@pugi/cli 0.1.0-beta.10 → 0.1.0-beta.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/engine/anvil-client.js +16 -0
- package/dist/core/engine/budgets.js +89 -0
- package/dist/core/engine/native-pugi.js +112 -12
- package/dist/core/engine/tool-bridge.js +267 -8
- package/dist/core/init/scaffold.js +195 -0
- package/dist/core/repl/codebase-survey.js +308 -0
- package/dist/core/repl/init-interview.js +457 -0
- package/dist/core/repl/onboarding-state.js +297 -0
- package/dist/core/repl/session.js +46 -0
- package/dist/core/repl/slash-commands.js +8 -0
- package/dist/core/settings.js +28 -0
- package/dist/runtime/cli.js +91 -14
- package/dist/tools/ask-user.js +115 -0
- package/dist/tools/skill-tool.js +96 -0
- package/dist/tools/tasks.js +208 -0
- package/dist/tui/repl-render.js +18 -0
- package/package.json +1 -1
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
export const ASK_USER_DEFAULT_TIMEOUT_MS = 5 * 60 * 1_000;
|
|
2
|
+
/**
|
|
3
|
+
* Schema cap: keep the option count tight so the modal stays scannable.
|
|
4
|
+
* Mirrors `ASK_MAX_OPTIONS` in `core/repl/ask.ts` (4).
|
|
5
|
+
*/
|
|
6
|
+
export const ASK_USER_MAX_OPTIONS = 4;
|
|
7
|
+
export const ASK_USER_MAX_QUESTION_LEN = 1_000;
|
|
8
|
+
export const ASK_USER_MAX_OPTION_LEN = 200;
|
|
9
|
+
export async function askUser(ctx, input) {
|
|
10
|
+
validate(input);
|
|
11
|
+
if (ctx.interactive && ctx.bridge) {
|
|
12
|
+
// β1a r1 (2026-05-26): wrap the bridge in an abort-aware race so a
|
|
13
|
+
// pending modal cannot block the engine loop forever. Two signals
|
|
14
|
+
// can interrupt:
|
|
15
|
+
// 1. `ctx.signal` — the operator cancelled the parent task via
|
|
16
|
+
// Ctrl-C; the engine forwards the loop's AbortSignal here.
|
|
17
|
+
// 2. `ctx.timeoutMs` (default 5 minutes) — operator walked away;
|
|
18
|
+
// the modal stays renderable but the tool surface returns the
|
|
19
|
+
// `cancelled` envelope so the model can make progress.
|
|
20
|
+
// The bridge receives the same `signal` so an Ink-based modal can
|
|
21
|
+
// tear down its render loop and free its keyboard handlers on
|
|
22
|
+
// abort. Bridges that ignore the signal still get pre-empted by
|
|
23
|
+
// the race — they just leak a render until the next operator
|
|
24
|
+
// keystroke.
|
|
25
|
+
const timeoutMs = ctx.timeoutMs ?? ASK_USER_DEFAULT_TIMEOUT_MS;
|
|
26
|
+
// Pre-flight: short-circuit when the caller's signal is already
|
|
27
|
+
// aborted. Avoids constructing a bridge promise that races against
|
|
28
|
+
// an already-resolved abort sentinel — the race ordering is
|
|
29
|
+
// unspecified for promises that have all settled by the time
|
|
30
|
+
// Promise.race is called, which would non-deterministically let
|
|
31
|
+
// the bridge's answer leak through after an explicit cancel.
