claude-threads 0.12.0

package/dist/index.js

@@ -0,0 +1,371 @@
+#!/usr/bin/env node
+import { program } from 'commander';
+import { loadConfig, configExists } from './config.js';
+import { runOnboarding } from './onboarding.js';
+import { MattermostClient } from './mattermost/client.js';
+import { SessionManager } from './claude/session.js';
+import { readFileSync } from 'fs';
+import { dirname, resolve } from 'path';
+import { fileURLToPath } from 'url';
+import { checkForUpdates } from './update-notifier.js';
+import { getReleaseNotes, formatReleaseNotes } from './changelog.js';
+import { printLogo } from './logo.js';
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const pkg = JSON.parse(readFileSync(resolve(__dirname, '..', 'package.json'), 'utf-8'));
+const dim = (s) => `\x1b[2m${s}\x1b[0m`;
+const bold = (s) => `\x1b[1m${s}\x1b[0m`;
+const cyan = (s) => `\x1b[36m${s}\x1b[0m`;
+// Define CLI options
+program
+    .name('claude-threads')
+    .version(pkg.version)
+    .description('Share Claude Code sessions in Mattermost')
+    .option('--url <url>', 'Mattermost server URL')
+    .option('--token <token>', 'Mattermost bot token')
+    .option('--channel <id>', 'Mattermost channel ID')
+    .option('--bot-name <name>', 'Bot mention name (default: claude-code)')
+    .option('--allowed-users <users>', 'Comma-separated allowed usernames')
+    .option('--skip-permissions', 'Skip interactive permission prompts')
+    .option('--no-skip-permissions', 'Enable interactive permission prompts (override env)')
+    .option('--chrome', 'Enable Claude in Chrome integration')
+    .option('--no-chrome', 'Disable Claude in Chrome integration')
+    .option('--debug', 'Enable debug logging')
+    .parse();
+const opts = program.opts();
+// Check if required args are provided via CLI
+function hasRequiredCliArgs(args) {
+    return !!(args.url && args.token && args.channel);
+}
+async function main() {
+    // Check for updates (non-blocking, shows notification if available)
+    checkForUpdates();
+    // Set debug mode from CLI flag
+    if (opts.debug) {
+        process.env.DEBUG = '1';
+    }
+    // Build CLI args object
+    const cliArgs = {
+        url: opts.url,
+        token: opts.token,
+        channel: opts.channel,
+        botName: opts.botName,
+        allowedUsers: opts.allowedUsers,
+        skipPermissions: opts.skipPermissions,
+        chrome: opts.chrome,
+    };
+    // Check if we need onboarding
+    if (!configExists() && !hasRequiredCliArgs(opts)) {
+        await runOnboarding();
+    }
+    const workingDir = process.cwd();
+    const config = loadConfig(cliArgs);
+    // Print ASCII logo
+    printLogo();
+    // Startup info
+    console.log(dim(`  v${pkg.version}`));
+    console.log('');
+    console.log(`  📂 ${cyan(workingDir)}`);
+    console.log(`  💬 ${cyan('@' + config.mattermost.botName)}`);
+    console.log(`  🌐 ${dim(config.mattermost.url)}`);
+    if (config.skipPermissions) {
+        console.log(`  ⚠️  ${dim('Permissions disabled')}`);
+    }
+    else {
+        console.log(`  🔐 ${dim('Interactive permissions')}`);
+    }
+    if (config.chrome) {
+        console.log(`  🌐 ${dim('Chrome integration enabled')}`);
+    }
+    console.log('');
+    const mattermost = new MattermostClient(config);
+    const session = new SessionManager(mattermost, workingDir, config.skipPermissions, config.chrome, config.worktreeMode);
+    mattermost.on('message', async (post, user) => {
+        try {
+            const username = user?.username || 'unknown';
+            const message = post.message;
+            const threadRoot = post.root_id || post.id;
+            // Check for !kill command FIRST - works anywhere, even as the first message
+            const lowerMessage = message.trim().toLowerCase();
+            if (lowerMessage === '!kill' || (mattermost.isBotMentioned(message) && mattermost.extractPrompt(message).toLowerCase() === '!kill')) {
+                if (!mattermost.isUserAllowed(username)) {
+                    await mattermost.createPost('⛔ Only authorized users can use `!kill`', threadRoot);
+                    return;
+                }
+                // Notify all active sessions before killing
+                for (const tid of session.getActiveThreadIds()) {
+                    try {
