npm - devin-bugs - Versions diffs - 0.1.2 → 0.3.0 - Mend

devin-bugs 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,167 @@
+#!/usr/bin/env node
+// @bun
+var y=Object.defineProperty;var f=(z)=>z;function u(z,Q){this[z]=f.bind(null,Q)}var h=(z,Q)=>{for(var X in Q)y(z,X,{get:Q[X],enumerable:!0,configurable:!0,set:u.bind(Q,X)})};var x=(z,Q)=>()=>(z&&(Q=z(z=0)),Q);import{homedir as _}from"node:os";import{join as K}from"node:path";var q="https://app.devin.ai/api",P="https://app.devin.ai",o,d,L,Ez,A=300;var I=x(()=>{o=K(_(),".config","devin-bugs"),d=K(_(),".cache","devin-bugs"),L=K(o,"token.json"),Ez=K(d,"browser-profile")});var b={};h(b,{getToken:()=>U,forceReauth:()=>S,clearAuth:()=>Wz});import{existsSync as D,mkdirSync as c,readFileSync as s,writeFileSync as t,unlinkSync as a}from"node:fs";import{dirname as r}from"node:path";import{createServer as e}from"node:http";import{execFile as zz}from"node:child_process";function w(z){let Q=z.replace(/-/g,"+").replace(/_/g,"/");return Buffer.from(Q,"base64").toString("utf-8")}function Qz(z){let Q=z.split(".");if(Q.length!==3)throw Error("Invalid JWT format");let X=JSON.parse(w(Q[1]));if(typeof X.exp!=="number")throw Error("JWT missing exp claim");return X.exp*1000}function Xz(z){if(!D(z))c(z,{recursive:!0})}function Yz(){try{if(!D(L))return null;let z=s(L,"utf-8"),Q=JSON.parse(z);if(!Q.accessToken||!Q.expiresAt)return null;return Q}catch{return null}}function N(z,Q){Xz(r(L));let X=Qz(z),Z={accessToken:z,obtainedAt:Date.now(),expiresAt:X,...Q&&Object.keys(Q).length>0?{auth0Cache:Q}:{}};return t(L,JSON.stringify(Z,null,2)),Z}async function Zz(z){if(!z.auth0Cache)return null;let Q=null,X=null,Z=null;for(let[Y,J]of Object.entries(z.auth0Cache)){if(!Y.startsWith("@@auth0spajs@@"))continue;let G=Y.split("::"),W=G[1],B=G[2];try{let V=JSON.parse(J);if(V.body?.refresh_token){Q=V.body.refresh_token,X=W??null,Z=B??null;break}}catch{continue}}if(!Q||!X)return null;let $=null;for(let Y of Object.keys(z.auth0Cache))if(Y.includes("https://")&&Y.includes("auth0")){let J=Y.match(/https:\/\/([^/]+)/);if(J?.[1]){$=J[1];break}}if(!$)try{let Y=JSON.parse(w(z.accessToken.split(".")[1]));if(typeof Y.iss==="string")$=new URL(Y.iss).hostname}catch{}if(!$)return console.error("\x1B[33m▸ Could not determine Auth0 domain for token refresh.\x1B[0m"),null;try{console.error("\x1B[33m▸ Refreshing token...\x1B[0m");let Y=await fetch(`https://${$}/oauth/token`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({grant_type:"refresh_token",client_id:X,refresh_token:Q,...Z?{audience:Z}:{}})});if(!Y.ok){let G=await Y.text().catch(()=>"");return console.error(`\x1B[33m▸ Refresh failed (${Y.status}): ${G.slice(0,100)}\x1B[0m`),null}let J=await Y.json();if(!J.access_token)return null;if(J.refresh_token&&z.auth0Cache)for(let[G,W]of Object.entries(z.auth0Cache)){if(!G.startsWith("@@auth0spajs@@"))continue;try{let B=JSON.parse(W);if(B.body?.refresh_token){B.body.refresh_token=J.refresh_token,B.body.access_token=J.access_token,z.auth0Cache[G]=JSON.stringify(B);break}}catch{continue}}return console.error(`\x1B[32m✓ Token refreshed!\x1B[0m
+`),J.access_token}catch(Y){return console.error(`\x1B[33m▸ Refresh error: ${Y instanceof Error?Y.message:Y}\x1B[0m`),null}}function E(){try{if(D(L))a(L)}catch{}}function $z(z){return z.expiresAt-Date.now()>A*1000}function Jz(z){let Q=process.platform==="darwin"?{cmd:"open",args:[z]}:process.platform==="win32"?{cmd:"cmd",args:["/c","start","",z]}:{cmd:"xdg-open",args:[z]};zz(Q.cmd,Q.args,(X)=>{if(X)console.error("\x1B[33m▸ Could not open browser automatically.\x1B[0m"),console.error(`  Open this URL manually: ${z}
+`)})}function Mz(z){return`<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>devin-bugs — Login</title>
+  <style>
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      background: #141414; color: #e0e0e0;
+      display: flex; align-items: center; justify-content: center;
+      min-height: 100vh; padding: 2rem;
+    }
+    .card {
+      background: #1e1e1e; border: 1px solid #333; border-radius: 12px;
+      padding: 2.5rem; max-width: 560px; width: 100%;
+    }
+    h1 { font-size: 1.25rem; color: #fff; margin-bottom: 0.5rem; }
+    .subtitle { color: #888; font-size: 0.9rem; margin-bottom: 1.5rem; }
+    .step {
+      display: flex; gap: 0.75rem; margin-bottom: 1.25rem;
+      padding: 0.75rem; border-radius: 8px; background: #252525;
+    }
+    .step-num {
+      flex-shrink: 0; width: 24px; height: 24px; border-radius: 50%;
+      background: #3b82f6; color: #fff; font-size: 0.75rem; font-weight: 700;
+      display: flex; align-items: center; justify-content: center;
+    }
+    .step-text { font-size: 0.9rem; line-height: 1.5; }
+    .step-text a { color: #60a5fa; text-decoration: none; }
+    .step-text a:hover { text-decoration: underline; }
+    code {
+      background: #0d1117; color: #7ee787; padding: 0.5rem 0.75rem;
+      border-radius: 6px; display: block; font-size: 0.8rem;
+      margin-top: 0.5rem; cursor: pointer; border: 1px solid #333;
+      word-break: break-all; position: relative;
+    }
+    code:hover { border-color: #3b82f6; }
+    code::after {
+      content: 'click to copy'; position: absolute; right: 8px; top: 8px;
+      font-size: 0.65rem; color: #888; font-family: sans-serif;
+    }
+    .success {
+      display: none; padding: 1rem; border-radius: 8px;
+      background: #052e16; border: 1px solid #16a34a; text-align: center;
+    }
+    .success h2 { color: #4ade80; font-size: 1rem; }
+    .success p { color: #86efac; font-size: 0.85rem; margin-top: 0.5rem; }
+    .waiting {
+      text-align: center; padding: 1rem; color: #888;
+      font-size: 0.85rem; margin-top: 0.5rem;
+    }
+    .dot { animation: pulse 1.5s infinite; }
+    @keyframes pulse { 0%,100% { opacity: 0.3; } 50% { opacity: 1; } }
+  </style>
+</head>
+<body>
+  <div class="card">
+    <h1>devin-bugs</h1>
+    <p class="subtitle">Authenticate with Devin to extract PR review data</p>
+    <div id="steps">
+      <div class="step">
+        <div class="step-num">1</div>
+        <div class="step-text">
+          <a href="${P}" target="_blank" rel="noopener">
+            Open app.devin.ai</a> and log in with GitHub
+        </div>
+      </div>
+      <div class="step">
+        <div class="step-num">2</div>
