@herodevs/cli 2.0.0-beta.8 → 2.0.0

package/dist/api/gql-operations.js

@@ -1,4 +1,4 @@
-import { gql } from '@apollo/client/core/core.cjs';
+import { gql } from '@apollo/client/core';
 export const createReportMutation = gql `
 mutation createReport($input: CreateEolReportInput) {
   eol {
@@ -20,6 +20,7 @@ query GetEolReport($input: GetEolReportInput) {
       components {
         purl
         metadata
+        dependencySummary
         nesRemediation {
           remediations {
             urls {
@@ -34,3 +35,37 @@ query GetEolReport($input: GetEolReportInput) {
   }
 }
 `;
+export const userSetupStatusQuery = gql `
+query Eol {
+  eol {
+    userSetupStatus {
+      isComplete
+      orgId
+    }
+  }
+}
+`;
+export const completeUserSetupMutation = gql `
+mutation Eol {
+  eol {
+    completeUserSetup {
+      isComplete
+      orgId
+    }
+  }
+}
+`;
+export const getOrgAccessTokensMutation = gql `
+mutation GetOrgAccessTokens(
+  $input: IamAccessOrgTokensInput!
+) {
+  iamV2 {
+    access {
+      getOrgAccessTokens(input: $input) {
+        accessToken
+        refreshToken
+      }
+    }
+  }
+}
+`;

package/dist/api/graphql-errors.d.ts

@@ -0,0 +1,6 @@
+import type { GraphQLFormattedError } from 'graphql';
+export type GraphQLErrorResult = {
+    error?: unknown;
+    errors?: ReadonlyArray<GraphQLFormattedError>;
+};
+export declare function getGraphQLErrors(result: GraphQLErrorResult): ReadonlyArray<GraphQLFormattedError> | undefined;

package/dist/api/graphql-errors.js

@@ -0,0 +1,22 @@
+export function getGraphQLErrors(result) {
+    if (result.errors?.length) {
+        return result.errors;
+    }
+    const error = result.error;
+    if (!error || typeof error !== 'object') {
+        return;
+    }
+    if ('errors' in error) {
+        const errors = error.errors;
+        if (errors?.length) {
+            return errors;
+        }
+    }
+    if ('graphQLErrors' in error) {
+        const errors = error.graphQLErrors;
+        if (errors?.length) {
+            return errors;
+        }
+    }
+    return;
+}

package/dist/api/nes.client.d.ts

@@ -1,6 +1,5 @@
-import { ApolloClient } from '@apollo/client/core/index.js';
 import type { CreateEolReportInput, EolReport } from '@herodevs/eol-shared';
-export declare const createApollo: (uri: string) => ApolloClient<import("@apollo/client/core/index.js").NormalizedCacheObject>;
+import { createApollo } from './apollo.client.ts';
 export declare const SbomScanner: (client: ReturnType<typeof createApollo>) => (input: CreateEolReportInput) => Promise<EolReport>;
 export declare class NesClient {
     startScan: ReturnType<typeof SbomScanner>;