|
|
32
|
+
if (ctx.signal?.aborted) {
|
|
33
|
+
return { envelope: formatEnvelope(input, 'cancelled') };
|
|
34
|
+
}
|
|
35
|
+
const controller = new AbortController();
|
|
36
|
+
if (ctx.signal) {
|
|
37
|
+
ctx.signal.addEventListener('abort', () => controller.abort(), { once: true });
|
|
38
|
+
}
|
|
39
|
+
let timeoutHandle;
|
|
40
|
+
const timeoutPromise = new Promise((resolve) => {
|
|
41
|
+
timeoutHandle = setTimeout(() => resolve('timeout'), timeoutMs);
|
|
42
|
+
});
|
|
43
|
+
const abortPromise = new Promise((resolve) => {
|
|
44
|
+
controller.signal.addEventListener('abort', () => resolve('aborted'), { once: true });
|
|
45
|
+
});
|
|
46
|
+
let picked;
|
|
47
|
+
try {
|
|
48
|
+
picked = await Promise.race([
|
|
49
|
+
ctx.bridge(input, { signal: controller.signal }),
|
|
50
|
+
timeoutPromise,
|
|
51
|
+
abortPromise,
|
|
52
|
+
]);
|
|
53
|
+
}
|
|
54
|
+
finally {
|
|
55
|
+
if (timeoutHandle)
|
|
56
|
+
clearTimeout(timeoutHandle);
|
|
57
|
+
}
|
|
58
|
+
if (picked === 'timeout') {
|
|
59
|
+
controller.abort();
|
|
60
|
+
return { envelope: formatEnvelope(input, 'timeout') };
|
|
61
|
+
}
|
|
62
|
+
if (picked === 'aborted') {
|
|
63
|
+
return { envelope: formatEnvelope(input, 'cancelled') };
|
|
64
|
+
}
|
|
65
|
+
if (!Array.isArray(picked) || picked.length === 0) {
|
|
66
|
+
// Operator declined / closed the modal — surface a structured
|
|
67
|
+
// "no answer" envelope so the model can decide whether to retry.
|
|
68
|
+
const envelope = formatEnvelope(input, 'cancelled');
|
|
69
|
+
return { envelope };
|
|
70
|
+
}
|
|
71
|
+
return {
|
|
72
|
+
answers: picked,
|
|
73
|
+
envelope: formatAnswer(picked),
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
// Non-TTY or no bridge — surface the envelope. Caller parses it and
|
|
77
|
+
// either pipes an answer back on a follow-up turn or aborts.
|
|
78
|
+
const envelope = formatEnvelope(input, 'no_tty');
|
|
79
|
+
return { envelope };
|
|
80
|
+
}
|
|
81
|
+
function validate(input) {
|
|
82
|
+
const question = input.question?.trim();
|
|
83
|
+
if (!question)
|
|
84
|
+
throw new Error('ask_user: question is required');
|
|
85
|
+
if (question.length > ASK_USER_MAX_QUESTION_LEN) {
|
|
86
|
+
throw new Error(`ask_user: question exceeds ${ASK_USER_MAX_QUESTION_LEN} char cap`);
|
|
87
|
+
}
|
|
88
|
+
if (!Array.isArray(input.options) || input.options.length < 2) {
|
|
89
|
+
throw new Error('ask_user: at least 2 options required');
|
|
90
|
+
}
|
|
91
|
+
if (input.options.length > ASK_USER_MAX_OPTIONS) {
|
|
92
|
+
throw new Error(`ask_user: at most ${ASK_USER_MAX_OPTIONS} options allowed`);
|
|
93
|
+
}
|
|
94
|
+
for (const opt of input.options) {
|
|
95
|
+
if (typeof opt !== 'string' || !opt.trim()) {
|
|
96
|
+
throw new Error('ask_user: every option must be a non-empty string');
|
|
97
|
+
}
|
|
98
|
+
if (opt.length > ASK_USER_MAX_OPTION_LEN) {
|
|
99
|
+
throw new Error(`ask_user: option exceeds ${ASK_USER_MAX_OPTION_LEN} char cap`);
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
function formatEnvelope(input, reason) {
|
|
104
|
+
const payload = {
|
|
105
|
+
question: input.question,
|
|
106
|
+
options: input.options,
|
|
107
|
+
multiSelect: input.multiSelect === true,
|
|
108
|
+
reason,
|
|
109
|
+
};
|
|
110
|
+
return `[user_input_required]${JSON.stringify(payload)}[/user_input_required]`;
|
|
111
|
+
}
|
|
112
|
+
function formatAnswer(answers) {
|
|
113
|
+
return answers.join(', ');
|
|
114
|
+
}
|
|
115
|
+
//# sourceMappingURL=ask-user.js.map
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
import { listSkills } from '../core/skills/loader.js';
|
|
2
|
+
import { hashSkillDir, verifyTrust } from '../core/skills/trust.js';
|
|
3
|
+
export const SKILL_BODY_CAP_BYTES = 32 * 1024;
|
|
4
|
+
export const SKILL_LIST_CAP = 100;
|
|
5
|
+
export function skillList(ctx, input) {
|
|
6
|
+
const scope = input.scope ?? 'all';
|
|
7
|
+
const all = [];
|
|
8
|
+
if (scope === 'all' || scope === 'global') {
|
|
9
|
+
all.push(...listSkills('global', ctx.workspaceRoot));
|
|
10
|
+
}
|
|
11
|
+
if (scope === 'all' || scope === 'workspace') {
|
|
12
|
+
all.push(...listSkills('workspace', ctx.workspaceRoot));
|
|
13
|
+
}
|
|
14
|
+
// Dedup by name, prefer workspace scope when both exist (workspace
|
|
15
|
+
// overrides global per skills loader convention).
