npm - devin-bugs - Versions diffs - 0.1.1 → 0.2.0 - Mend

devin-bugs 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,166 @@
+#!/usr/bin/env node
+// @bun
+var m=Object.defineProperty;var f=(z)=>z;function g(z,Q){this[z]=f.bind(null,Q)}var h=(z,Q)=>{for(var X in Q)m(z,X,{get:Q[X],enumerable:!0,configurable:!0,set:g.bind(Q,X)})};var j=(z,Q)=>()=>(z&&(Q=z(z=0)),Q);import{homedir as C}from"node:os";import{join as U}from"node:path";var R="https://app.devin.ai/api",_="https://app.devin.ai",d,c,B,Pz,q=300;var O=j(()=>{d=U(C(),".config","devin-bugs"),c=U(C(),".cache","devin-bugs"),B=U(d,"token.json"),Pz=U(c,"browser-profile")});var E={};h(E,{getToken:()=>K,forceReauth:()=>N,clearAuth:()=>Mz});import{existsSync as D,mkdirSync as n,readFileSync as o,writeFileSync as s,unlinkSync as a}from"node:fs";import{dirname as t}from"node:path";import{createServer as r}from"node:http";import{execFile as e}from"node:child_process";function zz(z){let Q=z.replace(/-/g,"+").replace(/_/g,"/");return Buffer.from(Q,"base64").toString("utf-8")}function Qz(z){let Q=z.split(".");if(Q.length!==3)throw Error("Invalid JWT format");let X=JSON.parse(zz(Q[1]));if(typeof X.exp!=="number")throw Error("JWT missing exp claim");return X.exp*1000}function Xz(z){if(!D(z))n(z,{recursive:!0})}function Yz(){try{if(!D(B))return null;let z=o(B,"utf-8"),Q=JSON.parse(z);if(!Q.accessToken||!Q.expiresAt)return null;return Q}catch{return null}}function A(z){Xz(t(B));let Q=Qz(z),X={accessToken:z,obtainedAt:Date.now(),expiresAt:Q};return s(B,JSON.stringify(X,null,2)),X}function P(){try{if(D(B))a(B)}catch{}}function Zz(z){return z.expiresAt-Date.now()>q*1000}function $z(z){let Q=process.platform==="darwin"?{cmd:"open",args:[z]}:process.platform==="win32"?{cmd:"cmd",args:["/c","start","",z]}:{cmd:"xdg-open",args:[z]};e(Q.cmd,Q.args,(X)=>{if(X)console.error("\x1B[33m▸ Could not open browser automatically.\x1B[0m"),console.error(`  Open this URL manually: ${z}
+`)})}function Jz(z){return`<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>devin-bugs — Login</title>
+  <style>
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      background: #141414; color: #e0e0e0;
+      display: flex; align-items: center; justify-content: center;
+      min-height: 100vh; padding: 2rem;
+    }
+    .card {
+      background: #1e1e1e; border: 1px solid #333; border-radius: 12px;
+      padding: 2.5rem; max-width: 560px; width: 100%;
+    }
+    h1 { font-size: 1.25rem; color: #fff; margin-bottom: 0.5rem; }
+    .subtitle { color: #888; font-size: 0.9rem; margin-bottom: 1.5rem; }
+    .step {
+      display: flex; gap: 0.75rem; margin-bottom: 1.25rem;
+      padding: 0.75rem; border-radius: 8px; background: #252525;
+    }
+    .step-num {
+      flex-shrink: 0; width: 24px; height: 24px; border-radius: 50%;
+      background: #3b82f6; color: #fff; font-size: 0.75rem; font-weight: 700;
+      display: flex; align-items: center; justify-content: center;
+    }
+    .step-text { font-size: 0.9rem; line-height: 1.5; }
+    .step-text a { color: #60a5fa; text-decoration: none; }
+    .step-text a:hover { text-decoration: underline; }
+    code {
+      background: #0d1117; color: #7ee787; padding: 0.5rem 0.75rem;
+      border-radius: 6px; display: block; font-size: 0.8rem;
+      margin-top: 0.5rem; cursor: pointer; border: 1px solid #333;
+      word-break: break-all; position: relative;
+    }
+    code:hover { border-color: #3b82f6; }
+    code::after {
+      content: 'click to copy'; position: absolute; right: 8px; top: 8px;
+      font-size: 0.65rem; color: #888; font-family: sans-serif;
+    }
+    .success {
+      display: none; padding: 1rem; border-radius: 8px;
+      background: #052e16; border: 1px solid #16a34a; text-align: center;
+    }
+    .success h2 { color: #4ade80; font-size: 1rem; }
+    .success p { color: #86efac; font-size: 0.85rem; margin-top: 0.5rem; }
+    .waiting {
+      text-align: center; padding: 1rem; color: #888;
+      font-size: 0.85rem; margin-top: 0.5rem;
+    }
+    .dot { animation: pulse 1.5s infinite; }
+    @keyframes pulse { 0%,100% { opacity: 0.3; } 50% { opacity: 1; } }
+  </style>
+</head>
+<body>
+  <div class="card">
+    <h1>devin-bugs</h1>
+    <p class="subtitle">Authenticate with Devin to extract PR review data</p>
+    <div id="steps">
+      <div class="step">
+        <div class="step-num">1</div>
+        <div class="step-text">
+          <a href="${_}" target="_blank" rel="noopener">
+            Open app.devin.ai</a> and log in with GitHub
+        </div>
+      </div>
+      <div class="step">
+        <div class="step-num">2</div>
+        <div class="step-text">
+          Open the browser console (<strong>F12</strong> → Console tab) and paste:
+          <code id="snippet" onclick="copySnippet()">fetch('http://localhost:${z}/callback',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({token:await __HACK__getAccessToken()})}).then(()=>document.title='✓ Token sent!')</code>
+        </div>
+      </div>
+      <div class="waiting">
+        Waiting for token<span class="dot">...</span>
+      </div>
+    </div>
+    <div class="success" id="success">
+      <h2>✓ Authentication successful!</h2>
+      <p>You can close this tab and return to your terminal.</p>
+    </div>
+  </div>
+  <script>
+    function copySnippet() {
+      navigator.clipboard.writeText(document.getElementById('snippet').textContent);
+      const el = document.getElementById('snippet');
+      el.style.borderColor = '#4ade80';
+      setTimeout(() => el.style.borderColor = '#333', 1500);
+    }
+    // Poll the local server to check if token was received
+    async function poll() {
+      try {
+        const res = await fetch('/status');
+        const data = await res.json();
+        if (data.received) {
+          document.getElementById('steps').style.display = 'none';
+          document.getElementById('success').style.display = 'block';
+          return;
+        }
+      } catch {}
+      setTimeout(poll, 1500);
+    }
+    poll();
+  </script>
+</body>
+</html>`}function w(){return new Promise((z,Q)=>{let X=null,Y=r((J,$)=>{if($.setHeader("Access-Control-Allow-Origin","*"),$.setHeader("Access-Control-Allow-Methods","POST, GET, OPTIONS"),$.setHeader("Access-Control-Allow-Headers","Content-Type"),J.method==="OPTIONS"){$.writeHead(204),$.end();return}if(J.method==="GET"&&J.url==="/status"){$.writeHead(200,{"Content-Type":"application/json"}),$.end(JSON.stringify({received:X!==null}));return}if(J.method==="POST"&&J.url==="/callback"){let M="";J.on("data",(G)=>M+=G.toString()),J.on("end",()=>{try{let G=JSON.parse(M);if(typeof G.token==="string"&&G.token.length>20){X=G.token,$.writeHead(200,{"Content-Type":"application/json"}),$.end(JSON.stringify({ok:!0})),setTimeout(()=>{Y.close(),z({token:X,server:Y})},500);return}}catch{}$.writeHead(400,{"Content-Type":"application/json"}),$.end(JSON.stringify({error:"Invalid token"}))});return}if(J.method==="GET"&&(J.url==="/"||J.url==="/login")){let M=Y.address().port;$.writeHead(200,{"Content-Type":"text/html"}),$.end(Jz(M));return}$.writeHead(404),$.end("Not found")});Y.listen(0,"127.0.0.1",()=>{let $=Y.address().port;console.error("\x1B[33m▸ Opening browser for Devin login...\x1B[0m"),console.error(`  Local server: http://localhost:${$}
+`),$z(`http://localhost:${$}`),setTimeout(()=>{if(!X)Y.close(),Q(Error("Login timed out after 5 minutes."))},300000)}),Y.on("error",Q)})}async function K(z){let Q=process.env.DEVIN_TOKEN;if(Q&&Q.length>0)return Q;if(!z?.noCache){let Y=Yz();if(Y&&Zz(Y))return Y.accessToken}let{token:X}=await w();return console.error(`\x1B[32m✓ Authentication successful!\x1B[0m
+`),A(X),X}async function N(){P();let{token:z}=await w();return console.error(`\x1B[32m✓ Authentication successful!\x1B[0m
+`),A(z),z}function Mz(){P(),console.error("Cleared cached token.")}var S=j(()=>{O()});import{parseArgs as Hz}from"util";var u=/(?:https?:\/\/)?github\.com\/([^/]+)\/([^/]+)\/pull\/(\d+)/,p=/^([^/#]+)\/([^/#]+)#(\d+)$/,l=/^([^/#]+)\/([^/#]+)\/pull\/(\d+)$/,i=/(?:https?:\/\/)?app\.devin\.ai\/review\/([^/]+)\/([^/]+)\/pull\/(\d+)/;function x(z){let Q=z.match(u)??z.match(i)??z.match(p)??z.match(l);if(!Q)throw Error(`Invalid PR reference: ${z}
