claudekit-cli 1.0.0

package/src/lib/auth.ts

@@ -0,0 +1,157 @@
+import { execSync } from "node:child_process";
+import * as clack from "@clack/prompts";
+import keytar from "keytar";
+import { type AuthMethod, AuthenticationError } from "../types.js";
+import { ConfigManager } from "../utils/config.js";
+import { logger } from "../utils/logger.js";
+
+const SERVICE_NAME = "claudekit-cli";
+const ACCOUNT_NAME = "github-token";
+
+export class AuthManager {
+	private static token: string | null = null;
+	private static authMethod: AuthMethod | null = null;
+
+	/**
+	 * Get GitHub token with multi-tier fallback
+	 */
+	static async getToken(): Promise<{ token: string; method: AuthMethod }> {
+		if (AuthManager.token && AuthManager.authMethod) {
+			return { token: AuthManager.token, method: AuthManager.authMethod };
+		}
+
+		// Try 1: GitHub CLI
+		try {
+			const token = await AuthManager.getFromGhCli();
+			if (token) {
+				AuthManager.token = token;
+				AuthManager.authMethod = "gh-cli";
+				logger.debug("Using GitHub CLI authentication");
+				return { token, method: "gh-cli" };
+			}
+		} catch (error) {
+			logger.debug("GitHub CLI not available");
+		}
+
+		// Try 2: Environment variables
+		const envToken = process.env.GITHUB_TOKEN || process.env.GH_TOKEN;
+		if (envToken) {
+			AuthManager.token = envToken;
+			AuthManager.authMethod = "env-var";
+			logger.debug("Using environment variable authentication");
+			return { token: envToken, method: "env-var" };
+		}
+
+		// Try 3: Config file
+		try {
+			const configToken = await ConfigManager.getToken();
+			if (configToken) {
+				AuthManager.token = configToken;
+				AuthManager.authMethod = "env-var";
+				logger.debug("Using config file authentication");
+				return { token: configToken, method: "env-var" };
+			}
+		} catch (error) {
+			logger.debug("No token in config file");
+		}
+
+		// Try 4: OS Keychain
+		try {
+			const keychainToken = await keytar.getPassword(SERVICE_NAME, ACCOUNT_NAME);
+			if (keychainToken) {
+				AuthManager.token = keychainToken;
+				AuthManager.authMethod = "keychain";
+				logger.debug("Using keychain authentication");
+				return { token: keychainToken, method: "keychain" };
+			}
+		} catch (error) {
+			logger.debug("No token in keychain");
+		}
+
+		// Try 5: Prompt user
+		const promptedToken = await AuthManager.promptForToken();
+		AuthManager.token = promptedToken;
+		AuthManager.authMethod = "prompt";
+		return { token: promptedToken, method: "prompt" };
+	}
+
+	/**
+	 * Get token from GitHub CLI
+	 */
+	private static async getFromGhCli(): Promise<string | null> {
+		try {
+			const token = execSync("gh auth token", {
+				encoding: "utf-8",
+				stdio: ["pipe", "pipe", "ignore"],
+			}).trim();
+			if (token && token.length > 0) {
+				return token;
+			}
+			return null;
+		} catch {
+			return null;
+		}
+	}
+
+	/**
+	 * Prompt user for token
+	 */
+	private static async promptForToken(): Promise<string> {
+		const token = await clack.password({
+			message: "Enter your GitHub Personal Access Token:",
+			validate: (value) => {
+				if (!value || value.length === 0) {
+					return "Token is required";
+				}
+				if (!value.startsWith("ghp_") && !value.startsWith("github_pat_")) {
+					return 'Invalid token format. Token should start with "ghp_" or "github_pat_"';
+				}
+				return;
+			},
+		});
+
+		if (clack.isCancel(token)) {
+			throw new AuthenticationError("Authentication cancelled by user");
+		}
+
+		// Ask if user wants to save token
+		const save = await clack.confirm({
+			message: "Save token securely in OS keychain?",
+		});
+
+		if (save && !clack.isCancel(save)) {
+			try {
+				await keytar.setPassword(SERVICE_NAME, ACCOUNT_NAME, token);
+				logger.success("Token saved securely in keychain");
+			} catch (error) {
+				logger.warning("Failed to save token to keychain");
+			}
+		}
+
+		return token;
+	}
+
+	/**
+	 * Clear stored token
+	 */
+	static async clearToken(): Promise<void> {
+		// Always clear in-memory token
+		AuthManager.token = null;
+		AuthManager.authMethod = null;
+
+		// Try to clear from keychain (may fail in CI)
+		try {
+			await keytar.deletePassword(SERVICE_NAME, ACCOUNT_NAME);
+			logger.success("Token cleared from keychain");
+		} catch (error) {
+			logger.warning("Failed to clear token from keychain");
+		}
+	}
+
+	/**
+	 * Validate token format
+	 */
+	static isValidTokenFormat(token: string): boolean {
+		return token.startsWith("ghp_") || token.startsWith("github_pat_");
+	}
+}

