@pugi/cli 0.1.0-beta.2 → 0.1.0-beta.20

package/dist/runtime/commands/patch.js

@@ -36,12 +36,20 @@ const SECURITY_REASONS = new Set(['path_outside_workspace', 'protected_file', 's
 export async function runPatchCommand(args, opts) {
     const positional = [];
     const applyOpts = {};
+    // Seed from caller-supplied options first; arg-flag parsing below
+    // overrides when present.
+    if (opts.dryRun)
+        applyOpts.dryRun = true;
+    if (opts.baseSha)
+        applyOpts.baseSha = opts.baseSha;
+    let threeWaySeen = false;
     for (let i = 0; i < args.length; i += 1) {
         const arg = args[i] ?? '';
         if (arg === '--dry-run')
             applyOpts.dryRun = true;
         else if (arg === '--3way') {
             // honored only when --base is also supplied
+            threeWaySeen = true;
         }
         else if (arg === '--base') {
             const next = args[i + 1];
@@ -59,6 +67,15 @@ export async function runPatchCommand(args, opts) {
             positional.push(arg);
         }
     }
+    // R1 fix (2026-05-26, PR #413 r1, P2 #14): `--3way` without `--base`
+    // is meaningless because `git apply --3way` falls back to the index,
+    // which a CLI-side `pugi patch` invocation does not have populated
+    // with the patch's pre-image. Warn the operator instead of dropping
+    // the flag silently.
+    if (threeWaySeen && !applyOpts.baseSha) {
+        const warn = opts.warn ?? ((m) => console.warn(m));
+        warn('warning: --3way ignored without --base=<sha>; pass --base or drop --3way');
+    }
     let patch;
     try {
         patch = await readPatchSource(positional[0], opts);

package/dist/runtime/commands/permissions.js

@@ -0,0 +1,87 @@
+/**
+ * `pugi permissions` / `/permissions` — Leak L6 4-mode gate control.
+ *
+ * Two entry points share one runtime helper:
+ *   1. `/permissions` in the REPL — forwarded by `core/repl/session.ts`.
+ *   2. `pugi permissions ...` top-level CLI command (handler in
+ *      `runtime/cli.ts`).
+ *
+ * Both pass a `PermissionsCommand` payload describing the operator
+ * intent (show / flip / persist) and a `writeOutput` callback that
+ * lets the caller route the rendered lines into the right surface
+ * (REPL transcript vs. stdout). The helper is intentionally I/O-free
+ * itself — it produces lines and lets the caller stream them.
+ */
+import { DEFAULT_PERMISSION_MODE, PERMISSION_MODES, PERMISSION_MODE_GLOSS, getCurrentMode, getGlobalDefaultMode, setCurrentMode, setGlobalDefaultMode, } from '../../core/permissions/index.js';
+/**
+ * Run the `/permissions` or `pugi permissions` flow. Side effects:
+ *   - When `command.mode` is undefined: prints the current mode + the
+ *     4-mode table (no writes).
+ *   - When `command.mode === 'bypass'` without `confirmBypass`: prints
+ *     a refusal + the safety copy, no writes.
+ *   - When `command.mode` is set + valid: writes workspace session
+ *     state; optionally writes global default when `persist` is true.
+ *   - Always prints the new effective mode + a one-line confirmation.
+ */
+export async function runPermissionsCommand(command, ctx) {
+    if (!command.mode) {
+        renderCurrentMode(ctx);
+        renderModeTable(ctx);
+        return;
+    }
+    if (command.mode === 'bypass' && !command.confirmBypass) {
+        ctx.writeOutput('Bypass mode disables policy hooks (skill steering, denial tracking).');
+        ctx.writeOutput('Run `/permissions bypass --confirm` to acknowledge before flipping.');
+        return;
+    }
+    setCurrentMode(ctx.workspaceRoot, command.mode);
+    if (command.persist) {
+        setGlobalDefaultMode(command.mode, ctx.homeDir);
+    }
+    const persistedHint = command.persist
+        ? ' Persisted to ~/.pugi/config.json for future sessions.'
