npm - @ornexus/neocortex - Versions diffs - 4.0.1 → 4.0.2 - Mend

@ornexus/neocortex 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/install.ps1 +92 -33
package/install.sh +15 -1
package/package.json +3 -3
package/packages/client/dist/adapters/adapter-registry.js +1 -106
package/packages/client/dist/adapters/antigravity-adapter.js +2 -77
package/packages/client/dist/adapters/claude-code-adapter.js +3 -79
package/packages/client/dist/adapters/codex-adapter.js +2 -80
package/packages/client/dist/adapters/cursor-adapter.js +4 -115
package/packages/client/dist/adapters/gemini-adapter.js +2 -71
package/packages/client/dist/adapters/index.js +1 -21
package/packages/client/dist/adapters/platform-detector.js +1 -106
package/packages/client/dist/adapters/target-adapter.js +0 -12
package/packages/client/dist/adapters/vscode-adapter.js +2 -72
package/packages/client/dist/agent/refresh-stubs.js +2 -234
package/packages/client/dist/agent/update-agent-yaml.js +1 -102
package/packages/client/dist/agent/update-description.js +1 -251
package/packages/client/dist/cache/crypto-utils.js +1 -76
package/packages/client/dist/cache/encrypted-cache.js +1 -94
package/packages/client/dist/cache/in-memory-asset-cache.js +1 -70
package/packages/client/dist/cache/index.js +1 -13
package/packages/client/dist/cli.js +2 -163
package/packages/client/dist/commands/activate.js +8 -390
package/packages/client/dist/commands/cache-status.js +2 -112
package/packages/client/dist/commands/invoke.js +28 -490
package/packages/client/dist/config/resolver-selection.js +1 -278
package/packages/client/dist/config/secure-config.js +12 -269
package/packages/client/dist/constants.js +1 -25
package/packages/client/dist/context/context-collector.js +2 -222
package/packages/client/dist/context/context-sanitizer.js +1 -145
package/packages/client/dist/index.js +1 -38
package/packages/client/dist/license/index.js +1 -5
package/packages/client/dist/license/license-client.js +1 -257
package/packages/client/dist/machine/fingerprint.js +2 -160
package/packages/client/dist/machine/index.js +1 -5
package/packages/client/dist/resilience/circuit-breaker.js +1 -170
package/packages/client/dist/resilience/degradation-manager.js +1 -164
package/packages/client/dist/resilience/freshness-indicator.js +1 -100
package/packages/client/dist/resilience/index.js +1 -8
package/packages/client/dist/resilience/recovery-detector.js +1 -74
package/packages/client/dist/resolvers/asset-resolver.js +0 -13
package/packages/client/dist/resolvers/local-resolver.js +8 -218
package/packages/client/dist/resolvers/remote-resolver.js +1 -282
package/packages/client/dist/telemetry/index.js +1 -5
package/packages/client/dist/telemetry/offline-queue.js +1 -131
package/packages/client/dist/tier/index.js +1 -5
package/packages/client/dist/tier/tier-aware-client.js +1 -260
package/packages/client/dist/types/index.js +1 -38
package/targets-stubs/antigravity/gemini.md +1 -1
package/targets-stubs/antigravity/install-antigravity.sh +49 -3
package/targets-stubs/antigravity/skill/SKILL.md +23 -4
package/targets-stubs/claude-code/neocortex.agent.yaml +19 -1
package/targets-stubs/claude-code/neocortex.md +64 -29
package/targets-stubs/codex/agents.md +20 -3
package/targets-stubs/codex/config-mcp.toml +5 -0
package/targets-stubs/cursor/agent.md +23 -5
package/targets-stubs/cursor/install-cursor.sh +51 -3
package/targets-stubs/cursor/mcp.json +7 -0
package/targets-stubs/gemini-cli/agent.md +37 -6
package/targets-stubs/gemini-cli/install-gemini.sh +50 -17
package/targets-stubs/vscode/agent.md +47 -10
package/targets-stubs/vscode/install-vscode.sh +50 -3
package/targets-stubs/vscode/mcp.json +8 -0

package/packages/client/dist/commands/cache-status.js CHANGED Viewed

@@ -1,112 +1,2 @@
-/**
- * @license FSL-1.1
- * Copyright (c) 2026 OrNexus AI
- *
- * This file is part of Neocortex CLI, licensed under the
- * Functional Source License, Version 1.1 (FSL-1.1).
- *
- * Change Date: February 20, 2029
- * Change License: MIT
- *
- * See the LICENSE file in the project root for full license text.
- */
-/**
- * @neocortex/client - Cache Status Command
- *
- * Displays comprehensive cache and circuit breaker status information.
- * Shows entry count, total size, age range, stale entries, circuit state,
- * and telemetry queue stats.
