@pugi/cli 0.1.0-beta.4 → 0.1.0-beta.41

package/dist/runtime/commands/permissions.js

@@ -0,0 +1,112 @@
+/**
+ * `pugi permissions` / `/permissions` — Leak L6 4-mode gate control.
+ *
+ * Two entry points share one runtime helper:
+ *   1. `/permissions` in the REPL — forwarded by `core/repl/session.ts`.
+ *   2. `pugi permissions ...` top-level CLI command (handler in
+ *      `runtime/cli.ts`).
+ *
+ * Both pass a `PermissionsCommand` payload describing the operator
+ * intent (show / flip / persist) and a `writeOutput` callback that
+ * lets the caller route the rendered lines into the right surface
+ * (REPL transcript vs. stdout). The helper is intentionally I/O-free
+ * itself — it produces lines and lets the caller stream them.
+ */
+import { DEFAULT_PERMISSION_MODE, PERMISSION_MODES, PERMISSION_MODE_GLOSS, getCurrentMode, getGlobalDefaultMode, setCurrentMode, setGlobalDefaultMode, } from '../../core/permissions/index.js';
+/**
+ * Run the `/permissions` or `pugi permissions` flow. Side effects:
+ *   - When `command.mode` is undefined: prints the current mode + the
+ *     4-mode table (no writes).
+ *   - When `command.mode === 'bypass'` without `confirmBypass`: prints
+ *     a refusal + the safety copy, no writes.
+ *   - When `command.mode` is set + valid: writes workspace session
+ *     state; optionally writes global default when `persist` is true.
+ *   - Always prints the new effective mode + a one-line confirmation.
+ */
+export async function runPermissionsCommand(command, ctx) {
+    if (!command.mode) {
+        renderCurrentMode(ctx);
+        renderModeTable(ctx);
+        return;
+    }
+    if (command.mode === 'bypassPermissions' && !command.confirmBypass) {
+        ctx.writeOutput('bypassPermissions disables policy hooks (skill steering, denial tracking) AND skips the deny-list.');
+        ctx.writeOutput('Catastrophic patterns (rm -rf /, fork bomb, dd if=/) still trip the circuit-breaker, но that is the only guardrail left.');
+        ctx.writeOutput('Run `/permissions bypassPermissions --confirm` to acknowledge before flipping.');
+        return;
+    }
+    setCurrentMode(ctx.workspaceRoot, command.mode);
+    if (command.persist) {
+        setGlobalDefaultMode(command.mode, ctx.homeDir);
+    }
+    const persistedHint = command.persist
+        ? ' Persisted to ~/.pugi/config.json for future sessions.'
+        : '';
+    ctx.writeOutput(`Permission mode set to '${command.mode}'.${persistedHint} ${PERMISSION_MODE_GLOSS[command.mode]}`);
+    if (command.mode === 'bypassPermissions') {
+        ctx.writeOutput('bypassPermissions — all tools execute without prompts AND policy hooks disabled (circuit-breaker still trips on rm -rf /). Switch back with /permissions dontAsk.');
+    }
+}
+/**
+ * Print the resolved current mode + the layered source. The merge
+ * order mirrors `resolveMode()`: workspace > global > default.
+ */
+function renderCurrentMode(ctx) {
+    const workspace = getCurrentMode(ctx.workspaceRoot);
+    const global = getGlobalDefaultMode(ctx.homeDir);
+    const effective = workspace ?? global ?? DEFAULT_PERMISSION_MODE;
+    const source = workspace
+        ? 'workspace session.json'
+        : global
+            ? 'global ~/.pugi/config.json'
+            : 'default (no override)';
+    ctx.writeOutput(`Current permission mode: ${effective} (source: ${source})`);
+}
+/**
+ * Print the 4-mode reference table. Keeps the gloss + the side-effect
+ * matrix in one place so the operator can see the contract while they
+ * decide which mode to switch to.
