`,
679
+ skippedCandidates
680
+ });
681
+ }
682
+ return validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: preparedPath, source: "prepare", prepared: true });
683
+ }
684
+ async function inspectRemoteProjectLink(projectRoot) {
685
+ return ensureRemoteProjectRootLink(projectRoot, { mode: "backfill-only" });
686
+ }
687
+ async function repairRemoteProjectRootLink(context, options = {}) {
688
+ const resolution = await ensureRemoteProjectRootLink(context.projectRoot, { mode: options.mode ?? "prepare-if-missing", repoSlug: options.repoSlug });
689
+ if (!resolution.ok)
690
+ throw new CliError(resolution.message, 1, { hint: resolution.hint });
691
+ return resolution;
692
+ }
243
693
  async function ensureServerForCli(projectRoot) {
244
694
  try {
245
695
  const selected = resolveSelectedConnection(projectRoot);
246
696
  if (selected?.connection.kind === "remote") {
247
697
  reportServerPhase(`Connecting to ${selected.alias}\u2026`);
248
698
  const authToken = readGitHubBearerTokenForRemote(projectRoot);
249
- const serverProjectRoot = selected.serverProjectRoot ?? inferRemoteServerProjectRootFromAuthState(projectRoot) ?? await backfillRemoteServerProjectRoot(projectRoot, selected.connection.baseUrl, authToken);
699
+ const link = await ensureRemoteProjectRootLink(projectRoot, { mode: "backfill-only", authToken });
250
700
  return {
251
701
  baseUrl: selected.connection.baseUrl,
252
702
  authToken,
253
703
  connectionKind: "remote",
254
- serverProjectRoot
704
+ serverProjectRoot: link.ok ? link.serverProjectRoot ?? null : null
255
705
  };
256
706
  }
257
707
  reportServerPhase("Starting local Rig server\u2026");
@@ -269,32 +719,6 @@ async function ensureServerForCli(projectRoot) {
269
719
  throw error;
270
720
  }
271
721
  }
272
- async function backfillRemoteServerProjectRoot(projectRoot, baseUrl, authToken) {
273
- const repo = readRepoConnection(projectRoot);
274
- const slug = repo?.project?.trim();
275
- if (!slug)
276
- return null;
277
- try {
278
- const url = new URL(`${baseUrl}/api/projects/${encodeURIComponent(slug)}`);
279
- if (authToken && queryAuthFallbackEnabled())
280
- url.searchParams.set("rt", authToken);
281
- const response = await fetch(url, {
282
- headers: mergeHeaders(undefined, authToken)
283
- });
284
- if (!response.ok)
285
- return null;
286
- const payload = await response.json();
287
- const project = payload.project && typeof payload.project === "object" && !Array.isArray(payload.project) ? payload.project : null;
288
- const checkouts = Array.isArray(project?.checkouts) ? project.checkouts : [];
289
- const latestCheckout = [...checkouts].reverse().find((entry) => Boolean(entry && typeof entry === "object" && !Array.isArray(entry) && typeof entry.path === "string"));
290
- const path = typeof latestCheckout?.path === "string" && latestCheckout.path.trim() ? latestCheckout.path.trim() : null;
291
- if (path)
292
- writeRepoServerProjectRoot(projectRoot, path);
293
- return path;
294
- } catch {
295
- return null;
296
- }
297
- }
298
722
  function appendTaskFilterParams(url, filters) {
299
723
  if (filters.assignee)
300
724
  url.searchParams.set("assignee", filters.assignee);
@@ -395,13 +819,20 @@ function canUseRemoteWithoutProjectRoot(pathname) {
395
819
  async function requestServerJson(context, pathname, init = {}) {
396
820
  const server = await ensureServerForCli(context.projectRoot);
397
821
  const requestUrl = new URL(`${server.baseUrl}${pathname}`);
398
- if (server.connectionKind === "remote" && !server.serverProjectRoot && !canUseRemoteWithoutProjectRoot(requestUrl.pathname) && (server.authToken || !isLoopbackRemoteBaseUrl(server.baseUrl))) {
399
- const repo = readRepoConnection(context.projectRoot);
400
- throw new CliError(`Remote server is selected for ${repo?.project ?? "this repo"}, but this checkout has no server-host project root link.`, 1, { hint: "Run `rig init --repair` or `rig init --yes --repo owner/repo --server remote` to repair the remote project link before task/run commands." });
822
+ let scopedServerProjectRoot = server.serverProjectRoot;
823
+ if (server.connectionKind === "remote" && !scopedServerProjectRoot && !canUseRemoteWithoutProjectRoot(requestUrl.pathname) && (server.authToken || !isLoopbackRemoteBaseUrl(server.baseUrl))) {
824
+ const link = await ensureRemoteProjectRootLink(context.projectRoot, { mode: "backfill-only", authToken: server.authToken });
825
+ if (link.ok && link.serverProjectRoot) {
826
+ scopedServerProjectRoot = link.serverProjectRoot;
827
+ } else {
828
+ const repo = readRepoConnection(context.projectRoot);
829
+ const target = link.alias && link.baseUrl ? `${link.alias} (${link.baseUrl})` : server.baseUrl;
830
+ throw new CliError(`Remote server ${target} is selected for ${link.repoSlug ?? repo?.project ?? "this repo"}, but this checkout has no server-host project root link. ${link.message}`, 1, { hint: link.hint });
831
+ }
401
832
  }
402
833
  const headers = mergeHeaders(init.headers, server.authToken);
403
- if (server.serverProjectRoot)
404
- headers.set("x-rig-project-root", server.serverProjectRoot);
834
+ if (scopedServerProjectRoot)
835
+ headers.set("x-rig-project-root", scopedServerProjectRoot);
405
836
  if (server.connectionKind === "remote" && server.authToken && queryAuthFallbackEnabled()) {
406
837
  requestUrl.searchParams.set("rt", server.authToken);
407
838
  }