@h-rig/cli 0.0.6-alpha.89 → 0.0.6-alpha.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (231) hide show
  1. package/dist/bin/build-rig-binaries.js +8 -40
  2. package/dist/bin/rig.js +12519 -26675
  3. package/dist/src/app/board.js +74 -693
  4. package/dist/src/app/drone-ui.js +1 -1
  5. package/dist/src/app/theme.js +0 -1
  6. package/dist/src/commands/_async-ui.js +1 -1
  7. package/dist/src/commands/_authority-runs.d.ts +1 -1
  8. package/dist/src/commands/_authority-runs.js +12 -2
  9. package/dist/src/commands/_cli-format.d.ts +1 -10
  10. package/dist/src/commands/_cli-format.js +2 -5
  11. package/dist/src/commands/_connection-state.d.ts +1 -11
  12. package/dist/src/commands/_connection-state.js +5 -50
  13. package/dist/src/commands/_doctor-checks.js +40 -501
  14. package/dist/src/commands/_help-catalog.js +17 -99
  15. package/dist/src/commands/_json-output.js +0 -4
  16. package/dist/src/commands/_operator-view.js +54 -575
  17. package/dist/src/commands/_pi-frontend.d.ts +0 -27
  18. package/dist/src/commands/_pi-frontend.js +52 -576
  19. package/dist/src/commands/_preflight.js +66 -553
  20. package/dist/src/commands/_server-client.d.ts +0 -33
  21. package/dist/src/commands/_server-client.js +46 -541
  22. package/dist/src/commands/_snapshot-upload.js +42 -503
  23. package/dist/src/commands/_spinner.js +1 -1
  24. package/dist/src/commands/agent.js +12 -2
  25. package/dist/src/commands/browser.js +1 -1
  26. package/dist/src/commands/connect.js +15 -626
  27. package/dist/src/commands/doctor.js +41 -502
  28. package/dist/src/commands/github.js +51 -584
  29. package/dist/src/commands/inbox.js +41 -502
  30. package/dist/src/commands/init.js +74 -561
  31. package/dist/src/commands/inspect.js +41 -502
  32. package/dist/src/commands/run.js +54 -578
  33. package/dist/src/commands/server.js +163 -692
  34. package/dist/src/commands/setup.js +46 -507
  35. package/dist/src/commands/stats.js +58 -601
  36. package/dist/src/commands/task-run-driver.js +58 -509
  37. package/dist/src/commands/task.js +110 -729
  38. package/dist/src/commands.js +237 -1112
  39. package/dist/src/index.js +244 -1123
  40. package/dist/src/launcher.js +0 -4
  41. package/package.json +9 -13
  42. package/dist/src/app-opentui/adapters/command.d.ts +0 -2
  43. package/dist/src/app-opentui/adapters/command.js +0 -329
  44. package/dist/src/app-opentui/adapters/common.d.ts +0 -56
  45. package/dist/src/app-opentui/adapters/common.js +0 -153
  46. package/dist/src/app-opentui/adapters/doctor.d.ts +0 -9
  47. package/dist/src/app-opentui/adapters/doctor.js +0 -1217
  48. package/dist/src/app-opentui/adapters/family.d.ts +0 -62
  49. package/dist/src/app-opentui/adapters/family.js +0 -14855
  50. package/dist/src/app-opentui/adapters/fleet.d.ts +0 -14
  51. package/dist/src/app-opentui/adapters/fleet.js +0 -1335
  52. package/dist/src/app-opentui/adapters/inbox.d.ts +0 -43
  53. package/dist/src/app-opentui/adapters/inbox.js +0 -1944
  54. package/dist/src/app-opentui/adapters/init.d.ts +0 -11
  55. package/dist/src/app-opentui/adapters/init.js +0 -2818
  56. package/dist/src/app-opentui/adapters/inspect.d.ts +0 -52
  57. package/dist/src/app-opentui/adapters/inspect.js +0 -1455
  58. package/dist/src/app-opentui/adapters/pi-attach.d.ts +0 -32
  59. package/dist/src/app-opentui/adapters/pi-attach.js +0 -2101
  60. package/dist/src/app-opentui/adapters/pi.d.ts +0 -23
  61. package/dist/src/app-opentui/adapters/pi.js +0 -363
  62. package/dist/src/app-opentui/adapters/plugin.d.ts +0 -84
  63. package/dist/src/app-opentui/adapters/plugin.js +0 -544
  64. package/dist/src/app-opentui/adapters/repo.d.ts +0 -37
  65. package/dist/src/app-opentui/adapters/repo.js +0 -186
  66. package/dist/src/app-opentui/adapters/run-detail.d.ts +0 -27
  67. package/dist/src/app-opentui/adapters/run-detail.js +0 -1441
  68. package/dist/src/app-opentui/adapters/server.d.ts +0 -48
  69. package/dist/src/app-opentui/adapters/server.js +0 -1561
  70. package/dist/src/app-opentui/adapters/tasks.d.ts +0 -64
  71. package/dist/src/app-opentui/adapters/tasks.js +0 -4524
  72. package/dist/src/app-opentui/adapters/workspace.d.ts +0 -49
  73. package/dist/src/app-opentui/adapters/workspace.js +0 -333
  74. package/dist/src/app-opentui/autocomplete.d.ts +0 -20
  75. package/dist/src/app-opentui/autocomplete.js +0 -578
  76. package/dist/src/app-opentui/bootstrap.d.ts +0 -11
  77. package/dist/src/app-opentui/bootstrap.js +0 -27833
  78. package/dist/src/app-opentui/command-palette.d.ts +0 -3
  79. package/dist/src/app-opentui/command-palette.js +0 -1038
  80. package/dist/src/app-opentui/command-pty-host.d.ts +0 -62
  81. package/dist/src/app-opentui/command-pty-host.js +0 -248
  82. package/dist/src/app-opentui/drone.d.ts +0 -12
  83. package/dist/src/app-opentui/drone.js +0 -230
  84. package/dist/src/app-opentui/events.d.ts +0 -7
  85. package/dist/src/app-opentui/events.js +0 -28
  86. package/dist/src/app-opentui/fleet-stats.d.ts +0 -32
  87. package/dist/src/app-opentui/fleet-stats.js +0 -114
  88. package/dist/src/app-opentui/focus-manager.d.ts +0 -14
  89. package/dist/src/app-opentui/focus-manager.js +0 -24
  90. package/dist/src/app-opentui/index.d.ts +0 -8
  91. package/dist/src/app-opentui/index.js +0 -5260
  92. package/dist/src/app-opentui/intent.d.ts +0 -3
  93. package/dist/src/app-opentui/intent.js +0 -365
  94. package/dist/src/app-opentui/keymap.d.ts +0 -21
  95. package/dist/src/app-opentui/keymap.js +0 -1377
  96. package/dist/src/app-opentui/launch-routing.d.ts +0 -16
  97. package/dist/src/app-opentui/launch-routing.js +0 -55
  98. package/dist/src/app-opentui/layout.d.ts +0 -22
  99. package/dist/src/app-opentui/layout.js +0 -51
  100. package/dist/src/app-opentui/list-search.d.ts +0 -36
  101. package/dist/src/app-opentui/list-search.js +0 -130
  102. package/dist/src/app-opentui/pi-host-child.d.ts +0 -2
  103. package/dist/src/app-opentui/pi-host-child.js +0 -1299
  104. package/dist/src/app-opentui/pi-pty-host.d.ts +0 -28
  105. package/dist/src/app-opentui/pi-pty-host.js +0 -10
  106. package/dist/src/app-opentui/react/App.d.ts +0 -9
  107. package/dist/src/app-opentui/react/App.js +0 -3866
  108. package/dist/src/app-opentui/react/Backdrop.d.ts +0 -5
  109. package/dist/src/app-opentui/react/Backdrop.js +0 -823
  110. package/dist/src/app-opentui/react/ChromeHost.d.ts +0 -5
  111. package/dist/src/app-opentui/react/ChromeHost.js +0 -1539
  112. package/dist/src/app-opentui/react/SceneFrameView.d.ts +0 -7