+        : '';
+    ctx.writeOutput(`Permission mode set to '${command.mode}'.${persistedHint} ${PERMISSION_MODE_GLOSS[command.mode]}`);
+    if (command.mode === 'bypass') {
+        ctx.writeOutput('BYPASS MODE — all tools execute without prompts AND policy hooks disabled. Switch back with /permissions allow.');
+    }
+}
+/**
+ * Print the resolved current mode + the layered source. The merge
+ * order mirrors `resolveMode()`: workspace > global > default.
+ */
+function renderCurrentMode(ctx) {
+    const workspace = getCurrentMode(ctx.workspaceRoot);
+    const global = getGlobalDefaultMode(ctx.homeDir);
+    const effective = workspace ?? global ?? DEFAULT_PERMISSION_MODE;
+    const source = workspace
+        ? 'workspace session.json'
+        : global
+            ? 'global ~/.pugi/config.json'
+            : 'default (no override)';
+    ctx.writeOutput(`Current permission mode: ${effective} (source: ${source})`);
+}
+/**
+ * Print the 4-mode reference table. Keeps the gloss + the side-effect
+ * matrix in one place so the operator can see the contract while they
+ * decide which mode to switch to.
+ */
+function renderModeTable(ctx) {
+    ctx.writeOutput('');
+    ctx.writeOutput('Permission modes:');
+    for (const mode of PERMISSION_MODES) {
+        ctx.writeOutput(`  ${mode.padEnd(7)}  ${PERMISSION_MODE_GLOSS[mode]}`);
+    }
+    ctx.writeOutput('');
+    ctx.writeOutput('Switch with `/permissions <mode> [--persist]`. Bypass requires `--confirm`.');
+}
+/**
+ * Render the one-shot banner shown on session boot when the effective
+ * mode is `bypass`. The caller (engine adapter / REPL bootstrap) calls
+ * this once per session — repeated invocations are idempotent in copy
+ * but the caller is responsible for the once-only semantics.
+ */
+export function renderBypassBanner(writeOutput) {
+    writeOutput('BYPASS MODE — all tools execute without prompts AND policy hooks disabled. Switch back with /permissions allow.');
+}
+//# sourceMappingURL=permissions.js.map

package/dist/runtime/commands/report.js

@@ -0,0 +1,299 @@
+/**
+ * PAVF-7 — `pugi report --from-error` field-bug capture.
+ *
+ * Operator hit a CLI failure ("pugi explain: failed [auth_missing]...")
+ * and wants to file a clean report без manual log-grepping. This command:
+ *
+ *   1. Locates the most-recently-modified session under .pugi/sessions/
+ *      (the engine adapter mirrors EVERY dispatch's events to a fresh
+ *      session dir; the latest one is always the failure that just
+ *      surprised the operator).
+ *   2. Reads events.jsonl + extracts the terminal-state event +
+ *      the last 50 frames before it (enough context to triage; small
+ *      enough for a GH issue body or email paste).
+ *   3. Captures workspace metadata (CLI version, Node version, OS,
+ *      tenant id from credentials, current dir, .pugi/PUGI.md presence).
+ *   4. Strips secrets — auth tokens, env values, JWT signatures —
+ *      before the report ever touches disk OR network.
+ *   5. Writes the bundle к .pugi/reports/<ISO-timestamp>-<session-id>/
+ *      with both a machine-readable report.json and a human-readable
+ *      report.md the operator can paste into a GH issue / email.
+ *   6. Prints the path + the canonical share command the operator can
+ *      run when ready to upload (the upload endpoint is deferred to a
+ *      follow-up; v1 keeps everything LOCAL so an operator working
+ *      offline / behind a corporate firewall can still file a clean
+ *      report).
