@pugi/cli 0.1.0-beta.5 → 0.1.0-beta.51

package/dist/runtime/commands/report.js

@@ -0,0 +1,299 @@
+/**
+ * PAVF-7 — `pugi report --from-error` field-bug capture.
+ *
+ * Operator hit a CLI failure ("pugi explain: failed [auth_missing]...")
+ * and wants to file a clean report без manual log-grepping. This command:
+ *
+ *   1. Locates the most-recently-modified session under .pugi/sessions/
+ *      (the engine adapter mirrors EVERY dispatch's events to a fresh
+ *      session dir; the latest one is always the failure that just
+ *      surprised the operator).
+ *   2. Reads events.jsonl + extracts the terminal-state event +
+ *      the last 50 frames before it (enough context to triage; small
+ *      enough for a GH issue body or email paste).
+ *   3. Captures workspace metadata (CLI version, Node version, OS,
+ *      tenant id from credentials, current dir, .pugi/PUGI.md presence).
+ *   4. Strips secrets — auth tokens, env values, JWT signatures —
+ *      before the report ever touches disk OR network.
+ *   5. Writes the bundle к .pugi/reports/<ISO-timestamp>-<session-id>/
+ *      with both a machine-readable report.json and a human-readable
+ *      report.md the operator can paste into a GH issue / email.
+ *   6. Prints the path + the canonical share command the operator can
+ *      run when ready to upload (the upload endpoint is deferred to a
+ *      follow-up; v1 keeps everything LOCAL so an operator working
+ *      offline / behind a corporate firewall can still file a clean
+ *      report).
+ *
+ * Why not auto-upload in v1:
+ *   The CEO HARD rule `feedback_no_fake_dispatch_promises` says we do
+ *   not invent dispatch we cannot deliver. Without a live
+ *   /api/pugi/report endpoint, an auto-upload would either silently
+ *   no-op or claim shipped и lie. v1 emits the artifacts + a clear
+ *   "upload pending" status; v2 (separate PR) wires the endpoint и
+ *   flips the default к upload-on-success.
+ *
+ * Exit codes (match the existing PAVF-1 stage_code table):
+ *   0  = report written successfully
+ *   8  = no sessions found (operator ran in a workspace без .pugi/)
+ *   9  = session events.jsonl unreadable / corrupted
+ *  20  = output path not writable (disk full / perms)
+ *
+ * Secret-redaction posture: PII / tokens / env values are stripped at
+ * the report-generation layer, NOT at upload time. Even if the operator
+ * never uploads, the report dir on disk MUST NOT carry plaintext
+ * secrets — a colleague who later runs `cat .pugi/reports/.../report.md`
+ * over the shoulder sees the bug context but not the bearer token.
+ */
+import { existsSync, readdirSync, readFileSync, mkdirSync, statSync, writeFileSync } from 'node:fs';
+import { join, resolve as resolvePath } from 'node:path';
+import { homedir, platform, release } from 'node:os';
+import { PUGI_CLI_VERSION } from '../version.js';
+const MAX_TAIL_FRAMES = 50;
+const MAX_DETAIL_CHARS = 400;
+const TERMINAL_TYPES = new Set([
+    'agent.completed',
+    'agent.failed',
+    'agent.blocked',
+    'subagent.outcome',
+    'result',
+]);
+/**
+ * Bearer / JWT / env-secret patterns. We do NOT try to be exhaustive
+ * (cat-and-mouse with custom secret formats is unwinnable); we cover
+ * the shapes that actually appear in Pugi sessions:
+ *
+ *   - `Authorization: Bearer eyJ...` (JWT header.payload.signature)
+ *   - `apiKey: eyJ...` inside captured JSON envelopes
+ *   - any long base64-ish token (>= 20 chars, [A-Za-z0-9_-]) following
+ *     `token`, `password`, `secret`, or `key` field names
+ *
+ * Replacement is a length-preserving `[REDACTED:<n>]` marker so the
+ * operator can still verify the report at-a-glance ("yes, a 32-char
+ * token was here") без leaking the value.