+Expected: owner/repo#123 or https://github.com/owner/repo/pull/123`);let[,X,Y,J]=Q;return{owner:X,repo:Y,number:parseInt(J,10),prPath:`github.com/${X}/${Y}/pull/${J}`}}S();O();class F extends Error{constructor(){super("Authentication expired. Re-authenticating...");this.name="AuthExpiredError"}}class I extends Error{status;body;constructor(z,Q){super(`Devin API error ${z}: ${Q}`);this.status=z;this.body=Q;this.name="ApiError"}}async function Wz(z,Q){let X=`${R}/${z}`,Y=await fetch(X,{headers:{Authorization:`Bearer ${Q}`,Accept:"application/json"}});if(!Y.ok){if(Y.status===401||Y.status===403)throw new F;let J=await Y.text().catch(()=>"");throw new I(Y.status,J)}return Y.json()}async function H(z,Q){return Wz(`pr-review/digest?pr_path=${encodeURIComponent(z)}`,Q)}function Gz(z){if(!z)return null;let Q=z.match(/<!--\s*devin-review-comment\s*(\{.+\})\s*-->/);if(!Q?.[1])return null;try{let X=JSON.parse(Q[1]);return{id:String(X.id??""),file_path:String(X.file_path??""),start_line:typeof X.start_line==="number"?X.start_line:0,end_line:typeof X.end_line==="number"?X.end_line:0,side:X.side==="LEFT"?"LEFT":"RIGHT"}}catch{return null}}function Bz(z){if(z.startsWith("\uD83D\uDD34"))return"severe";if(z.startsWith("\uD83D\uDFE1"))return"warning";if(z.startsWith("\uD83D\uDFE2"))return"info";return"info"}function Vz(z){return z.match(/\*\*(.+?)\*\*/)?.[1]?.trim()??z.split(`
+`)[0]?.slice(0,120).trim()??""}function Lz(z){return z.split(`
+`).slice(1).join(`
+`).trim()}function Uz(z){return z.match(/(?:recommendation|suggested fix|fix):\s*(.+?)(?:\n\n|\n#+|\n🔴|\n🟡|$)/is)?.[1]?.trim()??""}function Kz(z,Q){if(z.startsWith("BUG_"))return"lifeguard-bug";if(z.startsWith("ANALYSIS_")||z.startsWith("INFO_"))return"lifeguard-analysis";let X=Q.toLowerCase();if(X.includes("potential bug")||X.includes("\uD83D\uDD34")||X.includes("bug:")||X.includes("race condition")||X.includes("vulnerability")||X.includes("double-charge")||X.includes("sql injection"))return"lifeguard-bug";return"lifeguard-analysis"}function Fz(z,Q){let X=Gz(Q.hidden_header),Y=Q.body??"";if(!Y&&!X)return null;let J=X?.id??String(Q.devin_review_id??""),$=Kz(J,Y);return{filePath:X?.file_path??"",startLine:X?.start_line??null,endLine:X?.end_line??null,side:X?.side??"RIGHT",title:Vz(Y),description:Lz(Y),severity:Bz(Y),recommendation:Uz(Y),needsInvestigation:Y.toLowerCase().includes("needs investigation"),type:$,isResolved:z.is_resolved,isOutdated:z.is_outdated,htmlUrl:Q.html_url??null}}function Iz(z){return z.devin_review_id!=null||z.hidden_header?.includes("devin-review-comment")===!0||z.author?.login==="devin-ai-integration"||z.author?.login==="devin-ai-integration[bot]"||z.author?.login==="devin-ai[bot]"}function b(z,Q){let X=[];for(let Y of z.review_threads){if(!Q?.includeResolved&&Y.is_resolved)continue;if(!Q?.includeOutdated&&Y.is_outdated)continue;for(let J of Y.comments){if(!Iz(J))continue;let $=Fz(Y,J);if($){X.push($);break}}}if(!Q?.includeAnalysis)return X.filter((Y)=>Y.type==="lifeguard-bug");return X}var Z={reset:"\x1B[0m",bold:"\x1B[1m",dim:"\x1B[2m",red:"\x1B[31m",green:"\x1B[32m",yellow:"\x1B[33m",cyan:"\x1B[36m",white:"\x1B[37m",bgRed:"\x1B[41m",bgYellow:"\x1B[43m",bgBlue:"\x1B[44m"};function Oz(z){let Q=z.toUpperCase();switch(z.toLowerCase()){case"severe":case"critical":return`${Z.bgRed}${Z.white}${Z.bold} ${Q} ${Z.reset}`;case"warning":return`${Z.bgYellow}${Z.bold} ${Q} ${Z.reset}`;default:return`${Z.bgBlue}${Z.white} ${Q} ${Z.reset}`}}function Dz(z){if(z==="lifeguard-bug")return`${Z.red}${Z.bold}BUG${Z.reset}`;return`${Z.cyan}${Z.bold}INFO${Z.reset}`}function Nz(z){if(!z.filePath)return"";let Q=`${Z.cyan}${z.filePath}${Z.reset}`;if(z.startLine==null)return Q;let X=z.endLine!=null&&z.endLine!==z.startLine?`${Z.dim}:${z.startLine}-${z.endLine}${Z.reset}`:`${Z.dim}:${z.startLine}${Z.reset}`;return`${Q}${X}`}function Sz(z,Q,X){let Y=" ".repeat(Q),J=z.split(/\s+/),$=[],M="";for(let G of J)if(M.length+G.length+1>X-Q)$.push(Y+M),M=G;else M=M?`${M} ${G}`:G;if(M)$.push(Y+M);return $.join(`
+`)}function T(z,Q){let X=[],Y=z.filter((M)=>M.type==="lifeguard-bug").length,J=z.filter((M)=>M.type==="lifeguard-analysis").length,$=[];if(Y>0)$.push(`${Z.red}${Z.bold}${Y} bug${Y===1?"":"s"}${Z.reset}`);if(J>0)$.push(`${Z.cyan}${J} suggestion${J===1?"":"s"}${Z.reset}`);if($.length===0)return X.push(`
+  ${Z.green}${Z.bold}No unresolved bugs${Z.reset} in ${Z.dim}${Q.owner}/${Q.repo}#${Q.number}${Z.reset}
+`),X.join(`
+`);X.push(`
+  ${$.join(", ")} in ${Z.dim}${Q.owner}/${Q.repo}#${Q.number}${Z.reset}
+`);for(let M of z){let G=Dz(M.type),W=Nz(M),V=Oz(M.severity);if(X.push(`  ${G}  ${W}  ${V}`),M.title)X.push(`  ${Z.bold}${Z.white}${M.title}${Z.reset}`);if(M.description&&M.description!==M.title){let L=M.description.replace(/<details>[\s\S]*?<\/details>/g,"").replace(/<!--[\s\S]*?-->/g,"").replace(/^\[.*?\]\(.*?\)$/gm,"").replace(/<a[\s\S]*?<\/a>/g,"").replace(/<picture>[\s\S]*?<\/picture>/g,"").replace(/<img[^>]*>/g,"").replace(/^---\s*$/gm,"").replace(/^\*Was this helpful\?.*$/gm,"").replace(/^#+\s*.+$/gm,"").replace(/\*\*(.+?)\*\*/g,"$1").replace(/`([^`]+)`/g,"$1").trim().split(`
+`)[0].split(`
+`).filter((y)=>y.trim()).join(" ").trim();if(L)X.push(Sz(`${Z.dim}${L}${Z.reset}`,2,100))}if(M.recommendation)X.push(`  ${Z.green}→ ${M.recommendation}${Z.reset}`);X.push("")}return X.join(`
+`)}function v(z){return JSON.stringify(z,null,2)}var jz=`
+  \x1B[1mdevin-bugs\x1B[0m \u2014 Extract unresolved bugs from Devin AI code reviews
+  \x1B[1mUsage:\x1B[0m
+    devin-bugs <pr> [options]
+  \x1B[1mArguments:\x1B[0m
+    pr              GitHub PR URL or shorthand
+                    Examples: owner/repo#123
+                              https://github.com/owner/repo/pull/123
+                              https://app.devin.ai/review/owner/repo/pull/123
+  \x1B[1mOptions:\x1B[0m
+    --json          Output as JSON (for piping)
+    --all           Include analysis/suggestions, not just bugs
+    --raw           Dump raw API response (debug)
+    --no-cache      Force re-authentication
+    --login         Just authenticate, don't fetch anything
+    --logout        Clear stored credentials
+    --help, -h      Show this help
+    --version, -v   Show version
+  \x1B[1mEnvironment:\x1B[0m
+    DEVIN_TOKEN     Skip browser auth, use this token directly
+  \x1B[1mExamples:\x1B[0m
+    devin-bugs owner/repo#46
+    devin-bugs owner/repo#46 --json
+    devin-bugs owner/repo#46 --all --raw
+    DEVIN_TOKEN=xxx devin-bugs owner/repo#46
+`;function k(){console.log(jz)}function xz(){console.log("devin-bugs 0.1.0")}async function Cz(){let z;try{z=Hz({allowPositionals:!0,options:{json:{type:"boolean",default:!1},all:{type:"boolean",default:!1},raw:{type:"boolean",default:!1},"no-cache":{type:"boolean",default:!1},login:{type:"boolean",default:!1},logout:{type:"boolean",default:!1},help:{type:"boolean",short:"h",default:!1},version:{type:"boolean",short:"v",default:!1}}})}catch(W){console.error(`\x1B[31mError:\x1B[0m ${W.message}`),process.exit(1)}let{values:Q,positionals:X}=z;if(Q.help){k();return}if(Q.version){xz();return}if(Q.logout){let{clearAuth:W}=await Promise.resolve().then(() => (S(),E));W();return}if(Q.login){let W=await K({noCache:Q["no-cache"]});console.error("\x1B[32m\u2713 Authenticated successfully.\x1B[0m"),console.error(`  Token cached for future use.
+`);try{let V=JSON.parse(Buffer.from(W.split(".")[1],"base64url").toString()),L=new Date(V.exp*1000);console.error(`  Expires: ${L.toLocaleString()}`)}catch{}return}if(X.length===0)console.error(`\x1B[31mError:\x1B[0m Missing PR argument.
+`),k(),process.exit(1);let Y=X[0],J;try{J=x(Y)}catch(W){console.error(`\x1B[31mError:\x1B[0m ${W.message}`),process.exit(1)}let $;try{$=await K({noCache:Q["no-cache"]})}catch(W){console.error(`\x1B[31mAuth error:\x1B[0m ${W.message}`),process.exit(1)}let M;try{M=await H(J.prPath,$)}catch(W){if(W instanceof F){console.error("\x1B[33m\u25B8 Token expired, re-authenticating...\x1B[0m");try{$=await N(),M=await H(J.prPath,$)}catch(V){console.error(`\x1B[31mError:\x1B[0m ${V.message}`),process.exit(1)}}else if(W instanceof I){if(W.status===404)console.error(`\x1B[31mError:\x1B[0m PR not found or no Devin review exists for ${J.owner}/${J.repo}#${J.number}`);else console.error(`\x1B[31mAPI error ${W.status}:\x1B[0m ${W.body}`);process.exit(1)}else throw W}if(Q.raw){console.log(JSON.stringify(M,null,2));return}let G=b(M,{includeAnalysis:Q.all});if(Q.json)console.log(v(G));else console.log(T(G,J))}Cz().catch((z)=>{console.error(`\x1B[31mFatal error:\x1B[0m ${z.message??z}`),process.exit(1)});

