@thegitai/cli 1.0.0-beta.1 → 1.0.0-beta.10

package/README.md

@@ -9,7 +9,7 @@ reads code, edits files, and runs commands with your approval.
 npm i -g @thegitai/cli
 ```
 
-Requires Node.js 24.
+Requires Node.js 24 or newer.
 
 ## Usage
 
@@ -20,11 +20,12 @@ ai login            sign in via your browser (--no-browser for SSH/headless)
 ai whoami           show the signed-in account
 ai --usage          show account usage and reset times
 ai logout           sign out
+ai --version        print the version and exit
 ```
 
 Run `ai --help` for sessions, modes, keys, and chat commands.
 
 ## License
 
-Proprietary — see [LICENSE](./LICENSE). Source is visible for inspection;
-copying and redistribution are not permitted.
+Proprietary — see the LICENSE file included in this package. Source is
+visible for inspection; copying and redistribution are not permitted.

package/dist/bin/ai.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-import chalk from 'chalk';
+import chalk from '../src/colors.js';
 import { stdin as input, stdout as output } from 'node:process';
 import readline from 'node:readline/promises';
 import { ServerApi } from '../src/api/index.js';
@@ -13,65 +13,13 @@ import { runClientInteractive, shouldUseClientRatatuiShell, } from '../src/ui/re
 import { appendPromptToFile } from '../src/ui/prompt-history-store.js';
 import { formatSessionExitNotice } from '../src/session-exit.js';
 import { formatUsageText } from '../src/usage.js';
+import { formatVersionLine } from '../src/version.js';
+import { parseArgs } from '../src/cli-args.js';
 const DEFAULT_SERVER_URL = 'https://thegit.ai';
-const AUTH_COMMANDS = new Set(['login', 'whoami', 'logout']);
 const { auth, chat, models, sessions } = ServerApi;
 function printUsage() {
     console.log(formatCliHelpText({ color: process.stdout.isTTY === true }));
 }
-export function parseArgs(argv) {
-    const args = argv.slice(2);
-    const firstArg = args[0];
-    const command = firstArg && AUTH_COMMANDS.has(firstArg) ? firstArg : null;
-    const commandArgs = command ? args.slice(1) : [];
-    let autoYes = false;
-    let help = false;
-    let usage = false;
-    let session = null;
-    let listSessions = false;
-    const promptParts = [];
-    for (let i = 0; i < args.length; i++) {
-        const arg = args[i];
-        if (arg === '--yes' || arg === '-y') {
-            autoYes = true;
-            continue;
-        }
-        if ((arg === '--session' || arg === '--resume') && i + 1 < args.length) {
-            session = args[i + 1] ?? null;
-            i += 1;
-            continue;
-        }
-        if (arg === '--list-sessions') {
-            listSessions = true;
-            continue;
-        }
-        if (arg === '--help' || arg === '-h') {
-            help = true;
-            continue;
-        }
-        if (arg === '--usage') {
-            usage = true;
-            continue;
-        }
-        promptParts.push(arg);
-    }
-    return {
-        command,
-        commandArgs,
-        autoYes,
-        help,
-        usage,
-        session,
-        listSessions,
-        prompt: promptParts.join(' ').trim(),
-    };
-}
-function commandFlagValue(args, name) {
-    const index = args.indexOf(name);
-    if (index === -1)
-        return null;
-    return args[index + 1] ?? null;
-}
 async function promptText(question, fallback = null) {
     const rl = readline.createInterface({ input, output });
     try {
@@ -88,17 +36,16 @@ function appendPromptHistory(prompt, env = process.env) {
 }
 async function runAuthCommand(command, args) {
     if (command === 'login') {
-        const serverUrl = commandFlagValue(args, '--server') ??
-            process.env.THEGITAI_SERVER_URL ??
-            DEFAULT_SERVER_URL;
-        const websiteUrl = commandFlagValue(args, '--website') ?? undefined;
+        // The public CLI always authenticates against the official TheGitAI host.
+        // There is intentionally no server/website override here — internal dev
+        // uses private tooling, not a customer-visible runtime override path.
+        const serverUrl = DEFAULT_SERVER_URL;
         const noBrowser = args.includes('--no-browser');
         console.log(chalk.dim(noBrowser
             ? 'Sign in on the website, then paste the authorization code here.'
             : 'Opening your browser to sign in…'));
         const result = await loginViaBrowser({
             serverUrl,
-            websiteUrl,
             noBrowser,
             onUrl: (url) => {
                 console.log(chalk.dim(noBrowser ? 'Open this URL to sign in:' : 'If your browser did not open, visit:'));
@@ -340,11 +287,21 @@ async function mainInteractive({ authConfig, projectIndex, serverModels, serverS
     }
 }
 export async function main() {
-    const { autoYes, help, usage, command, commandArgs, session: sessionIdentifier, listSessions, prompt, } = parseArgs(process.argv);
+    const { autoYes, help, version, usage, command, commandArgs, session: sessionIdentifier, listSessions, unknownOption, prompt, } = parseArgs(process.argv);
+    if (version) {
+        console.log(formatVersionLine());
+        return;
+    }
     if (help) {
         printUsage();
         return;
     }
+    if (unknownOption) {
+        console.error(`Unknown option: ${unknownOption}`);
+        console.error("Run 'ai --help' to see available commands and options.");
+        process.exitCode = 2;
+        return;
+    }
     if (command) {
         await runAuthCommand(command, commandArgs);
         return;

