@mmnto/cli 1.5.3 → 1.5.5

package/dist/commands/ledger-analyzer.test.js

@@ -0,0 +1,163 @@
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { analyzeLedger, readLedgerBypassCounts } from './ledger-analyzer.js';
+// ─── Helpers ────────────────────────────────────────────
+function makeTmpDir() {
+    return fs.mkdtempSync(path.join(os.tmpdir(), 'totem-ledger-analyzer-'));
+}
+function makeLedgerEvent(ruleId, type = 'suppress') {
+    return JSON.stringify({
+        timestamp: '2026-03-25T12:00:00.000Z',
+        type,
+        ruleId,
+        file: 'src/index.ts',
+        justification: type === 'override' ? 'Legacy code' : '',
+        source: 'lint',
+    });
+}
+function writeLedger(totemDir, lines) {
+    const ledgerDir = path.join(totemDir, 'ledger');
+    fs.mkdirSync(ledgerDir, { recursive: true });
+    fs.writeFileSync(path.join(ledgerDir, 'events.ndjson'), lines.join('\n') + '\n', 'utf-8');
+}
+function writeMetrics(totemDir, rules) {
+    const cacheDir = path.join(totemDir, 'cache');
+    fs.mkdirSync(cacheDir, { recursive: true });
+    const metricsData = {
+        version: 1,
+        rules: Object.fromEntries(Object.entries(rules).map(([id, counts]) => [
+            id,
+            {
+                triggerCount: counts.triggerCount,
+                suppressCount: counts.suppressCount,
+                lastTriggeredAt: '2026-03-25T12:00:00.000Z',
+                lastSuppressedAt: null,
+            },
+        ])),
+    };
+    fs.writeFileSync(path.join(cacheDir, 'rule-metrics.json'), JSON.stringify(metricsData, null, 2) + '\n', 'utf-8');
+}
+// ─── readLedgerBypassCounts ─────────────────────────────
+describe('readLedgerBypassCounts', () => {
+    let tmpDir;
+    beforeEach(() => {
+        tmpDir = makeTmpDir();
+    });
+    afterEach(() => {
+        fs.rmSync(tmpDir, { recursive: true, force: true });
+    });
+    it('returns empty map when ledger does not exist', async () => {
+        const counts = await readLedgerBypassCounts(tmpDir);
+        expect(counts.size).toBe(0);
+    });
+    it('counts bypass events per ruleId', async () => {
+        writeLedger(tmpDir, [
+            makeLedgerEvent('rule-a'),
+            makeLedgerEvent('rule-b'),
+            makeLedgerEvent('rule-a'),
+            makeLedgerEvent('rule-a', 'override'),
+        ]);
+        const counts = await readLedgerBypassCounts(tmpDir);
+        expect(counts.get('rule-a')).toBe(3);
+        expect(counts.get('rule-b')).toBe(1);
+    });
+    it('skips malformed lines and warns', async () => {
+        const onWarn = vi.fn();
+        writeLedger(tmpDir, [makeLedgerEvent('rule-a'), '{{{invalid json', makeLedgerEvent('rule-b')]);
+        const counts = await readLedgerBypassCounts(tmpDir, onWarn);
+        expect(counts.get('rule-a')).toBe(1);
+        expect(counts.get('rule-b')).toBe(1);
+        expect(onWarn).toHaveBeenCalledWith('Skipping malformed ledger line');
+    });
+    it('skips events that fail schema validation', async () => {
+        writeLedger(tmpDir, [
+            makeLedgerEvent('rule-a'),
+            JSON.stringify({ type: 'suppress' }), // missing required fields
+        ]);
+        const counts = await readLedgerBypassCounts(tmpDir);
+        expect(counts.get('rule-a')).toBe(1);
+        expect(counts.size).toBe(1);
+    });
+    it('skips blank lines', async () => {
+        const ledgerDir = path.join(tmpDir, 'ledger');
+        fs.mkdirSync(ledgerDir, { recursive: true });
+        fs.writeFileSync(path.join(ledgerDir, 'events.ndjson'), makeLedgerEvent('rule-a') + '\n\n\n' + makeLedgerEvent('rule-b') + '\n', 'utf-8');
+        const counts = await readLedgerBypassCounts(tmpDir);
+        expect(counts.get('rule-a')).toBe(1);
+        expect(counts.get('rule-b')).toBe(1);
+    });
+});
+// ─── analyzeLedger ──────────────────────────────────────
+describe('analyzeLedger', () => {
+    let tmpDir;
+    beforeEach(() => {
+        tmpDir = makeTmpDir();
+    });
+    afterEach(() => {
+        fs.rmSync(tmpDir, { recursive: true, force: true });
+    });
+    it('returns empty map when no ledger or metrics exist', async () => {
+        const stats = await analyzeLedger(tmpDir);
+        expect(stats.size).toBe(0);
+    });
+    it('counts bypass events from ledger', async () => {
+        writeLedger(tmpDir, [
+            makeLedgerEvent('rule-a'),
+            makeLedgerEvent('rule-a'),
+            makeLedgerEvent('rule-b'),
+        ]);
+        const stats = await analyzeLedger(tmpDir);
+        expect(stats.get('rule-a')?.bypassCount).toBe(2);
+        expect(stats.get('rule-b')?.bypassCount).toBe(1);
+    });
+    it('merges trigger counts from rule-metrics', async () => {
+        writeLedger(tmpDir, [makeLedgerEvent('rule-a')]);
+        writeMetrics(tmpDir, {
+            'rule-a': { triggerCount: 10, suppressCount: 1 },
+            'rule-c': { triggerCount: 5, suppressCount: 0 },
+        });
+        const stats = await analyzeLedger(tmpDir);
+        // rule-a: 10 triggers + 1 bypass from ledger
+        expect(stats.get('rule-a')?.triggerCount).toBe(10);
+        expect(stats.get('rule-a')?.bypassCount).toBe(1);
+        expect(stats.get('rule-a')?.totalEvents).toBe(11);
+        // rule-c: 5 triggers, 0 bypasses (not in ledger)
+        expect(stats.get('rule-c')?.triggerCount).toBe(5);
+        expect(stats.get('rule-c')?.bypassCount).toBe(0);
+        expect(stats.get('rule-c')?.totalEvents).toBe(5);
+    });
+    it('calculates correct bypass rate', async () => {
+        writeLedger(tmpDir, [makeLedgerEvent('rule-a'), makeLedgerEvent('rule-a')]);
+        writeMetrics(tmpDir, {
+            'rule-a': { triggerCount: 8, suppressCount: 2 },
+        });
+        const stats = await analyzeLedger(tmpDir);
+        const ruleA = stats.get('rule-a');
+        // 2 bypasses / (8 triggers + 2 bypasses) = 0.2
+        expect(ruleA.bypassRate).toBeCloseTo(0.2);
+        expect(ruleA.totalEvents).toBe(10);
+    });
+    it('handles div-by-zero: 0 events yields 0% rate', async () => {
+        // Rule exists in metrics with 0 triggers and 0 suppressions
+        writeMetrics(tmpDir, {
+            'rule-empty': { triggerCount: 0, suppressCount: 0 },
+        });
+        const stats = await analyzeLedger(tmpDir);
+        const ruleEmpty = stats.get('rule-empty');
+        expect(ruleEmpty.bypassRate).toBe(0);
+        expect(ruleEmpty.totalEvents).toBe(0);
+    });
+    it('handles missing ledger file gracefully', async () => {
+        writeMetrics(tmpDir, {
+            'rule-a': { triggerCount: 3, suppressCount: 0 },
+        });
+        const stats = await analyzeLedger(tmpDir);
+        const ruleA = stats.get('rule-a');
+        expect(ruleA.triggerCount).toBe(3);
+        expect(ruleA.bypassCount).toBe(0);
+        expect(ruleA.bypassRate).toBe(0);
+    });
+});
+//# sourceMappingURL=ledger-analyzer.test.js.map

