@pugi/cli 0.1.0-beta.3 → 0.1.0-beta.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (219) hide show
  1. package/THIRD_PARTY_NOTICES.md +40 -0
  2. package/assets/pugi-mascot.ansi +15 -40
  3. package/bin/run.js +33 -1
  4. package/dist/commands/jobs-watch.js +201 -0
  5. package/dist/commands/jobs.js +15 -0
  6. package/dist/core/agent-progress/cleanup.js +134 -0
  7. package/dist/core/agent-progress/schema.js +144 -0
  8. package/dist/core/agent-progress/writer.js +101 -0
  9. package/dist/core/artifact-chain/dispatcher.js +148 -0
  10. package/dist/core/artifact-chain/exporter.js +164 -0
  11. package/dist/core/artifact-chain/state.js +243 -0
  12. package/dist/core/artifact-chain/steps.js +169 -0
  13. package/dist/core/auth/env-provider.js +238 -0
  14. package/dist/core/auto-update/channels.js +122 -0
  15. package/dist/core/auto-update/checker.js +241 -0
  16. package/dist/core/auto-update/state.js +235 -0
  17. package/dist/core/bare-mode/index.js +107 -0
  18. package/dist/core/checkpoint/resumer.js +149 -0
  19. package/dist/core/checkpoint/rewinder.js +291 -0
  20. package/dist/core/compact/auto-trigger.js +96 -0
  21. package/dist/core/compact/buffer-rewriter.js +115 -0
  22. package/dist/core/compact/summarizer.js +208 -0
  23. package/dist/core/compact/token-counter.js +108 -0
  24. package/dist/core/consensus/diff-capture.js +73 -0
  25. package/dist/core/context/index.js +7 -0
  26. package/dist/core/context/markdown-traverse.js +255 -0
  27. package/dist/core/cost/rate-card.js +129 -0
  28. package/dist/core/cost/tracker.js +221 -0
  29. package/dist/core/denial-tracking/index.js +8 -0
  30. package/dist/core/denial-tracking/state.js +264 -0
  31. package/dist/core/diagnostics/probe-runner.js +93 -0
  32. package/dist/core/diagnostics/probes/api.js +46 -0
  33. package/dist/core/diagnostics/probes/auth.js +86 -0
  34. package/dist/core/diagnostics/probes/bare-mode.js +42 -0
  35. package/dist/core/diagnostics/probes/cli-version.js +127 -0
  36. package/dist/core/diagnostics/probes/config.js +72 -0
  37. package/dist/core/diagnostics/probes/denial-tracking.js +57 -0
  38. package/dist/core/diagnostics/probes/disk.js +81 -0
  39. package/dist/core/diagnostics/probes/git.js +65 -0
  40. package/dist/core/diagnostics/probes/mcp.js +75 -0
  41. package/dist/core/diagnostics/probes/node.js +59 -0
  42. package/dist/core/diagnostics/probes/pnpm.js +36 -0
  43. package/dist/core/diagnostics/probes/pugi-md.js +89 -0
  44. package/dist/core/diagnostics/probes/session.js +74 -0
  45. package/dist/core/diagnostics/probes/status-snapshot.js +442 -0
  46. package/dist/core/diagnostics/probes/workspace.js +63 -0
  47. package/dist/core/diagnostics/types.js +70 -0
  48. package/dist/core/dispatch/cache-cleanup.js +197 -0
  49. package/dist/core/dispatch/cache-handoff.js +295 -0
  50. package/dist/core/edits/dispatch.js +218 -2
  51. package/dist/core/edits/journal.js +199 -0
  52. package/dist/core/edits/layer-d-ast.js +557 -14
  53. package/dist/core/edits/verify-hook.js +273 -0
  54. package/dist/core/edits/worktree.js +111 -18
  55. package/dist/core/engine/anvil-client.js +115 -5
  56. package/dist/core/engine/budgets.js +89 -0
  57. package/dist/core/engine/context-prefix.js +155 -0
  58. package/dist/core/engine/intent.js +260 -0
  59. package/dist/core/engine/native-pugi.js +852 -210
  60. package/dist/core/engine/prompts.js +89 -6
  61. package/dist/core/engine/strip-internal-fields.js +124 -0
  62. package/dist/core/engine/tool-bridge.js +972 -33
  63. package/dist/core/feedback/queue.js +177 -0
  64. package/dist/core/feedback/submitter.js +145 -0
  65. package/dist/core/file-cache.js +113 -1
  66. package/dist/core/hooks/events.js +44 -0
  67. package/dist/core/hooks/index.js +15 -0
  68. package/dist/core/hooks/registry.js +213 -0
  69. package/dist/core/hooks/runner.js +236 -0
  70. package/dist/core/init/scaffold.js +195 -0
  71. package/dist/core/lsp/cache.js +105 -0
  72. package/dist/core/lsp/client.js +174 -29
  73. package/dist/core/lsp/language-detect.js +66 -0
  74. package/dist/core/lsp/post-edit-diagnostics.js +171 -0
  75. package/dist/core/mcp/client.js +75 -6
  76. package/dist/core/mcp/http-server.js +553 -0
  77. package/dist/core/mcp/permission.js +190 -0
  78. package/dist/core/mcp/registry.js +24 -2
  79. package/dist/core/mcp/server-tools.js +219 -0
  80. package/dist/core/mcp/server.js +397 -0
  81. package/dist/core/memory/dual-write.js +416 -0
  82. package/dist/core/memory/dual-write.spec.js +297 -0
  83. package/dist/core/memory/phase1-kinds.js +20 -0
  84. package/dist/core/memory-sync/queue.js +158 -0
  85. package/dist/core/memory-sync/queue.spec.js +105 -0
  86. package/dist/core/onboarding/marker.js +111 -0
  87. package/dist/core/onboarding/telemetry-state.js +108 -0
  88. package/dist/core/output-style/presets.js +176 -0
  89. package/dist/core/output-style/state.js +185 -0
  90. package/dist/core/permissions/gate.js +187 -0
  91. package/dist/core/permissions/index.js +18 -0
  92. package/dist/core/permissions/mode.js +102 -0
  93. package/dist/core/permissions/state.js +215 -0
  94. package/dist/core/permissions/tool-class.js +93 -0
  95. package/dist/core/prd-check/parser.js +215 -0
  96. package/dist/core/prd-check/reporter.js +127 -0
  97. package/dist/core/prd-check/session-review.js +557 -0
  98. package/dist/core/prd-check/verifiers.js +223 -0
  99. package/dist/core/pugi-md/context-injector.js +76 -0
  100. package/dist/core/pugi-md/walk-up.js +207 -0
  101. package/dist/core/release-notes/parser.js +241 -0
  102. package/dist/core/release-notes/state.js +116 -0
  103. package/dist/core/repl/codebase-survey.js +308 -0
  104. package/dist/core/repl/history.js +11 -1
  105. package/dist/core/repl/init-interview.js +457 -0
  106. package/dist/core/repl/model-pricing.js +135 -0
  107. package/dist/core/repl/onboarding-state.js +297 -0