  113. package/dist/src/app-opentui/react/SceneFrameView.js +0 -579
  114. package/dist/src/app-opentui/react/context.d.ts +0 -17
  115. package/dist/src/app-opentui/react/context.js +0 -37
  116. package/dist/src/app-opentui/react/launch.d.ts +0 -2
  117. package/dist/src/app-opentui/react/launch.js +0 -4897
  118. package/dist/src/app-opentui/react/nav.d.ts +0 -18
  119. package/dist/src/app-opentui/react/nav.js +0 -54
  120. package/dist/src/app-opentui/react/scroll.d.ts +0 -12
  121. package/dist/src/app-opentui/react/scroll.js +0 -21
  122. package/dist/src/app-opentui/react/syntax.d.ts +0 -2
  123. package/dist/src/app-opentui/react/syntax.js +0 -65
  124. package/dist/src/app-opentui/registry.d.ts +0 -4
  125. package/dist/src/app-opentui/registry.js +0 -22876
  126. package/dist/src/app-opentui/remote-link.d.ts +0 -10
  127. package/dist/src/app-opentui/remote-link.js +0 -47
  128. package/dist/src/app-opentui/render/ascii-fleet.d.ts +0 -15
  129. package/dist/src/app-opentui/render/ascii-fleet.js +0 -82
  130. package/dist/src/app-opentui/render/constants.d.ts +0 -30
  131. package/dist/src/app-opentui/render/constants.js +0 -64
  132. package/dist/src/app-opentui/render/graphics.d.ts +0 -40
  133. package/dist/src/app-opentui/render/graphics.js +0 -713
  134. package/dist/src/app-opentui/render/hover.d.ts +0 -11
  135. package/dist/src/app-opentui/render/hover.js +0 -34
  136. package/dist/src/app-opentui/render/native-host.d.ts +0 -37
  137. package/dist/src/app-opentui/render/native-host.js +0 -180
  138. package/dist/src/app-opentui/render/panel-layout.d.ts +0 -38
  139. package/dist/src/app-opentui/render/panel-layout.js +0 -48
  140. package/dist/src/app-opentui/render/panels.d.ts +0 -12
  141. package/dist/src/app-opentui/render/panels.js +0 -288
  142. package/dist/src/app-opentui/render/preloader.d.ts +0 -10
  143. package/dist/src/app-opentui/render/preloader.js +0 -166
  144. package/dist/src/app-opentui/render/scene.d.ts +0 -68
  145. package/dist/src/app-opentui/render/scene.js +0 -300
  146. package/dist/src/app-opentui/render/terminal-handoff.d.ts +0 -16
  147. package/dist/src/app-opentui/render/terminal-handoff.js +0 -14
  148. package/dist/src/app-opentui/render/text.d.ts +0 -29
  149. package/dist/src/app-opentui/render/text.js +0 -177
  150. package/dist/src/app-opentui/render/type-bar.d.ts +0 -15
  151. package/dist/src/app-opentui/render/type-bar.js +0 -212
  152. package/dist/src/app-opentui/runtime-resources.d.ts +0 -16
  153. package/dist/src/app-opentui/runtime-resources.js +0 -62
  154. package/dist/src/app-opentui/runtime.d.ts +0 -45
  155. package/dist/src/app-opentui/runtime.js +0 -5232
  156. package/dist/src/app-opentui/scenes/command.d.ts +0 -3
  157. package/dist/src/app-opentui/scenes/command.js +0 -118
  158. package/dist/src/app-opentui/scenes/doctor.d.ts +0 -3
  159. package/dist/src/app-opentui/scenes/doctor.js +0 -296
  160. package/dist/src/app-opentui/scenes/error.d.ts +0 -2
  161. package/dist/src/app-opentui/scenes/error.js +0 -277
  162. package/dist/src/app-opentui/scenes/family-domains/agent.d.ts +0 -2
  163. package/dist/src/app-opentui/scenes/family-domains/agent.js +0 -349
  164. package/dist/src/app-opentui/scenes/family-domains/browser.d.ts +0 -2
  165. package/dist/src/app-opentui/scenes/family-domains/browser.js +0 -196
  166. package/dist/src/app-opentui/scenes/family-domains/dist.d.ts +0 -2
  167. package/dist/src/app-opentui/scenes/family-domains/dist.js +0 -244
  168. package/dist/src/app-opentui/scenes/family-domains/git.d.ts +0 -2
  169. package/dist/src/app-opentui/scenes/family-domains/git.js +0 -196
  170. package/dist/src/app-opentui/scenes/family-domains/github.d.ts +0 -2
  171. package/dist/src/app-opentui/scenes/family-domains/github.js +0 -275
  172. package/dist/src/app-opentui/scenes/family-domains/harness.d.ts +0 -2
  173. package/dist/src/app-opentui/scenes/family-domains/harness.js +0 -153
  174. package/dist/src/app-opentui/scenes/family-domains/index.d.ts +0 -4
  175. package/dist/src/app-opentui/scenes/family-domains/index.js +0 -1680
  176. package/dist/src/app-opentui/scenes/family-domains/kit.d.ts +0 -76
  177. package/dist/src/app-opentui/scenes/family-domains/kit.js +0 -306
  178. package/dist/src/app-opentui/scenes/family-domains/profile.d.ts +0 -2
  179. package/dist/src/app-opentui/scenes/family-domains/profile.js +0 -213
  180. package/dist/src/app-opentui/scenes/family-domains/queue.d.ts +0 -2
  181. package/dist/src/app-opentui/scenes/family-domains/queue.js +0 -147
  182. package/dist/src/app-opentui/scenes/family-domains/remote.d.ts +0 -2
  183. package/dist/src/app-opentui/scenes/family-domains/remote.js +0 -519
  184. package/dist/src/app-opentui/scenes/family-domains/review.d.ts +0 -2
  185. package/dist/src/app-opentui/scenes/family-domains/review.js +0 -281
  186. package/dist/src/app-opentui/scenes/family-domains/setup.d.ts +0 -2
  187. package/dist/src/app-opentui/scenes/family-domains/setup.js +0 -268
  188. package/dist/src/app-opentui/scenes/family-domains/stats.d.ts +0 -2
  189. package/dist/src/app-opentui/scenes/family-domains/stats.js +0 -371
  190. package/dist/src/app-opentui/scenes/family.d.ts +0 -3
  191. package/dist/src/app-opentui/scenes/family.js +0 -2199
  192. package/dist/src/app-opentui/scenes/fleet.d.ts +0 -3
  193. package/dist/src/app-opentui/scenes/fleet.js +0 -766
  194. package/dist/src/app-opentui/scenes/handoff.d.ts +0 -2
  195. package/dist/src/app-opentui/scenes/handoff.js +0 -455
  196. package/dist/src/app-opentui/scenes/help.d.ts +0 -3
  197. package/dist/src/app-opentui/scenes/help.js +0 -725
  198. package/dist/src/app-opentui/scenes/inbox.d.ts +0 -3
  199. package/dist/src/app-opentui/scenes/inbox.js +0 -427
  200. package/dist/src/app-opentui/scenes/init.d.ts +0 -3
  201. package/dist/src/app-opentui/scenes/init.js +0 -181
  202. package/dist/src/app-opentui/scenes/inspect.d.ts +0 -3
  203. package/dist/src/app-opentui/scenes/inspect.js +0 -794
  204. package/dist/src/app-opentui/scenes/main.d.ts +0 -3
  205. package/dist/src/app-opentui/scenes/main.js +0 -332
  206. package/dist/src/app-opentui/scenes/pi.d.ts +0 -3
  207. package/dist/src/app-opentui/scenes/pi.js +0 -509
  208. package/dist/src/app-opentui/scenes/plugin.d.ts +0 -3
  209. package/dist/src/app-opentui/scenes/plugin.js +0 -487
  210. package/dist/src/app-opentui/scenes/repo.d.ts +0 -3
  211. package/dist/src/app-opentui/scenes/repo.js +0 -425
  212. package/dist/src/app-opentui/scenes/run-detail.d.ts +0 -3
  213. package/dist/src/app-opentui/scenes/run-detail.js +0 -467