+                        await mattermost.createPost(`🔴 **EMERGENCY SHUTDOWN** by @${username}`, tid);
+                    }
+                    catch { /* ignore */ }
+                }
+                console.log(`  🔴 EMERGENCY SHUTDOWN initiated by @${username}`);
+                session.killAllSessionsAndUnpersist();
+                mattermost.disconnect();
+                process.exit(1);
+            }
+            // Follow-up in active thread
+            if (session.isInSessionThread(threadRoot)) {
+                // If message starts with @mention to someone else, ignore it (side conversation)
+                // Note: Mattermost usernames can contain letters, numbers, hyphens, periods, and underscores
+                const mentionMatch = message.trim().match(/^@([\w.-]+)/);
+                if (mentionMatch && mentionMatch[1].toLowerCase() !== mattermost.getBotName().toLowerCase()) {
+                    return; // Side conversation, don't interrupt
+                }
+                const content = mattermost.isBotMentioned(message)
+                    ? mattermost.extractPrompt(message)
+                    : message.trim();
+                const lowerContent = content.toLowerCase();
+                // Check for stop/cancel commands (only from allowed users)
+                // Note: Using ! prefix instead of / to avoid Mattermost slash command interception
+                if (lowerContent === '!stop' || lowerContent === 'stop' ||
+                    lowerContent === '!cancel' || lowerContent === 'cancel') {
+                    if (session.isUserAllowedInSession(threadRoot, username)) {
+                        await session.cancelSession(threadRoot, username);
+                    }
+                    return;
+                }
+                // Check for !escape/!interrupt commands (soft interrupt, keeps session alive)
+                if (lowerContent === '!escape' || lowerContent === '!interrupt') {
+                    if (session.isUserAllowedInSession(threadRoot, username)) {
+                        await session.interruptSession(threadRoot, username);
+                    }
+                    return;
+                }
+                // Note: !kill is handled at the top level, before session thread check
+                // Check for !help command
+                if (lowerContent === '!help' || lowerContent === 'help') {
+                    await mattermost.createPost(`**Available commands:**\n\n` +
+                        `| Command | Description |\n` +
+                        `|:--------|:------------|\n` +
+                        `| \`!help\` | Show this help message |\n` +
+                        `| \`!release-notes\` | Show release notes for current version |\n` +
+                        `| \`!context\` | Show context usage (tokens used/remaining) |\n` +
+                        `| \`!cost\` | Show token usage and cost for this session |\n` +
+                        `| \`!compact\` | Compress context to free up space |\n` +
+                        `| \`!cd <path>\` | Change working directory (restarts Claude) |\n` +
+                        `| \`!worktree <branch>\` | Create and switch to a git worktree |\n` +
+                        `| \`!worktree list\` | List all worktrees for the repo |\n` +
+                        `| \`!worktree switch <branch>\` | Switch to an existing worktree |\n` +
+                        `| \`!worktree remove <branch>\` | Remove a worktree |\n` +
+                        `| \`!worktree off\` | Disable worktree prompts for this session |\n` +
+                        `| \`!invite @user\` | Invite a user to this session |\n` +
+                        `| \`!kick @user\` | Remove an invited user |\n` +
+                        `| \`!permissions interactive\` | Enable interactive permissions |\n` +
+                        `| \`!escape\` | Interrupt current task (session stays active) |\n` +
+                        `| \`!stop\` | Stop this session |\n` +
+                        `| \`!kill\` | Emergency shutdown (kills ALL sessions, exits bot) |\n\n` +
+                        `**Reactions:**\n` +
+                        `- 👍 Approve action · ✅ Approve all · 👎 Deny\n` +
+                        `- ⏸️ Interrupt current task (session stays active)\n` +
+                        `- ❌ or 🛑 Stop session`, threadRoot);
+                    return;