- *
- * Story 42.9 - AC7
- */
-import { readdir, stat } from 'node:fs/promises';
-import { join } from 'node:path';
-// ── Implementation ──────────────────────────────────────────────────────
-/**
- * Gather comprehensive cache status information.
- */
-export async function getCacheStatus(options) {
-    const staleThreshold = options.staleThresholdMs ?? 86_400_000; // 24h default
-    let totalEntries = 0;
-    let totalSizeBytes = 0;
-    let staleEntries = 0;
-    let oldestEntry = null;
-    let newestEntry = null;
-    try {
-        const entries = await readdir(options.cacheDir);
-        const encFiles = entries.filter((e) => e.endsWith('.enc'));
-        totalEntries = encFiles.length;
-        const now = Date.now();
-        for (const file of encFiles) {
-            try {
-                const filePath = join(options.cacheDir, file);
-                const fileStat = await stat(filePath);
-                totalSizeBytes += fileStat.size;
-                const mtime = fileStat.mtime;
-                if (!oldestEntry || mtime < oldestEntry)
-                    oldestEntry = mtime;
-                if (!newestEntry || mtime > newestEntry)
-                    newestEntry = mtime;
-                if (now - mtime.getTime() > staleThreshold) {
-                    staleEntries++;
-                }
-            }
-            catch {
-                // Skip files that can't be stat'd
-            }
-        }
-    }
-    catch {
-        // Cache directory doesn't exist or can't be read
-    }
-    const circuitState = options.circuitBreaker.getState().state;
-    let telemetryQueueSize = 0;
-    try {
-        const queueStats = await options.telemetryQueue.getStats();
-        telemetryQueueSize = queueStats.count;
-    }
-    catch {
-        // Queue unavailable
-    }
-    return {
-        totalEntries,
-        totalSizeBytes,
-        totalSizeFormatted: formatBytes(totalSizeBytes),
-        oldestEntry,
-        newestEntry,
-        staleEntries,
-        circuitState,
-        lastSync: newestEntry, // Most recent cache write approximates last sync
-        telemetryQueueSize,
-    };
-}
-/**
- * Format cache status as a human-readable string for terminal output.
- */
-export function formatCacheStatus(info) {
-    const lines = [
-        '+-------------------------------------------------+',
-        '|  NEOCORTEX CACHE STATUS                         |',
-        '+-------------------------------------------------+',
-        `|  Total entries:    ${String(info.totalEntries).padEnd(29)}|`,
-        `|  Total size:       ${info.totalSizeFormatted.padEnd(29)}|`,
-        `|  Oldest entry:     ${(info.oldestEntry?.toISOString() ?? 'N/A').padEnd(29)}|`,
-        `|  Newest entry:     ${(info.newestEntry?.toISOString() ?? 'N/A').padEnd(29)}|`,
-        `|  Stale entries:    ${String(info.staleEntries).padEnd(29)}|`,
-        '|-------------------------------------------------|',
-        `|  Circuit breaker:  ${info.circuitState.padEnd(29)}|`,
-        `|  Last sync:        ${(info.lastSync?.toISOString() ?? 'N/A').padEnd(29)}|`,
-        `|  Telemetry queue:  ${(info.telemetryQueueSize + ' events').padEnd(29)}|`,
-        '+-------------------------------------------------+',
-    ];
-    return lines.join('\n');
-}
-// ── Helpers ─────────────────────────────────────────────────────────────
-function formatBytes(bytes) {
-    if (bytes === 0)
-        return '0 B';
-    const units = ['B', 'KB', 'MB', 'GB'];
-    const i = Math.floor(Math.log(bytes) / Math.log(1024));
-    const value = bytes / Math.pow(1024, i);
-    return `${value.toFixed(i === 0 ? 0 : 1)} ${units[i]}`;
-}
+import{readdir as y,stat as g}from"node:fs/promises";import{join as f}from"node:path";async function T(t){const r=t.staleThresholdMs??864e5;let e=0,s=0,c=0,i=null,a=null;try{const u=(await y(t.cacheDir)).filter(l=>l.endsWith(".enc"));e=u.length;const h=Date.now();for(const l of u)try{const m=f(t.cacheDir,l),d=await g(m);s+=d.size;const n=d.mtime;(!i||n<i)&&(i=n),(!a||n>a)&&(a=n),h-n.getTime()>r&&c++}catch{}}catch{}const S=t.circuitBreaker.getState().state;let o=0;try{o=(await t.telemetryQueue.getStats()).count}catch{}return{totalEntries:e,totalSizeBytes:s,totalSizeFormatted:$(s),oldestEntry:i,newestEntry:a,staleEntries:c,circuitState:S,lastSync:a,telemetryQueueSize:o}}function B(t){return["+-------------------------------------------------+","|  NEOCORTEX CACHE STATUS                         |","+-------------------------------------------------+",`|  Total entries:    ${String(t.totalEntries).padEnd(29)}|`,`|  Total size:       ${t.totalSizeFormatted.padEnd(29)}|`,`|  Oldest entry:     ${(t.oldestEntry?.toISOString()??"N/A").padEnd(29)}|`,`|  Newest entry:     ${(t.newestEntry?.toISOString()??"N/A").padEnd(29)}|`,`|  Stale entries:    ${String(t.staleEntries).padEnd(29)}|`,"|-------------------------------------------------|",`|  Circuit breaker:  ${t.circuitState.padEnd(29)}|`,`|  Last sync:        ${(t.lastSync?.toISOString()??"N/A").padEnd(29)}|`,`|  Telemetry queue:  ${(t.telemetryQueueSize+" events").padEnd(29)}|`,"+-------------------------------------------------+"].join(`
