@matthugh1/conductor-cli 0.2.5 → 0.3.0

package/dist/{git-hooks-RQ6WJQS4.js → git-hooks-CD25TLQV.js}

@@ -1,13 +1,96 @@
 #!/usr/bin/env node
+import {
+  query
+} from "./chunk-HXPYK5E3.js";
 import {
   runGit
 } from "./chunk-N2KKNG4C.js";
 
 // ../../src/core/git-hooks.ts
 import { chmod, mkdir, readFile, writeFile } from "fs/promises";
+import path2 from "path";
+
+// ../../src/core/hook-auth.ts
+import { randomBytes } from "crypto";
+function generateHookToken() {
+  return randomBytes(32).toString("hex");
+}
+async function storeHookToken(projectId, token) {
+  await query(
+    `UPDATE projects SET hook_token = $1 WHERE id = $2`,
+    [token, projectId]
+  );
+}
+async function getHookToken(projectId) {
+  const rows = await query(
+    `SELECT hook_token FROM projects WHERE id = $1 LIMIT 1`,
+    [projectId]
+  );
+  return rows.length > 0 ? rows[0].hook_token : null;
+}
+
+// ../../src/core/project-lookup.ts
+import { realpath } from "fs/promises";
 import path from "path";
+function normalizeProjectPath(projectRoot) {
+  return path.resolve(projectRoot.trim());
+}
+async function pathVariantsForLookup(projectRoot) {
+  const resolved = normalizeProjectPath(projectRoot);
+  const variants = /* @__PURE__ */ new Set([resolved]);
+  try {
+    const canon = await realpath(resolved);
+    variants.add(canon);
+  } catch {
+  }
+  return [...variants];
+}
+async function findProjectByPath(projectRoot) {
+  const variants = await pathVariantsForLookup(projectRoot);
+  const rows = await query(
+    `
+    SELECT id, name, path, repo_url
+    FROM projects
+    WHERE path = ANY($1::text[])
+    LIMIT 1
+    `,
+    [variants]
+  );
+  return rows.length > 0 ? rows[0] : null;
+}
+async function findProjectByName(name) {
+  const rows = await query(
+    `SELECT id, name, path, repo_url
+     FROM projects
+     WHERE lower(name) = lower($1)
+     LIMIT 1`,
+    [name.trim()]
+  );
+  return rows.length > 0 ? rows[0] : null;
+}
+async function getRegisteredProjectIdOrNull(projectRoot) {
+  try {
+    const byPath = await findProjectByPath(projectRoot);
+    if (byPath) return byPath.id;
+    const trimmed = projectRoot.trim();
+    const byName = await findProjectByName(trimmed);
+    if (byName) return byName.id;
+    const basename = trimmed.split("/").pop() ?? trimmed;
+    if (basename !== trimmed) {
+      const byBasename = await findProjectByName(basename);
+      if (byBasename) return byBasename.id;
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+
+// ../../src/core/git-hooks.ts
 var CONDUCTOR_URL = process.env.CONDUCTOR_URL?.trim() || "http://localhost:3000";
-function postCommitHook() {
+function postCommitHook(token) {
+  const auth = token ? `
+  -H "Authorization: Bearer ${token}" \\` : "";
   return `#!/bin/sh
 # Conductor narration hook \u2014 post-commit.
 # conductor-hook-${CONDUCTOR_VERSION}
@@ -19,7 +102,7 @@ COMMIT_HASH=$(git rev-parse --short HEAD 2>/dev/null || echo "unknown")
 FILES_CHANGED=$(git diff-tree --no-commit-id --name-only -r HEAD 2>/dev/null | wc -l | tr -d ' ')
 
 curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
-  -H "Content-Type: application/json" \\
+  -H "Content-Type: application/json" \\${auth}
   -d "{
     \\"hookName\\": \\"post-commit\\",
     \\"eventType\\": \\"commit\\",
@@ -36,7 +119,9 @@ curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
 exit 0
 `;
 }
-function postMergeHook() {
+function postMergeHook(token) {
+  const auth = token ? `
+  -H "Authorization: Bearer ${token}" \\` : "";
   return `#!/bin/sh
 # Conductor narration hook \u2014 post-merge.
 # conductor-hook-${CONDUCTOR_VERSION}
@@ -52,7 +137,7 @@ else
 fi
 
 curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
-  -H "Content-Type: application/json" \\
+  -H "Content-Type: application/json" \\${auth}
   -d "{
     \\"hookName\\": \\"post-merge\\",
     \\"eventType\\": \\"merge\\",
@@ -64,7 +149,9 @@ curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
 exit 0
 `;
 }
-function postCheckoutHook() {
+function postCheckoutHook(token) {
+  const auth = token ? `
+  -H "Authorization: Bearer ${token}" \\` : "";
   return `#!/bin/sh
 # Conductor narration hook \u2014 post-checkout.
 # conductor-hook-${CONDUCTOR_VERSION}
@@ -82,7 +169,7 @@ BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown")
 PROJECT_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || pwd)
 
 curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
-  -H "Content-Type: application/json" \\
+  -H "Content-Type: application/json" \\${auth}
   -d "{
     \\"hookName\\": \\"post-checkout\\",
     \\"eventType\\": \\"checkout\\",
@@ -94,7 +181,9 @@ curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
 exit 0
 `;
 }
-function prePushHook() {
+function prePushHook(token) {
+  const auth = token ? `
+  -H "Authorization: Bearer ${token}" \\` : "";
   return `#!/bin/sh
 # Conductor narration hook \u2014 pre-push.
 # conductor-hook-${CONDUCTOR_VERSION}
@@ -118,7 +207,7 @@ if [ "$IS_FORCE" = "true" ]; then
 fi
 
 curl -s -X POST "${CONDUCTOR_URL}/api/git/activity/hook" \\
-  -H "Content-Type: application/json" \\
+  -H "Content-Type: application/json" \\${auth}
   -d "{
     \\"hookName\\": \\"pre-push\\",
     \\"eventType\\": \\"$EVENT_TYPE\\",
@@ -145,11 +234,11 @@ var CONDUCTOR_MARKER = "# Conductor narration hook";
 var CONDUCTOR_VERSION = "v1";
 var CONDUCTOR_VERSION_MARKER = `# conductor-hook-${CONDUCTOR_VERSION}`;
 async function getHookStatus(projectRoot) {
-  const hooksDir = path.join(projectRoot, ".git", "hooks");
+  const hooksDir = path2.join(projectRoot, ".git", "hooks");
   const hookResults = [];
   let detectedVersion = null;
   for (const hook of HOOKS) {
-    const hookPath = path.join(hooksDir, hook.name);
+    const hookPath = path2.join(hooksDir, hook.name);
     let content = null;
     try {
       content = await readFile(hookPath, "utf8");
@@ -178,12 +267,21 @@ async function getHookStatus(projectRoot) {
   };
 }
 async function installHooks(projectRoot) {
-  const hooksDir = path.join(projectRoot, ".git", "hooks");
+  const hooksDir = path2.join(projectRoot, ".git", "hooks");
   await mkdir(hooksDir, { recursive: true });
+  const projectId = await getRegisteredProjectIdOrNull(projectRoot);
+  let token = null;
+  if (projectId) {
+    token = await getHookToken(projectId);
+    if (!token) {
+      token = generateHookToken();
+      await storeHookToken(projectId, token);
+    }
+  }
   const installed = [];
   const skipped = [];
   for (const hook of HOOKS) {
-    const hookPath = path.join(hooksDir, hook.name);
+    const hookPath = path2.join(hooksDir, hook.name);
     let existingContent = null;
     try {
       existingContent = await readFile(hookPath, "utf8");
@@ -193,7 +291,7 @@ async function installHooks(projectRoot) {
       skipped.push(hook.name);
       continue;
     }
-    const script = hook.generate();
+    const script = hook.generate(token);
     await writeFile(hookPath, script, "utf8");
     await chmod(hookPath, 493);
     installed.push(hook.name);
@@ -202,7 +300,7 @@ async function installHooks(projectRoot) {
 }
 async function installHooksForWorktree(worktreePath) {
   const mainRoot = (await runGit(worktreePath, ["rev-parse", "--git-common-dir"])).trim();
-  const resolvedRoot = path.resolve(worktreePath, mainRoot, "..");
+  const resolvedRoot = path2.resolve(worktreePath, mainRoot, "..");
   return installHooks(resolvedRoot);
 }
 export {

package/dist/{runner-prompt-MOOPKA5P.js → runner-prompt-7EUGIDWK.js}

@@ -2,7 +2,7 @@
 import {
   assembleAutonomousPrompt,
   assembleTaskPrompt
-} from "./chunk-6AA726KG.js";
+} from "./chunk-T27CR6PR.js";
 export {
   assembleAutonomousPrompt,
   assembleTaskPrompt