  108. package/dist/core/repl/session.js +1529 -30
  109. package/dist/core/repl/slash-commands.js +361 -13
  110. package/dist/core/repl/store/session-store.js +31 -2
  111. package/dist/core/repl/workspace-context.js +22 -0
  112. package/dist/core/repo-map/build.js +125 -0
  113. package/dist/core/repo-map/cache.js +185 -0
  114. package/dist/core/repo-map/extractor.js +254 -0
  115. package/dist/core/repo-map/formatter.js +145 -0
  116. package/dist/core/repo-map/scanner.js +211 -0
  117. package/dist/core/retry-budget/budget.js +284 -0
  118. package/dist/core/retry-budget/index.js +5 -0
  119. package/dist/core/session.js +44 -0
  120. package/dist/core/settings.js +80 -0
  121. package/dist/core/share/formatter.js +271 -0
  122. package/dist/core/share/redactor.js +221 -0
  123. package/dist/core/share/uploader.js +267 -0
  124. package/dist/core/skills/defaults.js +457 -0
  125. package/dist/core/subagents/dispatcher-real.js +600 -0
  126. package/dist/core/subagents/dispatcher.js +113 -24
  127. package/dist/core/subagents/index.js +18 -5
  128. package/dist/core/subagents/isolation-matrix.js +213 -0
  129. package/dist/core/subagents/spawn.js +19 -4
  130. package/dist/core/telemetry/emitter.js +229 -0
  131. package/dist/core/telemetry/queue.js +251 -0
  132. package/dist/core/theme/context.js +91 -0
  133. package/dist/core/theme/presets.js +228 -0
  134. package/dist/core/theme/state.js +181 -0
  135. package/dist/core/todos/invariant.js +10 -0
  136. package/dist/core/todos/state.js +177 -0
  137. package/dist/core/transport/version-interceptor.js +166 -0
  138. package/dist/core/vim/keymap.js +288 -0
  139. package/dist/core/vim/state.js +92 -0
  140. package/dist/index.js +28 -0
  141. package/dist/runtime/bootstrap.js +190 -0
  142. package/dist/runtime/cli.js +2603 -278
  143. package/dist/runtime/commands/chain.js +489 -0
  144. package/dist/runtime/commands/compact.js +297 -0
  145. package/dist/runtime/commands/cost.js +199 -0
  146. package/dist/runtime/commands/delegate.js +312 -0
  147. package/dist/runtime/commands/dispatch.js +126 -0
  148. package/dist/runtime/commands/doctor.js +390 -0
  149. package/dist/runtime/commands/feedback.js +184 -0
  150. package/dist/runtime/commands/hooks.js +184 -0
  151. package/dist/runtime/commands/lsp.js +212 -28
  152. package/dist/runtime/commands/mcp.js +824 -0
  153. package/dist/runtime/commands/memory.js +508 -0
  154. package/dist/runtime/commands/memory.spec.js +174 -0
  155. package/dist/runtime/commands/model.js +237 -0
  156. package/dist/runtime/commands/onboarding.js +275 -0
  157. package/dist/runtime/commands/patch.js +17 -0
  158. package/dist/runtime/commands/permissions.js +87 -0
  159. package/dist/runtime/commands/plan.js +143 -0
  160. package/dist/runtime/commands/prd-check.js +285 -0
  161. package/dist/runtime/commands/release-notes.js +229 -0
  162. package/dist/runtime/commands/repo-map.js +95 -0
  163. package/dist/runtime/commands/report.js +299 -0
  164. package/dist/runtime/commands/resume.js +118 -0
  165. package/dist/runtime/commands/review-consensus.js +17 -2
  166. package/dist/runtime/commands/rewind.js +333 -0
  167. package/dist/runtime/commands/roster.js +117 -0
  168. package/dist/runtime/commands/sessions.js +163 -0
  169. package/dist/runtime/commands/share.js +316 -0
  170. package/dist/runtime/commands/status.js +178 -0
  171. package/dist/runtime/commands/stickers.js +82 -0
  172. package/dist/runtime/commands/style.js +194 -0
  173. package/dist/runtime/commands/theme.js +196 -0
  174. package/dist/runtime/commands/update.js +289 -0
  175. package/dist/runtime/commands/vim.js +140 -0
  176. package/dist/runtime/commands/worktree.js +50 -6
  177. package/dist/runtime/headless.js +543 -0
  178. package/dist/runtime/load-hooks-or-exit.js +71 -0
  179. package/dist/runtime/plan-decompose.js +531 -0
  180. package/dist/runtime/version.js +65 -0
  181. package/dist/tools/agent-tool.js +229 -0
  182. package/dist/tools/apply-patch.js +281 -39
  183. package/dist/tools/ask-user-question.js +213 -0
  184. package/dist/tools/ask-user.js +115 -0
  185. package/dist/tools/file-tools.js +85 -14
  186. package/dist/tools/mcp-tool.js +260 -0
  187. package/dist/tools/multi-edit.js +361 -0
  188. package/dist/tools/registry.js +30 -2
  189. package/dist/tools/skill-tool.js +96 -0
  190. package/dist/tools/tasks.js +208 -0
  191. package/dist/tools/todo-write.js +184 -0
  192. package/dist/tools/web-fetch.js +147 -2
  193. package/dist/tools/web-search.js +458 -0
  194. package/dist/tui/agent-progress-card.js +111 -0
  195. package/dist/tui/agent-tree.js +10 -0
  196. package/dist/tui/ask-modal.js +2 -2
  197. package/dist/tui/ask-user-question-prompt.js +192 -0
  198. package/dist/tui/compact-banner.js +81 -0
  199. package/dist/tui/conversation-pane.js +82 -8
  200. package/dist/tui/cost-table.js +111 -0
  201. package/dist/tui/doctor-table.js +46 -0
  202. package/dist/tui/feedback-prompt.js +156 -0
  203. package/dist/tui/input-box.js +46 -2
  204. package/dist/tui/markdown-render.js +4 -4
  205. package/dist/tui/onboarding-wizard.js +240 -0
  206. package/dist/tui/repl-render.js +293 -35
  207. package/dist/tui/repl-splash.js +2 -2
  208. package/dist/tui/repl.js +45 -13
  209. package/dist/tui/splash.js +1 -1
  210. package/dist/tui/status-bar.js +94 -16
  211. package/dist/tui/status-table.js +7 -0
  212. package/dist/tui/stickers-art.js +136 -0
  213. package/dist/tui/style-table.js +28 -0
  214. package/dist/tui/theme-table.js +29 -0
  215. package/dist/tui/tool-stream-pane.js +7 -0
  216. package/dist/tui/update-banner.js +20 -2
  217. package/dist/tui/vim-input.js +267 -0
  218. package/docs/examples/codegraph.mcp.json +10 -0
  219. package/package.json +9 -6
@@ -38,20 +38,30 @@ import { listRoles } from '../agents/registry.js';
38
38
  * silently appear here with empty placeholders.