|
|
16
|
+
const byName = new Map();
|
|
17
|
+
for (const skill of all) {
|
|
18
|
+
const prev = byName.get(skill.name);
|
|
19
|
+
if (!prev || skill.scope === 'workspace') {
|
|
20
|
+
byName.set(skill.name, skill);
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
return Array.from(byName.values())
|
|
24
|
+
.slice(0, SKILL_LIST_CAP)
|
|
25
|
+
.map((skill) => ({
|
|
26
|
+
name: skill.name,
|
|
27
|
+
description: skill.frontmatter.description,
|
|
28
|
+
scope: skill.scope,
|
|
29
|
+
}));
|
|
30
|
+
}
|
|
31
|
+
export async function skillInvoke(ctx, input) {
|
|
32
|
+
if (!input.name || typeof input.name !== 'string') {
|
|
33
|
+
throw new Error('skill: name is required');
|
|
34
|
+
}
|
|
35
|
+
// Defense-in-depth: skill loader already validates slugs but the
|
|
36
|
+
// tool surface is operator-controlled.
|
|
37
|
+
if (!/^[a-zA-Z0-9_-]{1,128}$/.test(input.name)) {
|
|
38
|
+
throw new Error(`skill: invalid skill name shape: "${input.name}"`);
|
|
39
|
+
}
|
|
40
|
+
// Workspace scope wins over global (operator override). Mirrors
|
|
41
|
+
// SkillLoader convention.
|
|
42
|
+
const workspace = listSkills('workspace', ctx.workspaceRoot).find((s) => s.name === input.name);
|
|
43
|
+
const global = workspace
|
|
44
|
+
? null
|
|
45
|
+
: listSkills('global', ctx.workspaceRoot).find((s) => s.name === input.name);
|
|
46
|
+
const skill = workspace ?? global;
|
|
47
|
+
if (!skill) {
|
|
48
|
+
throw new Error(`skill: not found: "${input.name}"`);
|
|
49
|
+
}
|
|
50
|
+
// β1a r1 (2026-05-26): re-verify the on-disk skill payload against
|
|
51
|
+
// the trust manifest sha256 on EVERY invoke, not just at install
|
|
52
|
+
// time. Before this fix a post-install swap (malicious npm dep that
|
|
53
|
+
// touches `~/.pugi/skills/<name>/SKILL.md` after the operator
|
|
54
|
+
// approved the install) would bypass the trust gate — `listSkills`
|
|
55
|
+
// reads the body fresh from disk and the loader does no integrity
|
|
56
|
+
// check. The skill body lands directly in the model's tool result,
|
|
57
|
+
// so a mutated body is a prompt-injection vector against the agent
|
|
58
|
+
// loop's tool surface.
|
|
59
|
+
//
|
|
60
|
+
// Posture:
|
|
61
|
+
// - `trusted` → proceed (body is hash-pinned).
|
|
62
|
+
// - `unsigned` → refuse: the operator never approved this skill.
