@hyperdrive.bot/gut 0.1.10 → 0.1.12

package/README.md

@@ -18,7 +18,7 @@ $ npm install -g @hyperdrive.bot/gut
 $ gut COMMAND
 running command...
 $ gut (--version)
-@hyperdrive.bot/gut/0.1.10 linux-x64 node-v22.22.0
+@hyperdrive.bot/gut/0.1.12 linux-x64 node-v22.22.1
 $ gut --help [COMMAND]
 USAGE
   $ gut COMMAND
@@ -30,6 +30,9 @@ USAGE
 * [`gut add [PATH]`](#gut-add-path)
 * [`gut affected [ENTITY]`](#gut-affected-entity)
 * [`gut audit`](#gut-audit)
+* [`gut auth login`](#gut-auth-login)
+* [`gut auth logout`](#gut-auth-logout)
+* [`gut auth status`](#gut-auth-status)
 * [`gut back`](#gut-back)
 * [`gut checkout BRANCH`](#gut-checkout-branch)
 * [`gut commit`](#gut-commit)
@@ -58,6 +61,7 @@ USAGE
 * [`gut status`](#gut-status)
 * [`gut sync`](#gut-sync)
 * [`gut ticket`](#gut-ticket)
+* [`gut ticket config`](#gut-ticket-config)
 * [`gut ticket focus TICKETID`](#gut-ticket-focus-ticketid)
 * [`gut ticket get TICKETID`](#gut-ticket-get-ticketid)
 * [`gut ticket hint [HINT] TICKETID`](#gut-ticket-hint-hint-ticketid)
@@ -67,6 +71,7 @@ USAGE
 * [`gut unfocus`](#gut-unfocus)
 * [`gut used-by [ENTITY]`](#gut-used-by-entity)
 * [`gut workspace ACTION`](#gut-workspace-action)
+* [`gut worktree create NAME`](#gut-worktree-create-name)
 
 ## `gut add [PATH]`
 
@@ -155,6 +160,64 @@ EXAMPLES
   $ gut audit --compliance
 ```
 
+## `gut auth login`
+
+Authenticate with Gut using OAuth 2.0 PKCE flow
+
+```
+USAGE
+  $ gut auth login [-d <value>] [-p <value>]
+
+FLAGS
+  -d, --domain=<value>  Tenant domain (e.g., acme.hyperdrive.bot)
+  -p, --port=<value>    [default: 8766] Local callback server port
+
+DESCRIPTION
+  Authenticate with Gut using OAuth 2.0 PKCE flow
+
+EXAMPLES
+  $ gut auth login
+
+  $ gut auth login --domain acme.hyperdrive.bot
+
+  $ gut auth login --port 9876
+```
+
+## `gut auth logout`
+
+Remove stored credentials and logout
+
+```
+USAGE
+  $ gut auth logout
+
+DESCRIPTION
+  Remove stored credentials and logout
+
+EXAMPLES
+  $ gut auth logout
+```
+
+## `gut auth status`
+
+Show current authentication status
+
+```
+USAGE
+  $ gut auth status [-v]
+
+FLAGS
+  -v, --verbose  Show detailed credential information
+
+DESCRIPTION
+  Show current authentication status
+
+EXAMPLES
+  $ gut auth status
+
+  $ gut auth status --verbose
+```
+
 ## `gut back`
 
 Navigate back to the previous focus
@@ -310,7 +373,7 @@ ARGUMENTS
   NAME  Name of the entity to clone
 
 FLAGS
-  -b, --branch=<value>  [default: main] Branch to clone
+  -b, --branch=<value>  Branch to clone (auto-detects workspace branch, falls back to master)
   -d, --depth=<value>   Create a shallow clone with specified depth
   -f, --force           Force clone even if directory exists
   -p, --path=<value>    Custom path to clone to (relative to workspace)
@@ -335,7 +398,7 @@ USAGE
   $ gut entity clone-all [-b <value>] [-d <value>] [-f] [-p] [--skip-existing]
 
 FLAGS
-  -b, --branch=<value>  [default: main] Branch to clone for all entities
+  -b, --branch=<value>  Branch to clone for all entities (auto-detects workspace branch, falls back to master)
   -d, --depth=<value>   Create shallow clones with specified depth
   -f, --force           Force clone even if directories exist
   -p, --parallel        Clone entities in parallel
@@ -842,6 +905,31 @@ EXAMPLES
   $ gut ticket update PROJ-1234 --status in_progress
 ```
 
+## `gut ticket config`
+
+Configure ticket source (JIRA, GitHub, etc.) for this tenant
+
+```
+USAGE
+  $ gut ticket config [--secret-arn <value>] [-j] [--show] [--type jira|github|linear] [--url <value>]
+
+FLAGS
+  -j, --json                output as JSON
+      --secret-arn=<value>  AWS Secrets Manager ARN for credentials
+      --show                show current configuration
+      --type=<option>       source type
+                            <options: jira|github|linear>
+      --url=<value>         base URL (e.g., https://company.atlassian.net)
+
+DESCRIPTION
+  Configure ticket source (JIRA, GitHub, etc.) for this tenant
+
+EXAMPLES
+  $ gut ticket config --show
+
+  $ gut ticket config --type jira --url https://company.atlassian.net --secret-arn arn:aws:secretsmanager:...