39
39
  */
40
40
  export const SLASH_STUB_MESSAGES = Object.freeze({
41
- compact: 'Manual context compaction lands in α6.5b.',
41
+ // Leak L8 (2026-05-27): /compact graduated from stub. The session
42
+ // module now owns the summariser round-trip + boundary marker append
43
+ // via `dispatchCompact`. Keep the type record exhaustive so a future
44
+ // stub addition cannot silently overlap the wired set.
42
45
  memory: 'Session memory editor lands in α6.5b.',
43
46
  config: 'Run `pugi config list` from a fresh shell for the full surface; in-REPL editor lands in α6.5.',
44
47
  // alpha 6.13: /privacy graduated from stub; nothing reads this at
45
48
  // runtime but the type record stays exhaustive.
46
49
  privacy: '',
47
50
  budget: 'Run `pugi budget` from a fresh shell; in-REPL summary lands in α6.5.',
48
- mcp: 'Run `pugi config mcp list` from a fresh shell; in-REPL palette lands in α6.5.',
49
- undo: 'Run `pugi undo` from a fresh shell; in-REPL undo lands in α6.5.',
51
+ // β4 Sl7 (2026-05-26): /mcp graduated from stub to a real handler
52
+ // that forwards to `runMcpCommand`. Stub message removed from the
53
+ // exhaustive record so the type narrows correctly.
54
+ //
55
+ // Wave 6 final (2026-05-27): /undo graduated from stub to a real
56
+ // handler that forwards to `runUndoCommand` (Aider walk-back —
57
+ // single-step revert of the last mutating tool result, with
58
+ // mtime+hash external-modification gate). Stub message removed.
50
59
  });
51
60
  export const SLASH_COMMAND_HELP = Object.freeze([
52
61
  // Workforce dispatch
53
62
  { name: 'brief', args: '<text>', gloss: 'Dispatch a brief to the workforce', group: 'Workforce dispatch' },
54
63
  { name: 'agents', args: '', gloss: 'List the on-watch agent roster', group: 'Workforce dispatch' },
64
+ { name: 'delegate', args: '<slug> <brief>', gloss: 'Dispatch a brief to one Tier 1 specialist (α7.5)', group: 'Workforce dispatch' },
55
65
  { name: 'stop', args: '<persona>', gloss: 'Stop one agent by persona slug', group: 'Workforce dispatch' },
56
66
  { name: 'jobs', args: '', gloss: 'List background jobs', group: 'Workforce dispatch' },
57
67
  { name: 'ask', args: '<question>', gloss: 'Surface a yes/no modal locally (α6.3 forcing question)', group: 'Workforce dispatch' },
@@ -59,23 +69,42 @@ export const SLASH_COMMAND_HELP = Object.freeze([
59
69
  { name: 'clear', args: '', gloss: 'Clear conversation pane', group: 'Session' },
60
70
  { name: 'resume', args: '', gloss: 'Pick a stored session to restore', group: 'Session' },
61
71
  { name: 'context', args: '', gloss: 'Show three-tier context summary (Tier 0 skeleton + Tier 1 working set)', group: 'Session' },
62
- { name: 'compact', args: '', gloss: 'Manual context compaction (α6.5b)', group: 'Session', stub: true },
72
+ { name: 'compact', args: '[--force]', gloss: 'Summarise older turns into a boundary marker (leak L8). --force bypasses the noop-empty guard', group: 'Session' },
73
+ { name: 'rewind', args: '[N | --to <id>]', gloss: 'Roll the conversation back to a checkpoint (leak L9)', group: 'Session' },
63
74
  { name: 'memory', args: '', gloss: 'Session memory editor (α6.5b)', group: 'Session', stub: true },
75
+ { name: 'init', args: '', gloss: 'Scaffold .pugi/ in the current workspace (β1 Sl11)', group: 'Session' },
64
76
  // Pugi tools
65
77
  { name: 'web', args: '<url>', gloss: 'Fetch a URL into context', group: 'Pugi tools' },
66
78
  { name: 'diff', args: '', gloss: 'Show pending diff', group: 'Pugi tools' },
67
- { name: 'cost', args: '', gloss: 'Token usage + budget', group: 'Pugi tools' },
68
- { name: 'status', args: '', gloss: 'Backend + tenant status', group: 'Pugi tools' },
79
+ { name: 'cost', args: '', gloss: 'Session token + USD totals + last 5 turn breakdown', group: 'Pugi tools' },
80
+ { name: 'quota', args: '', gloss: 'Plan tier + monthly usage caps (sync / review / engine)', group: 'Pugi tools' },
81
+ { name: 'status', args: '', gloss: 'Session snapshot — id · cwd · mode · tokens · dispatches · auth', group: 'Pugi tools' },
69
82
  { name: 'consensus', args: '[ref]', gloss: '3-model consensus review (codex · claude · deepseek)', group: 'Pugi tools' },
83
+ { name: 'repo-map', args: '[refresh]', gloss: 'AST-light symbol summary of the workspace (leak L28)', group: 'Pugi tools' },
