codiedev 0.7.6 → 0.7.8

package/dist/__tests__/connectFlow.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/connectFlow.test.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const connectFlow_1 = require("../connectFlow");
+const SAVED = {
+    token: "cdv_savedToken_xxxx",
+    companyId: "co_1",
+    companyName: "Sonifi",
+    repos: [],
+    lastSynced: new Date().toISOString(),
+    backendUrl: "https://example.test",
+};
+(0, vitest_1.describe)("resolveConnectToken", () => {
+    (0, vitest_1.it)("uses saved token when present and force=false", () => {
+        const res = (0, connectFlow_1.resolveConnectToken)({ savedConfig: SAVED, force: false });
+        (0, vitest_1.expect)(res).toEqual({ source: "reused", token: SAVED.token });
+    });
+    (0, vitest_1.it)("requires a prompt when no config exists", () => {
+        const res = (0, connectFlow_1.resolveConnectToken)({ savedConfig: null, force: false });
+        (0, vitest_1.expect)(res).toEqual({ source: "prompt-required" });
+    });
+    (0, vitest_1.it)("requires a prompt when --force is set, even if a saved token exists", () => {
+        const res = (0, connectFlow_1.resolveConnectToken)({ savedConfig: SAVED, force: true });
+        (0, vitest_1.expect)(res).toEqual({ source: "prompt-required" });
+    });
+    (0, vitest_1.it)("requires a prompt when saved config has empty token", () => {
+        const res = (0, connectFlow_1.resolveConnectToken)({
+            savedConfig: { ...SAVED, token: "" },
+            force: false,
+        });
+        (0, vitest_1.expect)(res).toEqual({ source: "prompt-required" });
+    });
+});

package/dist/__tests__/detection.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/detection.test.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const detection_1 = require("../detection");
+(0, vitest_1.describe)("detectClaudeCode", () => {
+    (0, vitest_1.it)("returns false when neither ~/.claude nor `claude` binary present", () => {
+        (0, vitest_1.expect)((0, detection_1.detectClaudeCode)({ dirExists: false, binOnPath: false })).toBe(false);
+    });
+    (0, vitest_1.it)("returns true when only ~/.claude exists", () => {
+        (0, vitest_1.expect)((0, detection_1.detectClaudeCode)({ dirExists: true, binOnPath: false })).toBe(true);
+    });
+    (0, vitest_1.it)("returns true when only `claude` is on PATH (CC installed but never launched)", () => {
+        (0, vitest_1.expect)((0, detection_1.detectClaudeCode)({ dirExists: false, binOnPath: true })).toBe(true);
+    });
+    (0, vitest_1.it)("returns true when both are present", () => {
+        (0, vitest_1.expect)((0, detection_1.detectClaudeCode)({ dirExists: true, binOnPath: true })).toBe(true);
+    });
+});

package/dist/__tests__/prUrl.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/prUrl.test.js

@@ -0,0 +1,50 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const prUrl_1 = require("../prUrl");
+(0, vitest_1.describe)("parsePrOrMrUrl", () => {
+    (0, vitest_1.it)("parses a GitHub PR url", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://github.com/foo/bar/pull/123")).toEqual({
+            provider: "github",
+            host: "github.com",
+            owner: "foo",
+            repo: "bar",
+            number: 123,
+        });
+    });
+    (0, vitest_1.it)("parses a GitLab.com MR url", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://gitlab.com/sonifi/platform/-/merge_requests/42")).toEqual({
+            provider: "gitlab",
+            host: "gitlab.com",
+            owner: "sonifi",
+            repo: "platform",
+            number: 42,
+        });
+    });
+    (0, vitest_1.it)("parses a self-hosted GitLab MR url", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://git.sonifi.com/internal/platform/-/merge_requests/7")).toEqual({
+            provider: "gitlab",
+            host: "git.sonifi.com",
+            owner: "internal",
+            repo: "platform",
+            number: 7,
+        });
+    });
+    (0, vitest_1.it)("parses a GitLab MR url with a nested group path", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://gitlab.com/sonifi/team-a/platform/-/merge_requests/9")).toEqual({
+            provider: "gitlab",
+            host: "gitlab.com",
+            owner: "sonifi/team-a",
+            repo: "platform",
+            number: 9,
+        });
+    });
+    (0, vitest_1.it)("returns null for unrecognized URLs", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://example.com/foo")).toBe(null);
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("not a url")).toBe(null);
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("")).toBe(null);
+    });
+    (0, vitest_1.it)("returns null when the number segment isn't an integer", () => {
+        (0, vitest_1.expect)((0, prUrl_1.parsePrOrMrUrl)("https://github.com/foo/bar/pull/abc")).toBe(null);
+    });
+});

package/dist/__tests__/repoResolver.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/repoResolver.test.js