|
|
63
|
+
// This catches the case where a skill directory was dropped in
|
|
64
|
+
// manually (no `pugi skills install`) and the loader picked it
|
|
65
|
+
// up. Refusing is fail-closed.
|
|
66
|
+
// - `mismatch` → refuse + surface the recorded vs actual hashes
|
|
67
|
+
// so the operator can decide between re-trust and revoke.
|
|
68
|
+
//
|
|
69
|
+
// Performance: `hashSkillDir` walks the skill directory on every
|
|
70
|
+
// invoke. Skills are small (median 4-8 files, <50KB total) so the
|
|
71
|
+
// cost is sub-millisecond on warm cache. The β1a r1 spec exercises
|
|
72
|
+
// a mutated-body case; the existing skill-tool.spec.ts cases for
|
|
73
|
+
// happy-path use the `recordTrust` helper to seed the registry.
|
|
74
|
+
const actualHash = hashSkillDir(skill.dir);
|
|
75
|
+
const verdict = await verifyTrust('skill', skill.scope, skill.name, actualHash);
|
|
76
|
+
if (verdict.status === 'unsigned') {
|
|
77
|
+
throw new Error(`skill: refused to invoke "${skill.name}" — no trust entry (run \`pugi skills trust ${skill.name}\` to approve)`);
|
|
78
|
+
}
|
|
79
|
+
if (verdict.status === 'mismatch') {
|
|
80
|
+
throw new Error(`skill: refused to invoke "${skill.name}" — sha256 mismatch (recorded ${verdict.recorded.slice(0, 12)}…, actual ${verdict.actual.slice(0, 12)}…). Re-trust via \`pugi skills trust ${skill.name}\`.`);
|
|
81
|
+
}
|
|
82
|
+
const body = skill.body;
|
|
83
|
+
const truncated = Buffer.byteLength(body, 'utf8') > SKILL_BODY_CAP_BYTES;
|
|
84
|
+
const cappedBody = truncated
|
|
85
|
+
? body.slice(0, SKILL_BODY_CAP_BYTES) +
|
|
86
|
+
`\n\n(... truncated at ${SKILL_BODY_CAP_BYTES} bytes — see \`pugi skills info ${skill.name}\` for full text)`
|
|
87
|
+
: body;
|
|
88
|
+
return {
|
|
89
|
+
name: skill.name,
|
|
90
|
+
scope: skill.scope,
|
|
91
|
+
description: skill.frontmatter.description,
|
|
92
|
+
body: cappedBody,
|
|
93
|
+
truncated,
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
//# sourceMappingURL=skill-tool.js.map
|
|
@@ -0,0 +1,208 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* task_* tool family — β1 T1/T6 (TodoWrite + agent task ledger).
|
|
3
|
+
*
|
|
4
|
+
* Mirrors Claude Code's TodoWrite tool surface so a model trained on
|
|
5
|
+
* the upstream tool grammar speaks Pugi's variant verbatim. Four ops:
|
|
6
|
+
*
|
|
7
|
+
* - `task_create` — append a new task to the session's todo ledger.
|
|
8
|
+
* Returns the assigned id.
|
|
9
|
+
* - `task_get` — fetch a single task by id.
|
|
10
|
+
* - `task_list` — list every task in the current session, ordered
|
|
11
|
+
* by createdAt ascending.
|
|
12
|
+
* - `task_update` — mutate status/title/notes of an existing task.
|
|
13
|
+
* Append-only journal — every mutation lands as a
|
|
14
|
+
* fresh JSONL line and the latest line per id wins
|
|
15
|
+
* on `task_list` / `task_get` reads.
|
|
16
|
+
*
|
|
17
|
+
* Persistence: append-only JSONL at
|
|
18
|
+
* `.pugi/sessions/<sessionId>/tasks.jsonl`. Append-only keeps crash
|
|
19
|
+
* recovery trivial — a partial write at the end of the file is the
|
|
20
|
+
* worst case and the parser drops the malformed tail line.
