codealmanac 0.1.10 → 0.2.1

package/dist/chunk-SSYMRT4I.js

@@ -0,0 +1,126 @@
+#!/usr/bin/env node
+
+// src/agent/auth.ts
+import { spawn, spawnSync } from "child_process";
+import { createRequire } from "module";
+import { dirname, join } from "path";
+var AUTH_TIMEOUT_MS = 1e4;
+function resolveClaudeExecutable() {
+  const result = spawnSync("sh", ["-lc", "command -v claude"], {
+    encoding: "utf8"
+  });
+  if (result.status !== 0) return void 0;
+  const found = result.stdout.trim().split("\n")[0]?.trim();
+  return found !== void 0 && found.length > 0 ? found : void 0;
+}
+function resolveCliJsPath() {
+  const require2 = createRequire(import.meta.url);
+  const entry = require2.resolve("@anthropic-ai/claude-agent-sdk");
+  return join(dirname(entry), "cli.js");
+}
+var defaultSpawnCli = (args) => {
+  const command = resolveClaudeExecutable() ?? "claude";
+  const child = spawn(command, args, {
+    stdio: ["ignore", "pipe", "pipe"]
+  });
+  return child;
+};
+var legacySdkSpawnCli = (args) => {
+  const cliPath = resolveCliJsPath();
+  const child = spawn(process.execPath, [cliPath, ...args], {
+    stdio: ["ignore", "pipe", "pipe"]
+  });
+  return child;
+};
+async function checkClaudeAuth(spawnCli = defaultSpawnCli) {
+  if (spawnCli === defaultSpawnCli) {
+    const status = await checkClaudeAuthWith(defaultSpawnCli);
+    if (status.loggedIn) return status;
+    return await checkClaudeAuthWith(legacySdkSpawnCli);
+  }
+  return await checkClaudeAuthWith(spawnCli);
+}
+async function checkClaudeAuthWith(spawnCli) {
+  let child;
+  try {
+    child = spawnCli(["auth", "status", "--json"]);
+  } catch {
+    return { loggedIn: false };
+  }
+  return new Promise((resolve) => {
+    let stdout = "";
+    let stderr = "";
+    let settled = false;
+    const settle = (value) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      resolve(value);
+    };
+    const timer = setTimeout(() => {
+      try {
+        child.kill("SIGTERM");
+      } catch {
+      }
+      settle({ loggedIn: false });
+    }, AUTH_TIMEOUT_MS);
+    child.stdout.on("data", (data) => {
+      stdout += data.toString();
+    });
+    child.stderr.on("data", (data) => {
+      stderr += data.toString();
+    });
+    child.on("error", () => {
+      settle({ loggedIn: false });
+    });
+    child.on("close", (code) => {
+      if (code !== 0 && stdout.trim().length === 0) {
+        void stderr;
+        settle({ loggedIn: false });
+        return;
+      }
+      try {
+        settle(parseClaudeAuthStatus(stdout.trim()));
+      } catch {
+        settle({ loggedIn: false });
+      }
+    });
+  });
+}
+function parseClaudeAuthStatus(raw) {
+  const parsed = JSON.parse(raw);
+  const loggedIn = parsed.loggedIn === true;
+  const out = { loggedIn };
+  if (typeof parsed.email === "string") out.email = parsed.email;
+  if (typeof parsed.subscriptionType === "string") {
+    out.subscriptionType = parsed.subscriptionType;
+  }
+  if (typeof parsed.authMethod === "string") {
+    out.authMethod = parsed.authMethod;
+  }
+  return out;
+}
+var UNAUTHENTICATED_MESSAGE = "not authenticated to Claude.\n\nOption 1 \u2014 use your Claude subscription (Pro/Max):\n  claude auth login --claudeai\n\nOption 2 \u2014 use a pay-per-token API key:\n  Get one at https://console.anthropic.com\n  export ANTHROPIC_API_KEY=sk-ant-...\n\nVerify with: claude auth status";
+async function assertClaudeAuth(spawnCli = defaultSpawnCli) {
+  const status = await checkClaudeAuth(spawnCli);
+  if (status.loggedIn) {
+    return status;
+  }
+  const apiKey = process.env.ANTHROPIC_API_KEY;
+  if (apiKey !== void 0 && apiKey.length > 0) {
+    return { loggedIn: true, authMethod: "apiKey" };
+  }
+  const err = new Error(UNAUTHENTICATED_MESSAGE);
+  err.code = "CLAUDE_AUTH_MISSING";
+  throw err;
+}
+
+export {
+  resolveClaudeExecutable,
+  defaultSpawnCli,
+  legacySdkSpawnCli,
+  checkClaudeAuth,
+  UNAUTHENTICATED_MESSAGE,
+  assertClaudeAuth
+};
+//# sourceMappingURL=chunk-SSYMRT4I.js.map

