@jigyasudham/veto 0.8.3 → 1.0.0

package/src/agents/workflow/automation.ts

@@ -1,59 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  const t = (task + ' ' + (context ?? '')).toLowerCase();
-  const isCron = t.includes('cron') || t.includes('schedule') || t.includes('recurring') || t.includes('daily') || t.includes('weekly');
-  const isPipeline = t.includes('pipeline') || t.includes('ci') || t.includes('workflow') || t.includes('trigger') || t.includes('webhook');
-  const isScript = t.includes('script') || t.includes('automat') || t.includes('batch') || t.includes('bulk');
-
-  const approach = isCron
-    ? 'Design the cron job with three safety properties: idempotency (running it twice should be safe), observability (every run logs start/end/result), and alerting (failed runs must page someone). The most common cron bug is silent failure — the job stops running and nobody notices for weeks.'
-    : isPipeline
-    ? 'Design the pipeline with exactly-once execution semantics where possible. Each stage should be independently retryable. Every stage logs its input and output. The pipeline must have a dead-letter mechanism for events that fail after max retries.'
-    : isScript
-    ? 'Write the automation script as a dry-run first: add a --dry-run flag that shows what would happen without doing it. Test the dry-run output before removing the flag. Automation that cannot be previewed should not exist.'
-    : 'Design the automation with four properties: idempotent (safe to re-run), observable (logs start/end/result), alertable (failures surface immediately), and reversible (can undo if wrong).';
-
-  return {
-    agent: 'automation' as WorkerAgentType,
-    task,
-    tier: 2,
-    approach,
-    steps: [
-      'Define the trigger: what starts this automation? (schedule, event, webhook, manual)',
-      'Define the idempotency strategy: what prevents duplicate execution from causing harm?',
-      'Define the happy path: what are the exact steps in order?',
-      'Define the failure modes: what can go wrong at each step?',
-      'Design retry logic: how many retries, with what backoff, before giving up?',
-      'Design the dead-letter path: what happens to items that fail after max retries?',
-      'Add structured logging: every run logs start (with input), each step result, and end (with outcome)',
-      'Add alerting: failed runs must produce an alert, not just a log entry',
-      'Add a dry-run mode for scripts that modify data',
-      'Test the failure path explicitly — do not assume the happy path covers everything',
-    ],
-    checklist: [
-      '[ ] Trigger defined and documented',
-      '[ ] Idempotency strategy implemented',
-      '[ ] Retry logic with bounded backoff',
-      '[ ] Dead-letter mechanism for permanent failures',
-      '[ ] Structured logging on every run',
-      '[ ] Alert on failure (not just log)',
-      '[ ] Dry-run mode for destructive operations',
-      '[ ] Failure path tested explicitly',
-    ],
-    pitfalls: [
-      'Silent failure — cron jobs that fail without alerting are the most dangerous automation',
-      'No idempotency — running the job twice sends duplicate emails, charges customers twice',
-      'Unbounded retries — a failing job retries forever and blocks the queue',
-      'No dry-run — automation that modifies data cannot be safely previewed before running',
-      'Logging only on failure — you cannot diagnose why it failed without knowing what it was doing',
-    ],
-    patterns: [
-      'IDOA framework: Idempotent → Observable → Alertable → Dry-run-capable',
-      'Dead-letter queue: every event that fails max retries goes here, never silently dropped',
-      'Structured run log: { job, run_id, started_at, input_count, success_count, error_count, ended_at }',
-      'Failure-first testing: write the test for the failure path before the happy path',
-    ],
-    duration_estimate: '2-6 hours',
-  };
-}

