@vibekiln/cutline-mcp-cli 0.1.0

package/dist/commands/init.js

@@ -0,0 +1,309 @@
+import chalk from 'chalk';
+import ora from 'ora';
+import { existsSync, mkdirSync, writeFileSync, readFileSync } from 'node:fs';
+import { resolve, join } from 'node:path';
+import { getRefreshToken } from '../auth/keychain.js';
+import { fetchFirebaseApiKey } from '../utils/config.js';
+import { saveConfig, loadConfig } from '../utils/config-store.js';
+const CUTLINE_CONFIG = '.cutline/config.json';
+async function authenticate(options) {
+    const refreshToken = await getRefreshToken();
+    if (!refreshToken)
+        return null;
+    try {
+        const apiKey = await fetchFirebaseApiKey(options);
+        const response = await fetch(`https://securetoken.googleapis.com/v1/token?key=${apiKey}`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ grant_type: 'refresh_token', refresh_token: refreshToken }),
+        });
+        if (!response.ok)
+            return null;
+        const data = await response.json();
+        const idToken = data.id_token;
+        const payload = JSON.parse(Buffer.from(idToken.split('.')[1], 'base64').toString());
+        const baseUrl = options.staging
+            ? 'https://us-central1-cutline-staging.cloudfunctions.net'
+            : 'https://us-central1-cutline-prod.cloudfunctions.net';
+        const subRes = await fetch(`${baseUrl}/mcpSubscriptionStatus`, {
+            headers: { Authorization: `Bearer ${idToken}` },
+        });
+        const sub = subRes.ok ? await subRes.json() : { status: 'free' };
+        const isPremium = sub.status === 'active' || sub.status === 'trialing';
+        return {
+            tier: isPremium ? 'premium' : 'free',
+            email: payload.email,
+            uid: payload.user_id || payload.sub,
+            idToken,
+            baseUrl,
+        };
+    }
+    catch {
+        return null;
+    }
+}
+function readCutlineConfig(projectRoot) {
+    const configPath = join(projectRoot, CUTLINE_CONFIG);
+    if (!existsSync(configPath))
+        return null;
+    try {
+        return JSON.parse(readFileSync(configPath, 'utf-8'));
+    }
+    catch {
+        return null;
+    }
+}
+function cursorRgrRule(config, tier) {
+    const productId = config?.product_id ?? '<from .cutline/config.json>';
+    const productName = config?.product_name ?? 'your product';
+    const verifyTool = tier === 'premium'
+        ? `\`engineering_audit(product_id: "${productId}", project_root: "<workspace>")\``
+        : `\`code_audit(project_root: "<workspace>")\``;
+    const planStep = tier === 'premium'
+        ? `1. **Plan**: \`rgr_plan(product_id: "${productId}", file_path: "<file>")\``
+        : `1. **Plan**: \`code_audit(project_root: "<workspace>")\` to identify top active issue`;
+    return `---
+description: RGR development workflow using Cutline MCP tools
+globs:
+alwaysApply: true
+---
+
+# RGR-Driven Development
+
+Product: **${productName}**
+
+When Cutline MCP servers are connected, follow this workflow for feature implementations, bug fixes, or refactoring.
+
+## The RGR Cycle
+
+${planStep}
+2. **Implement**: Address constraints/findings from the plan
+3. **Verify**: ${verifyTool}
+4. **Complete**: ${tier === 'premium' ? `\`rgr_complete_phase(product_id: "${productId}", phase: "<phase>")\`` : 'Re-scan to confirm scores improved'}
+
+## When to use RGR
+
+Always: New features, security/auth, billing, API endpoints, DB schema, infra.
+Skip: Pure styling, docs, formatting, non-security dep bumps.
+
+## Active vs Latent Issues
+
+- **Active**: Problems in existing code. Fix now. (from \`code_audit\`, \`engineering_audit\`)
+- **Latent**: Risks in planned features. Address as you build. (from deep dives, \`rgr_plan\`)
+
+## Magic Phrase
+
+If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cutline to..."**, **"using cutline..."**, **"with cutline..."**), route automatically based on tier and intent:
+- Free/default intent: run \`code_audit(project_root)\`
+- Premium product-linked intent: run \`engineering_audit(product_id, project_root)\`
+- Feature implementation intent: run \`rgr_plan(...)\` then \`constraints_auto(...)\`
+`;
+}
+function cursorConstraintsRule(config, tier) {
+    if (tier === 'free') {
+        return `---
+description: Cutline engineering audit integration
+globs:
+alwaysApply: true
+---
+
+# Cutline Constraints
+