+```
+
 ## `gut ticket focus TICKETID`
 
 Focus on a ticket - downloads manifest and clones required entities
@@ -959,25 +1047,35 @@ Sync ticket state with external source (JIRA, GitHub, etc.)
 
 ```
 USAGE
-  $ gut ticket sync TICKETID [-d push|pull] [-j]
+  $ gut ticket sync TICKETID [-d push|pull] [-j] [--no-enrich]
 
 ARGUMENTS
-  TICKETID  ticket ID to sync
+  TICKETID  ticket ID to sync (e.g., PROJ-1234)
 
 FLAGS
   -d, --direction=<option>  [default: push] sync direction (push: gut -> source, pull: source -> gut)
                             <options: push|pull>
   -j, --json                output as JSON
+      --no-enrich           skip enrichment queue when pulling new tickets
 
 DESCRIPTION
   Sync ticket state with external source (JIRA, GitHub, etc.)
 
+  For pull direction:
+  - If ticket exists in gut: updates from source
+  - If ticket doesn't exist: creates it and queues enrichment
+
+  For push direction:
+  - Updates source system with gut ticket state
+
 EXAMPLES
   $ gut ticket sync PROJ-1234
 
   $ gut ticket sync PROJ-1234 --direction push
 
   $ gut ticket sync PROJ-1234 --direction pull
+
+  $ gut ticket sync PROJ-1234 --direction pull --no-enrich
 ```
 
 ## `gut ticket update TICKETID`
@@ -1075,4 +1173,31 @@ EXAMPLES
 
   $ gut workspace generate-metadata
 ```
+
+## `gut worktree create NAME`
+
+Create mirrored worktrees for super-repo and focused entities
+
+```
+USAGE
+  $ gut worktree create NAME [--base-dir <value>] [--from <value>] [--install]
+
+ARGUMENTS
+  NAME  Branch name for the worktree
+
+FLAGS
+  --base-dir=<value>  [default: /tmp/gut-worktrees] Root directory for worktrees
+  --from=<value>      Base branch to create from (defaults to current branch)
+  --install           Run pnpm install after creation
+
+DESCRIPTION
+  Create mirrored worktrees for super-repo and focused entities
+
+EXAMPLES
+  $ gut worktree create workflow/deploy-batch
+
+  $ gut worktree create workflow/deploy-batch --from master --install
+
+  $ gut worktree create feature/story-42 --base-dir /home/user/worktrees
+```
 <!-- commandsstop -->

package/dist/base-command.d.ts

@@ -5,12 +5,14 @@ import { EntityService } from './services/entity.service.js';
 import { FocusService } from './services/focus.service.js';
 import { GitService } from './services/git.service.js';
 import { TicketService } from './services/ticket.service.js';
+import { WorktreeService } from './services/worktree.service.js';
 export declare abstract class BaseCommand extends Command {
     protected configService: ConfigService;
     protected entityService: EntityService;
     protected focusService: FocusService;
     protected gitService: GitService;
     protected ticketService: TicketService;
+    protected worktreeService: WorktreeService;
     protected get requiresInit(): boolean;
     protected formatPath(path: string): string;
     protected getStatusIcon(hasChanges: boolean): string;

package/dist/base-command.js

@@ -4,6 +4,7 @@ import { EntityService } from './services/entity.service.js';
 import { FocusService } from './services/focus.service.js';
 import { GitService } from './services/git.service.js';
 import { TicketService } from './services/ticket.service.js';
+import { WorktreeService } from './services/worktree.service.js';
 const ENTITY_TYPE_EMOJI = {
     client: '🏢',
     company: '🏛️',
@@ -22,6 +23,7 @@ export class BaseCommand extends Command {
     focusService;
     gitService;
     ticketService;
+    worktreeService;
     get requiresInit() {
         // Override in commands that don't require initialization
         return true;
@@ -47,6 +49,7 @@ export class BaseCommand extends Command {
         this.focusService = new FocusService(this.configService);
         this.gitService = new GitService();
         this.ticketService = new TicketService(this.configService);
+        this.worktreeService = new WorktreeService(this.configService, this.gitService, this.focusService);
         // Check workspace initialization for commands that require it
         if (this.requiresInit && !this.configService.isInitialized()) {
             this.error('Workspace not initialized. Run "gut init" first.');

package/dist/commands/auth/login.d.ts

@@ -0,0 +1,10 @@
+import { Command } from '@oclif/core';
+export default class Login extends Command {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        domain: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        port: import("@oclif/core/interfaces").OptionFlag<number, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/auth/login.js