  214. package/dist/src/app-opentui/scenes/server.d.ts +0 -3
  215. package/dist/src/app-opentui/scenes/server.js +0 -378
  216. package/dist/src/app-opentui/scenes/tasks.d.ts +0 -3
  217. package/dist/src/app-opentui/scenes/tasks.js +0 -768
  218. package/dist/src/app-opentui/scenes/workspace.d.ts +0 -3
  219. package/dist/src/app-opentui/scenes/workspace.js +0 -427
  220. package/dist/src/app-opentui/selectable.d.ts +0 -19
  221. package/dist/src/app-opentui/selectable.js +0 -80
  222. package/dist/src/app-opentui/state.d.ts +0 -4
  223. package/dist/src/app-opentui/state.js +0 -399
  224. package/dist/src/app-opentui/surface-catalog.d.ts +0 -20
  225. package/dist/src/app-opentui/surface-catalog.js +0 -542
  226. package/dist/src/app-opentui/theme.d.ts +0 -59
  227. package/dist/src/app-opentui/theme.js +0 -142
  228. package/dist/src/app-opentui/types.d.ts +0 -313
  229. package/dist/src/app-opentui/types.js +0 -1
  230. package/dist/src/commands/_server-events.d.ts +0 -26
  231. package/dist/src/commands/_server-events.js +0 -715
@@ -1,8 +1,6 @@
1
1
  // @bun
2
2
  // packages/cli/src/commands/github.ts
3
3
  import { spawnSync } from "child_process";
4
- import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync3 } from "fs";
5
- import { dirname as dirname3, resolve as resolve3 } from "path";
6
4
 
7
5
  // packages/cli/src/runner.ts
8
6
  import { EventBus } from "@rig/runtime/control-plane/runtime/events";
@@ -41,8 +39,8 @@ function takeOption(args, option) {
41
39
  }
42
40
 
43
41
  // packages/cli/src/commands/_server-client.ts
44
- import { existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync2 } from "fs";
45
- import { dirname as dirname2, isAbsolute, resolve as resolve2 } from "path";
42
+ import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs";
43
+ import { resolve as resolve2 } from "path";
46
44
  import { ensureLocalRigServerConnection } from "@rig/runtime/local-server";
47
45
 
48
46
  // packages/cli/src/commands/_connection-state.ts
@@ -116,28 +114,12 @@ function readRepoConnection(projectRoot) {
116
114
  selected,
117
115
  project: typeof record.project === "string" ? record.project : undefined,
118
116
  linkedAt: typeof record.linkedAt === "string" ? record.linkedAt : undefined,
119
- serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined,
120
- serverProjectRootAlias: typeof record.serverProjectRootAlias === "string" && record.serverProjectRootAlias.trim() ? record.serverProjectRootAlias.trim() : undefined,
121
- serverProjectRootBaseUrl: typeof record.serverProjectRootBaseUrl === "string" && record.serverProjectRootBaseUrl.trim() ? record.serverProjectRootBaseUrl.trim().replace(/\/+$/, "") : undefined
117
+ serverProjectRoot: typeof record.serverProjectRoot === "string" && record.serverProjectRoot.trim() ? record.serverProjectRoot.trim() : undefined
122
118
  };
123
119
  }
124
120
  function writeRepoConnection(projectRoot, state) {
125
121
  writeJsonFile(resolveRepoConnectionPath(projectRoot), state);
126
122
  }
127
- function rootAllowedForSelection(repo, connection) {
128
- const root = repo.serverProjectRoot?.trim();
129
- if (!root)
130
- return;
131
- if (connection.kind === "remote") {
132
- if (repo.serverProjectRootAlias !== repo.selected)
133
- return;
134
- if (repo.serverProjectRootBaseUrl !== connection.baseUrl)
135
- return;
136
- } else if (repo.serverProjectRootAlias && repo.serverProjectRootAlias !== repo.selected) {
137
- return;
138
- }
139
- return root;
140
- }
141
123
  function resolveSelectedConnection(projectRoot, options = {}) {
142
124
  const repo = readRepoConnection(projectRoot);
143
125
  if (!repo)
@@ -149,41 +131,13 @@ function resolveSelectedConnection(projectRoot, options = {}) {
149
131
  if (!connection) {
150
132
  throw new CliError(`Selected Rig server "${repo.selected}" was not found. Run \`rig server list\` or \`rig server use local\`.`, 1);
151
133
  }
152
- return { alias: repo.selected, connection, serverProjectRoot: rootAllowedForSelection(repo, connection) };
134
+ return { alias: repo.selected, connection, serverProjectRoot: repo.serverProjectRoot };
153
135
  }
154
- function writeRepoServerProjectRoot(projectRoot, serverProjectRoot, metadata = {}) {
136
+ function writeRepoServerProjectRoot(projectRoot, serverProjectRoot) {
155
137
  const repo = readRepoConnection(projectRoot);
156
138
  if (!repo)
157
139
  return;
158
- let inferred = metadata;
159
- if (!inferred.alias || !inferred.baseUrl) {
160
- try {
161
- const selected = resolveSelectedConnection(projectRoot);
162
- if (selected?.connection.kind === "remote") {
163
- inferred = {
164
- alias: inferred.alias ?? selected.alias,
165
- baseUrl: inferred.baseUrl ?? selected.connection.baseUrl
166
- };
167
- }
168
- } catch {}
169
- }
170
- writeRepoConnection(projectRoot, {
171
- ...repo,
172
- ...metadata.project ? { project: metadata.project } : {},
173
- serverProjectRoot,
174
- ...inferred.alias ? { serverProjectRootAlias: inferred.alias } : {},
175
- ...inferred.baseUrl ? { serverProjectRootBaseUrl: inferred.baseUrl.replace(/\/+$/, "") } : {}
176
- });
177
- }
178
- function clearRepoServerProjectRoot(projectRoot) {
179
- const repo = readRepoConnection(projectRoot);
180
- if (!repo)
181
- return;
182
- writeRepoConnection(projectRoot, {
183
- selected: repo.selected,
184
- ...repo.project ? { project: repo.project } : {},
185
- ...repo.linkedAt ? { linkedAt: repo.linkedAt } : {}
186
- });
140
+ writeRepoConnection(projectRoot, { ...repo, serverProjectRoot });
187
141
  }
188
142
 
189
143
  // packages/cli/src/commands/_server-client.ts
@@ -201,25 +155,17 @@ function cleanToken(value) {
201
155
  const trimmed = value?.trim();
202
156
  return trimmed ? trimmed : null;
203
157
  }
204
- function setGitHubBearerTokenForCurrentProcess(token, projectRoot) {
205
- const scopedKey = resolve2(projectRoot ?? process.cwd());
206
- scopedGitHubBearerTokens.set(scopedKey, cleanToken(token ?? undefined));
207
- }
208
- function readRemoteAuthState(projectRoot) {
158
+ function readPrivateRemoteSessionToken(projectRoot) {
209
159
  const path = resolve2(projectRoot, ".rig", "state", "github-auth.json");
210
160
  if (!existsSync2(path))
211
161
  return null;
212
162
  try {
213
163
  const parsed = JSON.parse(readFileSync2(path, "utf8"));
214
- return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : null;
164
+ return cleanToken(typeof parsed.apiSessionToken === "string" ? parsed.apiSessionToken : typeof parsed.sessionToken === "string" ? parsed.sessionToken : undefined);
