@pugi/cli 0.1.0-beta.15 → 0.1.0-beta.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1,299 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PAVF-7 — `pugi report --from-error` field-bug capture.
|
|
3
|
+
*
|
|
4
|
+
* Operator hit a CLI failure ("pugi explain: failed [auth_missing]...")
|
|
5
|
+
* and wants to file a clean report без manual log-grepping. This command:
|
|
6
|
+
*
|
|
7
|
+
* 1. Locates the most-recently-modified session under .pugi/sessions/
|
|
8
|
+
* (the engine adapter mirrors EVERY dispatch's events to a fresh
|
|
9
|
+
* session dir; the latest one is always the failure that just
|
|
10
|
+
* surprised the operator).
|
|
11
|
+
* 2. Reads events.jsonl + extracts the terminal-state event +
|
|
12
|
+
* the last 50 frames before it (enough context to triage; small
|
|
13
|
+
* enough for a GH issue body or email paste).
|
|
14
|
+
* 3. Captures workspace metadata (CLI version, Node version, OS,
|
|
15
|
+
* tenant id from credentials, current dir, .pugi/PUGI.md presence).
|
|
16
|
+
* 4. Strips secrets — auth tokens, env values, JWT signatures —
|
|
17
|
+
* before the report ever touches disk OR network.
|
|
18
|
+
* 5. Writes the bundle к .pugi/reports/<ISO-timestamp>-<session-id>/
|
|
19
|
+
* with both a machine-readable report.json and a human-readable
|
|
20
|
+
* report.md the operator can paste into a GH issue / email.
|
|
21
|
+
* 6. Prints the path + the canonical share command the operator can
|
|
22
|
+
* run when ready to upload (the upload endpoint is deferred to a
|
|
23
|
+
* follow-up; v1 keeps everything LOCAL so an operator working
|
|
24
|
+
* offline / behind a corporate firewall can still file a clean
|
|
25
|
+
* report).
|
|
26
|
+
*
|
|
27
|
+
* Why not auto-upload in v1:
|
|
28
|
+
* The CEO HARD rule `feedback_no_fake_dispatch_promises` says we do
|
|
29
|
+
* not invent dispatch we cannot deliver. Without a live
|
|
30
|
+
* /api/pugi/report endpoint, an auto-upload would either silently
|
|
31
|
+
* no-op or claim shipped и lie. v1 emits the artifacts + a clear
|
|
32
|
+
* "upload pending" status; v2 (separate PR) wires the endpoint и
|
|
33
|
+
* flips the default к upload-on-success.
|
|
34
|
+
*
|
|
35
|
+
* Exit codes (match the existing PAVF-1 stage_code table):
|
|
36
|
+
* 0 = report written successfully
|
|
37
|
+
* 8 = no sessions found (operator ran in a workspace без .pugi/)
|
|
38
|
+
* 9 = session events.jsonl unreadable / corrupted
|
|
39
|
+
* 20 = output path not writable (disk full / perms)
|
|
40
|
+
*
|
|
41
|
+
* Secret-redaction posture: PII / tokens / env values are stripped at
|
|
42
|
+
* the report-generation layer, NOT at upload time. Even if the operator
|
|
43
|
+
* never uploads, the report dir on disk MUST NOT carry plaintext
|
|
44
|
+
* secrets — a colleague who later runs `cat .pugi/reports/.../report.md`
|
|
45
|
+
* over the shoulder sees the bug context but not the bearer token.
|
|
46
|
+
*/
|
|
47
|
+
import { existsSync, readdirSync, readFileSync, mkdirSync, statSync, writeFileSync } from 'node:fs';
|
|
48
|
+
import { join, resolve as resolvePath } from 'node:path';
|
|
49
|
+
import { homedir, platform, release } from 'node:os';
|
|
50
|
+
import { PUGI_CLI_VERSION } from '../version.js';
|
|
51
|
+
const MAX_TAIL_FRAMES = 50;
|
|
52
|
+
const MAX_DETAIL_CHARS = 400;
|
|
53
|
+
const TERMINAL_TYPES = new Set([
|
|
54
|
+
'agent.completed',
|
|
55
|
+
'agent.failed',
|
|
56
|
+
'agent.blocked',
|
|
57
|
+
'subagent.outcome',
|
|
58
|
+
'result',
|
|
59
|
+
]);
|
|
60
|
+
/**
|
|
61
|
+
* Bearer / JWT / env-secret patterns. We do NOT try to be exhaustive
|
|
62
|
+
* (cat-and-mouse with custom secret formats is unwinnable); we cover
|
|
63
|
+
* the shapes that actually appear in Pugi sessions:
|
|
64
|
+
*
|
|
65
|
+
* - `Authorization: Bearer eyJ...` (JWT header.payload.signature)
|
|
66
|
+
* - `apiKey: eyJ...` inside captured JSON envelopes
|
|
67
|
+
* - any long base64-ish token (>= 20 chars, [A-Za-z0-9_-]) following
|
|
68
|
+
* `token`, `password`, `secret`, or `key` field names
|
|
69
|
+
*
|
|
70
|
+
* Replacement is a length-preserving `[REDACTED:<n>]` marker so the
|
|
71
|
+
* operator can still verify the report at-a-glance ("yes, a 32-char
|
|
72
|
+
* token was here") без leaking the value.