package/dist/commands/ledger-analyzer.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ledger-analyzer.test.js","sourceRoot":"","sources":["../../src/commands/ledger-analyzer.test.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAGzE,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAE7E,2DAA2D;AAE3D,SAAS,UAAU;IACjB,OAAO,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,eAAe,CAAC,MAAc,EAAE,OAAgC,UAAU;IACjF,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,SAAS,EAAE,0BAA0B;QACrC,IAAI;QACJ,MAAM;QACN,IAAI,EAAE,cAAc;QACpB,aAAa,EAAE,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;QACvD,MAAM,EAAE,MAAM;KACf,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB,EAAE,KAAe;IACpD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAChD,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AAC5F,CAAC;AAED,SAAS,YAAY,CACnB,QAAgB,EAChB,KAAsE;IAEtE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC9C,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,MAAM,WAAW,GAAG;QAClB,OAAO,EAAE,CAAC;QACV,KAAK,EAAE,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YAC1C,EAAE;YACF;gBACE,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,aAAa,EAAE,MAAM,CAAC,aAAa;gBACnC,eAAe,EAAE,0BAA0B;gBAC3C,gBAAgB,EAAE,IAAI;aACvB;SACF,CAAC,CACH;KACF,CAAC;IACF,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,mBAAmB,CAAC,EACxC,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAC3C,OAAO,CACR,CAAC;AACJ,CAAC;AAED,2DAA2D;AAE3D,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,IAAI,MAAc,CAAC;IAEnB,UAAU,CAAC,GAAG,EAAE;QACd,MAAM,GAAG,UAAU,EAAE,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;QAC5D,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,WAAW,CAAC,MAAM,EAAE;YAClB,eAAe,CAAC,QAAQ,CAAC;YACzB,eAAe,CAAC,QAAQ,CAAC;YACzB,eAAe,CAAC,QAAQ,CAAC;YACzB,eAAe,CAAC,QAAQ,EAAE,UAAU,CAAC;SACtC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACvB,WAAW,CAAC,MAAM,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,iBAAiB,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAE/F,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC5D,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,CAAC,oBAAoB,CAAC,gCAAgC,CAAC,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,WAAW,CAAC,MAAM,EAAE;YAClB,eAAe,CAAC,QAAQ,CAAC;YACzB,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,EAAE,0BAA0B;SACjE,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mBAAmB,EAAE,KAAK,IAAI,EAAE;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC9C,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7C,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EACrC,eAAe,CAAC,QAAQ,CAAC,GAAG,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,GAAG,IAAI,EACvE,OAAO,CACR,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,2DAA2D;AAE3D,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAI,MAAc,CAAC;IAEnB,UAAU,CAAC,GAAG,EAAE;QACd,MAAM,GAAG,UAAU,EAAE,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,WAAW,CAAC,MAAM,EAAE;YAClB,eAAe,CAAC,QAAQ,CAAC;YACzB,eAAe,CAAC,QAAQ,CAAC;YACzB,eAAe,CAAC,QAAQ,CAAC;SAC1B,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,WAAW,CAAC,MAAM,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACjD,YAAY,CAAC,MAAM,EAAE;YACnB,QAAQ,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE;YAChD,QAAQ,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;SAChD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAE1C,6CAA6C;QAC7C,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAElD,iDAAiD;QACjD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,WAAW,CAAC,MAAM,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC5E,YAAY,CAAC,MAAM,EAAE;YACnB,QAAQ,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;SAChD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAoB,CAAC;QAErD,+CAA+C;QAC/C,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;QAC5D,4DAA4D;QAC5D,YAAY,CAAC,MAAM,EAAE;YACnB,YAAY,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;SACpD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAoB,CAAC;QAE7D,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,YAAY,CAAC,MAAM,EAAE;YACnB,QAAQ,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;SAChD,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAoB,CAAC;QAErD,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/list-secrets.d.ts