package/package.json CHANGED Viewed

@@ -1,20 +1,19 @@
 {
   "name": "devin-bugs",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "CLI to extract unresolved bugs from Devin AI code reviews",
   "type": "module",
   "bin": {
-    "devin-bugs": "./bin/devin-bugs.mjs"
+    "devin-bugs": "dist/cli.js"
   },
   "scripts": {
+    "build": "bun build src/cli.ts --outfile dist/cli.js --target node --minify && sed -i '1s|#!/usr/bin/env bun|#!/usr/bin/env node|' dist/cli.js && chmod +x dist/cli.js",
     "start": "bun src/cli.ts",
-    "typecheck": "bunx tsc --noEmit"
+    "typecheck": "bunx tsc --noEmit",
+    "prepublishOnly": "npm run build"
   },
   "files": [
-    "bin/",
-    "src/",
-    "README.md",
-    "LICENSE"
+    "dist/"
   ],
   "keywords": [
     "devin",
@@ -26,14 +25,14 @@
   ],
   "repository": {
     "type": "git",
-    "url": "https://github.com/xCatalitY/devin-review-cli.git"
+    "url": "git+https://github.com/xCatalitY/devin-review-cli.git"
   },
   "homepage": "https://github.com/xCatalitY/devin-review-cli",
   "bugs": "https://github.com/xCatalitY/devin-review-cli/issues",
   "license": "MIT",
   "author": "xCatalitY",
   "engines": {
-    "bun": ">=1.0.0"
+    "node": ">=18.0.0"
   },
   "devDependencies": {
     "@types/bun": "latest",