package/src/agents/workflow/file-manager.ts

@@ -1,52 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  const t = (task + ' ' + (context ?? '')).toLowerCase();
-  const isCreate = t.includes('creat') || t.includes('scaffold') || t.includes('new file') || t.includes('add');
-  const isDelete = t.includes('delet') || t.includes('remov') || t.includes('clean') || t.includes('purge');
-  const isMove = t.includes('mov') || t.includes('renam') || t.includes('restructur') || t.includes('reorgan');
-
-  const approach = isDelete
-    ? 'Before deleting: verify nothing imports the file (grep for the filename and all its exports). Check git log to understand why it was created. If it is safe to delete, remove it and fix all broken imports. Never delete without checking references first.'
-    : isMove
-    ? 'Before moving: map all import paths that reference this file. Update every import after moving. Run the build to confirm no broken imports remain. Update any barrel index files that re-export the moved module.'
-    : isCreate
-    ? 'Create files in the right location: match the existing directory conventions. Add the new file to any relevant barrel index. Do not create a new directory when an existing one fits. Name the file to match its primary export.'
-    : 'Execute the file operation safely. For any destructive operation (delete, overwrite): verify the operation is correct before running it. For moves and renames: update all references atomically.';
-
-  return {
-    agent: 'file-manager' as WorkerAgentType,
-    task,
-    tier: 1,
-    approach,
-    steps: [
-      'Identify the exact files to create, modify, move, or delete',
-      'For deletes: grep for all imports/references to the file before touching it',
-      'For moves: list all files that import from the source path',
-      'Execute the operation',
-      'Update all import paths that reference moved or deleted files',
-      'Update barrel index files (index.ts) if the file is re-exported',
-      'Run the TypeScript build to confirm no broken imports',
-      'Update the project map via veto_project_map_update',
-    ],
-    checklist: [
-      '[ ] References checked before any delete or rename',
-      '[ ] All import paths updated after move/rename',
-      '[ ] Barrel indexes updated',
-      '[ ] Build passes after operation',
-      '[ ] Project map updated via veto_project_map_update',
-    ],
-    pitfalls: [
-      'Deleting a file without checking what imports it — silent build breakage',
-      'Moving a file without updating all import paths — TypeScript will error',
-      'Creating a new directory when an existing one is the right home',
-      'Forgetting to update barrel index files after adding/removing a module',
-    ],
-    patterns: [
-      'Reference-before-delete: always grep for imports before deleting a file',
-      'Atomic rename: update the file and all its references in a single operation',
-      'Barrel maintenance: every add/remove in a directory requires checking the index.ts',
-    ],
-    duration_estimate: '15-60 minutes',
-  };
-}

