berget 1.4.0 → 2.0.0

package/tests/utils/opencode-validator.test.ts

@@ -0,0 +1,118 @@
+import { describe, it, expect } from 'vitest'
+import {
+  validateOpenCodeConfig,
+  fixOpenCodeConfig,
+} from '../../src/utils/opencode-validator'
+import { readFileSync } from 'fs'
+
+describe('OpenCode Validator', () => {
+  it('should validate a correct OpenCode configuration', () => {
+    const validConfig = {
+      $schema: 'https://opencode.ai/config.json',
+      username: 'test-user',
+      model: 'gpt-4',
+      agent: {
+        test: {
+          model: 'gpt-4',
+          temperature: 0.7,
+          prompt: 'Test agent',
+          permission: {
+            edit: 'allow',
+            bash: 'allow',
+            webfetch: 'allow',
+          },
+        },
+      },
+    }
+
+    const result = validateOpenCodeConfig(validConfig)
+    expect(result.valid).toBe(true)
+    expect(result.errors).toBeUndefined()
+  })
+
+  it('should reject invalid configuration', () => {
+    const invalidConfig = {
+      username: 123, // Should be string
+      model: 'gpt-4',
+      agent: {
+        test: {
+          model: 'gpt-4',
+          temperature: 'high', // Should be number
+          prompt: 'Test agent',
+          permission: {
+            edit: 'invalid', // Should be enum value
+            bash: 'allow',
+            webfetch: 'allow',
+          },
+        },
+      },
+    }
+
+    const result = validateOpenCodeConfig(invalidConfig)
+    expect(result.valid).toBe(false)
+    expect(result.errors).toBeDefined()
+    expect(result.errors!.length).toBeGreaterThan(0)
+  })
+
+  it('should fix common configuration issues', () => {
+    const configWithIssues = {
+      username: 'test-user',
+      model: 'gpt-4',
+      tools: {
+        compact: { threshold: 80000 }, // Should be boolean
+      },
+      maxTokens: 4000, // Invalid property
+      provider: {
+        berget: {
+          models: {
+            'test-model': {
+              name: 'Test Model',
+              maxTokens: 4000, // Should be moved to limit.context
+              contextWindow: 8000, // Should be moved to limit.context
+            },
+          },
+        },
+      },
+    }
+
+    const fixed = fixOpenCodeConfig(configWithIssues)
+
+    // tools.compact should be boolean
+    expect(typeof fixed.tools.compact).toBe('boolean')
+
+    // maxTokens should be removed
+    expect(fixed.maxTokens).toBeUndefined()
+
+    // maxTokens and contextWindow should be moved to limit.context
+    expect(fixed.provider.berget.models['test-model'].limit).toBeDefined()
+    expect(fixed.provider.berget.models['test-model'].limit.context).toBe(8000)
+    expect(fixed.provider.berget.models['test-model'].maxTokens).toBeUndefined()
+    expect(
+      fixed.provider.berget.models['test-model'].contextWindow,
+    ).toBeUndefined()
+  })
+
+  it('should validate the current opencode.json file', () => {
+    try {
+      const currentConfig = JSON.parse(readFileSync('opencode.json', 'utf8'))
+
+      // Apply fixes to handle common issues
+      const fixedConfig = fixOpenCodeConfig(currentConfig)
+
+      // Validate the fixed config
+      const result = validateOpenCodeConfig(fixedConfig)
+
+      // The fixed config should be valid according to the JSON Schema
+      expect(result.valid).toBe(true)
+
+      if (!result.valid) {
+        console.log('Fixed opencode.json validation errors:')
+        result.errors?.forEach((err) => console.log(`  - ${err}`))
+      }
+    } catch (error) {
+      // If we can't read the file, that's ok for this test
+      console.log('Could not read opencode.json for testing:', error)
+      expect.fail('Should be able to read opencode.json')
+    }
+  })
+})

package/tsconfig.json

@@ -11,7 +11,7 @@
     // "disableReferencedProjectLoad": true,             /* Reduce the number of projects loaded automatically by TypeScript. */
 