+ */
+function redact(text) {
+    if (!text)
+        return text;
+    // Bearer + JWT shape.
+    text = text.replace(/(Bearer\s+)([A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+)/gi, (_m, prefix, tok) => `${prefix}[REDACTED:${tok.length}]`);
+    // Bare JWTs (no Bearer prefix) inside JSON / log lines.
+    text = text.replace(/\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g, (tok) => `[REDACTED:${tok.length}]`);
+    // `"token": "..."` / `"apiKey": "..."` / `"password": "..."` shapes.
+    text = text.replace(/("(?:apiKey|api_key|token|access_token|refresh_token|password|secret|bearer)"\s*:\s*")([^"]{10,})(")/gi, (_m, before, val, after) => `${before}[REDACTED:${val.length}]${after}`);
+    // Bare env-style KEY=VALUE на длинных значениях.
+    text = text.replace(/\b((?:PUGI_API_KEY|GITHUB_TOKEN|NPM_TOKEN|ANVIL_API_KEY|OPENAI_API_KEY|ANTHROPIC_API_KEY|GEMINI_API_KEY)=)([^\s"']{10,})/g, (_m, prefix, val) => `${prefix}[REDACTED:${val.length}]`);
+    return text;
+}
+function clampDetail(value) {
+    if (typeof value !== 'string')
+        return undefined;
+    const redacted = redact(value);
+    return redacted.length > MAX_DETAIL_CHARS
+        ? `${redacted.slice(0, MAX_DETAIL_CHARS)}…`
+        : redacted;
+}
+function findLatestSession(cwd) {
+    const dir = resolvePath(cwd, '.pugi/sessions');
+    if (!existsSync(dir))
+        return null;
+    const entries = readdirSync(dir, { withFileTypes: true })
+        .filter((e) => e.isDirectory())
+        .map((e) => {
+        const path = join(dir, e.name);
+        let mtime = 0;
+        try {
+            mtime = statSync(join(path, 'events.jsonl')).mtimeMs;
+        }
+        catch {
+            // Session dir without events.jsonl yet — never opened. Skip.
+            return null;
+        }
+        return { name: e.name, path, mtime };
+    })
+        .filter((x) => x !== null)
+        .sort((a, b) => b.mtime - a.mtime);
+    return entries[0]?.path ?? null;
+}
+function readTenantIdSafely() {
+    const credPath = resolvePath(homedir(), '.pugi/credentials.json');
+    if (!existsSync(credPath))
+        return undefined;
+    try {
+        const raw = JSON.parse(readFileSync(credPath, 'utf8'));
+        const first = raw.tokens?.[0]?.apiKey;
+        if (!first || typeof first !== 'string')
+            return undefined;
+        // JWT payload is the middle segment; base64-decode + parse for the
+        // `customerId` claim. Failure here returns undefined (the report
+        // still emits useful context without it).
+        const parts = first.split('.');
+        if (parts.length !== 3)
+            return undefined;
+        const payload = JSON.parse(Buffer.from(parts[1] ?? '', 'base64').toString('utf8'));
+        return typeof payload.customerId === 'string' ? payload.customerId : undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+function captureFrames(eventsPath) {
+    const lines = readFileSync(eventsPath, 'utf8')
+        .split('\n')
+        .filter((l) => l.trim().length > 0);
+    const parsed = lines
+        .map((line) => {
+        try {
+            return JSON.parse(line);
+        }
+        catch {
+            return null;
+        }
+    })
+        .filter((f) => f !== null);
+    // Keep the LAST MAX_TAIL_FRAMES frames — failures cluster at the
+    // end, and the tail is where the operator's context actually lives.
+    const tail = parsed.slice(-MAX_TAIL_FRAMES);
+    return tail.map((f) => {
+        const out = {
+            type: typeof f.type === 'string' ? f.type : 'unknown',
+        };
+        if (typeof f.taskId === 'string')
+            out.taskId = f.taskId;
+        if (typeof f.timestamp === 'string')
+            out.timestamp = f.timestamp;
+        if (typeof f.outcome === 'string')
+            out.outcome = f.outcome;
+        // Keep detail / error ONLY on terminal frames (full reply text on
+        // every agent.message would blow the report past the GH issue cap).