package/dist/parsers/NOTICE

@@ -0,0 +1,18 @@
+Tree-sitter grammar parsers
+===========================
+
+The `tree-sitter-*.wasm` files in this directory are precompiled tree-sitter
+grammar parsers, vendored so the published `@thegitai/cli` package ships local
+code intelligence without a runtime dependency. They are used unmodified, only
+as parsing inputs to the vendored web-tree-sitter runtime
+(see ../vendor/web-tree-sitter/NOTICE).
+
+Each grammar is the work of its respective tree-sitter grammar project and is
+distributed under that project's license (the tree-sitter grammars are
+MIT-licensed). Grammars included:
+
+  c, c-sharp, cpp, css, go, html, java, javascript, objc, php, python, ruby,
+  rust, tsx, typescript
+
+Upstream organization: https://github.com/tree-sitter
+Individual grammars:    https://github.com/tree-sitter/tree-sitter-<language>

package/dist/src/api/auth.js

@@ -1,7 +1,7 @@
 import { existsSync, mkdirSync, readFileSync, rmSync, writeFileSync, } from 'node:fs';
 import path from 'node:path';
 import { getClientStateDir } from '../client-state.js';
-import { authorizedJson, failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
+import { ServerApiError, authorizedJson, createTraceContext, failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
 export function getAuthConfigPath(env = process.env) {
     const configured = String(env.THEGITAI_AUTH_CONFIG ?? '').trim();
     if (configured) {
@@ -68,14 +68,16 @@ export async function fetchWhoamiResponse({ config, fetchImpl = globalThis.fetch
     };
 }
 export async function logoutFromServer({ config, fetchImpl = globalThis.fetch, }) {
+    const trace = createTraceContext();
     const response = await fetchImpl(`${normalizeServerUrl(config.serverUrl)}/v1/auth/logout`, {
         method: 'POST',
         headers: {
             authorization: `Bearer ${config.token}`,
+            ...trace.headers,
         },
     });
     if (!response.ok && response.status !== 401) {
         const data = (await readJsonResponse(response));
-        throw new Error(failureMessage(data, response.status));
+        throw new ServerApiError(failureMessage(data, response.status), response.status, trace.traceId);
     }
 }