     /* Language and Environment */
-    "target": "es2016",                                  /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
+    "target": "es2016" /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */,
     // "lib": [],                                        /* Specify a set of bundled library declaration files that describe the target runtime environment. */
     // "jsx": "preserve",                                /* Specify what JSX code is generated. */
     // "experimentalDecorators": true,                   /* Enable experimental support for legacy experimental decorators. */
@@ -25,7 +25,7 @@
     // "moduleDetection": "auto",                        /* Control what method is used to detect module-format JS files. */
 
     /* Modules */
-    "module": "commonjs",                                /* Specify what module code is generated. */
+    "module": "commonjs" /* Specify what module code is generated. */,
     // "rootDir": "./",                                  /* Specify the root folder within your source files. */
     // "moduleResolution": "node10",                     /* Specify how TypeScript looks up a file from a given module specifier. */
     // "baseUrl": "./",                                  /* Specify the base directory to resolve non-relative module names. */
@@ -39,7 +39,7 @@
     // "resolvePackageJsonExports": true,                /* Use the package.json 'exports' field when resolving package imports. */
     // "resolvePackageJsonImports": true,                /* Use the package.json 'imports' field when resolving imports. */
     // "customConditions": [],                           /* Conditions to set in addition to the resolver-specific defaults when resolving imports. */
-    "resolveJsonModule": true,                        /* Enable importing .json files. */
+    "resolveJsonModule": true /* Enable importing .json files. */,
     // "allowArbitraryExtensions": true,                 /* Enable importing files with any extension, provided a declaration file is present. */
     // "noResolve": true,                                /* Disallow 'import's, 'require's or '<reference>'s from expanding the number of files TypeScript should add to a project. */
 
@@ -55,7 +55,7 @@
     // "sourceMap": true,                                /* Create source map files for emitted JavaScript files. */
     // "inlineSourceMap": true,                          /* Include sourcemap files inside the emitted JavaScript. */
     // "outFile": "./",                                  /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */
-     "outDir": "./dist/",                                   /* Specify an output folder for all emitted files. */
+    "outDir": "./dist/" /* Specify an output folder for all emitted files. */,
     // "removeComments": true,                           /* Disable emitting comments. */
     // "noEmit": true,                                   /* Disable emitting files from a compilation. */
     // "importHelpers": true,                            /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
@@ -77,12 +77,12 @@
     // "isolatedModules": true,                          /* Ensure that each file can be safely transpiled without relying on other imports. */
     // "verbatimModuleSyntax": true,                     /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */
     // "allowSyntheticDefaultImports": true,             /* Allow 'import x from y' when a module doesn't have a default export. */
-    "esModuleInterop": true,                             /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */
+    "esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */,
     // "preserveSymlinks": true,                         /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
-    "forceConsistentCasingInFileNames": true,            /* Ensure that casing is correct in imports. */
+    "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
 
     /* Type Checking */
-    "strict": true,                                      /* Enable all strict type-checking options. */
+    "strict": true /* Enable all strict type-checking options. */,
     // "noImplicitAny": true,                            /* Enable error reporting for expressions and declarations with an implied 'any' type. */
     // "strictNullChecks": true,                         /* When type checking, take into account 'null' and 'undefined'. */
     // "strictFunctionTypes": true,                      /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
@@ -104,6 +104,6 @@
 
     /* Completeness */
     // "skipDefaultLibCheck": true,                      /* Skip type checking .d.ts files that are included with TypeScript. */
-    "skipLibCheck": true                                 /* Skip type checking all .d.ts files. */
+    "skipLibCheck": true /* Skip type checking all .d.ts files. */
   }
 }