@@ -0,0 +1,103 @@
+import { Command, Flags } from '@oclif/core';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import open from 'open';
+import ora from 'ora';
+import { buildAuthUrl, buildStoredCredentials, exchangeCodeForTokens, generateCodeChallenge, generateCodeVerifier, getAWSCredentialsFromIdentityPool, getCredentialsPath, saveCredentials, startCallbackServer, } from '@hyperdrive.bot/cli-auth';
+import { createTenantService } from '../../services/tenant.service.js';
+export default class Login extends Command {
+    static description = 'Authenticate with Gut using OAuth 2.0 PKCE flow';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+        '<%= config.bin %> <%= command.id %> --domain acme.hyperdrive.bot',
+        '<%= config.bin %> <%= command.id %> --port 9876',
+    ];
+    static flags = {
+        domain: Flags.string({
+            char: 'd',
+            description: 'Tenant domain (e.g., acme.hyperdrive.bot)',
+        }),
+        port: Flags.integer({
+            char: 'p',
+            default: 8766, // Different from hyperdrive's 8765 to avoid conflicts
+            description: 'Local callback server port',
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Login);
+        const tenantService = createTenantService(flags.domain);
+        this.log(chalk.blue('🚀 Starting Gut authentication...'));
+        this.log('');
+        // Step 1: Resolve tenant configuration from bootstrap
+        let tenantConfig;
+        const spinner = ora('Fetching tenant configuration...').start();
+        try {
+            let tenantDomain = flags.domain;
+            if (!tenantDomain) {
+                spinner.stop();
+                const savedTenantDomain = tenantService.getTenantDomain();
+                const answers = await inquirer.prompt([
+                    {
+                        default: savedTenantDomain || undefined,
+                        message: 'Enter your tenant domain:',
+                        name: 'tenant',
+                        type: 'input',
+                        validate: (input) => input.trim().length > 0 || 'Tenant domain is required',
+                    },
+                ]);
+                tenantDomain = answers.tenant;
+                spinner.start('Fetching tenant configuration...');
+            }
+            tenantConfig = await tenantService.fetchTenantConfig(tenantDomain);
+            spinner.succeed(chalk.green(`Tenant found: ${tenantConfig.displayName}`));
+        }
+        catch (error) {
+            spinner.fail(chalk.red('Failed to fetch tenant configuration'));
+            this.log('');
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            this.error(errorMessage + '\n\n' +
+                chalk.yellow('💡 Tips:\n') +
+                chalk.gray('  - Check your tenant domain spelling\n') +
+                chalk.gray('  - Set GUT_TENANT_DOMAIN environment variable\n'));
+        }
+        try {
+            // Generate PKCE parameters
+            const codeVerifier = generateCodeVerifier();
+            const codeChallenge = generateCodeChallenge(codeVerifier);
+            // Start local callback server
+            const authCodePromise = startCallbackServer(flags.port, 300000, 'Gut');
+            // Open browser for authentication
+            const authUrl = buildAuthUrl(tenantConfig, codeChallenge, flags.port);
+            this.log(chalk.yellow('📱 Opening browser for authentication...'));
+            this.log(chalk.gray(`If browser doesn't open, visit: ${authUrl}`));
+            this.log('');
+            await open(authUrl);
+            spinner.start('Waiting for authentication...');
+            // Wait for callback with auth code
+            const code = await authCodePromise;
+            spinner.succeed(chalk.green('Authentication callback received!'));
+            // Exchange code for tokens
+            spinner.start('Exchanging authorization code for tokens...');
+            const tokens = await exchangeCodeForTokens(tenantConfig, code, codeVerifier, flags.port);
+            spinner.succeed(chalk.green('Tokens obtained successfully!'));
+            // Get AWS credentials from Cognito Identity Pool
+            spinner.start('Obtaining AWS credentials...');