+        if (TERMINAL_TYPES.has(out.type)) {
+            const detail = clampDetail(f.detail) ?? clampDetail(f.error);
+            if (detail)
+                out.detail = detail;
+            if (typeof f.error === 'string')
+                out.error = clampDetail(f.error);
+        }
+        return out;
+    });
+}
+export function runReport(args, ctx) {
+    const fromError = args.includes('--from-error');
+    if (!fromError) {
+        ctx.writeOutput({
+            command: 'report',
+            status: 'no_sessions',
+            message: 'pugi report — capture a bug report from the most-recent session.\n\n' +
+                'Usage:\n' +
+                '  pugi report --from-error           Bundle the most-recent failed session as a report.\n\n' +
+                'Output: writes .pugi/reports/<timestamp>-<session-id>/{report.json, report.md}.\n' +
+                'Secrets (bearer tokens, JWTs, named env values) are stripped before disk write.',
+        }, 'pugi report — see `pugi report --help`');
+        return 0;
+    }
+    const sessionPath = findLatestSession(ctx.cwd);
+    if (!sessionPath) {
+        ctx.writeOutput({
+            command: 'report',
+            status: 'no_sessions',
+            message: 'No sessions found under .pugi/sessions/. Run a `pugi` command first.',
+        }, 'pugi report: no sessions found under .pugi/sessions/ — run a `pugi` command first.');
+        return 8;
+    }
+    const eventsPath = join(sessionPath, 'events.jsonl');
+    let frames;
+    try {
+        frames = captureFrames(eventsPath);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.writeOutput({
+            command: 'report',
+            status: 'unreadable',
+            message: `Failed to read ${eventsPath}: ${message}`,
+        }, `pugi report: cannot read session events (${message})`);
+        return 9;
+    }
+    const sessionId = sessionPath.split('/').pop() ?? 'unknown';
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+    const reportDir = resolvePath(ctx.cwd, '.pugi/reports', `${timestamp}-${sessionId}`);
+    let reportJson;
+    let reportMd;
+    try {
+        mkdirSync(reportDir, { recursive: true });
+        reportJson = join(reportDir, 'report.json');
+        reportMd = join(reportDir, 'report.md');
+        const meta = {
+            schema: 1,
+            generatedAt: new Date().toISOString(),
+            cliVersion: PUGI_CLI_VERSION,
+            nodeVersion: process.version,
+            os: `${platform()} ${release()}`,
+            cwd: ctx.cwd,
+            sessionId,
+            tenantId: readTenantIdSafely() ?? '(not resolvable)',
+            pugiMd: existsSync(resolvePath(ctx.cwd, '.pugi/PUGI.md')),
+            frames,
+        };
+        writeFileSync(reportJson, JSON.stringify(meta, null, 2), 'utf8');
+        const mdLines = [
+            `# Pugi bug report — ${sessionId}`,
+            '',
+            `Generated: \`${meta.generatedAt}\``,
+            `CLI version: \`${meta.cliVersion}\``,
+            `Node: \`${meta.nodeVersion}\` · OS: \`${meta.os}\``,
+            `Workspace: \`${meta.cwd}\` (PUGI.md present: ${meta.pugiMd ? 'yes' : 'no'})`,
+            `Tenant: \`${meta.tenantId}\``,
+            '',
+            `## Last ${frames.length} frames`,
+            '',
+            '```jsonl',
+            ...frames.map((f) => JSON.stringify(f)),
+            '```',
+            '',
+            '## How to share',
+            '',
+            '1. Review `report.md` for accidental PII or sensitive paths.',
+            '2. Paste the contents into a GH issue at https://github.com/pugi-io/pugi/issues',
+            '   OR attach the `report.json` as a file.',
+            '',
+            'Auto-upload to api.pugi.io is planned (`pugi report --upload`) but',