package/src/agents/workflow/git-agent.ts

@@ -1,55 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  const t = (task + ' ' + (context ?? '')).toLowerCase();
-  const isMerge = t.includes('merge') || t.includes('conflict') || t.includes('rebase');
-  const isPR = t.includes('pull request') || t.includes('pr') || t.includes('review');
-  const isCommit = t.includes('commit') || t.includes('stage') || t.includes('message');
-
-  const approach = isMerge
-    ? 'Resolve merge conflicts by understanding what both sides intended, not just what they changed. Read both versions, understand the goal of each change, then write a resolution that preserves both intentions. Never resolve a conflict by picking one side blindly.'
-    : isPR
-    ? 'Structure the PR to make review fast: one clear title (what changed), a summary paragraph (why), a numbered list of changes (what files/functions), and a test plan. Small PRs merge faster than large ones — if the PR touches more than 10 files, split it.'
-    : isCommit
-    ? 'Write commit messages that explain WHY, not what. The diff shows what changed. The commit message tells future maintainers why. Format: imperative verb subject (50 chars), blank line, body if needed (72 chars per line).'
-    : 'Execute the git operation safely. For destructive operations (reset --hard, force push, branch delete): state the exact command and its consequences before running. Never force-push a shared branch without explicit instruction.';
-
-  return {
-    agent: 'git-agent' as WorkerAgentType,
-    task,
-    tier: 1,
-    approach,
-    steps: [
-      'Identify the git operation needed: commit, branch, merge, rebase, tag, PR',
-      'For destructive operations: state what will be lost and confirm before running',
-      'For commits: stage only the relevant files — never git add -A blindly',
-      'Write a commit message: imperative verb, 50 char subject, body if needed',
-      'For merges: read both sides of each conflict before resolving',
-      'For PRs: title (what), summary (why), change list (how), test plan',
-      'For branch cleanup: verify the branch is fully merged before deleting',
-      'For rebases: ensure the branch is not shared with others before rewriting history',
-    ],
-    checklist: [
-      '[ ] No accidental files staged (check git diff --staged before committing)',
-      '[ ] Commit message is imperative and explains WHY',
-      '[ ] No force-push to shared branches without explicit instruction',
-      '[ ] Merge conflicts resolved by understanding intent, not picking one side',
-      '[ ] Branch verified as merged before deletion',
-      '[ ] .env, credentials, and secrets not included in staged files',
-    ],
-    pitfalls: [
-      'git add -A without reviewing what is staged — accidentally commits secrets or build artifacts',
-      'Commit messages that describe what the diff shows — useless to future maintainers',
-      'Force-pushing a branch others have cloned — rewrites their history',
-      'Resolving merge conflicts by always taking "ours" — loses the other branch\'s intent',
-      'Deleting a branch before verifying it is merged — loses work',
-    ],
-    patterns: [
-      'Why-first commit messages: the diff shows what; the message explains why',
-      'Surgical staging: add specific files, not directories, to keep commits atomic',
-      'Pre-commit diff review: git diff --staged before every commit to catch surprises',
-      'Branch lifecycle: feature → PR → merge → delete (never skip the verify-merged step)',
-    ],
-    duration_estimate: '15-45 minutes',
-  };
-}

package/src/agents/workflow/reporter.ts

@@ -1,51 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  const t = (task + ' ' + (context ?? '')).toLowerCase();
-  const isSession = t.includes('session') || t.includes('summary') || t.includes('what was done');
-  const isStatus = t.includes('status') || t.includes('progress') || t.includes('where are we');
-
-  const approach = isSession
-    ? 'Produce a session summary: what was accomplished, what decisions were made, what is next. Structure: one-sentence headline, bullet list of completed work, bullet list of open items, single next action. Optimised for someone picking up this work cold — they should need to read nothing else.'
-    : isStatus
-    ? 'Produce a status report: current phase, percent complete, what is blocking progress, and the next milestone. Include a risk flag if any blocker has been open for more than one session.'
-    : 'Produce the appropriate report for this context. Default to the session summary format: headline, completed, open, next action.';
-
-  return {
-    agent: 'reporter' as WorkerAgentType,
-    task,
-    tier: 1,
-    approach,
-    steps: [
-      'Identify what type of report is needed: session summary, status report, or decision log',
-      'Collect the facts: what was completed, what decisions were made, what is open',
-      'Write the headline: one sentence that captures the most important thing',
-      'List completed work as bullet points — specific, verifiable ("Auth middleware passing all tests")',
-      'List open items with priority order',
-      'Identify blockers: anything that prevents progress without human input',
-      'State the single next action as a concrete step',
-      'Save to session via veto_session_save if this report closes a work session',
-    ],
-    checklist: [
-      '[ ] Headline captures the most important single thing',
-      '[ ] Completed items are specific and verifiable',
-      '[ ] Open items are prioritised',
-      '[ ] Blockers are explicitly named',
-      '[ ] Next action is a single concrete step',
-      '[ ] Report saved if it closes a session',
-    ],
-    pitfalls: [
-      'Vague completed items ("worked on auth") — not verifiable, not useful',
-      'Listing everything instead of prioritising — buries the important items',
-      'No next action — the person reading the report cannot resume without re-reading everything',
-      'Including implementation details the reader does not need — reports should be scannable in 30 seconds',
-    ],
-    patterns: [
-      'Headline-first: the most important thing should be visible without scrolling',
-      'Scannable structure: headline → done → open → blockers → next — in that order',
-      'One next action: multiple next actions means no prioritisation has happened',
-      'Cold-start test: can someone who has not seen this work pick up where you left off from this report alone?',
-    ],
-    duration_estimate: '10-20 minutes',
-  };
-}