+ */
+function renderModeTable(ctx) {
+    ctx.writeOutput('');
+    ctx.writeOutput('Permission modes (Shift+Tab cycles in REPL):');
+    for (const mode of PERMISSION_MODES) {
+        // Wave 7: longest canonical name is `bypassPermissions` (17 chars).
+        ctx.writeOutput(`  ${mode.padEnd(18)}  ${PERMISSION_MODE_GLOSS[mode]}`);
+    }
+    ctx.writeOutput('');
+    ctx.writeOutput('Switch with `/permissions <mode> [--persist]`. bypassPermissions requires `--confirm`.');
+}
+/**
+ * Render the one-shot banner shown on session boot when the effective
+ * mode is `bypass`. The caller (engine adapter / REPL bootstrap) calls
+ * this once per session — repeated invocations are idempotent in copy
+ * but the caller is responsible for the once-only semantics.
+ */
+export function renderBypassBanner(writeOutput) {
+    writeOutput('bypassPermissions — all tools execute without prompts AND policy hooks disabled (circuit-breaker still trips on rm -rf /). Switch back with /permissions dontAsk.');
+}
+/**
+ * Resolve the effective mode + the layered source label used by the
+ * Ink picker. Shares the merge order with `renderCurrentMode` above so
+ * the picker title and the bare `/permissions` print stay in lock-step.
+ *
+ * Exposed publicly because the host (session.ts) needs the same merge
+ * shape to seed the Ink picker BEFORE it mounts.
+ */
+export function resolveLayeredMode(workspaceRoot, homeDir) {
+    const workspace = getCurrentMode(workspaceRoot);
+    const global = getGlobalDefaultMode(homeDir);
+    const effective = workspace ?? global ?? DEFAULT_PERMISSION_MODE;
+    const source = workspace
+        ? 'workspace session.json'
+        : global
+            ? 'global ~/.pugi/config.json'
+            : 'default (no override)';
+    return {
+        effective,
+        source,
+        firstRun: !workspace && !global,
+    };
+}
+//# sourceMappingURL=permissions.js.map

package/dist/runtime/commands/plan.js

@@ -0,0 +1,143 @@
+/**
+ * `pugi plan` / `/plan` — Leak L7 quick mode-switch shortcut.
+ *
+ * `/plan` is the slick UX shortcut for `/permissions plan`: one keystroke
+ * (well, five) puts the gate into plan mode + surfaces a banner so the
+ * operator knows write/dispatch tools are refused. The model goes off and
+ * thinks / researches without side effects until the operator types
+ * `/plan --back` (restore previous mode) or explicitly flips with
+ * `/permissions <mode>`.
+ *
+ * The slash and CLI surfaces both go through `runPlanCommand` — same
+ * separation as `runPermissionsCommand`. The runtime is I/O free w.r.t.
+ * the engine; the optional one-shot dispatch (`/plan <prompt>`) is
+ * handled by the CLI dispatcher AFTER this helper sets the workspace
+ * mode so the existing `runEngineTask('plan')` path sees plan mode as
+ * the workspace state without needing a parallel code path.
+ *
+ * Verdicts (the helper returns one so the caller can decide what to do
+ * after the mode write — print the banner, dispatch the engine, no-op):
+ *   - `entered`        — first `/plan` from a non-plan mode. Print the
+ *                        banner. Caller may then run a one-shot prompt.
+ *   - `already-in-plan` — `/plan` while already in plan. No-op + show
+ *                        current. No banner reprint.
+ *   - `reverted`        — `/plan --back` popped the snapshot. Print a
+ *                        one-line confirmation; no banner.
+ *   - `no-previous`     — `/plan --back` without a snapshot. Print a
+ *                        clear "nothing to revert" line.
+ *   - `persisted`       — `/plan --persist` wrote the global default
+ *                        AND set workspace state to plan. Banner +
+ *                        persistence-confirmation line.
+ *
+ * `previousMode` semantics: stashed BEFORE the workspace write on
+ * `entered` / `persisted`. Cleared after a successful `reverted` so a
+ * second `--back` reports `no-previous` instead of looping back to plan.
