@lumenflow/cli 1.6.0 → 2.1.0

package/dist/guard-main-branch.js

@@ -0,0 +1,202 @@
+#!/usr/bin/env node
+/**
+ * Guard Main Branch CLI Tool
+ *
+ * Provides branch protection checks for WU workflow:
+ * - Blocks operations on main/master branches
+ * - Blocks operations on lane branches (require worktree)
+ * - Optionally allows agent branches
+ *
+ * Usage:
+ *   node guard-main-branch.js [--allow-agent-branch] [--strict]
+ *
+ * WU-1109: INIT-003 Phase 4b - Migrate git operations
+ */
+import { createGitForPath, getGitForCwd, isAgentBranch, getConfig } from '@lumenflow/core';
+/**
+ * Parse command line arguments for guard-main-branch
+ */
+export function parseGuardMainBranchArgs(argv) {
+    const args = {};
+    // Skip node and script name
+    const cliArgs = argv.slice(2);
+    for (let i = 0; i < cliArgs.length; i++) {
+        const arg = cliArgs[i];
+        if (arg === '--help' || arg === '-h') {
+            args.help = true;
+        }
+        else if (arg === '--allow-agent-branch') {
+            args.allowAgentBranch = true;
+        }
+        else if (arg === '--strict') {
+            args.strict = true;
+        }
+        else if (arg === '--base-dir') {
+            args.baseDir = cliArgs[++i];
+        }
+    }
+    return args;
+}
+/**
+ * Get lane branch pattern from config
+ */
+function getLaneBranchPattern() {
+    const config = getConfig();
+    const prefix = config?.git?.laneBranchPrefix ?? 'lane/';
+    const escaped = prefix.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    return new RegExp(`^${escaped}`);
+}
+/**
+ * Get protected branches from config
+ */
+function getProtectedBranches() {
+    const config = getConfig();
+    const mainBranch = config?.git?.mainBranch ?? 'main';
+    // Always include master for legacy compatibility
+    const protectedSet = new Set([mainBranch, 'master']);
+    return Array.from(protectedSet);
+}
+/**
+ * Check if a branch is a lane branch (requires worktree)
+ */
+function isLaneBranch(branch) {
+    return getLaneBranchPattern().test(branch);
+}
+/**
+ * Guard against operations on protected branches
+ */
+export async function guardMainBranch(args) {
+    try {
+        const git = args.baseDir ? createGitForPath(args.baseDir) : getGitForCwd();
+        const currentBranch = await git.getCurrentBranch();
+        // Handle detached HEAD
+        if (currentBranch === 'HEAD' || !currentBranch) {
+            return {
+                success: true,
+                isProtected: true,
+                currentBranch: 'HEAD (detached)',
+                reason: 'Detached HEAD state is protected - checkout a branch',
+            };
+        }
+        const protectedBranches = getProtectedBranches();
+        // Check if on main/master
+        if (protectedBranches.includes(currentBranch)) {
+            return {
+                success: true,
+                isProtected: true,
+                currentBranch,
+                reason: `Branch '${currentBranch}' is protected - use a worktree for WU work`,
+            };
+        }
+        // Check if on a lane branch (requires worktree discipline)
+        if (isLaneBranch(currentBranch)) {
+            return {
+                success: true,
+                isProtected: true,
+                currentBranch,
+                reason: `Lane branch '${currentBranch}' requires worktree - use 'pnpm wu:claim' to create worktree`,
+            };
+        }
+        // Check agent branch if not explicitly allowed
+        if (!args.allowAgentBranch) {
+            const isAgent = await isAgentBranch(currentBranch);
+            if (isAgent) {
+                // Agent branches are allowed by default (unless --strict)
+                if (args.strict) {
+                    return {
+                        success: true,
+                        isProtected: true,
+                        currentBranch,
+                        reason: `Agent branch '${currentBranch}' is protected in strict mode`,
+                    };
+                }
+                // Allow agent branch
+                return {
+                    success: true,
+                    isProtected: false,
+                    currentBranch,
+                };
+            }
+        }
+        // Branch is not protected
+        return {
+            success: true,
+            isProtected: false,
+            currentBranch,
+        };
+    }
+    catch (error) {
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        return {
+            success: false,
+            isProtected: true, // Fail-closed
+            error: errorMessage,
+        };
+    }
+}
+/**
+ * Print help message
+ */
+/* istanbul ignore next -- CLI entry point tested via subprocess */
+function printHelp() {
+    console.log(`
+Usage: guard-main-branch [options]
+
+Check if current branch is protected and block operations.