package/src/agents/workflow/search-agent.ts

@@ -1,40 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  return {
-    agent: 'search-agent' as WorkerAgentType,
-    task,
-    tier: 1,
-    approach: 'Search the codebase efficiently by starting with the most specific query and widening only if needed. Check veto_project_map_get first — if the answer is in the project map, no filesystem scan is needed. For symbol search: grep for the exact name. For concept search: grep for 2-3 keywords likely to co-occur. For file discovery: use glob patterns. Never read entire files when a targeted search suffices.',
-    steps: [
-      'Call veto_project_map_get — check if the answer is already in the project map',
-      'If the query is a symbol (function name, class, variable): grep for the exact name',
-      'If the query is a concept: identify 2–3 keywords likely to co-occur in the relevant code',
-      'Grep for keywords with file type filter (e.g. *.ts) to reduce noise',
-      'Read only the matching sections, not entire files',
-      'If nothing found: try synonyms or broader terms',
-      'If still nothing: scan the directory structure for a likely home',
-      'Update veto_project_map_update if the search revealed a gap in the map',
-    ],
-    checklist: [
-      '[ ] Project map checked before any filesystem scan',
-      '[ ] Exact symbol name tried before broad keyword search',
-      '[ ] File type filter applied to grep to reduce noise',
-      '[ ] Only matching sections read, not whole files',
-      '[ ] Project map updated if a previously unknown file was found',
-    ],
-    pitfalls: [
-      'Reading entire files to find one function — wastes context tokens',
-      'Searching without a file type filter — finds matches in node_modules and dist',
-      'Using a broad term as the first query — too many false positives',
-      'Not checking the project map first — may already have the answer',
-    ],
-    patterns: [
-      'Specific-first search: exact symbol → keywords → directory scan',
-      'Context-budgeted reading: read the matching section plus 10 lines of context, not the whole file',
-      'Map-first navigation: the project map is faster than a filesystem scan for known files',
-      'Synonym expansion: if the first query returns nothing, try 2-3 synonyms before giving up',
-    ],
-    duration_estimate: '5-20 minutes',
-  };
-}

package/src/agents/workflow/task-coordinator.ts

@@ -1,41 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  return {
-    agent: 'task-coordinator' as WorkerAgentType,
-    task,
-    tier: 2,
-    approach: 'Coordinate multi-agent execution: assign tasks to the right worker agents, run independent tasks in parallel via veto_execute_parallel, collect results, reconcile conflicts, and assemble the final output. The coordinator does not do the work — it routes, monitors, and assembles.',
-    steps: [
-      'Receive the task plan from task-planner (or build one if not provided)',
-      'For each task: identify the best worker agent (coder, tester, security-scanner, etc.)',
-      'Group independent tasks that can run in parallel',
-      'Submit parallel group via veto_execute_parallel',
-      'Wait for results — check each result for errors before proceeding',
-      'If a parallel task fails: decide whether to retry, skip, or block the dependent tasks',
-      'Submit the next sequential task or parallel group based on dependency order',
-      'Collect all results and check for conflicts (two agents modify the same file)',
-      'Resolve conflicts: the higher-priority agent wins, or escalate to the human',
-      'Assemble the final output and save the session checkpoint',
-    ],
-    checklist: [
-      '[ ] Each task assigned to the correct worker agent',
-      '[ ] Independent tasks submitted to veto_execute_parallel',
-      '[ ] Each result checked for errors before triggering dependents',
-      '[ ] Conflicts identified and resolved',
-      '[ ] Final session saved via veto_session_save',
-    ],
-    pitfalls: [
-      'Running all tasks sequentially when most could be parallel — wastes time',
-      'Ignoring errors in parallel results and proceeding to dependent tasks — cascading failures',
-      'Assigning the wrong agent type — a coder reviewing security is worse than no review',
-      'Not saving progress after each parallel batch — a failure loses all intermediate work',
-    ],
-    patterns: [
-      'Batch-and-wait: submit all independent tasks in one veto_execute_parallel call, then process results before the next batch',
-      'Fail-fast on blockers: if a critical task fails, stop and report rather than continuing with invalid state',
-      'Agent specialisation: always use the most specific agent available for each task type',
-    ],
-    duration_estimate: '30-90 minutes',
-  };
-}

