@pugi/cli 0.1.0-alpha.9 → 0.1.0-beta.2

package/dist/runtime/commands/config.js

@@ -4,7 +4,9 @@ import { dirname, resolve } from 'node:path';
 import { z } from 'zod';
 import { loadMcpRegistry } from '../../core/mcp/registry.js';
 import { listMcpTrust, setMcpTrust, } from '../../core/mcp/trust.js';
+import { request } from 'undici';
 import { trustWorkspace } from '../../core/trust.js';
+import { resolveActiveCredential } from '../../core/credentials.js';
 /**
  * `pugi config` — operator-level configuration surface.
  *
@@ -53,24 +55,90 @@ export async function runConfigCommand(args, ctx) {
                 'pugi config mcp trust <name>',
                 'pugi config mcp deny <name>',
                 'pugi config mcp list',
+                'pugi config get routing',
+                'pugi config set routing.<tag>.<budget>=<model>',
+                'pugi config unset routing.<tag>.<budget>',
+                'pugi config get privacy',
+                'pugi config set privacy=strict|balanced|permissive',
             ],
         }, [
             'Usage:',
-            '  pugi config get <key>            Read a config value.',
-            '  pugi config set <key> <value>    Write a config value.',
-            '  pugi config list                 Show all config values.',
-            '  pugi config trust .              Trust the current workspace for hooks + MCP.',
-            '  pugi config mcp trust <name>     Mark an MCP server as trusted.',
-            '  pugi config mcp deny <name>      Block an MCP server.',
-            '  pugi config mcp list             Show declared MCP servers + trust state.',
+            '  pugi config get <key>                            Read a config value.',
+            '  pugi config set <key> <value>                    Write a config value.',
+            '  pugi config list                                 Show all config values.',
+            '  pugi config trust .                              Trust the current workspace for hooks + MCP.',
+            '  pugi config mcp trust <name>                     Mark an MCP server as trusted.',
+            '  pugi config mcp deny <name>                      Block an MCP server.',
+            '  pugi config mcp list                             Show declared MCP servers + trust state.',
+            '  pugi config get routing                          Show effective routing table (defaults + tenant overrides).',
+            '  pugi config set routing.<tag>.<budget>=<model>   Override the model for one (tag, budget) lane.',
+            '  pugi config unset routing.<tag>.<budget>         Remove a routing override (revert to default).',
+            '  pugi config get privacy                          Show current tenant privacy mode + last-flip metadata.',
+            '  pugi config set privacy=<mode>                   Flip privacy mode (strict | balanced | permissive).',
         ].join('\n'));
         return;
     }
     switch (sub) {
         case 'get':
+            // Special form: `pugi config get routing` hits the admin-api surface,
+            // not the local config file. Anything else is a local-config read.
+            if (args[1] === 'routing') {
+                return runRoutingGet(ctx);
+            }
+            // alpha 6.13: `pugi config get privacy` hits the admin-api
+            // /api/admin/privacy/mode surface. The privacy mode is a tenant-
+            // scoped server-side setting (so the Anvil filter can enforce it),
+            // not a local-only preference.
+            if (args[1] === 'privacy') {
+                return runPrivacyGet(ctx);
+            }
             return runConfigGet(args.slice(1), ctx);
         case 'set':
+            // Special form: `pugi config set routing.<tag>.<budget>=<model>` hits
+            // the admin-api routing override surface.
+            if (args[1] && args[1].startsWith('routing.')) {
+                return runRoutingSet(args.slice(1), ctx);
+            }
+            // alpha 6.13: `pugi config set privacy=<mode>` (or `privacy <mode>`)
+            // flips the tenant-scoped server-side mode IFF <mode> is one of
+            // the new closed set (strict | balanced | permissive). Legacy
+            // values (local-only | metadata | full) still hit the local
+            // config schema via runConfigSet so existing operators do not
+            // get a surprise 4xx when their playbook still uses the old
+            // names. The unit spec for config.ts has a regression test for
+            // both code paths.
+            //
+            // Triple-review P2 fix (2026-05-25): the prior disambiguation
+            // only excluded the bare form (`privacy local-only`) - the `=`
+            // form (`privacy=local-only`) still routed to runPrivacySet and
+            // 4xx'd. We now check the value AFTER `=` and route legacy local
+            // values to runConfigSet; new-style values + unknown values
+            // continue to runPrivacySet so its client-side validator surfaces
+            // a structured "Unknown privacy mode" error (preserves the
+            // existing UX for typos like `privacy=paranoid`).