|
|
73
|
+
*/
|
|
74
|
+
function redact(text) {
|
|
75
|
+
if (!text)
|
|
76
|
+
return text;
|
|
77
|
+
// Bearer + JWT shape.
|
|
78
|
+
text = text.replace(/(Bearer\s+)([A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+)/gi, (_m, prefix, tok) => `${prefix}[REDACTED:${tok.length}]`);
|
|
79
|
+
// Bare JWTs (no Bearer prefix) inside JSON / log lines.
|
|
80
|
+
text = text.replace(/\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g, (tok) => `[REDACTED:${tok.length}]`);
|
|
81
|
+
// `"token": "..."` / `"apiKey": "..."` / `"password": "..."` shapes.
|
|
82
|
+
text = text.replace(/("(?:apiKey|api_key|token|access_token|refresh_token|password|secret|bearer)"\s*:\s*")([^"]{10,})(")/gi, (_m, before, val, after) => `${before}[REDACTED:${val.length}]${after}`);
|
|
83
|
+
// Bare env-style KEY=VALUE на длинных значениях.
|
|
84
|
+
text = text.replace(/\b((?:PUGI_API_KEY|GITHUB_TOKEN|NPM_TOKEN|ANVIL_API_KEY|OPENAI_API_KEY|ANTHROPIC_API_KEY|GEMINI_API_KEY)=)([^\s"']{10,})/g, (_m, prefix, val) => `${prefix}[REDACTED:${val.length}]`);
|
|
85
|
+
return text;
|
|
86
|
+
}
|
|
87
|
+
function clampDetail(value) {
|
|
88
|
+
if (typeof value !== 'string')
|
|
89
|
+
return undefined;
|
|
90
|
+
const redacted = redact(value);
|
|
91
|
+
return redacted.length > MAX_DETAIL_CHARS
|
|
92
|
+
? `${redacted.slice(0, MAX_DETAIL_CHARS)}…`
|
|
93
|
+
: redacted;
|
|
94
|
+
}
|
|
95
|
+
function findLatestSession(cwd) {
|
|
96
|
+
const dir = resolvePath(cwd, '.pugi/sessions');
|
|
97
|
+
if (!existsSync(dir))
|
|
98
|
+
return null;
|
|
99
|
+
const entries = readdirSync(dir, { withFileTypes: true })
|
|
100
|
+
.filter((e) => e.isDirectory())
|
|
101
|
+
.map((e) => {
|
|
102
|
+
const path = join(dir, e.name);
|
|
103
|
+
let mtime = 0;
|
|
104
|
+
try {
|
|
105
|
+
mtime = statSync(join(path, 'events.jsonl')).mtimeMs;
|
|
106
|
+
}
|
|
107
|
+
catch {
|
|
108
|
+
// Session dir without events.jsonl yet — never opened. Skip.
|
|
109
|
+
return null;
|
|
110
|
+
}
|
|
111
|
+
return { name: e.name, path, mtime };
|
|
112
|
+
})
|
|
113
|
+
.filter((x) => x !== null)
|
|
114
|
+
.sort((a, b) => b.mtime - a.mtime);
|
|
115
|
+
return entries[0]?.path ?? null;
|
|
116
|
+
}
|
|
117
|
+
function readTenantIdSafely() {
|
|
118
|
+
const credPath = resolvePath(homedir(), '.pugi/credentials.json');
|
|
119
|
+
if (!existsSync(credPath))
|
|
120
|
+
return undefined;
|
|
121
|
+
try {
|
|
122
|
+
const raw = JSON.parse(readFileSync(credPath, 'utf8'));
|
|
123
|
+
const first = raw.tokens?.[0]?.apiKey;
|
|
124
|
+
if (!first || typeof first !== 'string')
|
|
125
|
+
return undefined;
|
|
126
|
+
// JWT payload is the middle segment; base64-decode + parse for the
|
|
127
|
+
// `customerId` claim. Failure here returns undefined (the report
|
|
128
|
+
// still emits useful context without it).