@@ -0,0 +1,72 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const repoResolver_1 = require("../repoResolver");
+const ghRepo = { _id: "rep_gh1", owner: "Signal-and-Code", name: "vm-demo", gitProvider: "github" };
+const glRepo = { _id: "rep_gl1", owner: "sonifi", name: "platform", gitProvider: "gitlab" };
+(0, vitest_1.describe)("resolveRepoForCapture", () => {
+    (0, vitest_1.it)("returns the provided repoId when it matches a current repo", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://github.com/Signal-and-Code/vm-demo.git",
+            providedRepoId: "rep_gh1",
+            companyRepos: [ghRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gh1", source: "provided" });
+    });
+    (0, vitest_1.it)("falls back to remoteUrl resolution when providedRepoId is stale", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://github.com/Signal-and-Code/vm-demo.git",
+            providedRepoId: "rep_deleted",
+            companyRepos: [ghRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gh1", source: "resolved" });
+    });
+    (0, vitest_1.it)("resolves from remoteUrl when no providedRepoId is given (HTTPS form)", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://github.com/Signal-and-Code/vm-demo.git",
+            providedRepoId: null,
+            companyRepos: [ghRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gh1", source: "resolved" });
+    });
+    (0, vitest_1.it)("resolves from remoteUrl when no providedRepoId is given (SSH form)", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "git@github.com:Signal-and-Code/vm-demo.git",
+            providedRepoId: null,
+            companyRepos: [ghRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gh1", source: "resolved" });
+    });
+    (0, vitest_1.it)("resolves a GitLab remote against a gitlab-provider repo", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://gitlab.com/sonifi/platform.git",
+            providedRepoId: null,
+            companyRepos: [ghRepo, glRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gl1", source: "resolved" });
+    });
+    (0, vitest_1.it)("resolves SSH-form GitLab URL", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "git@gitlab.com:sonifi/platform.git",
+            providedRepoId: null,
+            companyRepos: [glRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gl1", source: "resolved" });
+    });
+    (0, vitest_1.it)("returns unmatched when remoteUrl matches no repo (don't drop the session — let backend decide)", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://github.com/some/other-repo.git",
+            providedRepoId: null,
+            companyRepos: [ghRepo, glRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: null, source: "unmatched" });
+    });
+    (0, vitest_1.it)("matches case-insensitively on owner/name (GitHub is case-insensitive on org/repo names)", () => {
+        const res = (0, repoResolver_1.resolveRepoForCapture)({
+            remoteUrl: "https://github.com/SIGNAL-AND-CODE/vm-demo.git",
+            providedRepoId: null,
+            companyRepos: [ghRepo],
+        });
+        (0, vitest_1.expect)(res).toEqual({ repoId: "rep_gh1", source: "resolved" });
+    });
+});

package/dist/__tests__/versionCheck.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/versionCheck.test.js

@@ -0,0 +1,85 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const versionCheck_1 = require("../versionCheck");
+(0, vitest_1.describe)("parseSemver", () => {
+    (0, vitest_1.it)("parses a normal version", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("0.7.7")).toEqual({ major: 0, minor: 7, patch: 7 });
+    });
+    (0, vitest_1.it)("strips a leading v", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("v1.2.3")).toEqual({ major: 1, minor: 2, patch: 3 });
+    });
+    (0, vitest_1.it)("ignores prerelease/build suffixes", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("1.2.3-beta.1+build.99")).toEqual({
+            major: 1,
+            minor: 2,
+            patch: 3,
+        });
+    });
+    (0, vitest_1.it)("returns null for malformed input", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("")).toBe(null);
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("not.a.version")).toBe(null);
+        (0, vitest_1.expect)((0, versionCheck_1.parseSemver)("1.2")).toBe(null);
+    });
+});
+(0, vitest_1.describe)("compareSemver", () => {
+    (0, vitest_1.it)("returns -1 when current is older (patch)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.7.6", "0.7.7")).toBe(-1);
+    });
+    (0, vitest_1.it)("returns -1 when current is older (minor)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.6.99", "0.7.0")).toBe(-1);
+    });
+    (0, vitest_1.it)("returns -1 when current is older (major)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.99.99", "1.0.0")).toBe(-1);
+    });
+    (0, vitest_1.it)("returns 0 when equal", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.7.7", "0.7.7")).toBe(0);
+    });
+    (0, vitest_1.it)("returns 1 when current is ahead of latest (e.g. local dev build)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.8.0", "0.7.7")).toBe(1);
+    });
+    (0, vitest_1.it)("treats malformed inputs as equal — never warn on garbage", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("garbage", "0.7.7")).toBe(0);
+        (0, vitest_1.expect)((0, versionCheck_1.compareSemver)("0.7.7", "garbage")).toBe(0);
+    });
+});
+(0, vitest_1.describe)("shouldShowUpdateWarning", () => {
+    const now = 1_777_777_777_000;
+    const dayMs = 24 * 60 * 60 * 1000;
+    (0, vitest_1.it)("warns when current is older AND cache is fresh", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.shouldShowUpdateWarning)({
+            current: "0.7.6",
+            latest: "0.7.7",
+            lastChecked: now - 1000,
+            nowMs: now,
+            cacheTtlMs: dayMs,
+        })).toBe(true);
+    });
+    (0, vitest_1.it)("does not warn when current matches latest", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.shouldShowUpdateWarning)({
+            current: "0.7.7",
+            latest: "0.7.7",
+            lastChecked: now,
+            nowMs: now,
+            cacheTtlMs: dayMs,
+        })).toBe(false);
+    });
+    (0, vitest_1.it)("does not warn when latest is unknown (no fetch yet)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.shouldShowUpdateWarning)({
+            current: "0.7.6",
+            latest: null,
+            lastChecked: 0,
+            nowMs: now,
+            cacheTtlMs: dayMs,
+        })).toBe(false);
+    });
+    (0, vitest_1.it)("does not warn when current is ahead of latest (dev build)", () => {
+        (0, vitest_1.expect)((0, versionCheck_1.shouldShowUpdateWarning)({
+            current: "0.8.0",
+            latest: "0.7.7",
+            lastChecked: now,
+            nowMs: now,
+            cacheTtlMs: dayMs,
+        })).toBe(false);
+    });
+});

package/dist/cli.js

@@ -363,7 +363,7 @@ async function main() {
     try {
         switch (command) {
             case "connect":
-                await (0, connect_1.runConnect)();
+                await (0, connect_1.runConnect)(rest);
                 return;
             case "doctor":
             case "verify":