+        <div class="step-text">
+          Open the browser console (<strong>F12</strong> → Console tab) and paste:
+          <code id="snippet" onclick="copySnippet()">{let t=await __HACK__getAccessToken(),c={};for(let i=0;i&lt;localStorage.length;i++){let k=localStorage.key(i);if(k&amp;&amp;k.includes('auth0'))c[k]=localStorage.getItem(k)}fetch('http://localhost:${z}/callback',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({token:t,auth0Cache:c})}).then(()=>document.title='✓ Token sent!')}</code>
+        </div>
+      </div>
+      <div class="waiting">
+        Waiting for token<span class="dot">...</span>
+      </div>
+    </div>
+    <div class="success" id="success">
+      <h2>✓ Authentication successful!</h2>
+      <p>You can close this tab and return to your terminal.</p>
+    </div>
+  </div>
+  <script>
+    function copySnippet() {
+      navigator.clipboard.writeText(document.getElementById('snippet').textContent);
+      const el = document.getElementById('snippet');
+      el.style.borderColor = '#4ade80';
+      setTimeout(() => el.style.borderColor = '#333', 1500);
+    }
+    // Poll the local server to check if token was received
+    async function poll() {
+      try {
+        const res = await fetch('/status');
+        const data = await res.json();
+        if (data.received) {
+          document.getElementById('steps').style.display = 'none';
+          document.getElementById('success').style.display = 'block';
+          return;
+        }
+      } catch {}
+      setTimeout(poll, 1500);
+    }
+    poll();
+  </script>
+</body>
+</html>`}function C(){return new Promise((z,Q)=>{let X=null,Z=e(($,Y)=>{if(Y.setHeader("Access-Control-Allow-Origin","*"),Y.setHeader("Access-Control-Allow-Methods","POST, GET, OPTIONS"),Y.setHeader("Access-Control-Allow-Headers","Content-Type"),$.method==="OPTIONS"){Y.writeHead(204),Y.end();return}if($.method==="GET"&&$.url==="/status"){Y.writeHead(200,{"Content-Type":"application/json"}),Y.end(JSON.stringify({received:X!==null}));return}if($.method==="POST"&&$.url==="/callback"){let J="";$.on("data",(G)=>J+=G.toString()),$.on("end",()=>{try{let G=JSON.parse(J);if(typeof G.token==="string"&&G.token.length>20){X=G.token;let W=G.auth0Cache;if(W&&Object.keys(W).length>0)console.error(`\x1B[36m▸ Captured ${Object.keys(W).length} Auth0 cache entries\x1B[0m`);Y.writeHead(200,{"Content-Type":"application/json"}),Y.end(JSON.stringify({ok:!0})),setTimeout(()=>{Z.close(),z({token:X,auth0Cache:W,server:Z})},500);return}}catch{}Y.writeHead(400,{"Content-Type":"application/json"}),Y.end(JSON.stringify({error:"Invalid token"}))});return}if($.method==="GET"&&($.url==="/"||$.url==="/login")){let J=Z.address().port;Y.writeHead(200,{"Content-Type":"text/html"}),Y.end(Mz(J));return}Y.writeHead(404),Y.end("Not found")});Z.listen(0,"127.0.0.1",()=>{let Y=Z.address().port;console.error("\x1B[33m▸ Opening browser for Devin login...\x1B[0m"),console.error(`  Local server: http://localhost:${Y}
+`),Jz(`http://localhost:${Y}`),setTimeout(()=>{if(!X)Z.close(),Q(Error("Login timed out after 5 minutes."))},300000)}),Z.on("error",Q)})}async function U(z){let Q=process.env.DEVIN_TOKEN;if(Q&&Q.length>0)return Q;if(!z?.noCache){let $=Yz();if($&&$z($))return $.accessToken;if($?.auth0Cache){let Y=await Zz($);if(Y)return N(Y,$.auth0Cache),Y}}let{token:X,auth0Cache:Z}=await C();return console.error(`\x1B[32m✓ Authentication successful!\x1B[0m
+`),N(X,Z),X}async function S(){E();let{token:z,auth0Cache:Q}=await C();return console.error(`\x1B[32m✓ Authentication successful!\x1B[0m
+`),N(z,Q),z}function Wz(){E(),console.error("Cleared cached token.")}var H=x(()=>{I()});import{parseArgs as jz}from"util";var p=/(?:https?:\/\/)?github\.com\/([^/]+)\/([^/]+)\/pull\/(\d+)/,l=/^([^/#]+)\/([^/#]+)#(\d+)$/,i=/^([^/#]+)\/([^/#]+)\/pull\/(\d+)$/,n=/(?:https?:\/\/)?app\.devin\.ai\/review\/([^/]+)\/([^/]+)\/pull\/(\d+)/;function R(z){let Q=z.match(p)??z.match(n)??z.match(l)??z.match(i);if(!Q)throw Error(`Invalid PR reference: ${z}
+Expected: owner/repo#123 or https://github.com/owner/repo/pull/123`);let[,X,Z,$]=Q;return{owner:X,repo:Z,number:parseInt($,10),prPath:`github.com/${X}/${Z}/pull/${$}`}}H();I();class F extends Error{constructor(){super("Authentication expired. Re-authenticating...");this.name="AuthExpiredError"}}class O extends Error{status;body;constructor(z,Q){super(`Devin API error ${z}: ${Q}`);this.status=z;this.body=Q;this.name="ApiError"}}async function Gz(z,Q){let X=`${q}/${z}`,Z=await fetch(X,{headers:{Authorization:`Bearer ${Q}`,Accept:"application/json"}});if(!Z.ok){if(Z.status===401||Z.status===403)throw new F;let $=await Z.text().catch(()=>"");throw new O(Z.status,$)}return Z.json()}async function j(z,Q){return Gz(`pr-review/digest?pr_path=${encodeURIComponent(z)}`,Q)}function Bz(z){if(!z)return null;let Q=z.match(/<!--\s*devin-review-comment\s*(\{.+\})\s*-->/);if(!Q?.[1])return null;try{let X=JSON.parse(Q[1]);return{id:String(X.id??""),file_path:String(X.file_path??""),start_line:typeof X.start_line==="number"?X.start_line:0,end_line:typeof X.end_line==="number"?X.end_line:0,side:X.side==="LEFT"?"LEFT":"RIGHT"}}catch{return null}}function Vz(z){if(z.startsWith("\uD83D\uDD34"))return"severe";if(z.startsWith("\uD83D\uDFE1"))return"warning";if(z.startsWith("\uD83D\uDFE2"))return"info";return"info"}function Lz(z){return z.match(/\*\*(.+?)\*\*/)?.[1]?.trim()??z.split(`
+`)[0]?.slice(0,120).trim()??""}function Kz(z){return z.split(`
+`).slice(1).join(`