|
|
129
|
+
const parts = first.split('.');
|
|
130
|
+
if (parts.length !== 3)
|
|
131
|
+
return undefined;
|
|
132
|
+
const payload = JSON.parse(Buffer.from(parts[1] ?? '', 'base64').toString('utf8'));
|
|
133
|
+
return typeof payload.customerId === 'string' ? payload.customerId : undefined;
|
|
134
|
+
}
|
|
135
|
+
catch {
|
|
136
|
+
return undefined;
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
function captureFrames(eventsPath) {
|
|
140
|
+
const lines = readFileSync(eventsPath, 'utf8')
|
|
141
|
+
.split('\n')
|
|
142
|
+
.filter((l) => l.trim().length > 0);
|
|
143
|
+
const parsed = lines
|
|
144
|
+
.map((line) => {
|
|
145
|
+
try {
|
|
146
|
+
return JSON.parse(line);
|
|
147
|
+
}
|
|
148
|
+
catch {
|
|
149
|
+
return null;
|
|
150
|
+
}
|
|
151
|
+
})
|
|
152
|
+
.filter((f) => f !== null);
|
|
153
|
+
// Keep the LAST MAX_TAIL_FRAMES frames — failures cluster at the
|
|
154
|
+
// end, and the tail is where the operator's context actually lives.
|
|
155
|
+
const tail = parsed.slice(-MAX_TAIL_FRAMES);
|
|
156
|
+
return tail.map((f) => {
|
|
157
|
+
const out = {
|
|
158
|
+
type: typeof f.type === 'string' ? f.type : 'unknown',
|
|
159
|
+
};
|
|
160
|
+
if (typeof f.taskId === 'string')
|
|
161
|
+
out.taskId = f.taskId;
|
|
162
|
+
if (typeof f.timestamp === 'string')
|
|
163
|
+
out.timestamp = f.timestamp;
|
|
164
|
+
if (typeof f.outcome === 'string')
|
|
165
|
+
out.outcome = f.outcome;
|
|
166
|
+
// Keep detail / error ONLY on terminal frames (full reply text on
|
|
167
|
+
// every agent.message would blow the report past the GH issue cap).
|
|
168
|
+
if (TERMINAL_TYPES.has(out.type)) {
|
|
169
|
+
const detail = clampDetail(f.detail) ?? clampDetail(f.error);
|
|
170
|
+
if (detail)
|
|
171
|
+
out.detail = detail;
|
|
172
|
+
if (typeof f.error === 'string')
|
|
173
|
+
out.error = clampDetail(f.error);
|
|
174
|
+
}
|
|
175
|
+
return out;
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
export function runReport(args, ctx) {
|
|
179
|
+
const fromError = args.includes('--from-error');
|
|
180
|
+
if (!fromError) {
|
|
181
|
+
ctx.writeOutput({
|
|
182
|
+
command: 'report',
|
|
183
|
+
status: 'no_sessions',
|
|
184
|
+
message: 'pugi report — capture a bug report from the most-recent session.\n\n' +
|
|
185
|
+
'Usage:\n' +
|
|
186
|
+
' pugi report --from-error Bundle the most-recent failed session as a report.\n\n' +
|
|
187
|
+
'Output: writes .pugi/reports/<timestamp>-<session-id>/{report.json, report.md}.\n' +
|
|
188
|
+
'Secrets (bearer tokens, JWTs, named env values) are stripped before disk write.',
|
|
189
|
+
}, 'pugi report — see `pugi report --help`');
|
|
190
|
+
return 0;
|
|
191
|
+
}
|
|
192
|
+
const sessionPath = findLatestSession(ctx.cwd);
|
|
193
|
+
if (!sessionPath) {
|
|
194
|
+
ctx.writeOutput({
|
|
195
|
+
command: 'report',
|
|
196
|
+
status: 'no_sessions',
|
|
197
|
+
message: 'No sessions found under .pugi/sessions/. Run a `pugi` command first.',
|
|
198
|
+
}, 'pugi report: no sessions found under .pugi/sessions/ — run a `pugi` command first.');
|
|
199
|
+
return 8;
|
|
200
|
+
}
|
|
201
|
+
const eventsPath = join(sessionPath, 'events.jsonl');
|
|
202
|
+
let frames;
|
|
203
|
+
try {
|
|
204
|
+
frames = captureFrames(eventsPath);
|
|
205
|
+
}
|
|
206
|
+
catch (err) {
|
|
207
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
208
|
+
ctx.writeOutput({
|
|
209
|
+
command: 'report',
|
|
210
|
+
status: 'unreadable',
|
|
211
|
+
message: `Failed to read ${eventsPath}: ${message}`,
|
|
212
|
+
}, `pugi report: cannot read session events (${message})`);
|
|
213