+            const awsCredentials = await getAWSCredentialsFromIdentityPool(tenantConfig, tokens.id_token);
+            spinner.succeed(chalk.green('AWS credentials obtained!'));
+            // Save credentials
+            spinner.start('Saving credentials...');
+            const storedCredentials = buildStoredCredentials(tokens, awsCredentials, tenantConfig);
+            saveCredentials(storedCredentials, tenantConfig.tenantDomain, 'gut');
+            spinner.succeed(chalk.green('Credentials saved!'));
+            this.log('');
+            this.log(chalk.green('✅ Successfully authenticated!'));
+            this.log(chalk.gray('You can now use all Gut CLI commands.'));
+            this.log('');
+            this.log(chalk.gray(`✓ Credentials saved to ${getCredentialsPath(tenantConfig.tenantDomain, 'gut')}`));
+            this.log(chalk.gray('💡 Credentials refresh automatically when needed.'));
+        }
+        catch (error) {
+            this.error(chalk.red(`Authentication failed: ${error instanceof Error ? error.message : String(error)}`));
+        }
+    }
+}

package/dist/commands/auth/logout.d.ts

@@ -0,0 +1,6 @@
+import { Command } from '@oclif/core';
+export default class Logout extends Command {
+    static description: string;
+    static examples: string[];
+    run(): Promise<void>;
+}

package/dist/commands/auth/logout.js

@@ -0,0 +1,39 @@
+import { Command } from '@oclif/core';
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import { AuthService } from '../../services/auth.service.js';
+export default class Logout extends Command {
+    static description = 'Remove stored credentials and logout';
+    static examples = ['<%= config.bin %> <%= command.id %>'];
+    async run() {
+        const authService = new AuthService();
+        // Check if credentials exist
+        const credentials = authService.loadCredentials();
+        if (!credentials) {
+            this.log(chalk.yellow('⚠️  No active session found'));
+            return;
+        }
+        // Confirm logout
+        const { confirm } = await inquirer.prompt([
+            {
+                default: false,
+                message: 'Are you sure you want to logout?',
+                name: 'confirm',
+                type: 'confirm',
+            },
+        ]);
+        if (!confirm) {
+            this.log(chalk.gray('Logout cancelled'));
+            return;
+        }
+        try {
+            authService.clearCredentials();
+            this.log('');
+            this.log(chalk.green('✅ Successfully logged out!'));
+            this.log(chalk.gray('Run `gut auth login` to authenticate again.'));
+        }
+        catch (error) {
+            this.error(chalk.red(`Logout failed: ${error instanceof Error ? error.message : String(error)}`));
+        }
+    }
+}

package/dist/commands/auth/status.d.ts

@@ -0,0 +1,9 @@
+import { Command } from '@oclif/core';
+export default class Status extends Command {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        verbose: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/auth/status.js

@@ -0,0 +1,87 @@
+import { Command, Flags } from '@oclif/core';
+import chalk from 'chalk';
+import { AuthService } from '../../services/auth.service.js';
+export default class Status extends Command {
+    static description = 'Show current authentication status';
+    static examples = [
+        '<%= config.bin %> <%= command.id %>',
+        '<%= config.bin %> <%= command.id %> --verbose',
+    ];
+    static flags = {
+        verbose: Flags.boolean({
+            char: 'v',
+            default: false,
+            description: 'Show detailed credential information',
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Status);
+        const authService = new AuthService();
+        const credentials = authService.loadCredentials();
+        if (!credentials) {
+            this.log(chalk.yellow('⚠️  Not authenticated'));
+            this.log('');
+            this.log(chalk.gray('Run `gut auth login` to authenticate.'));
+            return;
+        }
+        const isExpired = authService.isExpired(credentials);
+        const needsRefresh = authService.needsRefresh(credentials);
+        this.log(chalk.blue('🔐 Authentication Status'));
+        this.log('');
+        // Status
+        if (isExpired) {
+            this.log(chalk.red('Status: ✗ Expired'));
+        }
+        else if (needsRefresh) {