+
+Options:
+  --base-dir <dir>      Base directory for git operations
+  --allow-agent-branch  Allow operations on agent branches
+  --strict              Block all protected branches (including agent)
+  -h, --help            Show this help message
+
+Exit codes:
+  0 - Branch is not protected (safe to proceed)
+  1 - Branch is protected (operation blocked)
+
+Protected branches:
+  - main/master: Always protected
+  - lane/*: Requires worktree (use wu:claim)
+  - Agent branches: Allowed unless --strict
+
+Examples:
+  guard-main-branch
+  guard-main-branch --allow-agent-branch
+  guard-main-branch --strict
+`);
+}
+/**
+ * Main entry point
+ */
+/* istanbul ignore next -- CLI entry point tested via subprocess */
+async function main() {
+    const args = parseGuardMainBranchArgs(process.argv);
+    if (args.help) {
+        printHelp();
+        process.exit(0);
+    }
+    const result = await guardMainBranch(args);
+    if (result.success) {
+        if (result.isProtected) {
+            console.error(`[guard-main-branch] BLOCKED: ${result.reason}`);
+            console.error(`Current branch: ${result.currentBranch}`);
+            process.exit(1);
+        }
+        else {
+            // Silent success in normal mode
+            if (process.env.DEBUG) {
+                console.log(`[guard-main-branch] OK: Branch '${result.currentBranch}' is not protected`);
+            }
+            process.exit(0);
+        }
+    }
+    else {
+        console.error(`Error: ${result.error}`);
+        process.exit(1);
+    }
+}
+// Run main if executed directly
+import { runCLI } from './cli-entry-point.js';
+if (import.meta.main) {
+    runCLI(main);
+}

package/dist/guard-worktree-commit.js

@@ -0,0 +1,160 @@
+#!/usr/bin/env node
+/**
+ * @file guard-worktree-commit.ts
+ * @description Guard that prevents WU commits from main checkout (WU-1111)
+ *
+ * Validates that WU-related commits are only made from worktrees, not main.
+ * Used by git commit-msg hooks to enforce worktree discipline.
+ *
+ * Usage:
+ *   guard-worktree-commit "commit message"
+ *   guard-worktree-commit --message "commit message"
+ *
+ * Exit codes:
+ *   0 - Commit allowed
+ *   1 - Commit blocked (WU commit from main)
+ *
+ * @see {@link docs/04-operations/_frameworks/lumenflow/lumenflow-complete.md} - Worktree discipline
+ */
+import { fileURLToPath } from 'node:url';
+import { isInWorktree, isMainBranch } from '@lumenflow/core/dist/core/worktree-guard.js';
+const LOG_PREFIX = '[guard-worktree-commit]';
+/**
+ * Patterns that indicate a WU-related commit message
+ */
+const WU_COMMIT_PATTERNS = [
+    /^wu\(/i, // wu(WU-123): message
+    /\(wu-\d+\)/i, // feat(WU-123): message
+    /\(WU-\d+\)/i, // Same with uppercase
+    /^WU-\d+:/i, // WU-123: message
+    /^wu-\d+:/i, // wu-123: message
+];
+/**
+ * Check if a commit should be blocked
+ *
+ * @param options - Check options
+ * @param options.commitMessage - The commit message
+ * @param options.isMainCheckout - Whether in main checkout
+ * @param options.isInWorktree - Whether in a worktree
+ * @returns Whether commit should be blocked and why
+ *
+ * @example
+ * const result = shouldBlockCommit({
+ *   commitMessage: 'wu(WU-123): add feature',
+ *   isMainCheckout: true,
+ *   isInWorktree: false,
+ * });
+ * if (result.blocked) {
+ *   console.error(result.reason);
+ *   process.exit(1);
+ * }
+ */
+export function shouldBlockCommit(options) {
+    const { commitMessage, isMainCheckout, isInWorktree } = options;
+    // Allow all commits from worktrees
+    if (isInWorktree) {
+        return { blocked: false };
+    }
+    // Check if commit message indicates WU work
+    const isWUCommit = WU_COMMIT_PATTERNS.some((pattern) => pattern.test(commitMessage));
+    // Block WU commits from main checkout
+    if (isWUCommit && isMainCheckout) {
+        return {
+            blocked: true,
+            reason: `${LOG_PREFIX} BLOCKED: WU commits must be made from a worktree.