+Run \`code_audit(project_root)\` before major implementations to check constraint coverage.
+
+Severity levels:
+- **CRITICAL**: Must address before proceeding
+- **WARNING**: Consider in your approach
+- **INFO**: Context for UX copy, error messages
+`;
+    }
+    const productId = config?.product_id ?? '<from .cutline/config.json>';
+    return `---
+description: Proactive constraint checking from Cutline constraint graph
+globs:
+alwaysApply: true
+---
+
+# Cutline Constraints
+
+Read \`.cutline/config.json\` to get product_id. Call \`constraints_auto\` when modifying sensitive paths:
+
+\`\`\`
+constraints_auto(product_id: "${productId}", file_paths: [<files>], task_description: "<task>", mode: "advisory")
+\`\`\`
+
+Check constraints when touching: auth, billing, security, AI/LLM, integrations, user-facing flows.
+
+Severity levels:
+- **CRITICAL**: Must address before proceeding
+- **WARNING**: Consider in your approach
+- **INFO**: Context for UX copy, error messages
+`;
+}
+function cursorCutlinePointer() {
+    return `---
+description: Cutline constraint integration
+globs:
+alwaysApply: true
+---
+
+# Cutline Integration
+
+Read \`.cutline.md\` before planning or executing ANY code in this repository.
+If a rule in \`.cutline.md\` conflicts with a stylistic rule below, \`.cutline.md\` takes precedence.
+`;
+}
+function claudeLocalContent(config, tier) {
+    const productId = config?.product_id ?? '<product_id>';
+    const productName = config?.product_name ?? 'your product';
+    const verifyCmd = tier === 'premium'
+        ? `engineering_audit(product_id: "${productId}", project_root)`
+        : `code_audit(project_root)`;
+    return `# Cutline Integration
+
+This file is auto-generated by \`cutline-mcp init\`. Do not commit to version control.
+
+Product: ${productName}${config?.product_id ? ` (ID: \`${config.product_id}\`)` : ''}
+Tier: ${tier}
+
+${tier === 'premium' ? `Read \`.cutline.md\` before planning or executing code in this repository.\n` : ''}## RGR Workflow
+
+1. **Plan**: ${tier === 'premium' ? `\`rgr_plan(product_id: "${productId}", file_path)\`` : `\`code_audit(project_root)\``} before writing code
+2. **Implement**: Address constraints/findings from the plan
+3. **Verify**: \`${verifyCmd}\`
+4. **Complete**: ${tier === 'premium' ? `\`rgr_complete_phase(product_id: "${productId}", phase)\`` : 'Re-scan to confirm scores improved'}
+
+Use RGR for: new features, security/auth, billing, API endpoints, DB schema, infra.
+Skip for: pure styling, docs, formatting, non-security dep bumps.
+
+## Active vs Latent Issues
+
+- **Active**: Problems in existing code. Fix now.
+- **Latent**: Risks in planned features. Address as you build.
+
+## Magic Phrase
+
+If the user invokes Cutline naturally (for example: **"use cutline"**, **"use cutline to..."**, **"using cutline..."**, **"with cutline..."**), route automatically based on tier and intent:
+- Free/default intent: \`code_audit(project_root)\`
+- Premium product-linked intent: \`engineering_audit(product_id, project_root)\`
+- Feature implementation intent: \`rgr_plan(...)\` then \`constraints_auto(...)\`
+`;
+}
+function ensureGitignore(projectRoot, patterns) {
+    const gitignorePath = join(projectRoot, '.gitignore');
+    if (!existsSync(gitignorePath))
+        return false;
+    let content = readFileSync(gitignorePath, 'utf-8');
+    const additions = patterns.filter((p) => !content.includes(p));
+    if (additions.length === 0)
+        return false;
+    content = content.trimEnd() + '\n\n# Cutline generated (re-run cutline-mcp init to update)\n' + additions.join('\n') + '\n';
+    writeFileSync(gitignorePath, content);
+    return true;
+}
+export async function initCommand(options) {
+    const projectRoot = resolve(options.projectRoot ?? process.cwd());
+    const config = readCutlineConfig(projectRoot);
+    console.log(chalk.bold('\n🔧 Cutline Init\n'));
+    // Authenticate and determine tier
+    const spinner = ora('Checking authentication...').start();
+    const auth = await authenticate({ staging: options.staging });
+    let tier = 'free';
+    if (!auth) {
+        spinner.warn(chalk.yellow('Not authenticated — generating free-tier rules'));
+        console.log(chalk.dim('  Run `cutline-mcp login` to authenticate for richer config.\n'));
+    }
+    else {
+        tier = auth.tier;
+        spinner.succeed(chalk.green(`Authenticated as ${auth.email} (${tier})`));