package/dist/api/nes.client.js

@@ -1,25 +1,34 @@
-import { ApolloClient, HttpLink, InMemoryCache } from '@apollo/client/core/index.js';
 import { config } from "../config/constants.js";
 import { debugLogger } from "../service/log.svc.js";
+import { stripTypename } from "../utils/strip-typename.js";
+import { createApollo } from "./apollo.client.js";
+import { ApiError, isApiErrorCode } from "./errors.js";
 import { createReportMutation, getEolReportQuery } from "./gql-operations.js";
-export const createApollo = (uri) => new ApolloClient({
-    cache: new InMemoryCache(),
-    defaultOptions: {
-        query: { fetchPolicy: 'no-cache' },
-    },
-    link: new HttpLink({
-        uri,
-        headers: {
-            'User-Agent': `hdcli/${process.env.npm_package_version ?? 'unknown'}`,
-        },
-    }),
-});
+import { getGraphQLErrors } from "./graphql-errors.js";
+function extractErrorCode(errors) {
+    const code = errors[0]?.extensions?.code;
+    if (!code || !isApiErrorCode(code))
+        return;
+    return code;
+}
 export const SbomScanner = (client) => {
     return async (input) => {
-        const res = await client.mutate({
+        let res;
+        res = await client.mutate({
             mutation: createReportMutation,
             variables: { input },
         });
+        const errors = getGraphQLErrors(res);
+        if (res?.error || errors?.length) {
+            debugLogger('Error returned from createReport mutation: %o', res.error || errors);
+            if (errors?.length) {
+                const code = extractErrorCode(errors);
+                if (code) {
+                    throw new ApiError(errors[0].message, code);
+                }
+            }
+            throw new Error('Failed to create EOL report');
+        }
         const result = res.data?.eol?.createReport;
         if (!result?.success || !result.id) {
             debugLogger('failed scan %o', result || {});
@@ -41,8 +50,20 @@ export const SbomScanner = (client) => {
         let reportMetadata = null;
         for (let i = 0; i < pages.length; i += config.concurrentPageRequests) {
             const batch = pages.slice(i, i + config.concurrentPageRequests);
-            const batchResponses = await Promise.all(batch);
+            let batchResponses;
+            batchResponses = await Promise.all(batch);
             for (const response of batchResponses) {
+                const queryErrors = getGraphQLErrors(response);
+                if (response?.error || queryErrors?.length || !response.data?.eol) {
+                    debugLogger('Error in getReport query response: %o', response?.error ?? queryErrors ?? response);
+                    if (queryErrors?.length) {
+                        const code = extractErrorCode(queryErrors);
+                        if (code) {
+                            throw new ApiError(queryErrors[0].message, code);
+                        }
+                    }
+                    throw new Error('Failed to fetch EOL report');
+                }
                 const report = response.data.eol.report;
                 reportMetadata ??= report;
                 components.push(...(report?.components ?? []));
@@ -51,7 +72,10 @@ export const SbomScanner = (client) => {
         if (!reportMetadata) {
             throw new Error('Failed to fetch EOL report');
         }
-        return { ...reportMetadata, components };
+        return stripTypename({
+            ...reportMetadata,
+            components,
+        });
     };
 };
 export class NesClient {

package/dist/api/user-setup.client.d.ts

@@ -0,0 +1,18 @@
+export declare function getUserSetupStatus(options?: {
+    preferOAuth?: boolean;
+    orgAccessToken?: string;
+}): Promise<{
+    isComplete: boolean;
+    orgId?: number | null;
+}>;
+export declare function completeUserSetup(options?: {
+    preferOAuth?: boolean;
+    orgAccessToken?: string;
+}): Promise<{
+    isComplete: boolean;
+    orgId?: number | null;
+}>;
+export declare function ensureUserSetup(options?: {
+    preferOAuth?: boolean;
+    orgAccessToken?: string;
+}): Promise<number>;