package/src/agents/workflow/task-planner.ts

@@ -1,47 +0,0 @@
-import { AgentPlan, WorkerAgentType } from '../types.js';
-
-export function plan(task: string, context?: string): AgentPlan {
-  return {
-    agent: 'task-planner' as WorkerAgentType,
-    task,
-    tier: 2,
-    approach: 'Decompose the goal into a concrete, ordered task list where each task is independently completable in 1–4 hours. The output is not a project plan — it is the immediate next N tasks in execution order, each with a clear acceptance criterion. Identify which tasks can run in parallel and which are sequential dependencies.',
-    steps: [
-      'State the goal in one sentence — if you cannot, the goal needs clarifying first',
-      'Identify all constraints: blocked by X, requires Y to exist first, cannot touch Z',
-      'List all deliverables: what files, APIs, tests, or docs must exist when done?',
-      'Break deliverables into tasks of 1–4 hours each — nothing larger',
-      'For each task: write one acceptance criterion ("done when X passes" or "done when Y returns Z")',
-      'Identify dependencies: which tasks must complete before others can start?',
-      'Group independent tasks — these can run in parallel via veto_execute_parallel',
-      'Order the dependent tasks: what is the critical path?',
-      'Identify the single highest-risk task and put it first — fail fast',
-      'Save the task plan via veto_session_save so it survives context switches',
-    ],
-    checklist: [
-      '[ ] Goal stated in one sentence',
-      '[ ] All constraints identified',
-      '[ ] Tasks are 1–4 hours each',
-      '[ ] Every task has an acceptance criterion',
-      '[ ] Dependencies mapped — no implicit ordering',
-      '[ ] Parallel tasks identified',
-      '[ ] Critical path identified',
-      '[ ] Highest-risk task is first',
-      '[ ] Plan saved via veto_session_save',
-    ],
-    pitfalls: [
-      'Tasks too large ("implement auth") — cannot track progress or parallelize',
-      'Tasks too small ("add semicolon") — overhead exceeds value',
-      'Missing acceptance criteria — "done" is subjective without them',
-      'Not identifying blockers upfront — a hidden blocker discovered mid-task stops everything',
-      'Putting the risky unknown task last — you should fail fast, not late',
-    ],
-    patterns: [
-      'Risk-first ordering: the most uncertain task goes first so you discover problems early',
-      'Acceptance-criteria-first: write the criterion before the task to clarify what done means',
-      'Parallel identification: tasks with no shared outputs can always run concurrently',
-      'Four-hour rule: if a task cannot be completed in 4 hours, it contains hidden complexity — split it',
-    ],
-    duration_estimate: '30-60 minutes',
-  };
-}