70
84
  // Settings
71
85
  { name: 'config', args: '', gloss: 'Show config', group: 'Settings', stub: true },
72
86
  { name: 'privacy', args: '', gloss: 'Show privacy mode + contract', group: 'Settings' },
87
+ { name: 'permissions', args: '[mode] [--persist]', gloss: 'Show or flip permission mode (plan / ask / allow / bypass) (also: /plan)', group: 'Settings' },
88
+ { name: 'plan', args: '[--back | --persist] [<prompt>]', gloss: 'Switch to plan mode (read-only). Same as /permissions plan, slicker UX.', group: 'Settings' },
89
+ { name: 'model', args: '[<slug>]', gloss: 'Show or select the active model. Bare /model lists tier-gated options', group: 'Settings' },
73
90
  { name: 'budget', args: '', gloss: 'Show usage budget', group: 'Settings', stub: true },
74
- { name: 'mcp', args: '', gloss: 'List MCP servers', group: 'Settings', stub: true },
75
- { name: 'undo', args: '', gloss: 'Undo last write', group: 'Settings', stub: true },
91
+ { name: 'mcp', args: '[sub]', gloss: 'MCP servers — list / trust / deny / install / serve / perms', group: 'Settings' },
92
+ { name: 'style', args: '[name] [--persist|--reset|--list]', gloss: 'Output-style preset (default / terse / explanatory / russian-formal / casual)', group: 'Settings' },
93
+ { name: 'theme', args: '[name] [--persist|--reset|--list]', gloss: 'TUI color palette (default / dark / light / colorblind)', group: 'Settings' },
94
+ { name: 'onboarding', args: '[--reset|--non-interactive]', gloss: 'First-run wizard — auth / mode / style / MCP / telemetry (leak L25)', group: 'Settings' },
95
+ { name: 'vim', args: '[on|off|status]', gloss: 'Toggle vim-style modal editing in the input buffer (leak L26)', group: 'Settings' },
96
+ { name: 'undo', args: '', gloss: 'Revert the last successful write / edit / multi_edit (Aider walk-back, Wave 6)', group: 'Settings' },
76
97
  // Meta
77
98
  { name: 'help', args: '', gloss: 'Show this help overlay', group: 'Meta' },
78
99
  { name: 'version', args: '', gloss: 'Show CLI version', group: 'Meta' },
100
+ { name: 'doctor', args: '', gloss: 'Environment health report (auth · API · Node · disk · MCP · …)', group: 'Meta' },
101
+ { name: 'prd-check', args: '<prd-path | --all | --session> [--json]', gloss: 'Verify PRD against code (default) or session work (--session, Wave 6 final)', group: 'Meta' },
102
+ { name: 'chain', args: '<new|status|next|show|export|list> [...args]', gloss: 'Artifact chain — PRD → ADR → mindmap → ER → sequence → tests → code (Wave 6)', group: 'Meta' },
103
+ { name: 'stickers', args: '', gloss: 'show Pugi brand stickers (gimmick)', group: 'Meta' },
104
+ { name: 'feedback', args: '', gloss: 'file a bug / feature / general comment without leaving the REPL', group: 'Meta' },
105
+ { name: 'share', args: '[--gist|--pugi] [--redact] [--preview]', gloss: 'Export session transcript to gist / pugi.io (leak L20)', group: 'Meta' },
106
+ { name: 'release-notes', args: '[--reset]', gloss: 'Show changelog diff since last upgrade (leak L24)', group: 'Meta' },
107
+ { name: 'update', args: '[--check|--apply [--yes]] [--channel <name>]', gloss: 'Check for / apply CLI update on stable / beta / canary (leak L27)', group: 'Meta' },
79
108
  { name: 'quit', args: '', gloss: 'Exit the REPL', group: 'Meta' },
80
109
  ]);
81
110
  /**
@@ -135,6 +164,38 @@ export function parseSlashCommand(input) {
135
164
  case 'roster': {
136
165
  return { kind: 'roster' };
137
166
  }
167
+ case 'delegate': {
168
+ // tail must start with the persona slug followed by the brief.
169
+ // Slug accepts only the closed-set lowercase ASCII pattern the
170
+ // server-side persona registry enforces; anything else surfaces
171
+ // as a usage error so the operator sees the typo before the
172
+ // round-trip.
173
+ const innerSpace = tail.indexOf(' ');
174
+ if (innerSpace === -1 || innerSpace === 0) {
175
+ return {
176
+ kind: 'error',
177
+ message: 'Usage: /delegate <slug> <one-sentence brief>',
178
+ };
179
+ }
180
+ const persona = tail.slice(0, innerSpace).toLowerCase();
181
+ const brief = tail.slice(innerSpace + 1).trim();
182
+ // Pattern intentionally mirrors server-side PUGI_DELEGATE_REGEX in
183
+ // sessions.controller.ts (^[a-z]+$). Keeping them lockstep means
184
+ // the REPL surfaces typos locally instead of round-tripping a 4xx.