+ *
+ * Why not auto-upload in v1:
+ *   The CEO HARD rule `feedback_no_fake_dispatch_promises` says we do
+ *   not invent dispatch we cannot deliver. Without a live
+ *   /api/pugi/report endpoint, an auto-upload would either silently
+ *   no-op or claim shipped и lie. v1 emits the artifacts + a clear
+ *   "upload pending" status; v2 (separate PR) wires the endpoint и
+ *   flips the default к upload-on-success.
+ *
+ * Exit codes (match the existing PAVF-1 stage_code table):
+ *   0  = report written successfully
+ *   8  = no sessions found (operator ran in a workspace без .pugi/)
+ *   9  = session events.jsonl unreadable / corrupted
+ *  20  = output path not writable (disk full / perms)
+ *
+ * Secret-redaction posture: PII / tokens / env values are stripped at
+ * the report-generation layer, NOT at upload time. Even if the operator
+ * never uploads, the report dir on disk MUST NOT carry plaintext
+ * secrets — a colleague who later runs `cat .pugi/reports/.../report.md`
+ * over the shoulder sees the bug context but not the bearer token.
+ */
+import { existsSync, readdirSync, readFileSync, mkdirSync, statSync, writeFileSync } from 'node:fs';
+import { join, resolve as resolvePath } from 'node:path';
+import { homedir, platform, release } from 'node:os';
+import { PUGI_CLI_VERSION } from '../version.js';
+const MAX_TAIL_FRAMES = 50;
+const MAX_DETAIL_CHARS = 400;
+const TERMINAL_TYPES = new Set([
+    'agent.completed',
+    'agent.failed',
+    'agent.blocked',
+    'subagent.outcome',
+    'result',
+]);
+/**
+ * Bearer / JWT / env-secret patterns. We do NOT try to be exhaustive
+ * (cat-and-mouse with custom secret formats is unwinnable); we cover
+ * the shapes that actually appear in Pugi sessions:
+ *
+ *   - `Authorization: Bearer eyJ...` (JWT header.payload.signature)
+ *   - `apiKey: eyJ...` inside captured JSON envelopes
+ *   - any long base64-ish token (>= 20 chars, [A-Za-z0-9_-]) following
+ *     `token`, `password`, `secret`, or `key` field names
+ *
+ * Replacement is a length-preserving `[REDACTED:<n>]` marker so the
+ * operator can still verify the report at-a-glance ("yes, a 32-char
+ * token was here") без leaking the value.
+ */
+function redact(text) {
+    if (!text)
+        return text;
+    // Bearer + JWT shape.
+    text = text.replace(/(Bearer\s+)([A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+)/gi, (_m, prefix, tok) => `${prefix}[REDACTED:${tok.length}]`);
+    // Bare JWTs (no Bearer prefix) inside JSON / log lines.
+    text = text.replace(/\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g, (tok) => `[REDACTED:${tok.length}]`);
+    // `"token": "..."` / `"apiKey": "..."` / `"password": "..."` shapes.
+    text = text.replace(/("(?:apiKey|api_key|token|access_token|refresh_token|password|secret|bearer)"\s*:\s*")([^"]{10,})(")/gi, (_m, before, val, after) => `${before}[REDACTED:${val.length}]${after}`);
+    // Bare env-style KEY=VALUE на длинных значениях.
+    text = text.replace(/\b((?:PUGI_API_KEY|GITHUB_TOKEN|NPM_TOKEN|ANVIL_API_KEY|OPENAI_API_KEY|ANTHROPIC_API_KEY|GEMINI_API_KEY)=)([^\s"']{10,})/g, (_m, prefix, val) => `${prefix}[REDACTED:${val.length}]`);
+    return text;
+}
+function clampDetail(value) {
+    if (typeof value !== 'string')
+        return undefined;
+    const redacted = redact(value);
+    return redacted.length > MAX_DETAIL_CHARS
+        ? `${redacted.slice(0, MAX_DETAIL_CHARS)}…`
+        : redacted;
+}
+function findLatestSession(cwd) {
+    const dir = resolvePath(cwd, '.pugi/sessions');
+    if (!existsSync(dir))
+        return null;
+    const entries = readdirSync(dir, { withFileTypes: true })
+        .filter((e) => e.isDirectory())
+        .map((e) => {
+        const path = join(dir, e.name);
+        let mtime = 0;
+        try {
+            mtime = statSync(join(path, 'events.jsonl')).mtimeMs;
+        }
+        catch {
+            // Session dir without events.jsonl yet — never opened. Skip.