package/dist/chunk-SSYMRT4I.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/agent/auth.ts"],"sourcesContent":["import { spawn, spawnSync, type ChildProcess } from \"node:child_process\";\nimport { createRequire } from \"node:module\";\nimport { dirname, join } from \"node:path\";\n\n/**\n * Claude auth gate — accepts either an active Claude subscription login\n * OR an `ANTHROPIC_API_KEY` environment variable.\n *\n * Claude Code owns subscription OAuth credentials. Users who are logged in\n * via `claude auth login --claudeai` should be able to run bootstrap/capture\n * without exporting an API key. Conversely, users on pay-per-token API keys\n * shouldn't be required to go through the OAuth flow.\n *\n * Current Claude Agent SDK packages no longer ship the old private\n * `cli.js` entrypoint, so the primary probe is the public Claude Code CLI:\n * `claude auth status --json`. We keep the SDK `cli.js` probe as a legacy\n * fallback for older SDK layouts.\n */\n\nexport interface ClaudeAuthStatus {\n  loggedIn: boolean;\n  email?: string;\n  subscriptionType?: string;\n  authMethod?: string;\n}\n\nexport interface SpawnedProcess {\n  stdout: { on: (event: \"data\", cb: (data: Buffer | string) => void) => void };\n  stderr: { on: (event: \"data\", cb: (data: Buffer | string) => void) => void };\n  on: (event: \"close\" | \"error\", cb: (arg: number | null | Error) => void) => void;\n  kill: (signal?: string) => void;\n}\n\n/**\n * The subprocess spawner is injectable so tests can replace it with a\n * fake that emits canned JSON without touching the filesystem.\n */\nexport type SpawnCliFn = (args: string[]) => SpawnedProcess;\n\nconst AUTH_TIMEOUT_MS = 10_000;\n\n/**\n * Resolve the installed Claude Code executable from PATH. The Agent SDK can\n * accept this path via `pathToClaudeCodeExecutable`, and the auth probe uses\n * the same binary so CodeAlmanac agrees with `claude auth status`.\n */\nexport function resolveClaudeExecutable(): string | undefined {\n  const result = spawnSync(\"sh\", [\"-lc\", \"command -v claude\"], {\n    encoding: \"utf8\",\n  });\n  if (result.status !== 0) return undefined;\n  const found = result.stdout.trim().split(\"\\n\")[0]?.trim();\n  return found !== undefined && found.length > 0 ? found : undefined;\n}\n\n/**\n * Resolve legacy `cli.js` from older `@anthropic-ai/claude-agent-sdk`\n * installs. SDK 0.2.129+ no longer ships this file; callers must treat\n * failure as expected and fall back to the public `claude` binary.\n */\nfunction resolveCliJsPath(): string {\n  const require = createRequire(import.meta.url);\n  const entry = require.resolve(\"@anthropic-ai/claude-agent-sdk\");\n  return join(dirname(entry), \"cli.js\");\n}\n\n/**\n * Default subprocess spawner for production use — invokes the installed\n * Claude Code CLI.\n */\nexport const defaultSpawnCli: SpawnCliFn = (args: string[]) => {\n  const command = resolveClaudeExecutable() ?? \"claude\";\n  const child = spawn(command, args, {\n    stdio: [\"ignore\", \"pipe\", \"pipe\"],\n  });\n  return child as unknown as SpawnedProcess;\n};\n\nexport const legacySdkSpawnCli: SpawnCliFn = (args: string[]) => {\n  const cliPath = resolveCliJsPath();\n  const child = spawn(process.execPath, [cliPath, ...args], {\n    stdio: [\"ignore\", \"pipe\", \"pipe\"],\n  });\n  return child as unknown as SpawnedProcess;\n};\n\n/**\n * Check whether the user is authenticated via Claude subscription OAuth.\n *\n * Spawns `claude auth status --json`, falling back to the legacy SDK CLI\n * layout when available. On any failure (spawn error, non-JSON stdout,\n * non-zero exit, timeout) we return `{ loggedIn: false }` rather than\n * propagating the error — the caller will fall back to the\n * `ANTHROPIC_API_KEY` path and, if that's also missing, produce a clean\n * two-option error message.\n *\n * The 10s timeout guards against the CLI hanging on a broken network or\n * keychain prompt. In practice `auth status` is a cheap local read.\n */\nexport async function checkClaudeAuth(\n  spawnCli: SpawnCliFn = defaultSpawnCli,\n): Promise<ClaudeAuthStatus> {\n  if (spawnCli === defaultSpawnCli) {\n    const status = await checkClaudeAuthWith(defaultSpawnCli);\n    if (status.loggedIn) return status;\n    return await checkClaudeAuthWith(legacySdkSpawnCli);\n  }\n  return await checkClaudeAuthWith(spawnCli);\n}\n\nasync function checkClaudeAuthWith(\n  spawnCli: SpawnCliFn,\n): Promise<ClaudeAuthStatus> {\n  let child: SpawnedProcess;\n  try {\n    child = spawnCli([\"auth\", \"status\", \"--json\"]);\n  } catch {\n    return { loggedIn: false };\n  }\n\n  return new Promise<ClaudeAuthStatus>((resolve) => {\n    let stdout = \"\";\n    let stderr = \"\";\n    let settled = false;\n\n    const settle = (value: ClaudeAuthStatus): void => {\n      if (settled) return;\n      settled = true;\n      clearTimeout(timer);\n      resolve(value);\n    };\n\n    const timer = setTimeout(() => {\n      try {\n        child.kill(\"SIGTERM\");\n      } catch {\n        // Kill can fail if the process already exited; nothing we can do.\n      }\n      settle({ loggedIn: false });\n    }, AUTH_TIMEOUT_MS);\n\n    child.stdout.on(\"data\", (data) => {\n      stdout += data.toString();\n    });\n    child.stderr.on(\"data\", (data) => {\n      stderr += data.toString();\n    });\n\n    child.on(\"error\", () => {\n      settle({ loggedIn: false });\n    });\n\n    child.on(\"close\", (code) => {\n      // The SDK writes `{\"loggedIn\": false, ...}` to stdout with a zero\n      // exit code when the user isn't signed in, so we only reject on\n      // non-zero + empty stdout. An empty stdout with zero exit (shouldn't\n      // happen in practice) also fails safely to `loggedIn: false`.