+`).trim()}function Uz(z){return z.match(/(?:recommendation|suggested fix|fix):\s*(.+?)(?:\n\n|\n#+|\n🔴|\n🟡|$)/is)?.[1]?.trim()??""}function Fz(z,Q){if(z.startsWith("BUG_"))return"lifeguard-bug";if(z.startsWith("ANALYSIS_")||z.startsWith("INFO_"))return"lifeguard-analysis";let X=Q.toLowerCase();if(X.includes("potential bug")||X.includes("\uD83D\uDD34")||X.includes("bug:")||X.includes("race condition")||X.includes("vulnerability")||X.includes("double-charge")||X.includes("sql injection"))return"lifeguard-bug";return"lifeguard-analysis"}function Oz(z,Q){let X=Bz(Q.hidden_header),Z=Q.body??"";if(!Z&&!X)return null;let $=X?.id??String(Q.devin_review_id??""),Y=Fz($,Z);return{filePath:X?.file_path??"",startLine:X?.start_line??null,endLine:X?.end_line??null,side:X?.side??"RIGHT",title:Lz(Z),description:Kz(Z),severity:Vz(Z),recommendation:Uz(Z),needsInvestigation:Z.toLowerCase().includes("needs investigation"),type:Y,isResolved:z.is_resolved,isOutdated:z.is_outdated,htmlUrl:Q.html_url??null}}function Iz(z){return z.devin_review_id!=null||z.hidden_header?.includes("devin-review-comment")===!0||z.author?.login==="devin-ai-integration"||z.author?.login==="devin-ai-integration[bot]"||z.author?.login==="devin-ai[bot]"}function v(z,Q){let X=[];for(let Z of z.review_threads){if(!Q?.includeResolved&&Z.is_resolved)continue;if(!Q?.includeOutdated&&Z.is_outdated)continue;for(let $ of Z.comments){if(!Iz($))continue;let Y=Oz(Z,$);if(Y){X.push(Y);break}}}if(!Q?.includeAnalysis)return X.filter((Z)=>Z.type==="lifeguard-bug");return X}var M={reset:"\x1B[0m",bold:"\x1B[1m",dim:"\x1B[2m",red:"\x1B[31m",green:"\x1B[32m",yellow:"\x1B[33m",cyan:"\x1B[36m",white:"\x1B[37m",bgRed:"\x1B[41m",bgYellow:"\x1B[43m",bgBlue:"\x1B[44m"};function Nz(z){let Q=z.toUpperCase();switch(z.toLowerCase()){case"severe":case"critical":return`${M.bgRed}${M.white}${M.bold} ${Q} ${M.reset}`;case"warning":return`${M.bgYellow}${M.bold} ${Q} ${M.reset}`;default:return`${M.bgBlue}${M.white} ${Q} ${M.reset}`}}function Dz(z){if(z==="lifeguard-bug")return`${M.red}${M.bold}BUG${M.reset}`;return`${M.cyan}${M.bold}INFO${M.reset}`}function Sz(z){if(!z.filePath)return"";let Q=`${M.cyan}${z.filePath}${M.reset}`;if(z.startLine==null)return Q;let X=z.endLine!=null&&z.endLine!==z.startLine?`${M.dim}:${z.startLine}-${z.endLine}${M.reset}`:`${M.dim}:${z.startLine}${M.reset}`;return`${Q}${X}`}function Hz(z,Q,X){let Z=" ".repeat(Q),$=z.split(/\s+/),Y=[],J="";for(let G of $)if(J.length+G.length+1>X-Q)Y.push(Z+J),J=G;else J=J?`${J} ${G}`:G;if(J)Y.push(Z+J);return Y.join(`
+`)}function T(z,Q){let X=[],Z=z.filter((J)=>J.type==="lifeguard-bug").length,$=z.filter((J)=>J.type==="lifeguard-analysis").length,Y=[];if(Z>0)Y.push(`${M.red}${M.bold}${Z} bug${Z===1?"":"s"}${M.reset}`);if($>0)Y.push(`${M.cyan}${$} suggestion${$===1?"":"s"}${M.reset}`);if(Y.length===0)return X.push(`
+  ${M.green}${M.bold}No unresolved bugs${M.reset} in ${M.dim}${Q.owner}/${Q.repo}#${Q.number}${M.reset}
+`),X.join(`
+`);X.push(`
+  ${Y.join(", ")} in ${M.dim}${Q.owner}/${Q.repo}#${Q.number}${M.reset}
+`);for(let J of z){let G=Dz(J.type),W=Sz(J),B=Nz(J.severity);if(X.push(`  ${G}  ${W}  ${B}`),J.title)X.push(`  ${M.bold}${M.white}${J.title}${M.reset}`);if(J.description&&J.description!==J.title){let V=J.description.replace(/<details>[\s\S]*?<\/details>/g,"").replace(/<!--[\s\S]*?-->/g,"").replace(/^\[.*?\]\(.*?\)$/gm,"").replace(/<a[\s\S]*?<\/a>/g,"").replace(/<picture>[\s\S]*?<\/picture>/g,"").replace(/<img[^>]*>/g,"").replace(/^---\s*$/gm,"").replace(/^\*Was this helpful\?.*$/gm,"").replace(/^#+\s*.+$/gm,"").replace(/\*\*(.+?)\*\*/g,"$1").replace(/`([^`]+)`/g,"$1").trim().split(`
+`)[0].split(`
+`).filter((m)=>m.trim()).join(" ").trim();if(V)X.push(Hz(`${M.dim}${V}${M.reset}`,2,100))}if(J.recommendation)X.push(`  ${M.green}→ ${J.recommendation}${M.reset}`);X.push("")}return X.join(`
+`)}function k(z){return JSON.stringify(z,null,2)}var xz=`
+  \x1B[1mdevin-bugs\x1B[0m \u2014 Extract unresolved bugs from Devin AI code reviews
+  \x1B[1mUsage:\x1B[0m
+    devin-bugs <pr> [options]
+  \x1B[1mArguments:\x1B[0m
+    pr              GitHub PR URL or shorthand
+                    Examples: owner/repo#123
+                              https://github.com/owner/repo/pull/123
+                              https://app.devin.ai/review/owner/repo/pull/123
+  \x1B[1mOptions:\x1B[0m
+    --json          Output as JSON (for piping)
+    --all           Include analysis/suggestions, not just bugs
+    --raw           Dump raw API response (debug)
+    --no-cache      Force re-authentication
+    --login         Just authenticate, don't fetch anything
+    --logout        Clear stored credentials
+    --help, -h      Show this help
+    --version, -v   Show version
+  \x1B[1mEnvironment:\x1B[0m
+    DEVIN_TOKEN     Skip browser auth, use this token directly
+  \x1B[1mExamples:\x1B[0m
+    devin-bugs owner/repo#46
+    devin-bugs owner/repo#46 --json
+    devin-bugs owner/repo#46 --all --raw
+    DEVIN_TOKEN=xxx devin-bugs owner/repo#46
+`;function g(){console.log(xz)}function Rz(){console.log("devin-bugs 0.3.0")}async function _z(){let z;try{z=jz({allowPositionals:!0,options:{json:{type:"boolean",default:!1},all:{type:"boolean",default:!1},raw:{type:"boolean",default:!1},"no-cache":{type:"boolean",default:!1},login:{type:"boolean",default:!1},logout:{type:"boolean",default:!1},help:{type:"boolean",short:"h",default:!1},version:{type:"boolean",short:"v",default:!1}}})}catch(W){console.error(`\x1B[31mError:\x1B[0m ${W.message}`),process.exit(1)}let{values:Q,positionals:X}=z;if(Q.help){g();return}if(Q.version){Rz();return}if(Q.logout){let{clearAuth:W}=await Promise.resolve().then(() => (H(),b));W();return}if(Q.login){let W=await U({noCache:Q["no-cache"]});console.error("\x1B[32m\u2713 Authenticated successfully.\x1B[0m"),console.error(`  Token cached for future use.
+`);try{let B=JSON.parse(Buffer.from(W.split(".")[1],"base64url").toString()),V=new Date(B.exp*1000);console.error(`  Expires: ${V.toLocaleString()}`)}catch{}return}if(X.length===0)console.error(`\x1B[31mError:\x1B[0m Missing PR argument.
+`),g(),process.exit(1);let Z=X[0],$;try{$=R(Z)}catch(W){console.error(`\x1B[31mError:\x1B[0m ${W.message}`),process.exit(1)}let Y;try{Y=await U({noCache:Q["no-cache"]})}catch(W){console.error(`\x1B[31mAuth error:\x1B[0m ${W.message}`),process.exit(1)}let J;try{J=await j($.prPath,Y)}catch(W){if(W instanceof F){console.error("\x1B[33m\u25B8 Token expired, re-authenticating...\x1B[0m");try{Y=await S(),J=await j($.prPath,Y)}catch(B){console.error(`\x1B[31mError:\x1B[0m ${B.message}`),process.exit(1)}}else if(W instanceof O){if(W.status===404)console.error(`\x1B[31mError:\x1B[0m PR not found or no Devin review exists for ${$.owner}/${$.repo}#${$.number}`);else console.error(`\x1B[31mAPI error ${W.status}:\x1B[0m ${W.body}`);process.exit(1)}else throw W}if(Q.raw){console.log(JSON.stringify(J,null,2));return}let G=v(J,{includeAnalysis:Q.all});if(Q.json)console.log(k(G));else console.log(T(G,$))}_z().catch((z)=>{console.error(`\x1B[31mFatal error:\x1B[0m ${z.message??z}`),process.exit(1)});