+            if (args[1]) {
+                const equalsForm = args[1].startsWith('privacy=');
+                const bareForm = args[1] === 'privacy';
+                if (equalsForm) {
+                    const valueAfterEquals = args[1].slice('privacy='.length);
+                    if (isLegacyLocalPrivacyValue(valueAfterEquals)) {
+                        // Legacy local form (`privacy=local-only|metadata|full`) -
+                        // split into `['privacy', '<value>']` so runConfigSet sees
+                        // the same shape it would for the bare form.
+                        return runConfigSet(['privacy', valueAfterEquals], ctx);
+                    }
+                    return runPrivacySet(args.slice(1), ctx);
+                }
+                if (bareForm && isNewPrivacyModeValue(args[2])) {
+                    return runPrivacySet(args.slice(1), ctx);
+                }
+            }
             return runConfigSet(args.slice(1), ctx);
+        case 'unset':
+            if (args[1] && args[1].startsWith('routing.')) {
+                return runRoutingUnset(args.slice(1), ctx);
+            }
+            throw new Error(`Unknown sub-command "pugi config unset ${args[1] ?? ''}". Only routing.<tag>.<budget> is supported today.`);
         case 'list':
             return runConfigList(ctx);
         case 'trust':
@@ -78,7 +146,7 @@ export async function runConfigCommand(args, ctx) {
         case 'mcp':
             return runConfigMcp(args.slice(1), ctx);
         default:
-            throw new Error(`Unknown sub-command "pugi config ${sub}". Expected get, set, list, trust, or mcp.`);
+            throw new Error(`Unknown sub-command "pugi config ${sub}". Expected get, set, unset, list, trust, or mcp.`);
     }
 }
 function configPath() {
@@ -228,4 +296,266 @@ async function runConfigMcpFlip(args, ctx, state) {
         ? `MCP server "${name}" is now trusted.`
         : `MCP server "${name}" is now denied.`);
 }
+/* ------------------------------------------------------------------ */
+/* α6.10 multi-model routing — config.routing.* subcommands            */
+/* ------------------------------------------------------------------ */
+/**
+ * Closed sets — match
+ * `apps/admin-api/src/mira/routing/dispatch-tag.ts` verbatim. Pinning
+ * them in the CLI lets us reject typos client-side before round-tripping
+ * to the admin-api (better UX, smaller blast radius for a wrong typo on
+ * a flaky network).
+ */
+const ROUTING_TAGS = [
+    'classify',
+    'reason',
+    'codegen',
+    'summarize',
+    'vision',
+    'embed',
+];
+const ROUTING_BUDGETS = ['min', 'std', 'max'];
+function isRoutingTag(value) {
+    return ROUTING_TAGS.includes(value);
+}
+function isRoutingBudget(value) {
+    return ROUTING_BUDGETS.includes(value);
+}
+/**
+ * Resolve the admin-api host + bearer token from the CLI credential
+ * store. Throws a structured "anonymous" error when the operator has
+ * not logged in — same shape as `pugi whoami` so the harness exit
+ * codes stay aligned.
+ */
+function resolveAdminApi() {
+    const credential = resolveActiveCredential();
+    if (!credential) {
+        throw new Error('pugi config routing requires authentication. Run `pugi login` first.');
+    }
+    return { apiUrl: credential.apiUrl, apiKey: credential.apiKey };
+}
+/**
+ * `pugi config get routing` — fetch the static default table + the
+ * tenant's override table, merge, and render as `routing.<tag>.<budget> = <model>`.
+ * Shows which lanes are overridden vs default.
