@qodly/gentrace 0.1.0

package/dist/commands/doctor.js

@@ -0,0 +1,162 @@
+import { loadConfig, resolveApiKey, saveConfig } from '../lib/config.js';
+import { debugLog, parseVerboseFlags } from '../lib/debug.js';
+import { which } from '../lib/exec.js';
+import { getGitAiVersion } from '../lib/git-ai.js';
+import { promptSecret } from '../lib/prompt.js';
+function tokenAllowsTelemetryIngest(iams) {
+    return iams.includes('*') || iams.includes('telemetry:ingest');
+}
+function formatIamList(iams) {
+    return [...iams].sort().join(', ') || '(none)';
+}
+export async function doctor(argv = []) {
+    const rest = parseVerboseFlags(argv);
+    if (rest.length > 0) {
+        console.error('Usage: gentrace doctor [--verbose|--debug|-v]');
+        process.exit(1);
+    }
+    let ok = true;
+    // 1. git
+    const gitPath = await which('git');
+    if (gitPath) {
+        console.log(`✓ git found at ${gitPath}`);
+    }
+    else {
+        console.error('✗ git not found on PATH');
+        ok = false;
+    }
+    // 2. git-ai
+    const gitAiVersion = await getGitAiVersion();
+    if (gitAiVersion) {
+        console.log(`✓ git-ai ${gitAiVersion}`);
+    }
+    else {
+        console.error('✗ git-ai not found — run: gentrace install-git-ai');
+        ok = false;
+    }
+    // 3. API key
+    const cfg = loadConfig();
+    let apiKey = resolveApiKey(cfg);
+    if (apiKey) {
+        console.log('✓ API key configured');
+    }
+    else {
+        console.error('✗ API key not configured');
+        try {
+            apiKey = await promptSecret('Enter your Gentrace API key: ');
+            if (apiKey.trim()) {
+                saveConfig({ apiKey: apiKey.trim() });
+                console.log('✓ API key saved');
+            }
+            else {
+                ok = false;
+            }
+        }
+        catch {
+            console.error('  Set GENTRACE_API_KEY or run: gentrace config set apiKey <token>');
+            ok = false;
+        }
+    }
+    // 4. API liveness (no auth)
+    if (apiKey) {
+        const healthUrl = `${cfg.apiUrl}/health`;
+        try {
+            debugLog('GET', healthUrl);
+            const res = await fetch(healthUrl, {
+                signal: AbortSignal.timeout(5_000),
+            });
+            const text = await res.text();
+            debugLog('health response', res.status, text.slice(0, 2000));
+            if (res.ok) {
+                console.log(`✓ API reachable at ${cfg.apiUrl}`);
+            }
+            else {
+                console.error(`✗ API returned ${res.status} at ${healthUrl}`);
+                ok = false;
+            }
+        }
+        catch (err) {
+            debugLog('health fetch error', err);
+            console.error(`✗ API unreachable at ${cfg.apiUrl}`);
+            ok = false;
+        }
+    }
+    // 5. Token validity + IAMs (telemetry ingest for gentrace publish)
+    if (apiKey) {
+        const permUrl = `${cfg.apiUrl}/v1/auth/permissions`;
+        try {
+            debugLog('GET', permUrl);
+            const res = await fetch(permUrl, {
+                headers: { 'X-API-Key': apiKey },
+                signal: AbortSignal.timeout(8_000),
+            });