\n      if (code !== 0 && stdout.trim().length === 0) {\n        // `stderr` isn't surfaced to the user here — the caller's error\n        // message covers both auth paths — but it would be captured by\n        // `stderr` if we ever wanted to log it for debugging.\n        void stderr;\n        settle({ loggedIn: false });\n        return;\n      }\n      try {\n        settle(parseClaudeAuthStatus(stdout.trim()));\n      } catch {\n        settle({ loggedIn: false });\n      }\n    });\n  });\n}\n\nfunction parseClaudeAuthStatus(raw: string): ClaudeAuthStatus {\n  const parsed = JSON.parse(raw) as Record<string, unknown>;\n  const loggedIn = parsed.loggedIn === true;\n  const out: ClaudeAuthStatus = { loggedIn };\n  if (typeof parsed.email === \"string\") out.email = parsed.email;\n  if (typeof parsed.subscriptionType === \"string\") {\n    out.subscriptionType = parsed.subscriptionType;\n  }\n  if (typeof parsed.authMethod === \"string\") {\n    out.authMethod = parsed.authMethod;\n  }\n  return out;\n}\n\n/**\n * Human-readable error when neither auth path is available. The text is\n * deliberately verbose — users hitting this wall for the first time\n * deserve both options in front of them, not a terse hint.\n */\nexport const UNAUTHENTICATED_MESSAGE =\n  \"not authenticated to Claude.\\n\\n\" +\n  \"Option 1 — use your Claude subscription (Pro/Max):\\n\" +\n  \"  claude auth login --claudeai\\n\\n\" +\n  \"Option 2 — use a pay-per-token API key:\\n\" +\n  \"  Get one at https://console.anthropic.com\\n\" +\n  \"  export ANTHROPIC_API_KEY=sk-ant-...\\n\\n\" +\n  \"Verify with: claude auth status\";\n\n/**\n * Assert that at least one auth path is satisfied. Prefers subscription\n * auth (fewer surprises for Claude Pro/Max users) but accepts\n * `ANTHROPIC_API_KEY` as a fallback. On failure throws with\n * `code = \"CLAUDE_AUTH_MISSING\"` so callers can distinguish this from\n * other errors if they ever want to.\n *\n * Returns the resolved auth status so callers that want to display the\n * logged-in email in a preamble can do so without a second subprocess.\n */\nexport async function assertClaudeAuth(\n  spawnCli: SpawnCliFn = defaultSpawnCli,\n): Promise<ClaudeAuthStatus> {\n  const status = await checkClaudeAuth(spawnCli);\n  if (status.loggedIn) {\n    return status;\n  }\n  const apiKey = process.env.ANTHROPIC_API_KEY;\n  if (apiKey !== undefined && apiKey.length > 0) {\n    // Signal to callers that we're on the API-key path. Not \"loggedIn\"\n    // in the OAuth sense, but the SDK will pick up the env var and\n    // succeed — so we return a status that tells bootstrap/capture the\n    // gate is open.\n    return { loggedIn: true, authMethod: \"apiKey\" };\n  }\n  const err = new Error(UNAUTHENTICATED_MESSAGE);\n  (err as { code?: string }).code = \"CLAUDE_AUTH_MISSING\";\n  throw err;\n}\n\n// Internal re-export — helps keep the public type surface minimal while\n// still letting tests import the `ChildProcess` shape when needed.\nexport type { ChildProcess };\n"],"mappings":";;;AAAA,SAAS,OAAO,iBAAoC;AACpD,SAAS,qBAAqB;AAC9B,SAAS,SAAS,YAAY;AAqC9B,IAAM,kBAAkB;AAOjB,SAAS,0BAA8C;AAC5D,QAAM,SAAS,UAAU,MAAM,CAAC,OAAO,mBAAmB,GAAG;AAAA,IAC3D,UAAU;AAAA,EACZ,CAAC;AACD,MAAI,OAAO,WAAW,EAAG,QAAO;AAChC,QAAM,QAAQ,OAAO,OAAO,KAAK,EAAE,MAAM,IAAI,EAAE,CAAC,GAAG,KAAK;AACxD,SAAO,UAAU,UAAa,MAAM,SAAS,IAAI,QAAQ;AAC3D;AAOA,SAAS,mBAA2B;AAClC,QAAMA,WAAU,cAAc,YAAY,GAAG;AAC7C,QAAM,QAAQA,SAAQ,QAAQ,gCAAgC;AAC9D,SAAO,KAAK,QAAQ,KAAK,GAAG,QAAQ;AACtC;AAMO,IAAM,kBAA8B,CAAC,SAAmB;AAC7D,QAAM,UAAU,wBAAwB,KAAK;AAC7C,QAAM,QAAQ,MAAM,SAAS,MAAM;AAAA,IACjC,OAAO,CAAC,UAAU,QAAQ,MAAM;AAAA,EAClC,CAAC;AACD,SAAO;AACT;AAEO,IAAM,oBAAgC,CAAC,SAAmB;AAC/D,QAAM,UAAU,iBAAiB;AACjC,QAAM,QAAQ,MAAM,QAAQ,UAAU,CAAC,SAAS,GAAG,IAAI,GAAG;AAAA,IACxD,OAAO,CAAC,UAAU,QAAQ,MAAM;AAAA,EAClC,CAAC;AACD,SAAO;AACT;AAeA,eAAsB,gBACpB,WAAuB,iBACI;AAC3B,MAAI,aAAa,iBAAiB;AAChC,UAAM,SAAS,MAAM,oBAAoB,eAAe;AACxD,QAAI,OAAO,SAAU,QAAO;AAC5B,WAAO,MAAM,oBAAoB,iBAAiB;AAAA,EACpD;AACA,SAAO,MAAM,oBAAoB,QAAQ;AAC3C;AAEA,eAAe,oBACb,UAC2B;AAC3B,MAAI;AACJ,MAAI;AACF,YAAQ,SAAS,CAAC,QAAQ,UAAU,QAAQ,CAAC;AAAA,EAC/C,QAAQ;AACN,WAAO,EAAE,UAAU,MAAM;AAAA,EAC3B;AAEA,SAAO,IAAI,QAA0B,CAAC,YAAY;AAChD,QAAI,SAAS;AACb,QAAI,SAAS;AACb,QAAI,UAAU;AAEd,UAAM,SAAS,CAAC,UAAkC;AAChD,UAAI,QAAS;AACb,gBAAU;AACV,mBAAa,KAAK;AAClB,cAAQ,KAAK;AAAA,IACf;AAEA,UAAM,QAAQ,WAAW,MAAM;AAC7B,UAAI;AACF,cAAM,KAAK,SAAS;AAAA,MACtB,QAAQ;AAAA,MAER;AACA,aAAO,EAAE,UAAU,MAAM,CAAC;AAAA,IAC5B,GAAG,eAAe;AAElB,UAAM,OAAO,GAAG,QAAQ,CAAC,SAAS;AAChC,gBAAU,KAAK,SAAS;AAAA,IAC1B,CAAC;AACD,UAAM,OAAO,GAAG,QAAQ,CAAC,SAAS;AAChC,gBAAU,KAAK,SAAS;AAAA,IAC1B,CAAC;AAED,UAAM,GAAG,SAAS,MAAM;AACtB,aAAO,EAAE,UAAU,MAAM,CAAC;AAAA,IAC5B,CAAC;AAED,UAAM,GAAG,SAAS,CAAC,SAAS;AAK1B,UAAI,SAAS,KAAK,OAAO,KAAK,EAAE,WAAW,GAAG;AAI5C,aAAK;AACL,eAAO,EAAE,UAAU,MAAM,CAAC;AAC1B;AAAA,MACF;AACA,UAAI;AACF,eAAO,sBAAsB,OAAO,KAAK,CAAC,CAAC;AAAA,MAC7C,QAAQ;AACN,eAAO,EAAE,UAAU,MAAM,CAAC;AAAA,MAC5B;AAAA,IACF,CAAC;AAAA,EACH,CAAC;AACH;AAEA,SAAS,sBAAsB,KAA+B;AAC5D,QAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAM,WAAW,OAAO,aAAa;AACrC,QAAM,MAAwB,EAAE,SAAS;AACzC,MAAI,OAAO,OAAO,UAAU,SAAU,KAAI,QAAQ,OAAO;AACzD,MAAI,OAAO,OAAO,qBAAqB,UAAU;AAC/C,QAAI,mBAAmB,OAAO;AAAA,EAChC;AACA,MAAI,OAAO,OAAO,eAAe,UAAU;AACzC,QAAI,aAAa,OAAO;AAAA,EAC1B;AACA,SAAO;AACT;AAOO,IAAM,0BACX;AAkBF,eAAsB,iBACpB,WAAuB,iBACI;AAC3B,QAAM,SAAS,MAAM,gBAAgB,QAAQ;AAC7C,MAAI,OAAO,UAAU;AACnB,WAAO;AAAA,EACT;AACA,QAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,WAAW,UAAa,OAAO,SAAS,GAAG;AAK7C,WAAO,EAAE,UAAU,MAAM,YAAY,SAAS;AAAA,EAChD;AACA,QAAM,MAAM,IAAI,MAAM,uBAAuB;AAC7C,EAAC,IAA0B,OAAO;AAClC,QAAM;AACR;","names":["require"]}