package/examples/README.md

@@ -1,95 +0,0 @@
-# Berget CLI Examples
-
-This folder contains practical examples of how you can use Berget CLI for various automation tasks.
-
-## Scripts
-
-### smart-commit.sh
-Automatic generation of conventional commit messages based on git diff.
-
-```bash
-# Make the script executable
-chmod +x examples/smart-commit.sh
-
-# Use it
-git add .
-./examples/smart-commit.sh
-```
-
-### ai-review.sh
-AI-driven code review that analyzes files for quality, bugs, and security aspects.
-
-```bash
-# Make the script executable
-chmod +x examples/ai-review.sh
-
-# Review a file
-./examples/ai-review.sh src/main.js
-```
-
-### security-check.sh
-Security review of git commits that blocks commits with critical security risks.
-
-```bash
-# Make the script executable
-chmod +x examples/security-check.sh
-
-# Run security check
-git add .
-./examples/security-check.sh
-```
-
-## Installation
-
-To use these scripts:
-
-1. Copy them to your `~/bin` folder or another location in your PATH
-2. Make them executable with `chmod +x`
-3. Make sure you have Berget CLI installed and configured
-
-```bash
-# Copy to ~/bin
-cp examples/*.sh ~/bin/
-
-# Make them executable
-chmod +x ~/bin/smart-commit.sh ~/bin/ai-review.sh ~/bin/security-check.sh
-```
-
-## Global Security Hook
-
-For maximum security, you can install a global git hook that automatically runs security checks before every push:
-
-```bash
-# Install the global security hook
-chmod +x examples/install-global-security-hook.sh
-./examples/install-global-security-hook.sh
-```
-
-This will:
-- Create a global pre-push hook that runs on all repositories
-- Automatically analyze commits for security vulnerabilities using OWASP Top 20
-- Block pushes with critical security issues
-- Warn about medium-risk issues and allow you to choose
-
-The hook will run automatically before every `git push`. To bypass it temporarily (not recommended):
-```bash
-git push --no-verify
-```
-
-## Git Aliases
-
-You can also add these as git aliases:
-
-```bash
-git config --global alias.ai-commit '!~/bin/smart-commit.sh'
-git config --global alias.ai-review '!~/bin/ai-review.sh'
-git config --global alias.security-check '!~/bin/security-check.sh'
-```
-
-Then you can use:
-
-```bash
-git ai-commit
-git ai-review src/main.js
-git security-check
-```

package/examples/ai-review.sh

@@ -1,30 +0,0 @@
-#!/bin/bash
-# AI code review using Berget AI
-# Usage: ./ai-review.sh <filename>
-set -e
-
-if [[ $# -eq 0 ]]; then
-    echo "Usage: ai-review <file>"
-    exit 1
-fi
-
-FILE="$1"
-
-if [[ ! -f "$FILE" ]]; then
-    echo "Error: File '$FILE' does not exist"
-    exit 1
-fi
-
-echo "🔍 Reviewing $FILE with AI..."
-echo "================================"
-
-cat "$FILE" | npx berget chat run openai/gpt-oss "
-Review this code and provide feedback on:
-1. Code quality and readability
-2. Potential bugs or issues
-3. Performance improvements
-4. Best practices
-5. Security aspects
-
-Provide concrete suggestions for improvements:
-"