package/dist/commands/doctor.js

@@ -40,6 +40,8 @@ const os = __importStar(require("os"));
 const child_process_1 = require("child_process");
 const shared_1 = require("./shared");
 const utils_1 = require("../utils");
+const version_1 = require("../version");
+const upgradeNudge_1 = require("../upgradeNudge");
 const CLAUDE_SETTINGS_PATH = path.join(os.homedir(), ".claude", "settings.json");
 const CLAUDE_INSTRUCTIONS_PATH = path.join(os.homedir(), ".claude", "CLAUDE.md");
 const CODEX_HOOKS_PATH = path.join(os.homedir(), ".codex", "hooks.json");
@@ -54,9 +56,6 @@ function symbol(status) {
         return "!";
     return "✗";
 }
-function claudeCodeInstalled() {
-    return fs.existsSync(path.join(os.homedir(), ".claude"));
-}
 function codexInstalled() {
     return fs.existsSync(path.join(os.homedir(), ".codex"));
 }
@@ -142,9 +141,19 @@ function hasGhCli() {
         return false;
     }
 }
+function hasGlabCli() {
+    try {
+        (0, child_process_1.execSync)("glab --version", { stdio: ["pipe", "pipe", "pipe"] });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
 async function runDoctor(_args) {
     const checks = [];
     console.log("\nCodieDev doctor — checking your setup…\n");
+    await (0, upgradeNudge_1.maybePrintUpgradeNudge)();
     // 1. Config file
     const config = (0, utils_1.readConfig)();
     if (!config) {
@@ -165,7 +174,10 @@ async function runDoctor(_args) {
     try {
         const res = await fetch(`${config.backendUrl}/api/cli/validateToken`, {
             method: "POST",
-            headers: { "Content-Type": "application/json" },
+            headers: {
+                "Content-Type": "application/json",
+                "X-Codiedev-Cli-Version": version_1.CLI_VERSION,
+            },
             body: JSON.stringify({ token: config.token }),
         });
         if (res.ok) {
@@ -217,7 +229,7 @@ async function runDoctor(_args) {
             : "0 — link repos in the portal so sessions get captured",
     });
     // 5. Claude Code setup (if present)
-    if (claudeCodeInstalled()) {
+    if ((0, utils_1.claudeCodeInstalled)()) {
         checks.push({
             name: "Claude Code detected",
             status: "pass",
@@ -310,13 +322,21 @@ async function runDoctor(_args) {
             detail: "not installed on this machine",
         });
     }
-    // 8. gh CLI (optional — only needed for reverse-ticket)
+    // 8. gh / glab CLIs (optional — only needed for reverse-ticket from a
+    // specific PR/MR URL; branch mode works without either).
     checks.push({
-        name: "GitHub CLI (`gh`) for reverse-ticket command",
+        name: "GitHub CLI (`gh`) for reverse-ticket from a PR url",
         status: hasGhCli() ? "pass" : "warn",
         detail: hasGhCli()
             ? "installed"
-            : "not installed — only needed if you use `codiedev reverse-ticket <pr-url>`",
+            : "not installed — only needed for `codiedev reverse-ticket <github-pr-url>`",
+    });
+    checks.push({
+        name: "GitLab CLI (`glab`) for reverse-ticket from an MR url",
+        status: hasGlabCli() ? "pass" : "warn",
+        detail: hasGlabCli()
+            ? "installed"
+            : "not installed — only needed for `codiedev reverse-ticket <gitlab-mr-url>`",
     });
     report(checks);
     const failures = checks.filter((c) => c.status === "fail");