+            'NOT shipped in this build — v1 keeps everything local so an operator',
+            'behind a firewall can still file a clean report.',
+        ];
+        writeFileSync(reportMd, mdLines.join('\n'), 'utf8');
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        ctx.writeOutput({
+            command: 'report',
+            status: 'output_not_writable',
+            message: `Failed to write report bundle to ${reportDir}: ${message}`,
+        }, `pugi report: cannot write report dir (${message})`);
+        return 20;
+    }
+    ctx.writeOutput({
+        command: 'report',
+        status: 'written',
+        reportDir,
+        reportJson,
+        reportMd,
+        sessionId,
+        message: `Report written: ${reportDir}`,
+    }, [
+        `pugi report: bundle written`,
+        `  Session: ${sessionId}`,
+        `  Frames captured: ${frames.length}`,
+        `  Files:`,
+        `    ${reportJson}`,
+        `    ${reportMd}`,
+        ``,
+        `Review report.md for accidental PII, then paste into a GH issue OR`,
+        `attach report.json. Auto-upload is planned for a follow-up build.`,
+    ].join('\n'));
+    return 0;
+}
+// Test seam — the redactor is the most-tested piece (false negatives
+// leak secrets; false positives garble bug context). Exported so
+// apps/pugi-cli/test/report.spec.ts can assert the regex behaviour
+// без spinning up a full session.
+export const __INTERNAL_FOR_TESTS = { redact, clampDetail };
+//# sourceMappingURL=report.js.map

package/dist/runtime/commands/resume.js

@@ -0,0 +1,118 @@
+/**
+ * `/resume` runtime — leak L9 (2026-05-27).
+ *
+ * Light runner that augments the existing `pugi resume` surface in
+ * `runtime/cli.ts` with rewind-aware session listings. The full
+ * REPL-mount path stays in cli.ts (it owns the credential resolver +
+ * Ink renderer); this module exposes the data-access helpers the slash
+ * dispatcher + the cli.ts handler share.
+ *
+ * Why a separate runner rather than inlining inside cli.ts: the in-REPL
+ * `/resume` slash already holds the writer lock, so it cannot use the
+ * read-only view path the top-level command relies on. The split lets
+ * the slash code call `listResumableSessionsForRepl` (which routes
+ * through the live store) while the shell code calls
+ * `listResumableSessionsReadOnly` (which uses the no-lock view).
+ */
+import { homedir } from 'node:os';
+import { slugForCwd } from '../../core/repl/history.js';
+import { applyAllMasks, listResumableSessions, } from '../../core/checkpoint/resumer.js';
+import { findLatestActiveRewind } from '../../core/checkpoint/rewinder.js';
+/**
+ * Read-only `pugi resume --list` path. Uses the no-lock view so a live
+ * REPL writing in the same project does not block the listing.
+ */
+export async function runResumeList(ctx) {
+    const slug = slugForCwd(ctx.workspaceRoot);
+    const baseInput = {
+        projectSlug: slug,
+        limit: ctx.limit ?? 10,
+        home: ctx.home ?? homedir(),
+    };
+    const sessions = await listResumableSessions(baseInput);
+    const rows = sessions.map(toResumeListRow);
+    const text = renderResumeList(rows, slug);
+    ctx.writeOutput({
+        command: 'resume',
+        status: rows.length === 0 ? 'empty' : 'listed',
+        projectSlug: slug,
+        sessions: rows,
+    }, text);
+    return {
+        command: 'resume',
+        status: rows.length === 0 ? 'empty' : 'listed',
+        projectSlug: slug,
+        sessions: rows,
+    };
+}
+/**
+ * In-REPL `/resume` slash variant. The live REPL holds the writer
+ * lockfile so we cannot reuse the read-only view path; this routes
+ * through the store the session module already opened. Returns the
+ * sessions list directly so the slash handler can render system lines.