+                }
+                // Check for !release-notes command
+                if (lowerContent === '!release-notes' || lowerContent === '!changelog') {
+                    const notes = getReleaseNotes(pkg.version);
+                    if (notes) {
+                        await mattermost.createPost(formatReleaseNotes(notes), threadRoot);
+                    }
+                    else {
+                        await mattermost.createPost(`📋 **claude-threads v${pkg.version}**\n\nRelease notes not available. See [GitHub releases](https://github.com/anneschuth/claude-threads/releases).`, threadRoot);
+                    }
+                    return;
+                }
+                // Check for !invite command
+                const inviteMatch = content.match(/^!invite\s+@?([\w.-]+)/i);
+                if (inviteMatch) {
+                    await session.inviteUser(threadRoot, inviteMatch[1], username);
+                    return;
+                }
+                // Check for !kick command
+                const kickMatch = content.match(/^!kick\s+@?([\w.-]+)/i);
+                if (kickMatch) {
+                    await session.kickUser(threadRoot, kickMatch[1], username);
+                    return;
+                }
+                // Check for !permissions command
+                const permMatch = content.match(/^!permissions?\s+(interactive|auto)/i);
+                if (permMatch) {
+                    const mode = permMatch[1].toLowerCase();
+                    if (mode === 'interactive') {
+                        await session.enableInteractivePermissions(threadRoot, username);
+                    }
+                    else {
+                        // Can't upgrade to auto - that would be less secure
+                        await mattermost.createPost(`⚠️ Cannot upgrade to auto permissions - can only downgrade to interactive`, threadRoot);
+                    }
+                    return;
+                }
+                // Check for !cd command
+                const cdMatch = content.match(/^!cd\s+(.+)/i);
+                if (cdMatch) {
+                    await session.changeDirectory(threadRoot, cdMatch[1].trim(), username);
+                    return;
+                }
+                // Check for !worktree command
+                const worktreeMatch = content.match(/^!worktree\s+(\S+)(?:\s+(.*))?$/i);
+                if (worktreeMatch) {
+                    const subcommand = worktreeMatch[1].toLowerCase();
+                    const args = worktreeMatch[2]?.trim();
+                    switch (subcommand) {
+                        case 'list':
+                            await session.listWorktreesCommand(threadRoot, username);
+                            break;
+                        case 'switch':
+                            if (!args) {
+                                await mattermost.createPost('❌ Usage: `!worktree switch <branch>`', threadRoot);
+                            }
+                            else {
+                                await session.switchToWorktree(threadRoot, args, username);
+                            }
+                            break;
+                        case 'remove':
+                            if (!args) {
+                                await mattermost.createPost('❌ Usage: `!worktree remove <branch>`', threadRoot);
+                            }
+                            else {
+                                await session.removeWorktreeCommand(threadRoot, args, username);
+                            }
+                            break;
+                        case 'off':
+                            await session.disableWorktreePrompt(threadRoot, username);
+                            break;
+                        default:
+                            // Treat as branch name: !worktree feature/foo
+                            await session.createAndSwitchToWorktree(threadRoot, subcommand, username);
+                    }
+                    return;
+                }
+                // Check for pending worktree prompt - treat message as branch name response
+                if (session.hasPendingWorktreePrompt(threadRoot)) {
+                    // Only session owner can respond
+                    if (session.isUserAllowedInSession(threadRoot, username)) {