+            return null;
+        }
+        return { name: e.name, path, mtime };
+    })
+        .filter((x) => x !== null)
+        .sort((a, b) => b.mtime - a.mtime);
+    return entries[0]?.path ?? null;
+}
+function readTenantIdSafely() {
+    const credPath = resolvePath(homedir(), '.pugi/credentials.json');
+    if (!existsSync(credPath))
+        return undefined;
+    try {
+        const raw = JSON.parse(readFileSync(credPath, 'utf8'));
+        const first = raw.tokens?.[0]?.apiKey;
+        if (!first || typeof first !== 'string')
+            return undefined;
+        // JWT payload is the middle segment; base64-decode + parse for the
+        // `customerId` claim. Failure here returns undefined (the report
+        // still emits useful context without it).
+        const parts = first.split('.');
+        if (parts.length !== 3)
+            return undefined;
+        const payload = JSON.parse(Buffer.from(parts[1] ?? '', 'base64').toString('utf8'));
+        return typeof payload.customerId === 'string' ? payload.customerId : undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+function captureFrames(eventsPath) {
+    const lines = readFileSync(eventsPath, 'utf8')
+        .split('\n')
+        .filter((l) => l.trim().length > 0);
+    const parsed = lines
+        .map((line) => {
+        try {
+            return JSON.parse(line);
+        }
+        catch {
+            return null;
+        }
+    })
+        .filter((f) => f !== null);
+    // Keep the LAST MAX_TAIL_FRAMES frames — failures cluster at the
+    // end, and the tail is where the operator's context actually lives.
+    const tail = parsed.slice(-MAX_TAIL_FRAMES);
+    return tail.map((f) => {
+        const out = {
+            type: typeof f.type === 'string' ? f.type : 'unknown',
+        };
+        if (typeof f.taskId === 'string')
+            out.taskId = f.taskId;
+        if (typeof f.timestamp === 'string')
+            out.timestamp = f.timestamp;
+        if (typeof f.outcome === 'string')
+            out.outcome = f.outcome;
+        // Keep detail / error ONLY on terminal frames (full reply text on
+        // every agent.message would blow the report past the GH issue cap).