package/dist/commands/reverseTicket.js

@@ -3,15 +3,90 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.runReverseTicket = runReverseTicket;
 const child_process_1 = require("child_process");
 const shared_1 = require("./shared");
-function parsePrUrl(url) {
-    const m = url.match(/github\.com\/([^/]+)\/([^/]+)\/pull\/(\d+)/);
-    if (!m)
-        return null;
-    return { owner: m[1], repo: m[2], number: Number(m[3]) };
+const prUrl_1 = require("../prUrl");
+async function fetchPrOrMrBundle(parsed, rawUrl, noTruncate) {
+    console.log(`Fetching ${parsed.provider === "gitlab" ? "MR" : "PR"} ${parsed.owner}/${parsed.repo}#${parsed.number}…`);
+    if (parsed.provider === "github") {
+        let prJson;
+        let filesJson;
+        let diff;
+        try {
+            prJson = ghApi(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}`);
+            filesJson = ghApi(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}/files`);
+            try {
+                const rawDiff = ghRaw(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}`);
+                diff = noTruncate ? rawDiff : rawDiff.slice(0, 12_000);
+            }
+            catch {
+                // diff is nice-to-have
+            }
+        }
+        catch (err) {
+            console.error(`Failed to fetch PR via gh api: ${err.message}`);
+            process.exit(1);
+        }
+        return {
+            repo: `${parsed.owner}/${parsed.repo}`,
+            number: parsed.number,
+            title: prJson.title ?? "",
+            body: prJson.body ?? "",
+            author: prJson.user?.login ?? "unknown",
+            authorEmail: prJson.user?.email ?? undefined,
+            mergedAt: prJson.merged_at
+                ? Date.parse(prJson.merged_at)
+                : prJson.closed_at
+                    ? Date.parse(prJson.closed_at)
+                    : Date.now(),
+            filesChanged: (filesJson ?? []).map((f) => f.filename),
+            diff,
+            htmlUrl: prJson.html_url ?? rawUrl,
+        };
+    }
+    // GitLab path. `glab api projects/<encoded-path>/...` returns the same
+    // MR shape as the REST API. We pull the diff from `merge_requests/<n>/changes`
+    // and reassemble a unified diff out of each file's `diff` blob.
+    const projectPath = `${parsed.owner}/${parsed.repo}`;
+    let mrJson;
+    let changesJson;
+    try {
+        mrJson = glabApi(projectPath, `merge_requests/${parsed.number}`);
+        changesJson = glabApi(projectPath, `merge_requests/${parsed.number}/changes`);
+    }
+    catch (err) {
+        console.error(`Failed to fetch MR via glab api: ${err.message}`);
+        process.exit(1);
+    }
+    const changes = (changesJson?.changes ?? []);
+    const filesChanged = changes
+        .map((c) => c.new_path ?? c.old_path)
+        .filter((p) => Boolean(p));
+    const rawDiff = changes
+        .map((c) => {
+        const header = `diff --git a/${c.old_path ?? c.new_path} b/${c.new_path ?? c.old_path}`;
+        return [header, c.diff ?? ""].join("\n");
+    })
+        .join("\n");
+    const diff = noTruncate ? rawDiff : rawDiff.slice(0, 12_000);
+    return {
+        repo: projectPath,
+        number: parsed.number,
+        title: mrJson.title ?? "",
+        body: mrJson.description ?? "",
+        author: mrJson.author?.username ?? "unknown",
+        authorEmail: undefined,
+        mergedAt: mrJson.merged_at
+            ? Date.parse(mrJson.merged_at)
+            : mrJson.closed_at
+                ? Date.parse(mrJson.closed_at)
+                : Date.now(),
+        filesChanged,
+        diff,
+        htmlUrl: mrJson.web_url ?? rawUrl,
+    };
 }
-function checkGhCli() {
+function checkCli(bin) {
     try {
-        (0, child_process_1.execSync)("gh --version", { stdio: ["pipe", "pipe", "pipe"] });
+        (0, child_process_1.execSync)(`${bin} --version`, { stdio: ["pipe", "pipe", "pipe"] });
         return true;
     }
     catch {
@@ -31,6 +106,17 @@ function ghRaw(path) {
         maxBuffer: 50 * 1024 * 1024,
     }).toString("utf8");
 }
+// glab api takes a project path (URL-encoded) or numeric id and a sub-path.
+// For self-hosted GitLab, glab respects `GITLAB_HOST` env if the user has
+// configured glab against their internal instance.
+function glabApi(projectPath, subpath) {
+    const encoded = encodeURIComponent(projectPath);
+    const out = (0, child_process_1.execSync)(`glab api "projects/${encoded}/${subpath}"`, {
+        stdio: ["pipe", "pipe", "pipe"],
+        maxBuffer: 50 * 1024 * 1024,
+    }).toString("utf8");
+    return JSON.parse(out);
+}
 function parseArgs(args) {
     let prUrl;
     let base;
@@ -65,56 +151,31 @@ async function runReverseTicket(args) {
     if (!prUrl) {
         return runBranchMode({ explicitBase: base, forcedKey });
     }
-    const parsed = parsePrUrl(prUrl);
+    const parsed = (0, prUrl_1.parsePrOrMrUrl)(prUrl);
     if (!parsed) {
-        console.error("Couldn't parse PR URL. Expected format: https://github.com/<owner>/<repo>/pull/<number>");
+        console.error("Couldn't parse PR/MR URL. Expected formats:");
+        console.error("  https://github.com/<owner>/<repo>/pull/<number>");
+        console.error("  https://gitlab.com/<group>/<repo>/-/merge_requests/<number>");
+        console.error("  (self-hosted GitLab works too — same shape, your host)");
         console.error("");
         console.error("Run with no arguments for branch mode (uses your current local branch).");
         process.exit(1);
     }
-    if (!checkGhCli()) {
-        console.error("This command needs the `gh` CLI installed and authenticated.");
-        console.error("  brew install gh  (macOS)");
-        console.error("  gh auth login");
-        process.exit(1);
-    }
-    const config = (0, shared_1.requireConfig)();
-    console.log(`Fetching PR ${parsed.owner}/${parsed.repo}#${parsed.number}…`);
-    let prJson;
-    let filesJson;
-    let diff;
-    try {
-        prJson = ghApi(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}`);
-        filesJson = ghApi(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}/files`);
-        // Diff is nice-to-have; truncate if huge.
-        try {
-            const rawDiff = ghRaw(`/repos/${parsed.owner}/${parsed.repo}/pulls/${parsed.number}`);
-            diff = noTruncate ? rawDiff : rawDiff.slice(0, 12_000);
+    const requiredCli = parsed.provider === "gitlab" ? "glab" : "gh";
+    if (!checkCli(requiredCli)) {
+        console.error(`This command needs the \`${requiredCli}\` CLI installed and authenticated.`);
+        if (requiredCli === "gh") {
+            console.error("  brew install gh  (macOS)");
+            console.error("  gh auth login");
         }
-        catch {
-            // Skip diff on failure — the writer works without it.
+        else {
+            console.error("  brew install glab  (macOS)");
+            console.error("  glab auth login");
         }
-    }
-    catch (err) {
-        console.error(`Failed to fetch PR via gh api: ${err.message}`);
         process.exit(1);
     }
-    const bundle = {
-        repo: `${parsed.owner}/${parsed.repo}`,
-        number: parsed.number,
-        title: prJson.title ?? "",
-        body: prJson.body ?? "",
-        author: prJson.user?.login ?? "unknown",
-        authorEmail: prJson.user?.email ?? undefined,
-        mergedAt: prJson.merged_at
-            ? Date.parse(prJson.merged_at)
-            : prJson.closed_at
-                ? Date.parse(prJson.closed_at)
-                : Date.now(),
-        filesChanged: (filesJson ?? []).map((f) => f.filename),
-        diff,
-        htmlUrl: prJson.html_url ?? prUrl,
-    };
+    const config = (0, shared_1.requireConfig)();
+    const bundle = await fetchPrOrMrBundle(parsed, prUrl, noTruncate);
     console.log(`  title: ${bundle.title}`);
     console.log(`  author: ${bundle.author}`);
     console.log(`  files: ${bundle.filesChanged.length}`);