+                        const handled = await session.handleWorktreeBranchResponse(threadRoot, content, username);
+                        if (handled)
+                            return;
+                    }
+                }
+                // Check for Claude Code slash commands (translate ! to /)
+                // These are sent directly to Claude Code as /commands
+                if (lowerContent === '!context' || lowerContent === '!cost' || lowerContent === '!compact') {
+                    if (session.isUserAllowedInSession(threadRoot, username)) {
+                        // Translate !command to /command for Claude Code
+                        const claudeCommand = '/' + lowerContent.substring(1);
+                        await session.sendFollowUp(threadRoot, claudeCommand);
+                    }
+                    return;
+                }
+                // Check if user is allowed in this session
+                if (!session.isUserAllowedInSession(threadRoot, username)) {
+                    // Request approval for their message
+                    if (content)
+                        await session.requestMessageApproval(threadRoot, username, content);
+                    return;
+                }
+                // Get any attached files (images)
+                const files = post.metadata?.files;
+                if (content || files?.length)
+                    await session.sendFollowUp(threadRoot, content, files);
+                return;
+            }
+            // Check for paused session that can be resumed
+            if (session.hasPausedSession(threadRoot)) {
+                // If message starts with @mention to someone else, ignore it (side conversation)
+                const mentionMatch = message.trim().match(/^@([\w.-]+)/);
+                if (mentionMatch && mentionMatch[1].toLowerCase() !== mattermost.getBotName().toLowerCase()) {
+                    return; // Side conversation, don't interrupt
+                }
+                const content = mattermost.isBotMentioned(message)
+                    ? mattermost.extractPrompt(message)
+                    : message.trim();
+                // Check if user is allowed in the paused session
+                const persistedSession = session.getPersistedSession(threadRoot);
+                if (persistedSession) {
+                    const allowedUsers = new Set(persistedSession.sessionAllowedUsers);
+                    if (!allowedUsers.has(username) && !mattermost.isUserAllowed(username)) {
+                        // Not allowed - could request approval but that would require the session to be active
+                        await mattermost.createPost(`⚠️ @${username} is not authorized to resume this session`, threadRoot);
+                        return;
+                    }
+                }
+                // Get any attached files (images)
+                const files = post.metadata?.files;
+                if (content || files?.length) {
+                    await session.resumePausedSession(threadRoot, content, files);
+                }
+                return;
+            }
+            // New session requires @mention
+            if (!mattermost.isBotMentioned(message))
+                return;
+            if (!mattermost.isUserAllowed(username)) {
+                await mattermost.createPost(`⚠️ @${username} is not authorized`, threadRoot);
+                return;
+            }
+            const prompt = mattermost.extractPrompt(message);
+            const files = post.metadata?.files;
+            if (!prompt && !files?.length) {
+                await mattermost.createPost(`Mention me with your request`, threadRoot);
+                return;
+            }
+            // Check for inline branch syntax: "on branch X" or "!worktree X"
+            const branchMatch = prompt.match(/(?:on branch|!worktree)\s+(\S+)/i);
+            if (branchMatch) {
+                const branch = branchMatch[1];
+                // Remove the branch specification from the prompt
+                const cleanedPrompt = prompt.replace(/(?:on branch|!worktree)\s+\S+/i, '').trim();
+                await session.startSessionWithWorktree({ prompt: cleanedPrompt || prompt, files }, branch, username, threadRoot);
+                return;