package/src/cli.ts

@@ -1,204 +0,0 @@
-#!/usr/bin/env node
-// Veto CLI — entry point for `npx veto init`
-
-// Suppress Node experimental warnings (node:sqlite) for clean UX
-process.removeAllListeners('warning');
-
-import { mkdirSync, existsSync, readFileSync, writeFileSync } from 'node:fs';
-import { join, dirname } from 'node:path';
-import { homedir } from 'node:os';
-
-const VERSION = '0.8.2';
-const VETO_DIR = join(homedir(), '.veto');
-const HOME = homedir();
-
-const c = {
-  bold: (s: string) => `\x1b[1m${s}\x1b[0m`,
-  green: (s: string) => `\x1b[32m${s}\x1b[0m`,
-  yellow: (s: string) => `\x1b[33m${s}\x1b[0m`,
-  cyan: (s: string) => `\x1b[36m${s}\x1b[0m`,
-  dim: (s: string) => `\x1b[2m${s}\x1b[0m`,
-  red: (s: string) => `\x1b[31m${s}\x1b[0m`,
-};
-
-function printBanner() {
-  console.log('');
-  console.log(c.bold(c.cyan('  ██╗   ██╗███████╗████████╗ ██████╗')));
-  console.log(c.bold(c.cyan('  ██║   ██║██╔════╝╚══██╔══╝██╔═══██╗')));
-  console.log(c.bold(c.cyan('  ██║   ██║█████╗     ██║   ██║   ██║')));
-  console.log(c.bold(c.cyan('  ╚██╗ ██╔╝██╔══╝     ██║   ██║   ██║')));
-  console.log(c.bold(c.cyan('   ╚████╔╝ ███████╗   ██║   ╚██████╔╝')));
-  console.log(c.bold(c.cyan('    ╚═══╝  ╚══════╝   ╚═╝    ╚═════╝')));
-  console.log('');
-  console.log(c.dim(`  50 agents. 28 skills. 3 AIs. Self-learning. Zero extra cost.`));
-  console.log(c.dim(`  v${VERSION}`));
-  console.log('');
-}
-
-// Merge veto entry into an existing JSON config file, creating it if needed.
-// Supports both "mcpServers" format (Claude/Gemini/Codex/Cursor/Windsurf)
-// and "servers" format (VS Code).
-function writeVetoConfig(
-  configPath: string,
-  format: 'mcpServers' | 'servers'
-): 'created' | 'updated' | 'skipped' {
-  let existing: Record<string, unknown> = {};
-
-  if (existsSync(configPath)) {
-    try {
-      existing = JSON.parse(readFileSync(configPath, 'utf8'));
-    } catch {
-      // Unreadable / invalid JSON — skip to avoid corrupting it
-      return 'skipped';
-    }
-  } else {
-    mkdirSync(dirname(configPath), { recursive: true });
-  }
-
-  const wasEmpty = Object.keys(existing).length === 0;
-
-  if (format === 'mcpServers') {
-    const servers = (existing.mcpServers as Record<string, unknown>) ?? {};
-    servers['veto'] = { command: 'veto-server' };
-    existing.mcpServers = servers;
-  } else {
-    const servers = (existing.servers as Record<string, unknown>) ?? {};
-    servers['veto'] = { type: 'stdio', command: 'veto-server' };
-    existing.servers = servers;
-  }
-
-  writeFileSync(configPath, JSON.stringify(existing, null, 2) + '\n', 'utf8');
-  return wasEmpty ? 'created' : 'updated';
-}
-
-// All platforms Veto supports, with their config paths and formats.
-const PLATFORMS = [
-  {
-    name: 'Claude Code',
-    path: join(HOME, '.claude', 'mcp_servers.json'),
-    format: 'mcpServers' as const,
-    detectionDir: join(HOME, '.claude'),
-  },
-  {
-    name: 'Gemini CLI',
-    path: join(HOME, '.gemini', 'settings.json'),
-    format: 'mcpServers' as const,
-    detectionDir: join(HOME, '.gemini'),
-  },
-  {
-    name: 'Codex CLI',
-    path: join(HOME, '.codex', 'config.json'),
-    format: 'mcpServers' as const,
-    detectionDir: join(HOME, '.codex'),
-  },
-  {
-    name: 'Cursor',
-    path: join(HOME, '.cursor', 'mcp.json'),
-    format: 'mcpServers' as const,
-    detectionDir: join(HOME, '.cursor'),
-  },
-  {