package/dist/commands/shared.js

@@ -40,6 +40,7 @@ exports.stripQuotes = stripQuotes;
 const https = __importStar(require("https"));
 const http = __importStar(require("http"));
 const utils_1 = require("../utils");
+const version_1 = require("../version");
 /**
  * Require a connected CodieDev config. Exits the process with a helpful
  * message if the user hasn't run `codiedev connect` yet.
@@ -75,6 +76,7 @@ function apiRequest(method, path, options) {
             method,
             headers: {
                 Authorization: `Bearer ${options.config.token}`,
+                "X-Codiedev-Cli-Version": version_1.CLI_VERSION,
                 ...(data
                     ? {
                         "Content-Type": "application/json",

package/dist/connect.d.ts

@@ -1 +1 @@
-export declare function runConnect(): Promise<void>;
+export declare function runConnect(args?: string[]): Promise<void>;

package/dist/connect.js

@@ -38,6 +38,9 @@ const readline = __importStar(require("readline"));
 const https = __importStar(require("https"));
 const http = __importStar(require("http"));
 const utils_1 = require("./utils");
+const connectFlow_1 = require("./connectFlow");
+const version_1 = require("./version");
+const upgradeNudge_1 = require("./upgradeNudge");
 const BACKEND_URL = process.env.CODIEDEV_URL || "https://judicious-falcon-861.convex.site";
 function prompt(rl, question) {
     return new Promise((resolve) => {
@@ -58,6 +61,7 @@ function postJson(url, body) {
             headers: {
                 "Content-Type": "application/json",
                 "Content-Length": Buffer.byteLength(data),
+                "X-Codiedev-Cli-Version": version_1.CLI_VERSION,
             },
         };
         const lib = parsed.protocol === "https:" ? https : http;
@@ -86,24 +90,39 @@ function postJson(url, body) {
         req.end();
     });
 }
-async function runConnect() {
-    const rl = readline.createInterface({
-        input: process.stdin,
-        output: process.stdout,
-    });
+async function runConnect(args = []) {
+    // `--force` (or `-f`) re-prompts for a token even if `~/.codiedev/config.json`
+    // already has one. Default behavior reuses the saved token so users can
+    // re-run `connect` (e.g., after installing Claude Code) without having to
+    // mint a fresh token from the portal — which is what bit Sonifi's first
+    // engineer when he interpreted "no visible token" as "the old one is gone".
+    const force = args.includes("--force") || args.includes("-f");
     console.log("\nWelcome to CodieDev CLI\n");
+    await (0, upgradeNudge_1.maybePrintUpgradeNudge)();
     console.log("This will connect your coding agent to your CodieDev workspace and install");
     console.log("the session capture hook for org-wide session sharing.\n");
+    const saved = (0, utils_1.readConfig)();
+    const decision = (0, connectFlow_1.resolveConnectToken)({ savedConfig: saved, force });
     let token;
-    try {
-        token = await prompt(rl, "Enter your CodieDev API token: ");
-    }
-    finally {
-        rl.close();
+    if (decision.source === "reused") {
+        token = decision.token;
+        console.log(`Reusing API token from ~/.codiedev/config.json (run with --force to use a new one).\n`);
     }
-    if (!token) {
-        console.error("Error: API token is required.");
-        process.exit(1);
+    else {
+        const rl = readline.createInterface({
+            input: process.stdin,
+            output: process.stdout,
+        });
+        try {
+            token = await prompt(rl, "Enter your CodieDev API token: ");
+        }
+        finally {
+            rl.close();
+        }
+        if (!token) {
+            console.error("Error: API token is required.");
+            process.exit(1);
+        }
     }
     console.log("\nValidating token...");
     let responseData;
@@ -225,8 +244,9 @@ async function runConnect() {
         }
     }
     if (!hasClaude && !hasCodex && !hasCursor && !hasVSCodeCopilot) {
-        console.warn("\nNo Claude Code (~/.claude), Codex (~/.codex), Cursor (~/.cursor), or VS Code Copilot install detected.");
-        console.warn("Config saved. Install one, then re-run `npx codiedev connect` to wire up capture hooks.");
+        console.warn("\nNo Claude Code, Codex, Cursor, or VS Code Copilot install detected.");
+        console.warn("If you just installed Claude Code, launch it once (so ~/.claude is created),");
+        console.warn("then re-run `npx codiedev connect` to wire up the capture hook.");
     }
     console.log(`\nConnected to ${companyName}`);
     console.log(`Tracking ${repos.length} repo${repos.length === 1 ? "" : "s"}`);

package/dist/connectFlow.d.ts

@@ -0,0 +1,13 @@
+import type { CodiedevConfig } from "./utils";
+export type ConnectTokenSource = "reused" | "prompt-required";
+export interface ConnectTokenInput {
+    savedConfig: CodiedevConfig | null;
+    force: boolean;
+}
+export type ConnectTokenResult = {
+    source: "reused";
+    token: string;
+} | {
+    source: "prompt-required";
+};
+export declare function resolveConnectToken(input: ConnectTokenInput): ConnectTokenResult;

package/dist/connectFlow.js

@@ -0,0 +1,21 @@
+"use strict";
+// Pure helper for `npx codiedev connect` — decides where the API token
+// comes from. Splitting this out lets us TDD the policy (re-use vs. re-prompt)
+// without touching readline or fs at all.
+//
+// Motivation: Jackson hit a confusing flow where he had a working token in
+// `~/.codiedev/config.json`, re-ran `connect` (to pick up Claude Code that
+// he'd just installed), and was forced to paste a token again. Since the
+// portal only displays the plaintext on creation, his only option was to
+// generate a new one — leaving him thinking the old one had been lost.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveConnectToken = resolveConnectToken;
+function resolveConnectToken(input) {
+    if (input.force)
+        return { source: "prompt-required" };
+    if (!input.savedConfig)
+        return { source: "prompt-required" };
+    if (!input.savedConfig.token)
+        return { source: "prompt-required" };
+    return { source: "reused", token: input.savedConfig.token };
+}