215
165
  } catch {
216
166
  return null;
217
167
  }
218
168
  }
219
- function readPrivateRemoteSessionToken(projectRoot) {
220
- const parsed = readRemoteAuthState(projectRoot);
221
- return parsed ? cleanToken(typeof parsed.apiSessionToken === "string" ? parsed.apiSessionToken : typeof parsed.sessionToken === "string" ? parsed.sessionToken : undefined) : null;
222
- }
223
169
  function readGitHubBearerTokenForRemote(projectRoot) {
224
170
  const scopedKey = resolve2(projectRoot);
225
171
  if (scopedGitHubBearerTokens.has(scopedKey))
@@ -230,415 +176,18 @@ function readGitHubBearerTokenForRemote(projectRoot) {
230
176
  return cleanToken(process.env.RIG_SERVER_AUTH_TOKEN) ?? cleanToken(process.env.RIG_REMOTE_AUTH_TOKEN);
231
177
  }
232
178
  function readStoredGitHubAuthToken(projectRoot) {
233
- const parsed = readRemoteAuthState(projectRoot);
234
- return parsed ? cleanToken(typeof parsed.token === "string" ? parsed.token : undefined) : null;
235
- }
236
- function inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug) {
237
- if (!/^[^/]+\/[^/]+$/.test(repoSlug))
238
- return null;
239
- const repo = readRepoConnection(projectRoot);
240
- const auth = readRemoteAuthState(projectRoot);
241
- const authUpdatedAt = typeof auth?.updatedAt === "string" ? Date.parse(auth.updatedAt) : Number.NaN;
242
- const repoLinkedAt = typeof repo?.linkedAt === "string" ? Date.parse(repo.linkedAt) : Number.NaN;
243
- if (Number.isFinite(authUpdatedAt) && Number.isFinite(repoLinkedAt) && authUpdatedAt + 1000 < repoLinkedAt)
244
- return null;
245
- const checkoutBaseDir = typeof auth?.checkoutBaseDir === "string" && auth.checkoutBaseDir.trim() ? auth.checkoutBaseDir.trim() : null;
246
- if (!checkoutBaseDir)
247
- return null;
248
- return `${checkoutBaseDir.replace(/\/+$/, "")}/${repoSlug}`;
249
- }
250
- function readLocalConnectionFallbackToken(projectRoot) {
251
- return readGitHubBearerTokenForRemote(projectRoot) ?? cleanToken(process.env.RIG_GITHUB_TOKEN) ?? readStoredGitHubAuthToken(projectRoot);
252
- }
253
- function normalizeRepoSlug(value) {
254
- const slug = value?.trim();
255
- return slug && /^[^/\s]+\/[^/\s]+$/.test(slug) ? slug : null;
256
- }
257
- function readProjectLinkSlug(projectRoot) {
258
- const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
179
+ const path = resolve2(projectRoot, ".rig", "state", "github-auth.json");
259
180
  if (!existsSync2(path))
260
181
  return null;
261
182
  try {
262
183
  const parsed = JSON.parse(readFileSync2(path, "utf8"));
263
- if (!parsed || typeof parsed !== "object" || Array.isArray(parsed))
264
- return null;
265
- return normalizeRepoSlug(typeof parsed.repoSlug === "string" ? String(parsed.repoSlug) : null);
184
+ return cleanToken(typeof parsed.token === "string" ? parsed.token : undefined);
266
185
  } catch {
267
186
  return null;
268
187
  }
269
188
  }
270
- function writeProjectLinkConnection(projectRoot, repoSlug, alias) {
271
- const path = resolve2(projectRoot, ".rig", "state", "project-link.json");
272
- mkdirSync2(dirname2(path), { recursive: true });
273
- writeFileSync2(path, `${JSON.stringify({ repoSlug, connection: alias, linkedAt: new Date().toISOString() }, null, 2)}
274
- `, "utf8");
275
- }
276
- function remoteLinkRepairCommand(repoSlug) {
277
- return repoSlug ? `rig server repair-link --repo ${repoSlug}` : "rig server repair-link --repo owner/repo";
278
- }
279
- function formatRemoteProjectLinkHint(resolution) {
280
- const repair = remoteLinkRepairCommand(resolution.repoSlug);
281
- if (resolution.status === "auth_required") {
282
- return `Authenticate the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}, then run \`${repair}\`. Use \`rig github auth import-gh\` or \`rig init --repair --server remote --github-auth device${resolution.repoSlug ? ` --repo ${resolution.repoSlug}` : ""}\`.`;
283
- }
284
- if (resolution.status === "missing_project") {
285
- return `Record the repo slug, then run \`${repair}\` (or \`rig init --repo owner/repo --server remote --github-auth device\`).`;
286
- }
287
- if (resolution.status === "not_remote")
288
- return "Select a remote server with `rig server use <alias>` before repairing a remote project link.";
289
- return `Run \`${repair}\` to backfill or prepare a server-host checkout for the selected remote${resolution.alias ? ` (${resolution.alias})` : ""}.`;
290
- }
291
- function remoteProjectLinkFailure(input) {
292
- const partial = {
293
- status: input.status,
294
- alias: input.alias,
295
- baseUrl: input.baseUrl,
296
- repoSlug: input.repoSlug
297
- };
298
- return {
299
- ok: false,
300
- ...input,
301
- hint: formatRemoteProjectLinkHint(partial),
302
- next: remoteLinkRepairCommand(input.repoSlug)
303
- };
304
- }
305
- function remoteProjectLinkSuccess(input) {
306
- return {
307
- ok: true,
308
- status: input.status,
309
- alias: input.alias,
310
- baseUrl: input.baseUrl,
311
- repoSlug: input.repoSlug,
312
- serverProjectRoot: input.serverProjectRoot,
313
- source: input.source,
314
- prepared: input.prepared ?? input.status === "prepared",
315
- validated: input.validated ?? false,
316
- message: input.message ?? `Remote project link ready for ${input.repoSlug}.`,
317
- hint: "Remote-scoped task/run/status requests will send x-rig-project-root for this server-host checkout.",
318
- next: "rig task list"
319
- };
320
- }
321
- function localCheckoutPathCandidate(projectRoot, candidate) {
322
- try {
323
- const local = resolve2(projectRoot);
324
- const resolved = resolve2(candidate);
325
- return resolved === local || resolved.startsWith(`${local}/`);
326
- } catch {
327
- return false;
328
- }
329
- }
330
- async function requestRemoteProjectLinkJson(baseUrl, pathname, authToken, init = {}) {
331
- const requestUrl = new URL(`${baseUrl}${pathname}`);
332
- if (authToken && queryAuthFallbackEnabled())
333
- requestUrl.searchParams.set("rt", authToken);
334
- const response = await fetch(requestUrl, {
335
- ...init,
336
- headers: mergeHeaders(init.headers, authToken)
337
- });
338
- const text = await response.text();
339
- const payload = text.trim().length > 0 ? (() => {
340
- try {
341
- return JSON.parse(text);
342
- } catch {
343
- return null;
344
- }
345
- })() : null;
346
- return { ok: response.ok, status: response.status, payload, text };
347
- }
348
- function payloadError(payload, fallback) {
349
- if (payload && typeof payload === "object" && !Array.isArray(payload)) {
350
- const record = payload;
351
- const value = record.error ?? record.message ?? record.reason;