@@ -0,0 +1,15 @@
+export interface SecretEntry {
+    index: number;
+    type: 'pattern' | 'literal';
+    value: string;
+    source: 'shared/yaml' | 'local/json';
+}
+/** Mask a literal secret value: show first 4 chars + `***`. */
+export declare function maskLiteral(value: string): string;
+/**
+ * Build an indexed list of all secrets from both sources.
+ * Does not print anything — used by both list and remove commands.
+ */
+export declare function buildSecretEntries(cwd: string, totemDir?: string): Promise<SecretEntry[]>;
+export declare function listSecretsCommand(cwd?: string, totemDir?: string): Promise<SecretEntry[]>;
+//# sourceMappingURL=list-secrets.d.ts.map

package/dist/commands/list-secrets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-secrets.d.ts","sourceRoot":"","sources":["../../src/commands/list-secrets.ts"],"names":[],"mappings":"AAmBA,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,aAAa,GAAG,YAAY,CAAC;CACtC;AAID,+DAA+D;AAC/D,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAGjD;AA6CD;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,SAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CA0BjG;AAID,wBAAsB,kBAAkB,CACtC,GAAG,SAAgB,EACnB,QAAQ,SAAW,GAClB,OAAO,CAAC,WAAW,EAAE,CAAC,CAsBxB"}