package/package.json CHANGED Viewed

@@ -1,20 +1,19 @@
 {
   "name": "devin-bugs",
-  "version": "0.1.2",
+  "version": "0.3.0",
   "description": "CLI to extract unresolved bugs from Devin AI code reviews",
   "type": "module",
   "bin": {
-    "devin-bugs": "bin/devin-bugs.js"
+    "devin-bugs": "dist/cli.js"
   },
   "scripts": {
+    "build": "bun build src/cli.ts --outfile dist/cli.js --target node --minify && sed -i '1s|#!/usr/bin/env bun|#!/usr/bin/env node|' dist/cli.js && chmod +x dist/cli.js",
     "start": "bun src/cli.ts",
-    "typecheck": "bunx tsc --noEmit"
+    "typecheck": "bunx tsc --noEmit",
+    "prepublishOnly": "npm run build"
   },
   "files": [
-    "bin/",
-    "src/",
-    "README.md",
-    "LICENSE"
+    "dist/"
   ],
   "keywords": [
     "devin",
@@ -33,7 +32,7 @@
   "license": "MIT",
   "author": "xCatalitY",
   "engines": {
-    "bun": ">=1.0.0"
+    "node": ">=18.0.0"
   },
   "devDependencies": {
     "@types/bun": "latest",

package/bin/devin-bugs.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- #!/usr/bin/env bun
2	- import "../src/cli.ts";

package/src/api.ts DELETED Viewed

@@ -1,81 +0,0 @@
-import { DEVIN_API_BASE } from "./config.js";
-import type { DigestResponse } from "./types.js";
-// ---------------------------------------------------------------------------
-// Error classes
-// ---------------------------------------------------------------------------
-export class AuthExpiredError extends Error {
-  constructor() {
-    super("Authentication expired. Re-authenticating...");
-    this.name = "AuthExpiredError";
-  }
-}
-export class ApiError extends Error {
-  constructor(
-    public readonly status: number,
-    public readonly body: string
-  ) {
-    super(`Devin API error ${status}: ${body}`);
-    this.name = "ApiError";
-  }
-}
-// ---------------------------------------------------------------------------
-// Generic request helper
-// ---------------------------------------------------------------------------
-async function apiRequest<T>(path: string, token: string): Promise<T> {
-  const url = `${DEVIN_API_BASE}/${path}`;
-  const res = await fetch(url, {
-    headers: {
-      Authorization: `Bearer ${token}`,
-      Accept: "application/json",
-    },
-  });
-  if (!res.ok) {
-    if (res.status === 401 || res.status === 403) {
-      throw new AuthExpiredError();
-    }
-    const body = await res.text().catch(() => "");
-    throw new ApiError(res.status, body);
-  }
-  return res.json() as Promise<T>;
-}
-// ---------------------------------------------------------------------------
-// Endpoints
-// ---------------------------------------------------------------------------
-export async function fetchDigest(
-  prPath: string,
-  token: string
-): Promise<DigestResponse> {
-  return apiRequest<DigestResponse>(
-    `pr-review/digest?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}
-export async function fetchPRInfo(
-  prPath: string,
-  token: string
-): Promise<Record<string, unknown>> {
-  return apiRequest<Record<string, unknown>>(
-    `pr-review/info?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}
-export async function fetchJobs(
-  prPath: string,
-  token: string
-): Promise<{ jobs: unknown[] }> {
-  return apiRequest<{ jobs: unknown[] }>(
-    `pr-review/jobs?pr_path=${encodeURIComponent(prPath)}`,
-    token
-  );
-}