+            const text = await res.text();
+            debugLog('permissions response', res.status, text.slice(0, 2000));
+            if (res.ok) {
+                try {
+                    const body = JSON.parse(text);
+                    const iams = body.data?.iams;
+                    if (!Array.isArray(iams)) {
+                        console.error('✗ API token check: missing data.iams in response');
+                        ok = false;
+                    }
+                    else if (tokenAllowsTelemetryIngest(iams)) {
+                        console.log(`✓ API token active; gentrace publish allowed (telemetry:ingest or full access). Effective IAMs: ${formatIamList(iams)}`);
+                    }
+                    else {
+                        console.error('✗ API token is active but cannot ingest telemetry — enable IAM "telemetry:ingest" (or "*") on this access token in the dashboard.');
+                        console.error(`  Effective IAMs on this token: ${formatIamList(iams)}`);
+                        ok = false;
+                    }
+                }
+                catch {
+                    console.error('✗ API token check: response was not valid JSON');
+                    ok = false;
+                }
+            }
+            else {
+                let detail = text.trim();
+                let reason = '';
+                try {
+                    const j = JSON.parse(text);
+                    reason = j.reason ?? '';
+                    detail = j.message || j.reason || j.error || detail;
+                }
+                catch {
+                    /* keep raw */
+                }
+                if (res.status === 401) {
+                    console.error('✗ API token rejected (401 Unauthorized) — missing or unknown credentials.');
+                }
+                else if (res.status === 403) {
+                    if (reason === 'token_revoked') {
+                        console.error('✗ API token has been revoked.');
+                    }
+                    else if (reason === 'token_disabled') {
+                        console.error('✗ API token is disabled.');
+                    }
+                    else if (reason === 'token_expired') {
+                        console.error('✗ API token has expired.');
+                    }
+                    else {
+                        console.error('✗ API token cannot call GET /v1/auth/permissions (403). Use a key that includes at least one of: telemetry:ingest, auth:read, auth:me.');
+                        if (detail)
+                            console.error(`  ${detail}`);
+                    }
+                }
+                else {
+                    console.error(`✗ API token check failed (${res.status}) at ${permUrl}`);
+                    if (detail)
+                        console.error(`  ${detail}`);
+                }
+                ok = false;
+            }
+        }
+        catch (err) {
+            debugLog('permissions fetch error', err);
+            console.error(`✗ API token check failed to reach ${permUrl}: ${err instanceof Error ? err.message : err}`);
+            ok = false;
+        }
+    }
+    process.exit(ok ? 0 : 1);
+}