package/dist/commands/list-secrets.js

@@ -0,0 +1,104 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { SecretsFileSchema } from '@mmnto/totem';
+// ─── Constants ──────────────────────────────────────────
+const TAG = 'ListSecrets';
+const YAML_CONFIG_FILES = [
+    'totem.config.yaml',
+    'totem.config.yml',
+    'totem.yaml',
+    'totem.yml',
+];
+// ─── Helpers ────────────────────────────────────────────
+/** Mask a literal secret value: show first 4 chars + `***`. */
+export function maskLiteral(value) {
+    if (value.length <= 4)
+        return '****';
+    return value.slice(0, 4) + '***';
+}
+/** Read secrets from the first matching YAML config file. */
+async function loadYamlSecrets(cwd) {
+    for (const file of YAML_CONFIG_FILES) {
+        const configPath = path.join(cwd, file);
+        if (!fs.existsSync(configPath))
+            continue;
+        try {
+            const { parse } = await import('yaml');
+            const content = fs.readFileSync(configPath, 'utf-8');
+            const parsed = parse(content);
+            if (parsed && Array.isArray(parsed.secrets)) {
+                return parsed.secrets.filter((s) => s && typeof s.type === 'string' && typeof s.value === 'string');
+            }
+            return [];
+        }
+        catch {
+            return [];
+        }
+    }
+    return [];
+}
+/** Read secrets from `.totem/secrets.json`. */
+function loadJsonSecrets(cwd, totemDir) {
+    const jsonPath = path.join(cwd, totemDir, 'secrets.json');
+    if (!fs.existsSync(jsonPath))
+        return [];
+    try {
+        const content = fs.readFileSync(jsonPath, 'utf-8');
+        const parsed = JSON.parse(content);
+        const result = SecretsFileSchema.safeParse(parsed);
+        if (result.success) {
+            return result.data.secrets;
+        }
+        return [];
+    }
+    catch {
+        return [];
+    }
+}
+// ─── Entry builder (shared with remove-secret) ─────────
+/**
+ * Build an indexed list of all secrets from both sources.
+ * Does not print anything — used by both list and remove commands.
+ */
+export async function buildSecretEntries(cwd, totemDir = '.totem') {
+    const yamlSecrets = await loadYamlSecrets(cwd);
+    const jsonSecrets = loadJsonSecrets(cwd, totemDir);
+    const entries = [];
+    let idx = 1;
+    for (const secret of yamlSecrets) {
+        entries.push({
+            index: idx++,
+            type: secret.type,
+            value: secret.value,
+            source: 'shared/yaml',
+        });
+    }
+    for (const secret of jsonSecrets) {
+        entries.push({
+            index: idx++,
+            type: secret.type,
+            value: secret.value,
+            source: 'local/json',
+        });
+    }
+    return entries;
+}
+// ─── Main ───────────────────────────────────────────────
+export async function listSecretsCommand(cwd = process.cwd(), totemDir = '.totem') {
+    const { log } = await import('../ui.js');
+    const entries = await buildSecretEntries(cwd, totemDir);
+    if (entries.length === 0) {
+        log.info(TAG, 'No custom secrets configured.');
+        return [];
+    }
+    // Print header
+    log.info(TAG, `${entries.length} custom secret(s) configured:\n`);
+    // Print each entry
+    for (const entry of entries) {
+        const displayValue = entry.type === 'literal' ? maskLiteral(entry.value) : entry.value;
+        console.error(`  ${entry.index}. [${entry.type}] ${displayValue}  (${entry.source})`);
+    }
+    console.error('');
+    return entries;
+}
+//# sourceMappingURL=list-secrets.js.map

package/dist/commands/list-secrets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-secrets.js","sourceRoot":"","sources":["../../src/commands/list-secrets.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAGlC,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAEjD,2DAA2D;AAE3D,MAAM,GAAG,GAAG,aAAa,CAAC;AAE1B,MAAM,iBAAiB,GAAG;IACxB,mBAAmB;IACnB,kBAAkB;IAClB,YAAY;IACZ,WAAW;CACH,CAAC;AAWX,2DAA2D;AAE3D,+DAA+D;AAC/D,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,MAAM,CAAC;IACrC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC;AACnC,CAAC;AAED,6DAA6D;AAC7D,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,KAAK,MAAM,IAAI,IAAI,iBAAiB,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;YAAE,SAAS;QAEzC,IAAI,CAAC;YACH,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;YACvC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAmC,CAAC;YAChE,IAAI,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAQ,MAAM,CAAC,OAA0B,CAAC,MAAM,CAC9C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,KAAK,KAAK,QAAQ,CACtE,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,+CAA+C;AAC/C,SAAS,eAAe,CAAC,GAAW,EAAE,QAAgB;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC1D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,CAAC;IAExC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAY,CAAC;QAC9C,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;QAC7B,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW,EAAE,QAAQ,GAAG,QAAQ;IACvE,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAEnD,MAAM,OAAO,GAAkB,EAAE,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IAEZ,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC;YACX,KAAK,EAAE,GAAG,EAAE;YACZ,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,MAAM,EAAE,aAAa;SACtB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC;YACX,KAAK,EAAE,GAAG,EAAE;YACZ,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,MAAM,EAAE,YAAY;SACrB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2DAA2D;AAE3D,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,EACnB,QAAQ,GAAG,QAAQ;IAEnB,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;IAEzC,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAExD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,+BAA+B,CAAC,CAAC;QAC/C,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,eAAe;IACf,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,MAAM,iCAAiC,CAAC,CAAC;IAElE,mBAAmB;IACnB,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC;QACvF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,KAAK,MAAM,KAAK,CAAC,IAAI,KAAK,YAAY,MAAM,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAElB,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/commands/list-secrets.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=list-secrets.test.d.ts.map

package/dist/commands/list-secrets.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-secrets.test.d.ts","sourceRoot":"","sources":["../../src/commands/list-secrets.test.ts"],"names":[],"mappings":""}