package/examples/install-global-security-hook.sh

@@ -1,170 +0,0 @@
-#!/bin/bash
-# Install global git security hook
-# This script sets up a global pre-push hook that runs security checks on all repositories
-
-set -e
-
-echo "🔧 Installing global git security hook..."
-
-# Create global git hooks directory
-GLOBAL_HOOKS_DIR="$HOME/.git-hooks"
-mkdir -p "$GLOBAL_HOOKS_DIR"
-
-# Create the pre-push hook
-cat > "$GLOBAL_HOOKS_DIR/pre-push" << 'EOF'
-#!/bin/bash
-# Global pre-push security hook using Berget AI
-# This hook runs automatically before every git push
-
-set -e
-
-# Colors for output
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-NC='\033[0m' # No Color
-
-echo -e "${BLUE}🔒 Running security check before push...${NC}"
-
-# Check if we're in a git repository
-if ! git rev-parse --git-dir > /dev/null 2>&1; then
-    echo -e "${RED}Error: Not in a git repository${NC}"
-    exit 1
-fi
-
-# Check if there are any commits to push
-if [[ -z $(git log @{u}.. --oneline 2>/dev/null) ]]; then
-    echo -e "${GREEN}✅ No new commits to push${NC}"
-    exit 0
-fi
-
-# Get the diff of commits being pushed
-DIFF=$(git diff @{u}.. 2>/dev/null || git diff HEAD~1)
-
-if [[ -z "$DIFF" ]]; then
-    echo -e "${GREEN}✅ No changes to analyze${NC}"
-    exit 0
-fi
-
-echo -e "${BLUE}Analyzing security risks in commits being pushed...${NC}"
-
-# Check if Berget CLI is available
-if ! command -v npx > /dev/null 2>&1; then
-    echo -e "${YELLOW}⚠️  npx not found. Skipping security check.${NC}"
-    echo -e "${YELLOW}Install Node.js and npm to enable security checks.${NC}"
-    exit 0
-fi
-
-# Run security analysis
-SECURITY_REPORT=$(echo "$DIFF" | npx berget chat run openai/gpt-oss "
-Analyze this git diff for security vulnerabilities using OWASP Top 20 Code Review recommendations:
-
-**OWASP Top 20 Security Categories to Check:**
-
-1. **A01 - Broken Access Control**: Authorization bypasses, privilege escalation, insecure direct object references
-2. **A02 - Cryptographic Failures**: Weak encryption, hardcoded keys, insecure random number generation, plain text storage
-3. **A03 - Injection**: SQL injection, NoSQL injection, command injection, LDAP injection, XSS
-4. **A04 - Insecure Design**: Missing security controls, threat modeling gaps, insecure architecture patterns
-5. **A05 - Security Misconfiguration**: Default credentials, unnecessary features enabled, verbose error messages
-6. **A06 - Vulnerable Components**: Outdated dependencies, known vulnerable libraries, unpatched components
-7. **A07 - Authentication Failures**: Weak passwords, session management flaws, credential stuffing vulnerabilities
-8. **A08 - Software Integrity Failures**: Unsigned code, insecure CI/CD pipelines, auto-update without verification
-9. **A09 - Logging Failures**: Insufficient logging, sensitive data in logs, log injection
-10. **A10 - Server-Side Request Forgery**: SSRF vulnerabilities, unvalidated URLs, internal service access
-
-**Additional Critical Areas:**
-11. **Input Validation**: Insufficient sanitization, buffer overflows, format string vulnerabilities
-12. **Output Encoding**: XSS prevention, content type validation, encoding bypasses
-13. **File Operations**: Path traversal, file upload vulnerabilities, insecure file permissions
-14. **Network Security**: Insecure protocols, certificate validation, CSRF protection
-15. **Session Management**: Session fixation, insecure cookies, session timeout issues
-16. **Error Handling**: Information disclosure, stack traces in production, verbose error messages