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@matthugh1/conductor-cli",
-  "version": "0.2.5",
+  "version": "0.3.0",
   "description": "Conductor CLI — session management, health checks, and autonomous runner for the Conductor pipeline",
   "type": "module",
   "bin": {

package/dist/chunk-6AA726KG.js

@@ -1,238 +0,0 @@
-#!/usr/bin/env node
-
-// ../../src/core/runner-prompt.ts
-var AUTONOMOUS_WORKFLOW = `
-## Identity
-
-You are an autonomous implementation engineer spawned by Conductor's runner.
-When you need human input, use conductor_log_decision followed by
-conductor_await_decision \u2014 this blocks until the human responds in the
-Conductor panel. Work carefully and methodically.
-
-## Workflow (follow in order)
-
-### 1. Start your session
-
-Call conductor_session_brief with:
-- projectRoot: the project name given in your assignment below
-- deliverableId: the deliverable ID given in your assignment below
-- agentRole: "implementation-engineer"
-- agentType: "claude-code"
-
-Save the returned sessionId \u2014 pass it to every subsequent Conductor call.
-
-### 2. Read the brief and understand your assignment
-
-The session brief contains your deliverable title, description, and
-acceptance criteria. Read them carefully before writing any code.
-
-### 3. Branch from dev
-
-Run: git fetch origin && git checkout -b <branch-name> origin/dev
-
-Name the branch after the deliverable (e.g., feat/prompt-template).
-Branch from origin/dev (not main) so you pick up any prior autonomous
-work that has been merged to dev but not yet reviewed into main.
-Never use git checkout dev \u2014 use origin/dev directly to avoid worktree conflicts.
-Never branch from another feature branch.
-
-### 4. Mark your deliverable in-progress
-
-Call conductor_update_deliverable with status "in_progress".
-
-### 5. Do the work
-
-Implement the deliverable according to its acceptance criteria.
-After each meaningful chunk of work, call conductor_log_built with
-a plain English summary and the sessionId.
-
-### 6. Self-check before submitting
-
-Before creating a PR, run ALL of these checks:
-
-1. npx tsc --noEmit          (type check)
-2. npm run build              (build)
-3. npm test                   (tests)
-4. git status                 (working tree clean?)
-5. Review your own code for:
-   - No \`any\` type assertions
-   - No console.log in production code
-   - No large files (>200 lines of code)
-   - No large functions (>50 lines)
-   - No unused imports
-   - No secrets or .env files staged
-
-### 7. Retry on failure (up to 3 attempts)
-
-If any check fails:
-- Read the error output carefully
-- Fix the issue
-- Re-run the failing check
-- Repeat up to 3 total attempts per check
-
-If a check still fails after 3 attempts, go to the parking procedure (step 10).
-
-### 8. Create a PR and merge to dev
-
-When all checks pass:
-- git add the relevant files (never use git add -A)
-- git commit with a descriptive message
-- git push -u origin <branch-name>
-- gh pr create --title "<deliverable title>" --body "<summary>"
-- Save the PR URL \u2014 you need it for the completion report
-
-After the PR is created, merge your branch to dev so the next agent
-in the chain can build on your work without waiting for human review.
-Use a temporary local branch to avoid worktree checkout conflicts:
-
-  git fetch origin
-  git checkout -b _dev-merge origin/dev
-  git merge --no-ff <your-branch-name> -m "chore: merge <branch-name> to dev"
-  git push origin HEAD:dev
-  git checkout <your-branch-name>
-  git branch -D _dev-merge
-
-Never merge your own PR to main. Always merge to dev after creating the PR.
-
-### 9. Submit for review
-
-Call conductor_update_deliverable with:
-- status: "review"
-- completionReport with all check results and the prUrl
-
-Then call conductor_end_session with the sessionId.
-
-### 10. When you need a human decision
-
-If you hit a judgment call, ambiguous requirement, or blocker that needs human input:
-1. Call conductor_log_decision with the options and your reasoning.
-   This returns a decisionId.
-2. Call conductor_await_decision with that decisionId.
-   This blocks until the human approves in the Conductor panel (polls every
-   3 seconds, up to 5 minutes per call).
-3. If it returns "pending" (timeout), call conductor_await_decision again.
-   Keep calling until you get a resolution.
-4. Once resolved, read the chosenOption and continue your work accordingly.