package/dist/commands/hooks.d.ts

@@ -0,0 +1,2 @@
+export declare function hooksInstall(cwd?: string): Promise<void>;
+export declare function hooksUninstall(cwd?: string): Promise<void>;

package/dist/commands/hooks.js

@@ -0,0 +1,128 @@
+import { chmodSync, existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { loadConfig, resolveApiKey, saveConfig } from '../lib/config.js';
+import { which } from '../lib/exec.js';
+import { getRepoRoot } from '../lib/git.js';
+import { promptSecret } from '../lib/prompt.js';
+const HOOK_MARKER = '# gentrace-cli post-commit hook';
+function isGentraceHookLine(line) {
+    return (line.startsWith('GIT_DIR=') ||
+        line.startsWith('GENTRACE_BIN=') ||
+        line.startsWith('LOG=') ||
+        (line.includes('[gentrace]') && line.includes('Telemetry:')) ||
+        line.startsWith('nohup ') ||
+        line.startsWith('gentrace ') ||
+        line.startsWith('gentrace publish') ||
+        (line.startsWith('"') && line.includes(' publish ') && line.includes('2>&1')));
+}
+/** Remove the gentrace block (from marker through its lines); used for uninstall and hook upgrades. */
+function stripGentraceHookFromContent(content) {
+    const lines = content.split('\n');
+    const filtered = [];
+    let skipping = false;
+    for (const line of lines) {
+        if (line.includes(HOOK_MARKER)) {
+            skipping = true;
+            continue;
+        }
+        if (skipping && line === '') {
+            skipping = false;
+            continue;
+        }
+        if (skipping && isGentraceHookLine(line)) {
+            continue;
+        }
+        skipping = false;
+        filtered.push(line);
+    }
+    return filtered.join('\n').trim();
+}
+function hookScript() {
+    return `#!/bin/sh
+${HOOK_MARKER}
+GIT_DIR=$(git rev-parse --git-dir)
+GENTRACE_BIN="\${GENTRACE_BIN:-gentrace}"
+LOG="$GIT_DIR/gentrace-publish.log"
+echo "[gentrace] Telemetry: publishing in background (log: $LOG)"
+nohup "$GENTRACE_BIN" publish --daemon >>"$LOG" 2>&1 &\n`;
+}
+function hasAsyncTelemetryHook(body) {
+    return body.includes('publish --daemon') && body.includes('nohup');
+}
+export async function hooksInstall(cwd) {
+    const repoRoot = await getRepoRoot(cwd || process.cwd());
+    const hooksDir = join(repoRoot, '.git', 'hooks');
+    const hookPath = join(hooksDir, 'post-commit');
+    // Verify gentrace is on PATH
+    const gentraceBin = await which('gentrace');
+    if (!gentraceBin) {
+        console.log('Warning: "gentrace" not found on PATH. The hook will fail unless the CLI is available at commit time.');
+        console.log('  Run `bun link` in the gentrace-cli package or add it to your PATH.\n');
+    }
+    // Ensure API key is set
+    const cfg = loadConfig();
+    let apiKey = resolveApiKey(cfg);
+    if (!apiKey) {
+        try {
+            apiKey = await promptSecret('Enter your Gentrace API key: ');
+            if (apiKey.trim()) {
+                saveConfig({ apiKey: apiKey.trim() });
+                console.log('API key saved.\n');
+            }
+        }
+        catch {
+            console.log('No API key set. Set GENTRACE_API_KEY env or run: gentrace config set apiKey <token>\n');
+        }
+    }
+    if (!existsSync(hooksDir)) {
+        mkdirSync(hooksDir, { recursive: true });
+    }
+    if (existsSync(hookPath)) {
+        const existing = readFileSync(hookPath, 'utf-8');
+        if (existing.includes(HOOK_MARKER)) {
+            if (hasAsyncTelemetryHook(existing)) {
+                console.log('Gentrace post-commit hook is already installed.');
+                return;
+            }
+            const stripped = stripGentraceHookFromContent(existing);
+            const merged = `${stripped.trimEnd()}\n\n${hookScript()}`.trimEnd();
+            writeFileSync(hookPath, `${merged}\n`);
+            chmodSync(hookPath, 0o755);
+            console.log(`Replaced older gentrace hook with async telemetry at ${hookPath}`);
+            return;
+        }
+        // Append to existing hook
+        const appended = `${existing.trimEnd()}\n\n${hookScript()}`;
+        writeFileSync(hookPath, appended);
+        chmodSync(hookPath, 0o755);
+        console.log(`Appended gentrace hook to existing ${hookPath}`);
+    }
+    else {
+        writeFileSync(hookPath, hookScript());
+        chmodSync(hookPath, 0o755);
+        console.log(`Installed gentrace post-commit hook at ${hookPath}`);
+    }
+}
+export async function hooksUninstall(cwd) {
+    const repoRoot = await getRepoRoot(cwd || process.cwd());
+    const hookPath = join(repoRoot, '.git', 'hooks', 'post-commit');
+    if (!existsSync(hookPath)) {
+        console.log('No post-commit hook found.');
+        return;
+    }
+    const content = readFileSync(hookPath, 'utf-8');
+    if (!content.includes(HOOK_MARKER)) {
+        console.log('No gentrace hook found in post-commit.');
+        return;
+    }
+    const remaining = stripGentraceHookFromContent(content);
+    if (!remaining || remaining === '#!/bin/sh') {
+        unlinkSync(hookPath);
+        console.log('Removed post-commit hook.');
+    }
+    else {
+        writeFileSync(hookPath, `${remaining}\n`);
+        chmodSync(hookPath, 0o755);
+        console.log('Removed gentrace section from post-commit hook.');
+    }
+}

package/dist/commands/install-git-ai.d.ts

@@ -0,0 +1 @@
+export declare function installGitAi(): Promise<void>;