+
+You are attempting to commit WU work from the main checkout.
+
+To fix:
+  1. Navigate to your worktree:
+     cd worktrees/<lane>-wu-xxx/
+
+  2. Make your commit there:
+     git add . && git commit -m "${commitMessage}"
+
+  3. Complete the WU from main:
+     cd ../.. && pnpm wu:done --id WU-XXX
+
+For more information:
+  See docs/04-operations/_frameworks/lumenflow/lumenflow-complete.md
+  See .claude/skills/worktree-discipline/SKILL.md
+`,
+        };
+    }
+    // Allow non-WU commits from anywhere
+    return { blocked: false };
+}
+/**
+ * Check if a commit message is WU-related
+ *
+ * @param message - Commit message to check
+ * @returns true if message indicates WU work
+ */
+export function isWUCommitMessage(message) {
+    return WU_COMMIT_PATTERNS.some((pattern) => pattern.test(message));
+}
+/**
+ * Main CLI entry point
+ */
+async function main() {
+    const args = process.argv.slice(2);
+    // Parse arguments
+    let commitMessage;
+    for (let i = 0; i < args.length; i++) {
+        const arg = args[i];
+        if (arg === '--message' || arg === '-m') {
+            commitMessage = args[++i];
+        }
+        else if (arg === '--help' || arg === '-h') {
+            console.log(`Usage: guard-worktree-commit [--message] "commit message"
+
+Check if a WU commit should be blocked from main checkout.
+
+Options:
+  --message, -m MSG  Commit message to check
+  -h, --help         Show this help message
+
+Examples:
+  guard-worktree-commit "wu(WU-123): add feature"
+  guard-worktree-commit --message "chore: update deps"
+`);
+            process.exit(0);
+        }
+        else if (!commitMessage) {
+            commitMessage = arg;
+        }
+    }
+    if (!commitMessage) {
+        console.error(`${LOG_PREFIX} Error: Commit message required`);
+        console.error('Usage: guard-worktree-commit [--message] "commit message"');
+        process.exit(1);
+    }
+    // Check context
+    const inWorktree = isInWorktree();
+    let onMain = false;
+    try {
+        onMain = await isMainBranch();
+    }
+    catch {
+        // If we can't determine branch, be conservative and allow
+        onMain = false;
+    }
+    const result = shouldBlockCommit({
+        commitMessage,
+        isMainCheckout: onMain && !inWorktree,
+        isInWorktree: inWorktree,
+    });
+    if (result.blocked) {
+        console.error(result.reason);
+        process.exit(1);
+    }
+    console.log(`${LOG_PREFIX} Commit allowed`);
+    process.exit(0);
+}
+// Guard main() for testability
+if (process.argv[1] === fileURLToPath(import.meta.url)) {
+    main().catch((error) => {
+        console.error(`${LOG_PREFIX} Unexpected error:`, error);
+        process.exit(1);
+    });
+}

package/dist/init-plan.js

@@ -0,0 +1,337 @@
+#!/usr/bin/env node
+/* eslint-disable security/detect-non-literal-fs-filename */
+/**
+ * Init Plan Command (WU-1105)
+ *
+ * Links plan files to initiatives by setting the `related_plan` field
+ * in the initiative YAML.