+        if (TERMINAL_TYPES.has(out.type)) {
+            const detail = clampDetail(f.detail) ?? clampDetail(f.error);
+            if (detail)
+                out.detail = detail;
+            if (typeof f.error === 'string')
+                out.error = clampDetail(f.error);
+        }
+        return out;
+    });
+}
+export function runReport(args, ctx) {
+    const fromError = args.includes('--from-error');
+    if (!fromError) {
+        ctx.writeOutput({
+            command: 'report',
+            status: 'no_sessions',
+            message: 'pugi report — capture a bug report from the most-recent session.\n\n' +
+                'Usage:\n' +
+                '  pugi report --from-error           Bundle the most-recent failed session as a report.\n\n' +
+                'Output: writes .pugi/reports/<timestamp>-<session-id>/{report.json, report.md}.\n' +
+                'Secrets (bearer tokens, JWTs, named env values) are stripped before disk write.',
+        }, 'pugi report — see `pugi report --help`');
+        return 0;
+    }
+    const sessionPath = findLatestSession(ctx.cwd);
+    if (!sessionPath) {
+        ctx.writeOutput({
+            command: 'report',
+            status: 'no_sessions',
+            message: 'No sessions found under .pugi/sessions/. Run a `pugi` command first.',
+        }, 'pugi report: no sessions found under .pugi/sessions/ — run a `pugi` command first.');
+        return 8;
+    }
+    const eventsPath = join(sessionPath, 'events.jsonl');
+    let frames;
+    try {
+        frames = captureFrames(eventsPath);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.writeOutput({
+            command: 'report',
+            status: 'unreadable',
+            message: `Failed to read ${eventsPath}: ${message}`,
+        }, `pugi report: cannot read session events (${message})`);
+        return 9;
+    }
+    const sessionId = sessionPath.split('/').pop() ?? 'unknown';
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+    const reportDir = resolvePath(ctx.cwd, '.pugi/reports', `${timestamp}-${sessionId}`);
+    let reportJson;
+    let reportMd;
+    try {
+        mkdirSync(reportDir, { recursive: true });
+        reportJson = join(reportDir, 'report.json');
+        reportMd = join(reportDir, 'report.md');
+        const meta = {
+            schema: 1,
+            generatedAt: new Date().toISOString(),
+            cliVersion: PUGI_CLI_VERSION,
+            nodeVersion: process.version,
+            os: `${platform()} ${release()}`,
+            cwd: ctx.cwd,
+            sessionId,
+            tenantId: readTenantIdSafely() ?? '(not resolvable)',
+            pugiMd: existsSync(resolvePath(ctx.cwd, '.pugi/PUGI.md')),
+            frames,
+        };
+        writeFileSync(reportJson, JSON.stringify(meta, null, 2), 'utf8');
+        const mdLines = [
+            `# Pugi bug report — ${sessionId}`,
+            '',
+            `Generated: \`${meta.generatedAt}\``,
+            `CLI version: \`${meta.cliVersion}\``,
+            `Node: \`${meta.nodeVersion}\` · OS: \`${meta.os}\``,
+            `Workspace: \`${meta.cwd}\` (PUGI.md present: ${meta.pugiMd ? 'yes' : 'no'})`,
+            `Tenant: \`${meta.tenantId}\``,
+            '',
+            `## Last ${frames.length} frames`,
+            '',
+            '```jsonl',
+            ...frames.map((f) => JSON.stringify(f)),
+            '```',
+            '',
+            '## How to share',
+            '',
+            '1. Review `report.md` for accidental PII or sensitive paths.',
+            '2. Paste the contents into a GH issue at https://github.com/pugi-io/pugi/issues',
+            '   OR attach the `report.json` as a file.',
+            '',
+            'Auto-upload to api.pugi.io is planned (`pugi report --upload`) but',
+            'NOT shipped in this build — v1 keeps everything local so an operator',
+            'behind a firewall can still file a clean report.',
+        ];
+        writeFileSync(reportMd, mdLines.join('\n'), 'utf8');
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.writeOutput({
+            command: 'report',
+            status: 'output_not_writable',
+            message: `Failed to write report bundle to ${reportDir}: ${message}`,
+        }, `pugi report: cannot write report dir (${message})`);
+        return 20;
+    }
+    ctx.writeOutput({
+        command: 'report',
+        status: 'written',
+        reportDir,
+        reportJson,
+        reportMd,
+        sessionId,
+        message: `Report written: ${reportDir}`,
+    }, [
+        `pugi report: bundle written`,
+        `  Session: ${sessionId}`,
+        `  Frames captured: ${frames.length}`,
+        `  Files:`,
+        `    ${reportJson}`,
+        `    ${reportMd}`,
+        ``,
+        `Review report.md for accidental PII, then paste into a GH issue OR`,
+        `attach report.json. Auto-upload is planned for a follow-up build.`,
+    ].join('\n'));
+    return 0;
+}
+// Test seam — the redactor is the most-tested piece (false negatives
+// leak secrets; false positives garble bug context). Exported so
+// apps/pugi-cli/test/report.spec.ts can assert the regex behaviour
+// без spinning up a full session.