package/dist/src/api/browser-login.js

@@ -2,9 +2,8 @@ import crypto from 'node:crypto';
 import http from 'node:http';
 import os from 'node:os';
 import { openUrl } from '../core/open-url.js';
-import { failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
+import { ServerApiError, createTraceContext, failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
 const DEFAULT_WEBSITE_URL = 'https://thegit.ai';
-const DEFAULT_DEV_WEBSITE_URL = 'http://localhost:3002';
 const DEFAULT_SERVER_URL = 'https://thegit.ai';
 const DEFAULT_TIMEOUT_MS = 5 * 60 * 1000;
 function shutDownServer(server) {
@@ -13,29 +12,11 @@ function shutDownServer(server) {
     server.closeAllConnections?.();
     server.close();
 }
-function isLocalhostUrl(url) {
-    if (!url)
-        return false;
-    try {
-        const host = new URL(url).hostname;
-        return host === 'localhost' || host === '127.0.0.1' || host === '::1';
-    }
-    catch {
-        return false;
-    }
-}
-export function resolveWebsiteUrl(websiteUrl, env = process.env, serverUrl) {
-    const explicit = String(websiteUrl ?? '').trim() ||
-        String(env.THEGITAI_WEBSITE_URL ?? '').trim();
-    // With no explicit override, point at production — unless we're clearly in
-    // local dev (talking to a localhost server), in which case default to the
-    // local website so `ai login` works without any flags or env vars.
-    const value = explicit || (isLocalhostUrl(serverUrl) ? DEFAULT_DEV_WEBSITE_URL : DEFAULT_WEBSITE_URL);
-    const normalized = value.replace(/\/+$/, '');
-    if (!/^https?:\/\//i.test(normalized)) {
-        throw new Error('Website URL must start with http:// or https://.');
-    }
-    return normalized;
+export function resolveWebsiteUrl() {
+    // The public CLI always signs in through the official TheGitAI website. There
+    // is no override path here so the published package cannot be pointed at a
+    // clone host.
+    return DEFAULT_WEBSITE_URL.replace(/\/+$/, '');
 }
 function defaultDeviceName() {
     try {
@@ -73,14 +54,15 @@ const RESULT_PAGE = (heading, detail) => `<!doctype html><html><head><meta chars
     `p{color:#9aa0a6}</style></head><body><div class="card"><h1>${heading}</h1>` +
     `<p>${detail}</p></div></body></html>`;
 async function exchangeCodeForToken({ serverUrl, code, codeVerifier, fetchImpl, }) {
+    const trace = createTraceContext();
     const response = await fetchImpl(`${serverUrl}/v1/cli/auth/token`, {
         method: 'POST',
-        headers: { 'content-type': 'application/json' },
+        headers: { 'content-type': 'application/json', ...trace.headers },
         body: JSON.stringify({ code, code_verifier: codeVerifier }),
     });
     const data = (await readJsonResponse(response));
     if (!response.ok) {
-        throw new Error(failureMessage(data, response.status));
+        throw new ServerApiError(failureMessage(data, response.status), response.status, trace.traceId);
     }
     const token = String(data?.token ?? '').trim();
     const customer = data?.customer;
@@ -103,7 +85,7 @@ async function exchangeCodeForToken({ serverUrl, code, codeVerifier, fetchImpl,
  */
 export async function loginViaBrowser(options) {
     const serverUrl = normalizeServerUrl(options.serverUrl ?? DEFAULT_SERVER_URL);
-    const websiteUrl = resolveWebsiteUrl(options.websiteUrl, process.env, serverUrl);
+    const websiteUrl = resolveWebsiteUrl();
     const fetchImpl = options.fetchImpl ?? globalThis.fetch;
     const openBrowser = options.openBrowser ?? openUrl;
     const onUrl = options.onUrl ?? (() => { });