352
- if (typeof value === "string" && value.trim())
353
- return value.trim();
354
- }
355
- return fallback;
356
- }
357
- function checkoutPathsFromProjectPayload(payload) {
358
- if (!payload || typeof payload !== "object" || Array.isArray(payload))
359
- return [];
360
- const project = payload.project;
361
- if (!project || typeof project !== "object" || Array.isArray(project))
362
- return [];
363
- const checkouts = project.checkouts;
364
- if (!Array.isArray(checkouts))
365
- return [];
366
- return [...checkouts].reverse().flatMap((entry) => {
367
- if (!entry || typeof entry !== "object" || Array.isArray(entry))
368
- return [];
369
- const path = entry.path;
370
- return typeof path === "string" && path.trim() ? [path.trim()] : [];
371
- });
372
- }
373
- function checkoutPathFromPreparePayload(payload) {
374
- if (!payload || typeof payload !== "object" || Array.isArray(payload))
375
- return null;
376
- const checkout = payload.checkout;
377
- if (!checkout || typeof checkout !== "object" || Array.isArray(checkout))
378
- return null;
379
- const path = checkout.path;
380
- return typeof path === "string" && path.trim() ? path.trim() : null;
381
- }
382
- async function validateAndPersistRemoteRoot(input) {
383
- const candidate = input.candidate.trim();
384
- if (!candidate || !isAbsolute(candidate)) {
385
- return remoteProjectLinkFailure({
386
- status: "invalid_root",
387
- alias: input.alias,
388
- baseUrl: input.baseUrl,
389
- repoSlug: input.repoSlug,
390
- message: `Remote project root candidate is not an absolute server-host path: ${candidate || "(empty)"}.`
391
- });
392
- }
393
- if (localCheckoutPathCandidate(input.projectRoot, candidate)) {
394
- return remoteProjectLinkFailure({
395
- status: "invalid_root",
396
- alias: input.alias,
397
- baseUrl: input.baseUrl,
398
- repoSlug: input.repoSlug,
399
- message: `Refusing to use local checkout path ${candidate} as a remote server project root.`
400
- });
401
- }
402
- let response;
403
- try {
404
- response = await requestRemoteProjectLinkJson(input.baseUrl, "/api/server/project-root", input.authToken, {
405
- method: "POST",
406
- headers: { "content-type": "application/json" },
407
- body: JSON.stringify({ projectRoot: candidate })
408
- });
409
- } catch (error) {
410
- return remoteProjectLinkFailure({
411
- status: "error",
412
- alias: input.alias,
413
- baseUrl: input.baseUrl,
414
- repoSlug: input.repoSlug,
415
- message: `Could not validate remote project root ${candidate}: ${error instanceof Error ? error.message : String(error)}`
416
- });
417
- }
418
- if (response.status === 401 || response.status === 403) {
419
- return remoteProjectLinkFailure({
420
- status: "auth_required",
421
- alias: input.alias,
422
- baseUrl: input.baseUrl,
423
- repoSlug: input.repoSlug,
424
- statusCode: response.status,
425
- message: `Remote server ${input.alias} requires authentication before validating project root ${candidate}.`
426
- });
427
- }
428
- if (!response.ok) {
429
- return remoteProjectLinkFailure({
430
- status: "invalid_root",
431
- alias: input.alias,
432
- baseUrl: input.baseUrl,
433
- repoSlug: input.repoSlug,
434
- statusCode: response.status,
435
- message: `Remote server rejected project root ${candidate} (${response.status}): ${payloadError(response.payload, response.text || "project-root validation failed")}`
436
- });
437
- }
438
- const record = response.payload && typeof response.payload === "object" && !Array.isArray(response.payload) ? response.payload : {};
439
- if (record.ok !== true) {
440
- return remoteProjectLinkFailure({
441
- status: "invalid_root",
442
- alias: input.alias,
443
- baseUrl: input.baseUrl,
444
- repoSlug: input.repoSlug,
445
- message: `Remote server did not accept project root ${candidate}: ${payloadError(response.payload, "project-root validation failed")}`
446
- });
447
- }
448
- const accepted = typeof record.projectRoot === "string" && record.projectRoot.trim() ? record.projectRoot.trim() : typeof record.requestedProjectRoot === "string" && record.requestedProjectRoot.trim() ? record.requestedProjectRoot.trim() : candidate;
449
- writeRepoServerProjectRoot(input.projectRoot, accepted, { alias: input.alias, baseUrl: input.baseUrl, project: input.repoSlug });
450
- writeProjectLinkConnection(input.projectRoot, input.repoSlug, input.alias);
451
- const status = input.status ?? (input.prepared ? "prepared" : "backfilled");
452
- return remoteProjectLinkSuccess({
453
- status,
454
- alias: input.alias,
455
- baseUrl: input.baseUrl,
456
- repoSlug: input.repoSlug,
457
- serverProjectRoot: accepted,
458
- source: input.source,
459
- prepared: input.prepared,
460
- validated: true,
461
- message: status === "ready" ? `Remote project link already points to ${accepted} and was validated on ${input.alias}.` : input.prepared ? `Prepared and linked remote checkout ${accepted} for ${input.repoSlug}.` : `Backfilled remote checkout ${accepted} for ${input.repoSlug}.`
462
- });
463
- }
464
- async function ensureRemoteProjectRootLink(projectRoot, options = {}) {
465
- let selected;
466
- try {
467
- selected = resolveSelectedConnection(projectRoot);
468
- } catch (error) {
469
- return remoteProjectLinkFailure({ status: "error", message: error instanceof Error ? error.message : String(error) });
470
- }
471
- if (!selected || selected.connection.kind !== "remote") {
472
- return remoteProjectLinkFailure({ status: "not_remote", message: "No remote Rig server is selected for this repo." });
473
- }
474
- const repo = readRepoConnection(projectRoot);
475
- const explicitRepoRequested = options.repoSlug !== undefined;
476
- const explicitRepoSlug = explicitRepoRequested ? normalizeRepoSlug(options.repoSlug) : null;
477
- const repoProjectSlug = normalizeRepoSlug(repo?.project);
478
- const repoSlug = explicitRepoSlug ?? repoProjectSlug ?? readProjectLinkSlug(projectRoot);
479
- const alias = selected.alias;
480
- const baseUrl = selected.connection.baseUrl;
481
- const authToken = options.authToken === undefined ? readGitHubBearerTokenForRemote(projectRoot) : options.authToken;
482
- const mode = options.mode ?? "backfill-only";
483
- if (explicitRepoRequested && !explicitRepoSlug) {
484
- return remoteProjectLinkFailure({
485
- status: "missing_project",
486
- alias,
487
- baseUrl,
488
- message: `Invalid --repo value ${JSON.stringify(options.repoSlug)}. Expected owner/repo.`
489
- });
490
- }
491
- if (!repoSlug) {
492
- return remoteProjectLinkFailure({
493
- status: "missing_project",
494
- alias,