+    }
+    if (config) {
+        console.log(chalk.dim(`  Product: ${config.product_name ?? config.product_id}`));
+    }
+    else {
+        console.log(chalk.yellow('  No .cutline/config.json found — generating generic rules.'));
+    }
+    // Generate API key for authenticated users (skips if one already exists)
+    let generatedApiKey = null;
+    if (auth?.idToken && auth.baseUrl) {
+        const existing = loadConfig();
+        if (existing.apiKey) {
+            console.log(chalk.dim('  API key: already configured'));
+        }
+        else {
+            const keySpinner = ora('Generating API key...').start();
+            try {
+                const keyRes = await fetch(`${auth.baseUrl}/mcpDataProxy`, {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        Authorization: `Bearer ${auth.idToken}`,
+                    },
+                    body: JSON.stringify({ action: 'apiKey.create', params: { name: 'cursor-ide' } }),
+                });
+                if (keyRes.ok) {
+                    const keyData = await keyRes.json();
+                    generatedApiKey = keyData.key;
+                    saveConfig({ apiKey: generatedApiKey });
+                    keySpinner.succeed(chalk.green('API key generated and saved'));
+                }
+                else {
+                    const errBody = await keyRes.text().catch(() => '');
+                    keySpinner.warn(chalk.yellow(`API key generation skipped (${keyRes.status})`));
+                    if (errBody)
+                        console.log(chalk.dim(`  ${errBody.slice(0, 120)}`));
+                }
+            }
+            catch (e) {
+                keySpinner.warn(chalk.yellow('API key generation skipped (network error)'));
+            }
+        }
+    }
+    console.log();
+    const filesWritten = [];
+    // 1. Cursor rules
+    const cursorDir = join(projectRoot, '.cursor', 'rules');
+    mkdirSync(cursorDir, { recursive: true });
+    writeFileSync(join(cursorDir, 'rgr-workflow.mdc'), cursorRgrRule(config, tier));
+    filesWritten.push('.cursor/rules/rgr-workflow.mdc');
+    writeFileSync(join(cursorDir, 'ambient-constraints.mdc'), cursorConstraintsRule(config, tier));
+    filesWritten.push('.cursor/rules/ambient-constraints.mdc');
+    if (tier === 'premium') {
+        writeFileSync(join(cursorDir, 'cutline.mdc'), cursorCutlinePointer());
+        filesWritten.push('.cursor/rules/cutline.mdc');
+    }
+    // 2. Claude Code config
+    writeFileSync(join(projectRoot, 'CLAUDE.local.md'), claudeLocalContent(config, tier));
+    filesWritten.push('CLAUDE.local.md');
+    // 3. Update .gitignore
+    const gitPatterns = ['CLAUDE.local.md', '.cursor/rules/', '.cutline.md'];
+    const gitignoreUpdated = ensureGitignore(projectRoot, gitPatterns);
+    for (const f of filesWritten) {
+        console.log(chalk.green(`  ✓ ${f}`));
+    }
+    if (gitignoreUpdated) {
+        console.log(chalk.dim('  Updated .gitignore'));
+    }
+    console.log(chalk.bold(`\n  ${filesWritten.length} files generated.`));
+    if (tier === 'premium' && config?.product_id) {
+        console.log(chalk.dim('\n  For graph-enhanced .cutline.md, ask your AI agent:'));
+        console.log(chalk.cyan(`    generate_cutline_md(product_id: "${config.product_id}", project_root: "${projectRoot}")`));
+    }
+    else if (tier === 'free') {
+        console.log(chalk.dim('\n  Upgrade to Premium for product-specific constraint graphs and .cutline.md'));
+        console.log(chalk.dim('  →'), chalk.cyan('cutline-mcp upgrade'), chalk.dim('or https://thecutline.ai/upgrade'));
+    }
+    if (generatedApiKey) {
+        console.log();
+        console.log(chalk.bold('  API Key (shown once):'));
+        console.log(chalk.cyan(`  ${generatedApiKey}`));
+        console.log();
+        console.log(chalk.dim('  Add to your Cursor MCP config for best performance:'));
+        console.log(chalk.dim('    "env": { "CUTLINE_API_KEY": "') + chalk.cyan(generatedApiKey) + chalk.dim('" }'));
+        console.log();
+        console.log(chalk.dim('  Or it will be used automatically from ~/.cutline-mcp/config.json'));
+    }
+    console.log();
+    console.log(chalk.bold('  Next step:'));
+    console.log(chalk.dim('  Run'), chalk.cyan('cutline-mcp setup'), chalk.dim('to get the MCP server config for your IDE.\n'));
+}