+ */
+async function runRoutingGet(ctx) {
+    const { apiUrl, apiKey } = resolveAdminApi();
+    const [defaults, overrides] = await Promise.all([
+        fetchJson(`${apiUrl}/api/admin/model-routing/defaults`, apiKey),
+        fetchJson(`${apiUrl}/api/admin/model-routing/overrides`, apiKey),
+    ]);
+    const overrideMap = new Map();
+    for (const row of overrides.overrides) {
+        overrideMap.set(`${row.tag}.${row.budgetHint}`, row.model);
+    }
+    const cells = defaults.defaults.map((cell) => {
+        const overridden = overrideMap.get(`${cell.tag}.${cell.budgetHint}`);
+        return {
+            tag: cell.tag,
+            budgetHint: cell.budgetHint,
+            model: overridden ?? cell.model,
+            source: overridden ? 'override' : 'default',
+        };
+    });
+    const text = [
+        'Routing table (effective = override | default):',
+        ...cells.map((cell) => `  routing.${cell.tag.padEnd(10)}.${cell.budgetHint.padEnd(3)} = ${cell.model.padEnd(28)} (${cell.source})`),
+    ].join('\n');
+    ctx.writeOutput({
+        command: 'config.routing.get',
+        apiUrl,
+        cells,
+    }, text);
+}
+/**
+ * `pugi config set routing.<tag>.<budget>=<model>` — PUT to the admin-api
+ * override surface. Validates tag + budget client-side before round-tripping
+ * so a typo fails fast.
+ */
+async function runRoutingSet(args, ctx) {
+    // The original arg is `routing.<tag>.<budget>=<model>` — args[0] holds
+    // everything up to the first whitespace, but the value may have been
+    // split. Re-join and re-split on `=` to be robust against a
+    // model slug containing `/` or `-`.
+    const raw = args.join(' ').trim();
+    const eqIdx = raw.indexOf('=');
+    if (eqIdx === -1) {
+        throw new Error('pugi config set routing.<tag>.<budget>=<model> requires an =<model> suffix.');
+    }
+    const lhs = raw.slice(0, eqIdx).trim();
+    const value = raw.slice(eqIdx + 1).trim();
+    const lhsParts = lhs.split('.');
+    if (lhsParts.length !== 3 || lhsParts[0] !== 'routing') {
+        throw new Error(`Expected routing.<tag>.<budget>, got "${lhs}".`);
+    }
+    const tag = lhsParts[1] ?? '';
+    const budget = lhsParts[2] ?? '';
+    if (!isRoutingTag(tag)) {
+        throw new Error(`Unknown routing tag "${tag}". Allowed: ${ROUTING_TAGS.join(', ')}.`);
+    }
+    if (!isRoutingBudget(budget)) {
+        throw new Error(`Unknown routing budget "${budget}". Allowed: ${ROUTING_BUDGETS.join(', ')}.`);
+    }
+    if (value.length === 0) {
+        throw new Error('Model slug must be non-empty.');
+    }
+    const { apiUrl, apiKey } = resolveAdminApi();
+    await fetchJson(`${apiUrl}/api/admin/model-routing/overrides/${tag}/${budget}`, apiKey, { method: 'PUT', body: { model: value } });
+    ctx.writeOutput({
+        command: 'config.routing.set',
+        tag,
+        budget,
+        model: value,
+    }, `routing.${tag}.${budget} = ${value}`);
+}
+/**
+ * `pugi config unset routing.<tag>.<budget>` — DELETE the override and
+ * revert the lane to its static default. Idempotent.
+ */
+async function runRoutingUnset(args, ctx) {
+    const lhs = (args[0] ?? '').trim();
+    const lhsParts = lhs.split('.');
+    if (lhsParts.length !== 3 || lhsParts[0] !== 'routing') {
+        throw new Error(`Expected routing.<tag>.<budget>, got "${lhs}".`);
+    }
+    const tag = lhsParts[1] ?? '';
+    const budget = lhsParts[2] ?? '';
+    if (!isRoutingTag(tag)) {
+        throw new Error(`Unknown routing tag "${tag}". Allowed: ${ROUTING_TAGS.join(', ')}.`);
+    }
+    if (!isRoutingBudget(budget)) {
+        throw new Error(`Unknown routing budget "${budget}". Allowed: ${ROUTING_BUDGETS.join(', ')}.`);
+    }
+    const { apiUrl, apiKey } = resolveAdminApi();
+    const result = await fetchJson(`${apiUrl}/api/admin/model-routing/overrides/${tag}/${budget}`, apiKey, { method: 'DELETE' });
+    ctx.writeOutput({
+        command: 'config.routing.unset',
+        tag,
+        budget,
+        removed: result.removed,
+    }, result.removed
+        ? `routing.${tag}.${budget} reverted to default.`
+        : `routing.${tag}.${budget} had no override (nothing to remove).`);
+}
+/* ------------------------------------------------------------------ */
+/* alpha 6.13 privacy 3-mode - config.privacy.* subcommands             */
+/* ------------------------------------------------------------------ */
+/**
+ * Closed mirror of the server-side PRIVACY_MODES enum
+ * (apps/admin-api/src/privacy/privacy-mode.ts). Pinning the literal
+ * set here lets the CLI reject typos client-side before the round-
+ * trip to admin-api (better UX, smaller blast radius on a flaky
+ * network).