|
+
return 9;
|
|
214
|
+
}
|
|
215
|
+
const sessionId = sessionPath.split('/').pop() ?? 'unknown';
|
|
216
|
+
const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
|
|
217
|
+
const reportDir = resolvePath(ctx.cwd, '.pugi/reports', `${timestamp}-${sessionId}`);
|
|
218
|
+
let reportJson;
|
|
219
|
+
let reportMd;
|
|
220
|
+
try {
|
|
221
|
+
mkdirSync(reportDir, { recursive: true });
|
|
222
|
+
reportJson = join(reportDir, 'report.json');
|
|
223
|
+
reportMd = join(reportDir, 'report.md');
|
|
224
|
+
const meta = {
|
|
225
|
+
schema: 1,
|
|
226
|
+
generatedAt: new Date().toISOString(),
|
|
227
|
+
cliVersion: PUGI_CLI_VERSION,
|
|
228
|
+
nodeVersion: process.version,
|
|
229
|
+
os: `${platform()} ${release()}`,
|
|
230
|
+
cwd: ctx.cwd,
|
|
231
|
+
sessionId,
|
|
232
|
+
tenantId: readTenantIdSafely() ?? '(not resolvable)',
|
|
233
|
+
pugiMd: existsSync(resolvePath(ctx.cwd, '.pugi/PUGI.md')),
|
|
234
|
+
frames,
|
|
235
|
+
};
|
|
236
|
+
writeFileSync(reportJson, JSON.stringify(meta, null, 2), 'utf8');
|
|
237
|
+
const mdLines = [
|
|
238
|
+
`# Pugi bug report — ${sessionId}`,
|
|
239
|
+
'',
|
|
240
|
+
`Generated: \`${meta.generatedAt}\``,
|
|
241
|
+
`CLI version: \`${meta.cliVersion}\``,
|
|
242
|
+
`Node: \`${meta.nodeVersion}\` · OS: \`${meta.os}\``,
|
|
243
|
+
`Workspace: \`${meta.cwd}\` (PUGI.md present: ${meta.pugiMd ? 'yes' : 'no'})`,
|
|
244
|
+
`Tenant: \`${meta.tenantId}\``,
|
|
245
|
+
'',
|
|
246
|
+
`## Last ${frames.length} frames`,
|
|
247
|
+
'',
|
|
248
|
+
'```jsonl',
|
|
249
|
+
...frames.map((f) => JSON.stringify(f)),
|
|
250
|
+
'```',
|
|
251
|
+
'',
|
|
252
|
+
'## How to share',
|
|
253
|
+
'',
|
|
254
|
+
'1. Review `report.md` for accidental PII or sensitive paths.',
|
|
255
|
+
'2. Paste the contents into a GH issue at https://github.com/pugi-io/pugi/issues',
|
|
256
|
+
' OR attach the `report.json` as a file.',
|
|
257
|
+
'',
|
|
258
|
+
'Auto-upload to api.pugi.io is planned (`pugi report --upload`) but',
|
|
259
|
+
'NOT shipped in this build — v1 keeps everything local so an operator',
|
|
260
|
+
'behind a firewall can still file a clean report.',
|
|
261
|
+
];
|
|
262
|
+
writeFileSync(reportMd, mdLines.join('\n'), 'utf8');
|
|
263
|
+
}
|
|
264
|
+
catch (err) {
|
|
265
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
266
|
+
ctx.writeOutput({
|
|
267
|
+
command: 'report',
|
|
268
|
+
status: 'output_not_writable',
|
|
269
|
+
message: `Failed to write report bundle to ${reportDir}: ${message}`,
|
|
270
|
+
}, `pugi report: cannot write report dir (${message})`);
|
|
271
|
+
return 20;
|
|
272
|
+
}
|
|
273
|
+
ctx.writeOutput({
|
|
274
|
+
command: 'report',
|
|
275
|
+
status: 'written',
|
|
276
|
+
reportDir,
|
|
277
|
+
reportJson,
|
|
278
|
+
reportMd,
|
|
279
|
+
sessionId,
|
|
280
|
+
message: `Report written: ${reportDir}`,
|
|
281
|
+
}, [
|
|
282
|
+
`pugi report: bundle written`,
|
|
283
|
+
` Session: ${sessionId}`,
|
|
284
|
+
` Frames captured: ${frames.length}`,
|
|
285
|
+
` Files:`,
|
|
286
|
+
` ${reportJson}`,
|
|
287
|
+
` ${reportMd}`,
|
|
288
|
+
``,
|
|
289
|
+
`Review report.md for accidental PII, then paste into a GH issue OR`,
|
|
290
|
+
`attach report.json. Auto-upload is planned for a follow-up build.`,
|
|
291
|
+
].join('\n'));
|
|
292
|
+
return 0;
|
|
293
|
+
}
|
|
294
|
+
// Test seam — the redactor is the most-tested piece (false negatives
|
|
295
|
+
// leak secrets; false positives garble bug context). Exported so
|
|
296
|
+
// apps/pugi-cli/test/report.spec.ts can assert the regex behaviour
|
|
297
|
+
// без spinning up a full session.