package/dist/commands/list-secrets.test.js

@@ -0,0 +1,85 @@
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { listSecretsCommand, maskLiteral } from './list-secrets.js';
+// ─── Helpers ────────────────────────────────────────────
+let tmpDirs = [];
+function makeTmpDir() {
+    const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'totem-list-secrets-'));
+    tmpDirs.push(dir);
+    return dir;
+}
+// ─── Tests ──────────────────────────────────────────────
+describe('maskLiteral', () => {
+    it('masks values longer than 4 chars', () => {
+        expect(maskLiteral('my-secret-key')).toBe('my-s***');
+    });
+    it('masks values with exactly 4 chars', () => {
+        expect(maskLiteral('abcd')).toBe('****');
+    });
+    it('masks values shorter than 4 chars', () => {
+        expect(maskLiteral('abc')).toBe('****');
+    });
+});
+describe('listSecretsCommand', () => {
+    let stderrSpy;
+    beforeEach(() => {
+        stderrSpy = vi.spyOn(console, 'error').mockImplementation(() => { });
+    });
+    afterEach(() => {
+        stderrSpy.mockRestore();
+        for (const dir of tmpDirs) {
+            fs.rmSync(dir, { recursive: true, force: true });
+        }
+        tmpDirs = [];
+    });
+    it('shows both shared and local secrets with source labels', async () => {
+        const cwd = makeTmpDir();
+        const totemDir = '.totem';
+        // Write YAML config with a shared secret
+        fs.writeFileSync(path.join(cwd, 'totem.yaml'), 'secrets:\n  - type: pattern\n    value: "ACME-[A-Z]{4}"\n  - type: literal\n    value: "shared-secret-1"\n', 'utf-8');
+        // Write local secrets.json
+        const totemDirPath = path.join(cwd, totemDir);
+        fs.mkdirSync(totemDirPath, { recursive: true });
+        fs.writeFileSync(path.join(totemDirPath, 'secrets.json'), JSON.stringify({
+            secrets: [{ type: 'literal', value: 'local-secret-1' }],
+        }), 'utf-8');
+        const entries = await listSecretsCommand(cwd, totemDir);
+        expect(entries).toHaveLength(3);
+        expect(entries[0].source).toBe('shared/yaml');
+        expect(entries[1].source).toBe('shared/yaml');
+        expect(entries[2].source).toBe('local/json');
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        expect(output).toContain('shared/yaml');
+        expect(output).toContain('local/json');
+        expect(output).toContain('3 custom secret(s) configured');
+    });
+    it('shows message when no secrets configured', async () => {
+        const cwd = makeTmpDir();
+        const entries = await listSecretsCommand(cwd);
+        expect(entries).toHaveLength(0);
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        expect(output).toContain('No custom secrets configured.');
+    });
+    it('masks literal values but shows pattern values', async () => {
+        const cwd = makeTmpDir();
+        const totemDir = '.totem';
+        const totemDirPath = path.join(cwd, totemDir);
+        fs.mkdirSync(totemDirPath, { recursive: true });
+        fs.writeFileSync(path.join(totemDirPath, 'secrets.json'), JSON.stringify({
+            secrets: [
+                { type: 'literal', value: 'super-secret-value' },
+                { type: 'pattern', value: 'ACME-[A-Z]{4}' },
+            ],
+        }), 'utf-8');
+        await listSecretsCommand(cwd, totemDir);
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        // Literal should be masked
+        expect(output).toContain('supe***');
+        expect(output).not.toContain('super-secret-value');
+        // Pattern should be shown in full
+        expect(output).toContain('ACME-[A-Z]{4}');
+    });
+});
+//# sourceMappingURL=list-secrets.test.js.map

package/dist/commands/list-secrets.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-secrets.test.js","sourceRoot":"","sources":["../../src/commands/list-secrets.test.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAEzE,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEpE,2DAA2D;AAE3D,IAAI,OAAO,GAAa,EAAE,CAAC;AAE3B,SAAS,UAAU;IACjB,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,qBAAqB,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAClB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,2DAA2D;AAE3D,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,IAAI,SAAsC,CAAC;IAE3C,UAAU,CAAC,GAAG,EAAE;QACd,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,SAAS,CAAC,WAAW,EAAE,CAAC;QACxB,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC;QAE1B,yCAAyC;QACzC,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,EAC5B,4GAA4G,EAC5G,OAAO,CACR,CAAC;QAEF,2BAA2B;QAC3B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC9C,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChD,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,cAAc,CAAC,EACvC,IAAI,CAAC,SAAS,CAAC;YACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,CAAC;SACxD,CAAC,EACF,OAAO,CACR,CAAC;QAEF,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAExD,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAE7C,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QAEzB,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAE9C,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAEhC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC;QAE1B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC9C,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChD,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,cAAc,CAAC,EACvC,IAAI,CAAC,SAAS,CAAC;YACb,OAAO,EAAE;gBACP,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,oBAAoB,EAAE;gBAChD,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,eAAe,EAAE;aAC5C;SACF,CAAC,EACF,OAAO,CACR,CAAC;QAEF,MAAM,kBAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAExC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,2BAA2B;QAC3B,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QACnD,kCAAkC;QAClC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/remove-secret.d.ts