package/src/auth.ts DELETED Viewed

@@ -1,360 +0,0 @@
-import { existsSync, mkdirSync, readFileSync, writeFileSync, unlinkSync } from "node:fs";
-import { dirname } from "node:path";
-import { createServer, type Server } from "node:http";
-import { execFile } from "node:child_process";
-import {
-  TOKEN_PATH,
-  DEVIN_APP_URL,
-  TOKEN_REFRESH_MARGIN_SEC,
-} from "./config.js";
-import type { CachedToken } from "./types.js";
-// ---------------------------------------------------------------------------
-// JWT helpers (no library — just decode the payload for `exp`)
-// ---------------------------------------------------------------------------
-function base64UrlDecode(str: string): string {
-  const padded = str.replace(/-/g, "+").replace(/_/g, "/");
-  return Buffer.from(padded, "base64").toString("utf-8");
-}
-function decodeTokenExpiry(jwt: string): number {
-  const parts = jwt.split(".");
-  if (parts.length !== 3) throw new Error("Invalid JWT format");
-  const payload = JSON.parse(base64UrlDecode(parts[1]!));
-  if (typeof payload.exp !== "number") throw new Error("JWT missing exp claim");
-  return payload.exp * 1000; // convert to epoch ms
-}
-// ---------------------------------------------------------------------------
-// Token cache (disk)
-// ---------------------------------------------------------------------------
-function ensureDir(dirPath: string): void {
-  if (!existsSync(dirPath)) {
-    mkdirSync(dirPath, { recursive: true });
-  }
-}
-function readCachedToken(): CachedToken | null {
-  try {
-    if (!existsSync(TOKEN_PATH)) return null;
-    const raw = readFileSync(TOKEN_PATH, "utf-8");
-    const parsed = JSON.parse(raw) as CachedToken;
-    if (!parsed.accessToken || !parsed.expiresAt) return null;
-    return parsed;
-  } catch {
-    return null;
-  }
-}
-function writeCachedToken(accessToken: string): CachedToken {
-  ensureDir(dirname(TOKEN_PATH));
-  const expiresAt = decodeTokenExpiry(accessToken);
-  const cached: CachedToken = {
-    accessToken,
-    obtainedAt: Date.now(),
-    expiresAt,
-  };
-  writeFileSync(TOKEN_PATH, JSON.stringify(cached, null, 2));
-  return cached;
-}
-function clearCachedToken(): void {
-  try {
-    if (existsSync(TOKEN_PATH)) unlinkSync(TOKEN_PATH);
-  } catch {
-    // ignore
-  }
-}
-function isTokenValid(cached: CachedToken): boolean {
-  return cached.expiresAt - Date.now() > TOKEN_REFRESH_MARGIN_SEC * 1000;
-}
-// ---------------------------------------------------------------------------
-// Open URL in system browser (safe — no shell interpolation)
-// ---------------------------------------------------------------------------
-function openBrowser(url: string): void {
-  const opener =
-    process.platform === "darwin"
-      ? { cmd: "open", args: [url] }
-      : process.platform === "win32"
-        ? { cmd: "cmd", args: ["/c", "start", "", url] }
-        : { cmd: "xdg-open", args: [url] };
-  execFile(opener.cmd, opener.args, (err) => {
-    if (err) {
-      console.error(`\x1b[33m▸ Could not open browser automatically.\x1b[0m`);
-      console.error(`  Open this URL manually: ${url}\n`);
-    }
-  });
-}
-// ---------------------------------------------------------------------------
-// Local callback server
-// ---------------------------------------------------------------------------
-/**
- * The capture page served at localhost. It instructs the user to:
- * 1. Log in to Devin in a new tab
- * 2. Paste a one-liner in the browser console that sends the token back
- *
- * This is the same pattern as many CLIs that can't do standard OAuth.
- * The one-liner calls __HACK__getAccessToken() on app.devin.ai and
- * POSTs the result to our localhost callback.
- */
-function buildCapturePage(port: number): string {
-  return `<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="utf-8">
-  <title>devin-bugs — Login</title>
-  <style>
-    * { margin: 0; padding: 0; box-sizing: border-box; }
-    body {
-      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
-      background: #141414; color: #e0e0e0;
-      display: flex; align-items: center; justify-content: center;
-      min-height: 100vh; padding: 2rem;
-    }
-    .card {
-      background: #1e1e1e; border: 1px solid #333; border-radius: 12px;
-      padding: 2.5rem; max-width: 560px; width: 100%;
-    }
-    h1 { font-size: 1.25rem; color: #fff; margin-bottom: 0.5rem; }
-    .subtitle { color: #888; font-size: 0.9rem; margin-bottom: 1.5rem; }
-    .step {
-      display: flex; gap: 0.75rem; margin-bottom: 1.25rem;
-      padding: 0.75rem; border-radius: 8px; background: #252525;
-    }
-    .step-num {
-      flex-shrink: 0; width: 24px; height: 24px; border-radius: 50%;
-      background: #3b82f6; color: #fff; font-size: 0.75rem; font-weight: 700;
-      display: flex; align-items: center; justify-content: center;
-    }
-    .step-text { font-size: 0.9rem; line-height: 1.5; }
-    .step-text a { color: #60a5fa; text-decoration: none; }
-    .step-text a:hover { text-decoration: underline; }
-    code {
-      background: #0d1117; color: #7ee787; padding: 0.5rem 0.75rem;
-      border-radius: 6px; display: block; font-size: 0.8rem;
-      margin-top: 0.5rem; cursor: pointer; border: 1px solid #333;
-      word-break: break-all; position: relative;
-    }
-    code:hover { border-color: #3b82f6; }
-    code::after {
-      content: 'click to copy'; position: absolute; right: 8px; top: 8px;
-      font-size: 0.65rem; color: #888; font-family: sans-serif;
-    }
-    .success {
-      display: none; padding: 1rem; border-radius: 8px;
-      background: #052e16; border: 1px solid #16a34a; text-align: center;
-    }
-    .success h2 { color: #4ade80; font-size: 1rem; }
-    .success p { color: #86efac; font-size: 0.85rem; margin-top: 0.5rem; }
-    .waiting {
-      text-align: center; padding: 1rem; color: #888;
-      font-size: 0.85rem; margin-top: 0.5rem;
-    }
-    .dot { animation: pulse 1.5s infinite; }
-    @keyframes pulse { 0%,100% { opacity: 0.3; } 50% { opacity: 1; } }
-  </style>
-</head>
-<body>
-  <div class="card">
-    <h1>devin-bugs</h1>
-    <p class="subtitle">Authenticate with Devin to extract PR review data</p>
-    <div id="steps">
-      <div class="step">
-        <div class="step-num">1</div>
-        <div class="step-text">
-          <a href="${DEVIN_APP_URL}" target="_blank" rel="noopener">
-            Open app.devin.ai</a> and log in with GitHub
-        </div>
-      </div>
-      <div class="step">
-        <div class="step-num">2</div>
-        <div class="step-text">
-          Open the browser console (<strong>F12</strong> → Console tab) and paste:
-          <code id="snippet" onclick="copySnippet()">fetch('http://localhost:${port}/callback',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({token:await __HACK__getAccessToken()})}).then(()=>document.title='✓ Token sent!')</code>
-        </div>
-      </div>
-      <div class="waiting">
-        Waiting for token<span class="dot">...</span>
-      </div>
-    </div>
-    <div class="success" id="success">
-      <h2>✓ Authentication successful!</h2>
-      <p>You can close this tab and return to your terminal.</p>
-    </div>
-  </div>
-  <script>
-    function copySnippet() {
-      navigator.clipboard.writeText(document.getElementById('snippet').textContent);
-      const el = document.getElementById('snippet');
-      el.style.borderColor = '#4ade80';
-      setTimeout(() => el.style.borderColor = '#333', 1500);
-    }
-    // Poll the local server to check if token was received
-    async function poll() {
-      try {
-        const res = await fetch('/status');
-        const data = await res.json();
-        if (data.received) {
-          document.getElementById('steps').style.display = 'none';
-          document.getElementById('success').style.display = 'block';
-          return;
-        }
-      } catch {}
-      setTimeout(poll, 1500);
-    }
-    poll();
-  </script>
-</body>
-</html>`;
-}
-/**
- * Start a local HTTP server that:
- * - Serves the capture page at /
- * - Receives the token at POST /callback (from the console one-liner)
- * - Reports status at GET /status (for the page to poll)
- */
-function startCallbackServer(): Promise<{ token: string; server: Server }> {
-  return new Promise((resolve, reject) => {
-    let receivedToken: string | null = null;
-    const server = createServer((req, res) => {
-      // CORS headers for cross-origin fetch from app.devin.ai
-      res.setHeader("Access-Control-Allow-Origin", "*");
-      res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
-      res.setHeader("Access-Control-Allow-Headers", "Content-Type");
-      if (req.method === "OPTIONS") {
-        res.writeHead(204);
-        res.end();
-        return;
-      }
-      if (req.method === "GET" && req.url === "/status") {
-        res.writeHead(200, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ received: receivedToken !== null }));
-        return;
-      }
-      if (req.method === "POST" && req.url === "/callback") {
-        let body = "";
-        req.on("data", (chunk: Buffer) => (body += chunk.toString()));
-        req.on("end", () => {
-          try {
-            const data = JSON.parse(body) as { token?: string };
-            if (typeof data.token === "string" && data.token.length > 20) {
-              receivedToken = data.token;
-              res.writeHead(200, { "Content-Type": "application/json" });
-              res.end(JSON.stringify({ ok: true }));
-              // Resolve after a short delay to let the page poll /status
-              setTimeout(() => {
-                server.close();
-                resolve({ token: receivedToken!, server });
-              }, 500);
-              return;
-            }
-          } catch {}
-          res.writeHead(400, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ error: "Invalid token" }));
-        });
-        return;
-      }
-      // Serve the capture page
-      if (req.method === "GET" && (req.url === "/" || req.url === "/login")) {
-        const port = (server.address() as { port: number }).port;
-        res.writeHead(200, { "Content-Type": "text/html" });
-        res.end(buildCapturePage(port));
-        return;
-      }
-      res.writeHead(404);
-      res.end("Not found");
-    });
-    server.listen(0, "127.0.0.1", () => {
-      const addr = server.address() as { port: number };
-      const port = addr.port;
-      console.error(`\x1b[33m▸ Opening browser for Devin login...\x1b[0m`);
-      console.error(`  Local server: http://localhost:${port}\n`);
-      openBrowser(`http://localhost:${port}`);
-      // Timeout after 5 minutes
-      setTimeout(() => {
-        if (!receivedToken) {
-          server.close();
-          reject(new Error("Login timed out after 5 minutes."));
-        }
-      }, 5 * 60 * 1000);
-    });
-    server.on("error", reject);
-  });
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export interface GetTokenOptions {
-  noCache?: boolean;
-}
-/**
- * Get a valid Devin API auth token. Strategy:
- * 1. DEVIN_TOKEN env var (for CI/scripts)
- * 2. Cached token from disk (if not expired)
- * 3. Interactive login via system browser + localhost callback
- */
-export async function getToken(opts?: GetTokenOptions): Promise<string> {
-  // 1. Environment variable override
-  const envToken = process.env["DEVIN_TOKEN"];
-  if (envToken && envToken.length > 0) {
-    return envToken;
-  }
-  // 2. Cached token
-  if (!opts?.noCache) {
-    const cached = readCachedToken();
-    if (cached && isTokenValid(cached)) {
-      return cached.accessToken;
-    }
-  }
-  // 3. Interactive login via browser
-  const { token } = await startCallbackServer();
-  console.error("\x1b[32m✓ Authentication successful!\x1b[0m\n");
-  writeCachedToken(token);
-  return token;
-}
-/** Force re-authentication by clearing cache and launching browser */
-export async function forceReauth(): Promise<string> {
-  clearCachedToken();
-  const { token } = await startCallbackServer();
-  console.error("\x1b[32m✓ Authentication successful!\x1b[0m\n");
-  writeCachedToken(token);
-  return token;
-}
-/** Clear stored credentials */
-export function clearAuth(): void {
-  clearCachedToken();
-  console.error("Cleared cached token.");
-}