+ */
+import { PERMISSION_MODES, PERMISSION_MODE_GLOSS, getCurrentMode, getGlobalDefaultMode, getPreviousMode, setCurrentMode, setGlobalDefaultMode, setPreviousMode, } from '../../core/permissions/index.js';
+/**
+ * Run the `/plan` flow. Side effects:
+ *
+ *   command.back = true:
+ *     - If a previousMode snapshot exists → restore it, clear snapshot,
+ *       return `reverted`.
+ *     - Otherwise → no writes, return `no-previous`.
+ *
+ *   command.back = false, current mode is plan:
+ *     - If `--persist`, write global config (no workspace re-write — it
+ *       is already plan).
+ *     - Print "already in plan" + the banner-summary line. Return
+ *       `already-in-plan`.
+ *
+ *   command.back = false, current mode is NOT plan:
+ *     - Snapshot current mode → previousPermissionMode.
+ *     - Write workspace mode = plan.
+ *     - If `--persist`, also write global config.
+ *     - Print the banner + (if persisted) the persistence line.
+ *     - Return `entered` or `persisted`.
+ *
+ * --back + --persist is a no-op for persistence (revert never writes
+ * global config) but the revert itself fires.
+ */
+export async function runPlanCommand(command, ctx) {
+    const current = effectiveMode(ctx);
+    if (command.back) {
+        const prev = getPreviousMode(ctx.workspaceRoot);
+        if (!prev) {
+            ctx.writeOutput(`No previous mode to restore. Current: ${current}. Use \`/permissions <mode>\` to switch explicitly.`);
+            return { verdict: 'no-previous', mode: current };
+        }
+        setCurrentMode(ctx.workspaceRoot, prev);
+        setPreviousMode(ctx.workspaceRoot, null);
+        ctx.writeOutput(`Switched back to '${prev}' mode. ${PERMISSION_MODE_GLOSS[prev]}`);
+        return { verdict: 'reverted', mode: prev };
+    }
+    if (current === 'plan') {
+        // Repeat /plan in plan mode is a no-op for the mode write, but
+        // --persist still honours the operator's intent to lock plan as
+        // the global default for future sessions.
+        if (command.persist) {
+            setGlobalDefaultMode('plan', ctx.homeDir);
+            ctx.writeOutput('Already in plan mode. Persisted plan as the default for future sessions (~/.pugi/config.json).');
+            return { verdict: 'persisted', mode: 'plan' };
+        }
+        ctx.writeOutput(`Already in plan mode. ${PERMISSION_MODE_GLOSS.plan} Switch back with \`/plan --back\` or \`/permissions <mode>\`.`);
+        return { verdict: 'already-in-plan', mode: 'plan' };
+    }
+    // Entering plan mode from a non-plan baseline. Stash the current mode
+    // BEFORE the write so /plan --back can pop it. We intentionally use the
+    // observed effective mode (workspace || global || default) rather than
+    // strictly the workspace value — if the operator's previous mode was
+    // sourced from the global config, `--back` should restore that observed
+    // state, not silently degrade to default.
+    setPreviousMode(ctx.workspaceRoot, current);
+    setCurrentMode(ctx.workspaceRoot, 'plan');
+    if (command.persist) {
+        setGlobalDefaultMode('plan', ctx.homeDir);
+    }
+    for (const line of renderPlanBanner()) {
+        ctx.writeOutput(line);
+    }
+    if (command.persist) {
+        ctx.writeOutput('Persisted plan as the default for future sessions (~/.pugi/config.json).');
+        return { verdict: 'persisted', mode: 'plan' };
+    }
+    return { verdict: 'entered', mode: 'plan' };
+}
+/**
+ * Render the plan-mode banner as a sequence of lines. The slash + CLI
+ * surfaces both print these line-by-line through their respective
+ * `writeOutput` sinks so the Ink REPL conversation pane and the plain
+ * stdout pipeline render identically.