495
- baseUrl,
496
- message: `Remote server ${alias} is selected, but this checkout has no GitHub repo slug recorded.`
497
- });
498
- }
499
- const skippedCandidates = [];
500
- const storedRoot = selected.serverProjectRoot?.trim() || null;
501
- const storedRootMatchesResolvedRepo = repoProjectSlug === repoSlug;
502
- if (storedRoot && storedRootMatchesResolvedRepo) {
503
- if (localCheckoutPathCandidate(projectRoot, storedRoot)) {
504
- clearRepoServerProjectRoot(projectRoot);
505
- skippedCandidates.push(storedRoot);
506
- } else {
507
- const storedResult = await validateAndPersistRemoteRoot({
508
- projectRoot,
509
- alias,
510
- baseUrl,
511
- authToken,
512
- repoSlug,
513
- candidate: storedRoot,
514
- source: "stored",
515
- status: "ready"
516
- });
517
- if (storedResult.ok || storedResult.status === "auth_required" || storedResult.status === "error")
518
- return storedResult;
519
- clearRepoServerProjectRoot(projectRoot);
520
- skippedCandidates.push(storedRoot);
521
- }
522
- } else if (storedRoot) {
523
- skippedCandidates.push(storedRoot);
524
- }
525
- const authCandidate = inferRemoteServerProjectRootCandidateFromAuthState(projectRoot, repoSlug);
526
- if (authCandidate) {
527
- const authResult = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: authCandidate, source: "auth-state" });
528
- if (authResult.ok || authResult.status === "auth_required")
529
- return authResult;
530
- }
531
- let registryResponse;
532
- try {
533
- registryResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}`, authToken);
534
- } catch (error) {
535
- return remoteProjectLinkFailure({
536
- status: "error",
537
- alias,
538
- baseUrl,
539
- repoSlug,
540
- message: `Could not read remote project registry for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
541
- });
542
- }
543
- if (registryResponse.status === 401 || registryResponse.status === 403) {
544
- return remoteProjectLinkFailure({
545
- status: "auth_required",
546
- alias,
547
- baseUrl,
548
- repoSlug,
549
- statusCode: registryResponse.status,
550
- message: `Remote server ${alias} requires authentication before reading the ${repoSlug} project registry.`
551
- });
552
- }
553
- if (registryResponse.ok) {
554
- const candidates = checkoutPathsFromProjectPayload(registryResponse.payload);
555
- for (const candidate of candidates) {
556
- const result = await validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate, source: "registry" });
557
- if (result.ok || result.status === "auth_required")
558
- return result;
559
- skippedCandidates.push(candidate);
560
- }
561
- if (mode === "backfill-only") {
562
- return remoteProjectLinkFailure({
563
- status: candidates.length > 0 ? "invalid_root" : "no_server_checkout",
564
- alias,
565
- baseUrl,
566
- repoSlug,
567
- message: candidates.length > 0 ? `Remote registry has checkout candidates for ${repoSlug}, but none validated for ${alias}.` : `Remote registry has ${repoSlug}, but no server checkout path is linked yet.`,
568
- skippedCandidates
569
- });
570
- }
571
- } else if (registryResponse.status === 404) {
572
- if (mode === "backfill-only") {
573
- return remoteProjectLinkFailure({
574
- status: "project_not_registered",
575
- alias,
576
- baseUrl,
577
- repoSlug,
578
- statusCode: registryResponse.status,
579
- message: `Remote server ${alias} has no registered project record for ${repoSlug}.`
580
- });
581
- }
582
- } else {
583
- return remoteProjectLinkFailure({
584
- status: "error",
585
- alias,
586
- baseUrl,
587
- repoSlug,
588
- statusCode: registryResponse.status,
589
- message: `Could not backfill ${repoSlug} from remote registry (${registryResponse.status}): ${payloadError(registryResponse.payload, registryResponse.text || "registry lookup failed")}`,
590
- skippedCandidates
591
- });
592
- }
593
- let prepareResponse;
594
- try {
595
- prepareResponse = await requestRemoteProjectLinkJson(baseUrl, `/api/projects/${encodeURIComponent(repoSlug)}/prepare-checkout`, authToken, {
596
- method: "POST",
597
- headers: { "content-type": "application/json" },
598
- body: JSON.stringify({ checkout: { kind: "managed-clone" }, repoUrl: `https://github.com/${repoSlug}.git` })
599
- });
600
- } catch (error) {
601
- return remoteProjectLinkFailure({
602
- status: "error",
603
- alias,
604
- baseUrl,
605
- repoSlug,
606
- message: `Could not prepare remote checkout for ${repoSlug} on ${alias}: ${error instanceof Error ? error.message : String(error)}`
607
- });
608
- }
609
- if (prepareResponse.status === 401 || prepareResponse.status === 403) {
610
- return remoteProjectLinkFailure({
611
- status: "auth_required",
612
- alias,
613
- baseUrl,
614
- repoSlug,
615
- statusCode: prepareResponse.status,
616
- message: `Remote server ${alias} requires authentication before preparing ${repoSlug}.`
617
- });
618
- }
619
- if (!prepareResponse.ok) {
620
- return remoteProjectLinkFailure({
621
- status: "error",
622
- alias,
623
- baseUrl,
624
- repoSlug,
625
- statusCode: prepareResponse.status,
626
- message: `Remote checkout prepare failed for ${repoSlug} (${prepareResponse.status}): ${payloadError(prepareResponse.payload, prepareResponse.text || "prepare-checkout failed")}`,
627
- skippedCandidates
628
- });
629
- }
630
- const preparedPath = checkoutPathFromPreparePayload(prepareResponse.payload);
631
- if (!preparedPath) {
632
- return remoteProjectLinkFailure({
633
- status: "invalid_root",
634
- alias,
635
- baseUrl,
636
- repoSlug,
637
- message: `Remote checkout prepare for ${repoSlug} did not return a checkout.path.`,
638
- skippedCandidates
639
- });
640
- }
641
- return validateAndPersistRemoteRoot({ projectRoot, alias, baseUrl, authToken, repoSlug, candidate: preparedPath, source: "prepare", prepared: true });
189
+ function readLocalConnectionFallbackToken(projectRoot) {
190
+ return readGitHubBearerTokenForRemote(projectRoot) ?? cleanToken(process.env.RIG_GITHUB_TOKEN) ?? readStoredGitHubAuthToken(projectRoot);
642
191
  }
643
192
  async function ensureServerForCli(projectRoot) {
644
193
  try {
@@ -646,12 +195,12 @@ async function ensureServerForCli(projectRoot) {
646
195
  if (selected?.connection.kind === "remote") {
647
196
  reportServerPhase(`Connecting to ${selected.alias}\u2026`);
648
197
  const authToken = readGitHubBearerTokenForRemote(projectRoot);
649
- const link = await ensureRemoteProjectRootLink(projectRoot, { mode: "backfill-only", authToken });
198
+ const serverProjectRoot = selected.serverProjectRoot ?? await backfillRemoteServerProjectRoot(projectRoot, selected.connection.baseUrl, authToken);