+            }
+            await session.startSession({ prompt, files }, username, threadRoot);
+        }
+        catch (err) {
+            console.error('  ❌ Error handling message:', err);
+            // Try to notify user if possible
+            try {
+                const threadRoot = post.root_id || post.id;
+                await mattermost.createPost(`⚠️ An error occurred. Please try again.`, threadRoot);
+            }
+            catch {
+                // Ignore if we can't post the error message
+            }
+        }
+    });
+    mattermost.on('connected', () => { });
+    mattermost.on('error', (e) => console.error('  ❌ Error:', e));
+    await mattermost.connect();
+    // Resume any persisted sessions from before restart
+    await session.initialize();
+    console.log(`  ✅ ${bold('Ready!')} Waiting for @${config.mattermost.botName} mentions...`);
+    console.log('');
+    let isShuttingDown = false;
+    const shutdown = async () => {
+        // Guard against multiple shutdown calls (SIGINT + SIGTERM)
+        if (isShuttingDown)
+            return;
+        isShuttingDown = true;
+        console.log('');
+        console.log(`  👋 ${dim('Shutting down...')}`);
+        // Set shutdown flag FIRST to prevent race conditions with exit events
+        session.setShuttingDown();
+        // Post shutdown message to active sessions
+        const activeThreads = session.getActiveThreadIds();
+        if (activeThreads.length > 0) {
+            console.log(`  📤 Notifying ${activeThreads.length} active session(s)...`);
+            for (const threadId of activeThreads) {
+                try {
+                    await mattermost.createPost(`⏸️ **Bot shutting down** - session will resume on restart`, threadId);
+                }
+                catch {
+                    // Ignore errors, we're shutting down
+                }
+            }
+        }
+        session.killAllSessions();
+        mattermost.disconnect();
+        process.exit(0);
+    };
+    process.on('SIGINT', () => { shutdown(); });
+    process.on('SIGTERM', () => { shutdown(); });
+}
+main().catch(e => { console.error(e); process.exit(1); });

package/dist/logo.d.ts

@@ -0,0 +1,31 @@
+/**
+ * ASCII Art Logo for Claude Threads
+ *
+ * Stylized CT in Claude Code's block character style.
+ */
+/**
+ * ASCII logo for CLI display (with ANSI colors)
+ * Stylized CT in block characters
+ */
+export declare const CLI_LOGO: string;
+/**
+ * ASCII logo for Mattermost (plain text, no ANSI codes)
+ * Use getMattermostLogo(version) instead to include version
+ */
+export declare const MATTERMOST_LOGO = "```\n \u2734 \u2584\u2588\u2580 \u2588\u2588\u2588 \u2734   claude-threads\n\u2734  \u2588\u2580   \u2588   \u2734  Mattermost \u00D7 Claude Code\n\u2734  \u2580\u2588\u2584  \u2588   \u2734\n```";
+/**
+ * Get ASCII logo for Mattermost with version included
+ */
+export declare function getMattermostLogo(version: string): string;
+/**
+ * Compact inline logo for Mattermost headers
+ */
+export declare const MATTERMOST_LOGO_INLINE = "`\u2584\u2588\u2580T` **claude-threads**";
+/**
+ * Very compact logo for space-constrained contexts
+ */
+export declare const LOGO_COMPACT = "\u2584\u2588\u2580T claude-threads";
+/**
+ * Print CLI logo to stdout
+ */
+export declare function printLogo(): void;

package/dist/logo.js

@@ -0,0 +1,57 @@
+/**
+ * ASCII Art Logo for Claude Threads
+ *
+ * Stylized CT in Claude Code's block character style.
+ */
+// ANSI color codes for terminal
+const colors = {
+    reset: '\x1b[0m',
+    bold: '\x1b[1m',
+    dim: '\x1b[2m',
+    // Mattermost blue (#1C58D9)
+    blue: '\x1b[38;5;27m',
+    // Claude orange/coral
+    orange: '\x1b[38;5;209m',
+};
+/**
+ * ASCII logo for CLI display (with ANSI colors)
+ * Stylized CT in block characters
+ */
+export const CLI_LOGO = `
+${colors.orange} ✴${colors.reset} ${colors.blue}▄█▀ ███${colors.reset} ${colors.orange}✴${colors.reset}   ${colors.bold}claude-threads${colors.reset}
+${colors.orange}✴${colors.reset}  ${colors.blue}█▀   █${colors.reset}   ${colors.orange}✴${colors.reset}  ${colors.dim}Mattermost × Claude Code${colors.reset}
+${colors.orange}✴${colors.reset}  ${colors.blue}▀█▄  █${colors.reset}   ${colors.orange}✴${colors.reset}
+`;
+/**
+ * ASCII logo for Mattermost (plain text, no ANSI codes)