-
-CRITICAL: You MUST call conductor_log_decision to create the decision.
-Do not just say "I need a decision" in text \u2014 the human cannot see your
-text output. The only way they know you need input is through the
-Conductor decision panel.
-
-### 11. Parking procedure (when truly stuck)
-
-If you cannot complete the work and waiting for a decision won't help:
-- Call conductor_update_deliverable with status "parked".
-- Call conductor_log_next describing what remains and why you stopped.
-- Call conductor_end_session with the sessionId.
-- Exit cleanly.
-
-## Rules
-
-- Follow all rules in CLAUDE.md (included above if present).
-- Never merge your own PR to main \u2014 only create it.
-- Always merge your branch to dev after creating the PR (see step 8).
-- Never make silent decisions \u2014 log every judgment call via conductor_log_decision.
-- If a subsequent deliverable exists in the same outcome, create a handoff
-  prompt via conductor_create_prompt before submitting for review.
-- Keep commits atomic and messages descriptive.
-- Do not install new dependencies without logging a decision.
-- Do not modify files outside the scope of your deliverable.
-- If you encounter merge conflicts, resolve them yourself.
-- Work within the existing code style and patterns.
-`.trim();
-var FREEFORM_TASK_WORKFLOW = `
-## Identity
-
-You are an agent spawned by Conductor's daemon to execute a task.
-When you need human input, use conductor_log_decision followed by
-conductor_await_decision \u2014 this blocks until the human responds in the
-Conductor panel. Work carefully and methodically.
-
-## Workflow
-
-1. Read the task description below carefully.
-2. Execute the task as described.
-3. If you hit a judgment call or blocker, log a decision via conductor_log_decision
-   and wait via conductor_await_decision. Do not proceed without resolution.
-4. When finished, report what you accomplished clearly.
-
-## Rules
-
-- Follow all rules in CLAUDE.md (included above if present).
-- Never make silent decisions \u2014 log every judgment call.
-- Work within the existing code style and patterns.
-- Do not install new dependencies without logging a decision.
-`.trim();
-function assembleAutonomousPrompt(ctx) {
-  const parts = [];
-  if (ctx.claudeMd.length > 0) {
-    parts.push("# Project Rules (CLAUDE.md)\n\n" + ctx.claudeMd);
-  }
-  parts.push("# Autonomous Runner Instructions\n\n" + AUTONOMOUS_WORKFLOW);
-  parts.push(
-    `# Your Assignment
-
-Project: ${ctx.projectName}
-Deliverable: ${ctx.item.title}
-Deliverable ID: ${ctx.item.entityId}
-Initiative: ${ctx.item.initiativeTitle ?? "unknown"}
-Priority: P${ctx.item.priority}
-Action: ${ctx.item.action}
-
-Start by calling conductor_session_brief with:
-- projectRoot: "${ctx.projectName}"
-- deliverableId: "${ctx.item.entityId}"
-- agentRole: "implementation-engineer"
-- agentType: "claude-code"`
-  );
-  return parts.join("\n\n---\n\n");
-}
-function assembleTaskPrompt(agent, task, claudeMd) {
-  const parts = [];
-  if (claudeMd.length > 0) {
-    parts.push("# Project Rules (CLAUDE.md)\n\n" + claudeMd);
-  }
-  if (agent.systemPrompt.length > 0) {
-    parts.push(
-      `# Agent: ${agent.name}
-
-## System Prompt
-
-` + agent.systemPrompt
-    );
-  }
-  if (task.deliverableId) {
-    parts.push("# Autonomous Runner Instructions\n\n" + AUTONOMOUS_WORKFLOW);
-  } else {
-    parts.push("# Task Instructions\n\n" + FREEFORM_TASK_WORKFLOW);
-  }
-  const assignmentLines = [
-    `# Your Assignment`,
-    ``,
-    `Task: ${task.title}`,
-    `Project: ${task.projectName}`
-  ];
-  if (task.deliverableId) {
-    assignmentLines.push(`Deliverable ID: ${task.deliverableId}`);
-    assignmentLines.push(``);
-    assignmentLines.push(`Start by calling conductor_session_brief with:`);
-    assignmentLines.push(`- projectRoot: "${task.projectName}"`);
-    assignmentLines.push(`- deliverableId: "${task.deliverableId}"`);
-    assignmentLines.push(`- agentRole: "implementation-engineer"`);
-    assignmentLines.push(`- agentType: "claude-code"`);
-  }
-  if (task.prompt.length > 0) {
-    assignmentLines.push(``);
-    assignmentLines.push(`## Task Details`);
-    assignmentLines.push(``);
-    assignmentLines.push(task.prompt);
-  }
-  parts.push(assignmentLines.join("\n"));
-  return parts.join("\n\n---\n\n");
-}
-
-export {
-  assembleAutonomousPrompt,
-  assembleTaskPrompt
-};