+ */
+const PRIVACY_MODES = ['strict', 'balanced', 'permissive'];
+function isNewPrivacyModeValue(value) {
+    return typeof value === 'string' && PRIVACY_MODES.includes(value);
+}
+function isPrivacyMode(value) {
+    return PRIVACY_MODES.includes(value);
+}
+/**
+ * Legacy local-config privacy values from before alpha 6.13. Kept so
+ * `pugi config set privacy=local-only` continues to write to the local
+ * config file (matching the bare-form behaviour). Triple-review P2 fix
+ * (2026-05-25): the prior disambiguation only excluded the bare form;
+ * the `=` form routed to runPrivacySet and 4xx'd on the unknown mode.
+ */
+const LEGACY_LOCAL_PRIVACY_VALUES = [
+    'local-only',
+    'metadata',
+    'full',
+];
+function isLegacyLocalPrivacyValue(value) {
+    return (typeof value === 'string' &&
+        LEGACY_LOCAL_PRIVACY_VALUES.includes(value));
+}
+/**
+ * `pugi config get privacy` - fetch the current privacy mode snapshot
+ * from /api/admin/privacy/mode + render it in human-readable form.
+ */
+async function runPrivacyGet(ctx) {
+    const { apiUrl, apiKey } = resolveAdminApi();
+    const snapshot = await fetchJson(`${apiUrl}/api/admin/privacy/mode`, apiKey);
+    const lastUpdatedLine = snapshot.lastUpdated
+        ? `(last set by ${snapshot.lastUpdatedBy ?? 'unknown'} on ${snapshot.lastUpdated})`
+        : '(no flips recorded; on implicit default)';
+    const text = [
+        `privacy.mode = ${snapshot.mode}`,
+        `privacy.defaultMode = ${snapshot.defaultMode}`,
+        lastUpdatedLine,
+    ].join('\n');
+    ctx.writeOutput({
+        command: 'config.privacy.get',
+        apiUrl,
+        snapshot,
+    }, text);
+}
+/**
+ * `pugi config set privacy=<mode>` - PUT to /api/admin/privacy/mode.
+ * Validates the mode client-side against the closed set before
+ * round-tripping.
+ *
+ * Accepts both `privacy <mode>` and `privacy=<mode>` argument forms so
+ * the operator can type it either way.
+ */
+async function runPrivacySet(args, ctx) {
+    const raw = args.join(' ').trim();
+    let mode;
+    if (raw.startsWith('privacy=')) {
+        mode = raw.slice('privacy='.length).trim();
+    }
+    else if (raw === 'privacy') {
+        throw new Error('pugi config set privacy requires a mode. Try: pugi config set privacy=balanced');
+    }
+    else if (raw.startsWith('privacy ')) {
+        mode = raw.slice('privacy '.length).trim();
+    }
+    else {
+        throw new Error(`pugi config set privacy: unrecognised argument "${raw}". Try: pugi config set privacy=balanced`);
+    }
+    if (mode.length === 0) {
+        throw new Error('pugi config set privacy requires a mode. Try: pugi config set privacy=balanced');
+    }
+    if (!isPrivacyMode(mode)) {
+        throw new Error(`Unknown privacy mode "${mode}". Allowed: ${PRIVACY_MODES.join(', ')}.`);
+    }
+    const { apiUrl, apiKey } = resolveAdminApi();
+    const snapshot = await fetchJson(`${apiUrl}/api/admin/privacy/mode`, apiKey, { method: 'PUT', body: { mode } });
+    ctx.writeOutput({
+        command: 'config.privacy.set',
+        mode: snapshot.mode,
+        snapshot,
+    }, `privacy.mode = ${snapshot.mode}`);
+}
+/**
+ * Thin authenticated fetch helper. Adds the bearer token + accepts JSON +
+ * surfaces structured errors. Uses undici `request` (not native `fetch`)
+ * because the test suite intercepts via `MockAgent` + `setGlobalDispatcher`
+ * — undici's `request` honours the global dispatcher reliably across the
+ * pinned undici version. Kept local (not shared with `pugi whoami`) so
+ * the routing surface is self-contained — extracting a common helper is
+ * α6.10b cleanup once we see two callers.