package/bin/devin-bugs.mjs DELETED Viewed

	@@ -1,2 +0,0 @@
1	- #!/usr/bin/env bun
2	- import "../src/cli.ts";

package/src/api.ts DELETED Viewed

@@ -1,81 +0,0 @@
-import { DEVIN_API_BASE } from "./config.js";
-import type { DigestResponse } from "./types.js";
-// ---------------------------------------------------------------------------
-// Error classes
-// ---------------------------------------------------------------------------
-export class AuthExpiredError extends Error {
-  constructor() {
-    super("Authentication expired. Re-authenticating...");
-    this.name = "AuthExpiredError";
-  }
-}
-export class ApiError extends Error {
-  constructor(
-    public readonly status: number,
-    public readonly body: string
-  ) {
-    super(`Devin API error ${status}: ${body}`);
-    this.name = "ApiError";
-  }
-}
-// ---------------------------------------------------------------------------
-// Generic request helper
-// ---------------------------------------------------------------------------
-async function apiRequest<T>(path: string, token: string): Promise<T> {
-  const url = `${DEVIN_API_BASE}/${path}`;
-  const res = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`,
-      Accept: "application/json",
-    },
-  });
-  if (!res.ok) {
-    if (res.status === 401 || res.status === 403) {
-      throw new AuthExpiredError();
-    }
-    const body = await res.text().catch(() => "");
-    throw new ApiError(res.status, body);
-  }
-  return res.json() as Promise<T>;
-}
-// ---------------------------------------------------------------------------
-// Endpoints
-// ---------------------------------------------------------------------------
-export async function fetchDigest(
-  prPath: string,
-  token: string
-): Promise<DigestResponse> {
-  return apiRequest<DigestResponse>(
-    `pr-review/digest?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}
-export async function fetchPRInfo(
-  prPath: string,
-  token: string
-): Promise<Record<string, unknown>> {
-  return apiRequest<Record<string, unknown>>(
-    `pr-review/info?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}
-export async function fetchJobs(
-  prPath: string,
-  token: string
-): Promise<{ jobs: unknown[] }> {
-  return apiRequest<{ jobs: unknown[] }>(
-    `pr-review/jobs?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}

