dual-brain 7.0.0 → 7.0.2

package/bin/dual-brain.mjs

@@ -5,11 +5,13 @@ import { existsSync, readFileSync } from 'node:fs';
 import { join, dirname } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { execSync } from 'node:child_process';
+import { createInterface } from 'node:readline';
 
 import {
   ensureProfile, loadProfile, saveProfile, runOnboarding,
   rememberPreference, forgetPreference, getActivePreferences,
   getAvailableProviders, isSoloBrain, getHeadModel,
+  detectAuth, detectEnvironment, setupAuth,
 } from '../src/profile.mjs';
 
 import { detectTask } from '../src/detect.mjs';
@@ -44,7 +46,9 @@ function printHelp() {
 dual-brain <command> [options]
 
 Commands:
-  init                      First-time setup (providers, plans, optimization)
+  init                      First-time setup → flows into interactive REPL
+  auth                      Show authentication status for all providers
+  auth setup                Paste API keys directly (recommended for Replit)
   install                   Install Claude Code hooks into the current project
   go "task description"     Detect → decide → dispatch a task
     --dry-run               Show routing decision without executing
@@ -57,6 +61,14 @@ Commands:
   remember "preference"     Save a project-scoped preference
   forget "preference"       Remove a preference by fuzzy match
 
+Interactive REPL (entered after init or npx dual-brain with no args):
+  <task description>        Dispatch a task directly
+  go <task>                 Same as dual-brain go
+  status / auth / init      Run commands without exiting
+  auth setup                Re-run API key setup
+  help                      Show this help
+  exit / quit / q           Exit the REPL
+
 Options:
   --version                 Print version
   --help                    Show this help
@@ -64,6 +76,44 @@ Options:
 `.trim());
 }
 
+// ─── Auth helpers ─────────────────────────────────────────────────────────────
+
+/**
+ * Print a compact auth status table to stdout.
+ * @param {{ claude: object, openai: object }} auth  Result from detectAuth()
+ */
+function printAuthTable(auth) {
+  const W = 55; // inner width (wide enough for source labels)
+  const bar = '═'.repeat(W);
+  const pad = (s) => {
+    const visible = s.replace(/[̀-ͯ]/g, ''); // strip combining chars for length
+    return s + ' '.repeat(Math.max(0, W - visible.length));
+  };
+
+  const claudeLine1 = auth.claude.found
+    ? `  Claude:  ✓ found via ${auth.claude.source}`
+    : `  Claude:  ✗ not found`;
+  const claudeLine2 = auth.claude.found
+    ? `           ${auth.claude.masked}`
+    : `           run: dual-brain auth setup`;
+
+  const openaiLine1 = auth.openai.found
+    ? `  OpenAI:  ✓ found via ${auth.openai.source}`
+    : `  OpenAI:  ✗ not found`;
+  const openaiLine2 = auth.openai.found
+    ? `           ${auth.openai.masked}`
+    : `           run: dual-brain auth setup`;
+
+  console.log(`╔${bar}╗`);
+  console.log(`║${pad('  Auth Status')}║`);
+  console.log(`╠${bar}╣`);
+  console.log(`║${pad(claudeLine1)}║`);
+  console.log(`║${pad(claudeLine2)}║`);
+  console.log(`║${pad(openaiLine1)}║`);
+  console.log(`║${pad(openaiLine2)}║`);
+  console.log(`╚${bar}╝`);
+}
+
 // ─── Card command (default) ──────────────────────────────────────────────────
 
 async function cmdCard() {
@@ -83,19 +133,92 @@ async function cmdCard() {
   const health  = getHealth(cwd);
   const card    = formatSessionCard(session, repo, health);
   console.log(card);
+
+  // Auth status warnings (non-blocking)
+  const auth = await detectAuth();
+  const warnings = [];
+  if (!auth.claude.found) warnings.push('Claude auth not found — run: dual-brain auth setup');
+  if (!auth.openai.found) warnings.push('OpenAI auth not found — run: dual-brain auth setup');
+  if (warnings.length > 0) {
+    console.log('\nAuth warnings:');
+    for (const w of warnings) console.log(`  ⚠  ${w}`);
+  }
+
+  // Environment info
+  const env = detectEnvironment();
+  if (env.isReplit || env.hasReplitTools) {
+    const envLabel = env.hasReplitTools ? 'Replit + replit-tools' : 'Replit';
+    console.log(`\nRuntime: ${envLabel}`);
+  }
 }
 