+`)}function $(t){if(t===0)return"0 B";const r=["B","KB","MB","GB"],e=Math.floor(Math.log(t)/Math.log(1024));return`${(t/Math.pow(1024,e)).toFixed(e===0?0:1)} ${r[e]}`}export{B as formatCacheStatus,T as getCacheStatus};

package/packages/client/dist/commands/invoke.js CHANGED Viewed

@@ -1,490 +1,28 @@
-/**
- * @license FSL-1.1
- * Copyright (c) 2026 OrNexus AI
- *
- * This file is part of Neocortex CLI, licensed under the
- * Functional Source License, Version 1.1 (FSL-1.1).
- *
- * Change Date: February 20, 2029
- * Change License: MIT
- *
- * See the LICENSE file in the project root for full license text.
- */
-/**
- * @neocortex/client - Invoke Command
- *
- * Primary entry point for server-side orchestration.
- * Sends raw user args to POST /api/v1/invoke and returns
- * complete orchestration instructions from the server.
- *
- * Story 45.2 - AC1-AC6
- */
-import { existsSync, readFileSync, unlinkSync } from 'node:fs';
-import { join } from 'node:path';
-import { homedir } from 'node:os';
-import { LicenseClient } from '../license/license-client.js';
-import { EncryptedCache } from '../cache/encrypted-cache.js';
-import { NoOpCache } from '../types/index.js';
-import { TierAwareClient } from '../tier/tier-aware-client.js';
-import { loadSecureConfig } from '../config/secure-config.js';
-import { DEFAULT_SERVER_URL } from '../constants.js';
-// ── Constants ─────────────────────────────────────────────────────────────
-const CONFIG_DIR = join(homedir(), '.neocortex');
-const CACHE_DIR = join(CONFIG_DIR, 'cache');
-const MENU_CACHE_FILE = join(CACHE_DIR, 'menu-cache.json');
-const MENU_CACHE_TTL_MS = 24 * 60 * 60 * 1000; // 24 hours
-const DEFAULT_TIMEOUT_MS = 30_000;
-const CLIENT_VERSION = '3.9.62';
-// ── State Snapshot Collection ──────────────────────────────────────────────
-/**
- * Read state.json and construct a sanitized snapshot for the server.
- * Relative paths only - no absolute paths sent to server.
- */
-export function collectStateSnapshot(projectRoot) {
-    const stateJsonPath = join(projectRoot, '.neocortex', 'state.json');
-    if (!existsSync(stateJsonPath)) {
-        // Return minimal snapshot if state.json doesn't exist
-        return {
-            config: {
-                project_name: 'unknown',
-                default_branch: 'main',
-                language: 'pt-BR',
-            },
-            stories: {},
-            epics: {},
-        };
-    }
-    let stateData;
-    try {
-        const raw = readFileSync(stateJsonPath, 'utf-8');
-        stateData = JSON.parse(raw);
-    }
-    catch {
-        return {
-            config: {
-                project_name: 'unknown',
-                default_branch: 'main',
-                language: 'pt-BR',
-            },
-            stories: {},
-            epics: {},
-        };
-    }
-    // Extract config - check both locations for compatibility
-    const config = (stateData.config ?? stateData.project ?? {});
-    // Extract stories - sanitize sensitive fields
-    const rawStories = (stateData.stories ?? {});
-    const stories = {};
-    for (const [id, story] of Object.entries(rawStories)) {
-        stories[id] = {
-            id: story.id ?? id,
-            title: story.title,
-            epic_id: story.epic_id,
-            status: story.status ?? 'backlog',
-            steps_completed: story.steps_completed ?? [],
-            last_step: story.last_step ?? null,
-            branch_name: story.branch_name ?? null,
-            pr_number: story.pr_number,
-            workflow_issue: story.workflow_issue,
-        };
-    }
-    // Extract epics
-    const rawEpics = (stateData.epics ?? {});
-    const epics = {};
-    for (const [id, epic] of Object.entries(rawEpics)) {
-        epics[id] = {
-            id: epic.id ?? id,
-            title: epic.title,
-            status: epic.status,
-            stories: epic.stories,
-            total_stories: epic.total_stories,
-            completed_stories: epic.completed_stories,
-        };
-    }
-    return {
-        config: {
-            project_name: (config.project_name ?? config.name ?? 'unknown'),
-            default_branch: (config.default_branch ?? 'main'),
-            language: (config.language ?? 'pt-BR'),
-            yolo_mode: config.yolo_mode,
-            user_name: config.user_name,
-            worktree_base: config.worktree_base,
-            max_parallel_stories: config.max_parallel_stories,
-        },
-        stories,
-        epics,
-    };
-}
-// ── Menu Cache (Encrypted - Story 61.1) ──────────────────────────────────
-const MENU_CACHE_KEY = 'neocortex:menu:cache';
-/**
- * Read menu cache from EncryptedCache.