+ *
+ * The box-drawing uses light-line glyphs (U+2500 family) which render in
+ * every modern terminal we target (Linux/macOS/Windows Terminal/iTerm/
+ * Ghostty/Alacritty). No emoji per brand-voice gate.
+ */
+export function renderPlanBanner() {
+    return [
+        '┌─ Plan mode active ────────────────────────────────────────┐',
+        '│ Read-only tools allowed. Write/dispatch tools blocked.    │',
+        '│ Pugi will think + research without making changes.        │',
+        '│ Switch back: /plan --back  or  /permissions <mode>        │',
+        '└───────────────────────────────────────────────────────────┘',
+    ];
+}
+/**
+ * Resolve the effective mode at the moment the helper was invoked,
+ * mirroring `resolveMode` but without taking a CLI flag (the `/plan`
+ * helper is called AFTER the top-level `--mode` flag has been applied
+ * to the workspace, so the file state is the source of truth here).
+ */
+function effectiveMode(ctx) {
+    const workspace = getCurrentMode(ctx.workspaceRoot);
+    if (workspace)
+        return workspace;
+    const global = getGlobalDefaultMode(ctx.homeDir);
+    if (global)
+        return global;
+    // Wave 7 canonical default — `PERMISSION_MODES[0]` is `default` (the
+    // CC-parity ask-every-call ground state). Fall back literally if the
+    // array is empty (defensive — should never happen).
+    return PERMISSION_MODES[0] ?? 'default';
+}
+//# sourceMappingURL=plan.js.map

package/dist/runtime/commands/prd-check.js

@@ -0,0 +1,285 @@
+/**
+ * `pugi prd-check` — Pugi α7 Wave 6 verified-deliverable gate (2026-05-27).
+ *
+ * Runs a PRD ↔ delivered-artifact verification sweep BEFORE the
+ * operator (or an autonomous agent) claims a feature is done.
+ * Reads `docs/prd/<feature>.md` (or any explicit path), parses the
+ * acceptance-criteria section, and runs file / test / doc / command
+ * / route verifiers per criterion. Output mirrors `pugi doctor`:
+ * either a plain-text table or a JSON envelope (`--json`).
+ *
+ * Module contract (mirrors L17 doctor split):
+ *
+ *   - parser + verifiers + reporter are pure with respect to deps;
+ *     this file is the THIN wiring that resolves cwd, glob-expands
+ *     `--all`, loads each PRD, and forwards the structured result
+ *     к the supplied writeOutput sink.
+ *
+ *   - `runPrdCheckCommand` is the single entry point. Both the
+ *     top-level `pugi prd-check` shell command AND the in-REPL
+ *     `/prd-check` slash command call it. The function returns the
+ *     `PrdCheckEnvelope[]` so the REPL can render via Ink without
+ *     re-running the verification.
+ *
+ *   - Exit codes follow `exitCodeFor` from the reporter:
+ *       0 — healthy (every criterion PASS or SKIPPED)
+ *       1 — failing (≥1 FAIL across the scanned PRDs)
+ *       2 — unparsed (≥1 PRD missing the acceptance section)
+ *     When `--all` scans multiple PRDs the worst verdict wins (1 > 2 > 0).
+ *
+ *   - The `knownCommands` set is sourced from the CLI registry — we
+ *     accept it as an injected parameter so the spec can drive
+ *     command-verification without importing the entire cli.ts
+ *     module (which would pull the engine graph into the test).
+ */
+import { readdirSync, readFileSync, statSync } from 'node:fs';
+import { isAbsolute, join, relative, resolve } from 'node:path';
+import { parsePrd } from '../../core/prd-check/parser.js';
+import { buildEnvelope, exitCodeFor, renderTable, } from '../../core/prd-check/reporter.js';
+import { defaultSessionReviewDeps, renderSessionReview, runSessionReview, } from '../../core/prd-check/session-review.js';
+import { createDefaultDeps, verifyAll, } from '../../core/prd-check/verifiers.js';
+const DEFAULT_PRD_DIR = 'docs/prd';
+/**
+ * Run the gate. Resolves which PRDs to inspect, runs the parser +
+ * verifiers + reporter chain per PRD, emits the combined output,
+ * and sets `process.exitCode` to the worst verdict across the set.