package/dist/{chunk-QHQ6YH7U.js → chunk-V3QOQSXI.js}

@@ -1,9 +1,11 @@
 #!/usr/bin/env node
 import {
   checkForUpdate,
-  getConfigPath,
   getStatePath
-} from "./chunk-AXFPUHBN.js";
+} from "./chunk-F53U6JQG.js";
+import {
+  getConfigPath
+} from "./chunk-WRUSDYYE.js";
 
 // src/update/schedule.ts
 import { spawn } from "child_process";
@@ -78,4 +80,4 @@ export {
   runInternalUpdateCheck,
   readStateForDoctor
 };
-//# sourceMappingURL=chunk-QHQ6YH7U.js.map
+//# sourceMappingURL=chunk-V3QOQSXI.js.map

package/dist/{chunk-QHQ6YH7U.js.map → chunk-V3QOQSXI.js.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/update/schedule.ts"],"sourcesContent":["import { spawn } from \"node:child_process\";\nimport { readFileSync } from \"node:fs\";\n\nimport { checkForUpdate } from \"./check.js\";\nimport { getConfigPath } from \"./config.js\";\nimport { getStatePath, type UpdateState } from \"./state.js\";\n\n/**\n * Post-command scheduler for the background update check.\n *\n * After any normal `almanac <command>` exits, we want a fresh check to\n * have happened by the next invocation. We achieve that by spawning a\n * detached copy of ourselves with the hidden `--internal-check-updates`\n * flag; that child does nothing but hit the registry and write\n * `~/.almanac/update-state.json`, then exits.\n *\n * Why detach rather than check inline:\n *   - 3s network timeout in the foreground would feel sluggish on every\n *     command.\n *   - `npm test` and CI scripts shouldn't pay for a registry round-trip\n *     (gated below via env).\n *   - A detached child with `stdio: \"ignore\"` cannot leak output into\n *     the parent's stdout/stderr — critical for pipelines.\n *\n * Hazards we accept:\n *   - A Claude Code subprocess whose parent shell exits right after the\n *     `almanac` call may kill the child before it finishes. That's\n *     fine: a failed check just means we try again next invocation.\n *   - Detached child survival on Windows isn't as robust as on Unix.\n *     Same fallback: next invocation retries.\n */\n\nexport function scheduleBackgroundUpdateCheck(argv: string[]): void {\n  if (!shouldSchedule(argv)) return;\n\n  const scriptPath = argv[1];\n  const nodeBin = process.execPath;\n  if (scriptPath === undefined || scriptPath.length === 0) return;\n\n  // Spawn with the current Node and the same script path. `detached:\n  // true` + `stdio: \"ignore\"` + `unref()` detaches the child from our\n  // event loop so the parent can exit independently.\n  try {\n    const child = spawn(\n      nodeBin,\n      [scriptPath, \"--internal-check-updates\"],\n      {\n        detached: true,\n        stdio: \"ignore\",\n        // Windows: with `detached: true` and no `stdio`, Node opens a\n        // console window — `\"ignore\"` prevents that.\n      },\n    );\n    child.unref();\n    // Swallow any synchronous spawn errors (e.g. ENOENT in strange\n    // installs) — never propagate to the foreground command.\n    child.on(\"error\", () => {});\n  } catch {\n    // Last-resort swallow: background checks are best-effort.\n  }\n}\n\n/**\n * Should we spawn the worker at all?\n *\n *   - Respect the `update_notifier` config — no banner means no need\n *     for the data that feeds it.\n *   - Skip in test environments so `npm test` doesn't fork 300 copies\n *     of itself into the background and hammer the registry.\n *   - Skip on the worker invocation itself (prevents a fork bomb).\n *   - Skip when the user doesn't own the install path (permission\n *     weirdness) — detected by `~/.almanac` mkdir failing; simplest\n *     to just rely on the worker's own error handling, so we don't\n *     gate here.\n *   - Skip when the argv contains `--help`/`--version`/nothing — these\n *     commands are often run from scripts that care about clean exit;\n *     though the inline banner still shows, we don't kick off a check.\n */\nfunction shouldSchedule(argv: string[]): boolean {\n  if (process.env.CODEALMANAC_SKIP_UPDATE_CHECK === \"1\") return false;\n  if (process.env.NODE_ENV === \"test\") return false;\n  if (process.env.VITEST !== undefined) return false;\n\n  // Already the worker. argv[2..] contains the internal flag.\n  if (argv.slice(2).includes(\"--internal-check-updates\")) return false;\n\n  if (!notifierEnabled()) return false;\n\n  return true;\n}\n\nfunction notifierEnabled(): boolean {\n  try {\n    const raw = readFileSync(getConfigPath(), \"utf8\");\n    const parsed = JSON.parse(raw) as { update_notifier?: unknown };\n    if (parsed.update_notifier === false) return false;\n    return true;\n  } catch {\n    return true; // missing / malformed → default-on\n  }\n}\n\n/**\n * The worker body. Invoked when `--internal-check-updates` appears on\n * the argv. Must be fast and must never print: the parent spawned us\n * with `stdio: \"ignore\"` but a stray write could still surprise a\n * downstream debugger.\n *\n * We take a simple file lock at `~/.almanac/.update-check.lock` to\n * prevent two workers running at the same time (which could happen if\n * the user fires several commands in parallel). The lock is just the\n * existence of the file with our PID inside; if an existing lock is\n * stale (older than the 3s + cache-write budget), we steal it.\n */\nexport async function runInternalUpdateCheck(): Promise<void> {\n  // The worker is intentionally minimal. Any error (network, fs,\n  // JSON) is handled inside `checkForUpdate` and surfaces as a\n  // swallowed return; we just need to await it and exit.\n  try {\n    await checkForUpdate({});\n  } catch {\n    // Defense-in-depth: nothing must escape the worker.\n  }\n}\n\n/**\n * Read the current state snapshot for diagnostic surfaces (doctor, the\n * `update --check` command). Wraps the sync read so callers can grab\n * state without the `async readState` ceremony.\n */\nexport function readStateForDoctor(path?: string): UpdateState | null {\n  const file = path ?? getStatePath();\n  try {\n    const raw = readFileSync(file, \"utf8\");\n    const trimmed = raw.trim();\n    if (trimmed.length === 0) return null;\n    const parsed = JSON.parse(trimmed) as Partial<UpdateState>;\n    return {\n      last_check_at:\n        typeof parsed.last_check_at === \"number\" ? parsed.last_check_at : 0,\n      installed_version:\n        typeof parsed.installed_version === \"string\"\n          ? parsed.installed_version\n          : \"\",\n      latest_version:\n        typeof parsed.latest_version === \"string\" ? parsed.latest_version : \"\",\n      dismissed_versions: Array.isArray(parsed.dismissed_versions)\n        ? parsed.dismissed_versions.filter((v): v is string => typeof v === \"string\")\n        : [],\n      last_fetch_failed_at:\n        typeof parsed.last_fetch_failed_at === \"number\"\n          ? parsed.last_fetch_failed_at\n          : undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n"],"mappings":";;;;;;;;AAAA,SAAS,aAAa;AACtB,SAAS,oBAAoB;AA+BtB,SAAS,8BAA8B,MAAsB;AAClE,MAAI,CAAC,eAAe,IAAI,EAAG;AAE3B,QAAM,aAAa,KAAK,CAAC;AACzB,QAAM,UAAU,QAAQ;AACxB,MAAI,eAAe,UAAa,WAAW,WAAW,EAAG;AAKzD,MAAI;AACF,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,CAAC,YAAY,0BAA0B;AAAA,MACvC;AAAA,QACE,UAAU;AAAA,QACV,OAAO;AAAA;AAAA;AAAA,MAGT;AAAA,IACF;AACA,UAAM,MAAM;AAGZ,UAAM,GAAG,SAAS,MAAM;AAAA,IAAC,CAAC;AAAA,EAC5B,QAAQ;AAAA,EAER;AACF;AAkBA,SAAS,eAAe,MAAyB;AAC/C,MAAI,QAAQ,IAAI,kCAAkC,IAAK,QAAO;AAC9D,MAAI,QAAQ,IAAI,aAAa,OAAQ,QAAO;AAC5C,MAAI,QAAQ,IAAI,WAAW,OAAW,QAAO;AAG7C,MAAI,KAAK,MAAM,CAAC,EAAE,SAAS,0BAA0B,EAAG,QAAO;AAE/D,MAAI,CAAC,gBAAgB,EAAG,QAAO;AAE/B,SAAO;AACT;AAEA,SAAS,kBAA2B;AAClC,MAAI;AACF,UAAM,MAAM,aAAa,cAAc,GAAG,MAAM;AAChD,UAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAI,OAAO,oBAAoB,MAAO,QAAO;AAC7C,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAcA,eAAsB,yBAAwC;AAI5D,MAAI;AACF,UAAM,eAAe,CAAC,CAAC;AAAA,EACzB,QAAQ;AAAA,EAER;AACF;AAOO,SAAS,mBAAmB,MAAmC;AACpE,QAAM,OAAO,QAAQ,aAAa;AAClC,MAAI;AACF,UAAM,MAAM,aAAa,MAAM,MAAM;AACrC,UAAM,UAAU,IAAI,KAAK;AACzB,QAAI,QAAQ,WAAW,EAAG,QAAO;AACjC,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,WAAO;AAAA,MACL,eACE,OAAO,OAAO,kBAAkB,WAAW,OAAO,gBAAgB;AAAA,MACpE,mBACE,OAAO,OAAO,sBAAsB,WAChC,OAAO,oBACP;AAAA,MACN,gBACE,OAAO,OAAO,mBAAmB,WAAW,OAAO,iBAAiB;AAAA,MACtE,oBAAoB,MAAM,QAAQ,OAAO,kBAAkB,IACvD,OAAO,mBAAmB,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,IAC1E,CAAC;AAAA,MACL,sBACE,OAAO,OAAO,yBAAyB,WACnC,OAAO,uBACP;AAAA,IACR;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;","names":[]}