package/dist/detection.d.ts

@@ -0,0 +1,12 @@
+export interface ClaudeCodeProbe {
+    dirExists: boolean;
+    binOnPath: boolean;
+}
+/**
+ * Claude Code is "installed" if either ~/.claude exists (the user has
+ * launched the app at least once) OR the `claude` binary is on PATH (the
+ * user installed via npm/brew but hasn't launched yet). Either signal is
+ * sufficient — we want to wire up the hook the moment the user has
+ * obviously committed to the tool.
+ */
+export declare function detectClaudeCode(probe: ClaudeCodeProbe): boolean;

package/dist/detection.js

@@ -0,0 +1,16 @@
+"use strict";
+// Pure detection helpers — runtime probes (fs / PATH lookup) live in utils.ts
+// and feed these. Splitting them out makes the truth-table testable without
+// mocking fs or process.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectClaudeCode = detectClaudeCode;
+/**
+ * Claude Code is "installed" if either ~/.claude exists (the user has
+ * launched the app at least once) OR the `claude` binary is on PATH (the
+ * user installed via npm/brew but hasn't launched yet). Either signal is
+ * sufficient — we want to wire up the hook the moment the user has
+ * obviously committed to the tool.
+ */
+function detectClaudeCode(probe) {
+    return probe.dirExists || probe.binOnPath;
+}

package/dist/hook.js

@@ -38,6 +38,7 @@ const fs = __importStar(require("fs"));
 const https = __importStar(require("https"));
 const http = __importStar(require("http"));
 const utils_1 = require("./utils");
+const version_1 = require("./version");
 function postJson(url, body, bearerToken) {
     return new Promise((resolve, reject) => {
         const parsed = new URL(url);
@@ -51,6 +52,7 @@ function postJson(url, body, bearerToken) {
                 "Content-Type": "application/json",
                 "Content-Length": Buffer.byteLength(data),
                 Authorization: `Bearer ${bearerToken}`,
+                "X-Codiedev-Cli-Version": version_1.CLI_VERSION,
             },
         };
         const lib = parsed.protocol === "https:" ? https : http;
@@ -133,13 +135,11 @@ async function main() {
     if (!remoteUrl) {
         process.exit(0);
     }
+    // Best-effort local match — backend re-resolves from `remoteUrl` against
+    // the company's current repo list, so a stale or empty local cache
+    // doesn't drop the session. (Pre-0.7.7 we exited 0 here, which silently
+    // dropped sessions for repos added after the user's last `connect`.)
     const matchedRepo = (0, utils_1.matchRepo)(remoteUrl, config.repos);
-    if (!matchedRepo) {
-        process.exit(0);
-    }
-    // Cursor's transcript format is undocumented — skip stats parsing for now
-    // and let the backend handle it once we have a real session to inspect.
-    // The transcript itself still uploads.
     const stats = mode === "codex"
         ? (0, utils_1.parseCodexStats)(transcriptContent)
         : mode === "cursor"
@@ -149,7 +149,7 @@ async function main() {
     const payload = {
         sessionId: session_id,
         repoUrl: remoteUrl,
-        repoId: matchedRepo.repoId,
+        repoId: matchedRepo?.repoId,
         companyId: config.companyId,
         transcript: transcriptBase64,
         messageCount: stats.messageCount,

package/dist/prUrl.d.ts

@@ -0,0 +1,9 @@
+export type GitProvider = "github" | "gitlab";
+export interface PrOrMrRef {
+    provider: GitProvider;
+    host: string;
+    owner: string;
+    repo: string;
+    number: number;
+}
+export declare function parsePrOrMrUrl(url: string): PrOrMrRef | null;

package/dist/prUrl.js

@@ -0,0 +1,33 @@
+"use strict";
+// PR/MR URL parser. GitHub uses `/pull/<n>`, GitLab uses `/-/merge_requests/<n>`.
+// Self-hosted GitLab keeps the same path shape on a different host (Sonifi
+// runs git.sonifi.com behind a Cloudflare tunnel, for example). Nested groups
+// land in `owner` as a slash-joined path so we can rebuild the full project
+// path when calling the GitLab API.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parsePrOrMrUrl = parsePrOrMrUrl;
+function parsePrOrMrUrl(url) {
+    if (!url)
+        return null;
+    const gh = url.match(/^https?:\/\/([^/]+)\/([^/]+)\/([^/]+)\/pull\/(\d+)(?:[/?#]|$)/);
+    if (gh && /github/i.test(gh[1])) {
+        return {
+            provider: "github",
+            host: gh[1],
+            owner: gh[2],
+            repo: gh[3],
+            number: Number(gh[4]),
+        };
+    }
+    const gl = url.match(/^https?:\/\/([^/]+)\/(.+)\/([^/]+)\/-\/merge_requests\/(\d+)(?:[/?#]|$)/);
+    if (gl) {
+        return {
+            provider: "gitlab",
+            host: gl[1],
+            owner: gl[2],
+            repo: gl[3],
+            number: Number(gl[4]),
+        };
+    }
+    return null;
+}

package/dist/repoResolver.d.ts

@@ -0,0 +1,17 @@
+export type ResolveSource = "provided" | "resolved" | "unmatched";
+export interface RepoLite {
+    _id: string;
+    owner: string;
+    name: string;
+    gitProvider?: "github" | "gitlab";
+}
+export interface ResolveInput {
+    remoteUrl: string;
+    providedRepoId: string | null;
+    companyRepos: ReadonlyArray<RepoLite>;
+}
+export interface ResolveResult {
+    repoId: string | null;
+    source: ResolveSource;
+}
+export declare function resolveRepoForCapture(input: ResolveInput): ResolveResult;