@@ -0,0 +1,2 @@
+export declare function removeSecretCommand(indexStr: string, cwd?: string, totemDir?: string): Promise<void>;
+//# sourceMappingURL=remove-secret.d.ts.map

package/dist/commands/remove-secret.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"remove-secret.d.ts","sourceRoot":"","sources":["../../src/commands/remove-secret.ts"],"names":[],"mappings":"AAYA,wBAAsB,mBAAmB,CACvC,QAAQ,EAAE,MAAM,EAChB,GAAG,SAAgB,EACnB,QAAQ,SAAW,GAClB,OAAO,CAAC,IAAI,CAAC,CA+Df"}

package/dist/commands/remove-secret.js

@@ -0,0 +1,53 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+// ─── Constants ──────────────────────────────────────────
+const TAG = 'RemoveSecret';
+const SECRETS_REL_PATH = '.totem/secrets.json';
+// ─── Main ───────────────────────────────────────────────
+export async function removeSecretCommand(indexStr, cwd = process.cwd(), totemDir = '.totem') {
+    const { log } = await import('../ui.js');
+    const { buildSecretEntries } = await import('./list-secrets.js');
+    // 1. Build the full list to resolve index → source (silent, no output)
+    const entries = await buildSecretEntries(cwd, totemDir);
+    const index = parseInt(indexStr, 10);
+    if (isNaN(index) || index < 1 || index > entries.length) {
+        log.error('Totem Error', `Index ${indexStr} is out of range. Valid range: 1–${entries.length || 0}.`);
+        process.exit(1);
+    }
+    const target = entries[index - 1];
+    // 2. Reject shared/yaml secrets
+    if (target.source === 'shared/yaml') {
+        log.error('Totem Error', 'Cannot remove shared secrets from CLI. Edit your totem.config.yaml directly.');
+        process.exit(1);
+    }
+    // 3. Read secrets.json
+    const secretsPath = path.join(cwd, SECRETS_REL_PATH);
+    let data = { secrets: [] };
+    try {
+        const content = fs.readFileSync(secretsPath, 'utf-8');
+        data = JSON.parse(content);
+        if (!Array.isArray(data.secrets)) {
+            data.secrets = [];
+        }
+    }
+    catch {
+        log.error('Totem Error', `Failed to read ${SECRETS_REL_PATH}.`);
+        process.exit(1);
+    }
+    // 4. Compute the local index within secrets.json
+    //    The entry's position among local/json entries maps to the JSON array.
+    //    Count how many shared/yaml entries come before this entry.
+    const yamlCount = entries.filter((e) => e.source === 'shared/yaml').length;
+    const localIndex = index - 1 - yamlCount;
+    if (localIndex < 0 || localIndex >= data.secrets.length) {
+        log.error('Totem Error', `Index ${indexStr} is out of range for local secrets.`);
+        process.exit(1);
+    }
+    // 5. Remove
+    const [removed] = data.secrets.splice(localIndex, 1);
+    // 6. Write back
+    fs.writeFileSync(secretsPath, JSON.stringify(data, null, 2) + '\n', 'utf-8');
+    // 7. Confirm
+    log.success(TAG, `Removed ${removed.type} secret: "${removed.type === 'literal' ? removed.value.slice(0, 4) + '***' : removed.value}"`);
+}
+//# sourceMappingURL=remove-secret.js.map

package/dist/commands/remove-secret.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"remove-secret.js","sourceRoot":"","sources":["../../src/commands/remove-secret.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAIlC,2DAA2D;AAE3D,MAAM,GAAG,GAAG,cAAc,CAAC;AAC3B,MAAM,gBAAgB,GAAG,qBAAqB,CAAC;AAE/C,2DAA2D;AAE3D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,QAAgB,EAChB,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,EACnB,QAAQ,GAAG,QAAQ;IAEnB,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;IACzC,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAEjE,uEAAuE;IACvE,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAExD,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACrC,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QACxD,GAAG,CAAC,KAAK,CACP,aAAa,EACb,SAAS,QAAQ,oCAAoC,OAAO,CAAC,MAAM,IAAI,CAAC,GAAG,CAC5E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;IAElC,gCAAgC;IAChC,IAAI,MAAM,CAAC,MAAM,KAAK,aAAa,EAAE,CAAC;QACpC,GAAG,CAAC,KAAK,CACP,aAAa,EACb,8EAA8E,CAC/E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,uBAAuB;IACvB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IACrD,IAAI,IAAI,GAAgB,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACtD,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAgB,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;QACpB,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,kBAAkB,gBAAgB,GAAG,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,iDAAiD;IACjD,2EAA2E;IAC3E,gEAAgE;IAChE,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,aAAa,CAAC,CAAC,MAAM,CAAC;IAC3E,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,GAAG,SAAS,CAAC;IAEzC,IAAI,UAAU,GAAG,CAAC,IAAI,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACxD,GAAG,CAAC,KAAK,CAAC,aAAa,EAAE,SAAS,QAAQ,qCAAqC,CAAC,CAAC;QACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,YAAY;IACZ,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IAErD,gBAAgB;IAChB,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;IAE7E,aAAa;IACb,GAAG,CAAC,OAAO,CACT,GAAG,EACH,WAAW,OAAO,CAAC,IAAI,aAAa,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,GAAG,CACtH,CAAC;AACJ,CAAC"}