package/dist/api/user-setup.client.js

@@ -0,0 +1,92 @@
+import { config } from "../config/constants.js";
+import { getTokenProvider } from "../service/auth.svc.js";
+import { debugLogger } from "../service/log.svc.js";
+import { withRetries } from "../utils/retry.js";
+import { createApollo } from "./apollo.client.js";
+import { ApiError, isApiErrorCode } from "./errors.js";
+import { completeUserSetupMutation, userSetupStatusQuery } from "./gql-operations.js";
+import { getGraphQLErrors } from "./graphql-errors.js";
+const USER_SETUP_MAX_ATTEMPTS = 3;
+const USER_SETUP_RETRY_DELAY_MS = 500;
+const USER_FACING_SERVER_ERROR = 'Please contact support@herodevs.com.';
+const SERVER_ERROR_CODES = ['INTERNAL_SERVER_ERROR', 'SERVER_ERROR', 'SERVICE_UNAVAILABLE'];
+const getGraphqlUrl = () => `${config.graphqlHost}${config.graphqlPath}`;
+function extractErrorCode(errors) {
+    const code = errors[0]?.extensions?.code;
+    if (!code || !isApiErrorCode(code))
+        return;
+    return code;
+}
+export async function getUserSetupStatus(options) {
+    const tokenProvider = getTokenProvider(options?.preferOAuth, options?.orgAccessToken);
+    const client = createApollo(getGraphqlUrl(), tokenProvider);
+    const res = await client.query({ query: userSetupStatusQuery });
+    const errors = getGraphQLErrors(res);
+    if (res?.error || errors?.length) {
+        debugLogger('Error returned from userSetupStatus query: %o', res.error || errors);
+        if (errors?.length) {
+            const rawCode = errors[0]?.extensions?.code;
+            if (rawCode && SERVER_ERROR_CODES.includes(rawCode)) {
+                throw new Error(USER_FACING_SERVER_ERROR);
+            }
+            const code = extractErrorCode(errors);
+            const message = errors[0].message ?? 'Failed to check user setup status';
+            if (code) {
+                throw new ApiError(message, code);
+            }
+            throw new Error(message);
+        }
+        throw new Error('Failed to check user setup status');
+    }
+    const status = res.data?.eol?.userSetupStatus;
+    if (!status || typeof status.isComplete !== 'boolean') {
+        debugLogger('Unexpected userSetupStatus query response: %o', res.data);
+        throw new Error('Failed to check user setup status');
+    }
+    return { isComplete: status.isComplete, orgId: status.orgId ?? undefined };
+}
+export async function completeUserSetup(options) {
+    const tokenProvider = getTokenProvider(options?.preferOAuth, options?.orgAccessToken);
+    const client = createApollo(getGraphqlUrl(), tokenProvider);
+    const res = await client.mutate({ mutation: completeUserSetupMutation });
+    const errors = getGraphQLErrors(res);
+    if (res?.error || errors?.length) {
+        debugLogger('Error returned from completeUserSetup mutation: %o', res.error || errors);
+        if (errors?.length) {
+            const rawCode = errors[0]?.extensions?.code;
+            if (rawCode && SERVER_ERROR_CODES.includes(rawCode)) {
+                throw new Error(USER_FACING_SERVER_ERROR);
+            }
+            const code = extractErrorCode(errors);
+            const message = errors[0].message ?? 'Failed to complete user setup';
+            if (code) {
+                throw new ApiError(message, code);
+            }
+            throw new Error(message);
+        }
+        throw new Error('Failed to complete user setup');
+    }
+    const result = res.data?.eol?.completeUserSetup;
+    if (!result || result.isComplete !== true) {
+        debugLogger('completeUserSetup mutation returned unsuccessful response: %o', res.data);
+        throw new Error('Failed to complete user setup');
+    }
+    return { isComplete: true, orgId: result.orgId ?? undefined };
+}
+export async function ensureUserSetup(options) {
+    const status = await withRetries('user-setup-status', () => getUserSetupStatus(options), {
+        attempts: USER_SETUP_MAX_ATTEMPTS,
+        baseDelayMs: USER_SETUP_RETRY_DELAY_MS,
+    });
+    if (status.isComplete && status.orgId != null) {
+        return status.orgId;
+    }
+    const result = await withRetries('user-setup-complete', () => completeUserSetup(options), {
+        attempts: USER_SETUP_MAX_ATTEMPTS,
+        baseDelayMs: USER_SETUP_RETRY_DELAY_MS,
+    });
+    if (result.orgId != null) {
+        return result.orgId;
+    }
+    throw new Error(`User setup did not return an organization ID. ${USER_FACING_SERVER_ERROR}`);
+}

package/dist/commands/auth/login.d.ts

@@ -0,0 +1,14 @@
+import { Command } from '@oclif/core';
+export default class AuthLogin extends Command {
+    static description: string;
+    private server?;
+    private stopServerPromise?;
+    private readonly port;
+    private readonly redirectUri;
+    private readonly realmUrl;
+    private readonly clientId;
+    run(): Promise<void>;
+    private startServerAndAwaitCode;
+    private stopServer;
+    private exchangeCodeForToken;
+}