package/src/auth.ts DELETED Viewed

@@ -1,360 +0,0 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync } from "node:fs";
-import { dirname } from "node:path";
-import { createServer, type Server } from "node:http";
-import { execFile } from "node:child_process";
-import {
-  TOKEN_PATH,
-  DEVIN_APP_URL,
-  TOKEN_REFRESH_MARGIN_SEC,
-} from "./config.js";
-import type { CachedToken } from "./types.js";
-// ---------------------------------------------------------------------------
-// JWT helpers (no library — just decode the payload for `exp`)
-// ---------------------------------------------------------------------------
-function base64UrlDecode(str: string): string {
-  const padded = str.replace(/-/g, "+").replace(/_/g, "/");
-  return Buffer.from(padded, "base64").toString("utf-8");
-}
-function decodeTokenExpiry(jwt: string): number {
-  const parts = jwt.split(".");
-  if (parts.length !== 3) throw new Error("Invalid JWT format");
-  const payload = JSON.parse(base64UrlDecode(parts[1]!));
-  if (typeof payload.exp !== "number") throw new Error("JWT missing exp claim");
-  return payload.exp * 1000; // convert to epoch ms
-}
-// ---------------------------------------------------------------------------
-// Token cache (disk)
-// ---------------------------------------------------------------------------
-function ensureDir(dirPath: string): void {
-  if (!existsSync(dirPath)) {
-    mkdirSync(dirPath, { recursive: true });
-  }
-}
-function readCachedToken(): CachedToken | null {
-  try {
-    if (!existsSync(TOKEN_PATH)) return null;
-    const raw = readFileSync(TOKEN_PATH, "utf-8");
-    const parsed = JSON.parse(raw) as CachedToken;
-    if (!parsed.accessToken || !parsed.expiresAt) return null;
-    return parsed;
-  } catch {
-    return null;
-  }
-}
-function writeCachedToken(accessToken: string): CachedToken {
-  ensureDir(dirname(TOKEN_PATH));
-  const expiresAt = decodeTokenExpiry(accessToken);
-  const cached: CachedToken = {
-    accessToken,
-    obtainedAt: Date.now(),
-    expiresAt,
-  };
-  writeFileSync(TOKEN_PATH, JSON.stringify(cached, null, 2));
-  return cached;
-}
-function clearCachedToken(): void {
-  try {
-    if (existsSync(TOKEN_PATH)) unlinkSync(TOKEN_PATH);
-  } catch {
-    // ignore
-  }
-}
-function isTokenValid(cached: CachedToken): boolean {
-  return cached.expiresAt - Date.now() > TOKEN_REFRESH_MARGIN_SEC * 1000;
-}
-// ---------------------------------------------------------------------------
-// Open URL in system browser (safe — no shell interpolation)
-// ---------------------------------------------------------------------------
-function openBrowser(url: string): void {
-  const opener =
-    process.platform === "darwin"
-      ? { cmd: "open", args: [url] }
-      : process.platform === "win32"
-        ? { cmd: "cmd", args: ["/c", "start", "", url] }
-        : { cmd: "xdg-open", args: [url] };
-  execFile(opener.cmd, opener.args, (err) => {
-    if (err) {
-      console.error(`\x1b[33m▸ Could not open browser automatically.\x1b[0m`);
-      console.error(`  Open this URL manually: ${url}\n`);
-    }
-  });
-}
-// ---------------------------------------------------------------------------
-// Local callback server
-// ---------------------------------------------------------------------------
-/**
- * The capture page served at localhost. It instructs the user to:
- * 1. Log in to Devin in a new tab
- * 2. Paste a one-liner in the browser console that sends the token back
- *
- * This is the same pattern as many CLIs that can't do standard OAuth.
- * The one-liner calls __HACK__getAccessToken() on app.devin.ai and
- * POSTs the result to our localhost callback.
- */
-function buildCapturePage(port: number): string {
-  return `<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="utf-8">
-  <title>devin-bugs — Login</title>
-  <style>
-    * { margin: 0; padding: 0; box-sizing: border-box; }
-    body {
-      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
-      background: #141414; color: #e0e0e0;
-      display: flex; align-items: center; justify-content: center;
-      min-height: 100vh; padding: 2rem;
-    }
-    .card {
-      background: #1e1e1e; border: 1px solid #333; border-radius: 12px;
-      padding: 2.5rem; max-width: 560px; width: 100%;
-    }
-    h1 { font-size: 1.25rem; color: #fff; margin-bottom: 0.5rem; }
-    .subtitle { color: #888; font-size: 0.9rem; margin-bottom: 1.5rem; }
-    .step {
-      display: flex; gap: 0.75rem; margin-bottom: 1.25rem;
-      padding: 0.75rem; border-radius: 8px; background: #252525;
-    }
-    .step-num {
-      flex-shrink: 0; width: 24px; height: 24px; border-radius: 50%;
-      background: #3b82f6; color: #fff; font-size: 0.75rem; font-weight: 700;
-      display: flex; align-items: center; justify-content: center;
-    }
-    .step-text { font-size: 0.9rem; line-height: 1.5; }
-    .step-text a { color: #60a5fa; text-decoration: none; }
-    .step-text a:hover { text-decoration: underline; }
-    code {
-      background: #0d1117; color: #7ee787; padding: 0.5rem 0.75rem;
-      border-radius: 6px; display: block; font-size: 0.8rem;
-      margin-top: 0.5rem; cursor: pointer; border: 1px solid #333;
-      word-break: break-all; position: relative;
-    }
-    code:hover { border-color: #3b82f6; }
-    code::after {
-      content: 'click to copy'; position: absolute; right: 8px; top: 8px;
-      font-size: 0.65rem; color: #888; font-family: sans-serif;
-    }
-    .success {
-      display: none; padding: 1rem; border-radius: 8px;
-      background: #052e16; border: 1px solid #16a34a; text-align: center;
-    }
-    .success h2 { color: #4ade80; font-size: 1rem; }
-    .success p { color: #86efac; font-size: 0.85rem; margin-top: 0.5rem; }
-    .waiting {
-      text-align: center; padding: 1rem; color: #888;
-      font-size: 0.85rem; margin-top: 0.5rem;
-    }
-    .dot { animation: pulse 1.5s infinite; }
-    @keyframes pulse { 0%,100% { opacity: 0.3; } 50% { opacity: 1; } }
-  </style>
-</head>
-<body>
-  <div class="card">
-    <h1>devin-bugs</h1>
-    <p class="subtitle">Authenticate with Devin to extract PR review data</p>
-    <div id="steps">
-      <div class="step">
-        <div class="step-num">1</div>
-        <div class="step-text">
-          <a href="${DEVIN_APP_URL}" target="_blank" rel="noopener">
-            Open app.devin.ai</a> and log in with GitHub
-        </div>
-      </div>
-      <div class="step">
-        <div class="step-num">2</div>
-        <div class="step-text">
-          Open the browser console (<strong>F12</strong> → Console tab) and paste:
-          <code id="snippet" onclick="copySnippet()">fetch('http://localhost:${port}/callback',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({token:await __HACK__getAccessToken()})}).then(()=>document.title='✓ Token sent!')</code>
-        </div>
-      </div>
-      <div class="waiting">
-        Waiting for token<span class="dot">...</span>
-      </div>
-    </div>
-    <div class="success" id="success">
-      <h2>✓ Authentication successful!</h2>
-      <p>You can close this tab and return to your terminal.</p>
-    </div>
-  </div>
-  <script>
-    function copySnippet() {
-      navigator.clipboard.writeText(document.getElementById('snippet').textContent);
-      const el = document.getElementById('snippet');
-      el.style.borderColor = '#4ade80';
-      setTimeout(() => el.style.borderColor = '#333', 1500);
-    }
-    // Poll the local server to check if token was received
-    async function poll() {
-      try {
-        const res = await fetch('/status');
-        const data = await res.json();
-        if (data.received) {
-          document.getElementById('steps').style.display = 'none';
-          document.getElementById('success').style.display = 'block';
-          return;
-        }
-      } catch {}
-      setTimeout(poll, 1500);
-    }
-    poll();
-  </script>
-</body>
-</html>`;
-}
-/**
- * Start a local HTTP server that:
- * - Serves the capture page at /
- * - Receives the token at POST /callback (from the console one-liner)
- * - Reports status at GET /status (for the page to poll)
- */
-function startCallbackServer(): Promise<{ token: string; server: Server }> {
-  return new Promise((resolve, reject) => {
-    let receivedToken: string | null = null;
-    const server = createServer((req, res) => {
-      // CORS headers for cross-origin fetch from app.devin.ai
-      res.setHeader("Access-Control-Allow-Origin", "*");
-      res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
-      res.setHeader("Access-Control-Allow-Headers", "Content-Type");
-      if (req.method === "OPTIONS") {
-        res.writeHead(204);
-        res.end();
-        return;
-      }
-      if (req.method === "GET" && req.url === "/status") {
-        res.writeHead(200, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ received: receivedToken !== null }));
-        return;
-      }
-      if (req.method === "POST" && req.url === "/callback") {
-        let body = "";
-        req.on("data", (chunk: Buffer) => (body += chunk.toString()));
-        req.on("end", () => {
-          try {
-            const data = JSON.parse(body) as { token?: string };
-            if (typeof data.token === "string" && data.token.length > 20) {
-              receivedToken = data.token;
-              res.writeHead(200, { "Content-Type": "application/json" });
-              res.end(JSON.stringify({ ok: true }));
-              // Resolve after a short delay to let the page poll /status
-              setTimeout(() => {
-                server.close();
-                resolve({ token: receivedToken!, server });
-              }, 500);
-              return;
-            }
-          } catch {}
-          res.writeHead(400, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "Invalid token" }));
-        });
-        return;
-      }
-      // Serve the capture page
-      if (req.method === "GET" && (req.url === "/" || req.url === "/login")) {
-        const port = (server.address() as { port: number }).port;
-        res.writeHead(200, { "Content-Type": "text/html" });
-        res.end(buildCapturePage(port));
-        return;
-      }
-      res.writeHead(404);
-      res.end("Not found");
-    });
-    server.listen(0, "127.0.0.1", () => {
-      const addr = server.address() as { port: number };
-      const port = addr.port;
-      console.error(`\x1b[33m▸ Opening browser for Devin login...\x1b[0m`);
-      console.error(`  Local server: http://localhost:${port}\n`);
-      openBrowser(`http://localhost:${port}`);
-      // Timeout after 5 minutes
-      setTimeout(() => {
-        if (!receivedToken) {
-          server.close();
-          reject(new Error("Login timed out after 5 minutes."));
-        }
-      }, 5 * 60 * 1000);
-    });
-    server.on("error", reject);
-  });
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export interface GetTokenOptions {
-  noCache?: boolean;
-}
-/**
- * Get a valid Devin API auth token. Strategy:
- * 1. DEVIN_TOKEN env var (for CI/scripts)
- * 2. Cached token from disk (if not expired)
- * 3. Interactive login via system browser + localhost callback
- */
-export async function getToken(opts?: GetTokenOptions): Promise<string> {
-  // 1. Environment variable override
-  const envToken = process.env["DEVIN_TOKEN"];
-  if (envToken && envToken.length > 0) {
-    return envToken;
-  }
-  // 2. Cached token
-  if (!opts?.noCache) {
-    const cached = readCachedToken();
-    if (cached && isTokenValid(cached)) {
-      return cached.accessToken;
-    }
-  }
-  // 3. Interactive login via browser
-  const { token } = await startCallbackServer();
-  console.error("\x1b[32m✓ Authentication successful!\x1b[0m\n");
-  writeCachedToken(token);
-  return token;
-}
-/** Force re-authentication by clearing cache and launching browser */
-export async function forceReauth(): Promise<string> {
-  clearCachedToken();
-  const { token } = await startCallbackServer();
-  console.error("\x1b[32m✓ Authentication successful!\x1b[0m\n");
-  writeCachedToken(token);
-  return token;
-}
-/** Clear stored credentials */
-export function clearAuth(): void {
-  clearCachedToken();
-  console.error("Cleared cached token.");
-}