+            this.log(chalk.yellow('Status: ⚠ Expiring soon (will auto-refresh)'));
+        }
+        else {
+            this.log(chalk.green('Status: ✓ Authenticated'));
+        }
+        this.log('');
+        // Basic info
+        this.log(chalk.white('Tenant:'), chalk.cyan(credentials.tenantDomain));
+        this.log(chalk.white('Tenant ID:'), chalk.gray(credentials.tenantId));
+        this.log(chalk.white('Region:'), chalk.gray(credentials.region));
+        // Expiration
+        const expiration = new Date(credentials.awsCredentials.expiration);
+        const now = new Date();
+        const timeRemaining = expiration.getTime() - now.getTime();
+        if (timeRemaining > 0) {
+            const minutes = Math.floor(timeRemaining / (1000 * 60));
+            const hours = Math.floor(minutes / 60);
+            const remainingMinutes = minutes % 60;
+            if (hours > 0) {
+                this.log(chalk.white('Expires in:'), chalk.gray(`${hours}h ${remainingMinutes}m`));
+            }
+            else {
+                this.log(chalk.white('Expires in:'), chalk.gray(`${remainingMinutes}m`));
+            }
+        }
+        else {
+            this.log(chalk.white('Expired:'), chalk.red('Yes'));
+        }
+        if (flags.verbose) {
+            this.log('');
+            this.log(chalk.blue('📋 Detailed Information'));
+            this.log('');
+            this.log(chalk.white('API URL:'), chalk.gray(credentials.apiUrl));
+            this.log(chalk.white('Obtained at:'), chalk.gray(credentials.obtainedAt));
+            this.log(chalk.white('Expiration:'), chalk.gray(expiration.toISOString()));
+            if (credentials.cognitoConfig) {
+                this.log('');
+                this.log(chalk.white('Cognito Client ID:'), chalk.gray(credentials.cognitoConfig.clientId));
+                this.log(chalk.white('User Pool ID:'), chalk.gray(credentials.cognitoConfig.userPoolId));
+            }
+            this.log('');
+            this.log(chalk.white('Credentials file:'), chalk.gray(authService.getCredentialsDir()));
+        }
+        this.log('');
+        if (isExpired) {
+            this.log(chalk.yellow('💡 Run `gut auth login` to re-authenticate.'));
+        }
+        else {
+            this.log(chalk.gray('💡 Credentials refresh automatically when needed.'));
+        }
+    }
+}

package/dist/commands/ticket/config.d.ts

@@ -0,0 +1,13 @@
+import { BaseCommand } from '../../base-command.js';
+export default class TicketConfig extends BaseCommand {
+    static description: string;
+    static examples: string[];
+    static flags: {
+        'secret-arn': import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        show: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        type: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        url: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/ticket/config.js

@@ -0,0 +1,22 @@
+import { Flags } from '@oclif/core';
+import { BaseCommand } from '../../base-command.js';
+export default class TicketConfig extends BaseCommand {
+    static description = 'Configure ticket source (JIRA, GitHub, etc.) for this tenant';
+    static examples = [
+        '<%= config.bin %> ticket config --show',
+        '<%= config.bin %> ticket config --type jira --url https://company.atlassian.net --secret-arn arn:aws:secretsmanager:...',
+    ];
+    static flags = {
+        'secret-arn': Flags.string({ description: 'AWS Secrets Manager ARN for credentials' }),
+        json: Flags.boolean({ char: 'j', description: 'output as JSON' }),
+        show: Flags.boolean({ description: 'show current configuration' }),
+        type: Flags.string({
+            description: 'source type',
+            options: ['jira', 'github', 'linear'],
+        }),
+        url: Flags.string({ description: 'base URL (e.g., https://company.atlassian.net)' }),
+    };
+    async run() {
+        this.error('ticket config is not yet implemented — API service pending');
+    }
+}

package/dist/commands/ticket/sync.d.ts

@@ -8,6 +8,7 @@ export default class TicketSync extends BaseCommand {
     static flags: {
         direction: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
         json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        'no-enrich': import("@oclif/core/interfaces").BooleanFlag<boolean>;
     };
     protected get requiresInit(): boolean;
     run(): Promise<void>;