+ * Use getMattermostLogo(version) instead to include version
+ */
+export const MATTERMOST_LOGO = `\`\`\`
+ ✴ ▄█▀ ███ ✴   claude-threads
+✴  █▀   █   ✴  Mattermost × Claude Code
+✴  ▀█▄  █   ✴
+\`\`\``;
+/**
+ * Get ASCII logo for Mattermost with version included
+ */
+export function getMattermostLogo(version) {
+    return `\`\`\`
+ ✴ ▄█▀ ███ ✴   claude-threads v${version}
+✴  █▀   █   ✴  Mattermost × Claude Code
+✴  ▀█▄  █   ✴
+\`\`\``;
+}
+/**
+ * Compact inline logo for Mattermost headers
+ */
+export const MATTERMOST_LOGO_INLINE = '`▄█▀T` **claude-threads**';
+/**
+ * Very compact logo for space-constrained contexts
+ */
+export const LOGO_COMPACT = '▄█▀T claude-threads';
+/**
+ * Print CLI logo to stdout
+ */
+export function printLogo() {
+    console.log(CLI_LOGO);
+}

package/dist/mattermost/api.d.ts

@@ -0,0 +1,85 @@
+/**
+ * Shared Mattermost REST API layer
+ *
+ * Provides standalone API functions that can be used by both:
+ * - src/mattermost/client.ts (main bot with WebSocket)
+ * - src/mcp/permission-server.ts (MCP subprocess)
+ *
+ * These functions take config as parameters (not from global state)
+ * to support the MCP server running as a separate process.
+ */
+export interface MattermostApiConfig {
+    url: string;
+    token: string;
+}
+export interface MattermostApiPost {
+    id: string;
+    channel_id: string;
+    message: string;
+    root_id?: string;
+    user_id?: string;
+    create_at?: number;
+}
+export interface MattermostApiUser {
+    id: string;
+    username: string;
+    email?: string;
+    first_name?: string;
+    last_name?: string;
+}
+/**
+ * Make a request to the Mattermost REST API
+ *
+ * @param config - API configuration (url and token)
+ * @param method - HTTP method
+ * @param path - API path (starting with /)
+ * @param body - Optional request body
+ * @returns Promise with the response data
+ */
+export declare function mattermostApi<T>(config: MattermostApiConfig, method: string, path: string, body?: unknown): Promise<T>;
+/**
+ * Get the current authenticated user (bot user)
+ */
+export declare function getMe(config: MattermostApiConfig): Promise<MattermostApiUser>;
+/**
+ * Get a user by ID
+ */
+export declare function getUser(config: MattermostApiConfig, userId: string): Promise<MattermostApiUser | null>;
+/**
+ * Create a new post in a channel
+ */
+export declare function createPost(config: MattermostApiConfig, channelId: string, message: string, rootId?: string): Promise<MattermostApiPost>;
+/**
+ * Update an existing post
+ */
+export declare function updatePost(config: MattermostApiConfig, postId: string, message: string): Promise<MattermostApiPost>;
+/**
+ * Add a reaction to a post
+ */
+export declare function addReaction(config: MattermostApiConfig, postId: string, userId: string, emojiName: string): Promise<void>;
+/**
+ * Check if a user is allowed based on an allowlist
+ *
+ * @param username - Username to check
+ * @param allowList - List of allowed usernames (empty = all allowed)
+ * @returns true if user is allowed
+ */
+export declare function isUserAllowed(username: string, allowList: string[]): boolean;
+/**
+ * Create a post with reaction options for user interaction
+ *
+ * This is a common pattern used for:
+ * - Permission prompts (approve/deny/allow-all)
+ * - Plan approval (approve/deny)
+ * - Question answering (numbered options)
+ * - Message approval (approve/allow-all/deny)
+ *
+ * @param config - API configuration
+ * @param channelId - Channel to post in
+ * @param message - Post message content
+ * @param reactions - Array of emoji names to add as reaction options
+ * @param rootId - Optional thread root ID
+ * @param botUserId - Bot user ID (required for adding reactions)
+ * @returns The created post
+ */
+export declare function createInteractivePost(config: MattermostApiConfig, channelId: string, message: string, reactions: string[], rootId: string | undefined, botUserId: string): Promise<MattermostApiPost>;

package/dist/mattermost/api.js

@@ -0,0 +1,124 @@
+/**
+ * Shared Mattermost REST API layer
+ *
+ * Provides standalone API functions that can be used by both:
+ * - src/mattermost/client.ts (main bot with WebSocket)
+ * - src/mcp/permission-server.ts (MCP subprocess)
+ *
+ * These functions take config as parameters (not from global state)
+ * to support the MCP server running as a separate process.