package/src/lib/download.ts

@@ -0,0 +1,180 @@
+import { createReadStream, createWriteStream } from "node:fs";
+import { mkdir } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { pipeline } from "node:stream";
+import { promisify } from "node:util";
+import cliProgress from "cli-progress";
+import ora from "ora";
+import * as tar from "tar";
+import unzipper from "unzipper";
+import {
+	type ArchiveType,
+	DownloadError,
+	ExtractionError,
+	type GitHubReleaseAsset,
+} from "../types.js";
+import { logger } from "../utils/logger.js";
+
+const streamPipeline = promisify(pipeline);
+
+export class DownloadManager {
+	/**
+	 * Download asset from URL with progress tracking
+	 */
+	async downloadAsset(asset: GitHubReleaseAsset, destDir: string): Promise<string> {
+		try {
+			const destPath = join(destDir, asset.name);
+
+			// Ensure destination directory exists
+			await mkdir(destDir, { recursive: true });
+
+			logger.info(`Downloading ${asset.name} (${this.formatBytes(asset.size)})...`);
+
+			// Create progress bar
+			const progressBar = new cliProgress.SingleBar({
+				format: "Progress |{bar}| {percentage}% | {value}/{total} MB",
+				barCompleteChar: "\u2588",
+				barIncompleteChar: "\u2591",
+				hideCursor: true,
+			});
+
+			const response = await fetch(asset.browser_download_url, {
+				headers: {
+					Accept: "application/octet-stream",
+				},
+			});
+
+			if (!response.ok) {
+				throw new DownloadError(`Failed to download: ${response.statusText}`);
+			}
+
+			const totalSize = asset.size;
+			let downloadedSize = 0;
+
+			progressBar.start(Math.round(totalSize / 1024 / 1024), 0);
+
+			const fileStream = createWriteStream(destPath);
+			const reader = response.body?.getReader();
+
+			if (!reader) {
+				throw new DownloadError("Failed to get response reader");
+			}
+
+			try {
+				while (true) {
+					const { done, value } = await reader.read();
+
+					if (done) {
+						break;
+					}
+
+					fileStream.write(value);
+					downloadedSize += value.length;
+					progressBar.update(Math.round(downloadedSize / 1024 / 1024));
+				}
+
+				fileStream.end();
+				progressBar.stop();
+
+				logger.success(`Downloaded ${asset.name}`);
+				return destPath;
+			} catch (error) {
+				fileStream.close();
+				progressBar.stop();
+				throw error;
+			}
+		} catch (error) {
+			throw new DownloadError(
+				`Failed to download ${asset.name}: ${error instanceof Error ? error.message : "Unknown error"}`,
+			);
+		}
+	}
+
+	/**
+	 * Extract archive to destination
+	 */
+	async extractArchive(
+		archivePath: string,
+		destDir: string,
+		archiveType?: ArchiveType,
+	): Promise<void> {
+		const spinner = ora("Extracting files...").start();
+
+		try {
+			// Detect archive type from filename if not provided
+			const detectedType = archiveType || this.detectArchiveType(archivePath);
+
+			// Ensure destination directory exists
+			await mkdir(destDir, { recursive: true });
+
+			if (detectedType === "tar.gz") {
+				await this.extractTarGz(archivePath, destDir);
+			} else if (detectedType === "zip") {
+				await this.extractZip(archivePath, destDir);
+			} else {
+				throw new ExtractionError(`Unsupported archive type: ${detectedType}`);
+			}
+
+			spinner.succeed("Files extracted successfully");
+		} catch (error) {
+			spinner.fail("Extraction failed");
+			throw new ExtractionError(
+				`Failed to extract archive: ${error instanceof Error ? error.message : "Unknown error"}`,
+			);
+		}
+	}
+
+	/**
+	 * Extract tar.gz archive
+	 */
+	private async extractTarGz(archivePath: string, destDir: string): Promise<void> {
+		await tar.extract({
+			file: archivePath,
+			cwd: destDir,
+			strip: 1, // Strip the root directory from the archive
+		});
+	}
+
+	/**
+	 * Extract zip archive
+	 */
+	private async extractZip(archivePath: string, destDir: string): Promise<void> {
+		await streamPipeline(createReadStream(archivePath), unzipper.Extract({ path: destDir }));
+	}
+
+	/**
+	 * Detect archive type from filename
+	 */
+	private detectArchiveType(filename: string): ArchiveType {
+		if (filename.endsWith(".tar.gz") || filename.endsWith(".tgz")) {
+			return "tar.gz";
+		}
+		if (filename.endsWith(".zip")) {
+			return "zip";
+		}
+		throw new ExtractionError(`Cannot detect archive type from filename: ${filename}`);
+	}
+
+	/**
+	 * Create temporary download directory
+	 */
+	async createTempDir(): Promise<string> {
+		const tempDir = join(tmpdir(), `claudekit-${Date.now()}`);
+		await mkdir(tempDir, { recursive: true });
+		return tempDir;
+	}
+
+	/**
+	 * Format bytes to human readable string
+	 */
+	private formatBytes(bytes: number): string {
+		if (bytes === 0) return "0 Bytes";
+
+		const k = 1024;
+		const sizes = ["Bytes", "KB", "MB", "GB"];
+		const i = Math.floor(Math.log(bytes) / Math.log(k));
+
+		return `${Math.round((bytes / k ** i) * 100) / 100} ${sizes[i]}`;
+	}
+}