package/dist/src/api/chat.js

@@ -1,7 +1,8 @@
 import { createPromptCheckpoint, sanitizeSessionSafetyForServer, } from '../session-safety.js';
 import { applySessionSnapshot, snapshotFromSession, } from '../session-store.js';
 import { executeLocalToolCall } from '../tool-executor.js';
-import { normalizeServerUrl, readErrorResponse, } from './http.js';
+import { createTraceContext, normalizeServerUrl, readErrorResponse, } from './http.js';
+import { collectClientEnvironment } from '../client-environment.js';
 export class TurnCancelledError extends Error {
     name = 'TurnCancelledError';
     constructor(message = 'Turn cancelled.') {
@@ -12,10 +13,12 @@ export class ChatTurnFailedError extends Error {
     name = 'ChatTurnFailedError';
     category;
     retryable;
-    constructor(message, category = 'unknown_error', retryable = false) {
-        super(message);
+    traceId;
+    constructor(message, category = 'unknown_error', retryable = false, traceId = '') {
+        super(traceId ? `${message}\nTrace ID: ${traceId}` : message);
         this.category = category;
         this.retryable = retryable;
+        this.traceId = traceId;
     }
 }
 export function isTurnCancelledError(error) {
@@ -139,17 +142,19 @@ function publicStatusMessage(data) {
         return `Running ${toolName} locally...`;
     return null;
 }
-async function postToolResult({ config, turnId, event, result, session, fetchImpl, }) {
+async function postToolResult({ config, turnId, event, result, session, fetchImpl, traceId, }) {
     const payload = {
         toolCallId: event.call.id,
         result,
         toolState: toolStateFromSession(session),
     };
+    const trace = createTraceContext(traceId);
     const response = await fetchImpl(`${normalizeServerUrl(config.serverUrl)}/v1/chat/turn/${encodeURIComponent(turnId)}/tool-result`, {
         method: 'POST',
         headers: {
             authorization: `Bearer ${config.token}`,
             'content-type': 'application/json',
+            ...trace.headers,
         },
         body: JSON.stringify(payload),
     });
@@ -157,10 +162,10 @@ async function postToolResult({ config, turnId, event, result, session, fetchImp
         return;
     }
     if (!response.ok) {
-        throw await readErrorResponse(response);
+        throw await readErrorResponse(response, trace.traceId);
     }
 }
-async function executeAndPostToolResult({ config, projectIndex, session, event, input, fetchImpl, signal, }) {
+async function executeAndPostToolResult({ config, projectIndex, session, event, input, fetchImpl, signal, traceId, }) {
     const turnId = String(event?.turnId ?? '').trim();
     if (!turnId || !event?.call?.id || !event.call.name) {
         throw new Error('Server emitted an invalid tool-call event.');
@@ -189,13 +194,14 @@ async function executeAndPostToolResult({ config, projectIndex, session, event,
             result: rawResult,
             session,
             fetchImpl,
+            traceId,
         });
     }
     finally {
         session.turnState.id = previousTurnId;
     }
 }
-async function consumeTurnStream({ response, config, projectIndex, session, input, fetchImpl, signal, }) {
+async function consumeTurnStream({ response, config, projectIndex, session, input, fetchImpl, signal, traceId, }) {
     if (!response.body) {
         throw new Error('Server returned an empty chat stream.');
     }
@@ -224,6 +230,7 @@ async function consumeTurnStream({ response, config, projectIndex, session, inpu
                 input,
                 fetchImpl,
                 signal,
+                traceId,
             });
             return;
         }
@@ -243,7 +250,7 @@ async function consumeTurnStream({ response, config, projectIndex, session, inpu
             if (event.event === 'cancelled') {
                 throw new TurnCancelledError(message);
             }
-            throw new ChatTurnFailedError(message, typeof event.data?.category === 'string' ? event.data.category : 'unknown_error', Boolean(event.data?.retryable));
+            throw new ChatTurnFailedError(message, typeof event.data?.category === 'string' ? event.data.category : 'unknown_error', Boolean(event.data?.retryable), typeof event.data?.traceId === 'string' ? event.data.traceId : traceId);
         }
     }
     while (true) {
@@ -282,11 +289,13 @@ export async function sendServerUserMessage({ config, projectIndex, session, inp
         modelId: session.modelId,
         session: snapshotForServer(session),
         input,
+        clientEnvironment: collectClientEnvironment({ env: session.env }),
         imageAttachments,
         maxToolSteps: session.maxToolSteps,
         autoYes: session.autoYes,
         agentMode: session.agentMode,
     };
+    const trace = createTraceContext();
     const preTurnHistoryLength = session.history.length;
     const preserveOnAbort = () => preserveCancelledTurnInput(session, input);
     if (signal?.aborted) {
@@ -302,12 +311,13 @@ export async function sendServerUserMessage({ config, projectIndex, session, inp
                 accept: 'text/event-stream',
                 authorization: `Bearer ${config.token}`,
                 'content-type': 'application/json',
+                ...trace.headers,
             },
             body: JSON.stringify(request),
             signal,
         });
         if (!response.ok) {
-            throw await readErrorResponse(response);
+            throw await readErrorResponse(response, trace.traceId);
         }
         const result = await consumeTurnStream({
             response,
@@ -317,6 +327,7 @@ export async function sendServerUserMessage({ config, projectIndex, session, inp
             input,
             fetchImpl,
             signal,
+            traceId: trace.traceId,
         });
         applySessionSnapshot(session, result.snapshot, { preserveAgentMode: true });
         return {