package/src/cli.ts DELETED Viewed

@@ -1,195 +0,0 @@
-#!/usr/bin/env bun
-import { parseArgs } from "node:util";
-import { parsePR } from "./parse-pr.js";
-import { getToken, forceReauth } from "./auth.js";
-import { fetchDigest, AuthExpiredError, ApiError } from "./api.js";
-import { extractFlags } from "./filter.js";
-import { formatTerminal, formatJSON } from "./format.js";
-// ---------------------------------------------------------------------------
-// CLI argument parsing
-// ---------------------------------------------------------------------------
-const HELP = `
-  \x1b[1mdevin-bugs\x1b[0m — Extract unresolved bugs from Devin AI code reviews
-  \x1b[1mUsage:\x1b[0m
-    devin-bugs <pr> [options]
-  \x1b[1mArguments:\x1b[0m
-    pr              GitHub PR URL or shorthand
-                    Examples: owner/repo#123
-                              https://github.com/owner/repo/pull/123
-                              https://app.devin.ai/review/owner/repo/pull/123
-  \x1b[1mOptions:\x1b[0m
-    --json          Output as JSON (for piping)
-    --all           Include analysis/suggestions, not just bugs
-    --raw           Dump raw API response (debug)
-    --no-cache      Force re-authentication
-    --login         Just authenticate, don't fetch anything
-    --logout        Clear stored credentials
-    --help, -h      Show this help
-    --version, -v   Show version
-  \x1b[1mEnvironment:\x1b[0m
-    DEVIN_TOKEN     Skip browser auth, use this token directly
-  \x1b[1mExamples:\x1b[0m
-    devin-bugs owner/repo#46
-    devin-bugs owner/repo#46 --json
-    devin-bugs owner/repo#46 --all --raw
-    DEVIN_TOKEN=xxx devin-bugs owner/repo#46
-`;
-function printHelp(): void {
-  console.log(HELP);
-}
-function printVersion(): void {
-  console.log("devin-bugs 0.1.0");
-}
-// ---------------------------------------------------------------------------
-// Main
-// ---------------------------------------------------------------------------
-async function main(): Promise<void> {
-  let parsed;
-  try {
-    parsed = parseArgs({
-      allowPositionals: true,
-      options: {
-        json: { type: "boolean", default: false },
-        all: { type: "boolean", default: false },
-        raw: { type: "boolean", default: false },
-        "no-cache": { type: "boolean", default: false },
-        login: { type: "boolean", default: false },
-        logout: { type: "boolean", default: false },
-        help: { type: "boolean", short: "h", default: false },
-        version: { type: "boolean", short: "v", default: false },
-      },
-    });
-  } catch (err: any) {
-    console.error(`\x1b[31mError:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  const { values, positionals } = parsed;
-  if (values.help) {
-    printHelp();
-    return;
-  }
-  if (values.version) {
-    printVersion();
-    return;
-  }
-  // --logout: clear credentials and exit
-  if (values.logout) {
-    const { clearAuth } = await import("./auth.js");
-    clearAuth();
-    return;
-  }
-  // --login: just authenticate and exit
-  if (values.login) {
-    const token = await getToken({ noCache: values["no-cache"] });
-    console.error("\x1b[32m✓ Authenticated successfully.\x1b[0m");
-    console.error(`  Token cached for future use.\n`);
-    // Show token expiry
-    try {
-      const payload = JSON.parse(
-        Buffer.from(token.split(".")[1]!, "base64url").toString()
-      );
-      const exp = new Date(payload.exp * 1000);
-      console.error(`  Expires: ${exp.toLocaleString()}`);
-    } catch {
-      // ignore
-    }
-    return;
-  }
-  // Require a PR argument
-  if (positionals.length === 0) {
-    console.error("\x1b[31mError:\x1b[0m Missing PR argument.\n");
-    printHelp();
-    process.exit(1);
-  }
-  const prInput = positionals[0]!;
-  let pr;
-  try {
-    pr = parsePR(prInput);
-  } catch (err: any) {
-    console.error(`\x1b[31mError:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  // Get auth token
-  let token: string;
-  try {
-    token = await getToken({ noCache: values["no-cache"] });
-  } catch (err: any) {
-    console.error(`\x1b[31mAuth error:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  // Fetch digest (with one retry on auth failure)
-  let digest;
-  try {
-    digest = await fetchDigest(pr.prPath, token);
-  } catch (err) {
-    if (err instanceof AuthExpiredError) {
-      // Re-authenticate and retry
-      console.error("\x1b[33m▸ Token expired, re-authenticating...\x1b[0m");
-      try {
-        token = await forceReauth();
-        digest = await fetchDigest(pr.prPath, token);
-      } catch (retryErr: any) {
-        console.error(`\x1b[31mError:\x1b[0m ${retryErr.message}`);
-        process.exit(1);
-      }
-    } else if (err instanceof ApiError) {
-      if (err.status === 404) {
-        console.error(
-          `\x1b[31mError:\x1b[0m PR not found or no Devin review exists for ${pr.owner}/${pr.repo}#${pr.number}`
-        );
-      } else {
-        console.error(`\x1b[31mAPI error ${err.status}:\x1b[0m ${err.body}`);
-      }
-      process.exit(1);
-    } else {
-      throw err;
-    }
-  }
-  // --raw: dump full response
-  if (values.raw) {
-    console.log(JSON.stringify(digest, null, 2));
-    return;
-  }
-  // Extract and filter flags
-  const flags = extractFlags(digest!, {
-    includeAnalysis: values.all,
-  });
-  // Output
-  if (values.json) {
-    console.log(formatJSON(flags));
-  } else {
-    console.log(formatTerminal(flags, pr));
-  }
-}
-// ---------------------------------------------------------------------------
-// Run
-// ---------------------------------------------------------------------------
-main().catch((err) => {
-  console.error(`\x1b[31mFatal error:\x1b[0m ${err.message ?? err}`);
-  process.exit(1);
-});

package/src/config.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import { homedir } from "node:os";
-import { join } from "node:path";
-export const DEVIN_API_BASE = "https://app.devin.ai/api";
-export const DEVIN_APP_URL = "https://app.devin.ai";
-export const DEVIN_LOGIN_URL = "https://app.devin.ai/auth/login";
-export const CONFIG_DIR = join(homedir(), ".config", "devin-bugs");
-export const CACHE_DIR = join(homedir(), ".cache", "devin-bugs");
-export const TOKEN_PATH = join(CONFIG_DIR, "token.json");
-export const BROWSER_DATA_DIR = join(CACHE_DIR, "browser-profile");
-/** Refresh token if less than this many seconds until expiry */
-export const TOKEN_REFRESH_MARGIN_SEC = 300;