+ */
+async function fetchJson(url, apiKey, options = {}) {
+    const method = options.method ?? 'GET';
+    const headers = {
+        authorization: `Bearer ${apiKey}`,
+        accept: 'application/json',
+    };
+    let body;
+    if (options.body !== undefined) {
+        body = JSON.stringify(options.body);
+        headers['content-type'] = 'application/json';
+    }
+    const res = await request(url, { method, headers, body });
+    if (res.statusCode < 200 || res.statusCode >= 300) {
+        const detail = await res.body.text().catch(() => '');
+        throw new Error(`pugi config routing: HTTP ${res.statusCode} on ${method} ${url}${detail ? ` -- ${detail.slice(0, 200)}` : ''}`);
+    }
+    // undici's `request` already returns `body` as a stream wrapped with
+    // helpers — `.json()` parses + closes for us.
+    return (await res.body.json());
+}
 //# sourceMappingURL=config.js.map

package/dist/runtime/commands/lsp.js

@@ -0,0 +1,184 @@
+/**
+ * `pugi lsp <op> <file> [args...]` — α7.7 Phase 1.
+ *
+ * Direct LSP queries from the CLI surface. Operators use this for
+ * debugging and scripting; the agent loop reaches the same operations
+ * via the `lsp_hover` / `lsp_definition` / `lsp_references` /
+ * `lsp_diagnostics` tool wrappers in `src/tools/lsp-tools.ts`.
+ *
+ * Supported subcommands:
+ *
+ *   pugi lsp hover <file> <line> <col> [--lang ts|js|py|go|rust]
+ *   pugi lsp definition <file> <line> <col> [--lang ...]
+ *   pugi lsp references <file> <line> <col> [--lang ...]
+ *   pugi lsp diagnostics <file> [--lang ...]
+ *
+ * When `--lang` is omitted we infer from the file extension. An unknown
+ * extension surfaces `language_unsupported` so the operator can specify
+ * the language explicitly.
+ *
+ * Lifecycle: we spawn an LSP server per invocation and stop it before
+ * returning. This is slow on cold start (TS server takes ~2-3s the
+ * first time) but the single-shot scripting path doesn't need a
+ * persistent daemon. Future work (α7.7b) wires a per-REPL daemon.
+ *
+ * Brand voice: ASCII only, no emoji, no banned words.
+ */
+import { extname } from 'node:path';
+import { startLspClient } from '../../core/lsp/client.js';
+export async function runLspCommand(args, opts) {
+    const [op, file, ...rest] = args;
+    if (!op || !file) {
+        return usage();
+    }
+    if (!['hover', 'definition', 'references', 'diagnostics'].includes(op)) {
+        return {
+            ok: false,
+            text: `unknown lsp operation: ${op}. Supported: hover, definition, references, diagnostics`,
+            exitCode: 2,
+        };
+    }
+    const { lang: explicitLang, positional } = pullLangFlag(rest);
+    const lang = explicitLang ?? inferLanguage(file);
+    if (!lang) {
+        return {
+            ok: false,
+            text: `cannot infer language from ${file}; pass --lang ts|js|py|go|rust. ` +
+                `Supported extensions: .ts/.tsx, .js/.jsx/.mjs, .py, .go, .rs`,
+            exitCode: 2,
+        };
+    }
+    const clientResult = await startLspClient(lang, { cwd: opts.cwd });
+    if (!clientResult.ok) {
+        return {
+            ok: false,
+            text: `lsp_unavailable: ${clientResult.detail}`,
+            exitCode: 1,
+        };
+    }
+    const client = clientResult.value;
+    try {
+        if (op === 'diagnostics') {
+            const result = await client.diagnostics(file);
+            if (!result.ok) {
+                return { ok: false, text: `${result.reason}: ${result.detail}`, exitCode: 1 };
+            }
+            if (opts.json) {
+                return { ok: true, text: JSON.stringify(result.value, null, 2), exitCode: 0 };
+            }
+            if (result.value.length === 0) {
+                return { ok: true, text: `${file}: no diagnostics`, exitCode: 0 };
+            }
+            const lines = result.value.map((d) => `${d.severityLabel}\t${file}:${d.range.start.line + 1}:${d.range.start.character + 1}\t${d.message}`);
+            return { ok: true, text: lines.join('\n'), exitCode: 0 };
+        }
+        const line = Number.parseInt(positional[0] ?? '', 10);
+        const col = Number.parseInt(positional[1] ?? '', 10);
+        if (!Number.isFinite(line) || !Number.isFinite(col)) {
+            return {
+                ok: false,
+                text: `lsp ${op} requires <line> <col> arguments (1-based)`,
+                exitCode: 2,
+            };
+        }
+        // LSP positions are 0-based; we accept 1-based input from the CLI
+        // (matches every other editor convention) and convert here.