185
+ if (!/^[a-z]+$/.test(persona)) {
186
+ return {
187
+ kind: 'error',
188
+ message: `/delegate slug must be lowercase ASCII (a-z only); got '${persona}'`,
189
+ };
190
+ }
191
+ if (brief.length === 0) {
192
+ return {
193
+ kind: 'error',
194
+ message: 'Usage: /delegate <slug> <one-sentence brief>',
195
+ };
196
+ }
197
+ return { kind: 'delegate', persona, brief };
198
+ }
138
199
  case 'stop':
139
200
  case 'kill': {
140
201
  if (tail.length === 0) {
@@ -181,9 +242,19 @@ export function parseSlashCommand(input) {
181
242
  case 'diff': {
182
243
  return { kind: 'diff' };
183
244
  }
184
- case 'cost': {
245
+ case 'cost':
246
+ case 'usage': {
247
+ // L19 (2026-05-27): `/usage` is an alias of `/cost` per the cost-
248
+ // command spec. The previous mapping routed `/usage` to the
249
+ // network-backed `/quota` surface, but operators trained on Claude
250
+ // Code expect `/usage` to surface the per-model token breakdown
251
+ // (same shape as `/cost`). `/quota` remains the canonical name
252
+ // for the tier + monthly-cap fetch.
185
253
  return { kind: 'cost' };
186
254
  }
255
+ case 'quota': {
256
+ return { kind: 'quota' };
257
+ }
187
258
  case 'status': {
188
259
  return { kind: 'status' };
189
260
  }
@@ -215,12 +286,289 @@ export function parseSlashCommand(input) {
215
286
  // device flow + audit identity are wired correctly).
216
287
  return { kind: 'privacy' };
217
288
  }
218
- case 'compact':
289
+ case 'permissions':
290
+ case 'perms': {
291
+ // Leak L6: `/permissions [mode] [--persist] [--confirm]`.
292
+ //
293
+ // Argument grammar (single line, no quoting):
294
+ // /permissions -> show current mode + table
295
+ // /permissions plan|ask|allow -> flip mode
296
+ // /permissions bypass --confirm -> flip to bypass (refused
297
+ // without --confirm — safety)
298
+ // /permissions <mode> --persist -> also write to ~/.pugi/config.json
299
+ //
300
+ // Anything else returns an `error` result so the runtime can
301
+ // render the usage hint inline.
302
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
303
+ if (tokens.length === 0) {
304
+ return { kind: 'permissions', persist: false, confirmBypass: false };
305
+ }
306
+ const head0 = tokens[0]?.toLowerCase();
307
+ if (head0 !== 'plan' && head0 !== 'ask' && head0 !== 'allow' && head0 !== 'bypass') {
308
+ return {
309
+ kind: 'error',
310
+ message: `Usage: /permissions [plan|ask|allow|bypass] [--persist] [--confirm]; unknown mode '${tokens[0] ?? ''}'`,
311
+ };
312
+ }
313
+ const flags = tokens.slice(1);
314
+ let persist = false;
315
+ let confirmBypass = false;
316
+ for (const flag of flags) {
317
+ if (flag === '--persist') {
318
+ persist = true;
319
+ }
320
+ else if (flag === '--confirm') {
321
+ confirmBypass = true;
322
+ }
323
+ else {
324
+ return {
325
+ kind: 'error',
326
+ message: `/permissions: unknown flag '${flag}' (allowed: --persist, --confirm)`,
327
+ };
328
+ }
329
+ }
330
+ return { kind: 'permissions', mode: head0, persist, confirmBypass };
331
+ }
332
+ case 'init': {
333
+ // β1 Sl11: surface the init flow inside the REPL. Tail args
334
+ // are ignored — the init handler is parameterless today; `pugi
335
+ // init --no-defaults` is the CLI surface for skipping bundled
336
+ // skills.
337
+ return { kind: 'init' };
338
+ }
339
+ case 'plan': {
340
+ // Leak L7: `/plan [--back | --persist] [<prompt>]`.
341
+ //
342
+ // Argument grammar (single line, no quoting):
343
+ // /plan -> enter plan mode + banner
344
+ // /plan --back -> restore previous mode
345
+ // /plan --persist -> enter + write global config
346
+ // /plan <prompt...> -> enter + run one-shot engine
347
+ // /plan --auto-back <prompt...> -> enter + run + restore mode
348
+ //
349
+ // The parser pulls the flags off the head of the tail; whatever
350
+ // remains is the prompt. `--back` + a non-empty prompt and
351
+ // `--back` + `--auto-back` are both refused as `error` because
352
+ // they conflict at the verb level.
353
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
354
+ let back = false;
355
+ let persist = false;
356
+ let autoBack = false;
357
+ const promptTokens = [];
358
+ for (const token of tokens) {
359
+ if (token === '--back') {
360
+ back = true;
361
+ }
362
+ else if (token === '--persist') {
363
+ persist = true;
364
+ }
365
+ else if (token === '--auto-back') {
366
+ autoBack = true;
367
+ }
368
+ else {
369
+ promptTokens.push(token);
370
+ }
371
+ }
372
+ const prompt = promptTokens.join(' ');
373
+ if (back && prompt.length > 0) {
374
+ return {
375
+ kind: 'error',
376
+ message: '/plan --back does not accept a prompt; revert first, then dispatch.',
377
+ };
378
+ }
379
+ if (back && autoBack) {
380
+ return {
381
+ kind: 'error',
382
+ message: '/plan --back and --auto-back cannot be combined.',
383
+ };
384
+ }
385
+ return { kind: 'plan', back, persist, autoBack, prompt };
386
+ }
387
+ case 'model': {
388
+ // Wave 6 BT 8 (Claude Code parity): `/model [<slug>]`. Bare form
389
+ // prints the tier-gated model menu + current selection; with a
390
+ // slug it flips workspace selection. Slug grammar (loose): alnum
391
+ // + dash + dot + slash. Anything outside that range becomes an
392
+ // error verdict so the operator sees a clear message instead of a
393
+ // silent no-op. Whitespace inside the tail = multiple tokens = we
394
+ // take the first; the help gloss documents single-slug usage.
395
+ const trimmedTail = tail.trim();
396
+ if (trimmedTail.length === 0) {
397
+ return { kind: 'model', slug: undefined };
398
+ }
399
+ const firstToken = trimmedTail.split(/\s+/)[0] ?? '';
400
+ if (!/^[A-Za-z0-9][A-Za-z0-9._\-\/]{0,63}$/.test(firstToken)) {
401
+ return {
402
+ kind: 'error',
403
+ message: `/model: invalid slug '${firstToken}'. Use letters / digits / '-' / '.' / '/' only.`,
404
+ };
405
+ }
406
+ return { kind: 'model', slug: firstToken };
407
+ }
408
+ case 'mcp': {
409
+ // β4 Sl7: tokenize the tail. Empty tail -> `list` (matches CLI).