+ */
+export async function runResumeListForRepl(input) {
+    const slug = slugForCwd(input.workspaceRoot);
+    const limit = input.limit ?? 10;
+    const sessionRows = await input.store.listSessions({
+        project: slug,
+        limit,
+        status: 'active+archived',
+    });
+    const out = [];
+    for (const row of sessionRows) {
+        const events = await input.store.loadEvents(row.id);
+        const visible = applyAllMasks(events);
+        const latest = findLatestActiveRewind(events);
+        out.push({
+            id: row.id,
+            title: row.title,
+            branch: row.branch,
+            turnCount: row.turnCount,
+            eventCount: row.eventCount,
+            visibleEventCount: visible.length,
+            hasActiveRewind: latest !== null,
+            updatedAt: row.updatedAt,
+        });
+    }
+    return out;
+}
+function toResumeListRow(input) {
+    return {
+        id: input.row.id,
+        title: input.row.title,
+        branch: input.row.branch,
+        turnCount: input.row.turnCount,
+        eventCount: input.row.eventCount,
+        visibleEventCount: input.visibleEventCount,
+        hasActiveRewind: input.hasActiveRewind,
+        updatedAt: input.row.updatedAt,
+    };
+}
+/**
+ * Pretty-print a resume list. Adds a small "rewound" tag when the
+ * session carries an unfinished rewind so the operator knows the
+ * transcript will load with a masked range.
+ */
+export function renderResumeList(rows, projectSlug) {
+    if (rows.length === 0) {
+        return `No stored sessions for project '${projectSlug}' yet.`;
+    }
+    const lines = [
+        `Recent local sessions for '${projectSlug}' (${rows.length}):`,
+        '',
+    ];
+    for (let i = 0; i < rows.length; i += 1) {
+        const row = rows[i];
+        const title = (row.title ?? '(untitled)').slice(0, 64);
+        const idShort = row.id.slice(0, 13);
+        const branch = (row.branch ?? 'no-branch').padEnd(16);
+        const turns = `${row.turnCount}t`.padStart(4);
+        const events = `${row.visibleEventCount}e`.padStart(5);
+        const tag = row.hasActiveRewind ? ' [rewound]' : '';
+        lines.push(`  ${idShort}  ${branch}  ${turns} ${events}${tag}  ${title}`);
+    }
+    lines.push('', 'Resume with: pugi resume <id>');
+    return lines.join('\n');
+}
+//# sourceMappingURL=resume.js.map

package/dist/runtime/commands/review-consensus.js

@@ -40,8 +40,23 @@ import { aggregate, exitCodeFor, reviewerVerdictFromRaw, } from '../../core/cons
  *   `--branch <name>` / `--branch=<name>`
  *   `--base <ref>` / `--base=<ref>`   (override default origin/main)
  */
-export function parseConsensusArgs(args) {
+export function parseConsensusArgs(args, 
+/**
+ * 2026-05-27 (Codex r0 P1 on PR #489): cli.ts now parses --commit /
+ * --base in the GLOBAL flag pass for the new triple-provider path.
+ * Those tokens are consumed BEFORE this function sees `args`, so
+ * `pugi review --consensus --commit X` would silently fall back to
+ * the default diff and review the wrong changes. Pass the global
+ * flags through here so consensus picks them up when present.
+ * Inline `--commit`/`--base` tokens in args still win — explicit
+ * caller intent is preserved.
+ */
+fallback) {
     const spec = {};
+    if (fallback?.commit)
+        spec.commit = fallback.commit;
+    if (fallback?.base)
+        spec.baseRef = fallback.base;
     for (let i = 0; i < args.length; i += 1) {
         const arg = args[i] ?? '';
         const equalsIdx = arg.indexOf('=');
@@ -119,7 +134,7 @@ export async function runReviewConsensus(args, ctx) {
     // exit 2 — same as BLOCK because the gate could not even run.
     let captured;
     try {
-        const spec = parseConsensusArgs(args);
+        const spec = parseConsensusArgs(args, ctx.flagsFallback);
         captured = captureDiff({ ...spec, cwd: ctx.cwd });
     }
     catch (error) {