package/src/lib/github.ts

@@ -0,0 +1,157 @@
+import { Octokit } from "@octokit/rest";
+import { GitHubError, type GitHubRelease, GitHubReleaseSchema, type KitConfig } from "../types.js";
+import { logger } from "../utils/logger.js";
+import { AuthManager } from "./auth.js";
+
+export class GitHubClient {
+	private octokit: Octokit | null = null;
+
+	/**
+	 * Initialize Octokit client with authentication
+	 */
+	private async getClient(): Promise<Octokit> {
+		if (this.octokit) {
+			return this.octokit;
+		}
+
+		const { token } = await AuthManager.getToken();
+
+		this.octokit = new Octokit({
+			auth: token,
+			userAgent: "claudekit-cli",
+			request: {
+				timeout: 30000, // 30 seconds
+			},
+		});
+
+		return this.octokit;
+	}
+
+	/**
+	 * Get latest release for a kit
+	 */
+	async getLatestRelease(kit: KitConfig): Promise<GitHubRelease> {
+		try {
+			const client = await this.getClient();
+
+			logger.debug(`Fetching latest release for ${kit.owner}/${kit.repo}`);
+
+			const { data } = await client.repos.getLatestRelease({
+				owner: kit.owner,
+				repo: kit.repo,
+			});
+
+			return GitHubReleaseSchema.parse(data);
+		} catch (error: any) {
+			if (error?.status === 404) {
+				throw new GitHubError(`No releases found for ${kit.name}`, 404);
+			}
+			if (error?.status === 401) {
+				throw new GitHubError("Authentication failed. Please check your GitHub token.", 401);
+			}
+			if (error?.status === 403) {
+				throw new GitHubError(
+					"Access denied. Make sure your token has access to private repositories.",
+					403,
+				);
+			}
+			throw new GitHubError(
+				`Failed to fetch release: ${error?.message || "Unknown error"}`,
+				error?.status,
+			);
+		}
+	}
+
+	/**
+	 * Get specific release by version tag
+	 */
+	async getReleaseByTag(kit: KitConfig, tag: string): Promise<GitHubRelease> {
+		try {
+			const client = await this.getClient();
+
+			logger.debug(`Fetching release ${tag} for ${kit.owner}/${kit.repo}`);
+
+			const { data } = await client.repos.getReleaseByTag({
+				owner: kit.owner,
+				repo: kit.repo,
+				tag,
+			});
+
+			return GitHubReleaseSchema.parse(data);
+		} catch (error: any) {
+			if (error?.status === 404) {
+				throw new GitHubError(`Release ${tag} not found for ${kit.name}`, 404);
+			}
+			if (error?.status === 401) {
+				throw new GitHubError("Authentication failed. Please check your GitHub token.", 401);
+			}
+			if (error?.status === 403) {
+				throw new GitHubError(
+					"Access denied. Make sure your token has access to private repositories.",
+					403,
+				);
+			}
+			throw new GitHubError(
+				`Failed to fetch release: ${error?.message || "Unknown error"}`,
+				error?.status,
+			);
+		}
+	}
+
+	/**
+	 * List all releases for a kit
+	 */
+	async listReleases(kit: KitConfig, limit = 10): Promise<GitHubRelease[]> {
+		try {
+			const client = await this.getClient();
+
+			logger.debug(`Listing releases for ${kit.owner}/${kit.repo}`);
+
+			const { data } = await client.repos.listReleases({
+				owner: kit.owner,
+				repo: kit.repo,
+				per_page: limit,
+			});
+
+			return data.map((release) => GitHubReleaseSchema.parse(release));
+		} catch (error: any) {
+			if (error?.status === 401) {
+				throw new GitHubError("Authentication failed. Please check your GitHub token.", 401);
+			}
+			if (error?.status === 403) {
+				throw new GitHubError(
+					"Access denied. Make sure your token has access to private repositories.",
+					403,
+				);
+			}
+			throw new GitHubError(
+				`Failed to list releases: ${error?.message || "Unknown error"}`,
+				error?.status,
+			);
+		}
+	}
+
+	/**
+	 * Check if user has access to repository
+	 */
+	async checkAccess(kit: KitConfig): Promise<boolean> {
+		try {
+			const client = await this.getClient();
+
+			await client.repos.get({
+				owner: kit.owner,
+				repo: kit.repo,
+			});
+
+			return true;
+		} catch (error: any) {
+			if (error?.status === 404 || error?.status === 403) {
+				return false;
+			}
+			throw new GitHubError(
+				`Failed to check repository access: ${error?.message || "Unknown error"}`,
+				error?.status,
+			);
+		}
+	}
+}