|
|
21
|
+
*
|
|
22
|
+
* Scope: this is the local-side ledger surface. Anvil-side mirror
|
|
23
|
+
* (cabinet `/projects/[id]/tasks` page) ships in β5 once the session-
|
|
24
|
+
* memory hook lands; until then the ledger is purely local.
|
|
25
|
+
*/
|
|
26
|
+
import { appendFileSync, chmodSync, existsSync, mkdirSync, readFileSync, } from 'node:fs';
|
|
27
|
+
import { dirname, join } from 'node:path';
|
|
28
|
+
import { randomUUID } from 'node:crypto';
|
|
29
|
+
function ledgerPath(ctx) {
|
|
30
|
+
// Defense-in-depth: the sessionId is supposed to be a UUID minted by
|
|
31
|
+
// openSession() but the tool surface is operator-facing. Validate the
|
|
32
|
+
// shape before composing a path — refuse anything that contains
|
|
33
|
+
// separators or shell wildcards.
|
|
34
|
+
if (!/^[a-zA-Z0-9_-]{1,128}$/.test(ctx.sessionId)) {
|
|
35
|
+
throw new Error(`task_*: invalid sessionId shape: "${ctx.sessionId}"`);
|
|
36
|
+
}
|
|
37
|
+
return join(ctx.workspaceRoot, '.pugi', 'sessions', ctx.sessionId, 'tasks.jsonl');
|
|
38
|
+
}
|
|
39
|
+
function nowIso(ctx) {
|
|
40
|
+
return (ctx.now ? ctx.now() : new Date()).toISOString();
|
|
41
|
+
}
|
|
42
|
+
function ensureDir(path) {
|
|
43
|
+
// β1a r1 (2026-05-26): switched from POSIX-only
|
|
44
|
+
// `path.slice(0, path.lastIndexOf('/'))` to `path.dirname()` so
|
|
45
|
+
// Windows path separators (`\`) work. Also chmod the per-session
|
|
46
|
+
// directory to 0o700 — the tasks ledger carries operator-confidential
|
|
47
|
+
// brief text, status notes, and timing metadata that should not be
|
|
48
|
+
// world-readable through an inherited umask.
|
|
49
|
+
const dir = dirname(path);
|
|
50
|
+
if (!existsSync(dir)) {
|
|
51
|
+
mkdirSync(dir, { recursive: true });
|
|
52
|
+
try {
|
|
53
|
+
chmodSync(dir, 0o700);
|
|
54
|
+
}
|
|
55
|
+
catch {
|
|
56
|
+
// Best-effort. POSIX permission setting is a no-op on Windows
|
|
57
|
+
// NTFS, and the dir-creation race with another concurrent task
|
|
58
|
+
// tool call is the only realistic failure case. The 0o600 mode
|
|
59
|
+
// on the JSONL file itself remains the primary guard; the dir
|
|
60
|
+
// chmod is defense in depth for tools that walk `.pugi/`.
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
function readJournal(ctx) {
|
|
65
|
+
const path = ledgerPath(ctx);
|
|
66
|
+
if (!existsSync(path))
|
|
67
|
+
return [];
|
|
68
|
+
const raw = readFileSync(path, 'utf8');
|
|
69
|
+
const out = [];
|
|
70
|
+
for (const line of raw.split('\n')) {
|
|
71
|
+
if (!line.trim())
|
|
72
|
+
continue;
|
|
73
|
+
try {
|
|
74
|
+
const parsed = JSON.parse(line);
|
|
75
|
+
if ((parsed.op === 'create' || parsed.op === 'update') &&
|
|
76
|
+
typeof parsed.id === 'string' &&
|
|
77
|
+
typeof parsed.at === 'string') {
|
|
78
|
+
out.push(parsed);
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
catch {
|
|
82
|
+
// Drop malformed line (partial-write tail or external corruption).
|
|
83
|
+
// The append-only design guarantees only the LAST line can be bad
|
|
84
|
+
// — everything before it is whole.
