dual-brain 0.2.3 → 0.2.5

package/src/profile.mjs

@@ -151,9 +151,9 @@ async function detectCapabilities(cwd) {
   if (process.env.CLAUDE_CODE) {
     claudeAvailable = true;
     claudeSource = 'claude-code';
-  } else if (process.env.ANTHROPIC_API_KEY) {
+  } else if (process.env.ANTHROPIC_API_KEY?.length > 0) {
     claudeAvailable = true;
-    claudeSource = 'env-key';
+    claudeSource = 'api-key';
   } else {
     // Check for ~/.claude directory (Claude Code installation)
     const claudeDir = join(homedir(), '.claude');
@@ -164,9 +164,8 @@ async function detectCapabilities(cwd) {
     }
   }
 
-  // --- OpenAI: check for OPENAI_API_KEY (metered billing) ---
-  const openaiKey = process.env.OPENAI_API_KEY;
-  const openaiAvailable = !!(openaiKey && openaiKey.length > 0);
+  // --- OpenAI: check for OPENAI_API_KEY presence (metered billing) ---
+  const openaiAvailable = !!process.env.OPENAI_API_KEY?.length;
 
   // --- Codex: check if 'codex' is in PATH ---
   let codexAvailable = false;
@@ -201,9 +200,9 @@ async function detectCapabilities(cwd) {
       source: claudeSource,
     },
     openai: {
-      available: openaiAvailable,
-      source: openaiAvailable ? 'env-key' : null,
-      metered: openaiAvailable, // API key = metered billing
+      available: openaiAvailable || codexAvailable,
+      source: openaiAvailable ? 'api-key' : codexAvailable ? 'codex-cli' : null,
+      metered: openaiAvailable && !codexAvailable,
     },
     codex: {
       available: codexAvailable,
@@ -252,7 +251,7 @@ function getOnboardingMessage(capabilities, workStyle = 'balanced') {
   const lines = [];
   if (found.length === 0) {
     lines.push('No providers detected');
-    lines.push('  Set ANTHROPIC_API_KEY or install Claude Code to get started');
+    lines.push('  Run: claude login   or install Claude Code to get started');
     return lines.join('\n');
   }
 
@@ -261,7 +260,7 @@ function getOnboardingMessage(capabilities, workStyle = 'balanced') {
 
   // Tip: suggest OpenAI if only Claude is available
   if (capabilities?.claude?.available && !capabilities?.openai?.available && !capabilities?.codex?.available) {
-    lines.push('  Tip: Add OPENAI_API_KEY for dual-brain collaboration');
+    lines.push('  Tip: Run codex login for dual-brain collaboration');
   }
 
   // Warn about metered billing
@@ -814,6 +813,223 @@ function listSubscriptions(cwd) {
   return profile.providers || {};
 }
 