package/dist/commands/login.d.ts

@@ -0,0 +1,7 @@
+import { type CallbackSource } from '../auth/callback.js';
+export declare function loginCommand(options: {
+    staging?: boolean;
+    signup?: boolean;
+    email?: string;
+    source?: CallbackSource;
+}): Promise<void>;

package/dist/commands/login.js

@@ -0,0 +1,166 @@
+import open from 'open';
+import chalk from 'chalk';
+import ora from 'ora';
+import { startCallbackServer } from '../auth/callback.js';
+import { storeRefreshToken } from '../auth/keychain.js';
+import { saveConfig } from '../utils/config-store.js';
+import { getConfig, fetchFirebaseApiKey } from '../utils/config.js';
+async function getSubscriptionStatus(idToken, isStaging) {
+    try {
+        const baseUrl = isStaging
+            ? 'https://us-central1-cutline-staging.cloudfunctions.net'
+            : 'https://us-central1-cutline-prod.cloudfunctions.net';
+        const response = await fetch(`${baseUrl}/mcpSubscriptionStatus`, {
+            method: 'GET',
+            headers: {
+                'Authorization': `Bearer ${idToken}`,
+            },
+        });
+        if (!response.ok) {
+            return { status: 'unknown' };
+        }
+        return await response.json();
+    }
+    catch {
+        return { status: 'unknown' };
+    }
+}
+async function exchangeRefreshForIdToken(refreshToken, apiKey) {
+    const response = await fetch(`https://securetoken.googleapis.com/v1/token?key=${apiKey}`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            grant_type: 'refresh_token',
+            refresh_token: refreshToken,
+        }),
+    });
+    if (!response.ok) {
+        throw new Error('Failed to get ID token');
+    }
+    const data = await response.json();
+    return data.id_token;
+}
+async function exchangeCustomToken(customToken, apiKey) {
+    const response = await fetch(`https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${apiKey}`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+            token: customToken,
+            returnSecureToken: true,
+        }),
+    });
+    if (!response.ok) {
+        const error = await response.text();
+        throw new Error(`Failed to exchange custom token: ${error}`);
+    }
+    const data = await response.json();
+    return {
+        refreshToken: data.refreshToken,
+        email: data.email,
+    };
+}
+export async function loginCommand(options) {
+    const config = getConfig(options);
+    if (options.signup) {
+        console.log(chalk.bold('\n🚀 Cutline MCP - Create Account\n'));
+    }
+    else {
+        console.log(chalk.bold('\n🔐 Cutline MCP Authentication\n'));
+    }
+    if (options.staging) {
+        console.log(chalk.yellow('  ⚠️  Using STAGING environment\n'));
+    }
+    if (options.email) {
+        console.log(chalk.gray(`  Requesting sign-in as: ${options.email}\n`));
+    }
+    const spinner = ora('Starting authentication flow...').start();
+    try {
+        // Fetch Firebase API key from web app endpoint
+        spinner.text = 'Fetching configuration...';
+        let firebaseApiKey;
+        try {
+            firebaseApiKey = await fetchFirebaseApiKey(options);
+        }
+        catch (error) {
+            spinner.fail(chalk.red('Failed to fetch Firebase configuration'));
+            if (error instanceof Error) {
+                console.error(chalk.red(`  ${error.message}`));
+            }
+            console.error(chalk.gray('\n  You can also set the FIREBASE_API_KEY environment variable manually.\n'));