package/dist/commands/auth/login.js

@@ -0,0 +1,225 @@
+import crypto from 'node:crypto';
+import http from 'node:http';
+import { createInterface } from 'node:readline';
+import { URL } from 'node:url';
+import { Command } from '@oclif/core';
+import { ensureUserSetup } from "../../api/user-setup.client.js";
+import { OAUTH_CALLBACK_ERROR_CODES } from "../../config/constants.js";
+import { refreshIdentityFromStoredToken } from "../../service/analytics.svc.js";
+import { persistTokenResponse } from "../../service/auth.svc.js";
+import { getClientId, getRealmUrl } from "../../service/auth-config.svc.js";
+import { debugLogger, getErrorMessage } from "../../service/log.svc.js";
+import { openInBrowser } from "../../utils/open-in-browser.js";
+export default class AuthLogin extends Command {
+    static description = 'OAuth CLI login';
+    server;
+    stopServerPromise;
+    port = parseInt(process.env.OAUTH_CALLBACK_PORT || '4000', 10);
+    redirectUri = process.env.OAUTH_CALLBACK_REDIRECT || `http://localhost:${this.port}/oauth2/callback`;
+    realmUrl = getRealmUrl();
+    clientId = getClientId();
+    async run() {
+        if (typeof this.config.runHook === 'function') {
+            await this.parse(AuthLogin);
+        }
+        const codeVerifier = crypto.randomBytes(32).toString('base64url');
+        const codeChallenge = crypto.createHash('sha256').update(codeVerifier).digest('base64url');
+        const state = crypto.randomBytes(16).toString('hex');
+        const authUrl = `${this.realmUrl}/auth?` +
+            `client_id=${this.clientId}` +
+            `&response_type=code` +
+            `&redirect_uri=${encodeURIComponent(this.redirectUri)}` +
+            `&code_challenge=${codeChallenge}` +
+            `&code_challenge_method=S256` +
+            `&state=${state}`;
+        const code = await this.startServerAndAwaitCode(authUrl, state);
+        const token = await this.exchangeCodeForToken(code, codeVerifier);
+        try {
+            await persistTokenResponse(token);
+        }
+        catch (error) {
+            this.warn(`Failed to store tokens securely: ${error instanceof Error ? error.message : error}`);
+            return;
+        }
+        try {
+            await ensureUserSetup({ preferOAuth: true });
+        }
+        catch (error) {
+            this.error(`User setup failed. ${getErrorMessage(error)}`);
+        }
+        try {
+            await refreshIdentityFromStoredToken();
+        }
+        catch (error) {
+            this.warn(`Failed to refresh analytics identity: ${getErrorMessage(error)}`);
+        }
+        this.log('\nLogin completed successfully.');
+    }
+    startServerAndAwaitCode(authUrl, expectedState) {
+        return new Promise((resolve, reject) => {
+            this.server = http.createServer((req, res) => {
+                if (!req.url) {
+                    res.writeHead(400);
+                    res.end('Invalid request');
+                    return;
+                }
+                let parsedUrl;
+                try {
+                    parsedUrl = new URL(req.url, `http://localhost:${this.port}`);
+                }
+                catch {
+                    res.writeHead(400, { 'Content-Type': 'text/plain' });
+                    res.end('Invalid callback URL');
+                    this.stopServer();
+                    reject(new Error('Invalid callback URL'));
+                    return;
+                }
+                if (parsedUrl.pathname === '/oauth2/callback') {
+                    const code = parsedUrl.searchParams.get('code');
+                    const state = parsedUrl.searchParams.get('state');
+                    const oauthError = parsedUrl.searchParams.get('error');
+                    const oauthErrorDescription = parsedUrl.searchParams.get('error_description');
+                    if (!state) {
+                        res.writeHead(400, { 'Content-Type': 'text/plain' });
+                        res.end('Missing state parameter.');
+                        this.stopServer();
+                        return reject(new Error('Missing state parameter in callback'));
+                    }
+                    if (state !== expectedState) {
+                        res.writeHead(400, { 'Content-Type': 'text/plain' });
+                        res.end('State verification failed. Please restart the login flow.');
+                        this.stopServer();
+                        return reject(new Error('State verification failed'));
+                    }
+                    if (oauthError) {
+                        const isAlreadyLoggedIn = oauthError === OAUTH_CALLBACK_ERROR_CODES.ALREADY_LOGGED_IN;
+                        const isDifferentUserAuthenticated = oauthError === OAUTH_CALLBACK_ERROR_CODES.DIFFERENT_USER_AUTHENTICATED;
+                        debugLogger('OAuth callback returned error: %s (%s)', oauthError, oauthErrorDescription ?? 'no description');
+                        let browserMessage;
+                        let cliErrorMessage;
+                        if (isAlreadyLoggedIn) {
+                            browserMessage = "You're already signed in. We'll continue for you. Return to the terminal.";
+                            cliErrorMessage = `You're already signed in. Run "hd auth login" again to continue.`;
+                        }
+                        else if (isDifferentUserAuthenticated) {
+                            browserMessage =
+                                "You're signed in with a different account than this sign-in attempt. Return to the terminal.";
+                            cliErrorMessage =
+                                `You're signed in with a different account than this sign-in attempt. ` +
+                                    `Choose another account, or reset this sign-in session and try again. ` +
+                                    `If needed, run "hd auth logout" and then "hd auth login".`;
+                        }
+                        else {
+                            browserMessage = "We couldn't complete sign-in. Return to the terminal and try again.";
+                            cliErrorMessage = `We couldn't complete sign-in. Please run "hd auth login" again.`;
+                        }
+                        res.writeHead(400, { 'Content-Type': 'text/plain' });
+                        res.end(browserMessage);
+                        this.stopServer();
+                        return reject(new Error(cliErrorMessage));
+                    }
+                    if (code) {
+                        res.writeHead(200, { 'Content-Type': 'text/plain' });
+                        res.end('Login successful. You can close this window.');
+                        this.stopServer();
+                        resolve(code);
+                    }
+                    else {
+                        res.writeHead(400, { 'Content-Type': 'text/plain' });
+                        res.end('No authorization code returned. Please try again.');
+                        this.stopServer();
+                        reject(new Error('No code returned from Keycloak'));
+                    }
+                }
+                else {
+                    res.writeHead(404);
+                    res.end();
+                }
+            });
+            this.server.listen(this.port, async () => {
+                await new Promise((resolve) => {
+                    const rl = createInterface({ input: process.stdin, output: process.stdout });
+                    rl.question(`Press Enter to navigate to: ${authUrl}\n`, () => {
+                        rl.close();
+                        resolve();
+                    });
+                });
+                try {
+                    await openInBrowser(authUrl);
+                }
+                catch (err) {
+                    this.warn(`Failed to open browser automatically. Please open this URL manually:\n${authUrl}\n${err instanceof Error ? err.message : err}`);
+                }
+            });
+            this.server.on('error', (err) => {
+                this.stopServer();
+                reject(err);
+            });
+        });
+    }
+    stopServer() {
+        if (this.stopServerPromise) {
+            return this.stopServerPromise;
+        }
+        const server = this.server;
+        this.server = undefined;
+        if (!server) {
+            return Promise.resolve();
+        }
+        const stopPromise = new Promise((resolve) => {
+            const timeoutMs = 1000;
+            let settled = false;
+            let timeout;
+            const complete = (err) => {
+                if (settled) {
+                    return;
+                }
+                settled = true;
+                if (timeout) {
+                    clearTimeout(timeout);
+                    timeout = undefined;
+                }
+                const code = err?.code;
+                if (err && code !== 'ERR_SERVER_NOT_RUNNING') {
+                    this.warn('Failed to stop local OAuth callback server.');
+                    debugLogger('Failed to stop local OAuth callback server: %s', getErrorMessage(err));
+                }
+                resolve();
+            };
+            timeout = setTimeout(() => {
+                debugLogger('Timed out while stopping local OAuth callback server after %dms', timeoutMs);
+                complete();
+            }, timeoutMs);
+            try {
+                server.close((err) => complete(err));
+            }
+            catch (err) {
+                complete(err);
+            }
+        }).finally(() => {
+            this.stopServerPromise = undefined;
+        });
+        this.stopServerPromise = stopPromise;
+        return stopPromise;
+    }
+    async exchangeCodeForToken(code, codeVerifier) {
+        const tokenUrl = `${this.realmUrl}/token`;
+        const params = new URLSearchParams({
+            grant_type: 'authorization_code',
+            client_id: this.clientId,
+            redirect_uri: this.redirectUri,
+            code_verifier: codeVerifier,
+            code,
+        });
+        const response = await fetch(tokenUrl, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: params.toString(),
+        });
+        if (!response.ok) {
+            const text = await response.text();
+            throw new Error(`Token exchange failed: ${response.status} ${response.statusText}\n${text}`);
+        }
+        return response.json();
+    }
+}