- * Falls back gracefully: if decryption fails or data is stale, returns null.
- * Also cleans up legacy plaintext menu-cache.json if it exists.
- */
-async function getMenuCache(encryptedCache) {
-    try {
-        const raw = await encryptedCache.get(MENU_CACHE_KEY);
-        if (!raw)
-            return null;
-        const cache = JSON.parse(raw);
-        // Invalidate on version mismatch (stale cache from previous install)
-        if (cache.version !== CLIENT_VERSION) {
-            return null;
-        }
-        // Check TTL (EncryptedCache also has TTL, but we double-check for version-based invalidation)
-        if (Date.now() - cache.cachedAt > MENU_CACHE_TTL_MS) {
-            return null; // Expired
-        }
-        return cache;
-    }
-    catch {
-        return null;
-    }
-}
-/**
- * Write menu cache to EncryptedCache.
- * Deletes legacy plaintext menu-cache.json on first encrypted write.
- */
-async function setMenuCache(encryptedCache, instructions, metadata) {
-    try {
-        const cache = {
-            instructions,
-            metadata,
-            cachedAt: Date.now(),
-            version: CLIENT_VERSION,
-        };
-        await encryptedCache.set(MENU_CACHE_KEY, JSON.stringify(cache), MENU_CACHE_TTL_MS);
-        // Delete legacy plaintext menu-cache.json if it exists (F1 remediation)
-        deleteLegacyMenuCache();
-    }
-    catch {
-        // Cache write failure is non-critical
-    }
-}
-/**
- * Remove legacy plaintext menu-cache.json file.
- * Called after successful encrypted write to prevent IP leakage.
- */
-function deleteLegacyMenuCache() {
-    try {
-        if (existsSync(MENU_CACHE_FILE)) {
-            unlinkSync(MENU_CACHE_FILE);
-        }
-    }
-    catch {
-        // Non-critical: best-effort cleanup
-    }
-}
-// ── Config Loading (Story 61.2 - Secure) ─────────────────────────────────
-/**
- * Load config with automatic decryption of license key.
- * Handles migration from plaintext licenseKey to encryptedLicenseKey.
- */
-function loadConfig() {
-    return loadSecureConfig();
-}
-async function getAuthTokenAndClient(serverUrl, licenseKey) {
-    try {
-        let cacheProvider;
-        if (licenseKey) {
-            const cacheDir = join(CONFIG_DIR, 'cache');
-            cacheProvider = new EncryptedCache({ cacheDir, passphrase: licenseKey });
-        }
-        else {
-            // Legacy config without licenseKey - use NoOpCache with warning
-            process.stderr.write('[neocortex] Warning: No license key in config. Run "neocortex activate" to re-authenticate.\n');
-            cacheProvider = new NoOpCache();
-        }
-        const client = new LicenseClient({
-            serverUrl,
-            licenseKey: licenseKey ?? '',
-            cacheProvider,
-        });
-        const token = await client.getToken();
-        if (!token)
-            return null;
-        const tierClient = new TierAwareClient({
-            cacheProvider,
-            licenseClient: client,
-        });
-        return { token, client, tierClient };
-    }
-    catch {
-        return null;
-    }
-}
-// ── HTTP Request ──────────────────────────────────────────────────────────
-/** P50.05: One-time warning flag per process */
-let versionWarningShown = false;
-async function sendInvokeRequest(serverUrl, body, authToken) {
-    const url = `${serverUrl}/api/v1/invoke`;
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), DEFAULT_TIMEOUT_MS);
-    try {
-        const response = await fetch(url, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-                'Authorization': `Bearer ${authToken}`,