+// ---------------------------------------------------------------------------
+// Credential Registry
+// ---------------------------------------------------------------------------
+
+const credentialsPath = (cwd) => join(cwd || process.cwd(), '.dualbrain', 'credentials.json');
+
+function defaultCredentials() {
+  return { version: 1, credentials: [] };
+}
+
+export function loadCredentials(cwd = process.cwd()) {
+  try {
+    const p = credentialsPath(cwd);
+    if (!existsSync(p)) return defaultCredentials();
+    return JSON.parse(readFileSync(p, 'utf8'));
+  } catch {
+    return defaultCredentials();
+  }
+}
+
+export function saveCredentials(data, cwd = process.cwd()) {
+  try {
+    const p = credentialsPath(cwd);
+    const dir = p.slice(0, p.lastIndexOf('/'));
+    if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+    // Ensure no raw secret values are stored
+    const safe = {
+      ...data,
+      credentials: (data.credentials || []).map(c => {
+        const clean = { ...c };
+        delete clean.secret;
+        delete clean.token;
+        delete clean.api_key;
+        delete clean.password;
+        return clean;
+      }),
+    };
+    const tmp = p + '.tmp.' + process.pid;
+    writeFileSync(tmp, JSON.stringify(safe, null, 2) + '\n');
+    renameSync(tmp, p);
+    return p;
+  } catch { /* non-fatal */ }
+}
+
+export function addCredential(cred, cwd = process.cwd()) {
+  const required = ['id', 'provider', 'auth_type', 'source'];
+  for (const f of required) {
+    if (!cred[f]) throw new Error(`addCredential: missing required field '${f}'`);
+  }
+  const data = loadCredentials(cwd);
+  const idx = data.credentials.findIndex(c => c.id === cred.id);
+  const entry = {
+    id: cred.id,
+    provider: cred.provider,
+    auth_type: cred.auth_type,
+    source: cred.source,
+    owner: cred.owner || 'user',
+    scope: cred.scope || 'local',
+    plan_hint: cred.plan_hint || null,
+    enabled: cred.enabled !== false,
+    health: cred.health || 'unknown',
+    last_checked_at: cred.last_checked_at || null,
+  };
+  if (idx >= 0) data.credentials[idx] = entry;
+  else data.credentials.push(entry);
+  saveCredentials(data, cwd);
+  return entry;
+}
+
+export function removeCredential(id, cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  data.credentials = data.credentials.filter(c => c.id !== id);
+  saveCredentials(data, cwd);
+}
+
+export function getHealthyCredentials(provider = null, cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  return data.credentials.filter(c =>
+    c.enabled !== false &&
+    c.health !== 'unhealthy' &&
+    (provider === null || c.provider === provider)
+  );
+}
+
+export async function checkCredentialHealth(cred, cwd = process.cwd()) {
+  let health = 'unknown';
+  try {
+    if (cred.auth_type === 'cli_oauth') {
+      try { execSync('claude --version', { stdio: 'pipe', timeout: 3000 }); } catch { return { ...cred, health: 'unhealthy', last_checked_at: new Date().toISOString() }; }
+      try {
+        const { getAuthStatus } = await import('./replit.mjs');
+        const status = getAuthStatus(cwd);
+        health = (status.available && status.tokenStatus !== 'expired') ? 'healthy' : 'degraded';
+      } catch {
+        health = 'healthy'; // cli works, auth check unavailable
+      }
+    } else if (cred.auth_type === 'api_key') {
+      if (cred.source === 'replit_secret') {
+        try {
+          const { hasSecret } = await import('./replit.mjs');
+          health = hasSecret(cred.env_var || cred.id.toUpperCase().replace(/-/g, '_')) ? 'healthy' : 'unhealthy';
+        } catch { health = 'unknown'; }
+      } else {
+        // env source
+        const varName = cred.env_var || cred.id.toUpperCase().replace(/-/g, '_');
+        health = (process.env[varName] && process.env[varName].length > 0) ? 'healthy' : 'unhealthy';
+      }
+    }
+  } catch { health = 'unknown'; }
+  return { ...cred, health, last_checked_at: new Date().toISOString() };
+}
+
+export async function detectCredentials(cwd = process.cwd()) {
+  const found = [];
+
+  // Claude CLI / oauth
+  const claudeDir       = join(homedir(), '.claude');
+  const replitClaudeDir = join(cwd, '.replit-tools', '.claude-persistent');
+  const claudeAvail = process.env.CLAUDE_CODE || existsSync(claudeDir) || existsSync(replitClaudeDir);
+  if (claudeAvail) {
+    let health = 'unknown';
+    try { execSync('claude --version', { stdio: 'pipe', timeout: 3000 }); health = 'healthy'; } catch { health = 'degraded'; }
+    found.push({
+      id: 'claude-local-user',
+      provider: 'claude',
+      auth_type: 'cli_oauth',
+      source: 'local_cli',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health,
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+
+  // ANTHROPIC_API_KEY
+  if (process.env.ANTHROPIC_API_KEY) {
+    found.push({
+      id: 'anthropic-api-key',
+      provider: 'claude',
+      auth_type: 'api_key',
+      source: 'env',
+      env_var: 'ANTHROPIC_API_KEY',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health: 'healthy',
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+
+  // OPENAI_API_KEY (env)
+  if (process.env.OPENAI_API_KEY) {
+    found.push({
+      id: 'openai-api-key',
+      provider: 'openai',
+      auth_type: 'api_key',
+      source: 'env',
+      env_var: 'OPENAI_API_KEY',
+      owner: 'user',
+      scope: 'local',
+      plan_hint: null,
+      enabled: true,
+      health: 'healthy',
+      last_checked_at: new Date().toISOString(),
+    });
+  }
+
+  // Replit secrets
+  try {
+    const { hasSecret } = await import('./replit.mjs');
+    const secretsToCheck = ['OPENAI_API_KEY', 'ANTHROPIC_API_KEY'];
+    for (const name of secretsToCheck) {
+      if (!process.env[name] && hasSecret(name)) {
+        const provider = name.startsWith('OPENAI') ? 'openai' : 'claude';
+        const id = name.toLowerCase().replace(/_/g, '-') + '-replit';
+        found.push({
+          id,
+          provider,
+          auth_type: 'api_key',
+          source: 'replit_secret',
+          env_var: name,
+          owner: 'user',
+          scope: 'workspace',
+          plan_hint: null,
+          enabled: true,
+          health: 'healthy',
+          last_checked_at: new Date().toISOString(),
+        });
+      }
+    }
+  } catch { /* replit.mjs unavailable */ }
+
+  return found;
+}
+
+export function getCredentialSummary(cwd = process.cwd()) {
+  const data = loadCredentials(cwd);
+  const creds = data.credentials || [];
+  const byProvider = { claude: 0, openai: 0 };
+  let healthy = 0, degraded = 0;
+  for (const c of creds) {
+    if (c.enabled === false) continue;
+    if (byProvider[c.provider] !== undefined) byProvider[c.provider]++;
+    if (c.health === 'healthy') healthy++;
+    else if (c.health === 'degraded' || c.health === 'unknown') degraded++;
+  }
+  const total = creds.filter(c => c.enabled !== false).length;
+  let teamCapacity = 'none';
+  if (healthy >= 4) teamCapacity = 'high';
+  else if (healthy >= 2) teamCapacity = 'medium';
+  else if (healthy >= 1) teamCapacity = 'low';
+  return { total, byProvider, healthy, degraded, teamCapacity };
+}
+
 // ---------------------------------------------------------------------------
 // CLI
 // ---------------------------------------------------------------------------
@@ -894,6 +1110,10 @@ export async function getCapabilityManifest(cwd = process.cwd()) {
     return { pressure5h: pressure, pressure7d: pressure * 0.6 };
   }
 