410
+ // Quoting / shell-escapes are NOT supported — the slash surface is
411
+ // intentionally simple; complex installs (env vars, multi-word
412
+ // args) go through `pugi mcp install` from a fresh shell.
413
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
414
+ return { kind: 'mcp', args: tokens };
415
+ }
416
+ case 'style':
417
+ case 'output-style': {
418
+ // Leak L18 (2026-05-27): forward the tokenized tail unchanged so
419
+ // the slash + top-level CLI surfaces share one parser inside
420
+ // `runStyleCommand`. Quoting / multi-word args are not used (the
421
+ // preset slugs are single tokens by contract).
422
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
423
+ return { kind: 'style', args: tokens };
424
+ }
425
+ case 'theme':
426
+ case 'palette':
427
+ case 'colors': {
428
+ // Leak L30 (2026-05-27): forward the tokenized tail unchanged so
429
+ // the slash + top-level `pugi theme` surfaces share one parser
430
+ // inside `runThemeCommand`. Aliases `/palette` and `/colors`
431
+ // exist because the leak-landscape audit found operators reach
432
+ // for either word interchangeably — same surface, same handler.
433
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
434
+ return { kind: 'theme', args: tokens };
435
+ }
436
+ case 'onboarding':
437
+ case 'onboard':
438
+ case 'setup': {
439
+ // Leak L25 (2026-05-27): forward the tokenized tail unchanged.
440
+ // The slash always routes through the non-interactive snapshot
441
+ // path (the REPL already owns the Ink tree); the runner picks
442
+ // it up from `ctx.interactive = false` in the session
443
+ // dispatcher.
444
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
445
+ return { kind: 'onboarding', args: tokens };
446
+ }
447
+ case 'vim': {
448
+ // Leak L26 (2026-05-27): forward the tokenized tail unchanged so
449
+ // the slash + top-level CLI surfaces share one parser inside
450
+ // `runVimCommand`. Subcommands are single tokens (on / off /
451
+ // status); a bare `/vim` toggles.
452
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
453
+ return { kind: 'vim', args: tokens };
454
+ }
455
+ case 'doctor':
456
+ case 'health': {
457
+ // L17 (2026-05-27): run the probe sweep inline. Tail is ignored —
458
+ // the doctor command has no operator-facing arguments (every
459
+ // probe runs unconditionally; per-probe disable lives on the CLI
460
+ // shell surface, not the slash one).
461
+ return { kind: 'doctor' };
462
+ }
463
+ case 'prd-check':
464
+ case 'prdcheck': {
465
+ // Wave 6 (2026-05-27): tokenise the tail and forward verbatim
466
+ // so the slash + shell surfaces share one `parsePrdCheckArgs`.
467
+ // Supports `<prd-path>`, `--all`, and `--json`.
468
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
469
+ return { kind: 'prd-check', args: tokens };
470
+ }
471
+ case 'chain': {
472
+ // Wave 6 (2026-05-27): forward the tokenized argv to
473
+ // `runChainCommand` via the session module. Subcommands are
474
+ // single tokens (new / status / next / show / export / list);
475
+ // the `new` subcommand accepts the intent as the joined tail so
476
+ // operators can write `/chain new add auth flow` без quoting.
477
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
478
+ return { kind: 'chain', args: tokens };
479
+ }
480
+ case 'compact': {
481
+ // Leak L8 (2026-05-27): graduated from stub. The session module
482
+ // owns the summariser round-trip. Wave 6 BT 8: `--force` overrides
483
+ // the noop-empty guard. Unknown flags fall through silently per
484
+ // the existing tail-tolerance behaviour (operators wanting a
485
+ // per-session compact run `pugi compact --session <id>` from a
486
+ // fresh shell).
487
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
488
+ const force = tokens.some((t) => t === '--force' || t === '-f');
489
+ return { kind: 'compact', force };
490
+ }
491
+ case 'rewind': {
492
+ // Leak L9 (2026-05-27): `/rewind [N | --to <id>]`. Tokenize the
493
+ // tail unchanged so `runRewindCommand` (in `runtime/commands/
494
+ // rewind.ts`) handles every mode (picker / turns / to-event)
495
+ // through one parser. The slash + top-level CLI surfaces stay
496
+ // single-sourced — same separation as `/compact`.
497
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
498
+ return { kind: 'rewind', args: tokens };
499
+ }
500
+ case 'stickers': {
501
+ // Leak L33 (2026-05-27): brand-personality gimmick. Tail args
502
+ // are ignored — the surface is intentionally parameterless. The
503
+ // session module delegates to the shared `runStickersCommand`
504
+ // so the slash + top-level paths stay single-sourced.
505
+ return { kind: 'stickers' };
506
+ }
507
+ case 'feedback': {
508
+ // Leak L21 (2026-05-27): in-CLI feedback collector. The wizard
509
+ // collects category/rating/comment/context/confirm interactively
510
+ // so the slash surface is parameterless. Tail args are reserved
511
+ // for a future `--message=...` quick-path; today they are
512
+ // accepted but ignored so the operator-level UX matches
513
+ // Claude Code's `/feedback`.
514
+ return { kind: 'feedback' };
515
+ }
516
+ case 'share': {
517
+ // Leak L20 (2026-05-27): forward the tokenized arg list verbatim
518
+ // so the session module (which owns the network + readline
519
+ // affordances) can hand them to runShareCommand. Defaults: no
520
+ // tokens means "auto-pick target + prompt for confirmation".
521
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
522
+ return { kind: 'share', args: tokens };
523
+ }
524
+ case 'repo-map':
525
+ case 'repomap': {
526
+ // Leak L28 (2026-05-27): build + show the AST-light symbol
527
+ // summary. Accepts `refresh` as a positional или `--refresh`
528
+ // flag so muscle memory from both shells lands the same way.