package/dist/src/api/http.js

@@ -1,4 +1,31 @@
+import { randomUUID } from 'node:crypto';
 const DEFAULT_SERVER_URL = 'https://thegit.ai';
+export const TRACE_ID_HEADER = 'x-thegitai-trace-id';
+export const CLIENT_HEADER = 'x-thegitai-client';
+export const CLIENT_PLATFORM_HEADER = 'x-thegitai-client-platform';
+export class ServerApiError extends Error {
+    status;
+    traceId;
+    constructor(message, status, traceId) {
+        super(traceId ? `${message}\nTrace ID: ${traceId}` : message);
+        this.name = 'ServerApiError';
+        this.status = status;
+        this.traceId = traceId;
+    }
+}
+export function createTraceId() {
+    return `tr_${randomUUID().replace(/-/g, '')}`;
+}
+export function createTraceContext(traceId = createTraceId()) {
+    return {
+        traceId,
+        headers: {
+            [TRACE_ID_HEADER]: traceId,
+            [CLIENT_HEADER]: 'cli',
+            [CLIENT_PLATFORM_HEADER]: `${process.platform}/${process.arch}`,
+        },
+    };
+}
 export function normalizeServerUrl(serverUrl) {
     const normalized = String(serverUrl || DEFAULT_SERVER_URL)
         .trim()
@@ -22,15 +49,17 @@ export async function readJsonResponse(response) {
 export function failureMessage(data, status) {
     return String(data?.error?.message ?? data?.message ?? `Request failed with ${status}`);
 }
-export async function readErrorResponse(response) {
+export async function readErrorResponse(response, traceId = response.headers.get(TRACE_ID_HEADER) ?? '') {
     const data = await readJsonResponse(response);
-    return new Error(failureMessage(data, response.status));
+    return new ServerApiError(failureMessage(data, response.status), response.status, traceId);
 }
 export async function authorizedJson({ config, path, method = 'GET', body = null, headers = {}, fetchImpl = globalThis.fetch, }) {
+    const trace = createTraceContext();
     const response = await fetchImpl(`${normalizeServerUrl(config.serverUrl)}${path}`, {
         method,
         headers: {
             authorization: `Bearer ${config.token}`,
+            ...trace.headers,
             ...headers,
             ...(body === null ? {} : { 'content-type': 'application/json' }),
         },
@@ -38,7 +67,7 @@ export async function authorizedJson({ config, path, method = 'GET', body = null
     });
     const data = await readJsonResponse(response);
     if (!response.ok) {
-        throw new Error(failureMessage(data, response.status));
+        throw new ServerApiError(failureMessage(data, response.status), response.status, trace.traceId);
     }
     return data;
 }