+ *
+ * Usage:
+ *   pnpm init:plan --initiative INIT-001 --plan docs/04-operations/plans/my-plan.md
+ *   pnpm init:plan --initiative INIT-001 --create  # Create new plan template
+ *
+ * Features:
+ * - Validates initiative exists before modifying
+ * - Formats plan path as lumenflow:// URI
+ * - Idempotent: no error if same plan already linked
+ * - Warns if replacing existing plan link
+ * - Can create plan templates with --create
+ *
+ * Context: WU-1105 (INIT-003 Phase 3a: Migrate init:plan command)
+ */
+import { getGitForCwd } from '@lumenflow/core/dist/git-adapter.js';
+import { die } from '@lumenflow/core/dist/error-handler.js';
+import { existsSync, writeFileSync, mkdirSync, readFileSync } from 'node:fs';
+import { join, basename } from 'node:path';
+import { createWUParser, WU_OPTIONS } from '@lumenflow/core/dist/arg-parser.js';
+import { INIT_PATHS } from '@lumenflow/initiatives/dist/initiative-paths.js';
+import { INIT_PATTERNS } from '@lumenflow/initiatives/dist/initiative-constants.js';
+import { ensureOnMain } from '@lumenflow/core/dist/wu-helpers.js';
+import { withMicroWorktree } from '@lumenflow/core/dist/micro-worktree.js';
+import { readInitiative } from '@lumenflow/initiatives/dist/initiative-yaml.js';
+import { parseYAML, stringifyYAML } from '@lumenflow/core/dist/wu-yaml.js';
+import { LOG_PREFIX as CORE_LOG_PREFIX } from '@lumenflow/core/dist/wu-constants.js';
+/** Log prefix for console output */
+export const LOG_PREFIX = CORE_LOG_PREFIX.INIT_PLAN;
+/** Micro-worktree operation name */
+const OPERATION_NAME = 'init-plan';
+/** Standard plans directory relative to repo root */
+const PLANS_DIR = 'docs/04-operations/plans';
+/** LumenFlow URI scheme for plan references */
+const PLAN_URI_SCHEME = 'lumenflow://plans/';
+/**
+ * Custom option for plan file path
+ */
+const PLAN_OPTION = {
+    name: 'plan',
+    flags: '--plan <path>',
+    description: 'Path to plan file (markdown)',
+};
+/**
+ * Custom option for creating new plan template
+ */
+const CREATE_OPTION = {
+    name: 'create',
+    flags: '--create',
+    description: 'Create a new plan template instead of linking existing file',
+};
+/**
+ * Validate Initiative ID format
+ * @param id - Initiative ID to validate
+ * @throws Error if format is invalid
+ */
+export function validateInitIdFormat(id) {
+    if (!INIT_PATTERNS.INIT_ID.test(id)) {
+        die(`Invalid Initiative ID format: "${id}"\n\n` +
+            `Expected format: INIT-<number> or INIT-NAME (e.g., INIT-001, INIT-TOOLING)`);
+    }
+}
+/**
+ * Validate plan file path
+ * @param planPath - Path to plan file
+ * @throws Error if path is invalid or file doesn't exist
+ */
+export function validatePlanPath(planPath) {
+    if (!planPath.endsWith('.md')) {
+        die(`Invalid plan file format: "${planPath}"\n\nPlan files must be markdown (.md)`);
+    }
+    if (!existsSync(planPath)) {
+        die(`Plan file not found: "${planPath}"\n\nUse --create to create a new plan template`);
+    }
+}
+/**
+ * Format plan path as lumenflow:// URI
+ *
+ * Extracts the filename (and any subdirectory within plans/) and creates
+ * a standardized URI for the plan reference.
+ *
+ * @param planPath - Path to plan file (can be relative or absolute)
+ * @returns lumenflow://plans/<filename> URI
+ */
+export function formatPlanUri(planPath) {
+    // Try to extract path relative to plans directory
+    const plansMarker = '/plans/';
+    const plansIndex = planPath.indexOf(plansMarker);
+    if (plansIndex !== -1) {
+        // Extract everything after /plans/
+        const relativePath = planPath.substring(plansIndex + plansMarker.length);
+        return `${PLAN_URI_SCHEME}${relativePath}`;
+    }
+    // Fallback: just use the filename
+    const filename = basename(planPath);
+    return `${PLAN_URI_SCHEME}${filename}`;
+}
+/**
+ * Check if initiative exists and return the document
+ * @param initId - Initiative ID to check
+ * @returns Initiative document
+ * @throws Error if initiative not found
+ */
+export function checkInitiativeExists(initId) {
+    const initPath = INIT_PATHS.INITIATIVE(initId);
+    if (!existsSync(initPath)) {
+        die(`Initiative not found: ${initId}\n\nFile does not exist: ${initPath}`);
+    }
+    return readInitiative(initPath, initId);
+}
+/**
+ * Update initiative with plan reference in micro-worktree
+ *
+ * Uses raw YAML parsing to preserve unknown fields like related_plan
+ * that are not in the strict initiative schema.