-17. **Business Logic**: Race conditions, workflow bypasses, price manipulation
-18. **API Security**: Rate limiting, input validation, authentication on all endpoints
-19. **Mobile Security**: Insecure data storage, weak encryption, certificate pinning
-20. **Cloud Security**: Misconfigured permissions, exposed storage, insecure defaults
-
-**Assessment Criteria:**
-- 🟢 SAFE: No security risks identified according to OWASP guidelines
-- 🟡 WARNING: Minor security risks that should be addressed (OWASP Medium risk)
-- 🔴 CRITICAL: Serious security risks that MUST be addressed immediately (OWASP High/Critical risk)
-
-**Required Response Format:**
-**SECURITY ASSESSMENT: [🟢/🟡/🔴] [SAFE/WARNING/CRITICAL]**
-
-**OWASP CATEGORIES AFFECTED:**
-- [List specific OWASP categories if any vulnerabilities found]
-
-**IDENTIFIED RISKS:**
-- [List specific vulnerabilities with OWASP category references]
-
-**RECOMMENDATIONS:**
-- [Concrete remediation steps following OWASP secure coding practices]
-
-**COMPLIANCE NOTES:**
-- [Any additional security considerations or compliance requirements]
-
-Diff to analyze:
-\`\`\`diff
-$DIFF
-\`\`\`
-" 2>/dev/null)
-
-if [[ $? -ne 0 ]] || [[ -z "$SECURITY_REPORT" ]]; then
-    echo -e "${YELLOW}⚠️  Security analysis failed or unavailable. Proceeding with push.${NC}"
-    echo -e "${YELLOW}Make sure you have BERGET_API_KEY set or are logged in with 'npx berget auth login'${NC}"
-    exit 0
-fi
-
-echo "$SECURITY_REPORT"
-echo ""
-
-# Extract security level from report
-if echo "$SECURITY_REPORT" | grep -q "🔴.*CRITICAL"; then
-    echo -e "${RED}❌ CRITICAL security risks identified!${NC}"
-    echo -e "${RED}Push blocked. Address security issues before pushing.${NC}"
-    echo ""
-    echo -e "${YELLOW}To bypass this check (NOT RECOMMENDED):${NC}"
-    echo -e "${YELLOW}git push --no-verify${NC}"
-    exit 1
-elif echo "$SECURITY_REPORT" | grep -q "🟡.*WARNING"; then
-    echo -e "${YELLOW}⚠️  Security warnings identified.${NC}"
-    read -p "Do you want to continue with push despite warnings? (y/N): " -n 1 -r
-    echo
-    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
-        echo -e "${YELLOW}Push cancelled. Address security issues first.${NC}"
-        echo ""
-        echo -e "${YELLOW}To bypass this check (NOT RECOMMENDED):${NC}"
-        echo -e "${YELLOW}git push --no-verify${NC}"
-        exit 1
-    fi
-elif echo "$SECURITY_REPORT" | grep -q "🟢.*SAFE"; then
-    echo -e "${GREEN}✅ No security risks identified. Safe to push!${NC}"
-else
-    echo -e "${YELLOW}⚠️  Could not determine security status. Proceeding with caution.${NC}"
-fi
-
-echo -e "${GREEN}Security check complete. Proceeding with push...${NC}"
-EOF
-
-# Make the hook executable
-chmod +x "$GLOBAL_HOOKS_DIR/pre-push"
-
-# Configure git to use the global hooks directory
-git config --global core.hooksPath "$GLOBAL_HOOKS_DIR"
-
-echo -e "${GREEN}✅ Global security hook installed successfully!${NC}"
-echo ""
-echo -e "${BLUE}The security hook will now run automatically before every 'git push' in all repositories.${NC}"
-echo ""
-echo -e "${YELLOW}Requirements:${NC}"
-echo -e "  • Node.js and npm installed"
-echo -e "  • Berget CLI configured (npx berget auth login or BERGET_API_KEY set)"
-echo ""
-echo -e "${YELLOW}To disable the hook temporarily:${NC}"
-echo -e "  git push --no-verify"
-echo ""
-echo -e "${YELLOW}To uninstall the global hook:${NC}"
-echo -e "  git config --global --unset core.hooksPath"
-echo -e "  rm -rf $GLOBAL_HOOKS_DIR"