-                'X-Client-Version': CLIENT_VERSION,
-            },
-            body: JSON.stringify(body),
-            signal: controller.signal,
-        });
-        clearTimeout(timeoutId);
-        if (!response.ok) {
-            const errorText = await response.text().catch(() => 'Unknown error');
-            let errorJson;
-            try {
-                errorJson = JSON.parse(errorText);
-            }
-            catch {
-                // Not JSON
-            }
-            return {
-                ok: false,
-                status: response.status,
-                error: errorJson
-                    ? `${errorJson.error_code ?? 'ERROR'}: ${errorJson.message ?? errorText}`
-                    : `HTTP ${response.status}: ${errorText}`,
-                errorBody: errorJson,
-            };
-        }
-        const data = (await response.json());
-        // P50.05: Detect version warning header (non-blocking, once per process)
-        const versionWarning = response.headers.get('X-Client-Version-Warning');
-        if (versionWarning && !versionWarningShown) {
-            versionWarningShown = true;
-            process.stderr.write(`\n[Neocortex] ${versionWarning}\n\n`);
-        }
-        return { ok: true, status: response.status, data };
-    }
-    catch (error) {
-        clearTimeout(timeoutId);
-        const message = error instanceof Error ? error.message : String(error);
-        return {
-            ok: false,
-            status: 0,
-            error: message.includes('abort')
-                ? `Request timeout after ${DEFAULT_TIMEOUT_MS / 1000}s`
-                : `Network error: ${message}`,
-        };
-    }
-}
-// ── Main Invoke Function ──────────────────────────────────────────────────
-/**
- * Execute the invoke command.
- *
- * Flow:
- * 1. Load config to get server URL
- * 2. Collect state snapshot from project root
- * 3. Check menu cache for empty invocations
- * 4. Send POST /api/v1/invoke
- * 5. Format and return result
- */
-export async function invoke(options) {
-    const projectRoot = options.projectRoot ?? process.cwd();
-    const platformTarget = options.platformTarget ?? 'claude-code';
-    // 1. Determine server URL
-    const config = loadConfig();
-    const serverUrl = (options.serverUrl ?? config?.serverUrl ?? DEFAULT_SERVER_URL).replace(/\/+$/, '');
-    // 2. Collect state snapshot
-    const stateSnapshot = collectStateSnapshot(projectRoot);
-    // 2a. Create encrypted cache for menu (uses licenseKey as passphrase)
-    const menuCache = config?.licenseKey
-        ? new EncryptedCache({ cacheDir: CACHE_DIR, passphrase: config.licenseKey })
-        : null;
-    // 3. Check menu cache for empty invocations (AC6)
-    const trimmedArgs = options.args.trim();
-    if (!trimmedArgs && menuCache) {
-        const cachedMenu = await getMenuCache(menuCache);
-        if (cachedMenu) {
-            return {
-                success: true,
-                instructions: cachedMenu.instructions,
-                metadata: cachedMenu.metadata,
-                exitCode: 0,
-            };
-        }
-    }
-    // 4. Get auth token and license client from config
-    const auth = await getAuthTokenAndClient(serverUrl, config?.licenseKey);
-    if (!auth) {
-        // Story P26.04: Include fingerprint change as possible cause
-        const hint = config && !config.licenseKey
-            ? ' This may be caused by a machine fingerprint change (e.g., hardware or hostname change).'