650
199
  return {
651
200
  baseUrl: selected.connection.baseUrl,
652
201
  authToken,
653
202
  connectionKind: "remote",
654
- serverProjectRoot: link.ok ? link.serverProjectRoot ?? null : null
203
+ serverProjectRoot
655
204
  };
656
205
  }
657
206
  reportServerPhase("Starting local Rig server\u2026");
@@ -669,23 +218,33 @@ async function ensureServerForCli(projectRoot) {
669
218
  throw error;
670
219
  }
671
220
  }
672
- function mergeCookie(existing, name, value) {
673
- const encoded = `${name}=${encodeURIComponent(value)}`;
674
- if (!existing?.trim())
675
- return encoded;
676
- const parts = existing.split(";").map((part) => part.trim()).filter((part) => part && !part.startsWith(`${name}=`));
677
- return [...parts, encoded].join("; ");
678
- }
679
- function queryAuthFallbackEnabled(env = process.env) {
680
- return env.RIG_ENABLE_QUERY_AUTH_FALLBACK === "1" || env.RIG_QUERY_AUTH_FALLBACK === "1";
221
+ async function backfillRemoteServerProjectRoot(projectRoot, baseUrl, authToken) {
222
+ const repo = readRepoConnection(projectRoot);
223
+ const slug = repo?.project?.trim();
224
+ if (!slug)
225
+ return null;
226
+ try {
227
+ const response = await fetch(`${baseUrl}/api/projects/${encodeURIComponent(slug)}`, {
228
+ headers: mergeHeaders(undefined, authToken)
229
+ });
230
+ if (!response.ok)
231
+ return null;
232
+ const payload = await response.json();
233
+ const project = payload.project && typeof payload.project === "object" && !Array.isArray(payload.project) ? payload.project : null;
234
+ const checkouts = Array.isArray(project?.checkouts) ? project.checkouts : [];
235
+ const latestCheckout = [...checkouts].reverse().find((entry) => Boolean(entry && typeof entry === "object" && !Array.isArray(entry) && typeof entry.path === "string"));
236
+ const path = typeof latestCheckout?.path === "string" && latestCheckout.path.trim() ? latestCheckout.path.trim() : null;
237
+ if (path)
238
+ writeRepoServerProjectRoot(projectRoot, path);
239
+ return path;
240
+ } catch {
241
+ return null;
242
+ }
681
243
  }
682
244
  function mergeHeaders(headers, authToken) {
683
245
  const merged = new Headers(headers);
684
246
  if (authToken) {
685
- const bearer = `Bearer ${authToken}`;
686
- merged.set("authorization", bearer);
687
- merged.set("x-auth", bearer);
688
- merged.set("cookie", mergeCookie(merged.get("cookie"), "rig_auth", authToken));
247
+ merged.set("authorization", `Bearer ${authToken}`);
689
248
  }
690
249
  return merged;
691
250
  }
@@ -746,41 +305,15 @@ async function buildServerFailureContext(projectRoot, server) {
746
305
  hint: "Check the selected server with `rig server status`, or switch with `rig server use <alias|local>`."
747
306
  };
748
307
  }
749
- function isLoopbackRemoteBaseUrl(baseUrl) {
750
- try {
751
- const host = new URL(baseUrl).hostname.toLowerCase();
752
- return host === "localhost" || host === "127.0.0.1" || host === "::1" || host === "[::1]";
753
- } catch {
754
- return false;
755
- }
756
- }
757
- function canUseRemoteWithoutProjectRoot(pathname) {
758
- return pathname === "/health" || pathname === "/api/health" || pathname === "/api/server/status" || pathname === "/api/server/project-root" || pathname.startsWith("/api/github/auth/") || pathname === "/api/projects" || pathname.startsWith("/api/projects/");
759
- }
760
308
  async function requestServerJson(context, pathname, init = {}) {
761
309
  const server = await ensureServerForCli(context.projectRoot);
762
- const requestUrl = new URL(`${server.baseUrl}${pathname}`);
763
- let scopedServerProjectRoot = server.serverProjectRoot;
764
- if (server.connectionKind === "remote" && !scopedServerProjectRoot && !canUseRemoteWithoutProjectRoot(requestUrl.pathname) && (server.authToken || !isLoopbackRemoteBaseUrl(server.baseUrl))) {
765
- const link = await ensureRemoteProjectRootLink(context.projectRoot, { mode: "backfill-only", authToken: server.authToken });
766
- if (link.ok && link.serverProjectRoot) {
767
- scopedServerProjectRoot = link.serverProjectRoot;
768
- } else {
769
- const repo = readRepoConnection(context.projectRoot);
770
- const target = link.alias && link.baseUrl ? `${link.alias} (${link.baseUrl})` : server.baseUrl;
771
- throw new CliError(`Remote server ${target} is selected for ${link.repoSlug ?? repo?.project ?? "this repo"}, but this checkout has no server-host project root link. ${link.message}`, 1, { hint: link.hint });
772
- }
773
- }
774
310
  const headers = mergeHeaders(init.headers, server.authToken);
775
- if (scopedServerProjectRoot)
776
- headers.set("x-rig-project-root", scopedServerProjectRoot);
777
- if (server.connectionKind === "remote" && server.authToken && queryAuthFallbackEnabled()) {
778
- requestUrl.searchParams.set("rt", server.authToken);
779
- }
311
+ if (server.serverProjectRoot)
312
+ headers.set("x-rig-project-root", server.serverProjectRoot);
780
313
  reportServerPhase(`${(init.method ?? "GET").toUpperCase()} ${pathname.split("?")[0]}\u2026`);
781
314
  let response;
782
315
  try {
783
- response = await fetch(requestUrl, {
316
+ response = await fetch(`${server.baseUrl}${pathname}`, {
784
317
  ...init,
785
318
  headers
786
319
  });
@@ -813,26 +346,11 @@ async function getGitHubAuthStatusViaServer(context) {
813
346
  return payload && typeof payload === "object" && !Array.isArray(payload) ? payload : {};
814
347
  }
815
348
  async function postGitHubTokenViaServer(context, token, options = {}) {
816
- const server = await ensureServerForCli(context.projectRoot);
817
- const requestUrl = new URL(`${server.baseUrl}/api/github/auth/token`);
818
- reportServerPhase("POST /api/github/auth/token\u2026");
819
- let response;
820
- try {
821
- response = await fetch(requestUrl, {
822
- method: "POST",
823
- headers: { "content-type": "application/json" },
824
- body: JSON.stringify({ token, selectedRepo: options.selectedRepo, projectRoot: options.projectRoot ?? server.serverProjectRoot ?? undefined })
825
- });
826
- } catch (error) {
827
- const failure = await buildServerFailureContext(context.projectRoot, server);
828
- throw new CliError(`Rig server auth bootstrap failed: ${error instanceof Error ? error.message : String(error)}
829
- ${failure.contextLine}`, 1, { hint: failure.hint });
830
- }
831
- const payload = await response.json().catch(() => null);
832
- if (!response.ok) {
833
- const detail = payload && typeof payload === "object" && !Array.isArray(payload) ? String(payload.error ?? JSON.stringify(payload)) : `HTTP ${response.status}`;