+ */
+/**
+ * Make a request to the Mattermost REST API
+ *
+ * @param config - API configuration (url and token)
+ * @param method - HTTP method
+ * @param path - API path (starting with /)
+ * @param body - Optional request body
+ * @returns Promise with the response data
+ */
+export async function mattermostApi(config, method, path, body) {
+    const url = `${config.url}/api/v4${path}`;
+    const response = await fetch(url, {
+        method,
+        headers: {
+            Authorization: `Bearer ${config.token}`,
+            'Content-Type': 'application/json',
+        },
+        body: body ? JSON.stringify(body) : undefined,
+    });
+    if (!response.ok) {
+        const text = await response.text();
+        throw new Error(`Mattermost API error ${response.status}: ${text}`);
+    }
+    return response.json();
+}
+/**
+ * Get the current authenticated user (bot user)
+ */
+export async function getMe(config) {
+    return mattermostApi(config, 'GET', '/users/me');
+}
+/**
+ * Get a user by ID
+ */
+export async function getUser(config, userId) {
+    try {
+        return await mattermostApi(config, 'GET', `/users/${userId}`);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Create a new post in a channel
+ */
+export async function createPost(config, channelId, message, rootId) {
+    return mattermostApi(config, 'POST', '/posts', {
+        channel_id: channelId,
+        message,
+        root_id: rootId,
+    });
+}
+/**
+ * Update an existing post
+ */
+export async function updatePost(config, postId, message) {
+    return mattermostApi(config, 'PUT', `/posts/${postId}`, {
+        id: postId,
+        message,
+    });
+}
+/**
+ * Add a reaction to a post
+ */
+export async function addReaction(config, postId, userId, emojiName) {
+    await mattermostApi(config, 'POST', '/reactions', {
+        user_id: userId,
+        post_id: postId,
+        emoji_name: emojiName,
+    });
+}
+/**
+ * Check if a user is allowed based on an allowlist
+ *
+ * @param username - Username to check
+ * @param allowList - List of allowed usernames (empty = all allowed)
+ * @returns true if user is allowed
+ */
+export function isUserAllowed(username, allowList) {
+    if (allowList.length === 0)
+        return true;
+    return allowList.includes(username);
+}
+/**
+ * Create a post with reaction options for user interaction
+ *
+ * This is a common pattern used for:
+ * - Permission prompts (approve/deny/allow-all)
+ * - Plan approval (approve/deny)
+ * - Question answering (numbered options)
+ * - Message approval (approve/allow-all/deny)
+ *
+ * @param config - API configuration
+ * @param channelId - Channel to post in
+ * @param message - Post message content
+ * @param reactions - Array of emoji names to add as reaction options
+ * @param rootId - Optional thread root ID
+ * @param botUserId - Bot user ID (required for adding reactions)
+ * @returns The created post
+ */
+export async function createInteractivePost(config, channelId, message, reactions, rootId, botUserId) {
+    const post = await createPost(config, channelId, message, rootId);
+    // Add each reaction option, continuing even if some fail
+    for (const emoji of reactions) {
+        try {
+            await addReaction(config, post.id, botUserId, emoji);
+        }
+        catch (err) {
+            // Log error but continue - the post was created successfully
+            console.error(`  ⚠️ Failed to add reaction ${emoji}:`, err);
+        }
+    }
+    return post;
+}

package/dist/mattermost/api.test.d.ts

@@ -0,0 +1 @@
+export {};