-            : '';
-        return {
-            success: false,
-            error: `Not authenticated.${hint} Visit https://neocortex.ornexus.com/login to get your license key, then run: neocortex activate YOUR-LICENSE-KEY`,
-            exitCode: 2, // Not configured
-        };
-    }
-    // 4a. Pre-flight tier check (optimistic -- if it fails, still proceed)
-    const trigger = extractTrigger(trimmedArgs);
-    if (trigger) {
-        try {
-            const preFlightResult = await auth.tierClient.preFlightCheck(trigger);
-            if (!preFlightResult.allowed) {
-                process.stderr.write(`[neocortex] ${preFlightResult.message}\n`);
-                return {
-                    success: false,
-                    error: preFlightResult.message ?? 'Trigger not available on your plan',
-                    exitCode: 1,
-                };
-            }
-        }
-        catch {
-            // Fail-open: pre-flight errors should not block invocation
-        }
-    }
-    const requestBody = {
-        args: trimmedArgs,
-        projectRoot: projectRoot.replace(homedir(), '~'), // Sanitize absolute path
-        stateSnapshot,
-        platformTarget,
-    };
-    // 5. Send request
-    let result = await sendInvokeRequest(serverUrl, requestBody, auth.token);
-    // 5a. 401 retry: inspect fallback_action and retry once after forceRefresh
-    if (!result.ok && result.status === 401) {
-        const fallbackAction = result.errorBody?.fallback_action;
-        if (fallbackAction === 'refresh_token' || fallbackAction === 're_authenticate') {
-            const newToken = await auth.client.forceRefresh();
-            if (newToken) {
-                result = await sendInvokeRequest(serverUrl, requestBody, newToken);
-            }
-        }
-    }
-    // P50.04: 426 UPGRADE_REQUIRED -- forced update with clear instructions
-    if (!result.ok && result.status === 426) {
-        const body = result.errorBody;
-        const upgradeCmd = body?.upgrade_command ?? 'npm install -g @ornexus/neocortex@latest';
-        const minVersion = body?.min_version ?? 'unknown';
-        process.stderr.write('\n');
-        process.stderr.write('==================================================\n');
-        process.stderr.write('  UPGRADE REQUIRED\n');
-        process.stderr.write('==================================================\n');
-        process.stderr.write(`\n  Your Neocortex version (${CLIENT_VERSION}) is no longer supported.\n`);
-        process.stderr.write(`  Minimum required: ${minVersion}\n\n`);
-        process.stderr.write('  Run this command to update:\n\n');
-        process.stderr.write(`    ${upgradeCmd}\n\n`);
-        process.stderr.write('  After updating, re-run your command.\n');
-        process.stderr.write('==================================================\n\n');
-        return {
-            success: false,
-            error: `UPGRADE_REQUIRED: Client version ${CLIENT_VERSION} is below minimum ${minVersion}. Run: ${upgradeCmd}`,
-            exitCode: 3,
-        };
-    }
-    if (!result.ok || !result.data) {
-        // AC5: Error exit code
-        const exitCode = result.status === 401 ? 2 :
-            result.status === 429 ? 1 :
-                result.status >= 500 ? 1 : 1;
-        return {
-            success: false,
-            error: result.error ?? 'Unknown error from server',
-            exitCode,
-        };
-    }
-    // 6. Cache menu responses (AC6) - encrypted (Story 61.1)
-    if (!trimmedArgs && result.data.metadata?.mode === 'menu' && menuCache) {
-        setMenuCache(menuCache, result.data.instructions, result.data.metadata).catch(() => { });
-    }
-    // 6a. Update cached quota from server response metadata (Epic 60)
-    if (result.data.metadata) {
-        auth.tierClient.updateQuotaFromResponse(result.data.metadata).catch(() => { });
-    }
-    // 6b. Story 18.7 + 18.8: Detect tier change and auto-refresh
-    if (result.data.metadata?.tier_changed) {
-        const newTier = result.data.metadata.current_tier;
-        try {
-            const newToken = await auth.client.forceRefresh();
-            if (newToken) {
-                await auth.tierClient.invalidateTierCache();
-                process.stderr.write(`[Neocortex] Token atualizado automaticamente para tier ${newTier}\n`);
-            }
-            else {
-                process.stderr.write(`[Neocortex] Seu tier foi atualizado para ${newTier}! Execute "neocortex activate" para obter um token atualizado.\n`);
-            }
-        }
-        catch {
-            // Fail-open: tier change notification is best-effort
-            process.stderr.write(`[Neocortex] Seu tier foi atualizado para ${newTier}! Execute "neocortex activate" para obter um token atualizado.\n`);
-        }
-    }
-    return {
-        success: true,
-        instructions: result.data.instructions,
-        metadata: result.data.metadata,
-        exitCode: 0,
-    };
-}
-// ── Trigger Extraction ──────────────────────────────────────────────────
-/**
- * Extract trigger name from args string.
- * Triggers start with '*' (e.g., "*yolo", "*implement", "*status").
- * Returns the trigger name without the '*' prefix, or null if no trigger.
- */
-function extractTrigger(args) {
-    const match = args.match(/^\*([a-zA-Z][\w-]*)/);
-    return match ? match[1] : null;
-}
-// ── CLI Entry Point ───────────────────────────────────────────────────────
-/**
- * CLI handler for the invoke command.
- * Parses CLI args and delegates to invoke().