+export const __INTERNAL_FOR_TESTS = { redact, clampDetail };
+//# sourceMappingURL=report.js.map

package/dist/runtime/commands/review-consensus.js

@@ -40,8 +40,23 @@ import { aggregate, exitCodeFor, reviewerVerdictFromRaw, } from '../../core/cons
  *   `--branch <name>` / `--branch=<name>`
  *   `--base <ref>` / `--base=<ref>`   (override default origin/main)
  */
-export function parseConsensusArgs(args) {
+export function parseConsensusArgs(args, 
+/**
+ * 2026-05-27 (Codex r0 P1 on PR #489): cli.ts now parses --commit /
+ * --base in the GLOBAL flag pass for the new triple-provider path.
+ * Those tokens are consumed BEFORE this function sees `args`, so
+ * `pugi review --consensus --commit X` would silently fall back to
+ * the default diff and review the wrong changes. Pass the global
+ * flags through here so consensus picks them up when present.
+ * Inline `--commit`/`--base` tokens in args still win — explicit
+ * caller intent is preserved.
+ */
+fallback) {
     const spec = {};
+    if (fallback?.commit)
+        spec.commit = fallback.commit;
+    if (fallback?.base)
+        spec.baseRef = fallback.base;
     for (let i = 0; i < args.length; i += 1) {
         const arg = args[i] ?? '';
         const equalsIdx = arg.indexOf('=');
@@ -119,7 +134,7 @@ export async function runReviewConsensus(args, ctx) {
     // exit 2 — same as BLOCK because the gate could not even run.
     let captured;
     try {
-        const spec = parseConsensusArgs(args);
+        const spec = parseConsensusArgs(args, ctx.flagsFallback);
         captured = captureDiff({ ...spec, cwd: ctx.cwd });
     }
     catch (error) {

package/dist/runtime/commands/roster.js

@@ -0,0 +1,117 @@
+/**
+ * `pugi roster` command - α7.5 Tier 1 instantiation Phase 1.
+ *
+ * Lists the live Tier 1 personas with display name, role, and routing
+ * tag. The CLI walks two sources in order:
+ *
+ *   1. The local @pugi/personas roster (THE_TEN). Always succeeds; the
+ *      ten brand-canonical personas are baked into the SDK.
+ *   2. The remote `GET /api/pugi/sessions/roster` endpoint when the
+ *      operator has a valid credential. The remote response carries the
+ *      server-side dispatch role + dispatchTag for each slug so the
+ *      operator sees the actual routing decision the dispatcher will
+ *      apply on a `pugi delegate <slug>` call.
+ *
+ * The command never fails if the network is unreachable - it falls back
+ * to local-only output with a one-line warning. This matches the
+ * local-first contract (ADR-0037): the operator can still see who is on
+ * the team without an API key.
+ *
+ * Output:
+ *   - text default: a 3-column table (slug | name | role).
+ *   - --json:        a structured array of { slug, name, role, totem,
+ *                    dispatchTag } records, used by scripted callers.
+ */
+import { THE_TEN } from '@pugi/personas';
+import { fetchPersonaRoster, } from '@pugi/sdk';
+/**
+ * Fallback role + tag table the CLI uses when the runtime is unreachable
+ * (no credentials, network error, older runtime without the
+ * /sessions/roster endpoint). Mirrors the server-side
+ * persona-dispatch.ts PERSONA_REGISTRY so a CLI that ran without
+ * credentials still shows the operator the right routing intent.