+  // ── Credential registry (when available, overrides detection) ─────────
+  const _credData = loadCredentials(cwd);
+  const _hasCreds = _credData.credentials && _credData.credentials.length > 0;
+
   // ── Claude provider ────────────────────────────────────────────────────
   const claudeProvider = { available: false, authenticated: false, plan: 'unknown',
     models: ['opus', 'sonnet', 'haiku'], health: 'healthy',
@@ -924,6 +1144,20 @@ export async function getCapabilityManifest(cwd = process.cwd()) {
   claudeProvider.health = claudeProvider.authenticated ? deriveHealth('claude') : 'down';
   claudeProvider.budget = deriveBudget('claude');
 
+  // Override with registry data when credentials.json exists
+  if (_hasCreds) {
+    const claudeCreds = _credData.credentials.filter(c => c.provider === 'claude' && c.enabled !== false);
+    if (claudeCreds.length > 0) {
+      claudeProvider.available    = true;
+      claudeProvider.authenticated = claudeCreds.some(c => c.health === 'healthy');
+      claudeProvider.health = claudeCreds.some(c => c.health === 'healthy') ? deriveHealth('claude')
+        : claudeCreds.some(c => c.health === 'degraded') ? 'degraded' : 'down';
+      const planHint = claudeCreds.find(c => c.plan_hint)?.plan_hint;
+      if (planHint) claudeProvider.plan = normalizePlan(planHint);
+      claudeProvider.source = claudeCreds[0].source;
+    }
+  }
+
   // ── OpenAI provider ────────────────────────────────────────────────────
   const openaiProvider = { available: false, authenticated: false, plan: 'unknown',
     models: ['gpt-5.5', 'o3', 'gpt-4o', 'gpt-4o-mini'], health: 'healthy',
@@ -945,6 +1179,20 @@ export async function getCapabilityManifest(cwd = process.cwd()) {
   openaiProvider.health = openaiProvider.authenticated ? deriveHealth('openai') : 'down';
   openaiProvider.budget = deriveBudget('openai');
 