package/dist/src/api/models.js

@@ -1,7 +1,7 @@
 import { existsSync, mkdirSync, readFileSync, writeFileSync, } from 'node:fs';
 import path from 'node:path';
 import { getClientStateDir } from '../client-state.js';
-import { failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
+import { ServerApiError, createTraceContext, failureMessage, normalizeServerUrl, readJsonResponse, } from './http.js';
 function sanitizeModelInfo(raw) {
     if (!raw || typeof raw !== 'object') {
         return null;
@@ -54,14 +54,16 @@ export function writeCachedServerModels(cache, env = process.env) {
     });
 }
 export async function fetchServerModels({ config, fetchImpl = globalThis.fetch, }) {
+    const trace = createTraceContext();
     const response = await fetchImpl(`${normalizeServerUrl(config.serverUrl)}/v1/models`, {
         headers: {
             authorization: `Bearer ${config.token}`,
+            ...trace.headers,
         },
     });
     const data = (await readJsonResponse(response));
     if (!response.ok) {
-        throw new Error(failureMessage(data, response.status));
+        throw new ServerApiError(failureMessage(data, response.status), response.status, trace.traceId);
     }
     const models = Array.isArray(data?.models)
         ? data.models.map(sanitizeModelInfo).filter(Boolean)

package/dist/src/artifact-policy.js

@@ -37,6 +37,15 @@ export const BINARY_ARTIFACT_EXTENSIONS = createArtifactNameSet([
     '.bz2',
     '.7z',
     '.pdf',
+    '.doc',
+    '.docx',
+    '.docm',
+    '.dot',
+    '.dotx',
+    '.dotm',
+    '.xls',
+    '.xlsx',
+    '.xlsm',
     '.exe',
     '.dll',
     '.so',

package/dist/src/cli-args.js

@@ -0,0 +1,65 @@
+export const AUTH_COMMANDS = new Set(['login', 'whoami', 'logout']);
+export function parseArgs(argv) {
+    const args = argv.slice(2);
+    const firstArg = args[0];
+    const command = firstArg && AUTH_COMMANDS.has(firstArg) ? firstArg : null;
+    const commandArgs = command ? args.slice(1) : [];
+    let autoYes = false;
+    let help = false;
+    let version = false;
+    let usage = false;
+    let session = null;
+    let listSessions = false;
+    let unknownOption = null;
+    const promptParts = [];
+    for (let i = 0; i < args.length; i++) {
+        const arg = args[i];
+        if (arg === '--yes' || arg === '-y') {
+            autoYes = true;
+            continue;
+        }
+        if ((arg === '--session' || arg === '--resume') && i + 1 < args.length) {
+            session = args[i + 1] ?? null;
+            i += 1;
+            continue;
+        }
+        if (arg === '--list-sessions') {
+            listSessions = true;
+            continue;
+        }
+        if (arg === '--help' || arg === '-h') {
+            help = true;
+            continue;
+        }
+        if (arg === '--version' || arg === '-v') {
+            version = true;
+            continue;
+        }
+        if (arg === '--usage') {
+            usage = true;
+            continue;
+        }
+        // An unrecognized dashed token is a mistyped flag, not prompt text. Without
+        // an auth subcommand (whose flags are parsed separately) it would otherwise
+        // be swept into the prompt and silently start a billable session. Flag the
+        // first one so the caller can fail fast instead. Quoted prompts are a single
+        // argv entry with spaces, so they never look like a bare option here.
+        if (command === null && unknownOption === null && /^-/.test(arg)) {
+            unknownOption = arg;
+            continue;
+        }
+        promptParts.push(arg);
+    }
+    return {
+        command,
+        commandArgs,
+        autoYes,
+        help,
+        version,
+        usage,
+        session,
+        listSessions,
+        unknownOption,
+        prompt: promptParts.join(' ').trim(),
+    };
+}