+            process.exit(1);
+        }
+        // Start callback server
+        spinner.text = 'Waiting for authentication...';
+        const serverPromise = startCallbackServer(options.source ?? 'login');
+        // Open browser — default is the quick email-only flow
+        let authUrl = `${config.AUTH_URL}?callback=${encodeURIComponent(config.CALLBACK_URL)}`;
+        if (options.signup) {
+            authUrl += '&mode=signup';
+        }
+        if (options.email) {
+            authUrl += `&email=${encodeURIComponent(options.email)}`;
+        }
+        await open(authUrl);
+        spinner.text = options.signup
+            ? 'Browser opened - please create your account'
+            : 'Browser opened - enter your email to get started (check email for sign-in link)';
+        // Wait for callback with custom token
+        const result = await serverPromise;
+        // Exchange custom token for refresh token
+        spinner.text = 'Exchanging token...';
+        const { refreshToken, email } = await exchangeCustomToken(result.token, firebaseApiKey);
+        // Store refresh token
+        try {
+            await storeRefreshToken(refreshToken);
+        }
+        catch (error) {
+            console.warn(chalk.yellow('  ⚠️  Could not save to Keychain (skipping)'));
+        }
+        // Save to file config (cross-platform)
+        try {
+            saveConfig({
+                refreshToken,
+                environment: options.staging ? 'staging' : 'production',
+            });
+        }
+        catch (error) {
+            console.error(chalk.red('  ✗ Failed to save config file:'), error);
+        }
+        spinner.succeed(chalk.green('Successfully authenticated!'));
+        // Show environment indicator
+        const envLabel = options.staging ? chalk.yellow('STAGING') : chalk.green('PRODUCTION');
+        console.log(chalk.gray(`  Environment: ${envLabel}`));
+        if (email || result.email) {
+            console.log(chalk.gray(`  Logged in as: ${email || result.email}`));
+        }
+        // Check subscription status
+        try {
+            spinner.start('Checking subscription...');
+            const idToken = await exchangeRefreshForIdToken(refreshToken, firebaseApiKey);
+            const subscription = await getSubscriptionStatus(idToken, !!options.staging);
+            spinner.stop();
+            if (subscription.status === 'active' || subscription.status === 'trialing') {
+                const statusLabel = subscription.status === 'trialing' ? ' (trial)' : '';
+                console.log(chalk.gray('  Plan:'), chalk.green(`✓ ${subscription.planName || 'Premium'}${statusLabel}`));
+            }
+            else {
+                console.log(chalk.gray('  Plan:'), chalk.white('Free'));
+                console.log(chalk.dim('  Upgrade at'), chalk.cyan('https://thecutline.ai/pricing'));
+            }
+        }
+        catch {
+            spinner.stop();
+            // Silently skip subscription check on error
+        }
+        console.log();
+        console.log(chalk.bold('  Next step:'));
+        console.log(chalk.dim('  Run'), chalk.cyan('cutline-mcp init'), chalk.dim('in your project directory to generate IDE rules.\n'));
+    }
+    catch (error) {
+        spinner.fail(chalk.red('Authentication failed'));
+        if (error instanceof Error) {
+            console.error(chalk.red(`  ${error.message}\n`));
+        }
+        process.exit(1);
+    }
+}

