@meltstudio/meltctl 4.28.1 → 4.29.0

package/dist/commands/audit.d.ts

@@ -5,3 +5,6 @@ export declare function auditListCommand(options: {
     latest?: boolean;
     limit?: string;
 }): Promise<void>;
+export declare function auditViewCommand(id: string, options: {
+    output?: string;
+}): Promise<void>;

package/dist/commands/audit.js

@@ -186,3 +186,51 @@ export async function auditListCommand(options) {
         process.exit(1);
     }
 }
+export async function auditViewCommand(id, options) {
+    const token = await getToken();
+    try {
+        const res = await tokenFetch(token, `/audits/${id}`);
+        if (res.status === 403) {
+            console.error(chalk.red('Access denied. Only Team Managers can view audits.'));
+            process.exit(1);
+        }
+        if (res.status === 404) {
+            console.error(chalk.red(`Audit not found: ${id}`));
+            process.exit(1);
+        }
+        if (!res.ok) {
+            const body = (await res.json());
+            console.error(chalk.red(`Failed to fetch audit: ${body.error ?? res.statusText}`));
+            process.exit(1);
+        }
+        const audit = (await res.json());
+        if (options.output) {
+            const outputPath = path.resolve(options.output);
+            await fs.ensureDir(path.dirname(outputPath));
+            await fs.writeFile(outputPath, audit.content, 'utf-8');
+            console.log(chalk.green(`\n  ✓ Audit saved to ${path.relative(process.cwd(), outputPath)}\n`));
+        }
+        else {
+            const typeLabels = {
+                audit: 'Tech Audit',
+                'ux-audit': 'UX Audit',
+                'security-audit': 'Security Audit',
+            };
+            const label = typeLabels[audit.type] ?? audit.type;
+            const date = new Date(audit.createdAt).toLocaleDateString('en-US', {
+                month: 'short',
+                day: 'numeric',
+                year: 'numeric',
+            });
+            const repo = audit.repository ?? audit.project;
+            console.log();
+            console.log(chalk.dim(`  ${label} · ${repo} · ${audit.author} · ${date}`));
+            console.log();
+            console.log(audit.content);
+        }
+    }
+    catch (error) {
+        console.error(chalk.red(`Failed to fetch audit: ${error instanceof Error ? error.message : 'Unknown error'}`));
+        process.exit(1);
+    }
+}

package/dist/commands/audit.test.js

@@ -234,6 +234,78 @@ describe('auditListCommand', () => {
         await auditListCommand({});
         expect(console.log).toHaveBeenCalled();
     });
+    it('displays age-colored output when latest option is set', async () => {
+        ;
+        getToken.mockResolvedValue('test-token');
+        const now = Date.now();
+        const threeDaysAgo = new Date(now - 3 * 24 * 60 * 60 * 1000).toISOString();
+        const fifteenDaysAgo = new Date(now - 15 * 24 * 60 * 60 * 1000).toISOString();
+        const sixtyDaysAgo = new Date(now - 60 * 24 * 60 * 60 * 1000).toISOString();
+        const mockResponse = {
+            ok: true,
+            status: 200,
+            json: vi.fn().mockResolvedValue({
+                audits: [
+                    {
+                        id: '1',
+                        type: 'audit',
+                        project: 'project-a',
+                        repository: 'Org/RepoA',
+                        author: 'dev1@meltstudio.co',
+                        branch: 'main',
+                        commit: 'aaa1111',
+                        createdAt: threeDaysAgo,
+                        created_at: threeDaysAgo,
+                    },
+                    {
+                        id: '2',
+                        type: 'ux-audit',
+                        project: 'project-b',
+                        repository: 'Org/RepoB',
+                        author: 'dev2@meltstudio.co',
+                        branch: 'main',
+                        commit: 'bbb2222',
+                        createdAt: fifteenDaysAgo,
+                        created_at: fifteenDaysAgo,
+                    },
+                    {
+                        id: '3',
+                        type: 'security-audit',
+                        project: 'project-c',
+                        repository: 'Org/RepoC',
+                        author: 'dev3@meltstudio.co',
+                        branch: 'main',
+                        commit: 'ccc3333',
+                        createdAt: sixtyDaysAgo,
+                        created_at: sixtyDaysAgo,
+                    },
+                ],
+                count: 3,
+            }),
+        };
+        tokenFetch.mockResolvedValue(mockResponse);
+        await auditListCommand({ latest: true });
+        const logCalls = console.log.mock.calls.map((c) => String(c[0]));
+        // Should display "Latest Audits" header
+        expect(logCalls.some((msg) => msg.includes('Latest Audits'))).toBe(true);
+        // Should display AGE column header
+        expect(logCalls.some((msg) => msg.includes('AGE'))).toBe(true);
+    });
+    it('exits with error when auditListCommand tokenFetch throws', async () => {
+        ;
+        getToken.mockResolvedValue('test-token');
+        tokenFetch.mockRejectedValue(new Error('Network error'));
+        await expect(auditListCommand({})).rejects.toThrow('process.exit(1)');
+        const errorCalls = console.error.mock.calls.map((c) => String(c[0]));
+        expect(errorCalls.some((msg) => msg.includes('Network error'))).toBe(true);
+    });
+    it('exits with error when findMdFiles throws (e.g. .audits/ unreadable)', async () => {
+        ;
+        getToken.mockResolvedValue('test-token');
+        findMdFiles.mockRejectedValue(new Error('EACCES: permission denied'));
+        fs.pathExists.mockResolvedValue(false);
+        await expect(auditSubmitCommand()).rejects.toThrow();
+    });
     it('shows "No audits found" when list is empty', async () => {
         ;
         getToken.mockResolvedValue('test-token');