package/src/filter.ts DELETED Viewed

@@ -1,183 +0,0 @@
-import type { DigestResponse, ReviewThread, ReviewComment, LifeguardFlag } from "./types.js";
-// ---------------------------------------------------------------------------
-// Parse hidden_header: <!-- devin-review-comment {JSON} -->
-// ---------------------------------------------------------------------------
-interface HiddenHeaderData {
-  id: string;
-  file_path: string;
-  start_line: number;
-  end_line: number;
-  side: "LEFT" | "RIGHT";
-}
-function parseHiddenHeader(header: string | null | undefined): HiddenHeaderData | null {
-  if (!header) return null;
-  // Format: <!-- devin-review-comment {"id":"...","file_path":"...","start_line":N,...} -->
-  const match = header.match(/<!--\s*devin-review-comment\s*(\{.+\})\s*-->/);
-  if (!match?.[1]) return null;
-  try {
-    const data = JSON.parse(match[1]) as Record<string, unknown>;
-    return {
-      id: String(data.id ?? ""),
-      file_path: String(data.file_path ?? ""),
-      start_line: typeof data.start_line === "number" ? data.start_line : 0,
-      end_line: typeof data.end_line === "number" ? data.end_line : 0,
-      side: data.side === "LEFT" ? "LEFT" : "RIGHT",
-    };
-  } catch {
-    return null;
-  }
-}
-// ---------------------------------------------------------------------------
-// Parse bug body: emoji severity + bold title + description
-// ---------------------------------------------------------------------------
-function parseSeverity(body: string): string {
-  if (body.startsWith("🔴")) return "severe";
-  if (body.startsWith("🟡")) return "warning";
-  if (body.startsWith("🟢")) return "info";
-  return "info";
-}
-function parseTitle(body: string): string {
-  const match = body.match(/\*\*(.+?)\*\*/);
-  return match?.[1]?.trim() ?? body.split("\n")[0]?.slice(0, 120).trim() ?? "";
-}
-function parseDescription(body: string): string {
-  // Everything after the first line (title line)
-  const lines = body.split("\n");
-  return lines
-    .slice(1)
-    .join("\n")
-    .trim();
-}
-function parseRecommendation(body: string): string {
-  // Look for "Recommendation:" or "Fix:" or "→" sections
-  const match = body.match(/(?:recommendation|suggested fix|fix):\s*(.+?)(?:\n\n|\n#+|\n🔴|\n🟡|$)/is);
-  return match?.[1]?.trim() ?? "";
-}
-// ---------------------------------------------------------------------------
-// Determine flag type from the comment body/id
-// ---------------------------------------------------------------------------
-function determineType(id: string, body: string): LifeguardFlag["type"] {
-  if (id.startsWith("BUG_")) return "lifeguard-bug";
-  if (id.startsWith("ANALYSIS_") || id.startsWith("INFO_")) return "lifeguard-analysis";
-  // Fallback: check body for bug indicators
-  const lower = body.toLowerCase();
-  if (
-    lower.includes("potential bug") ||
-    lower.includes("🔴") ||
-    lower.includes("bug:") ||
-    lower.includes("race condition") ||
-    lower.includes("vulnerability") ||
-    lower.includes("double-charge") ||
-    lower.includes("sql injection")
-  ) {
-    return "lifeguard-bug";
-  }
-  return "lifeguard-analysis";
-}
-// ---------------------------------------------------------------------------
-// Extract a LifeguardFlag from a Devin review thread
-// ---------------------------------------------------------------------------
-function extractFlag(
-  thread: ReviewThread,
-  comment: ReviewComment
-): LifeguardFlag | null {
-  const header = parseHiddenHeader(comment.hidden_header);
-  const body = comment.body ?? "";
-  if (!body && !header) return null;
-  const id = header?.id ?? String(comment.devin_review_id ?? "");
-  const type = determineType(id, body);
-  return {
-    filePath: header?.file_path ?? "",
-    startLine: header?.start_line ?? null,
-    endLine: header?.end_line ?? null,
-    side: header?.side ?? "RIGHT",
-    title: parseTitle(body),
-    description: parseDescription(body),
-    severity: parseSeverity(body),
-    recommendation: parseRecommendation(body),
-    needsInvestigation: body.toLowerCase().includes("needs investigation"),
-    type,
-    isResolved: thread.is_resolved,
-    isOutdated: thread.is_outdated,
-    htmlUrl: comment.html_url ?? null,
-  };
-}
-// ---------------------------------------------------------------------------
-// Identify Devin review comments
-// ---------------------------------------------------------------------------
-function isDevinComment(comment: ReviewComment): boolean {
-  return (
-    comment.devin_review_id != null ||
-    comment.hidden_header?.includes("devin-review-comment") === true ||
-    comment.author?.login === "devin-ai-integration" ||
-    comment.author?.login === "devin-ai-integration[bot]" ||
-    comment.author?.login === "devin-ai[bot]"
-  );
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export interface FilterOptions {
-  /** Include lifeguard-analysis items, not just bugs */
-  includeAnalysis?: boolean;
-  /** Include resolved items */
-  includeResolved?: boolean;
-  /** Include outdated items */
-  includeOutdated?: boolean;
-}
-/**
- * Extract all LifeguardFlags from a digest response.
- * Default: only unresolved, non-outdated bugs.
- */
-export function extractFlags(
-  digest: DigestResponse,
-  opts?: FilterOptions
-): LifeguardFlag[] {
-  const flags: LifeguardFlag[] = [];
-  for (const thread of digest.review_threads) {
-    // Apply thread-level filters
-    if (!opts?.includeResolved && thread.is_resolved) continue;
-    if (!opts?.includeOutdated && thread.is_outdated) continue;
-    // Extract from first Devin comment in the thread
-    for (const comment of thread.comments) {
-      if (!isDevinComment(comment)) continue;
-      const flag = extractFlag(thread, comment);
-      if (flag) {
-        flags.push(flag);
-        break; // One flag per thread
-      }
-    }
-  }
-  // Filter by type
-  if (!opts?.includeAnalysis) {
-    return flags.filter((f) => f.type === "lifeguard-bug");
-  }
-  return flags;
-}