- *
- * Usage:
- *   neocortex-client invoke --args "*yolo @story.md" --project-root /path
- *   neocortex-client invoke --args "*status" --format json
- */
-export async function invokeCliHandler(argv) {
-    let args = '';
-    let projectRoot = process.cwd();
-    let format = 'plain';
-    let serverUrl;
-    // Parse CLI arguments
-    for (let i = 0; i < argv.length; i++) {
-        switch (argv[i]) {
-            case '--args':
-                args = argv[++i] ?? '';
-                break;
-            case '--project-root':
-                projectRoot = argv[++i] ?? process.cwd();
-                break;
-            case '--format':
-                format = (argv[++i] ?? 'plain');
-                break;
-            case '--server-url':
-                serverUrl = argv[++i];
-                break;
-        }
-    }
-    const result = await invoke({ args, projectRoot, format, serverUrl });
-    if (!result.success) {
-        // AC5: Error to stderr as JSON
-        process.stderr.write(JSON.stringify({
-            error_code: result.exitCode === 2 ? 'NOT_CONFIGURED' : 'INVOKE_ERROR',
-            message: result.error,
-        }) + '\n');
-        return result.exitCode;
-    }
-    if (format === 'json') {
-        // AC3: Full JSON to stdout
-        process.stdout.write(JSON.stringify({
-            instructions: result.instructions,
-            metadata: result.metadata,
-        }) + '\n');
-    }
-    else {
-        // AC4: Instructions to stdout, metadata to stderr
-        process.stdout.write((result.instructions ?? '') + '\n');
-        if (result.metadata) {
-            process.stderr.write(JSON.stringify(result.metadata) + '\n');
-        }
-    }
-    return 0;
-}
+import{existsSync as g,readFileSync as S,unlinkSync as O}from"node:fs";import{join as f}from"node:path";import{homedir as _}from"node:os";import{LicenseClient as $}from"../license/license-client.js";import{EncryptedCache as y}from"../cache/encrypted-cache.js";import{NoOpCache as v}from"../types/index.js";import{TierAwareClient as A}from"../tier/tier-aware-client.js";import{loadSecureConfig as U}from"../config/secure-config.js";import{DEFAULT_SERVER_URL as j}from"../constants.js";const C=f(_(),".neocortex"),k=f(C,"cache"),x=f(k,"menu-cache.json"),R=1440*60*1e3,E=3e4,h="3.9.62";function D(r){const s=f(r,".neocortex","state.json");if(!g(s))return{config:{project_name:"unknown",default_branch:"main",language:"pt-BR"},stories:{},epics:{}};let n;try{const u=S(s,"utf-8");n=JSON.parse(u)}catch{return{config:{project_name:"unknown",default_branch:"main",language:"pt-BR"},stories:{},epics:{}}}const t=n.config??n.project??{},l=n.stories??{},i={};for(const[u,o]of Object.entries(l))i[u]={id:o.id??u,title:o.title,epic_id:o.epic_id,status:o.status??"backlog",steps_completed:o.steps_completed??[],last_step:o.last_step??null,branch_name:o.branch_name??null,pr_number:o.pr_number,workflow_issue:o.workflow_issue};const e=n.epics??{},d={};for(const[u,o]of Object.entries(e))d[u]={id:o.id??u,title:o.title,status:o.status,stories:o.stories,total_stories:o.total_stories,completed_stories:o.completed_stories};return{config:{project_name:t.project_name??t.name??"unknown",default_branch:t.default_branch??"main",language:t.language??"pt-BR",yolo_mode:t.yolo_mode,user_name:t.user_name,worktree_base:t.worktree_base,max_parallel_stories:t.max_parallel_stories},stories:i,epics:d}}const b="neocortex:menu:cache";async function I(r){try{const s=await r.get(b);if(!s)return null;const n=JSON.parse(s);return n.version!==h||Date.now()-n.cachedAt>R?null:n}catch{return null}}async function M(r,s,n){try{const t={instructions:s,metadata:n,cachedAt:Date.now(),version:h};await r.set(b,JSON.stringify(t),R),J()}catch{}}function J(){try{g(x)&&O(x)}catch{}}function F(){return U()}async function L(r,s){try{let n;if(s){const e=f(C,"cache");n=new y({cacheDir:e,passphrase:s})}else process.stderr.write(`[neocortex] Warning: No license key in config. Run "neocortex activate" to re-authenticate.