package/dist/commands/install-git-ai.js

@@ -0,0 +1,41 @@
+import { spawn } from 'node:child_process';
+import { isGitAiInstalled } from '../lib/git-ai.js';
+import { promptConfirm } from '../lib/prompt.js';
+export async function installGitAi() {
+    if (await isGitAiInstalled()) {
+        const { getGitAiVersion } = await import('../lib/git-ai.js');
+        const version = await getGitAiVersion();
+        console.log(`git-ai is already installed${version ? ` (${version})` : ''}.`);
+        return;
+    }
+    if (process.platform === 'win32') {
+        console.log('On Windows (non-WSL), run:');
+        console.log('  powershell -NoProfile -ExecutionPolicy Bypass -Command "irm https://usegitai.com/install.ps1 | iex"');
+        console.log('\nOn WSL, the Unix installer below works.');
+    }
+    const ok = await promptConfirm('Install git-ai via curl -sSL https://usegitai.com/install.sh | bash ?');
+    if (!ok) {
+        console.log('Aborted.');
+        process.exit(1);
+    }
+    console.log('Installing git-ai…');
+    await new Promise((resolve, reject) => {
+        const child = spawn('bash', ['-c', 'curl -sSL https://usegitai.com/install.sh | bash'], {
+            stdio: 'inherit',
+        });
+        child.on('error', reject);
+        child.on('close', (code) => {
+            if (code === 0)
+                resolve();
+            else
+                reject(new Error(`Installer exited with code ${code}`));
+        });
+    });
+    if (await isGitAiInstalled()) {
+        console.log('git-ai installed successfully.');
+    }
+    else {
+        console.error('git-ai binary not found after install. You may need to reload your shell or add ~/.git-ai/bin to PATH.');
+        process.exit(1);
+    }
+}

package/dist/commands/publish.d.ts

@@ -0,0 +1 @@
+export declare function publish(argv?: string[]): Promise<void>;