package/dist/commands/remove-secret.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=remove-secret.test.d.ts.map

package/dist/commands/remove-secret.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"remove-secret.test.d.ts","sourceRoot":"","sources":["../../src/commands/remove-secret.test.ts"],"names":[],"mappings":""}

package/dist/commands/remove-secret.test.js

@@ -0,0 +1,85 @@
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import { removeSecretCommand } from './remove-secret.js';
+// ─── Helpers ────────────────────────────────────────────
+let tmpDirs = [];
+function makeTmpDir() {
+    const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'totem-remove-secret-'));
+    tmpDirs.push(dir);
+    return dir;
+}
+function writeSecretsJson(cwd, totemDir, data) {
+    const dirPath = path.join(cwd, totemDir);
+    fs.mkdirSync(dirPath, { recursive: true });
+    fs.writeFileSync(path.join(dirPath, 'secrets.json'), JSON.stringify(data, null, 2) + '\n', 'utf-8');
+}
+function readSecretsJson(cwd, totemDir) {
+    const content = fs.readFileSync(path.join(cwd, totemDir, 'secrets.json'), 'utf-8');
+    return JSON.parse(content);
+}
+// ─── Tests ──────────────────────────────────────────────
+describe('removeSecretCommand', () => {
+    let stderrSpy;
+    let exitSpy;
+    beforeEach(() => {
+        stderrSpy = vi.spyOn(console, 'error').mockImplementation(() => { });
+        exitSpy = vi.spyOn(process, 'exit').mockImplementation(() => {
+            throw new Error('process.exit called');
+        });
+    });
+    afterEach(() => {
+        stderrSpy.mockRestore();
+        exitSpy.mockRestore();
+        for (const dir of tmpDirs) {
+            fs.rmSync(dir, { recursive: true, force: true });
+        }
+        tmpDirs = [];
+    });
+    it('removes entry at specified index', async () => {
+        const cwd = makeTmpDir();
+        const totemDir = '.totem';
+        writeSecretsJson(cwd, totemDir, {
+            secrets: [
+                { type: 'literal', value: 'first-secret' },
+                { type: 'pattern', value: 'PATTERN-\\d+' },
+                { type: 'literal', value: 'third-secret' },
+            ],
+        });
+        // Remove the second entry (index 2, which is the second local/json secret)
+        await removeSecretCommand('2', cwd, totemDir);
+        const updated = readSecretsJson(cwd, totemDir);
+        expect(updated.secrets).toHaveLength(2);
+        expect(updated.secrets[0].value).toBe('first-secret');
+        expect(updated.secrets[1].value).toBe('third-secret');
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        expect(output).toContain('Removed');
+    });
+    it('rejects out-of-range index', async () => {
+        const cwd = makeTmpDir();
+        const totemDir = '.totem';
+        writeSecretsJson(cwd, totemDir, {
+            secrets: [{ type: 'literal', value: 'only-secret' }],
+        });
+        await expect(removeSecretCommand('5', cwd, totemDir)).rejects.toThrow('process.exit called');
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        expect(output).toContain('out of range');
+    });
+    it('rejects removal of shared yaml secrets', async () => {
+        const cwd = makeTmpDir();
+        const totemDir = '.totem';
+        // Write a YAML config with a shared secret
+        fs.writeFileSync(path.join(cwd, 'totem.yaml'), 'secrets:\n  - type: literal\n    value: "yaml-secret-val"\n', 'utf-8');
+        // Write local secrets.json
+        writeSecretsJson(cwd, totemDir, {
+            secrets: [{ type: 'literal', value: 'local-secret' }],
+        });
+        // Index 1 should be the yaml secret
+        await expect(removeSecretCommand('1', cwd, totemDir)).rejects.toThrow('process.exit called');
+        const output = stderrSpy.mock.calls.map((c) => c[0]).join('\n');
+        expect(output).toContain('Cannot remove shared secrets from CLI');
+        expect(output).toContain('totem.config.yaml');
+    });
+});
+//# sourceMappingURL=remove-secret.test.js.map