+        const pos = { line: Math.max(0, line - 1), character: Math.max(0, col - 1) };
+        if (op === 'hover') {
+            const result = await client.hover(file, pos);
+            if (!result.ok) {
+                return { ok: false, text: `${result.reason}: ${result.detail}`, exitCode: 1 };
+            }
+            if (opts.json) {
+                return { ok: true, text: JSON.stringify(result.value ?? null, null, 2), exitCode: 0 };
+            }
+            if (!result.value) {
+                return { ok: true, text: `${file}:${line}:${col}: no hover available`, exitCode: 0 };
+            }
+            return { ok: true, text: result.value.content, exitCode: 0 };
+        }
+        if (op === 'definition') {
+            const result = await client.definition(file, pos);
+            if (!result.ok) {
+                return { ok: false, text: `${result.reason}: ${result.detail}`, exitCode: 1 };
+            }
+            if (opts.json) {
+                return { ok: true, text: JSON.stringify(result.value, null, 2), exitCode: 0 };
+            }
+            const lines = result.value.map((loc) => `${loc.path || loc.uri}:${loc.range.start.line + 1}:${loc.range.start.character + 1}`);
+            return { ok: true, text: lines.join('\n') || 'no definition', exitCode: 0 };
+        }
+        // references
+        const result = await client.references(file, pos);
+        if (!result.ok) {
+            return { ok: false, text: `${result.reason}: ${result.detail}`, exitCode: 1 };
+        }
+        if (opts.json) {
+            return { ok: true, text: JSON.stringify(result.value, null, 2), exitCode: 0 };
+        }
+        const lines = result.value.map((loc) => `${loc.path || loc.uri}:${loc.range.start.line + 1}:${loc.range.start.character + 1}`);
+        return { ok: true, text: lines.join('\n') || 'no references', exitCode: 0 };
+    }
+    finally {
+        await client.stop();
+    }
+}
+function usage() {
+    return {
+        ok: false,
+        text: 'Usage: pugi lsp <op> <file> [line] [col] [--lang ts|js|py|go|rust]\n' +
+            '  pugi lsp hover <file> <line> <col>\n' +
+            '  pugi lsp definition <file> <line> <col>\n' +
+            '  pugi lsp references <file> <line> <col>\n' +
+            '  pugi lsp diagnostics <file>',
+        exitCode: 2,
+    };
+}
+function pullLangFlag(args) {
+    let lang;
+    const positional = [];
+    for (let i = 0; i < args.length; i += 1) {
+        const arg = args[i] ?? '';
+        if (arg === '--lang') {
+            const value = args[i + 1];
+            if (isLspLanguage(value))
+                lang = value;
+            i += 1;
+            continue;
+        }
+        if (arg.startsWith('--lang=')) {
+            const value = arg.slice('--lang='.length);
+            if (isLspLanguage(value))
+                lang = value;
+            continue;
+        }
+        positional.push(arg);
+    }
+    return { lang, positional };
+}
+function isLspLanguage(value) {
+    return value === 'ts' || value === 'js' || value === 'py' || value === 'go' || value === 'rust';
+}
+export function inferLanguage(file) {
+    const ext = extname(file).toLowerCase();
+    switch (ext) {
+        case '.ts':
+        case '.tsx':
+            return 'ts';
+        case '.js':
+        case '.jsx':
+        case '.mjs':
+        case '.cjs':
+            return 'js';
+        case '.py':
+        case '.pyi':
+            return 'py';
+        case '.go':
+            return 'go';
+        case '.rs':
+            return 'rust';
+        default:
+            return undefined;
+    }
+}
+//# sourceMappingURL=lsp.js.map

package/dist/runtime/commands/patch.js

@@ -0,0 +1,111 @@
+/**
+ * `pugi patch` — α7.7 Phase 1.