+ *
+ * @param worktreePath - Path to micro-worktree
+ * @param initId - Initiative ID
+ * @param planUri - Plan URI to set
+ * @returns True if changes were made, false if already linked
+ */
+export function updateInitiativeWithPlan(worktreePath, initId, planUri) {
+    const initRelPath = INIT_PATHS.INITIATIVE(initId);
+    const initAbsPath = join(worktreePath, initRelPath);
+    // Read raw YAML to preserve unknown fields like related_plan
+    // (readInitiative strips them via zod schema validation)
+    const rawText = readFileSync(initAbsPath, { encoding: 'utf-8' });
+    const doc = parseYAML(rawText);
+    // Validate ID matches
+    if (doc.id !== initId) {
+        die(`Initiative YAML id mismatch. Expected ${initId}, found ${doc.id}`);
+    }
+    // Check for existing plan link
+    const existingPlan = doc.related_plan;
+    if (existingPlan === planUri) {
+        // Already linked to same plan - idempotent
+        return false;
+    }
+    if (existingPlan && existingPlan !== planUri) {
+        // Different plan already linked - warn but proceed
+        console.warn(`${LOG_PREFIX} Replacing existing related_plan: ${existingPlan} -> ${planUri}`);
+    }
+    // Update related_plan field
+    doc.related_plan = planUri;
+    const out = stringifyYAML(doc);
+    writeFileSync(initAbsPath, out, { encoding: 'utf-8' });
+    console.log(`${LOG_PREFIX} Updated ${initId} with related_plan: ${planUri}`);
+    return true;
+}
+/**
+ * Create a plan template file
+ *
+ * @param worktreePath - Path to repo root or worktree
+ * @param initId - Initiative ID
+ * @param title - Initiative title
+ * @returns Path to created file
+ * @throws Error if file already exists
+ */
+export function createPlanTemplate(worktreePath, initId, title) {
+    const slug = title
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, '-')
+        .replace(/^-|-$/g, '')
+        .substring(0, 30);
+    const filename = `${initId}-${slug}.md`;
+    const plansDir = join(worktreePath, PLANS_DIR);
+    const planPath = join(plansDir, filename);
+    if (existsSync(planPath)) {
+        die(`Plan file already exists: ${planPath}\n\nUse --plan to link an existing file`);
+    }
+    // Ensure plans directory exists
+    if (!existsSync(plansDir)) {
+        mkdirSync(plansDir, { recursive: true });
+    }
+    const template = `# ${initId} Plan - ${title}
+
+## Goal
+
+<!-- What is the primary objective of this initiative? -->
+
+## Scope
+
+<!-- What is in scope and out of scope? -->
+
+## Approach
+
+<!-- How will you achieve the goal? Key phases or milestones? -->
+
+## Success Criteria
+
+<!-- How will you know when this is complete? Measurable outcomes? -->
+
+## Risks
+
+<!-- What could go wrong? How will you mitigate? -->
+
+## References
+
+- Initiative: ${initId}
+- Created: ${new Date().toISOString().split('T')[0]}
+`;
+    writeFileSync(planPath, template, { encoding: 'utf-8' });
+    console.log(`${LOG_PREFIX} Created plan template: ${planPath}`);
+    return planPath;
+}
+/**
+ * Generate commit message for plan link operation
+ */
+export function getCommitMessage(initId, planUri) {
+    const filename = planUri.replace(PLAN_URI_SCHEME, '');
+    return `docs: link plan ${filename} to ${initId.toLowerCase()}`;
+}
+async function main() {
+    const args = createWUParser({
+        name: 'init-plan',
+        description: 'Link a plan file to an initiative',
+        options: [WU_OPTIONS.initiative, PLAN_OPTION, CREATE_OPTION],
+        required: ['initiative'],
+        allowPositionalId: false,
+    });
+    const initId = args.initiative;
+    const planPath = args.plan;
+    const shouldCreate = args.create;
+    // Validate inputs
+    validateInitIdFormat(initId);
+    // Check initiative exists first (before any mutations)
+    const initDoc = checkInitiativeExists(initId);
+    const initTitle = initDoc.title;
+    // Determine plan path and URI
+    let targetPlanPath;
+    let planUri;
+    if (shouldCreate) {
+        // Create mode - will create template and link it
+        console.log(`${LOG_PREFIX} Creating plan template for ${initId}...`);
+        // Ensure on main for micro-worktree operations
+        await ensureOnMain(getGitForCwd());
+        try {
+            await withMicroWorktree({
+                operation: OPERATION_NAME,