-    name: 'Windsurf',
-    path: join(HOME, '.codeium', 'windsurf', 'mcp_config.json'),
-    format: 'mcpServers' as const,
-    detectionDir: join(HOME, '.codeium', 'windsurf'),
-  },
-];
-
-async function initCommand() {
-  printBanner();
-
-  // 1. Create ~/.veto directory
-  if (!existsSync(VETO_DIR)) {
-    mkdirSync(VETO_DIR, { recursive: true });
-    console.log(c.green('  ✓') + ` Created ${VETO_DIR}`);
-  } else {
-    console.log(c.dim('  · ') + `Found existing ${VETO_DIR}`);
-  }
-
-  // 2. Initialize SQLite database
-  process.stdout.write('  · Initializing SQLite database...');
-  const { getDb, getDbPath, saveSession } = await import('./memory/local.js');
-
-  try {
-    const db = getDb();
-    const dbPath = getDbPath();
-    const { session_id } = saveSession({
-      platform: 'claude',
-      summary: 'Veto initialized',
-      context: 'Initial setup via npx veto init',
-    });
-    const row = db.prepare('SELECT id FROM sessions WHERE id = ?').get(session_id);
-    if (!row) throw new Error('DB smoke test failed');
-    db.prepare('DELETE FROM sessions WHERE id = ?').run(session_id);
-    console.log(c.green(' ✓'));
-    console.log(c.green('  ✓') + ` Database ready at ${dbPath}`);
-  } catch (err: unknown) {
-    console.log(c.red(' ✗'));
-    const msg = err instanceof Error ? err.message : String(err);
-    console.error(c.red(`  Error initializing database: ${msg}`));
-    process.exit(1);
-  }
-
-  // 3. Auto-configure every AI CLI / IDE found on this machine
-  console.log('');
-  console.log('  Configuring all AI tools found on this machine...');
-  console.log('');
-
-  let configured = 0;
-  let skipped = 0;
-
-  for (const platform of PLATFORMS) {
-    const detected = existsSync(platform.detectionDir);
-    if (!detected) {
-      console.log(c.dim('  · ') + c.dim(`${platform.name} — not installed, skipping`));
-      continue;
-    }
-
-    const result = writeVetoConfig(platform.path, platform.format);
-
-    if (result === 'skipped') {
-      console.log(c.yellow('  ⚠ ') + `${platform.name} — config unreadable, skipped`);
-      skipped++;
-    } else if (result === 'created') {
-      console.log(c.green('  ✓ ') + `${platform.name} — configured`);
-      configured++;
-    } else {
-      console.log(c.green('  ✓ ') + `${platform.name} — updated`);
-      configured++;
-    }
-  }
-
-  console.log('');
-
-  if (configured === 0 && skipped === 0) {
-    console.log(c.yellow('  ⚠  No AI tools detected.'));
-    console.log('  Install Claude Code, Gemini CLI, or Codex CLI and run veto init again.');
-    console.log('');
-  } else {
-    console.log(c.green(`  ✓ Veto configured for ${configured} tool${configured !== 1 ? 's' : ''}!`));
-    console.log('');
-    console.log('  Next steps:');
-    console.log(c.dim('  1.') + ' Restart your AI CLI or IDE');
-    console.log(c.dim('  2.') + ' Run: veto_status  — should return { "status": "running", "version": "' + VERSION + '" }');
-    console.log('');
-  }
-}
-
-// ─── Router ────────────────────────────────────────────────────────────────────
-
-const command = process.argv[2] ?? 'init';
-
-switch (command) {
-  case 'init':
-    initCommand().catch((err) => {
-      console.error(c.red(`Error: ${err.message}`));
-      process.exit(1);
-    });
-    break;
-
-  default:
-    console.error(`Unknown command: ${command}`);
-    console.log('Usage: veto init');
-    process.exit(1);
-}