+ *
+ * Apply a unified-diff patch from stdin or a file. The dominant use is
+ * the `pugi patch < patch.diff` shell pattern that lets external tools
+ * (Codex, manual `git diff`) hand off changes through pugi's same
+ * security gate the layers use.
+ *
+ * Surface:
+ *
+ *   pugi patch                  # read patch from stdin
+ *   pugi patch <file.diff>      # read patch from file
+ *   pugi patch --dry-run        # run --check only, report
+ *   pugi patch --3way --base=<sha>  # enable git apply --3way fuzz
+ *
+ * Exit codes:
+ *
+ *   0  patch applied (or dry-run check passed)
+ *   1  patch rejected (any non-security reason)
+ *   2  usage error
+ *   3  security gate refused the patch (path traversal / protected file / symlink escape)
+ *
+ * Distinct exit codes let CI loops differentiate "operator typo" from
+ * "model produced a hostile patch" — the latter is a security event
+ * worth alerting on.
+ *
+ * Brand voice: ASCII only, no emoji, no banned words.
+ */
+import { readFileSync } from 'node:fs';
+import { resolve } from 'node:path';
+import { applyPatch } from '../../tools/apply-patch.js';
+import { FileReadCache } from '../../core/file-cache.js';
+import { openSession } from '../../core/session.js';
+import { loadSettings } from '../../core/settings.js';
+const SECURITY_REASONS = new Set(['path_outside_workspace', 'protected_file', 'symlink_escape']);
+export async function runPatchCommand(args, opts) {
+    const positional = [];
+    const applyOpts = {};
+    for (let i = 0; i < args.length; i += 1) {
+        const arg = args[i] ?? '';
+        if (arg === '--dry-run')
+            applyOpts.dryRun = true;
+        else if (arg === '--3way') {
+            // honored only when --base is also supplied
+        }
+        else if (arg === '--base') {
+            const next = args[i + 1];
+            if (next)
+                applyOpts.baseSha = next;
+            i += 1;
+        }
+        else if (arg.startsWith('--base=')) {
+            applyOpts.baseSha = arg.slice('--base='.length);
+        }
+        else if (arg === '--json') {
+            // already parsed by the outer CLI
+        }
+        else {
+            positional.push(arg);
+        }
+    }
+    let patch;
+    try {
+        patch = await readPatchSource(positional[0], opts);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return failure({ ok: false, filesChanged: [], reason: 'invalid_patch', detail: message }, opts.json, 2);
+    }
+    const ctx = {
+        root: opts.cwd,
+        settings: loadSettings(opts.cwd),
+        session: openSession(opts.cwd),
+        readCache: new FileReadCache(),
+    };
+    const result = applyPatch(ctx, patch, applyOpts);
+    if (!result.ok) {
+        const exitCode = result.reason && SECURITY_REASONS.has(result.reason) ? 3 : 1;
+        return failure(result, opts.json, exitCode);
+    }
+    const text = opts.json
+        ? JSON.stringify(result, null, 2)
+        : `applied ${result.filesChanged.length} files:\n  ${result.filesChanged.join('\n  ')}`;
+    return { ok: true, text, exitCode: 0, result };
+}
+function failure(result, json, exitCode) {
+    const text = json
+        ? JSON.stringify(result, null, 2)
+        : `patch refused: ${result.reason ?? 'unknown'}${result.detail ? `\n  ${result.detail}` : ''}`;
+    return { ok: false, text, exitCode, result };
+}
+async function readPatchSource(filePath, opts) {
+    if (filePath) {
+        const resolved = resolve(opts.cwd, filePath);
+        return readFileSync(resolved, 'utf8');
+    }
+    if (opts.stdinOverride !== undefined)
+        return opts.stdinOverride;
+    // Read all of stdin. The process pipe is the canonical CLI handoff
+    // for inbound diffs (e.g. `git diff origin/main | pugi patch`).
+    return new Promise((resolveFn, rejectFn) => {
+        let body = '';
+        process.stdin.setEncoding('utf8');
+        process.stdin.on('data', (chunk) => {
+            body += chunk;
+        });
+        process.stdin.on('end', () => resolveFn(body));
+        process.stdin.on('error', (error) => rejectFn(error));
+    });
+}
+//# sourceMappingURL=patch.js.map