+                id: initId,
+                logPrefix: LOG_PREFIX,
+                pushOnly: true,
+                execute: async ({ worktreePath }) => {
+                    // Create plan template
+                    targetPlanPath = createPlanTemplate(worktreePath, initId, initTitle);
+                    planUri = formatPlanUri(targetPlanPath);
+                    // Update initiative with plan link
+                    updateInitiativeWithPlan(worktreePath, initId, planUri);
+                    // Return files to commit
+                    const planRelPath = targetPlanPath.replace(worktreePath + '/', '');
+                    return {
+                        commitMessage: getCommitMessage(initId, planUri),
+                        files: [planRelPath, INIT_PATHS.INITIATIVE(initId)],
+                    };
+                },
+            });
+            console.log(`\n${LOG_PREFIX} Transaction complete!`);
+            console.log(`\nPlan Linked:`);
+            console.log(`  Initiative: ${initId}`);
+            console.log(`  Plan URI:   ${planUri}`);
+            console.log(`  File:       ${targetPlanPath}`);
+            console.log(`\nNext steps:`);
+            console.log(`  1. Edit the plan file with your goals and approach`);
+            console.log(`  2. View initiative: pnpm initiative:status ${initId}`);
+        }
+        catch (error) {
+            die(`Transaction failed: ${error.message}\n\n` +
+                `Micro-worktree cleanup was attempted automatically.\n` +
+                `If issue persists, check for orphaned branches: git branch | grep tmp/${OPERATION_NAME}`);
+        }
+    }
+    else if (planPath) {
+        // Link existing file mode
+        validatePlanPath(planPath);
+        planUri = formatPlanUri(planPath);
+        console.log(`${LOG_PREFIX} Linking plan to ${initId}...`);
+        // Check for idempotent case before micro-worktree
+        const existingPlan = initDoc.related_plan;
+        if (existingPlan === planUri) {
+            console.log(`${LOG_PREFIX} Plan already linked (idempotent - no changes needed)`);
+            console.log(`\n${LOG_PREFIX} ${initId} already has related_plan: ${planUri}`);
+            return;
+        }
+        // Ensure on main for micro-worktree operations
+        await ensureOnMain(getGitForCwd());
+        try {
+            await withMicroWorktree({
+                operation: OPERATION_NAME,
+                id: initId,
+                logPrefix: LOG_PREFIX,
+                pushOnly: true,
+                execute: async ({ worktreePath }) => {
+                    // Update initiative with plan link
+                    const changed = updateInitiativeWithPlan(worktreePath, initId, planUri);
+                    if (!changed) {
+                        console.log(`${LOG_PREFIX} No changes detected (concurrent link operation)`);
+                    }
+                    return {
+                        commitMessage: getCommitMessage(initId, planUri),
+                        files: [INIT_PATHS.INITIATIVE(initId)],
+                    };
+                },
+            });
+            console.log(`\n${LOG_PREFIX} Transaction complete!`);
+            console.log(`\nPlan Linked:`);
+            console.log(`  Initiative: ${initId}`);
+            console.log(`  Plan URI:   ${planUri}`);
+            console.log(`  File:       ${planPath}`);
+            console.log(`\nNext steps:`);
+            console.log(`  - View initiative: pnpm initiative:status ${initId}`);
+        }
+        catch (error) {
+            die(`Transaction failed: ${error.message}\n\n` +
+                `Micro-worktree cleanup was attempted automatically.\n` +
+                `If issue persists, check for orphaned branches: git branch | grep tmp/${OPERATION_NAME}`);
+        }
+    }
+    else {
+        die('Either --plan or --create is required\n\n' +
+            'Usage:\n' +
+            '  pnpm init:plan --initiative INIT-001 --plan docs/04-operations/plans/my-plan.md\n' +
+            '  pnpm init:plan --initiative INIT-001 --create');
+    }
+}
+// Guard main() for testability - use import.meta.main (WU-1071)
+import { runCLI } from './cli-entry-point.js';
+if (import.meta.main) {
+    runCLI(main);
+}
+// Export for testing
+export { main };