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
return out;
|
|
88
|
+
}
|
|
89
|
+
function fold(journal) {
|
|
90
|
+
const out = new Map();
|
|
91
|
+
for (const entry of journal) {
|
|
92
|
+
if (entry.op === 'create') {
|
|
93
|
+
if (!entry.title)
|
|
94
|
+
continue;
|
|
95
|
+
out.set(entry.id, {
|
|
96
|
+
id: entry.id,
|
|
97
|
+
title: entry.title,
|
|
98
|
+
status: entry.status ?? 'pending',
|
|
99
|
+
...(entry.notes !== undefined ? { notes: entry.notes } : {}),
|
|
100
|
+
createdAt: entry.at,
|
|
101
|
+
updatedAt: entry.at,
|
|
102
|
+
});
|
|
103
|
+
}
|
|
104
|
+
else {
|
|
105
|
+
const prev = out.get(entry.id);
|
|
106
|
+
if (!prev)
|
|
107
|
+
continue; // update before create — drop silently
|
|
108
|
+
out.set(entry.id, {
|
|
109
|
+
...prev,
|
|
110
|
+
...(entry.title !== undefined ? { title: entry.title } : {}),
|
|
111
|
+
...(entry.status !== undefined ? { status: entry.status } : {}),
|
|
112
|
+
...(entry.notes !== undefined ? { notes: entry.notes } : {}),
|
|
113
|
+
updatedAt: entry.at,
|
|
114
|
+
});
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
return out;
|
|
118
|
+
}
|
|
119
|
+
function appendEntry(ctx, entry) {
|
|
120
|
+
const path = ledgerPath(ctx);
|
|
121
|
+
ensureDir(path);
|
|
122
|
+
appendFileSync(path, `${JSON.stringify(entry)}\n`, {
|
|
123
|
+
encoding: 'utf8',
|
|
124
|
+
mode: 0o600,
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
export function taskCreate(ctx, input) {
|
|
128
|
+
const title = input.title?.trim();
|
|
129
|
+
if (!title) {
|
|
130
|
+
throw new Error('task_create: title is required');
|
|
131
|
+
}
|
|
132
|
+
if (title.length > 2_000) {
|
|
133
|
+
throw new Error('task_create: title exceeds 2000 char cap');
|
|
134
|
+
}
|
|
135
|
+
const status = input.status ?? 'pending';
|
|
136
|
+
if (!isValidStatus(status)) {
|
|
137
|
+
throw new Error(`task_create: invalid status "${status}"`);
|
|
138
|
+
}
|
|
139
|
+
const id = `task-${randomUUID()}`;
|
|
140
|
+
const at = nowIso(ctx);
|
|
141
|
+
const entry = {
|
|
142
|
+
op: 'create',
|
|
143
|
+
id,
|
|
144
|
+
title,
|
|
145
|
+
status,
|
|
146
|
+
at,
|
|
147
|
+
...(input.notes !== undefined ? { notes: input.notes } : {}),
|
|
148
|
+
};
|
|
149
|
+
appendEntry(ctx, entry);
|
|
150
|
+
return {
|
|
151
|
+
id,
|
|
152
|
+
title,
|
|
153
|
+
status,
|
|
154
|
+
...(input.notes !== undefined ? { notes: input.notes } : {}),
|
|
155
|
+
createdAt: at,
|
|
156
|
+
updatedAt: at,
|
|
157
|
+
};
|
|
158
|
+
}
|
|
159
|
+
export function taskGet(ctx, id) {
|
|
160
|
+
if (typeof id !== 'string' || id.length === 0) {
|
|
161
|
+
throw new Error('task_get: id is required');
|
|
162
|
+
}
|
|
163
|
+
const folded = fold(readJournal(ctx));
|
|
164
|
+
return folded.get(id) ?? null;
|
|
165
|
+
}
|
|
166
|
+
export function taskList(ctx) {
|
|
167
|
+
const folded = fold(readJournal(ctx));
|
|
168
|
+
return Array.from(folded.values()).sort((a, b) => a.createdAt.localeCompare(b.createdAt));
|
|
169
|
+
}
|
|
170
|
+
export function taskUpdate(ctx, input) {
|
|
171
|
+
if (!input.id)
|
|
172
|
+
throw new Error('task_update: id is required');
|
|
173
|
+