package/src/cli.ts DELETED Viewed

@@ -1,195 +0,0 @@
-#!/usr/bin/env bun
-import { parseArgs } from "node:util";
-import { parsePR } from "./parse-pr.js";
-import { getToken, forceReauth } from "./auth.js";
-import { fetchDigest, AuthExpiredError, ApiError } from "./api.js";
-import { extractFlags } from "./filter.js";
-import { formatTerminal, formatJSON } from "./format.js";
-// ---------------------------------------------------------------------------
-// CLI argument parsing
-// ---------------------------------------------------------------------------
-const HELP = `
-  \x1b[1mdevin-bugs\x1b[0m — Extract unresolved bugs from Devin AI code reviews
-  \x1b[1mUsage:\x1b[0m
-    devin-bugs <pr> [options]
-  \x1b[1mArguments:\x1b[0m
-    pr              GitHub PR URL or shorthand
-                    Examples: owner/repo#123
-                              https://github.com/owner/repo/pull/123
-                              https://app.devin.ai/review/owner/repo/pull/123
-  \x1b[1mOptions:\x1b[0m
-    --json          Output as JSON (for piping)
-    --all           Include analysis/suggestions, not just bugs
-    --raw           Dump raw API response (debug)
-    --no-cache      Force re-authentication
-    --login         Just authenticate, don't fetch anything
-    --logout        Clear stored credentials
-    --help, -h      Show this help
-    --version, -v   Show version
-  \x1b[1mEnvironment:\x1b[0m
-    DEVIN_TOKEN     Skip browser auth, use this token directly
-  \x1b[1mExamples:\x1b[0m
-    devin-bugs owner/repo#46
-    devin-bugs owner/repo#46 --json
-    devin-bugs owner/repo#46 --all --raw
-    DEVIN_TOKEN=xxx devin-bugs owner/repo#46
-`;
-function printHelp(): void {
-  console.log(HELP);
-}
-function printVersion(): void {
-  console.log("devin-bugs 0.1.0");
-}
-// ---------------------------------------------------------------------------
-// Main
-// ---------------------------------------------------------------------------
-async function main(): Promise<void> {
-  let parsed;
-  try {
-    parsed = parseArgs({
-      allowPositionals: true,
-      options: {
-        json: { type: "boolean", default: false },
-        all: { type: "boolean", default: false },
-        raw: { type: "boolean", default: false },
-        "no-cache": { type: "boolean", default: false },
-        login: { type: "boolean", default: false },
-        logout: { type: "boolean", default: false },
-        help: { type: "boolean", short: "h", default: false },
-        version: { type: "boolean", short: "v", default: false },
-      },
-    });
-  } catch (err: any) {
-    console.error(`\x1b[31mError:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  const { values, positionals } = parsed;
-  if (values.help) {
-    printHelp();
-    return;
-  }
-  if (values.version) {
-    printVersion();
-    return;
-  }
-  // --logout: clear credentials and exit
-  if (values.logout) {
-    const { clearAuth } = await import("./auth.js");
-    clearAuth();
-    return;
-  }
-  // --login: just authenticate and exit
-  if (values.login) {
-    const token = await getToken({ noCache: values["no-cache"] });
-    console.error("\x1b[32m✓ Authenticated successfully.\x1b[0m");
-    console.error(`  Token cached for future use.\n`);
-    // Show token expiry
-    try {
-      const payload = JSON.parse(
-        Buffer.from(token.split(".")[1]!, "base64url").toString()
-      );
-      const exp = new Date(payload.exp * 1000);
-      console.error(`  Expires: ${exp.toLocaleString()}`);
-    } catch {
-      // ignore
-    }
-    return;
-  }
-  // Require a PR argument
-  if (positionals.length === 0) {
-    console.error("\x1b[31mError:\x1b[0m Missing PR argument.\n");
-    printHelp();
-    process.exit(1);
-  }
-  const prInput = positionals[0]!;
-  let pr;
-  try {
-    pr = parsePR(prInput);
-  } catch (err: any) {
-    console.error(`\x1b[31mError:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  // Get auth token
-  let token: string;
-  try {
-    token = await getToken({ noCache: values["no-cache"] });
-  } catch (err: any) {
-    console.error(`\x1b[31mAuth error:\x1b[0m ${err.message}`);
-    process.exit(1);
-  }
-  // Fetch digest (with one retry on auth failure)
-  let digest;
-  try {
-    digest = await fetchDigest(pr.prPath, token);
-  } catch (err) {
-    if (err instanceof AuthExpiredError) {
-      // Re-authenticate and retry
-      console.error("\x1b[33m▸ Token expired, re-authenticating...\x1b[0m");
-      try {
-        token = await forceReauth();
-        digest = await fetchDigest(pr.prPath, token);
-      } catch (retryErr: any) {
-        console.error(`\x1b[31mError:\x1b[0m ${retryErr.message}`);
-        process.exit(1);
-      }
-    } else if (err instanceof ApiError) {
-      if (err.status === 404) {
-        console.error(
-          `\x1b[31mError:\x1b[0m PR not found or no Devin review exists for ${pr.owner}/${pr.repo}#${pr.number}`
-        );
-      } else {
-        console.error(`\x1b[31mAPI error ${err.status}:\x1b[0m ${err.body}`);
-      }
-      process.exit(1);
-    } else {
-      throw err;
-    }
-  }
-  // --raw: dump full response
-  if (values.raw) {
-    console.log(JSON.stringify(digest, null, 2));
-    return;
-  }
-  // Extract and filter flags
-  const flags = extractFlags(digest!, {
-    includeAnalysis: values.all,
-  });
-  // Output
-  if (values.json) {
-    console.log(formatJSON(flags));
-  } else {
-    console.log(formatTerminal(flags, pr));
-  }
-}
-// ---------------------------------------------------------------------------
-// Run
-// ---------------------------------------------------------------------------
-main().catch((err) => {
-  console.error(`\x1b[31mFatal error:\x1b[0m ${err.message ?? err}`);
-  process.exit(1);
-});

package/src/config.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import { homedir } from "node:os";
-import { join } from "node:path";
-export const DEVIN_API_BASE = "https://app.devin.ai/api";
-export const DEVIN_APP_URL = "https://app.devin.ai";
-export const DEVIN_LOGIN_URL = "https://app.devin.ai/auth/login";
-export const CONFIG_DIR = join(homedir(), ".config", "devin-bugs");
-export const CACHE_DIR = join(homedir(), ".cache", "devin-bugs");
-export const TOKEN_PATH = join(CONFIG_DIR, "token.json");
-export const BROWSER_DATA_DIR = join(CACHE_DIR, "browser-profile");
-/** Refresh token if less than this many seconds until expiry */
-export const TOKEN_REFRESH_MARGIN_SEC = 300;