+ */
+export async function runPrdCheckCommand(ctx) {
+    // Wave 6 final (2026-05-27): session-review mode. Orthogonal to
+    // the verifier-graph mode — no PRD path resolution, no command
+    // registry. The runner walks up for PRD.md, reads the NDJSON
+    // events log, and dispatches a cross-review subagent.
+    if (ctx.flags.session) {
+        const status = (line) => {
+            // Emit status lines through the output sink so the slash
+            // surface can render them inline. The status payload is
+            // intentionally lightweight — only the human-facing text.
+            ctx.writeOutput({
+                command: 'prd-check',
+                overall: 'healthy',
+                envelopes: [],
+            }, line);
+        };
+        const sessionDeps = ctx.sessionDeps ??
+            defaultSessionReviewDeps({ onStatus: status });
+        const review = await runSessionReview(ctx.cwd, sessionDeps);
+        const overall = review.status === 'ok'
+            ? review.outstanding.length === 0
+                ? 'healthy'
+                : 'failing'
+            : 'unparsed';
+        const result = {
+            command: 'prd-check',
+            overall,
+            envelopes: [],
+            sessionReview: review,
+        };
+        ctx.writeOutput(result, renderSessionReview(review));
+        process.exitCode = exitCodeFor(overall);
+        return result;
+    }
+    const paths = resolveTargets(ctx);
+    if (paths.length === 0) {
+        const result = {
+            command: 'prd-check',
+            overall: 'unparsed',
+            envelopes: [],
+        };
+        ctx.writeOutput(result, 'No PRD files found.');
+        process.exitCode = exitCodeFor('unparsed');
+        return result;
+    }
+    const deps = ctx.deps ??
+        createDefaultDeps({
+            workspaceRoot: ctx.cwd,
+            knownCommands: ctx.knownCommands,
+        });
+    const envelopes = [];
+    for (const path of paths) {
+        envelopes.push(checkSinglePrd(path, ctx.cwd, deps));
+    }
+    const overall = combineOverall(envelopes.map((e) => e.overall));
+    const result = {
+        command: 'prd-check',
+        overall,
+        envelopes,
+    };
+    const text = renderRun(result, ctx.cwd);
+    ctx.writeOutput(result, text);
+    process.exitCode = exitCodeFor(overall);
+    return result;
+}
+/**
+ * Render the combined plain-text view. Multi-PRD runs print one
+ * table per envelope separated by a divider; single-PRD runs print
+ * just the table to keep the output narrow.
+ */
+function renderRun(result, cwd) {
+    if (result.envelopes.length === 0) {
+        return 'No PRD files found.';
+    }
+    if (result.envelopes.length === 1) {
+        return renderTable(result.envelopes[0]);
+    }
+    const parts = [];
+    for (const envelope of result.envelopes) {
+        const relPath = relative(cwd, envelope.prdPath) || envelope.prdPath;
+        parts.push(renderTable({ ...envelope, prdPath: relPath }));
+        parts.push('');
+    }
+    parts.push('-'.repeat(50));
+    const summary = `${result.envelopes.length} PRD(s) scanned. Overall: ${result.overall.toUpperCase()}`;
+    parts.push(summary);
+    return parts.join('\n');
+}
+function checkSinglePrd(prdPath, workspaceRoot, deps) {
+    let source;
+    try {
+        source = readFileSync(prdPath, 'utf8');
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return {
+            command: 'prd-check',
+            prdPath: relative(workspaceRoot, prdPath) || prdPath,
+            title: null,
+            overall: 'unparsed',
+            counts: { pass: 0, fail: 0, skipped: 0 },
+            criteria: [
+                {
+                    index: 0,
+                    text: `PRD file unreadable: ${message}`,
+                    status: 'fail',
+                    results: [],
+                },
+            ],
+        };
+    }
+    const parsed = parsePrd(source);
+    const verified = verifyAll(parsed.criteria, deps);
+    return buildEnvelope({