+  // Override with registry data when credentials.json exists
+  if (_hasCreds) {
+    const openaiCreds = _credData.credentials.filter(c => c.provider === 'openai' && c.enabled !== false);
+    if (openaiCreds.length > 0) {
+      openaiProvider.available    = true;
+      openaiProvider.authenticated = openaiCreds.some(c => c.health === 'healthy');
+      openaiProvider.health = openaiCreds.some(c => c.health === 'healthy') ? deriveHealth('openai')
+        : openaiCreds.some(c => c.health === 'degraded') ? 'degraded' : 'down';
+      const planHint = openaiCreds.find(c => c.plan_hint)?.plan_hint;
+      if (planHint) openaiProvider.plan = normalizePlan(planHint);
+      openaiProvider.source = openaiCreds[0].source;
+    }
+  }
+
   // ── Preferences ────────────────────────────────────────────────────────
   let preferences = { bias: 'auto', forbiddenModels: [], preferredModels: [],
     costBias: 0.5, confirmBeforeExpensive: false };
@@ -1163,4 +1411,5 @@ export {
   // backward-compat stubs (deprecated)
   detectExistingAuth, detectPlans, saveSubscription, listSubscriptions,
   defaultProfile,
+  // credential registry (functions already exported inline above)
 };

package/src/repo.mjs

@@ -283,6 +283,159 @@ export function getLintCommand(cwd = process.cwd()) {
   return detectRepo(cwd).commands.lint;
 }
 