package/dist/commands/login.test.js

@@ -151,6 +151,26 @@ describe('loginCommand', () => {
         expect(res._statusCode).toBe(200);
         expect(res._body).toContain('failed');
     });
+    it('handles token response with missing fields gracefully', async () => {
+        // Token response missing expiresAt
+        const fetchMock = vi.fn().mockResolvedValue({
+            ok: true,
+            json: vi.fn().mockResolvedValue({ token: 'jwt-token', email: 'dev@meltstudio.co' }),
+        });
+        vi.stubGlobal('fetch', fetchMock);
+        const loginPromise = loginCommand();
+        await new Promise(r => setTimeout(r, 10));
+        const req = createMockReq('/?code=test-code');
+        const res = createMockRes();
+        capturedRequestHandler(req, res);
+        await loginPromise;
+        // storeAuth is called with undefined for expiresAt since the field is missing
+        expect(storeAuth).toHaveBeenCalledWith({
+            token: 'jwt-token',
+            email: 'dev@meltstudio.co',
+            expiresAt: undefined,
+        });
+    });
     it('returns 400 when callback has no code or error', async () => {
         const fetchMock = vi.fn().mockResolvedValue({
             ok: true,

package/dist/index.js

@@ -14,7 +14,7 @@ import { versionCheckCommand } from './commands/version.js';
 import { standupCommand } from './commands/standup.js';
 import { feedbackCommand } from './commands/feedback.js';
 import { coinsCommand } from './commands/coins.js';
-import { auditSubmitCommand, auditListCommand } from './commands/audit.js';
+import { auditSubmitCommand, auditListCommand, auditViewCommand } from './commands/audit.js';
 import { planSubmitCommand, planListCommand } from './commands/plan.js';
 // Read version from package.json
 const __filename = fileURLToPath(import.meta.url);
@@ -109,6 +109,14 @@ audit
     .action(async (options) => {
     await auditListCommand(options);
 });
+audit
+    .command('view')
+    .description('view a submitted audit by ID (Team Managers only)')
+    .argument('<id>', 'audit ID')
+    .option('-o, --output <file>', 'save to file instead of printing')
+    .action(async (id, options) => {
+    await auditViewCommand(id, options);
+});
 const plan = program.command('plan').description('submit and list plans');
 plan
     .command('submit')

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meltstudio/meltctl",
-  "version": "4.28.1",
+  "version": "4.29.0",
   "description": "AI-first development tools for teams - set up AGENTS.md, Claude Code, Cursor, and OpenCode standards",
   "main": "dist/index.js",
   "type": "module",