+{"version":3,"sources":["../src/update/schedule.ts"],"sourcesContent":["import { spawn } from \"node:child_process\";\nimport { readFileSync } from \"node:fs\";\n\nimport { checkForUpdate } from \"./check.js\";\nimport { getConfigPath } from \"./config.js\";\nimport { getStatePath, type UpdateState } from \"./state.js\";\n\n/**\n * Post-command scheduler for the background update check.\n *\n * After any normal `almanac <command>` exits, we want a fresh check to\n * have happened by the next invocation. We achieve that by spawning a\n * detached copy of ourselves with the hidden `--internal-check-updates`\n * flag; that child does nothing but hit the registry and write\n * `~/.almanac/update-state.json`, then exits.\n *\n * Why detach rather than check inline:\n *   - 3s network timeout in the foreground would feel sluggish on every\n *     command.\n *   - `npm test` and CI scripts shouldn't pay for a registry round-trip\n *     (gated below via env).\n *   - A detached child with `stdio: \"ignore\"` cannot leak output into\n *     the parent's stdout/stderr — critical for pipelines.\n *\n * Hazards we accept:\n *   - A Claude Code subprocess whose parent shell exits right after the\n *     `almanac` call may kill the child before it finishes. That's\n *     fine: a failed check just means we try again next invocation.\n *   - Detached child survival on Windows isn't as robust as on Unix.\n *     Same fallback: next invocation retries.\n */\n\nexport function scheduleBackgroundUpdateCheck(argv: string[]): void {\n  if (!shouldSchedule(argv)) return;\n\n  const scriptPath = argv[1];\n  const nodeBin = process.execPath;\n  if (scriptPath === undefined || scriptPath.length === 0) return;\n\n  // Spawn with the current Node and the same script path. `detached:\n  // true` + `stdio: \"ignore\"` + `unref()` detaches the child from our\n  // event loop so the parent can exit independently.\n  try {\n    const child = spawn(\n      nodeBin,\n      [scriptPath, \"--internal-check-updates\"],\n      {\n        detached: true,\n        stdio: \"ignore\",\n        // Windows: with `detached: true` and no `stdio`, Node opens a\n        // console window — `\"ignore\"` prevents that.\n      },\n    );\n    child.unref();\n    // Swallow any synchronous spawn errors (e.g. ENOENT in strange\n    // installs) — never propagate to the foreground command.\n    child.on(\"error\", () => {});\n  } catch {\n    // Last-resort swallow: background checks are best-effort.\n  }\n}\n\n/**\n * Should we spawn the worker at all?\n *\n *   - Respect the `update_notifier` config — no banner means no need\n *     for the data that feeds it.\n *   - Skip in test environments so `npm test` doesn't fork 300 copies\n *     of itself into the background and hammer the registry.\n *   - Skip on the worker invocation itself (prevents a fork bomb).\n *   - Skip when the user doesn't own the install path (permission\n *     weirdness) — detected by `~/.almanac` mkdir failing; simplest\n *     to just rely on the worker's own error handling, so we don't\n *     gate here.\n *   - Skip when the argv contains `--help`/`--version`/nothing — these\n *     commands are often run from scripts that care about clean exit;\n *     though the inline banner still shows, we don't kick off a check.\n */\nfunction shouldSchedule(argv: string[]): boolean {\n  if (process.env.CODEALMANAC_SKIP_UPDATE_CHECK === \"1\") return false;\n  if (process.env.NODE_ENV === \"test\") return false;\n  if (process.env.VITEST !== undefined) return false;\n\n  // Already the worker. argv[2..] contains the internal flag.\n  if (argv.slice(2).includes(\"--internal-check-updates\")) return false;\n\n  if (!notifierEnabled()) return false;\n\n  return true;\n}\n\nfunction notifierEnabled(): boolean {\n  try {\n    const raw = readFileSync(getConfigPath(), \"utf8\");\n    const parsed = JSON.parse(raw) as { update_notifier?: unknown };\n    if (parsed.update_notifier === false) return false;\n    return true;\n  } catch {\n    return true; // missing / malformed → default-on\n  }\n}\n\n/**\n * The worker body. Invoked when `--internal-check-updates` appears on\n * the argv. Must be fast and must never print: the parent spawned us\n * with `stdio: \"ignore\"` but a stray write could still surprise a\n * downstream debugger.\n *\n * We take a simple file lock at `~/.almanac/.update-check.lock` to\n * prevent two workers running at the same time (which could happen if\n * the user fires several commands in parallel). The lock is just the\n * existence of the file with our PID inside; if an existing lock is\n * stale (older than the 3s + cache-write budget), we steal it.\n */\nexport async function runInternalUpdateCheck(): Promise<void> {\n  // The worker is intentionally minimal. Any error (network, fs,\n  // JSON) is handled inside `checkForUpdate` and surfaces as a\n  // swallowed return; we just need to await it and exit.\n  try {\n    await checkForUpdate({});\n  } catch {\n    // Defense-in-depth: nothing must escape the worker.\n  }\n}\n\n/**\n * Read the current state snapshot for diagnostic surfaces (doctor, the\n * `update --check` command). Wraps the sync read so callers can grab\n * state without the `async readState` ceremony.\n */\nexport function readStateForDoctor(path?: string): UpdateState | null {\n  const file = path ?? getStatePath();\n  try {\n    const raw = readFileSync(file, \"utf8\");\n    const trimmed = raw.trim();\n    if (trimmed.length === 0) return null;\n    const parsed = JSON.parse(trimmed) as Partial<UpdateState>;\n    return {\n      last_check_at:\n        typeof parsed.last_check_at === \"number\" ? parsed.last_check_at : 0,\n      installed_version:\n        typeof parsed.installed_version === \"string\"\n          ? parsed.installed_version\n          : \"\",\n      latest_version:\n        typeof parsed.latest_version === \"string\" ? parsed.latest_version : \"\",\n      dismissed_versions: Array.isArray(parsed.dismissed_versions)\n        ? parsed.dismissed_versions.filter((v): v is string => typeof v === \"string\")\n        : [],\n      last_fetch_failed_at:\n        typeof parsed.last_fetch_failed_at === \"number\"\n          ? parsed.last_fetch_failed_at\n          : undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n"],"mappings":";;;;;;;;;;AAAA,SAAS,aAAa;AACtB,SAAS,oBAAoB;AA+BtB,SAAS,8BAA8B,MAAsB;AAClE,MAAI,CAAC,eAAe,IAAI,EAAG;AAE3B,QAAM,aAAa,KAAK,CAAC;AACzB,QAAM,UAAU,QAAQ;AACxB,MAAI,eAAe,UAAa,WAAW,WAAW,EAAG;AAKzD,MAAI;AACF,UAAM,QAAQ;AAAA,MACZ;AAAA,MACA,CAAC,YAAY,0BAA0B;AAAA,MACvC;AAAA,QACE,UAAU;AAAA,QACV,OAAO;AAAA;AAAA;AAAA,MAGT;AAAA,IACF;AACA,UAAM,MAAM;AAGZ,UAAM,GAAG,SAAS,MAAM;AAAA,IAAC,CAAC;AAAA,EAC5B,QAAQ;AAAA,EAER;AACF;AAkBA,SAAS,eAAe,MAAyB;AAC/C,MAAI,QAAQ,IAAI,kCAAkC,IAAK,QAAO;AAC9D,MAAI,QAAQ,IAAI,aAAa,OAAQ,QAAO;AAC5C,MAAI,QAAQ,IAAI,WAAW,OAAW,QAAO;AAG7C,MAAI,KAAK,MAAM,CAAC,EAAE,SAAS,0BAA0B,EAAG,QAAO;AAE/D,MAAI,CAAC,gBAAgB,EAAG,QAAO;AAE/B,SAAO;AACT;AAEA,SAAS,kBAA2B;AAClC,MAAI;AACF,UAAM,MAAM,aAAa,cAAc,GAAG,MAAM;AAChD,UAAM,SAAS,KAAK,MAAM,GAAG;AAC7B,QAAI,OAAO,oBAAoB,MAAO,QAAO;AAC7C,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAcA,eAAsB,yBAAwC;AAI5D,MAAI;AACF,UAAM,eAAe,CAAC,CAAC;AAAA,EACzB,QAAQ;AAAA,EAER;AACF;AAOO,SAAS,mBAAmB,MAAmC;AACpE,QAAM,OAAO,QAAQ,aAAa;AAClC,MAAI;AACF,UAAM,MAAM,aAAa,MAAM,MAAM;AACrC,UAAM,UAAU,IAAI,KAAK;AACzB,QAAI,QAAQ,WAAW,EAAG,QAAO;AACjC,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,WAAO;AAAA,MACL,eACE,OAAO,OAAO,kBAAkB,WAAW,OAAO,gBAAgB;AAAA,MACpE,mBACE,OAAO,OAAO,sBAAsB,WAChC,OAAO,oBACP;AAAA,MACN,gBACE,OAAO,OAAO,mBAAmB,WAAW,OAAO,iBAAiB;AAAA,MACtE,oBAAoB,MAAM,QAAQ,OAAO,kBAAkB,IACvD,OAAO,mBAAmB,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,IAC1E,CAAC;AAAA,MACL,sBACE,OAAO,OAAO,yBAAyB,WACnC,OAAO,uBACP;AAAA,IACR;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;","names":[]}