package/dist/commands/publish.js

@@ -0,0 +1,224 @@
+import { createHash } from 'node:crypto';
+import { loadConfig, resolveApiKey, saveConfig } from '../lib/config.js';
+import { debugLog, isDebug, parseVerboseFlags, redactApiKey } from '../lib/debug.js';
+import { getCommitInfo, getOriginUrl, getRepoRoot } from '../lib/git.js';
+import { getDiff, getGitAiVersion, getPrompt, getShow, isGitAiInstalled, waitForGitAiStats, } from '../lib/git-ai.js';
+import { resolvePublishAiContext } from '../lib/git-ai-ingest-context.js';
+import { promptSecret } from '../lib/prompt.js';
+import { matchesSkipList } from '../lib/skip.js';
+import { postTelemetryWithRetries } from '../lib/telemetry-post.js';
+const CLI_VERSION = '2.0.0';
+const MAX_DEBUG_BODY = 200_000;
+const DAEMON_FLAGS = new Set(['--daemon', '--background']);
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+export async function publish(argv = []) {
+    const rest = parseVerboseFlags(argv);
+    let daemon = false;
+    const positional = [];
+    for (const a of rest) {
+        if (DAEMON_FLAGS.has(a))
+            daemon = true;
+        else
+            positional.push(a);
+    }
+    if (positional.length > 1) {
+        console.error('Usage: gentrace publish [--verbose|--debug|-v] [--daemon] [cwd]');
+        process.exit(1);
+    }
+    const cwd = positional[0];
+    const repoRoot = await getRepoRoot(cwd || process.cwd());
+    // Resolve repository identity: prefer origin URL, fallback to path
+    const originUrl = await getOriginUrl(repoRoot);
+    const repositoryId = originUrl || repoRoot;
+    const cfg = loadConfig();
+    // Skip list check
+    if (matchesSkipList(repositoryId, cfg.skipRepositories)) {
+        console.log(`Skipping ${repositoryId} (matches skip list)`);
+        return;
+    }
+    // Ensure git-ai is available
+    if (!(await isGitAiInstalled())) {
+        console.error('git-ai is not installed. Run: gentrace install-git-ai');
+        process.exit(1);
+    }
+    // Ensure API key
+    let apiKey = resolveApiKey(cfg);
+    if (!apiKey) {
+        try {
+            apiKey = await promptSecret('Enter your Gentrace API key: ');
+            if (apiKey.trim()) {
+                saveConfig({ apiKey: apiKey.trim() });
+            }
+        }
+        catch {
+            // non-interactive — bail
+        }
+        if (!apiKey?.trim()) {
+            console.error('No API key. Set GENTRACE_API_KEY or run: gentrace config set apiKey <token>');
+            process.exit(1);
+        }
+    }
+    const delayFromEnv = Number(process.env.GENTRACE_PUBLISH_DELAY_MS);
+    const delayMs = Number.isFinite(delayFromEnv) ? Math.max(0, delayFromEnv) : daemon ? 2500 : 0;
+    if (delayMs > 0) {
+        console.log(`[gentrace] waiting ${delayMs}ms before collecting telemetry…`);
+        await sleep(delayMs);
+    }
+    // Resolve HEAD first so stats/diff target the same commit.
+    const commitInfo = await getCommitInfo(repoRoot);
+    // post-commit can run before git-ai finishes attributing; poll until stats are populated.
+    const stats = await waitForGitAiStats(repoRoot, 'HEAD', commitInfo.additions);
+    const [diff, authorshipLog, gitAiVersion] = await Promise.all([
+        getDiff(repoRoot),
+        getShow(repoRoot),
+        getGitAiVersion(),
+    ]);
+    // Optionally collect prompts
+    let prompts;
+    if (cfg.includePrompts && authorshipLog) {
+        prompts = await collectPrompts(repoRoot, authorshipLog);
+    }
+    // Derive AI tool / model / IDE from git-ai stats (and diff sessions as fallback)
+    const { aiProvider, aiModel, ide } = resolvePublishAiContext(stats, diff);
+    // Deterministic event ID: stable across retries
+    const repoHash = createHash('sha256').update(repositoryId).digest('hex').slice(0, 12);
+    const eventId = `gitai:${repoHash}:${commitInfo.sha}`;
+    const event = {
+        id: eventId,
+        type: 'commit_attribution',
+        timestamp: commitInfo.committedAt || new Date().toISOString(),
+        sessionId: `git-ai:${commitInfo.sha}`,
+        repositoryId,
+        scmProvider: 'git',
+        branch: commitInfo.branch,
+        commitSha: commitInfo.sha,
+        filePath: '__repository__',
+        aiProvider,
+        aiModel,
+        ide,
+        developerId: commitInfo.authorEmail || commitInfo.authorName,
+        developerEmail: commitInfo.authorEmail,
+        eventSource: 'command',
+        tokensGenerated: stats?.ai_additions,
+        metadata: {