package/src/lib/merge.ts

@@ -0,0 +1,116 @@
+import { join, relative } from "node:path";
+import * as clack from "@clack/prompts";
+import { copy, pathExists, readdir, stat } from "fs-extra";
+import ignore from "ignore";
+import { PROTECTED_PATTERNS } from "../types.js";
+import { logger } from "../utils/logger.js";
+
+export class FileMerger {
+	private ig = ignore().add(PROTECTED_PATTERNS);
+
+	/**
+	 * Merge files from source to destination with conflict detection
+	 */
+	async merge(sourceDir: string, destDir: string, skipConfirmation = false): Promise<void> {
+		// Get list of files that will be affected
+		const conflicts = await this.detectConflicts(sourceDir, destDir);
+
+		if (conflicts.length > 0 && !skipConfirmation) {
+			logger.warning(`Found ${conflicts.length} file(s) that will be overwritten:`);
+			conflicts.slice(0, 10).forEach((file) => logger.info(`  - ${file}`));
+			if (conflicts.length > 10) {
+				logger.info(`  ... and ${conflicts.length - 10} more`);
+			}
+
+			const confirm = await clack.confirm({
+				message: "Do you want to continue?",
+			});
+
+			if (clack.isCancel(confirm) || !confirm) {
+				throw new Error("Merge cancelled by user");
+			}
+		}
+
+		// Copy files
+		await this.copyFiles(sourceDir, destDir);
+	}
+
+	/**
+	 * Detect files that will be overwritten
+	 */
+	private async detectConflicts(sourceDir: string, destDir: string): Promise<string[]> {
+		const conflicts: string[] = [];
+		const files = await this.getFiles(sourceDir);
+
+		for (const file of files) {
+			const relativePath = relative(sourceDir, file);
+
+			// Skip protected files
+			if (this.ig.ignores(relativePath)) {
+				continue;
+			}
+
+			const destPath = join(destDir, relativePath);
+			if (await pathExists(destPath)) {
+				conflicts.push(relativePath);
+			}
+		}
+
+		return conflicts;
+	}
+
+	/**
+	 * Copy files from source to destination, skipping protected patterns
+	 */
+	private async copyFiles(sourceDir: string, destDir: string): Promise<void> {
+		const files = await this.getFiles(sourceDir);
+		let copiedCount = 0;
+		let skippedCount = 0;
+
+		for (const file of files) {
+			const relativePath = relative(sourceDir, file);
+
+			// Skip protected files
+			if (this.ig.ignores(relativePath)) {
+				logger.debug(`Skipping protected file: ${relativePath}`);
+				skippedCount++;
+				continue;
+			}
+
+			const destPath = join(destDir, relativePath);
+			await copy(file, destPath, { overwrite: true });
+			copiedCount++;
+		}
+
+		logger.success(`Copied ${copiedCount} file(s), skipped ${skippedCount} protected file(s)`);
+	}
+
+	/**
+	 * Recursively get all files in a directory
+	 */
+	private async getFiles(dir: string): Promise<string[]> {
+		const files: string[] = [];
+		const entries = await readdir(dir);
+
+		for (const entry of entries) {
+			const fullPath = join(dir, entry);
+			const stats = await stat(fullPath);
+
+			if (stats.isDirectory()) {
+				const subFiles = await this.getFiles(fullPath);
+				files.push(...subFiles);
+			} else {
+				files.push(fullPath);
+			}
+		}
+
+		return files;
+	}
+
+	/**
+	 * Add custom patterns to ignore
+	 */
+	addIgnorePatterns(patterns: string[]): void {
+		this.ig.add(patterns);
+	}
+}