package/dist/commands/remove-secret.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"remove-secret.test.js","sourceRoot":"","sources":["../../src/commands/remove-secret.test.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAIzE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,2DAA2D;AAE3D,IAAI,OAAO,GAAa,EAAE,CAAC;AAE3B,SAAS,UAAU;IACjB,MAAM,GAAG,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC;IAC3E,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAClB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW,EAAE,QAAgB,EAAE,IAAiB;IACxE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACzC,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3C,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACpC,OAAO,CACR,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,GAAW,EAAE,QAAgB;IACpD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC;IACnF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAgB,CAAC;AAC5C,CAAC;AAED,2DAA2D;AAE3D,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,SAAsC,CAAC;IAC3C,IAAI,OAAoC,CAAC;IAEzC,UAAU,CAAC,GAAG,EAAE;QACd,SAAS,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACpE,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE;YAC1D,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,SAAS,CAAC,WAAW,EAAE,CAAC;QACxB,OAAO,CAAC,WAAW,EAAE,CAAC;QACtB,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,EAAE,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC;QAE1B,gBAAgB,CAAC,GAAG,EAAE,QAAQ,EAAE;YAC9B,OAAO,EAAE;gBACP,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE;gBAC1C,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE;gBAC1C,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE;aAC3C;SACF,CAAC,CAAC;QAEH,2EAA2E;QAC3E,MAAM,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;QAE9C,MAAM,OAAO,GAAG,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACtD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC;QAE1B,gBAAgB,CAAC,GAAG,EAAE,QAAQ,EAAE;YAC9B,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;SACrD,CAAC,CAAC;QAEH,MAAM,MAAM,CAAC,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;QAE7F,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC;QAE1B,2CAA2C;QAC3C,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,EAC5B,6DAA6D,EAC7D,OAAO,CACR,CAAC;QAEF,2BAA2B;QAC3B,gBAAgB,CAAC,GAAG,EAAE,QAAQ,EAAE;YAC9B,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC;SACtD,CAAC,CAAC;QAEH,oCAAoC;QACpC,MAAM,MAAM,CAAC,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;QAE7F,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,uCAAuC,CAAC,CAAC;QAClE,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/review-learn-templates.d.ts

@@ -0,0 +1,7 @@
+/** Maximum existing lessons to include for dedup context */
+export declare const MAX_EXISTING_LESSONS = 10;
+/** Maximum assembled prompt size in characters */
+export declare const MAX_PROMPT_CHARS = 100000;
+/** System prompt for review-learn — instructs LLM to extract lessons from resolved bot findings */
+export declare const REVIEW_LEARN_SYSTEM_PROMPT = "You are Totem's lesson extractor for bot code review findings.\n\nYou receive a set of code review findings from automated bots (CodeRabbit, Gemini Code Assist) that were RESOLVED (the developer accepted and fixed them). Your job is to extract reusable architectural lessons from these findings.\n\nRULES:\n1. Only extract lessons that represent reusable patterns \u2014 NOT one-off fixes.\n2. Each lesson must be actionable: what the symptom is, what the fix is, and why it matters.\n3. Every lesson MUST include lifecycle: nursery in its metadata \u2014 these are unproven until validated.\n4. Deduplicate against the provided existing lessons. Do NOT repeat known patterns.\n5. Focus on architectural and security findings. Skip pure style/formatting nits unless they represent a real pattern.\n6. If no findings warrant a lesson, return an empty array.\n\nOUTPUT FORMAT:\nReturn a JSON array of lesson objects. Each lesson has:\n- \"tags\": string[] \u2014 relevant tags (e.g., [\"security\", \"typescript\", \"architecture\"])\n- \"text\": string \u2014 the lesson body. Start with the symptom/pattern, then the fix.\n- \"lifecycle\": \"nursery\" \u2014 REQUIRED, always \"nursery\"\n\nExample:\n[\n  {\n    \"tags\": [\"security\", \"shell\"],\n    \"text\": \"Using execSync with string interpolation for shell commands creates injection risk. Use spawnSync with an args array to pass arguments safely without shell interpretation.\",\n    \"lifecycle\": \"nursery\"\n  }\n]\n\nIf no lessons should be extracted, return: []";
+//# sourceMappingURL=review-learn-templates.d.ts.map

package/dist/commands/review-learn-templates.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"review-learn-templates.d.ts","sourceRoot":"","sources":["../../src/commands/review-learn-templates.ts"],"names":[],"mappings":"AAEA,4DAA4D;AAC5D,eAAO,MAAM,oBAAoB,KAAK,CAAC;AAEvC,kDAAkD;AAClD,eAAO,MAAM,gBAAgB,SAAU,CAAC;AAIxC,mGAAmG;AACnG,eAAO,MAAM,0BAA0B,+/CA2BO,CAAC"}