package/dist/chunk-WRUSDYYE.js

@@ -0,0 +1,97 @@
+#!/usr/bin/env node
+import {
+  getGlobalAlmanacDir
+} from "./chunk-7JUX4ADQ.js";
+
+// src/update/config.ts
+import { mkdir, readFile, rename, writeFile } from "fs/promises";
+import { dirname, join } from "path";
+var AGENT_PROVIDER_IDS = ["claude", "codex", "cursor"];
+function isAgentProviderId(value) {
+  return AGENT_PROVIDER_IDS.includes(value);
+}
+function defaultConfig() {
+  return {
+    update_notifier: true,
+    agent: {
+      default: "claude",
+      models: {
+        claude: "claude-sonnet-4-6",
+        codex: null,
+        cursor: null
+      }
+    }
+  };
+}
+function getConfigPath() {
+  return join(getGlobalAlmanacDir(), "config.json");
+}
+async function readConfig(path) {
+  const file = path ?? getConfigPath();
+  let raw;
+  try {
+    raw = await readFile(file, "utf8");
+  } catch {
+    return defaultConfig();
+  }
+  const trimmed = raw.trim();
+  if (trimmed.length === 0) return defaultConfig();
+  try {
+    const parsed = JSON.parse(trimmed);
+    const defaults = defaultConfig();
+    const rawAgent = parsed.agent !== void 0 && parsed.agent !== null && typeof parsed.agent === "object" ? parsed.agent : {};
+    const rawDefault = typeof rawAgent.default === "string" && isAgentProviderId(rawAgent.default) ? rawAgent.default : defaults.agent.default;
+    const rawModels = rawAgent.models !== void 0 && rawAgent.models !== null && typeof rawAgent.models === "object" ? rawAgent.models : {};
+    const models = {
+      ...defaults.agent.models
+    };
+    for (const id of AGENT_PROVIDER_IDS) {
+      const value = rawModels[id];
+      if (typeof value === "string" && value.length > 0) {
+        models[id] = value;
+      } else if (value === null) {
+        models[id] = null;
+      }
+    }
+    return {
+      update_notifier: typeof parsed.update_notifier === "boolean" ? parsed.update_notifier : true,
+      agent: {
+        default: rawDefault,
+        models
+      }
+    };
+  } catch {
+    return defaultConfig();
+  }
+}
+async function writeConfig(config, path) {
+  const file = path ?? getConfigPath();
+  await mkdir(dirname(file), { recursive: true });
+  const body = `${JSON.stringify(normalizeConfig(config), null, 2)}
+`;
+  const tmp = `${file}.tmp`;
+  await writeFile(tmp, body, "utf8");
+  await rename(tmp, file);
+}
+function normalizeConfig(config) {
+  const defaults = defaultConfig();
+  return {
+    update_notifier: typeof config.update_notifier === "boolean" ? config.update_notifier : defaults.update_notifier,
+    agent: {
+      default: config.agent !== void 0 && isAgentProviderId(config.agent.default) ? config.agent.default : defaults.agent.default,
+      models: {
+        ...defaults.agent.models,
+        ...config.agent?.models ?? {}
+      }
+    }
+  };
+}
+
+export {
+  AGENT_PROVIDER_IDS,
+  isAgentProviderId,
+  getConfigPath,
+  readConfig,
+  writeConfig
+};
+//# sourceMappingURL=chunk-WRUSDYYE.js.map