+        prdPath: relative(workspaceRoot, prdPath) || prdPath,
+        title: parsed.title,
+        hasAcceptanceSection: parsed.hasAcceptanceSection,
+        verified,
+    });
+}
+function resolveTargets(ctx) {
+    if (ctx.flags.all) {
+        const prdDir = resolve(ctx.cwd, DEFAULT_PRD_DIR);
+        return listMarkdownFiles(prdDir);
+    }
+    if (ctx.prdPath) {
+        const absolute = isAbsolute(ctx.prdPath)
+            ? ctx.prdPath
+            : resolve(ctx.cwd, ctx.prdPath);
+        return [absolute];
+    }
+    return [];
+}
+function listMarkdownFiles(dir) {
+    let entries;
+    try {
+        entries = readdirSync(dir);
+    }
+    catch {
+        return [];
+    }
+    const out = [];
+    for (const entry of entries) {
+        const full = join(dir, entry);
+        let isDirectory = false;
+        try {
+            isDirectory = statSync(full).isDirectory();
+        }
+        catch {
+            continue;
+        }
+        if (isDirectory) {
+            out.push(...listMarkdownFiles(full));
+            continue;
+        }
+        if (entry.endsWith('.md')) {
+            out.push(full);
+        }
+    }
+    return out.sort();
+}
+/**
+ * Combine per-PRD verdicts into the run-wide one. failing > unparsed > healthy.
+ * Exported for the spec.
+ */
+export function combineOverall(verdicts) {
+    if (verdicts.length === 0)
+        return 'unparsed';
+    if (verdicts.some((v) => v === 'failing'))
+        return 'failing';
+    if (verdicts.some((v) => v === 'unparsed'))
+        return 'unparsed';
+    return 'healthy';
+}
+/**
+ * Parse the CLI argv tail. Accepts:
+ *
+ *   pugi prd-check                       -> error (no target)
+ *   pugi prd-check <path>                -> single PRD
+ *   pugi prd-check --all                 -> scan docs/prd/**.md
+ *   pugi prd-check <path> --json         -> single PRD, JSON envelope
+ *
+ * `--json` is also forwarded from the global flag set in cli.ts;
+ * the local parse re-honours it so the slash command can use the
+ * same parser without the global flag plumbing.
+ */
+export function parsePrdCheckArgs(args, options) {
+    let json = options.jsonDefault;
+    let all = false;
+    let session = false;
+    let prdPath;
+    for (const arg of args) {
+        if (arg === '--json') {
+            json = true;
+            continue;
+        }
+        if (arg === '--all') {
+            all = true;
+            continue;
+        }
+        if (arg === '--session') {
+            session = true;
+            continue;
+        }
+        if (arg.startsWith('--')) {
+            return { ok: false, error: `unknown flag: ${arg}` };
+        }
+        if (prdPath !== undefined) {
+            return { ok: false, error: `unexpected extra argument: ${arg}` };
+        }
+        prdPath = arg;
+    }
+    // Wave 6 final (2026-05-27): `--session` is mutually exclusive with
+    // the verifier modes — it walks up for a PRD, reads NDJSON turns,
+    // and dispatches a subagent. No <path>, no --all, no command-
+    // registry inputs. Validating up-front gives operators a clear
+    // error instead of a silent fall-through.
+    if (session && (all || prdPath !== undefined)) {
+        return {
+            ok: false,
+            error: 'cannot combine --session with --all or <path>',
+        };
+    }
+    if (!session && !all && prdPath === undefined) {
+        return {
+            ok: false,
+            error: 'pugi prd-check <prd-path> | --all | --session   (pass a PRD path, --all to scan docs/prd/**.md, or --session to review the live session against PRD.md)',
+        };
+    }
+    if (all && prdPath !== undefined) {
+        return { ok: false, error: 'cannot combine <path> with --all' };
+    }
+    return {
+        ok: true,
+        flags: { json, all, session },
+        ...(prdPath !== undefined ? { prdPath } : {}),
+    };
+}
+//# sourceMappingURL=prd-check.js.map

package/dist/runtime/commands/redo-blob-store.js

@@ -0,0 +1,92 @@
+/**
+ * Redo blob store — Wave 6 (2026-05-27).