package/examples/security-check.sh

@@ -1,102 +0,0 @@
-#!/bin/bash
-# Security check for git commits using Berget AI
-# Usage: ./security-check.sh
-set -e
-
-echo "🔒 Security review of commits..."
-echo "===================================="
-
-# Check if there are staged changes
-if [[ -z $(git diff --cached) ]]; then
-    echo "No staged changes found. Run 'git add' first."
-    exit 1
-fi
-
-# Get diff for security review
-DIFF=$(git diff --cached)
-
-echo "Analyzing security risks in staged changes..."
-
-SECURITY_REPORT=$(echo "$DIFF" | npx berget chat run openai/gpt-oss "
-Analyze this git diff for security vulnerabilities using OWASP Top 20 Code Review recommendations:
-
-**OWASP Top 20 Security Categories to Check:**
-
-1. **A01 - Broken Access Control**: Authorization bypasses, privilege escalation, insecure direct object references
-2. **A02 - Cryptographic Failures**: Weak encryption, hardcoded keys, insecure random number generation, plain text storage
-3. **A03 - Injection**: SQL injection, NoSQL injection, command injection, LDAP injection, XSS
-4. **A04 - Insecure Design**: Missing security controls, threat modeling gaps, insecure architecture patterns
-5. **A05 - Security Misconfiguration**: Default credentials, unnecessary features enabled, verbose error messages
-6. **A06 - Vulnerable Components**: Outdated dependencies, known vulnerable libraries, unpatched components
-7. **A07 - Authentication Failures**: Weak passwords, session management flaws, credential stuffing vulnerabilities
-8. **A08 - Software Integrity Failures**: Unsigned code, insecure CI/CD pipelines, auto-update without verification
-9. **A09 - Logging Failures**: Insufficient logging, sensitive data in logs, log injection
-10. **A10 - Server-Side Request Forgery**: SSRF vulnerabilities, unvalidated URLs, internal service access
-
-**Additional Critical Areas:**
-11. **Input Validation**: Insufficient sanitization, buffer overflows, format string vulnerabilities
-12. **Output Encoding**: XSS prevention, content type validation, encoding bypasses
-13. **File Operations**: Path traversal, file upload vulnerabilities, insecure file permissions
-14. **Network Security**: Insecure protocols, certificate validation, CSRF protection
-15. **Session Management**: Session fixation, insecure cookies, session timeout issues
-16. **Error Handling**: Information disclosure, stack traces in production, verbose error messages
-17. **Business Logic**: Race conditions, workflow bypasses, price manipulation
-18. **API Security**: Rate limiting, input validation, authentication on all endpoints
-19. **Mobile Security**: Insecure data storage, weak encryption, certificate pinning
-20. **Cloud Security**: Misconfigured permissions, exposed storage, insecure defaults
-
-**Assessment Criteria:**
-- 🟢 SAFE: No security risks identified according to OWASP guidelines
-- 🟡 WARNING: Minor security risks that should be addressed (OWASP Medium risk)
-- 🔴 CRITICAL: Serious security risks that MUST be addressed immediately (OWASP High/Critical risk)
-
-**Required Response Format:**
-**SECURITY ASSESSMENT: [🟢/🟡/🔴] [SAFE/WARNING/CRITICAL]**
-
-**OWASP CATEGORIES AFFECTED:**
-- [List specific OWASP categories if any vulnerabilities found]
-
-**IDENTIFIED RISKS:**
-- [List specific vulnerabilities with OWASP category references]
-
-**RECOMMENDATIONS:**
-- [Concrete remediation steps following OWASP secure coding practices]
-
-**COMPLIANCE NOTES:**
-- [Any additional security considerations or compliance requirements]
-
-Diff to analyze:
-\`\`\`diff
-$DIFF
-\`\`\`
-")
-
-echo "$SECURITY_REPORT"
-echo ""
-
-# Extract security level from report
-if echo "$SECURITY_REPORT" | grep -q "🔴.*CRITICAL"; then
-    echo "❌ CRITICAL security risks identified!"
-    echo "Commit blocked. Address security issues before continuing."
-    exit 1
-elif echo "$SECURITY_REPORT" | grep -q "🟡.*WARNING"; then
-    echo "⚠️  Security warnings identified."
-    read -p "Do you want to continue with commit despite warnings? (y/N): " -n 1 -r
-    echo
-    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
-        echo "Commit cancelled. Address security issues first."
-        exit 1
-    fi
-elif echo "$SECURITY_REPORT" | grep -q "🟢.*SAFE"; then
-    echo "✅ No security risks identified. Safe to continue!"
-else
-    echo "⚠️  Could not determine security status. Review manually."
-    read -p "Do you want to continue with commit? (y/N): " -n 1 -r
-    echo
-    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
-        echo "Commit cancelled."
-        exit 1
-    fi
-fi
-
-echo "Security review complete. You can now run 'git commit'."

package/examples/smart-commit.sh

@@ -1,26 +0,0 @@
-#!/bin/bash
-# Smart commit generator using Berget AI
-# Usage: ./smart-commit.sh
-set -e
-
-# Check if there are staged changes
-if [[ -z $(git diff --cached) ]]; then
-    echo "No staged changes found. Run 'git add' first."
-    exit 1
-fi
-
-# Generate commit message
-COMMIT_MSG=$(git diff --cached | npx berget chat run openai/gpt-oss "Generate a conventional commit message for this staged diff. Reply with only the commit message, nothing else:")
-
-echo "Suggested commit message:"
-echo "  $COMMIT_MSG"
-echo
-
-read -p "Do you want to use this message? (y/N): " -n 1 -r
-echo
-if [[ $REPLY =~ ^[Yy]$ ]]; then
-    git commit -m "$COMMIT_MSG"
-    echo "✅ Commit created!"
-else
-    echo "❌ Commit cancelled"
-fi