 // ─── Commands ─────────────────────────────────────────────────────────────────
 
-async function cmdInit() {
-  const profile = await runOnboarding({ interactive: true });
-  saveProfile(profile, { cwd: process.cwd() });
-  const rt = await detectRuntime();
-  const providers = getAvailableProviders(profile);
-  const providerSummary = providers.length
-    ? providers.map(p => `${p.name === 'claude' ? 'Claude' : 'OpenAI'} (${p.plan})`).join(', ')
-    : 'none';
-  console.log(`Profile saved. Providers: ${providerSummary}. Mode: ${profile.mode}. Runtime: ${rt.runtime}`);
+async function cmdInit(rl) {
+  const cwd = process.cwd();
+
+  // --- Step 1: Auth preflight ---
+  const auth = await detectAuth();
+  printAuthTable(auth);
+
+  const noneFound = !auth.claude.found && !auth.openai.found;
+  if (noneFound) {
+    console.log('\nNo AI provider credentials found. Let\'s set up at least one now.\n');
+    // Use the provided rl (REPL instance) or create a temporary one
+    const rlOwned = !rl;
+    if (!rl) rl = createInterface({ input: process.stdin, output: process.stdout });
+    try {
+      await setupAuth(rl);
+    } finally {
+      if (rlOwned) rl.close();
+    }
+    // Re-check after setup
+    const authAfter = await detectAuth();
+    if (!authAfter.claude.found && !authAfter.openai.found) {
+      console.log('\nNo credentials configured. You can run "auth setup" in the REPL anytime.');
+      // Still flow into REPL — don't exit
+      return;
+    }
+  }
+
+  // --- Step 2: Run onboarding wizard (pass shared rl so it isn't closed) ---
+  const profile = await runOnboarding({ interactive: true, detectedAuth: auth, rl });
+  saveProfile(profile, { cwd });
+
+  // --- Step 3: Show dashboard ---
+  console.log('');
+  const repo    = loadRepoCache(cwd);
+  const session = loadSession(cwd);
+  const health  = getHealth(cwd);
+  const card    = formatSessionCard(session, repo, health);
+  console.log(card);
+  console.log('\nReady! Type a task below, or "help" for commands.\n');
+}
+
+async function cmdAuth(subArgs = [], rl) {
+  const sub = subArgs[0];
+
+  if (sub === 'setup') {
+    return cmdAuthSetup(rl);
+  }
+
+  const auth = await detectAuth();
+  printAuthTable(auth);
+
+  // If anything is missing, point to setup command
+  if (!auth.claude.found || !auth.openai.found) {
+    console.log('\nRun "dual-brain auth setup" (or "auth setup" in REPL) to paste API keys.');
+  }
+}
+
+async function cmdAuthSetup(rl) {
+  const rlOwned = !rl;
+  if (!rl) rl = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    await setupAuth(rl);
+  } finally {
+    if (rlOwned) rl.close();
+  }
 }
 
 async function cmdGo(args) {
@@ -398,6 +521,65 @@ function cmdForget(text) {
   console.log('Preference removed (if matched).');
 }
 
+// ─── Interactive REPL ────────────────────────────────────────────────────────
+
+async function startRepl(rl) {
+  // rl may have been created by cmdCard/cmdInit — reuse it.
+  // If not provided, create a fresh one.
+  const rlOwned = !rl;
+  if (!rl) rl = createInterface({ input: process.stdin, output: process.stdout });
+
+  console.log('\nType a task or command. Type "help" for commands, "exit" to quit.\n');
+
+  const prompt = () => {
+    rl.question('dual-brain> ', async (input) => {
+      const line = input.trim();
+      if (!line) { prompt(); return; }
+
+      if (line === 'exit' || line === 'quit' || line === 'q') {
+        if (rlOwned) rl.close();
+        return;
+      }
+
+      try {
+        if (line === 'help') {
+          printHelp();
+        } else if (line === 'status') {
+          await cmdStatus([]);
+        } else if (line === 'auth setup' || line === 'auth-setup') {
+          await cmdAuthSetup(rl);
+        } else if (line === 'auth') {
+          await cmdAuth([], rl);
+        } else if (line.startsWith('go ')) {
+          await cmdGo(line.slice(3).trim().split(/\s+/));
+        } else if (line.startsWith('remember ')) {
+          cmdRemember(line.slice(9).trim());
+        } else if (line.startsWith('forget ')) {
+          cmdForget(line.slice(7).trim());
+        } else if (line.startsWith('hot ')) {
+          cmdHot(line.slice(4).trim());
+        } else if (line.startsWith('cool ')) {
+          cmdCool(line.slice(5).trim());
+        } else if (line === 'init') {
+          await cmdInit(rl);
+        } else {
+          // Treat as a task description → go
+          await cmdGo([line]);
+        }
+      } catch (e) {
+        process.stderr.write(`Error: ${e.message}\n`);
+      }
+
+      prompt(); // loop back
+    });
+  };
+
+  prompt();
+
+  // Return a promise that resolves when rl closes (exit/quit)
+  return new Promise(resolve => rl.on('close', resolve));
+}
+
 // ─── Entry point ─────────────────────────────────────────────────────────────
 
 async function main() {
@@ -405,11 +587,37 @@ async function main() {
   const cmd  = args[0];
 
   if (cmd === '--help' || cmd === '-h') { printHelp(); return; }
-  if (!cmd) { await cmdCard(); return; }
-  if (cmd === '--version' || cmd === '-v')      { console.log(readVersion()); return; }
+  if (cmd === '--version' || cmd === '-v') { console.log(readVersion()); return; }
 
-  if (cmd === 'init')     { await cmdInit(); return; }
+  // Interactive-only commands: enter REPL after completing (only when TTY)
+  const isInteractive = process.stdin.isTTY;
+
+  if (!cmd) {
+    await cmdCard();
+    if (isInteractive) await startRepl();
+    return;
+  }
+
+  if (cmd === 'init') {
+    if (isInteractive) {
+      // Create the shared rl upfront so init wizard and REPL share it
+      const rl = createInterface({ input: process.stdin, output: process.stdout });
+      await cmdInit(rl);
+      await startRepl(rl);
+    } else {
+      await cmdInit();
+    }
+    return;
+  }
+
+  // One-shot commands — run and exit
   if (cmd === 'install')  { await cmdInstall(); return; }
+  if (cmd === 'auth') {
+    const sub = args[1];
+    if (sub === 'setup') { await cmdAuthSetup(); return; }
+    await cmdAuth(args.slice(1));
+    return;
+  }
   if (cmd === 'go')       { await cmdGo(args.slice(1)); return; }
   if (cmd === 'status')   { await cmdStatus(args.slice(1)); return; }
   if (cmd === 'hot')      { cmdHot(args[1]); return; }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dual-brain",
-  "version": "7.0.0",
+  "version": "7.0.2",
   "description": "AI orchestration across Claude + OpenAI subscriptions — smart routing, budget awareness, and dual-brain collaboration",
   "type": "module",
   "bin": {

package/src/profile.mjs

@@ -25,7 +25,7 @@
 import { createInterface } from 'readline';
 import { existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from 'fs';
 import { homedir } from 'os';
-import { join } from 'path';
+import { dirname, join } from 'path';
 
 // ---------------------------------------------------------------------------
 // Claude Code memory integration
@@ -106,6 +106,245 @@ function syncPreferencesToMemory(profile, cwd) {
   }
 }
 
+// ---------------------------------------------------------------------------
+// Environment detection
+// ---------------------------------------------------------------------------
+
+/**
+ * Detect the runtime environment.
+ * Returns { isReplit, hasReplitTools, isCI }.
+ */
+function detectEnvironment() {
+  const isReplit = !!(process.env.REPL_ID || process.env.REPLIT_DB_URL);
+  const hasReplitTools = existsSync(join(process.cwd(), '.replit-tools'));
+  const isCI = !!(process.env.CI || process.env.GITHUB_ACTIONS);
+  return { isReplit, hasReplitTools, isCI };
+}
+
+// ---------------------------------------------------------------------------
+// Auth detection
+// ---------------------------------------------------------------------------
+
+/**
+ * Mask a credential string: show first 4 + "..." + last 4 chars.
+ * For short strings (< 8 chars), just returns "***".
+ * @param {string} str
+ * @returns {string}
+ */
+function _maskCredential(str) {
+  if (!str || str.length < 8) return '***';
+  return str.slice(0, 4) + '...' + str.slice(-4);
+}
+
+/**
+ * Detect authentication credentials from all known sources.
+ * Checks in priority order: config files first, then env vars.
+ * Never makes network calls — validation is always null in v1.
+ *
+ * @returns {{ claude: AuthEntry, openai: AuthEntry }}
+ * @typedef {{ found: boolean, source: string|null, masked: string|null, validated: null }} AuthEntry
+ */
+async function detectAuth() {
+  const results = {
+    claude: { found: false, source: null, masked: null, validated: null },
+    openai: { found: false, source: null, masked: null, validated: null },
+  };
+
+  // --- Claude: check .claude.json for oauthAccount or apiKey ---
+  const claudePaths = [
+    '/home/runner/workspace/.replit-tools/.claude-persistent/.claude.json',
+    join(homedir(), '.claude', '.claude.json'),
+  ];
+  for (const p of claudePaths) {
+    try {
+      const data = JSON.parse(readFileSync(p, 'utf8'));
+      if (data?.oauthAccount) {
+        // OAuth session found
+        results.claude.found   = true;
+        results.claude.source  = p.includes('.replit-tools') ? '.claude.json (replit-tools)' : '.claude.json';
+        results.claude.masked  = 'oauth:configured';
+        break;
+      }
+      if (data?.apiKey && typeof data.apiKey === 'string') {
+        results.claude.found   = true;
+        results.claude.source  = p.includes('.replit-tools') ? '.claude.json (replit-tools)' : '.claude.json';
+        results.claude.masked  = _maskCredential(data.apiKey);
+        break;
+      }
+    } catch { continue; }
+  }
+
+  // --- Claude: check .dualbrain/auth.json (before env var) ---
+  if (!results.claude.found) {
+    const storedAuth = loadAuthKeys();
+    if (storedAuth.claude?.key) {
+      const expired = storedAuth.claude.expiresAt && new Date(storedAuth.claude.expiresAt) <= new Date();
+      if (!expired) {
+        results.claude.found   = true;
+        results.claude.source  = '.dualbrain/auth.json';
+        results.claude.masked  = _maskCredential(storedAuth.claude.key);
+        process.env.ANTHROPIC_API_KEY = storedAuth.claude.key;
+      }
+    }
+  }
+
+  // --- Claude: fallback to ANTHROPIC_API_KEY env var ---
+  if (!results.claude.found && process.env.ANTHROPIC_API_KEY) {
+    results.claude.found  = true;
+    results.claude.source = 'env:ANTHROPIC_API_KEY';
+    results.claude.masked = _maskCredential(process.env.ANTHROPIC_API_KEY);
+  }
+
+  // --- OpenAI/Codex: check auth.json for access_token or id_token ---
+  const codexPaths = [
+    '/home/runner/workspace/.replit-tools/.codex-persistent/auth.json',
+    join(homedir(), '.codex', 'auth.json'),
+  ];
+  for (const p of codexPaths) {
+    try {
+      const data = JSON.parse(readFileSync(p, 'utf8'));
+      const accessToken = data?.tokens?.access_token || data?.access_token;
+      const idToken     = data?.tokens?.id_token     || data?.id_token;
+      const apiKey      = data?.apiKey ?? data?.api_key ?? null;
+
+      if (accessToken || idToken) {
+        results.openai.found   = true;
+        results.openai.source  = p.includes('.replit-tools') ? 'codex auth.json (replit-tools)' : 'codex auth.json';
+        results.openai.masked  = 'oauth:configured';
+        break;
+      }
+      if (apiKey && typeof apiKey === 'string') {
+        results.openai.found   = true;
+        results.openai.source  = p.includes('.replit-tools') ? 'codex auth.json (replit-tools)' : 'codex auth.json';
+        results.openai.masked  = _maskCredential(apiKey);
+        break;
+      }
+    } catch { continue; }
+  }
+
+  // --- OpenAI: check .dualbrain/auth.json (before env var) ---
+  if (!results.openai.found) {
+    const storedAuth = loadAuthKeys();
+    if (storedAuth.openai?.key) {
+      const expired = storedAuth.openai.expiresAt && new Date(storedAuth.openai.expiresAt) <= new Date();
+      if (!expired) {
+        results.openai.found   = true;
+        results.openai.source  = '.dualbrain/auth.json';
+        results.openai.masked  = _maskCredential(storedAuth.openai.key);
+        process.env.OPENAI_API_KEY = storedAuth.openai.key;
+      }
+    }
+  }
+
+  // --- OpenAI: fallback to OPENAI_API_KEY env var ---
+  if (!results.openai.found && process.env.OPENAI_API_KEY) {
+    results.openai.found  = true;
+    results.openai.source = 'env:OPENAI_API_KEY';
+    results.openai.masked = _maskCredential(process.env.OPENAI_API_KEY);
+  }
+
+  return results;
+}
+
+// ---------------------------------------------------------------------------
+// API key storage (.dualbrain/auth.json)
+// ---------------------------------------------------------------------------
+
+const AUTH_FILE = (cwd) => join(cwd || process.cwd(), '.dualbrain', 'auth.json');
+
+function loadAuthKeys(cwd) {
+  try {
+    return JSON.parse(readFileSync(AUTH_FILE(cwd), 'utf8'));
+  } catch {
+    return {};
+  }
+}
+
+function saveAuthKey(provider, key, opts = {}) {
+  const cwd = opts.cwd || process.cwd();
+  const authFile = AUTH_FILE(cwd);
+  const dir = dirname(authFile);
+  if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+
+  const auth = loadAuthKeys(cwd);
+  auth[provider] = {
+    key,
+    savedAt: new Date().toISOString(),
+    expiresAt: opts.expiresAt || null,
+  };
+  writeFileSync(authFile, JSON.stringify(auth, null, 2));
+
+  // Inject into process.env for this session so dispatch can use it
+  if (provider === 'claude') process.env.ANTHROPIC_API_KEY = key;
+  if (provider === 'openai') process.env.OPENAI_API_KEY = key;
+}
+
+/**
+ * Interactive setup flow: walks user through entering API keys for missing providers.
+ * Accepts an existing readline Interface (rl) — does NOT close it.
+ * @param {import('readline').Interface} rl
+ */
+async function setupAuth(rl) {
+  const ask = (q) => new Promise(res => rl.question(q, res));
+  const auth = await detectAuth();
+
+  // Claude setup
+  if (!auth.claude.found) {
+    console.log('\n— Claude Setup —');
+    console.log('Options:');
+    console.log('  (1) Paste API key (recommended for Replit)');
+    console.log('  (2) Skip for now');
+    const choice = (await ask('> ')).trim();
+    if (choice === '1') {
+      const key = (await ask('Paste your Anthropic API key: ')).trim();
+      if (key && (key.startsWith('sk-ant-') || key.startsWith('sk-'))) {
+        const expiryStr = (await ask('Set key expiry? (enter days, or press Enter to skip)\n> ')).trim();
+        let expiresAt = null;
+        if (expiryStr && /^\d+$/.test(expiryStr)) {
+          const d = new Date();
+          d.setDate(d.getDate() + parseInt(expiryStr, 10));
+          expiresAt = d.toISOString();
+          console.log(`✓ Key expires in ${expiryStr} days (${d.toISOString().slice(0, 10)})`);
+        }
+        saveAuthKey('claude', key, { expiresAt });
+        console.log('✓ Claude API key saved');
+      } else {
+        console.log('Invalid key format. Expected sk-ant-... or sk-...');
+      }
+    }
+  } else {
+    console.log(`\n✓ Claude: already configured via ${auth.claude.source}`);
+  }
+
+  // OpenAI setup
+  if (!auth.openai.found) {
+    console.log('\n— OpenAI Setup —');
+    console.log('Options:');
+    console.log('  (1) Paste API key (recommended for Replit)');
+    console.log('  (2) Skip for now');
+    const choice = (await ask('> ')).trim();
+    if (choice === '1') {
+      const key = (await ask('Paste your OpenAI API key: ')).trim();
+      if (key && key.startsWith('sk-')) {
+        const expiryStr = (await ask('Set key expiry? (enter days, or press Enter to skip)\n> ')).trim();
+        let expiresAt = null;
+        if (expiryStr && /^\d+$/.test(expiryStr)) {
+          const d = new Date();
+          d.setDate(d.getDate() + parseInt(expiryStr, 10));
+          expiresAt = d.toISOString();
+          console.log(`✓ Key expires in ${expiryStr} days (${d.toISOString().slice(0, 10)})`);
+        }
+        saveAuthKey('openai', key, { expiresAt });
+        console.log('✓ OpenAI API key saved');
+      } else {
+        console.log('Invalid key format. Expected sk-...');
+      }
+    }
+  } else {
+    console.log(`\n✓ OpenAI: already configured via ${auth.openai.source}`);
+  }
+}
+
 // ---------------------------------------------------------------------------
 // Auto-detect subscription plans from provider config files
 // ---------------------------------------------------------------------------
@@ -302,7 +541,10 @@ function saveProfile(profile, opts = {}) {
 async function runOnboarding(opts = {}) {
   if (!opts.interactive) return defaultProfile();
 
-  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  // Accept an externally-provided readline instance (shared with REPL/auth setup)
+  // or create one internally if not provided. Only close if we created it.
+  const rlProvided = !!opts.rl;
+  const rl = opts.rl || createInterface({ input: process.stdin, output: process.stdout });
   const ask = (q) => new Promise(res => rl.question(q, res));
   const profile = defaultProfile();
 
@@ -328,7 +570,8 @@ async function runOnboarding(opts = {}) {
     profile.mode = n >= 2 ? 'dual' : profile.providers.claude.enabled ? 'solo-claude' : 'solo-openai';
     process.stdout.write('\nProfile saved.\n');
   } finally {
-    rl.close();
+    // Only close if we created the rl instance (not if it was passed in)
+    if (!rlProvided) rl.close();
   }
   return profile;
 }
@@ -469,4 +712,6 @@ export {
   rememberPreference, forgetPreference, getActivePreferences,
   getAvailableProviders, isSoloBrain, getHeadModel,
   detectPlans, syncPreferencesToMemory,
+  detectAuth, detectEnvironment,
+  setupAuth, saveAuthKey, loadAuthKeys,
 };