package/dist/chunk-WRUSDYYE.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/update/config.ts"],"sourcesContent":["import { mkdir, readFile, rename, writeFile } from \"node:fs/promises\";\nimport { dirname, join } from \"node:path\";\n\nimport { getGlobalAlmanacDir } from \"../paths.js\";\n\nexport const AGENT_PROVIDER_IDS = [\"claude\", \"codex\", \"cursor\"] as const;\nexport type AgentProviderId = (typeof AGENT_PROVIDER_IDS)[number];\n\nexport function isAgentProviderId(value: string): value is AgentProviderId {\n  return (AGENT_PROVIDER_IDS as readonly string[]).includes(value);\n}\n\nexport interface AgentConfig {\n  /** Default provider for bootstrap/capture. Default: \"claude\". */\n  default: AgentProviderId;\n  /** Optional per-provider model override. `null` means provider default. */\n  models: Partial<Record<AgentProviderId, string | null>>;\n}\n\n/**\n * `~/.almanac/config.json` — global, cross-wiki configuration. Today\n * the only field is `update_notifier` (on/off toggle for the pre-command\n * banner); designed as an object so we can add more knobs without\n * breaking users who already have the file on disk.\n *\n * Missing or malformed → defaults. Same tolerance as `UpdateState`:\n * the CLI must not be able to fail because this file drifted.\n */\nexport interface GlobalConfig {\n  /** When `false`, suppress the pre-command update-nag banner. Default: true. */\n  update_notifier: boolean;\n  /** Agent-provider settings for bootstrap/capture. */\n  agent: AgentConfig;\n}\n\nexport function defaultConfig(): GlobalConfig {\n  return {\n    update_notifier: true,\n    agent: {\n      default: \"claude\",\n      models: {\n        claude: \"claude-sonnet-4-6\",\n        codex: null,\n        cursor: null,\n      },\n    },\n  };\n}\n\nexport function getConfigPath(): string {\n  return join(getGlobalAlmanacDir(), \"config.json\");\n}\n\nexport async function readConfig(path?: string): Promise<GlobalConfig> {\n  const file = path ?? getConfigPath();\n  let raw: string;\n  try {\n    raw = await readFile(file, \"utf8\");\n  } catch {\n    return defaultConfig();\n  }\n  const trimmed = raw.trim();\n  if (trimmed.length === 0) return defaultConfig();\n  try {\n    const parsed = JSON.parse(trimmed) as Partial<GlobalConfig>;\n    const defaults = defaultConfig();\n    const rawAgent =\n      parsed.agent !== undefined &&\n      parsed.agent !== null &&\n      typeof parsed.agent === \"object\"\n        ? (parsed.agent as Partial<AgentConfig>)\n        : {};\n    const rawDefault =\n      typeof rawAgent.default === \"string\" &&\n      isAgentProviderId(rawAgent.default)\n        ? rawAgent.default\n        : defaults.agent.default;\n    const rawModels =\n      rawAgent.models !== undefined &&\n      rawAgent.models !== null &&\n      typeof rawAgent.models === \"object\"\n        ? (rawAgent.models as Record<string, unknown>)\n        : {};\n    const models: Partial<Record<AgentProviderId, string | null>> = {\n      ...defaults.agent.models,\n    };\n    for (const id of AGENT_PROVIDER_IDS) {\n      const value = rawModels[id];\n      if (typeof value === \"string\" && value.length > 0) {\n        models[id] = value;\n      } else if (value === null) {\n        models[id] = null;\n      }\n    }\n    return {\n      update_notifier:\n        typeof parsed.update_notifier === \"boolean\"\n          ? parsed.update_notifier\n          : true,\n      agent: {\n        default: rawDefault,\n        models,\n      },\n    };\n  } catch {\n    return defaultConfig();\n  }\n}\n\nexport async function writeConfig(\n  config: GlobalConfig | Partial<GlobalConfig>,\n  path?: string,\n): Promise<void> {\n  const file = path ?? getConfigPath();\n  await mkdir(dirname(file), { recursive: true });\n  const body = `${JSON.stringify(normalizeConfig(config), null, 2)}\\n`;\n  const tmp = `${file}.tmp`;\n  await writeFile(tmp, body, \"utf8\");\n  await rename(tmp, file);\n}\n\nfunction normalizeConfig(config: GlobalConfig | Partial<GlobalConfig>): GlobalConfig {\n  const defaults = defaultConfig();\n  return {\n    update_notifier:\n      typeof config.update_notifier === \"boolean\"\n        ? config.update_notifier\n        : defaults.update_notifier,\n    agent: {\n      default:\n        config.agent !== undefined && isAgentProviderId(config.agent.default)\n          ? config.agent.default\n          : defaults.agent.default,\n      models: {\n        ...defaults.agent.models,\n        ...(config.agent?.models ?? {}),\n      },\n    },\n  };\n}\n"],"mappings":";;;;;;AAAA,SAAS,OAAO,UAAU,QAAQ,iBAAiB;AACnD,SAAS,SAAS,YAAY;AAIvB,IAAM,qBAAqB,CAAC,UAAU,SAAS,QAAQ;AAGvD,SAAS,kBAAkB,OAAyC;AACzE,SAAQ,mBAAyC,SAAS,KAAK;AACjE;AAyBO,SAAS,gBAA8B;AAC5C,SAAO;AAAA,IACL,iBAAiB;AAAA,IACjB,OAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ;AAAA,QACN,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,QAAQ;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;AAEO,SAAS,gBAAwB;AACtC,SAAO,KAAK,oBAAoB,GAAG,aAAa;AAClD;AAEA,eAAsB,WAAW,MAAsC;AACrE,QAAM,OAAO,QAAQ,cAAc;AACnC,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,SAAS,MAAM,MAAM;AAAA,EACnC,QAAQ;AACN,WAAO,cAAc;AAAA,EACvB;AACA,QAAM,UAAU,IAAI,KAAK;AACzB,MAAI,QAAQ,WAAW,EAAG,QAAO,cAAc;AAC/C,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,UAAM,WAAW,cAAc;AAC/B,UAAM,WACJ,OAAO,UAAU,UACjB,OAAO,UAAU,QACjB,OAAO,OAAO,UAAU,WACnB,OAAO,QACR,CAAC;AACP,UAAM,aACJ,OAAO,SAAS,YAAY,YAC5B,kBAAkB,SAAS,OAAO,IAC9B,SAAS,UACT,SAAS,MAAM;AACrB,UAAM,YACJ,SAAS,WAAW,UACpB,SAAS,WAAW,QACpB,OAAO,SAAS,WAAW,WACtB,SAAS,SACV,CAAC;AACP,UAAM,SAA0D;AAAA,MAC9D,GAAG,SAAS,MAAM;AAAA,IACpB;AACA,eAAW,MAAM,oBAAoB;AACnC,YAAM,QAAQ,UAAU,EAAE;AAC1B,UAAI,OAAO,UAAU,YAAY,MAAM,SAAS,GAAG;AACjD,eAAO,EAAE,IAAI;AAAA,MACf,WAAW,UAAU,MAAM;AACzB,eAAO,EAAE,IAAI;AAAA,MACf;AAAA,IACF;AACA,WAAO;AAAA,MACL,iBACE,OAAO,OAAO,oBAAoB,YAC9B,OAAO,kBACP;AAAA,MACN,OAAO;AAAA,QACL,SAAS;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,EACF,QAAQ;AACN,WAAO,cAAc;AAAA,EACvB;AACF;AAEA,eAAsB,YACpB,QACA,MACe;AACf,QAAM,OAAO,QAAQ,cAAc;AACnC,QAAM,MAAM,QAAQ,IAAI,GAAG,EAAE,WAAW,KAAK,CAAC;AAC9C,QAAM,OAAO,GAAG,KAAK,UAAU,gBAAgB,MAAM,GAAG,MAAM,CAAC,CAAC;AAAA;AAChE,QAAM,MAAM,GAAG,IAAI;AACnB,QAAM,UAAU,KAAK,MAAM,MAAM;AACjC,QAAM,OAAO,KAAK,IAAI;AACxB;AAEA,SAAS,gBAAgB,QAA4D;AACnF,QAAM,WAAW,cAAc;AAC/B,SAAO;AAAA,IACL,iBACE,OAAO,OAAO,oBAAoB,YAC9B,OAAO,kBACP,SAAS;AAAA,IACf,OAAO;AAAA,MACL,SACE,OAAO,UAAU,UAAa,kBAAkB,OAAO,MAAM,OAAO,IAChE,OAAO,MAAM,UACb,SAAS,MAAM;AAAA,MACrB,QAAQ;AAAA,QACN,GAAG,SAAS,MAAM;AAAA,QAClB,GAAI,OAAO,OAAO,UAAU,CAAC;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AACF;","names":[]}

package/dist/{chunk-3LC55TG6.js → chunk-ZDJSJIB6.js}

@@ -1,7 +1,16 @@
 #!/usr/bin/env node
 import {
   runHookInstall
-} from "./chunk-Z4MWLVS2.js";
+} from "./chunk-447U3GQJ.js";
+import {
+  UNAUTHENTICATED_MESSAGE,
+  checkClaudeAuth
+} from "./chunk-SSYMRT4I.js";
+import {
+  isAgentProviderId,
+  readConfig,
+  writeConfig
+} from "./chunk-WRUSDYYE.js";
 
 // src/commands/setup.ts
 import { existsSync as existsSync2 } from "fs";
@@ -11,135 +20,20 @@ import {
   readFile,
   writeFile
 } from "fs/promises";
-import { createRequire as createRequire3 } from "module";
+import { createRequire as createRequire2 } from "module";
 import { homedir as homedir2 } from "os";
 import path3 from "path";
 import { fileURLToPath as fileURLToPath2 } from "url";
 