package/src/filter.ts DELETED Viewed

@@ -1,183 +0,0 @@
-import type { DigestResponse, ReviewThread, ReviewComment, LifeguardFlag } from "./types.js";
-// ---------------------------------------------------------------------------
-// Parse hidden_header: <!-- devin-review-comment {JSON} -->
-// ---------------------------------------------------------------------------
-interface HiddenHeaderData {
-  id: string;
-  file_path: string;
-  start_line: number;
-  end_line: number;
-  side: "LEFT" | "RIGHT";
-}
-function parseHiddenHeader(header: string | null | undefined): HiddenHeaderData | null {
-  if (!header) return null;
-  // Format: <!-- devin-review-comment {"id":"...","file_path":"...","start_line":N,...} -->
-  const match = header.match(/<!--\s*devin-review-comment\s*(\{.+\})\s*-->/);
-  if (!match?.[1]) return null;
-  try {
-    const data = JSON.parse(match[1]) as Record<string, unknown>;
-    return {
-      id: String(data.id ?? ""),
-      file_path: String(data.file_path ?? ""),
-      start_line: typeof data.start_line === "number" ? data.start_line : 0,
-      end_line: typeof data.end_line === "number" ? data.end_line : 0,
-      side: data.side === "LEFT" ? "LEFT" : "RIGHT",
-    };
-  } catch {
-    return null;
-  }
-}
-// ---------------------------------------------------------------------------
-// Parse bug body: emoji severity + bold title + description
-// ---------------------------------------------------------------------------
-function parseSeverity(body: string): string {
-  if (body.startsWith("🔴")) return "severe";
-  if (body.startsWith("🟡")) return "warning";
-  if (body.startsWith("🟢")) return "info";
-  return "info";
-}
-function parseTitle(body: string): string {
-  const match = body.match(/\*\*(.+?)\*\*/);
-  return match?.[1]?.trim() ?? body.split("\n")[0]?.slice(0, 120).trim() ?? "";
-}
-function parseDescription(body: string): string {
-  // Everything after the first line (title line)
-  const lines = body.split("\n");
-  return lines
-    .slice(1)
-    .join("\n")
-    .trim();
-}
-function parseRecommendation(body: string): string {
-  // Look for "Recommendation:" or "Fix:" or "→" sections
-  const match = body.match(/(?:recommendation|suggested fix|fix):\s*(.+?)(?:\n\n|\n#+|\n🔴|\n🟡|$)/is);
-  return match?.[1]?.trim() ?? "";
-}
-// ---------------------------------------------------------------------------
-// Determine flag type from the comment body/id
-// ---------------------------------------------------------------------------
-function determineType(id: string, body: string): LifeguardFlag["type"] {
-  if (id.startsWith("BUG_")) return "lifeguard-bug";
-  if (id.startsWith("ANALYSIS_") || id.startsWith("INFO_")) return "lifeguard-analysis";
-  // Fallback: check body for bug indicators
-  const lower = body.toLowerCase();
-  if (
-    lower.includes("potential bug") ||
-    lower.includes("🔴") ||
-    lower.includes("bug:") ||
-    lower.includes("race condition") ||
-    lower.includes("vulnerability") ||
-    lower.includes("double-charge") ||
-    lower.includes("sql injection")
-  ) {
-    return "lifeguard-bug";
-  }
-  return "lifeguard-analysis";
-}
-// ---------------------------------------------------------------------------
-// Extract a LifeguardFlag from a Devin review thread
-// ---------------------------------------------------------------------------
-function extractFlag(
-  thread: ReviewThread,
-  comment: ReviewComment
-): LifeguardFlag | null {
-  const header = parseHiddenHeader(comment.hidden_header);
-  const body = comment.body ?? "";
-  if (!body && !header) return null;
-  const id = header?.id ?? String(comment.devin_review_id ?? "");
-  const type = determineType(id, body);
-  return {
-    filePath: header?.file_path ?? "",
-    startLine: header?.start_line ?? null,
-    endLine: header?.end_line ?? null,
-    side: header?.side ?? "RIGHT",
-    title: parseTitle(body),
-    description: parseDescription(body),
-    severity: parseSeverity(body),
-    recommendation: parseRecommendation(body),
-    needsInvestigation: body.toLowerCase().includes("needs investigation"),
-    type,
-    isResolved: thread.is_resolved,
-    isOutdated: thread.is_outdated,
-    htmlUrl: comment.html_url ?? null,
-  };
-}
-// ---------------------------------------------------------------------------
-// Identify Devin review comments
-// ---------------------------------------------------------------------------
-function isDevinComment(comment: ReviewComment): boolean {
-  return (
-    comment.devin_review_id != null ||
-    comment.hidden_header?.includes("devin-review-comment") === true ||
-    comment.author?.login === "devin-ai-integration" ||
-    comment.author?.login === "devin-ai-integration[bot]" ||
-    comment.author?.login === "devin-ai[bot]"
-  );
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-export interface FilterOptions {
-  /** Include lifeguard-analysis items, not just bugs */
-  includeAnalysis?: boolean;
-  /** Include resolved items */
-  includeResolved?: boolean;
-  /** Include outdated items */
-  includeOutdated?: boolean;
-}
-/**
- * Extract all LifeguardFlags from a digest response.
- * Default: only unresolved, non-outdated bugs.
- */
-export function extractFlags(
-  digest: DigestResponse,
-  opts?: FilterOptions
-): LifeguardFlag[] {
-  const flags: LifeguardFlag[] = [];
-  for (const thread of digest.review_threads) {
-    // Apply thread-level filters
-    if (!opts?.includeResolved && thread.is_resolved) continue;
-    if (!opts?.includeOutdated && thread.is_outdated) continue;
-    // Extract from first Devin comment in the thread
-    for (const comment of thread.comments) {
-      if (!isDevinComment(comment)) continue;
-      const flag = extractFlag(thread, comment);
-      if (flag) {
-        flags.push(flag);
-        break; // One flag per thread
-      }
-    }
-  }
-  // Filter by type
-  if (!opts?.includeAnalysis) {
-    return flags.filter((f) => f.type === "lifeguard-bug");
-  }
-  return flags;
-}