834
- throw new CliError(`Rig server auth bootstrap failed (${response.status}): ${detail}`, 1, { hint: "Re-run `rig github auth import-gh`, or check the selected server with `rig server status`." });
835
- }
349
+ const payload = await requestServerJson(context, "/api/github/auth/token", {
350
+ method: "POST",
351
+ headers: { "content-type": "application/json" },
352
+ body: JSON.stringify({ token, selectedRepo: options.selectedRepo, projectRoot: options.projectRoot })
353
+ });
836
354
  return payload && typeof payload === "object" && !Array.isArray(payload) ? payload : {};
837
355
  }
838
356
  var RESUMABLE_RUN_STATUSES = new Set([
@@ -881,7 +399,7 @@ function createTtySpinner(input) {
881
399
  output.write("\r\x1B[2K");
882
400
  };
883
401
  render();
884
- const timer = isTty ? setInterval(render, input.intervalMs ?? 16) : null;
402
+ const timer = isTty ? setInterval(render, input.intervalMs ?? 120) : null;
885
403
  return {
886
404
  setLabel(next) {
887
405
  label = next;
@@ -1046,53 +564,6 @@ function printPayload(context, payload, fallback) {
1046
564
  else
1047
565
  console.log(fallback);
1048
566
  }
1049
- function apiSessionTokenFrom(payload) {
1050
- if (!payload || typeof payload !== "object" || Array.isArray(payload))
1051
- return null;
1052
- const token = payload.apiSessionToken;
1053
- return typeof token === "string" && token.trim() ? token.trim() : null;
1054
- }
1055
- function payloadString(payload, key) {
1056
- const value = payload[key];
1057
- return typeof value === "string" && value.trim() ? value.trim() : null;
1058
- }
1059
- function payloadRecord(payload, key) {
1060
- const value = payload[key];
1061
- return value && typeof value === "object" && !Array.isArray(value) ? value : null;
1062
- }
1063
- function remoteNamespaceMetadata(result) {
1064
- const namespace = payloadRecord(result, "userNamespace");
1065
- return {
1066
- ...payloadString(result, "login") ? { login: payloadString(result, "login") } : {},
1067
- ...payloadString(result, "userId") ? { userId: payloadString(result, "userId") } : {},
1068
- ...namespace && payloadString(namespace, "key") ? { userNamespaceKey: payloadString(namespace, "key") } : {},
1069
- ...namespace && payloadString(namespace, "root") ? { userNamespaceRoot: payloadString(namespace, "root") } : {},
1070
- ...namespace && payloadString(namespace, "checkoutBaseDir") ? { checkoutBaseDir: payloadString(namespace, "checkoutBaseDir") } : {},
1071
- ...namespace && payloadString(namespace, "snapshotBaseDir") ? { snapshotBaseDir: payloadString(namespace, "snapshotBaseDir") } : {}
1072
- };
1073
- }
1074
- function persistRemoteAuthSession(context, source, result, fallbackToken) {
1075
- const apiSessionToken = apiSessionTokenFrom(result);
1076
- setGitHubBearerTokenForCurrentProcess(apiSessionToken ?? fallbackToken, context.projectRoot);
1077
- if (!apiSessionToken)
1078
- return;
1079
- const repo = readRepoConnection(context.projectRoot);
1080
- const path = resolve3(context.projectRoot, ".rig", "state", "github-auth.json");
1081
- mkdirSync3(dirname3(path), { recursive: true });
1082
- writeFileSync3(path, `${JSON.stringify({
1083
- authenticated: true,
1084
- source,
1085
- storedOnServer: true,
1086
- ...repo?.project ? { selectedRepo: repo.project } : {},
1087
- ...remoteNamespaceMetadata(result),
1088
- apiSessionToken,
1089
- updatedAt: new Date().toISOString()
1090
- }, null, 2)}
1091
- `, "utf8");
1092
- }
1093
- function isSignedIn(status) {
1094
- return status.signedIn === true || status.authenticated === true;
1095
- }
1096
567
  function readGhToken() {
1097
568
  const result = spawnSync("gh", ["auth", "token"], { encoding: "utf8" });
1098
569
  if (result.status !== 0) {
@@ -1114,7 +585,7 @@ async function executeGithub(context, args) {
1114
585
  if (rest.length > 0)
1115
586
  throw new CliError("Usage: rig github auth status", 1);
1116
587
  const status = await withSpinner("Checking GitHub auth on the server\u2026", () => getGitHubAuthStatusViaServer(context), { outputMode: context.outputMode });
1117
- printPayload(context, status, `GitHub auth: ${isSignedIn(status) ? "authenticated" : "unauthenticated"}`);
588
+ printPayload(context, status, `GitHub auth: ${status.authenticated ? "authenticated" : "unauthenticated"}`);
1118
589
  return { ok: true, group: "github", command: "auth status", details: status };
1119
590
  }
1120
591
  case "token": {
@@ -1124,20 +595,16 @@ async function executeGithub(context, args) {
1124
595
  const token = parsed.value?.trim();
1125
596
  if (!token)
1126
597
  throw new CliError("Missing --token value.", 1, { hint: "Re-run as `rig github auth token --token <token>`." });
1127
- const repo = readRepoConnection(context.projectRoot);
1128
- const result = await withSpinner("Storing GitHub token on the server\u2026", () => postGitHubTokenViaServer(context, token, repo?.project ? { selectedRepo: repo.project } : {}), { outputMode: context.outputMode });
1129
- persistRemoteAuthSession(context, "token", result, token);
1130
- printPayload(context, result, "GitHub token stored on the selected server.");
598
+ const result = await withSpinner("Storing GitHub token on the server\u2026", () => postGitHubTokenViaServer(context, token), { outputMode: context.outputMode });
599
+ printPayload(context, result, "GitHub token stored on the selected Rig server.");
1131
600
  return { ok: true, group: "github", command: "auth token", details: result };
1132
601
  }
1133
602
  case "import-gh": {
1134
603
  if (rest.length > 0)
1135
604
  throw new CliError("Usage: rig github auth import-gh", 1);
1136
605
  const importedToken = readGhToken();
1137
- const repo = readRepoConnection(context.projectRoot);
1138
- const result = await withSpinner("Storing GitHub token on the server\u2026", () => postGitHubTokenViaServer(context, importedToken, repo?.project ? { selectedRepo: repo.project } : {}), { outputMode: context.outputMode });
1139
- persistRemoteAuthSession(context, "gh", result, importedToken);
1140
- printPayload(context, result, "GitHub token imported from gh and stored on the selected server.");
606
+ const result = await withSpinner("Storing GitHub token on the server\u2026", () => postGitHubTokenViaServer(context, importedToken), { outputMode: context.outputMode });
607
+ printPayload(context, result, "GitHub token imported from gh and stored on the selected Rig server.");
1141
608
  return { ok: true, group: "github", command: "auth import-gh", details: result };
1142
609
  }
1143
610
  default: