dual-brain 0.2.4 → 0.2.6

package/src/profile.mjs

@@ -15,7 +15,7 @@
  *   getHeadModel(profile)          → suggested head model string
  *   detectCapabilities(cwd)        → what we can actually verify
  *   getOnboardingMessage(caps, ws) → honest 2-3 line status message
- *   needsApiGuardrail(caps)        → true if metered API key detected
+ *   detectCapabilities(cwd)        → available providers (subscription-based only)
  *
  * CLI:
  *   node src/profile.mjs                  # show current profile
@@ -136,7 +136,7 @@ function detectEnvironment() {
  * @param {string} [cwd]
  * @returns {Promise<{
  *   claude:       { available: boolean, source: string|null },
- *   openai:       { available: boolean, source: string|null, metered: boolean },
+ *   openai:       { available: boolean, source: string|null },
  *   codex:        { available: boolean, source: string|null },
  *   replitTools:  { available: boolean, checkpoints: boolean },
  * }>}
@@ -144,18 +144,15 @@ function detectEnvironment() {
 async function detectCapabilities(cwd) {
   const root = cwd || process.cwd();
 
-  // --- Claude: running inside Claude Code or has ANTHROPIC_API_KEY or ~/.claude dir ---
+  // --- Claude: running inside Claude Code session or CLI installed ---
   let claudeAvailable = false;
   let claudeSource = null;
 
   if (process.env.CLAUDE_CODE) {
     claudeAvailable = true;
     claudeSource = 'claude-code';
-  } else if (process.env.ANTHROPIC_API_KEY?.length > 0) {
-    claudeAvailable = true;
-    claudeSource = 'api-key';
   } else {
-    // Check for ~/.claude directory (Claude Code installation)
+    // Check for ~/.claude directory (Claude Code installation) or Replit Claude
     const claudeDir = join(homedir(), '.claude');
     const replitClaudeDir = join(root, '.replit-tools', '.claude-persistent');
     if (existsSync(claudeDir) || existsSync(replitClaudeDir)) {
@@ -164,9 +161,6 @@ async function detectCapabilities(cwd) {
     }
   }
 
-  // --- OpenAI: check for OPENAI_API_KEY presence (metered billing) ---
-  const openaiAvailable = !!process.env.OPENAI_API_KEY?.length;
-
   // --- Codex: check if 'codex' is in PATH ---
   let codexAvailable = false;
   let codexSource = null;
@@ -200,9 +194,8 @@ async function detectCapabilities(cwd) {
       source: claudeSource,
     },
     openai: {
-      available: openaiAvailable || codexAvailable,
-      source: openaiAvailable ? 'api-key' : codexAvailable ? 'codex-cli' : null,
-      metered: openaiAvailable && !codexAvailable,
+      available: codexAvailable,
+      source: codexAvailable ? 'codex-cli' : null,
     },
     codex: {
       available: codexAvailable,
@@ -215,18 +208,6 @@ async function detectCapabilities(cwd) {
   };
 }
 
-/**
- * Return true if any metered API key is detected.
- * When true, the system defaults to conservative API usage and should
- * confirm before expensive operations.
- *
- * @param {ReturnType<typeof detectCapabilities> extends Promise<infer T> ? T : never} capabilities
- * @returns {boolean}
- */
-function needsApiGuardrail(capabilities) {
-  return !!(capabilities?.openai?.metered);
-}
-
 /**
  * Generate an honest 2-3 line onboarding/status message based on
  * what we can actually verify.
@@ -237,9 +218,8 @@ function needsApiGuardrail(capabilities) {
  */
 function getOnboardingMessage(capabilities, workStyle = 'balanced') {
   const found = [];
-  if (capabilities?.claude?.available)  found.push('Claude Code');
-  if (capabilities?.openai?.available)  found.push('OpenAI API');
-  if (capabilities?.codex?.available && !capabilities?.openai?.available) found.push('Codex CLI');
+  if (capabilities?.claude?.available)  found.push('Claude · subscription');
+  if (capabilities?.codex?.available)   found.push('OpenAI · Codex subscription');
 
   const styleLabels = {
     'balanced':      'Balanced — smart routing, reviews on important changes',
@@ -258,16 +238,11 @@ function getOnboardingMessage(capabilities, workStyle = 'balanced') {
   lines.push(`Found: ${found.join(', ')}`);
   lines.push(`  Mode: ${modeLabel}`);
 
-  // Tip: suggest OpenAI if only Claude is available
-  if (capabilities?.claude?.available && !capabilities?.openai?.available && !capabilities?.codex?.available) {
+  // Tip: suggest Codex if only Claude is available
+  if (capabilities?.claude?.available && !capabilities?.codex?.available) {
     lines.push('  Tip: Run codex login for dual-brain collaboration');
   }
 
-  // Warn about metered billing
-  if (capabilities?.openai?.metered) {
-    lines.push('  Note: OpenAI API key detected — usage is metered, guardrails enabled');
-  }
-
   return lines.join('\n');
 }
 
@@ -393,9 +368,8 @@ async function runOnboarding(opts = {}) {
 
     // Show what we found honestly
     const foundProviders = [];
-    if (capabilities.claude.available)  foundProviders.push('Claude Code');
-    if (capabilities.openai.available)  foundProviders.push('OpenAI API (metered)');
-    if (capabilities.codex.available && !capabilities.openai.available) foundProviders.push('Codex CLI');
+    if (capabilities.claude.available)  foundProviders.push('Claude · subscription');
+    if (capabilities.codex.available)   foundProviders.push('OpenAI · Codex subscription');
 
     if (foundProviders.length > 0) {
       process.stdout.write(`Detected: ${foundProviders.join(', ')}\n\n`);
@@ -405,15 +379,14 @@ async function runOnboarding(opts = {}) {
 
     // Enable providers based on what's available
     profile.providers.claude.enabled = capabilities.claude.available;
-    profile.providers.openai.enabled = capabilities.openai.available || capabilities.codex.available;
-    profile.apiGuardrail = needsApiGuardrail(capabilities);
+    profile.providers.openai.enabled = capabilities.codex.available;
 
     // If detection missed something, ask
-    if (!capabilities.claude.available && !capabilities.openai.available && !capabilities.codex.available) {
-      const q1 = (await ask('Which AI providers do you have access to?\n  (1) Claude Code only  (2) OpenAI API only  (3) Both  (4) Neither\n> ')).trim();
+    if (!capabilities.claude.available && !capabilities.codex.available) {
+      const q1 = (await ask('Which AI providers do you have access to?\n  (1) Claude only  (2) OpenAI Codex only  (3) Both  (4) Neither\n> ')).trim();
       if (q1 === '1') { profile.providers.claude.enabled = true; }
-      else if (q1 === '2') { profile.providers.claude.enabled = false; profile.providers.openai.enabled = true; profile.apiGuardrail = true; }
-      else if (q1 === '3') { profile.providers.claude.enabled = true; profile.providers.openai.enabled = true; profile.apiGuardrail = true; }
+      else if (q1 === '2') { profile.providers.claude.enabled = false; profile.providers.openai.enabled = true; }
+      else if (q1 === '3') { profile.providers.claude.enabled = true; profile.providers.openai.enabled = true; }
     }
 
     const q3 = (await ask('\nDefault work style?\n  (1) Save usage  (2) Balanced  (3) Best quality\n> ')).trim();
@@ -546,19 +519,16 @@ async function autoSetup(cwd) {
     result.actions.push(`Claude: available (${capabilities.claude.source})`);
   } else {
     profile.providers.claude.enabled = false;
-    result.warnings.push('Claude not detected — install Claude Code or set ANTHROPIC_API_KEY');
+    result.warnings.push('Claude not detected — run: claude login');
   }
 
   // OpenAI / Codex
-  if (capabilities.openai.available) {
+  if (capabilities.codex.available) {
     profile.providers.openai.enabled = true;
-    result.actions.push('OpenAI: API key detected (metered billing — guardrails enabled)');
-  } else if (capabilities.codex.available) {
-    profile.providers.openai.enabled = true;
-    result.actions.push('Codex CLI: available');
+    result.actions.push('Codex CLI: available (subscription)');
   } else {
     profile.providers.openai.enabled = false;
-    result.warnings.push('OpenAI not detected — add OPENAI_API_KEY or install Codex CLI');
+    result.warnings.push('OpenAI not detected — run: codex login');
   }
 
   // Mode
@@ -568,7 +538,6 @@ async function autoSetup(cwd) {
     : 'solo-openai';
   profile.bias = 'balanced';
   profile.workStyle = 'balanced';
-  profile.apiGuardrail = needsApiGuardrail(capabilities);
   profile.capabilities = capabilities;
   profile.detectedAt = new Date().toISOString();
 
@@ -909,17 +878,6 @@ export async function checkCredentialHealth(cred, cwd = process.cwd()) {
       } catch {
         health = 'healthy'; // cli works, auth check unavailable
       }
-    } else if (cred.auth_type === 'api_key') {
-      if (cred.source === 'replit_secret') {
-        try {
-          const { hasSecret } = await import('./replit.mjs');
-          health = hasSecret(cred.env_var || cred.id.toUpperCase().replace(/-/g, '_')) ? 'healthy' : 'unhealthy';
-        } catch { health = 'unknown'; }
-      } else {
-        // env source
-        const varName = cred.env_var || cred.id.toUpperCase().replace(/-/g, '_');
-        health = (process.env[varName] && process.env[varName].length > 0) ? 'healthy' : 'unhealthy';
-      }
     }
   } catch { health = 'unknown'; }
   return { ...cred, health, last_checked_at: new Date().toISOString() };
@@ -949,64 +907,24 @@ export async function detectCredentials(cwd = process.cwd()) {
     });
   }
 
-  // ANTHROPIC_API_KEY
-  if (process.env.ANTHROPIC_API_KEY) {
-    found.push({
-      id: 'anthropic-api-key',
-      provider: 'claude',
-      auth_type: 'api_key',
-      source: 'env',
-      env_var: 'ANTHROPIC_API_KEY',
-      owner: 'user',
-      scope: 'local',
-      plan_hint: null,
-      enabled: true,
-      health: 'healthy',
-      last_checked_at: new Date().toISOString(),
-    });
-  }
-
-  // OPENAI_API_KEY (env)
-  if (process.env.OPENAI_API_KEY) {
+  // Codex CLI (subscription-based OpenAI access)
+  try {
+    execSync('which codex', { stdio: 'pipe', timeout: 2000 });
+    let codexHealth = 'unknown';
+    try { execSync('codex --version', { stdio: 'pipe', timeout: 3000 }); codexHealth = 'healthy'; } catch { codexHealth = 'degraded'; }
     found.push({
-      id: 'openai-api-key',
+      id: 'openai-codex-cli',
       provider: 'openai',
-      auth_type: 'api_key',
-      source: 'env',
-      env_var: 'OPENAI_API_KEY',
+      auth_type: 'cli_oauth',
+      source: 'local_cli',
       owner: 'user',
       scope: 'local',
       plan_hint: null,
       enabled: true,
-      health: 'healthy',
+      health: codexHealth,
       last_checked_at: new Date().toISOString(),
     });
-  }
-
-  // Replit secrets
-  try {
-    const { hasSecret } = await import('./replit.mjs');
-    const secretsToCheck = ['OPENAI_API_KEY', 'ANTHROPIC_API_KEY'];
-    for (const name of secretsToCheck) {
-      if (!process.env[name] && hasSecret(name)) {
-        const provider = name.startsWith('OPENAI') ? 'openai' : 'claude';
-        const id = name.toLowerCase().replace(/_/g, '-') + '-replit';
-        found.push({
-          id,
-          provider,
-          auth_type: 'api_key',
-          source: 'replit_secret',
-          env_var: name,
-          owner: 'user',
-          scope: 'workspace',
-          plan_hint: null,
-          enabled: true,
-          health: 'healthy',
-          last_checked_at: new Date().toISOString(),
-        });
-      }
-    }
-  } catch { /* replit.mjs unavailable */ }
+  } catch { /* codex not in PATH */ }
 
   return found;
 }
@@ -1120,12 +1038,12 @@ export async function getCapabilityManifest(cwd = process.cwd()) {
     budget: { pressure5h: 0, pressure7d: 0 }, source: 'none' };
 
   try {
-    // available: claude CLI or CLAUDE_CODE env or replit-tools claude dir
+    // available: CLAUDE_CODE env, claude CLI, or replit-tools claude dir
     const claudeDir       = join(homedir(), '.claude');
     const replitClaudeDir = join(cwd, '.replit-tools', '.claude-persistent');
-    if (process.env.CLAUDE_CODE || process.env.ANTHROPIC_API_KEY) {
+    if (process.env.CLAUDE_CODE) {
       claudeProvider.available = true;
-      claudeProvider.source    = process.env.ANTHROPIC_API_KEY ? 'env' : 'credentials';
+      claudeProvider.source    = 'credentials';
     } else if (existsSync(claudeDir) || existsSync(replitClaudeDir)) {
       claudeProvider.available = true;
       claudeProvider.source    = existsSync(replitClaudeDir) ? 'replit-tools' : 'credentials';
@@ -1164,15 +1082,12 @@ export async function getCapabilityManifest(cwd = process.cwd()) {
     budget: { pressure5h: 0, pressure7d: 0 }, source: 'none' };
 
   try {
-    let hasSecret = false;
-    try { const { hasSecret: hs } = await import('./replit.mjs'); hasSecret = hs('OPENAI_API_KEY'); } catch { hasSecret = !!(process.env.OPENAI_API_KEY); }
-
     let codexAvailable = false;
     try { execSync('which codex', { stdio: 'pipe', timeout: 2000 }); codexAvailable = true; } catch { /* not in PATH */ }
 
-    openaiProvider.available      = hasSecret || codexAvailable;
-    openaiProvider.authenticated  = hasSecret;
-    openaiProvider.source         = hasSecret ? 'env' : codexAvailable ? 'codex-config' : 'none';
+    openaiProvider.available      = codexAvailable;
+    openaiProvider.authenticated  = codexAvailable;
+    openaiProvider.source         = codexAvailable ? 'codex-cli' : 'none';
   } catch { /* detection failed */ }
 
   openaiProvider.plan   = normalizePlan(orchProv.openai?.subscription ?? orchSubs.openai?.plan);
@@ -1387,7 +1302,7 @@ async function main() {
     `head model : ${getHeadModel(profile)}`,
     `providers  : ${providers.map(p => p.name).join(', ') || 'none'}`,
     `prefs      : ${profile.preferences?.filter(p => p.enabled).length || 0} active`,
-    `guardrail  : ${needsApiGuardrail(caps) ? 'enabled (metered API key detected)' : 'off'}`,
+    `guardrail  : off`,
     '',
     getOnboardingMessage(caps, profile.workStyle || profile.bias),
   ].forEach(l => process.stdout.write(l + '\n'));
@@ -1404,7 +1319,7 @@ export {
   loadProfile, saveProfile, ensureProfile, runOnboarding,
   rememberPreference, forgetPreference, getActivePreferences,
   getAvailableProviders, isSoloBrain, getHeadModel,
-  detectCapabilities, getOnboardingMessage, needsApiGuardrail,
+  detectCapabilities, getOnboardingMessage,
   syncPreferencesToMemory,
   detectAuth, detectEnvironment,
   autoSetup, autoRefreshToken,

package/src/replit.mjs

@@ -339,7 +339,7 @@ const SYSTEM_PREFIXES = [
 ];
 
 const KNOWN_SECRET_NAMES = [
-  'OPENAI_API_KEY', 'ANTHROPIC_API_KEY', 'DATABASE_URL', 'REPLIT_DB_URL',
+  'DATABASE_URL', 'REPLIT_DB_URL',
   'GITHUB_TOKEN', 'GITHUB_API_TOKEN', 'NPM_TOKEN', 'NPM_AUTH_TOKEN',
   'STRIPE_SECRET_KEY', 'STRIPE_API_KEY', 'AWS_ACCESS_KEY_ID',
   'AWS_SECRET_ACCESS_KEY', 'GOOGLE_API_KEY', 'GOOGLE_APPLICATION_CREDENTIALS',

package/src/repo.mjs

@@ -283,6 +283,159 @@ export function getLintCommand(cwd = process.cwd()) {
   return detectRepo(cwd).commands.lint;
 }
 
+// ─── Ownership hints ──────────────────────────────────────────────────────────
+
+/**
+ * Return the last git author, last-modified date, and commit count for a file.
+ * @param {string} filePath
+ * @param {string} [cwd]
+ * @returns {{ lastAuthor: string, lastModified: string, totalCommits: number }|null}
+ */
+export function getFileOwnership(filePath, cwd) {
+  try {
+    const blame = execSync(`git log --format="%an" -1 -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim();
+    const lastDate = execSync(`git log --format="%ci" -1 -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim();
+    const commitCount = parseInt(execSync(`git rev-list --count HEAD -- "${filePath}"`, { cwd, encoding: 'utf8', timeout: 5000 }).trim()) || 0;
+    return { lastAuthor: blame, lastModified: lastDate, totalCommits: commitCount };
+  } catch { return null; }
+}
+
+// ─── Dependency edges ─────────────────────────────────────────────────────────
+
+/**
+ * Extract import/require edges from a source file.
+ * @param {string} filePath  — relative path from cwd
+ * @param {string} [cwd]
+ * @returns {{ local: string[], external: string[], total: number }}
+ */
+export function getDependencyEdges(filePath, cwd) {
+  try {
+    const content = readFileSync(join(cwd || process.cwd(), filePath), 'utf8');
+    const imports = [];
+    // ES module imports
+    for (const match of content.matchAll(/import\s+.*?from\s+['"]([^'"]+)['"]/g)) {
+      imports.push(match[1]);
+    }
+    // Dynamic imports
+    for (const match of content.matchAll(/import\(['"]([^'"]+)['"]\)/g)) {
+      imports.push(match[1]);
+    }
+    // CommonJS requires
+    for (const match of content.matchAll(/require\(['"]([^'"]+)['"]\)/g)) {
+      imports.push(match[1]);
+    }
+    const local = imports.filter(i => i.startsWith('.') || i.startsWith('/'));
+    const external = imports.filter(i => !i.startsWith('.') && !i.startsWith('/'));
+    return { local, external, total: imports.length };
+  } catch { return { local: [], external: [], total: 0 }; }
+}
+
+// ─── Test mapping ─────────────────────────────────────────────────────────────
+
+/**
+ * Find test files whose name matches the source file's base name.
+ * @param {string} filePath
+ * @param {string} [cwd]
+ * @returns {string[]}
+ */
+export function findRelatedTests(filePath, cwd) {
+  const root = cwd || process.cwd();
+  const base = filePath.replace(/\.(mjs|js|ts|tsx|jsx)$/, '');
+  const name = base.split('/').pop();
+
+  const found = [];
+  try {
+    const allTests = execSync(
+      `find . -type f \\( -name "*.test.*" -o -name "*.spec.*" -o -path "*/tests/*" -o -path "*/test/*" -o -path "*/__tests__/*" \\) -not -path "*/node_modules/*"`,
+      { cwd: root, encoding: 'utf8', timeout: 5000 }
+    ).trim().split('\n').filter(Boolean);
+
+    for (const t of allTests) {
+      if (t.includes(name)) found.push(t.replace(/^\.\//, ''));
+    }
+  } catch {}
+
+  return found;
+}
+
+// ─── Risk hotspots ────────────────────────────────────────────────────────────
+
+/**
+ * Return the files with highest churn × complexity risk in the last N days.
+ * @param {string} [cwd]
+ * @param {{ days?: number, limit?: number }} [opts]
+ * @returns {Array<{ file: string, changeCount: number, lineCount: number, risk: number }>}
+ */
+export function getRiskHotspots(cwd, opts = {}) {
+  const { days = 30, limit = 10 } = opts;
+  const root = cwd || process.cwd();
+  try {
+    const since = new Date(Date.now() - days * 86400000).toISOString().split('T')[0];
+    const log = execSync(
+      `git log --since="${since}" --name-only --pretty=format: | sort | uniq -c | sort -rn | head -${limit * 2}`,
+      { cwd: root, encoding: 'utf8', timeout: 10000 }
+    ).trim();
+
+    const hotspots = [];
+    for (const line of log.split('\n').filter(Boolean)) {
+      const match = line.trim().match(/^(\d+)\s+(.+)$/);
+      if (match) {
+        const changeCount = parseInt(match[1]);
+        const file = match[2];
+        if (changeCount >= 3 && existsSync(join(root, file))) {
+          let lineCount = 0;
+          try {
+            lineCount = readFileSync(join(root, file), 'utf8').split('\n').length;
+          } catch {}
+          hotspots.push({ file, changeCount, lineCount, risk: changeCount * Math.log2(Math.max(lineCount, 1)) });
+        }
+      }
+    }
+
+    return hotspots.sort((a, b) => b.risk - a.risk).slice(0, limit);
+  } catch { return []; }
+}
+
+// ─── Primary language detection ───────────────────────────────────────────────
+
+function detectPrimaryLanguage(cwd) {
+  try {
+    const files = execSync(
+      'git ls-files --cached | grep -oE "\\.[a-zA-Z]+$" | sort | uniq -c | sort -rn | head -5',
+      { cwd, encoding: 'utf8', timeout: 5000 }
+    ).trim();
+    const match = files.split('\n')[0]?.trim().match(/^\d+\s+\.(.+)$/);
+    const ext = match?.[1];
+    const langMap = {
+      js: 'JavaScript', mjs: 'JavaScript', ts: 'TypeScript', tsx: 'TypeScript',
+      py: 'Python', rb: 'Ruby', go: 'Go', rs: 'Rust', java: 'Java',
+      kt: 'Kotlin', swift: 'Swift', cpp: 'C++', c: 'C',
+    };
+    return langMap[ext] || ext || 'unknown';
+  } catch { return 'unknown'; }
+}
+
+// ─── Repo intelligence ────────────────────────────────────────────────────────
+
+/**
+ * Return consolidated repo intelligence for routing decisions.
+ * @param {string} [cwd]
+ * @returns {object}
+ */
+export function getRepoIntelligence(cwd) {
+  const root = cwd || process.cwd();
+  const cache = loadRepoCache(root);
+  const hotspots = getRiskHotspots(root);
+
+  return {
+    ...cache,
+    hotspots,
+    hasTests: hotspots.some(h => h.file.includes('test')),
+    primaryLanguage: detectPrimaryLanguage(root),
+    repoSize: cache?.fileCount || 0,
+  };
+}
+
 // ─── CLI (direct invocation) ──────────────────────────────────────────────────
 
 const isMain = process.argv[1]?.endsWith('repo.mjs');