const folded = fold(readJournal(ctx));
|
|
174
|
+
const existing = folded.get(input.id);
|
|
175
|
+
if (!existing) {
|
|
176
|
+
throw new Error(`task_update: unknown id "${input.id}"`);
|
|
177
|
+
}
|
|
178
|
+
if (input.status !== undefined && !isValidStatus(input.status)) {
|
|
179
|
+
throw new Error(`task_update: invalid status "${input.status}"`);
|
|
180
|
+
}
|
|
181
|
+
if (input.title !== undefined && input.title.trim().length === 0) {
|
|
182
|
+
throw new Error('task_update: title cannot be empty');
|
|
183
|
+
}
|
|
184
|
+
const at = nowIso(ctx);
|
|
185
|
+
const entry = {
|
|
186
|
+
op: 'update',
|
|
187
|
+
id: input.id,
|
|
188
|
+
at,
|
|
189
|
+
...(input.title !== undefined ? { title: input.title } : {}),
|
|
190
|
+
...(input.status !== undefined ? { status: input.status } : {}),
|
|
191
|
+
...(input.notes !== undefined ? { notes: input.notes } : {}),
|
|
192
|
+
};
|
|
193
|
+
appendEntry(ctx, entry);
|
|
194
|
+
return {
|
|
195
|
+
...existing,
|
|
196
|
+
...(input.title !== undefined ? { title: input.title } : {}),
|
|
197
|
+
...(input.status !== undefined ? { status: input.status } : {}),
|
|
198
|
+
...(input.notes !== undefined ? { notes: input.notes } : {}),
|
|
199
|
+
updatedAt: at,
|
|
200
|
+
};
|
|
201
|
+
}
|
|
202
|
+
function isValidStatus(status) {
|
|
203
|
+
return (status === 'pending' ||
|
|
204
|
+
status === 'in_progress' ||
|
|
205
|
+
status === 'completed' ||
|
|
206
|
+
status === 'cancelled');
|
|
207
|
+
}
|
|
208
|
+
//# sourceMappingURL=tasks.js.map
|
package/dist/tui/repl-render.js
CHANGED
|
@@ -50,6 +50,24 @@ export async function renderRepl(options) {
|
|
|
50
50
|
// top, and our finally{} restore drops the floor only after Ink
|
|
51
51
|
// has cleanly torn down (or never mounted on a bootstrap crash).
|
|
52
52
|
const bootstrap = claimTerminalForRepl();
|
|
53
|
+
// beta.12 CEO dogfood 2026-05-26: auto-init .pugi/ workspace if missing.
|
|
54
|
+
// Without this, every fresh-dir REPL launch hung at "workspace: (not
|
|
55
|
+
// bound - run /init OR cd into project)" because /init was a tooltip,
|
|
56
|
+
// not an actual slash command. Calling ensureWorkspaceInitialized in
|
|
57
|
+
// silent mode here makes the workspace bind transparent on first boot —
|
|
58
|
+
// matches Claude Code's "just works" pattern. Idempotent on re-runs.
|
|
59
|
+
// Skippable via PUGI_NO_AUTO_INIT=1 for hermetic CI / read-only mounts.
|
|
60
|
+
if (process.env.PUGI_NO_AUTO_INIT !== '1') {
|
|
61
|
+
try {
|
|
62
|
+
const { ensureWorkspaceInitialized } = await import('../core/init/scaffold.js');
|
|
63
|
+
ensureWorkspaceInitialized(process.cwd(), { silent: true });
|
|
64
|
+
}
|
|
65
|
+
catch {
|
|
66
|
+
// Fail-safe: a read-only FS or perms error must never block the REPL.
|
|
67
|
+
// The status bar will surface "(not bound)" and the operator can
|
|
68
|
+
// still use commands; we just won't have a persisted .pugi/ dir.
|
|
69
|
+
}
|
|
70
|
+
}
|
|
53
71
|
const transport = createProductionTransport();
|
|
54
72
|
// Auto-bind the workspace context from process.cwd() so Mira knows
|
|
55
73
|
// which repo the operator launched the CLI in. The resolver is
|