package/dist/commands/auth/logout.d.ts

@@ -0,0 +1,5 @@
+import { Command } from '@oclif/core';
+export default class AuthLogout extends Command {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/auth/logout.js

@@ -0,0 +1,27 @@
+import { Command } from '@oclif/core';
+import { clearTrackedIdentity } from "../../service/analytics.svc.js";
+import { logoutFromProvider } from "../../service/auth-refresh.svc.js";
+import { clearStoredTokens, getStoredTokens } from "../../service/auth-token.svc.js";
+export default class AuthLogout extends Command {
+    static description = 'Logs out of HeroDevs OAuth and clears stored tokens';
+    async run() {
+        if (typeof this.config.runHook === 'function') {
+            await this.parse(AuthLogout);
+        }
+        const tokens = await getStoredTokens();
+        if (!tokens?.accessToken && !tokens?.refreshToken) {
+            this.log('No stored authentication tokens found.');
+            return;
+        }
+        try {
+            await logoutFromProvider(tokens?.refreshToken);
+            this.log('Logged out of HeroDevs OAuth provider.');
+        }
+        catch (error) {
+            this.warn(`Failed to revoke tokens remotely: ${error instanceof Error ? error.message : error}`);
+        }
+        clearTrackedIdentity();
+        await clearStoredTokens();
+        this.log('Local authentication tokens removed from your system.');
+    }
+}