-// src/agent/auth.ts
-import { spawn, spawnSync } from "child_process";
-import { createRequire } from "module";
-import { dirname, join } from "path";
-var AUTH_TIMEOUT_MS = 1e4;
-function resolveClaudeExecutable() {
-  const result = spawnSync("sh", ["-lc", "command -v claude"], {
-    encoding: "utf8"
-  });
-  if (result.status !== 0) return void 0;
-  const found = result.stdout.trim().split("\n")[0]?.trim();
-  return found !== void 0 && found.length > 0 ? found : void 0;
-}
-function resolveCliJsPath() {
-  const require2 = createRequire(import.meta.url);
-  const entry = require2.resolve("@anthropic-ai/claude-agent-sdk");
-  return join(dirname(entry), "cli.js");
-}
-var defaultSpawnCli = (args) => {
-  const command = resolveClaudeExecutable() ?? "claude";
-  const child = spawn(command, args, {
-    stdio: ["ignore", "pipe", "pipe"]
-  });
-  return child;
-};
-var legacySdkSpawnCli = (args) => {
-  const cliPath = resolveCliJsPath();
-  const child = spawn(process.execPath, [cliPath, ...args], {
-    stdio: ["ignore", "pipe", "pipe"]
-  });
-  return child;
-};
-async function checkClaudeAuth(spawnCli = defaultSpawnCli) {
-  if (spawnCli === defaultSpawnCli) {
-    const status = await checkClaudeAuthWith(defaultSpawnCli);
-    if (status.loggedIn) return status;
-    return await checkClaudeAuthWith(legacySdkSpawnCli);
-  }
-  return await checkClaudeAuthWith(spawnCli);
-}
-async function checkClaudeAuthWith(spawnCli) {
-  let child;
-  try {
-    child = spawnCli(["auth", "status", "--json"]);
-  } catch {
-    return { loggedIn: false };
-  }
-  return new Promise((resolve) => {
-    let stdout = "";
-    let stderr = "";
-    let settled = false;
-    const settle = (value) => {
-      if (settled) return;
-      settled = true;
-      clearTimeout(timer);
-      resolve(value);
-    };
-    const timer = setTimeout(() => {
-      try {
-        child.kill("SIGTERM");
-      } catch {
-      }
-      settle({ loggedIn: false });
-    }, AUTH_TIMEOUT_MS);
-    child.stdout.on("data", (data) => {
-      stdout += data.toString();
-    });
-    child.stderr.on("data", (data) => {
-      stderr += data.toString();
-    });
-    child.on("error", () => {
-      settle({ loggedIn: false });
-    });
-    child.on("close", (code) => {
-      if (code !== 0 && stdout.trim().length === 0) {
-        void stderr;
-        settle({ loggedIn: false });
-        return;
-      }
-      try {
-        settle(parseClaudeAuthStatus(stdout.trim()));
-      } catch {
-        settle({ loggedIn: false });
-      }
-    });
-  });
-}
-function parseClaudeAuthStatus(raw) {
-  const parsed = JSON.parse(raw);
-  const loggedIn = parsed.loggedIn === true;
-  const out = { loggedIn };
-  if (typeof parsed.email === "string") out.email = parsed.email;
-  if (typeof parsed.subscriptionType === "string") {
-    out.subscriptionType = parsed.subscriptionType;
-  }
-  if (typeof parsed.authMethod === "string") {
-    out.authMethod = parsed.authMethod;
-  }
-  return out;
-}
-var UNAUTHENTICATED_MESSAGE = "not authenticated to Claude.\n\nOption 1 \u2014 use your Claude subscription (Pro/Max):\n  claude auth login --claudeai\n\nOption 2 \u2014 use a pay-per-token API key:\n  Get one at https://console.anthropic.com\n  export ANTHROPIC_API_KEY=sk-ant-...\n\nVerify with: claude auth status";
-async function assertClaudeAuth(spawnCli = defaultSpawnCli) {
-  const status = await checkClaudeAuth(spawnCli);
-  if (status.loggedIn) {
-    return status;
-  }
-  const apiKey = process.env.ANTHROPIC_API_KEY;
-  if (apiKey !== void 0 && apiKey.length > 0) {
-    return { loggedIn: true, authMethod: "apiKey" };
-  }
-  const err = new Error(UNAUTHENTICATED_MESSAGE);
-  err.code = "CLAUDE_AUTH_MISSING";
-  throw err;
-}
-
 // src/commands/setup/install-path.ts
 import { execFile } from "child_process";
-import { createRequire as createRequire2 } from "module";
+import { createRequire } from "module";
 import { homedir } from "os";
 import path from "path";
 import { fileURLToPath } from "url";
 function detectCurrentInstallPath() {
   try {
-    const req = createRequire2(import.meta.url);
+    const req = createRequire(import.meta.url);
     const here = fileURLToPath(import.meta.url);
     let dir = path.dirname(here);
     for (let i = 0; i < 6; i++) {
@@ -330,6 +224,21 @@ async function runSetup(options = {}) {
   const auth = await safeCheckAuth(options.spawnCli);
   reportAuth(out, auth);
   out.write(BAR + "\n");
+  const agentChoice = await chooseDefaultAgent({
+    out,
+    interactive,
+    requested: options.agent
+  });
+  if (!agentChoice.ok) {
+    return {
+      stdout: "",
+      stderr: `almanac: ${agentChoice.error}
+`,
+      exitCode: 1
+    };
+  }
+  stepDone(out, `Default agent: ${WHITE_BOLD2}${agentChoice.provider}${RST2}`);
+  out.write(BAR + "\n");
   const ephem = options.installPath !== void 0 ? options.installPath !== null ? detectEphemeral(options.installPath) : false : detectEphemeral(detectCurrentInstallPath());
   if (ephem) {
     let globalAction = "install";
@@ -367,13 +276,14 @@ async function runSetup(options = {}) {
   } else if (interactive) {
     hookAction = await confirm(
       out,
-      "Install the SessionEnd hook so capture runs at the end of every Claude Code session?",
+      "Install auto-capture hooks for Claude, Codex, and Cursor?",
       true
     );
   }
   let hookResultLine = "";
   if (hookAction === "install") {
     const res = await runHookInstall({
+      source: "all",
       settingsPath: options.settingsPath,
       hookScriptPath: options.hookScriptPath,
       stableHooksDir: options.stableHooksDir
@@ -386,7 +296,7 @@ async function runSetup(options = {}) {
         exitCode: res.exitCode
       };
     }
-    hookResultLine = res.stdout.includes("already installed") ? `SessionEnd hook ${DIM2}already installed${RST2}` : `SessionEnd hook installed`;
+    hookResultLine = res.stdout.includes("already installed") ? `Auto-capture hooks ${DIM2}already installed${RST2}` : `Auto-capture hooks installed`;
     stepDone(out, hookResultLine);
   } else {
     stepSkipped(out, `SessionEnd hook ${DIM2}skipped${RST2}`);
@@ -437,6 +347,31 @@ async function safeCheckAuth(spawnCli) {
     return { loggedIn: false };
   }
 }
+async function chooseDefaultAgent(args) {
+  const config = await readConfig();
+  let selected = args.requested ?? config.agent.default;
+  if (args.interactive && args.requested === void 0) {
+    selected = await promptText(
+      args.out,
+      "Choose default agent: claude, codex, or cursor",
+      config.agent.default
+    );
+  }
+  if (!isAgentProviderId(selected)) {
+    return {
+      ok: false,
+      error: `unknown agent '${selected}'. Expected one of: claude, codex, cursor.`
+    };
+  }
+  await writeConfig({
+    ...config,
+    agent: {
+      ...config.agent,
+      default: selected
+    }
+  });
+  return { ok: true, provider: selected };
+}
 function reportAuth(out, auth) {
   if (auth.loggedIn) {
     const who = auth.email ?? "Claude account";
@@ -529,6 +464,25 @@ function confirm(out, question, defaultYes) {
     process.stdin.on("data", onData);
   });
 }
+function promptText(out, question, defaultValue) {
+  return new Promise((resolve) => {
+    out.write(
+      `  ${BLUE2}\u25C6${RST2}  ${question} ${DIM2}[${defaultValue}]${RST2} `
+    );
+    let buf = "";
+    const onData = (chunk) => {
+      buf += chunk.toString("utf8");
+      const nl = buf.indexOf("\n");
+      if (nl === -1) return;
+      process.stdin.removeListener("data", onData);
+      process.stdin.pause();
+      const answer = buf.slice(0, nl).trim().toLowerCase();
+      resolve(answer.length === 0 ? defaultValue : answer);
+    };
+    process.stdin.resume();
+    process.stdin.on("data", onData);
+  });
+}
 function resolveGuidesDir() {
   const here = path3.dirname(fileURLToPath2(import.meta.url));
   const candidates = [
@@ -542,7 +496,7 @@ function resolveGuidesDir() {
     if (looksLikeGuidesDir(dir)) return dir;
   }
   try {
-    const require2 = createRequire3(import.meta.url);
+    const require2 = createRequire2(import.meta.url);
     const pkgJson = require2.resolve("codealmanac/package.json");
     const guides = path3.join(path3.dirname(pkgJson), "guides");
     if (looksLikeGuidesDir(guides)) return guides;
@@ -557,10 +511,7 @@ function looksLikeGuidesDir(dir) {
 }
 
 export {
-  resolveClaudeExecutable,
-  checkClaudeAuth,
-  assertClaudeAuth,
   runSetup,
   IMPORT_LINE
 };
-//# sourceMappingURL=chunk-3LC55TG6.js.map
+//# sourceMappingURL=chunk-ZDJSJIB6.js.map