+// ─── Ownership hints ──────────────────────────────────────────────────────────
+
+/**
+ * Return the last git author, last-modified date, and commit count for a file.
+ * @param {string} filePath
+ * @param {string} [cwd]
+ * @returns {{ lastAuthor: string, lastModified: string, totalCommits: number }|null}
+ */
+export function getFileOwnership(filePath, cwd) {
+  try {
+    const blame = execSync(`git log --format="%an" -1 -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim();
+    const lastDate = execSync(`git log --format="%ci" -1 -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim();
+    const commitCount = parseInt(execSync(`git rev-list --count HEAD -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim()) || 0;
+    return { lastAuthor: blame, lastModified: lastDate, totalCommits: commitCount };
+  } catch { return null; }
+}
+
+// ─── Dependency edges ─────────────────────────────────────────────────────────
+
+/**
+ * Extract import/require edges from a source file.
+ * @param {string} filePath  — relative path from cwd
+ * @param {string} [cwd]
+ * @returns {{ local: string[], external: string[], total: number }}
+ */
+export function getDependencyEdges(filePath, cwd) {
+  try {
+    const content = readFileSync(join(cwd || process.cwd(), filePath), 'utf8');
+    const imports = [];
+    // ES module imports
+    for (const match of content.matchAll(/import\s+.*?from\s+['"]([^'"]+)['"]/g)) {
+      imports.push(match[1]);
+    }
+    // Dynamic imports
+    for (const match of content.matchAll(/import\(['"]([^'"]+)['"]\)/g)) {
+      imports.push(match[1]);
+    }
+    // CommonJS requires
+    for (const match of content.matchAll(/require\(['"]([^'"]+)['"]\)/g)) {
+      imports.push(match[1]);
+    }
+    const local = imports.filter(i => i.startsWith('.') || i.startsWith('/'));
+    const external = imports.filter(i => !i.startsWith('.') && !i.startsWith('/'));
+    return { local, external, total: imports.length };
+  } catch { return { local: [], external: [], total: 0 }; }
+}
+
+// ─── Test mapping ─────────────────────────────────────────────────────────────
+
+/**
+ * Find test files whose name matches the source file's base name.
+ * @param {string} filePath
+ * @param {string} [cwd]
+ * @returns {string[]}
+ */
+export function findRelatedTests(filePath, cwd) {
+  const root = cwd || process.cwd();
+  const base = filePath.replace(/\.(mjs|js|ts|tsx|jsx)$/, '');
+  const name = base.split('/').pop();
+
+  const found = [];
+  try {
+    const allTests = execSync(
+      `find . -type f \\( -name "*.test.*" -o -name "*.spec.*" -o -path "*/tests/*" -o -path "*/test/*" -o -path "*/__tests__/*" \\) -not -path "*/node_modules/*"`,
+      { cwd: root, encoding: 'utf8', timeout: 5000 }
+    ).trim().split('\n').filter(Boolean);
+
+    for (const t of allTests) {
+      if (t.includes(name)) found.push(t.replace(/^\.\//, ''));
+    }
+  } catch {}
+
+  return found;
+}
+
+// ─── Risk hotspots ────────────────────────────────────────────────────────────
+
+/**
+ * Return the files with highest churn × complexity risk in the last N days.
+ * @param {string} [cwd]
+ * @param {{ days?: number, limit?: number }} [opts]
+ * @returns {Array<{ file: string, changeCount: number, lineCount: number, risk: number }>}
+ */
+export function getRiskHotspots(cwd, opts = {}) {
+  const { days = 30, limit = 10 } = opts;
+  const root = cwd || process.cwd();
+  try {
+    const since = new Date(Date.now() - days * 86400000).toISOString().split('T')[0];
+    const log = execSync(
+      `git log --since="${since}" --name-only --pretty=format: | sort | uniq -c | sort -rn | head -${limit * 2}`,
+      { cwd: root, encoding: 'utf8', timeout: 10000 }
+    ).trim();
+
+    const hotspots = [];
+    for (const line of log.split('\n').filter(Boolean)) {
+      const match = line.trim().match(/^(\d+)\s+(.+)$/);
+      if (match) {
+        const changeCount = parseInt(match[1]);
+        const file = match[2];
+        if (changeCount >= 3 && existsSync(join(root, file))) {
+          let lineCount = 0;
+          try {
+            lineCount = readFileSync(join(root, file), 'utf8').split('\n').length;
+          } catch {}
+          hotspots.push({ file, changeCount, lineCount, risk: changeCount * Math.log2(Math.max(lineCount, 1)) });
+        }
+      }
+    }
+
+    return hotspots.sort((a, b) => b.risk - a.risk).slice(0, limit);
+  } catch { return []; }
+}
+
+// ─── Primary language detection ───────────────────────────────────────────────
+
+function detectPrimaryLanguage(cwd) {
+  try {
+    const files = execSync(
+      'git ls-files --cached | grep -oE "\\.[a-zA-Z]+$" | sort | uniq -c | sort -rn | head -5',
+      { cwd, encoding: 'utf8', timeout: 5000 }
+    ).trim();
+    const match = files.split('\n')[0]?.trim().match(/^\d+\s+\.(.+)$/);
+    const ext = match?.[1];
+    const langMap = {
+      js: 'JavaScript', mjs: 'JavaScript', ts: 'TypeScript', tsx: 'TypeScript',
+      py: 'Python', rb: 'Ruby', go: 'Go', rs: 'Rust', java: 'Java',
+      kt: 'Kotlin', swift: 'Swift', cpp: 'C++', c: 'C',
+    };
+    return langMap[ext] || ext || 'unknown';
+  } catch { return 'unknown'; }
+}
+
+// ─── Repo intelligence ────────────────────────────────────────────────────────
+
+/**
+ * Return consolidated repo intelligence for routing decisions.
+ * @param {string} [cwd]
+ * @returns {object}
+ */
+export function getRepoIntelligence(cwd) {
+  const root = cwd || process.cwd();
+  const cache = loadRepoCache(root);
+  const hotspots = getRiskHotspots(root);
+
+  return {
+    ...cache,
+    hotspots,
+    hasTests: hotspots.some(h => h.file.includes('test')),
+    primaryLanguage: detectPrimaryLanguage(root),
+    repoSize: cache?.fileCount || 0,
+  };
+}
+
 // ─── CLI (direct invocation) ──────────────────────────────────────────────────
 
 const isMain = process.argv[1]?.endsWith('repo.mjs');