+`),n=new v;const t=new $({serverUrl:r,licenseKey:s??"",cacheProvider:n}),l=await t.getToken();if(!l)return null;const i=new A({cacheProvider:n,licenseClient:t});return{token:l,client:t,tierClient:i}}catch{return null}}let T=!1;async function N(r,s,n){const t=`${r}/api/v1/invoke`,l=new AbortController,i=setTimeout(()=>l.abort(),E);try{const e=await fetch(t,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${n}`,"X-Client-Version":h},body:JSON.stringify(s),signal:l.signal});if(clearTimeout(i),!e.ok){const o=await e.text().catch(()=>"Unknown error");let m;try{m=JSON.parse(o)}catch{}return{ok:!1,status:e.status,error:m?`${m.error_code??"ERROR"}: ${m.message??o}`:`HTTP ${e.status}: ${o}`,errorBody:m}}const d=await e.json(),u=e.headers.get("X-Client-Version-Warning");return u&&!T&&(T=!0,process.stderr.write(`
+[Neocortex] ${u}
+`)),{ok:!0,status:e.status,data:d}}catch(e){clearTimeout(i);const d=e instanceof Error?e.message:String(e);return{ok:!1,status:0,error:d.includes("abort")?`Request timeout after ${E/1e3}s`:`Network error: ${d}`}}}async function B(r){const s=r.projectRoot??process.cwd(),n=r.platformTarget??"claude-code",t=F(),l=(r.serverUrl??t?.serverUrl??j).replace(/\/+$/,""),i=D(s),e=t?.licenseKey?new y({cacheDir:k,passphrase:t.licenseKey}):null,d=r.args.trim();if(!d&&e){const c=await I(e);if(c)return{success:!0,instructions:c.instructions,metadata:c.metadata,exitCode:0}}const u=await L(l,t?.licenseKey);if(!u)return{success:!1,error:`Not authenticated.${t&&!t.licenseKey?" This may be caused by a machine fingerprint change (e.g., hardware or hostname change).":""} Visit https://neocortex.ornexus.com/login to get your license key, then run: neocortex activate YOUR-LICENSE-KEY`,exitCode:2};const o=z(d);if(o)try{const c=await u.tierClient.preFlightCheck(o);if(!c.allowed)return process.stderr.write(`[neocortex] ${c.message}
+`),{success:!1,error:c.message??"Trigger not available on your plan",exitCode:1}}catch{}const m={args:d,projectRoot:s.replace(_(),"~"),stateSnapshot:i,platformTarget:n};let a=await N(l,m,u.token);if(!a.ok&&a.status===401){const c=a.errorBody?.fallback_action;if(c==="refresh_token"||c==="re_authenticate"){const p=await u.client.forceRefresh();p&&(a=await N(l,m,p))}}if(!a.ok&&a.status===426){const c=a.errorBody,p=c?.upgrade_command??"npm install -g @ornexus/neocortex@latest",w=c?.min_version??"unknown";return process.stderr.write(`
+`),process.stderr.write(`==================================================
+`),process.stderr.write(`  UPGRADE REQUIRED
+`),process.stderr.write(`==================================================
+`),process.stderr.write(`
+  Your Neocortex version (${h}) is no longer supported.
+`),process.stderr.write(`  Minimum required: ${w}
+`),process.stderr.write(`  Run this command to update:
+`),process.stderr.write(`    ${p}
+`),process.stderr.write(`  After updating, re-run your command.
+`),process.stderr.write(`==================================================
+`),{success:!1,error:`UPGRADE_REQUIRED: Client version ${h} is below minimum ${w}. Run: ${p}`,exitCode:3}}if(!a.ok||!a.data){const c=a.status===401?2:(a.status===429||a.status>=500,1);return{success:!1,error:a.error??"Unknown error from server",exitCode:c}}if(!d&&a.data.metadata?.mode==="menu"&&e&&M(e,a.data.instructions,a.data.metadata).catch(()=>{}),a.data.metadata&&u.tierClient.updateQuotaFromResponse(a.data.metadata).catch(()=>{}),a.data.metadata?.tier_changed){const c=a.data.metadata.current_tier;try{await u.client.forceRefresh()?(await u.tierClient.invalidateTierCache(),process.stderr.write(`[Neocortex] Token atualizado automaticamente para tier ${c}
+`)):process.stderr.write(`[Neocortex] Seu tier foi atualizado para ${c}! Execute "neocortex activate" para obter um token atualizado.
+`)}catch{process.stderr.write(`[Neocortex] Seu tier foi atualizado para ${c}! Execute "neocortex activate" para obter um token atualizado.
+`)}}return{success:!0,instructions:a.data.instructions,metadata:a.data.metadata,exitCode:0}}function z(r){const s=r.match(/^\*([a-zA-Z][\w-]*)/);return s?s[1]:null}async function X(r){let s="",n=process.cwd(),t="plain",l;for(let e=0;e<r.length;e++)switch(r[e]){case"--args":s=r[++e]??"";break;case"--project-root":n=r[++e]??process.cwd();break;case"--format":t=r[++e]??"plain";break;case"--server-url":l=r[++e];break}const i=await B({args:s,projectRoot:n,format:t,serverUrl:l});return i.success?(t==="json"?process.stdout.write(JSON.stringify({instructions:i.instructions,metadata:i.metadata})+`
+`):(process.stdout.write((i.instructions??"")+`
+`),i.metadata&&process.stderr.write(JSON.stringify(i.metadata)+`
+`)),0):(process.stderr.write(JSON.stringify({error_code:i.exitCode===2?"NOT_CONFIGURED":"INVOKE_ERROR",message:i.error})+`
+`),i.exitCode)}export{D as collectStateSnapshot,B as invoke,X as invokeCliHandler};