package/src/format.ts DELETED Viewed

@@ -1,162 +0,0 @@
-import type { LifeguardFlag, ParsedPR } from "./types.js";
-// ---------------------------------------------------------------------------
-// ANSI color helpers (no dependency)
-// ---------------------------------------------------------------------------
-const c = {
-  reset: "\x1b[0m",
-  bold: "\x1b[1m",
-  dim: "\x1b[2m",
-  red: "\x1b[31m",
-  green: "\x1b[32m",
-  yellow: "\x1b[33m",
-  cyan: "\x1b[36m",
-  white: "\x1b[37m",
-  bgRed: "\x1b[41m",
-  bgYellow: "\x1b[43m",
-  bgBlue: "\x1b[44m",
-};
-function severityColor(severity: string): string {
-  switch (severity.toLowerCase()) {
-    case "severe":
-    case "critical":
-      return c.red;
-    case "warning":
-      return c.yellow;
-    default:
-      return c.cyan;
-  }
-}
-function severityBadge(severity: string): string {
-  const upper = severity.toUpperCase();
-  switch (severity.toLowerCase()) {
-    case "severe":
-    case "critical":
-      return `${c.bgRed}${c.white}${c.bold} ${upper} ${c.reset}`;
-    case "warning":
-      return `${c.bgYellow}${c.bold} ${upper} ${c.reset}`;
-    default:
-      return `${c.bgBlue}${c.white} ${upper} ${c.reset}`;
-  }
-}
-function typeBadge(type: LifeguardFlag["type"]): string {
-  if (type === "lifeguard-bug") {
-    return `${c.red}${c.bold}BUG${c.reset}`;
-  }
-  return `${c.cyan}${c.bold}INFO${c.reset}`;
-}
-// ---------------------------------------------------------------------------
-// Terminal formatter
-// ---------------------------------------------------------------------------
-function formatLocation(flag: LifeguardFlag): string {
-  if (!flag.filePath) return "";
-  const file = `${c.cyan}${flag.filePath}${c.reset}`;
-  if (flag.startLine == null) return file;
-  const line =
-    flag.endLine != null && flag.endLine !== flag.startLine
-      ? `${c.dim}:${flag.startLine}-${flag.endLine}${c.reset}`
-      : `${c.dim}:${flag.startLine}${c.reset}`;
-  return `${file}${line}`;
-}
-function wrapText(text: string, indent: number, maxWidth: number): string {
-  const pad = " ".repeat(indent);
-  const words = text.split(/\s+/);
-  const lines: string[] = [];
-  let current = "";
-  for (const word of words) {
-    if (current.length + word.length + 1 > maxWidth - indent) {
-      lines.push(pad + current);
-      current = word;
-    } else {
-      current = current ? `${current} ${word}` : word;
-    }
-  }
-  if (current) lines.push(pad + current);
-  return lines.join("\n");
-}
-export function formatTerminal(flags: LifeguardFlag[], pr: ParsedPR): string {
-  const lines: string[] = [];
-  // Header
-  const bugCount = flags.filter((f) => f.type === "lifeguard-bug").length;
-  const analysisCount = flags.filter((f) => f.type === "lifeguard-analysis").length;
-  const parts: string[] = [];
-  if (bugCount > 0) parts.push(`${c.red}${c.bold}${bugCount} bug${bugCount === 1 ? "" : "s"}${c.reset}`);
-  if (analysisCount > 0) parts.push(`${c.cyan}${analysisCount} suggestion${analysisCount === 1 ? "" : "s"}${c.reset}`);
-  if (parts.length === 0) {
-    lines.push(`\n  ${c.green}${c.bold}No unresolved bugs${c.reset} in ${c.dim}${pr.owner}/${pr.repo}#${pr.number}${c.reset}\n`);
-    return lines.join("\n");
-  }
-  lines.push(
-    `\n  ${parts.join(", ")} in ${c.dim}${pr.owner}/${pr.repo}#${pr.number}${c.reset}\n`
-  );
-  // Each flag
-  for (const flag of flags) {
-    const badge = typeBadge(flag.type);
-    const location = formatLocation(flag);
-    const sev = severityBadge(flag.severity);
-    lines.push(`  ${badge}  ${location}  ${sev}`);
-    if (flag.title) {
-      lines.push(`  ${c.bold}${c.white}${flag.title}${c.reset}`);
-    }
-    // Show description (first paragraph, stripped of markdown/HTML noise)
-    if (flag.description && flag.description !== flag.title) {
-      const desc = flag.description
-        .replace(/<details>[\s\S]*?<\/details>/g, "") // remove <details> blocks
-        .replace(/<!--[\s\S]*?-->/g, "") // remove HTML comments
-        .replace(/^\[.*?\]\(.*?\)$/gm, "") // remove markdown links on own line
-        .replace(/<a[\s\S]*?<\/a>/g, "") // remove <a> tags
-        .replace(/<picture>[\s\S]*?<\/picture>/g, "") // remove <picture> tags
-        .replace(/<img[^>]*>/g, "") // remove <img> tags
-        .replace(/^---\s*$/gm, "") // remove horizontal rules
-        .replace(/^\*Was this helpful\?.*$/gm, "") // remove feedback prompt
-        .replace(/^#+\s*.+$/gm, "") // remove headings
-        .replace(/\*\*(.+?)\*\*/g, "$1") // remove bold markers
-        .replace(/`([^`]+)`/g, "$1") // remove inline code markers
-        .trim()
-        .split("\n\n")[0]! // first paragraph only
-        .split("\n")
-        .filter((l) => l.trim())
-        .join(" ")
-        .trim();
-      if (desc) {
-        lines.push(wrapText(`${c.dim}${desc}${c.reset}`, 2, 100));
-      }
-    }
-    if (flag.recommendation) {
-      lines.push(
-        `  ${c.green}→ ${flag.recommendation}${c.reset}`
-      );
-    }
-    lines.push(""); // blank line between flags
-  }
-  return lines.join("\n");
-}
-// ---------------------------------------------------------------------------
-// JSON formatter
-// ---------------------------------------------------------------------------
-export function formatJSON(flags: LifeguardFlag[]): string {
-  return JSON.stringify(flags, null, 2);
-}

package/src/parse-pr.ts DELETED Viewed

@@ -1,33 +0,0 @@
-import type { ParsedPR } from "./types.js";
-const GITHUB_URL_RE =
-  /(?:https?:\/\/)?github\.com\/([^/]+)\/([^/]+)\/pull\/(\d+)/;
-const SHORTHAND_RE = /^([^/#]+)\/([^/#]+)#(\d+)$/;
-const PATH_RE = /^([^/#]+)\/([^/#]+)\/pull\/(\d+)$/;
-/** Also accept Devin review URLs: app.devin.ai/review/owner/repo/pull/123 */
-const DEVIN_URL_RE =
-  /(?:https?:\/\/)?app\.devin\.ai\/review\/([^/]+)\/([^/]+)\/pull\/(\d+)/;
-export function parsePR(input: string): ParsedPR {
-  const match =
-    input.match(GITHUB_URL_RE) ??
-    input.match(DEVIN_URL_RE) ??
-    input.match(SHORTHAND_RE) ??
-    input.match(PATH_RE);
-  if (!match) {
-    throw new Error(
-      `Invalid PR reference: ${input}\n` +
-        `Expected: owner/repo#123 or https://github.com/owner/repo/pull/123`
-    );
-  }
-  const [, owner, repo, num] = match;
-  return {
-    owner: owner!,
-    repo: repo!,
-    number: parseInt(num!, 10),
-    prPath: `github.com/${owner}/${repo}/pull/${num}`,
-  };
-}

package/src/types.ts DELETED Viewed

@@ -1,106 +0,0 @@
-// ---------------------------------------------------------------------------
-// PR reference
-// ---------------------------------------------------------------------------
-export interface ParsedPR {
-  owner: string;
-  repo: string;
-  number: number;
-  /** e.g. "github.com/owner/repo/pull/123" */
-  prPath: string;
-}
-// ---------------------------------------------------------------------------
-// Cached auth token
-// ---------------------------------------------------------------------------
-export interface CachedToken {
-  accessToken: string;
-  /** epoch ms when token was obtained */
-  obtainedAt: number;
-  /** epoch ms when token expires (from JWT `exp` claim) */
-  expiresAt: number;
-}
-// ---------------------------------------------------------------------------
-// Devin Digest API response (partial — fields we care about)
-// ---------------------------------------------------------------------------
-export interface DigestResponse {
-  id: number;
-  title: string;
-  state: string;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  head_ref: string;
-  base_ref: string;
-  additions: number;
-  deletions: number;
-  review_threads: ReviewThread[];
-  comments: ReviewComment[];
-  reviews: Review[];
-  checks: Check[];
-  [key: string]: unknown;
-}
-export interface ReviewThread {
-  is_resolved: boolean;
-  is_outdated: boolean;
-  resolved_by?: { login: string; avatar_url?: string } | null;
-  comments: ReviewComment[];
-}
-export interface ReviewComment {
-  id: number | string;
-  body: string;
-  body_html?: string;
-  /** Non-null means this is a Devin review comment */
-  devin_review_id?: string | null;
-  /** Structured metadata header hidden from display */
-  hidden_header?: string | null;
-  html_url?: string | null;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  pull_request_review?: { id: number; state: string } | null;
-  reaction_groups?: unknown[];
-  [key: string]: unknown;
-}
-export interface Review {
-  id: number;
-  body: string;
-  body_html?: string;
-  state: string;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  devin_review_id?: string | null;
-  [key: string]: unknown;
-}
-export interface Check {
-  id: string;
-  name: string;
-  status: string;
-  conclusion: string | null;
-  workflow_name?: string;
-  is_required?: boolean;
-}
-// ---------------------------------------------------------------------------
-// Extracted bug/flag
-// ---------------------------------------------------------------------------
-export interface LifeguardFlag {
-  filePath: string;
-  startLine: number | null;
-  endLine: number | null;
-  side: "LEFT" | "RIGHT";
-  title: string;
-  description: string;
-  severity: string;
-  recommendation: string;
-  needsInvestigation: boolean;
-  type: "lifeguard-bug" | "lifeguard-analysis";
-  /** Source thread resolution status */
-  isResolved: boolean;
-  isOutdated: boolean;
-  /** URL to the comment on GitHub */
-  htmlUrl: string | null;
-}