|
|
298
|
+
export const __INTERNAL_FOR_TESTS = { redact, clampDetail };
|
|
299
|
+
//# sourceMappingURL=report.js.map
|
package/dist/runtime/version.js
CHANGED
|
@@ -44,7 +44,7 @@ export function sanitizeSemver(raw) {
|
|
|
44
44
|
* during import). When bumping the CLI version BOTH literals must be
|
|
45
45
|
* updated; the release smoke-test (`pack:smoke`) verifies they agree.
|
|
46
46
|
*/
|
|
47
|
-
export const PUGI_CLI_VERSION = sanitizeSemver('0.1.0-beta.
|
|
47
|
+
export const PUGI_CLI_VERSION = sanitizeSemver('0.1.0-beta.16');
|
|
48
48
|
/**
|
|
49
49
|
* Outbound: the CLI's installed semver. Read at request time by
|
|
50
50
|
* `version-interceptor.ts` and injected on every `fetch` call.
|
package/dist/tui/repl-render.js
CHANGED
|
@@ -16,6 +16,8 @@
|
|
|
16
16
|
* a tiny `event:`/`data:`/`id:` parser. This keeps the dependency
|
|
17
17
|
* graph at zero new packages.
|
|
18
18
|
*/
|
|
19
|
+
import { existsSync } from 'node:fs';
|
|
20
|
+
import { resolve } from 'node:path';
|
|
19
21
|
import React from 'react';
|
|
20
22
|
import { render } from 'ink';
|
|
21
23
|
import { Repl } from './repl.js';
|
|
@@ -314,11 +316,9 @@ export function drainBufferedStdin(stdin = process.stdin) {
|
|
|
314
316
|
* future unit spec can lock the contract.
|
|
315
317
|
*/
|
|
316
318
|
export function isProjectRoot(cwd) {
|
|
317
|
-
//
|
|
318
|
-
//
|
|
319
|
-
//
|
|
320
|
-
const { existsSync } = require('node:fs');
|
|
321
|
-
const { resolve } = require('node:path');
|
|
319
|
+
// ESM static imports — `require()` is not defined in a `"type": "module"`
|
|
320
|
+
// bundle and would throw `ReferenceError: require is not defined` the
|
|
321
|
+
// moment the REPL bootstrap calls this gate. Beta.16 P0 fix 2026-05-27.
|
|
322
322
|
return (existsSync(resolve(cwd, 'package.json')) ||
|
|
323
323
|
existsSync(resolve(cwd, '.git')) ||
|
|
324
324
|
existsSync(resolve(cwd, '.pugi')) ||
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pugi/cli",
|
|
3
|
-
"version": "0.1.0-beta.
|
|
3
|
+
"version": "0.1.0-beta.16",
|
|
4
4
|
"description": "Pugi CLI - terminal-native software execution system",
|
|
5
5
|
"homepage": "https://pugi.io",
|
|
6
6
|
"repository": {
|
|
@@ -54,7 +54,7 @@
|
|
|
54
54
|
"undici": "^8.3.0",
|
|
55
55
|
"zod": "^3.23.0",
|
|
56
56
|
"@pugi/personas": "0.1.2",
|
|
57
|
-
"@pugi/sdk": "0.1.0-beta.
|
|
57
|
+
"@pugi/sdk": "0.1.0-beta.16"
|
|
58
58
|
},
|
|
59
59
|
"devDependencies": {
|
|
60
60
|
"@types/node": "^22.0.0",
|