+ *
+ * `/undo` walks the most recent successful mutating tool result and
+ * reverts each file on disk. `/redo` reapplies that change. To reapply,
+ * we need the post-mutation content — but the event log records only
+ * sha256 hashes, not content (see core/file-cache.ts comment).
+ *
+ * Solution: a content-addressable sidecar store at
+ * `<workspaceRoot>/.pugi/undo-blobs/<sha256>`. The undo runner captures
+ * each file's CURRENT content (which equals the original AFTER state)
+ * into the store BEFORE reverting on disk. The redo runner reads the
+ * blob keyed by `beforeHash` of the inverse mutation (which records
+ * the pre-revert hash = the original AFTER hash) and writes it back.
+ *
+ * The store is deliberately untracked (`.pugi/` already lives in
+ * .gitignore) and self-cleaning — after a successful redo we delete
+ * the blob so a second redo without a fresh undo is a noop. Stale
+ * blobs left behind by an interrupted undo are reaped after 7 days
+ * by the existing `.pugi/cleanup` cadence (best-effort; not a
+ * correctness requirement).
+ */
+import { existsSync, mkdirSync, readFileSync, renameSync, unlinkSync, writeFileSync, } from 'node:fs';
+import { resolve } from 'node:path';
+import { hashContent } from '../../core/file-cache.js';
+/** Sha256-keyed blob path under `<root>/.pugi/undo-blobs/`. */
+export function blobPathFor(root, sha) {
+    return resolve(root, '.pugi/undo-blobs', sha);
+}
+/** Ensure the blob directory exists. Idempotent. */
+function ensureBlobDir(root) {
+    const dir = resolve(root, '.pugi/undo-blobs');
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true, mode: 0o700 });
+    }
+    return dir;
+}
+/**
+ * Write `content` into the blob store. Returns the resolved blob path.
+ * Atomic tmp+rename so partial writes never present a half-blob к
+ * future redo invocations.
+ *
+ * Idempotent: if a blob with the same content already exists, the
+ * second write is a noop (the rename target already matches).
+ */
+export function writeBlob(root, content) {
+    ensureBlobDir(root);
+    const sha = hashContent(content);
+    const dst = blobPathFor(root, sha);
+    if (existsSync(dst)) {
+        // Same content already cached; nothing to do.
+        return { sha, path: dst };
+    }
+    const tmp = `${dst}.tmp-${process.pid}-${Date.now()}`;
+    writeFileSync(tmp, content, { encoding: 'utf8', mode: 0o600 });
+    renameSync(tmp, dst);
+    return { sha, path: dst };
+}
+/**
+ * Read a blob by sha. Returns `undefined` when the blob is missing
+ * (cleanup ran, repo cloned fresh, blob never captured). Callers
+ * MUST treat undefined as "redo not available" rather than crashing.
+ */
+export function readBlob(root, sha) {
+    const path = blobPathFor(root, sha);
+    if (!existsSync(path))
+        return undefined;
+    try {
+        return readFileSync(path, 'utf8');
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Best-effort blob deletion. Used by the redo runner after a successful
+ * reapply so the blob does not get reused on a second redo (which would
+ * be incorrect — once redone, the next undo must capture fresh state).
+ * Missing-file errors are swallowed — the store self-heals.
+ */
+export function deleteBlob(root, sha) {
+    const path = blobPathFor(root, sha);
+    if (!existsSync(path))
+        return;
+    try {
+        unlinkSync(path);
+    }
+    catch {
+        // Best-effort.
+    }
+}
+//# sourceMappingURL=redo-blob-store.js.map