package/dist/repoResolver.js

@@ -0,0 +1,41 @@
+"use strict";
+// Pure resolver — given a captured remoteUrl, an optional client-cached
+// repoId, and the company's current repo list, decide which repoId (if any)
+// the session belongs to. Used both inline by the CLI hook and (mirrored
+// in convex/repoResolver.ts) by the /api/captureSession endpoint so that
+// repos added after the user's last `connect` still get matched.
+//
+// "unmatched" is intentional — the backend will accept the session anyway
+// and surface it for triage rather than silently dropping it.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveRepoForCapture = resolveRepoForCapture;
+function parseRemoteUrl(url) {
+    let s = url.trim();
+    if (s.endsWith(".git"))
+        s = s.slice(0, -4);
+    const ssh = s.match(/^git@([^:]+):(.+)$/);
+    if (ssh) {
+        return { host: ssh[1].toLowerCase(), ownerName: ssh[2].toLowerCase() };
+    }
+    const https = s.match(/^https?:\/\/([^/]+)\/(.+)$/);
+    if (https) {
+        return { host: https[1].toLowerCase(), ownerName: https[2].toLowerCase() };
+    }
+    return null;
+}
+function resolveRepoForCapture(input) {
+    const { remoteUrl, providedRepoId, companyRepos } = input;
+    if (providedRepoId) {
+        const hit = companyRepos.find((r) => r._id === providedRepoId);
+        if (hit)
+            return { repoId: hit._id, source: "provided" };
+    }
+    const parsed = parseRemoteUrl(remoteUrl);
+    if (!parsed) {
+        return { repoId: null, source: "unmatched" };
+    }
+    const match = companyRepos.find((r) => `${r.owner}/${r.name}`.toLowerCase() === parsed.ownerName);
+    if (match)
+        return { repoId: match._id, source: "resolved" };
+    return { repoId: null, source: "unmatched" };
+}

package/dist/upgradeNudge.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Fail-silent — never throws, never blocks on network. If the registry is
+ * unreachable or the cache is corrupt, the warning just doesn't print. The
+ * worst outcome is "user keeps running an old version" — same as before
+ * this feature existed.
+ */
+export declare function maybePrintUpgradeNudge(): Promise<void>;

package/dist/upgradeNudge.js

@@ -0,0 +1,123 @@
+"use strict";
+// Client-side "you're outdated" warning. Prints at the top of connect/doctor
+// when there's a newer `codiedev` published on npm. Pure helpers tested in
+// __tests__/versionCheck.test.ts; this module does the IO (registry fetch +
+// disk cache) and is exercised by manual smoke.
+//
+// Cache lives at ~/.codiedev/.update-cache.json. 24h TTL — long enough that
+// the registry isn't hit on every command, short enough that newly-published
+// versions surface the day after release.
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.maybePrintUpgradeNudge = maybePrintUpgradeNudge;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const version_1 = require("./version");
+const versionCheck_1 = require("./versionCheck");
+const CACHE_PATH = path.join(os.homedir(), ".codiedev", ".update-cache.json");
+const CACHE_TTL_MS = 24 * 60 * 60 * 1000;
+const REGISTRY_URL = "https://registry.npmjs.org/codiedev/latest";
+const FETCH_TIMEOUT_MS = 1500;
+function readCache() {
+    try {
+        const raw = fs.readFileSync(CACHE_PATH, "utf8");
+        const parsed = JSON.parse(raw);
+        if (typeof parsed.fetchedAt !== "number")
+            return null;
+        return parsed;
+    }
+    catch {
+        return null;
+    }
+}
+function writeCache(entry) {
+    try {
+        const dir = path.dirname(CACHE_PATH);
+        if (!fs.existsSync(dir))
+            fs.mkdirSync(dir, { recursive: true });
+        fs.writeFileSync(CACHE_PATH, JSON.stringify(entry), "utf8");
+    }
+    catch {
+        // ignore — cache is best-effort
+    }
+}
+async function fetchLatestFromNpm() {
+    try {
+        const controller = new AbortController();
+        const timer = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
+        const res = await fetch(REGISTRY_URL, {
+            headers: { Accept: "application/json" },
+            signal: controller.signal,
+        });
+        clearTimeout(timer);
+        if (!res.ok)
+            return null;
+        const json = (await res.json());
+        return json.version ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Fail-silent — never throws, never blocks on network. If the registry is
+ * unreachable or the cache is corrupt, the warning just doesn't print. The
+ * worst outcome is "user keeps running an old version" — same as before
+ * this feature existed.
+ */
+async function maybePrintUpgradeNudge() {
+    const now = Date.now();
+    const cache = readCache();
+    let latest = cache?.latest ?? null;
+    const cacheStale = !cache || now - cache.fetchedAt > CACHE_TTL_MS;
+    if (cacheStale) {
+        latest = await fetchLatestFromNpm();
+        writeCache({ latest, fetchedAt: now });
+    }
+    const warn = (0, versionCheck_1.shouldShowUpdateWarning)({
+        current: version_1.CLI_VERSION,
+        latest,
+        lastChecked: cache?.fetchedAt ?? 0,
+        nowMs: now,
+        cacheTtlMs: CACHE_TTL_MS,
+    });
+    if (warn && latest) {
+        console.log("");
+        console.log(`⚠️  codiedev ${latest} available (you're on ${version_1.CLI_VERSION})`);
+        console.log(`   Upgrade: npm i -g codiedev@latest`);
+        console.log("");
+    }
+}