+ */
+const FALLBACK_ROLE_BY_SLUG = Object.freeze({
+    main: { role: 'orchestrator', dispatchTag: 'reason' },
+    architect: { role: 'architect', dispatchTag: 'reason' },
+    dev: { role: 'coder', dispatchTag: 'codegen' },
+    qa: { role: 'verifier', dispatchTag: 'reason' },
+    pm: { role: 'release', dispatchTag: 'reason' },
+    devops: { role: 'devops', dispatchTag: 'reason' },
+    researcher: { role: 'researcher', dispatchTag: 'reason' },
+    analyst: { role: 'analyst', dispatchTag: 'summarize' },
+    designer: { role: 'design_qa', dispatchTag: 'reason' },
+    frontend: { role: 'frontend', dispatchTag: 'codegen' },
+});
+/**
+ * Build the roster rows by merging the local @pugi/personas brand
+ * roster with the remote dispatch metadata when a credential is
+ * available. Pure function so the runtime CLI command can unit-test it
+ * without standing up an Anvil endpoint.
+ */
+export function mergeRoster(brandRoster, remote) {
+    const remoteIndex = new Map((remote ?? []).map((entry) => [entry.slug, entry]));
+    return brandRoster.map((persona) => {
+        const fromRemote = remoteIndex.get(persona.slug);
+        const fallback = FALLBACK_ROLE_BY_SLUG[persona.slug] ?? {
+            role: persona.role,
+            dispatchTag: 'reason',
+        };
+        return {
+            slug: persona.slug,
+            name: persona.name,
+            totem: persona.animal,
+            role: fromRemote?.role ?? fallback.role,
+            dispatchTag: fromRemote?.dispatchTag ?? fallback.dispatchTag,
+            oneLiner: persona.oneLiner,
+            source: fromRemote ? 'remote' : 'local-fallback',
+        };
+    });
+}
+/**
+ * Render a roster as a plain-text 3-column table the operator reads in
+ * the terminal. The column widths grow to fit the longest cell so a
+ * future displayName drift does not truncate silently.
+ */
+export function renderRosterTable(rows) {
+    if (rows.length === 0)
+        return 'Roster is empty.';
+    const head = { slug: 'slug', name: 'name', totem: 'totem', role: 'role', dispatchTag: 'tag' };
+    const widths = {
+        slug: Math.max(head.slug.length, ...rows.map((r) => r.slug.length)),
+        name: Math.max(head.name.length, ...rows.map((r) => r.name.length)),
+        totem: Math.max(head.totem.length, ...rows.map((r) => r.totem.length)),
+        role: Math.max(head.role.length, ...rows.map((r) => r.role.length)),
+        dispatchTag: Math.max(head.dispatchTag.length, ...rows.map((r) => r.dispatchTag.length)),
+    };
+    const pad = (s, width) => s + ' '.repeat(Math.max(0, width - s.length));
+    const line = (r) => [pad(r.slug, widths.slug), pad(r.name, widths.name), pad(r.totem, widths.totem), pad(r.role, widths.role), pad(r.dispatchTag, widths.dispatchTag)].join('  ');
+    const header = line(head);
+    const sep = '-'.repeat(header.length);
+    return [header, sep, ...rows.map((r) => line(r))].join('\n');
+}
+/**
+ * Resolve the roster by walking remote + local sources. The CLI command
+ * is a thin wrapper around this function so unit tests can exercise the
+ * merge logic without hitting the runtime.
+ */
+export async function resolveRoster(config) {
+    if (!config) {
+        return {
+            rows: mergeRoster(THE_TEN, null),
+            warning: 'no credential configured; showing local @pugi/personas roster only',
+        };
+    }
+    const result = await fetchPersonaRoster(config);
+    if (result.status === 'ok') {
+        return { rows: mergeRoster(THE_TEN, result.response.personas), warning: null };
+    }
+    const reason = result.status === 'endpoint_missing'
+        ? 'runtime does not expose /api/pugi/sessions/roster (upgrade admin-api to α7.5+)'
+        : result.message;
+    return {
+        rows: mergeRoster(THE_TEN, null),
+        warning: `roster fetch failed (${result.status}): ${reason}; showing local roster only`,
+    };
+}
+//# sourceMappingURL=roster.js.map