529
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
530
+ const refresh = tokens.includes('--refresh') || tokens.includes('refresh') || tokens.includes('-r');
531
+ return { kind: 'repo-map', refresh };
532
+ }
533
+ case 'release-notes':
534
+ case 'releasenotes':
535
+ case 'changelog': {
536
+ // Leak L24 (2026-05-27): changelog diff between last-seen +
537
+ // installed CLI version. Tail args are tokenized so `--reset`
538
+ // can flip the marker-clear bit; no other flags are honoured —
539
+ // the surface mirrors the CLI top-level's intentional minimalism.
540
+ // `changelog` alias matches operator muscle memory from npm /
541
+ // cargo / brew, all of which ship `changelog` subcommands.
542
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
543
+ const reset = tokens.includes('--reset') || tokens.includes('-r');
544
+ return { kind: 'release-notes', reset };
545
+ }
546
+ case 'update': {
547
+ // Leak L27 (2026-05-27): forward the tokenized argv to the
548
+ // session module which delegates to `runUpdateCommand`. The
549
+ // dispatcher owns argv validation (unknown channel / flag) so
550
+ // the slash parser stays as thin as the rest of the surface.
551
+ // The slash form does NOT support `--apply` because spawning
552
+ // `npm install -g` from inside a running REPL session would
553
+ // corrupt the operator's running binary — the dispatcher treats
554
+ // `--apply` from a slash as a non-interactive offer (probe +
555
+ // install command, no shell-out). Top-level `pugi update --apply`
556
+ // remains the recommended path for the actual install.
557
+ const tokens = tail.length === 0 ? [] : tail.split(/\s+/).filter((s) => s.length > 0);
558
+ return { kind: 'update', args: tokens };
559
+ }
560
+ case 'undo': {
561
+ // Wave 6 final (2026-05-27): graduated from stub. Tail args are
562
+ // ignored — `runUndoCommand` is parameterless (single-step revert
563
+ // of the most recent successful mutating tool result). Multiple
564
+ // undos = stack of single-step undos. Re-do is not yet
565
+ // implemented; the runner reports that in the operator-facing
566
+ // message after each successful undo.
567
+ return { kind: 'undo' };
568
+ }
219
569
  case 'memory':
220
570
  case 'config':
221
- case 'budget':
222
- case 'mcp':
223
- case 'undo': {
571
+ case 'budget': {
224
572
  const stubName = name;
225
573
  return {
226
574
  kind: 'stub',
@@ -361,7 +361,7 @@ export class SqliteSessionStore {
361
361
  // which maps to SQLITE_OPEN_READONLY. The option form is the
362
362
  // documented API; the file-URI form (file:...?mode=ro) also works.
363
363
  const db = new DatabaseSync(dbPath, { readOnly: true });
364
- return new SqliteSessionStoreReadOnlyView(db);
364
+ return new SqliteSessionStoreReadOnlyView(db, projectStoreDir);
365
365
  }
366
366
  /* ------------------------------------------------------------ */
367
367
  /* Internals */
@@ -584,8 +584,37 @@ export class SqliteSessionStore {
584
584
  */
585
585
  export class SqliteSessionStoreReadOnlyView {
586
586
  db;
587
- constructor(db) {
587
+ projectStoreDir;
588
+ constructor(db,
589
+ /**
590
+ * Project store directory — required for the JSONL event read path.
591
+ * L9 (2026-05-27): `/rewind` + `/resume` need to walk events from
592
+ * inside the read-only view so the rewind picker + resume preview
593
+ * never take the writer lockfile.
594
+ */
595
+ projectStoreDir) {
588
596
  this.db = db;
597
+ this.projectStoreDir = projectStoreDir;
598
+ }
599
+ /**
600
+ * Read every event for a session via the durable JSONL log. The
601
+ * SQLite cache is NOT used here — JSONL is the source of truth and
602
+ * the cache only holds counters. The walk stitches across rotation
603
+ * files (`events.<n>.jsonl`) in the same order `JsonlEventLog.read`
604
+ * uses inside the writer path so consumers see one consistent stream
605
+ * whether they came in via the writer store OR the read-only view.
606
+ */
607
+ async events(sessionId, opts) {
608
+ const sessionDir = resolve(this.projectStoreDir, 'sessions', sessionId);
609
+ if (!existsSync(sessionDir))
610
+ return [];
611
+ const log = new JsonlEventLog({ sessionDir });
612
+ try {
613
+ return log.read(opts);
614
+ }
615
+ finally {
616
+ log.close();
617
+ }
589
618
  }
590
619
  async list(opts) {
591
620
  const limit = clampLimit(opts?.limit ?? DEFAULT_LIST_LIMIT, MAX_LIST_LIMIT);
@@ -27,6 +27,16 @@
27
27
  import { existsSync, readFileSync, statSync } from 'node:fs';
28
28
  import { basename, resolve as resolvePath } from 'node:path';
29
29
  import { slugForCwd } from './history.js';
30
+ import { isBareMode } from '../bare-mode/index.js';
31
+ /**
32
+ * Workspace summary shown when the operator launched with `--bare` (or
33
+ * `PUGI_BARE=1`). Leak L22: bare mode disables project auto-discovery
34
+ * across the CLI, so we never read `.pugi/PUGI.md` and never advertise
35
+ * a real workspace label to admin-api. Explicit string so the splash +
36
+ * status bar agree, and so operators triaging "why is Mira ignoring
37
+ * my repo" see a clear cause.
38
+ */
39
+ export const BARE_MODE_WORKSPACE_LABEL = '(bare mode - auto-discovery disabled)';
30
40
  /** Cap on the PUGI.md head we forward. Mirrors the admin-api clamp. */
31
41
  const PUGI_MD_HEAD_LIMIT = 200;
32
42
  /**
@@ -48,6 +58,18 @@ export const UNBOUND_WORKSPACE_LABEL = '(not bound - run /init OR cd into projec
48
58
  export function resolveWorkspaceContext(cwd) {
49
59
  const normalised = resolvePath(cwd);
50
60
  const slug = slugForCwd(normalised);
61
+ // Leak L22 (2026-05-27): `--bare` short-circuits BEFORE any PUGI.md
62
+ // / project-marker reads so the resolver never advertises a real
63
+ // workspace summary to admin-api. The cwd + slug still travel for
64
+ // telemetry, but the model + Mira treat the session as if launched
65
+ // from a fresh, unbound directory.