package/dist/utils.js

@@ -60,6 +60,7 @@ const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
 const child_process_1 = require("child_process");
+const detection_1 = require("./detection");
 const CONFIG_DIR = path.join(os.homedir(), ".codiedev");
 const CONFIG_PATH = path.join(CONFIG_DIR, "config.json");
 function readConfig() {
@@ -190,8 +191,20 @@ function isCodiedevHookCommand(cmd) {
         return false;
     return cmd.includes("codiedev-hook") || /codiedev[\\/]dist[\\/]hook/.test(cmd);
 }
+function claudeBinOnPath() {
+    try {
+        (0, child_process_1.execSync)("command -v claude", { stdio: ["pipe", "pipe", "pipe"] });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
 function claudeCodeInstalled() {
-    return fs.existsSync(CLAUDE_DIR);
+    return (0, detection_1.detectClaudeCode)({
+        dirExists: fs.existsSync(CLAUDE_DIR),
+        binOnPath: claudeBinOnPath(),
+    });
 }
 function codexInstalled() {
     return fs.existsSync(CODEX_DIR);

package/dist/version.d.ts

@@ -0,0 +1 @@
+export declare const CLI_VERSION: string;

package/dist/version.js

@@ -0,0 +1,67 @@
+"use strict";
+// Resolves the running CLI version. Read once at startup so subsequent
+// auth calls don't pay an fs.readFile per request.
+//
+// We could `import packageJson from "../package.json"` but that requires
+// `resolveJsonModule` and emits the JSON into dist. Reading at runtime
+// keeps the bundle smaller and works regardless of tsconfig settings.
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CLI_VERSION = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+function resolveCliVersion() {
+    // dist/version.js sits alongside dist/cli.js. The package.json is one
+    // directory up from dist/, i.e. `../package.json` relative to this file.
+    // In TS source we're at src/version.ts so the path is `../package.json`.
+    const candidates = [
+        path.join(__dirname, "..", "package.json"),
+        path.join(__dirname, "..", "..", "package.json"),
+    ];
+    for (const p of candidates) {
+        try {
+            const raw = fs.readFileSync(p, "utf8");
+            const json = JSON.parse(raw);
+            if (json.name === "codiedev" && typeof json.version === "string") {
+                return json.version;
+            }
+        }
+        catch {
+            // try next candidate
+        }
+    }
+    return "0.0.0";
+}
+exports.CLI_VERSION = resolveCliVersion();

package/dist/versionCheck.d.ts

@@ -0,0 +1,28 @@
+export interface Semver {
+    major: number;
+    minor: number;
+    patch: number;
+}
+export declare function parseSemver(input: string): Semver | null;
+/**
+ * Returns -1 if a < b, 0 if equal, 1 if a > b.
+ *
+ * Malformed input on either side returns 0 — we never want to nag a user
+ * because of garbage version strings (corrupt cache, registry returned
+ * something weird, prerelease format we don't recognize).
+ */
+export declare function compareSemver(a: string, b: string): -1 | 0 | 1;
+export interface UpdateWarningInput {
+    current: string;
+    latest: string | null;
+    lastChecked: number;
+    nowMs: number;
+    cacheTtlMs: number;
+}
+/**
+ * Warning policy: only show when we have a known-newer `latest` from a
+ * recent-enough cache. Stale-cache freshness is enforced by the *caller*
+ * (which decides whether to refetch); this helper takes the cache state
+ * as-given and answers a single question — should the user see a nag?
+ */
+export declare function shouldShowUpdateWarning(input: UpdateWarningInput): boolean;

package/dist/versionCheck.js

@@ -0,0 +1,49 @@
+"use strict";
+// Pure version-comparison helpers for the "is your CLI outdated" warning.
+// The IO (fetching npm registry, reading/writing the cache file) lives in
+// connect.ts/doctor.ts and is exercised by manual smoke. Keeping the policy
+// pure means the truth table is unit-testable without mocking fetch or fs.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseSemver = parseSemver;
+exports.compareSemver = compareSemver;
+exports.shouldShowUpdateWarning = shouldShowUpdateWarning;
+function parseSemver(input) {
+    if (!input)
+        return null;
+    const stripped = input.replace(/^v/i, "");
+    const m = stripped.match(/^(\d+)\.(\d+)\.(\d+)/);
+    if (!m)
+        return null;
+    return { major: Number(m[1]), minor: Number(m[2]), patch: Number(m[3]) };
+}
+/**
+ * Returns -1 if a < b, 0 if equal, 1 if a > b.
+ *
+ * Malformed input on either side returns 0 — we never want to nag a user
+ * because of garbage version strings (corrupt cache, registry returned
+ * something weird, prerelease format we don't recognize).
+ */
+function compareSemver(a, b) {
+    const pa = parseSemver(a);
+    const pb = parseSemver(b);
+    if (!pa || !pb)
+        return 0;
+    if (pa.major !== pb.major)
+        return pa.major < pb.major ? -1 : 1;
+    if (pa.minor !== pb.minor)
+        return pa.minor < pb.minor ? -1 : 1;
+    if (pa.patch !== pb.patch)
+        return pa.patch < pb.patch ? -1 : 1;
+    return 0;
+}
+/**
+ * Warning policy: only show when we have a known-newer `latest` from a
+ * recent-enough cache. Stale-cache freshness is enforced by the *caller*
+ * (which decides whether to refetch); this helper takes the cache state
+ * as-given and answers a single question — should the user see a nag?
+ */
+function shouldShowUpdateWarning(input) {
+    if (!input.latest)
+        return false;
+    return compareSemver(input.current, input.latest) === -1;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codiedev",
-  "version": "0.7.6",
+  "version": "0.7.8",
   "description": "Connect Claude Code, Codex, Cursor, or VS Code Copilot to CodieDev for org-wide session capture and artifact collaboration",
   "bin": {
     "codiedev": "./dist/cli.js",