+            source: 'git-ai',
+            cliVersion: CLI_VERSION,
+            gitAiVersion,
+            stats,
+            diff,
+            authorshipLog,
+            ...(prompts ? { prompts } : {}),
+            git: {
+                sha: commitInfo.sha,
+                parentShas: commitInfo.parentShas,
+                subject: commitInfo.subject,
+                body: commitInfo.body,
+                authorName: commitInfo.authorName,
+                authorEmail: commitInfo.authorEmail,
+                committerName: commitInfo.committerName,
+                committerEmail: commitInfo.committerEmail,
+                authoredAt: commitInfo.authoredAt,
+                committedAt: commitInfo.committedAt,
+                additions: commitInfo.additions,
+                deletions: commitInfo.deletions,
+                changedFiles: commitInfo.changedFiles,
+            },
+            attribution: {
+                aiLines: Number(stats?.ai_additions ?? 0),
+                humanLines: Number(stats?.human_additions ?? 0),
+                totalAddedLines: Number(stats?.ai_additions ?? 0) + Number(stats?.human_additions ?? 0),
+                totalRemovedLines: Number(stats?.git_diff_deleted_lines ?? 0),
+                byProvider: stats?.tool_model_breakdown ?? {},
+            },
+        },
+    };
+    const batch = {
+        events: [event],
+        sentAt: new Date().toISOString(),
+        sdkVersion: `gentrace-cli/${CLI_VERSION}`,
+    };
+    // Send to API
+    const url = `${cfg.apiUrl}/v1/telemetry`;
+    const bodyJson = JSON.stringify(batch);
+    if (isDebug()) {
+        debugLog('repository root', repoRoot);
+        debugLog('repositoryId', repositoryId);
+        debugLog('event id', eventId);
+        debugLog('POST', url);
+        debugLog('headers', {
+            'Content-Type': 'application/json',
+            'X-API-Key': redactApiKey(apiKey),
+        });
+        if (bodyJson.length > MAX_DEBUG_BODY) {
+            debugLog(`request body (${bodyJson.length} bytes, truncated)`);
+            debugLog(bodyJson.slice(0, MAX_DEBUG_BODY));
+            debugLog('…');
+        }
+        else {
+            debugLog('request body', bodyJson);
+        }
+    }
+    const res = await postTelemetryWithRetries(url, apiKey, bodyJson);
+    const responseText = res.responseText;
+    if (isDebug()) {
+        debugLog('response status', res.status);
+        const preview = responseText.length > MAX_DEBUG_BODY
+            ? `${responseText.slice(0, MAX_DEBUG_BODY)}…`
+            : responseText;
+        debugLog('response body', preview || '(empty)');
+    }
+    if (res.ok) {
+        let accepted = 1;
+        if (responseText.trim()) {
+            try {
+                accepted = JSON.parse(responseText).accepted ?? 1;
+            }
+            catch {
+                debugLog('response JSON parse failed; treating accepted as 1');
+            }
+        }
+        console.log(`Published commit ${commitInfo.sha.slice(0, 8)} (accepted: ${accepted})`);
+    }
+    else if (res.status === 409) {
+        console.log(`Commit ${commitInfo.sha.slice(0, 8)} already recorded.`);
+    }
+    else if (res.status === 401 || res.status === 403) {
+        let message = '';
+        try {
+            message = responseText
+                ? (JSON.parse(responseText).message ?? '')
+                : '';
+        }
+        catch {
+            message = responseText;
+        }
+        console.error(`Auth error (${res.status}): ${message || 'check your API key'}`);
+        console.error('Create a token with telemetry:ingest at your Gentrace dashboard.');
+        process.exit(1);
+    }
+    else {
+        const detail = res.status === 0
+            ? responseText.trim() || 'could not reach API after retries'
+            : responseText.trim() || '(empty body; try gentrace publish --verbose)';
+        console.error(`API error ${res.status}: ${detail}`);
+        process.exit(1);
+    }
+}
+/** Extract prompt IDs from authorship log text and fetch each. */
+async function collectPrompts(cwd, authorshipLog) {
+    const idPattern = /^\s+(\S+)\s+[\d,-]+$/gm;
+    const ids = new Set();
+    for (const match of authorshipLog.matchAll(idPattern)) {
+        if (match[1])
+            ids.add(match[1]);
+    }
+    const result = {};
+    for (const id of ids) {
+        const prompt = await getPrompt(cwd, id);
+        if (prompt)
+            result[id] = prompt;
+    }
+    return result;
+}