package/src/format.ts DELETED Viewed

@@ -1,162 +0,0 @@
-import type { LifeguardFlag, ParsedPR } from "./types.js";
-// ---------------------------------------------------------------------------
-// ANSI color helpers (no dependency)
-// ---------------------------------------------------------------------------
-const c = {
-  reset: "\x1b[0m",
-  bold: "\x1b[1m",
-  dim: "\x1b[2m",
-  red: "\x1b[31m",
-  green: "\x1b[32m",
-  yellow: "\x1b[33m",
-  cyan: "\x1b[36m",
-  white: "\x1b[37m",
-  bgRed: "\x1b[41m",
-  bgYellow: "\x1b[43m",
-  bgBlue: "\x1b[44m",
-};
-function severityColor(severity: string): string {
-  switch (severity.toLowerCase()) {
-    case "severe":
-    case "critical":
-      return c.red;
-    case "warning":
-      return c.yellow;
-    default:
-      return c.cyan;
-  }
-}
-function severityBadge(severity: string): string {
-  const upper = severity.toUpperCase();
-  switch (severity.toLowerCase()) {
-    case "severe":
-    case "critical":
-      return `${c.bgRed}${c.white}${c.bold} ${upper} ${c.reset}`;
-    case "warning":
-      return `${c.bgYellow}${c.bold} ${upper} ${c.reset}`;
-    default:
-      return `${c.bgBlue}${c.white} ${upper} ${c.reset}`;
-  }
-}
-function typeBadge(type: LifeguardFlag["type"]): string {
-  if (type === "lifeguard-bug") {
-    return `${c.red}${c.bold}BUG${c.reset}`;
-  }
-  return `${c.cyan}${c.bold}INFO${c.reset}`;
-}
-// ---------------------------------------------------------------------------
-// Terminal formatter
-// ---------------------------------------------------------------------------
-function formatLocation(flag: LifeguardFlag): string {
-  if (!flag.filePath) return "";
-  const file = `${c.cyan}${flag.filePath}${c.reset}`;
-  if (flag.startLine == null) return file;
-  const line =
-    flag.endLine != null && flag.endLine !== flag.startLine
-      ? `${c.dim}:${flag.startLine}-${flag.endLine}${c.reset}`
-      : `${c.dim}:${flag.startLine}${c.reset}`;
-  return `${file}${line}`;
-}
-function wrapText(text: string, indent: number, maxWidth: number): string {
-  const pad = " ".repeat(indent);
-  const words = text.split(/\s+/);
-  const lines: string[] = [];
-  let current = "";
-  for (const word of words) {
-    if (current.length + word.length + 1 > maxWidth - indent) {
-      lines.push(pad + current);
-      current = word;
-    } else {
-      current = current ? `${current} ${word}` : word;
-    }
-  }
-  if (current) lines.push(pad + current);
-  return lines.join("\n");
-}
-export function formatTerminal(flags: LifeguardFlag[], pr: ParsedPR): string {
-  const lines: string[] = [];
-  // Header
-  const bugCount = flags.filter((f) => f.type === "lifeguard-bug").length;
-  const analysisCount = flags.filter((f) => f.type === "lifeguard-analysis").length;
-  const parts: string[] = [];
-  if (bugCount > 0) parts.push(`${c.red}${c.bold}${bugCount} bug${bugCount === 1 ? "" : "s"}${c.reset}`);
-  if (analysisCount > 0) parts.push(`${c.cyan}${analysisCount} suggestion${analysisCount === 1 ? "" : "s"}${c.reset}`);
-  if (parts.length === 0) {
-    lines.push(`\n  ${c.green}${c.bold}No unresolved bugs${c.reset} in ${c.dim}${pr.owner}/${pr.repo}#${pr.number}${c.reset}\n`);
-    return lines.join("\n");
-  }
-  lines.push(
-    `\n  ${parts.join(", ")} in ${c.dim}${pr.owner}/${pr.repo}#${pr.number}${c.reset}\n`
-  );
-  // Each flag
-  for (const flag of flags) {
-    const badge = typeBadge(flag.type);
-    const location = formatLocation(flag);
-    const sev = severityBadge(flag.severity);
-    lines.push(`  ${badge}  ${location}  ${sev}`);
-    if (flag.title) {
-      lines.push(`  ${c.bold}${c.white}${flag.title}${c.reset}`);
-    }
-    // Show description (first paragraph, stripped of markdown/HTML noise)
-    if (flag.description && flag.description !== flag.title) {
-      const desc = flag.description
-        .replace(/<details>[\s\S]*?<\/details>/g, "") // remove <details> blocks
-        .replace(/<!--[\s\S]*?-->/g, "") // remove HTML comments
-        .replace(/^\[.*?\]\(.*?\)$/gm, "") // remove markdown links on own line
-        .replace(/<a[\s\S]*?<\/a>/g, "") // remove <a> tags
-        .replace(/<picture>[\s\S]*?<\/picture>/g, "") // remove <picture> tags
-        .replace(/<img[^>]*>/g, "") // remove <img> tags
-        .replace(/^---\s*$/gm, "") // remove horizontal rules
-        .replace(/^\*Was this helpful\?.*$/gm, "") // remove feedback prompt
-        .replace(/^#+\s*.+$/gm, "") // remove headings
-        .replace(/\*\*(.+?)\*\*/g, "$1") // remove bold markers
-        .replace(/`([^`]+)`/g, "$1") // remove inline code markers
-        .trim()
-        .split("\n\n")[0]! // first paragraph only
-        .split("\n")
-        .filter((l) => l.trim())
-        .join(" ")
-        .trim();
-      if (desc) {
-        lines.push(wrapText(`${c.dim}${desc}${c.reset}`, 2, 100));
-      }
-    }
-    if (flag.recommendation) {
-      lines.push(
-        `  ${c.green}→ ${flag.recommendation}${c.reset}`
-      );
-    }
-    lines.push(""); // blank line between flags
-  }
-  return lines.join("\n");
-}
-// ---------------------------------------------------------------------------
-// JSON formatter
-// ---------------------------------------------------------------------------
-export function formatJSON(flags: LifeguardFlag[]): string {
-  return JSON.stringify(flags, null, 2);
-}

package/src/parse-pr.ts DELETED Viewed

@@ -1,33 +0,0 @@
-import type { ParsedPR } from "./types.js";
-const GITHUB_URL_RE =
-  /(?:https?:\/\/)?github\.com\/([^/]+)\/([^/]+)\/pull\/(\d+)/;
-const SHORTHAND_RE = /^([^/#]+)\/([^/#]+)#(\d+)$/;
-const PATH_RE = /^([^/#]+)\/([^/#]+)\/pull\/(\d+)$/;
-/** Also accept Devin review URLs: app.devin.ai/review/owner/repo/pull/123 */
-const DEVIN_URL_RE =
-  /(?:https?:\/\/)?app\.devin\.ai\/review\/([^/]+)\/([^/]+)\/pull\/(\d+)/;
-export function parsePR(input: string): ParsedPR {
-  const match =
-    input.match(GITHUB_URL_RE) ??
-    input.match(DEVIN_URL_RE) ??
-    input.match(SHORTHAND_RE) ??
-    input.match(PATH_RE);
-  if (!match) {
-    throw new Error(
-      `Invalid PR reference: ${input}\n` +
-        `Expected: owner/repo#123 or https://github.com/owner/repo/pull/123`
-    );
-  }
-  const [, owner, repo, num] = match;
-  return {
-    owner: owner!,
-    repo: repo!,
-    number: parseInt(num!, 10),
-    prPath: `github.com/${owner}/${repo}/pull/${num}`,
-  };
-}

package/src/types.ts DELETED Viewed

@@ -1,106 +0,0 @@
-// ---------------------------------------------------------------------------
-// PR reference
-// ---------------------------------------------------------------------------
-export interface ParsedPR {
-  owner: string;
-  repo: string;
-  number: number;
-  /** e.g. "github.com/owner/repo/pull/123" */
-  prPath: string;
-}
-// ---------------------------------------------------------------------------
-// Cached auth token
-// ---------------------------------------------------------------------------
-export interface CachedToken {
-  accessToken: string;
-  /** epoch ms when token was obtained */
-  obtainedAt: number;
-  /** epoch ms when token expires (from JWT `exp` claim) */
-  expiresAt: number;
-}
-// ---------------------------------------------------------------------------
-// Devin Digest API response (partial — fields we care about)
-// ---------------------------------------------------------------------------
-export interface DigestResponse {
-  id: number;
-  title: string;
-  state: string;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  head_ref: string;
-  base_ref: string;
-  additions: number;
-  deletions: number;
-  review_threads: ReviewThread[];
-  comments: ReviewComment[];
-  reviews: Review[];
-  checks: Check[];
-  [key: string]: unknown;
-}
-export interface ReviewThread {
-  is_resolved: boolean;
-  is_outdated: boolean;
-  resolved_by?: { login: string; avatar_url?: string } | null;
-  comments: ReviewComment[];
-}
-export interface ReviewComment {
-  id: number | string;
-  body: string;
-  body_html?: string;
-  /** Non-null means this is a Devin review comment */
-  devin_review_id?: string | null;
-  /** Structured metadata header hidden from display */
-  hidden_header?: string | null;
-  html_url?: string | null;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  pull_request_review?: { id: number; state: string } | null;
-  reaction_groups?: unknown[];
-  [key: string]: unknown;
-}
-export interface Review {
-  id: number;
-  body: string;
-  body_html?: string;
-  state: string;
-  author?: { login: string; avatar_url?: string; is_bot?: boolean };
-  devin_review_id?: string | null;
-  [key: string]: unknown;
-}
-export interface Check {
-  id: string;
-  name: string;
-  status: string;
-  conclusion: string | null;
-  workflow_name?: string;
-  is_required?: boolean;
-}
-// ---------------------------------------------------------------------------
-// Extracted bug/flag
-// ---------------------------------------------------------------------------
-export interface LifeguardFlag {
-  filePath: string;
-  startLine: number | null;
-  endLine: number | null;
-  side: "LEFT" | "RIGHT";
-  title: string;
-  description: string;
-  severity: string;
-  recommendation: string;
-  needsInvestigation: boolean;
-  type: "lifeguard-bug" | "lifeguard-analysis";
-  /** Source thread resolution status */
-  isResolved: boolean;
-  isOutdated: boolean;
-  /** URL to the comment on GitHub */
-  htmlUrl: string | null;
-}