package/dist/commands/auth/provision-ci-token.d.ts

@@ -0,0 +1,5 @@
+import { Command } from '@oclif/core';
+export default class AuthProvisionCiToken extends Command {
+    static description: string;
+    run(): Promise<void>;
+}

package/dist/commands/auth/provision-ci-token.js

@@ -0,0 +1,72 @@
+import { Command } from '@oclif/core';
+import { provisionCIToken } from "../../api/ci-token.client.js";
+import { ensureUserSetup } from "../../api/user-setup.client.js";
+import { refreshIdentityFromStoredToken, track } from "../../service/analytics.svc.js";
+import { requireAccessToken } from "../../service/auth.svc.js";
+import { saveCIToken } from "../../service/ci-token.svc.js";
+import { getErrorMessage } from "../../service/log.svc.js";
+export default class AuthProvisionCiToken extends Command {
+    static description = 'Provision a CI/CD long-lived refresh token for headless auth';
+    async run() {
+        await this.parse(AuthProvisionCiToken);
+        try {
+            await requireAccessToken();
+        }
+        catch (error) {
+            this.error(`Must be logged in to provision CI token. Run 'hd auth login' first. ${getErrorMessage(error)}`);
+        }
+        try {
+            await refreshIdentityFromStoredToken();
+        }
+        catch (error) {
+            this.warn(`Failed to refresh analytics identity: ${getErrorMessage(error)}`);
+        }
+        track('CLI CI Token Provision Started', (context) => ({
+            command: 'auth provision-ci-token',
+            app_used: context.app_used,
+            ci_provider: context.ci_provider,
+            cli_version: context.cli_version,
+            started_at: context.started_at,
+        }));
+        let orgId;
+        try {
+            orgId = await ensureUserSetup();
+        }
+        catch (error) {
+            track('CLI CI Token Provision Failed', () => ({
+                command: 'auth provision-ci-token',
+                error: `user_setup_failed:${getErrorMessage(error)}`,
+            }));
+            this.error(`User setup failed. ${getErrorMessage(error)}`);
+        }
+        try {
+            const result = await provisionCIToken({ orgId });
+            try {
+                await ensureUserSetup({ orgAccessToken: result.access_token });
+            }
+            catch (error) {
+                track('CLI CI Token Provision Failed', () => ({
+                    command: 'auth provision-ci-token',
+                    error: `user_setup_failed:${getErrorMessage(error)}`,
+                }));
+                this.error(`User Org setup failed. ${getErrorMessage(error)}`);
+            }
+            const refreshToken = result.refresh_token;
+            saveCIToken(refreshToken);
+            this.log('CI token provisioned and saved locally.');
+            this.log('');
+            this.log('For CI/CD, set this environment variable:');
+            this.log(`  HD_CI_CREDENTIAL=${refreshToken}`);
+            track('CLI CI Token Provision Succeeded', () => ({
+                command: 'auth provision-ci-token',
+            }));
+        }
+        catch (error) {
+            track('CLI CI Token Provision Failed', () => ({
+                command: 'auth provision-ci-token',
+                error: `provision_failed:${getErrorMessage(error)}`,
+            }));
+            this.error(`CI token provisioning failed. ${getErrorMessage(error)}`);
+        }
+    }
+}

package/dist/commands/report/committers.d.ts

@@ -0,0 +1,27 @@
+import { Command } from '@oclif/core';
+import { type CommittersReport } from '../../service/committers.svc.ts';
+export default class Committers extends Command {
+    static description: string;
+    static enableJsonFlag: boolean;
+    static examples: string[];
+    static flags: {
+        beforeDate: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        afterDate: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        exclude: import("@oclif/core/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        directory: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        monthly: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        months: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+        csv: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        save: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<CommittersReport | string>;
+    /**
+     * Fetches git commit data with month and author information
+     * @param sinceDate - Date range for git log
+     * @param beforeDateEndOfDay - End date for git log
+     * @param ignores - indicate elements to exclude for git log
+     * @param cwd - directory to use for git log
+     */
+    private fetchGitCommitData;
+}