package/dist/commands/logout.d.ts

@@ -0,0 +1 @@
+export declare function logoutCommand(): Promise<void>;

package/dist/commands/logout.js

@@ -0,0 +1,25 @@
+import chalk from 'chalk';
+import ora from 'ora';
+import { deleteRefreshToken } from '../auth/keychain.js';
+export async function logoutCommand() {
+    console.log(chalk.bold('\n👋 Logging out of Cutline MCP\n'));
+    const spinner = ora('Removing stored credentials...').start();
+    try {
+        const deleted = await deleteRefreshToken();
+        if (deleted) {
+            spinner.succeed(chalk.green('Successfully logged out'));
+            console.log(chalk.gray('  Credentials removed from keychain\n'));
+        }
+        else {
+            spinner.info(chalk.yellow('No credentials found'));
+            console.log(chalk.gray('  You were not logged in\n'));
+        }
+    }
+    catch (error) {
+        spinner.fail(chalk.red('Logout failed'));
+        if (error instanceof Error) {
+            console.error(chalk.red(`  ${error.message}\n`));
+        }
+        process.exit(1);
+    }
+}

package/dist/commands/serve.d.ts

@@ -0,0 +1 @@
+export declare function serveCommand(serverName: string): void;

package/dist/commands/serve.js

@@ -0,0 +1,38 @@
+import { execFileSync } from 'node:child_process';
+import { resolve, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { existsSync } from 'node:fs';
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const SERVER_MAP = {
+    constraints: 'cutline-server.js',
+    premortem: 'premortem-server.js',
+    exploration: 'exploration-server.js',
+    tools: 'tools-server.js',
+    output: 'output-server.js',
+    integrations: 'integrations-server.js',
+};
+export function serveCommand(serverName) {
+    const fileName = SERVER_MAP[serverName];
+    if (!fileName) {
+        const valid = Object.keys(SERVER_MAP).join(', ');
+        console.error(`Unknown server: "${serverName}". Valid names: ${valid}`);
+        process.exit(1);
+    }
+    const serverPath = resolve(__dirname, '../servers', fileName);
+    if (!existsSync(serverPath)) {
+        console.error(`Server bundle not found at ${serverPath}`);
+        console.error('The package may not have been built correctly.');
+        process.exit(1);
+    }
+    // Replace this process with the MCP server.
+    // MCP servers use stdio transport, so we need to keep stdin/stdout connected.
+    try {
+        execFileSync(process.execPath, [serverPath], {
+            stdio: 'inherit',
+            env: process.env,
+        });
+    }
+    catch (err) {
+        process.exit(err.status ?? 1);
+    }
+}

package/dist/commands/setup.d.ts

@@ -0,0 +1,5 @@
+export declare function setupCommand(options: {
+    staging?: boolean;
+    skipLogin?: boolean;
+    projectRoot?: string;
+}): Promise<void>;