package/dist/commands/skip.d.ts

@@ -0,0 +1,3 @@
+export declare function skipAdd(pattern: string): void;
+export declare function skipRemove(pattern: string): void;
+export declare function skipList(): void;

package/dist/commands/skip.js

@@ -0,0 +1,30 @@
+import { loadConfig, saveConfig } from '../lib/config.js';
+export function skipAdd(pattern) {
+    const cfg = loadConfig();
+    if (cfg.skipRepositories.includes(pattern)) {
+        console.log(`Already in skip list: ${pattern}`);
+        return;
+    }
+    saveConfig({ skipRepositories: [...cfg.skipRepositories, pattern] });
+    console.log(`Added to skip list: ${pattern}`);
+}
+export function skipRemove(pattern) {
+    const cfg = loadConfig();
+    const next = cfg.skipRepositories.filter((p) => p !== pattern);
+    if (next.length === cfg.skipRepositories.length) {
+        console.log(`Not in skip list: ${pattern}`);
+        return;
+    }
+    saveConfig({ skipRepositories: next });
+    console.log(`Removed from skip list: ${pattern}`);
+}
+export function skipList() {
+    const cfg = loadConfig();
+    if (cfg.skipRepositories.length === 0) {
+        console.log('No repositories in skip list.');
+        return;
+    }
+    for (const p of cfg.skipRepositories) {
+        console.log(`  ${p}`);
+    }
+}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export { publish } from './commands/publish.js';
+export { loadConfig, saveConfig } from './lib/config.js';

package/dist/index.js

@@ -0,0 +1,2 @@
+export { publish } from './commands/publish.js';
+export { loadConfig, saveConfig } from './lib/config.js';

package/dist/lib/config.d.ts

@@ -0,0 +1,9 @@
+export interface GentraceCliConfig {
+    apiUrl: string;
+    apiKey: string;
+    includePrompts: boolean;
+    skipRepositories: string[];
+}
+export declare function loadConfig(): GentraceCliConfig;
+export declare function saveConfig(patch: Partial<GentraceCliConfig>): GentraceCliConfig;
+export declare function resolveApiKey(cfg: GentraceCliConfig): string;

package/dist/lib/config.js

@@ -0,0 +1,50 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+const DEFAULTS = {
+    apiUrl: 'https://gentrace.4d-ps.com/api',
+    apiKey: '',
+    includePrompts: false,
+    skipRepositories: [],
+};
+function configDir() {
+    const xdg = process.env.XDG_CONFIG_HOME;
+    return join(xdg || join(homedir(), '.config'), 'gentrace');
+}
+function configPath() {
+    return join(configDir(), 'config.json');
+}
+export function loadConfig() {
+    const envUrl = process.env.GENTRACE_API_URL;
+    const envKey = process.env.GENTRACE_API_KEY;
+    let persisted = {};
+    const p = configPath();
+    if (existsSync(p)) {
+        try {
+            persisted = JSON.parse(readFileSync(p, 'utf-8'));
+        }
+        catch {
+            // corrupt file — fall through to defaults
+        }
+    }
+    return {
+        apiUrl: envUrl || persisted.apiUrl || DEFAULTS.apiUrl,
+        apiKey: envKey || persisted.apiKey || DEFAULTS.apiKey,
+        includePrompts: persisted.includePrompts ?? DEFAULTS.includePrompts,
+        skipRepositories: persisted.skipRepositories ?? DEFAULTS.skipRepositories,
+    };
+}
+export function saveConfig(patch) {
+    const current = loadConfig();
+    const merged = { ...current, ...patch };
+    const dir = configDir();
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    const p = configPath();
+    writeFileSync(p, `${JSON.stringify(merged, null, 2)}\n`, { mode: 0o600 });
+    return merged;
+}
+export function resolveApiKey(cfg) {
+    return process.env.GENTRACE_API_KEY || cfg.apiKey;
+}

package/dist/lib/debug.d.ts

@@ -0,0 +1,8 @@
+/** CLI / GENTRACE_DEBUG verbose logging (stderr). */
+export declare const VERBOSE_FLAGS: Set<string>;
+export declare function isDebug(): boolean;
+export declare function enableDebug(): void;
+/** Remove --verbose / --debug / -v from argv; enables debug if any were present. */
+export declare function parseVerboseFlags(argv: string[]): string[];
+export declare function debugLog(...parts: unknown[]): void;
+export declare function redactApiKey(key: string): string;