66
+ if (isBareMode()) {
67
+ return {
68
+ workspaceCwd: normalised,
69
+ workspaceSlug: slug,
70
+ workspaceSummary: BARE_MODE_WORKSPACE_LABEL,
71
+ };
72
+ }
51
73
  // α6.14.2 wave 5: when the cwd has no project markers, prefer the
52
74
  // explicit "not bound" summary so admin-api's prompt builder knows
53
75
  // not to fabricate a workspace context for Mira/Pugi. The cwd +
@@ -0,0 +1,125 @@
1
+ /**
2
+ * Repo-map build orchestrator — Leak L28 (2026-05-27).
3
+ *
4
+ * Single entry point that the CLI command + the engine boot path both
5
+ * call. Wires the scanner → extractor → cache → formatter pipeline
6
+ * together and surfaces a structured result the caller can render or
7
+ * inject without knowing the inner module shapes.
8
+ *
9
+ * The orchestrator is split out от cache.ts and the command handler
10
+ * so:
11
+ *
12
+ * 1. The CLI command + the engine system-prompt injector share one
13
+ * code path. Drift between the two would silently change what
14
+ * the model sees vs. what the operator sees.
15
+ *
16
+ * 2. The spec can exercise the full pipeline against a temp dir
17
+ * without mounting Ink or the engine.
18
+ *
19
+ * Pure-ish: reads from disk (the source files + the cache), but never
20
+ * mutates anything outside `.pugi/repo-map.json` and never logs. The
21
+ * caller decides whether к persist the cache (`writeCache: true`) or
22
+ * к compute the map в-memory (`writeCache: false` — useful for
23
+ * non-interactive `--json` invocations on read-only fs).
24
+ */
25
+ import { readFileSync } from 'node:fs';
26
+ import { loadPugiIgnore } from '../context/pugiignore.js';
27
+ import { defaultCachePath, diffCacheAgainstScan, mergeCache, readRepoMapCache, writeRepoMapCache, } from './cache.js';
28
+ import { extractFromFile } from './extractor.js';
29
+ import { scanRepoForMap } from './scanner.js';
30
+ import { formatRepoMap } from './formatter.js';
31
+ /**
32
+ * Run the full pipeline. Returns a structured verdict; never throws.
33
+ * The 'too-large' branch fires when the workspace exceeds the file
34
+ * cap — callers surface a hint к the operator ("repo too large for
35
+ * inline map — try .pugiignore") and skip injection.
36
+ */
37
+ export function buildRepoMap(options) {
38
+ const root = options.root;
39
+ const refresh = options.refresh === true;
40
+ const writeCache = options.writeCache !== false;
41
+ const cachePath = options.cachePath ?? defaultCachePath(root);
42
+ const readFile = options.readFile ?? ((path) => readFileSync(path, 'utf8'));
43
+ const ignore = loadPugiIgnore(root);
44
+ const scan = scanRepoForMap({ root, ignore });
45
+ if (!scan.ok) {
46
+ return {
47
+ ok: false,
48
+ root,
49
+ reason: scan.skipped.reason,
50
+ walked: scan.skipped.walked,
51
+ };
52
+ }
53
+ const prior = refresh ? null : readCacheOrNull(cachePath);
54
+ const diff = diffCacheAgainstScan(prior, scan.files);
55
+ const freshExtracts = new Map();
56
+ for (const file of diff.toRebuild) {
57
+ let source;
58
+ try {
59
+ source = readFile(file.absPath);
60
+ }
61
+ catch {
62
+ // File vanished или became unreadable mid-build — skip. The
63
+ // cache layer will just not have an entry for it; next refresh
64
+ // picks it up if it reappears.
65
+ continue;
66
+ }
67
+ freshExtracts.set(file.relPath, extractFromFile(file, source));
68
+ }
69
+ const cache = mergeCache({
70
+ root,
71
+ prior,
72
+ scanned: scan.files,
73
+ freshExtracts,
74
+ });
75
+ let cacheWritten = false;
76
+ if (writeCache) {
77
+ const writeResult = writeRepoMapCache(cachePath, cache);
78
+ cacheWritten = writeResult.ok;
79
+ }
80
+ // Surface the extracts в the same order the scanner produced (sorted
81
+ // by POSIX path) so callers iterating the result render deterministic
82
+ // output. The formatter does its own priority sort, so a different
83
+ // order here would only affect callers that iterate manually.
84
+ const extracts = [];
85
+ for (const file of scan.files) {
86
+ const entry = cache.entries[file.relPath];
87
+ if (entry)
88
+ extracts.push(entry.extract);
89
+ }
90
+ return {
91
+ ok: true,
92
+ root,
93
+ cache,
94
+ extracts,
95
+ scanStats: scan.stats,
96
+ diffStats: {
97
+ rebuilt: diff.toRebuild.length,
98
+ reused: diff.reuse.length,
99
+ dropped: diff.toDrop.length,
100
+ },
101
+ cachePath,
102
+ cacheWritten,
103
+ };
104
+ }
105
+ /**
106
+ * Convenience wrapper: build + format в one call. The engine boot
107
+ * path uses this so it does not have к know the formatter shape.
108
+ */
109
+ export function buildAndFormatRepoMap(options) {
110
+ const build = buildRepoMap(options);
111
+ if (!build.ok)
112
+ return { build };
113
+ const format = formatRepoMap(build.extracts, {
114
+ maxBytes: options.formatBytesCap,
115
+ omitHeader: options.omitHeader,
116
+ });
117
+ return { build, format };
118
+ }
119
+ function readCacheOrNull(path) {
120
+ const verdict = readRepoMapCache(path);
121
+ if (verdict.ok)
122
+ return verdict.cache;
123
+ return null;
124
+ }
125
+ //# sourceMappingURL=build.js.map