edsger 0.56.2 → 0.57.0

package/dist/api/chat.js

@@ -2,6 +2,7 @@
  * MCP client wrappers for chat operations.
  * Used by the chat-worker subprocess to interact with chat channels and messages.
  */
+import { getSupabase, hasSupabaseSession } from '../supabase/client.js';
 import { logError, logInfo } from '../utils/logger.js';
 import { callMcpEndpoint } from './mcp-client.js';
 // ============================================================
@@ -23,6 +24,32 @@ export async function listChannels(channelType, channelRefId, verbose) {
     if (verbose) {
         logInfo(`Listing channels: type=${channelType || 'all'}`);
     }
+    if (hasSupabaseSession()) {
+        try {
+            // RLS (chat_channels_select_policy) already filters to channels the
+            // user is a member of — no extra membership join needed.
+            let query = getSupabase().from('chat_channels').select('*');
+            if (channelType) {
+                query = query.eq('channel_type', channelType);
+            }
+            if (channelRefId) {
+                query = query.eq('channel_ref_id', channelRefId);
+            }
+            const { data, error } = await query.order('created_at', {
+                ascending: false,
+            });
+            if (error) {
+                throw new Error(error.message);
+            }
+            return (data || []);
+        }
+        catch (sdkError) {
+            if (verbose) {
+                logError(`Direct chat_channels SELECT failed, falling back to MCP: ${sdkError instanceof Error ? sdkError.message : String(sdkError)}`);
+            }
+            // Fall through to MCP path
+        }
+    }
     const result = (await callMcpEndpoint('chat/channels/list', {
         channel_type: channelType,
         channel_ref_id: channelRefId,
@@ -103,11 +130,37 @@ export async function claimPendingMessages(channelId, workerId, options = {}, ve
     if (verbose) {
         logInfo(`Claiming pending messages for channel ${channelId} (worker: ${workerId})`);
     }
+    const limit = options.limit || 10;
+    const staleSeconds = options.staleTimeoutSeconds || 300;
+    if (hasSupabaseSession()) {
+        try {
+            // The JWT-callable RPC enforces `user_is_chat_channel_member(auth.uid(),
+            // channel_id)` internally. It uses FOR UPDATE SKIP LOCKED so concurrent
+            // workers never claim the same message.
+            const { data, error } = await getSupabase().rpc('claim_pending_chat_messages_jwt', {
+                p_channel_id: channelId,
+                p_worker_id: workerId,
+                p_limit: limit,
+                // Postgres `interval` accepts the canonical 'N seconds' format.
+                p_stale_timeout: `${staleSeconds} seconds`,
+            });
+            if (error) {
+                throw new Error(error.message);
+            }
+            return (data || []);
+        }
+        catch (sdkError) {
+            if (verbose) {
+                logError(`Direct chat claim failed, falling back to MCP: ${sdkError instanceof Error ? sdkError.message : String(sdkError)}`);
+            }
+            // Fall through to MCP path
+        }
+    }
     const result = (await callMcpEndpoint('chat/messages/claim', {
         channel_id: channelId,
         worker_id: workerId,
-        limit: options.limit || 10,
-        stale_timeout_seconds: options.staleTimeoutSeconds || 300,
+        limit,
+        stale_timeout_seconds: staleSeconds,
     }));
     return result.messages || [];
 }

package/dist/api/cross-product.d.ts

@@ -21,6 +21,13 @@ export interface IssueWithProduct extends IssueInfo {
 export declare function listProducts(verbose?: boolean): Promise<ProductSummary[]>;
 /**
  * List all ready_for_ai issues across all products
- * Iterates through all accessible products and collects their issues
+ *
+ * Direct-SDK path: a single `issues` SELECT joining `products` for the name.
+ * RLS on `issues` already filters to products the user has access to, so the
+ * old "fetch products, then fetch issues per product" N+1 dance is gone — one
+ * round trip total.
+ *
+ * MCP fallback (no Supabase session): keeps the previous N+1 behaviour so
+ * legacy CLIs still work until the desktop-app rolls out.
  */
 export declare function listAllReadyIssues(verbose?: boolean): Promise<IssueWithProduct[]>;

package/dist/api/cross-product.js

@@ -5,6 +5,7 @@
  * processes issues from all products the user has access to,
  * not just a single product.
  */
+import { getSupabase, hasSupabaseSession } from '../supabase/client.js';
 import { logError, logInfo } from '../utils/logger.js';
 import { callMcpEndpoint } from './mcp-client.js';
 /**
@@ -29,12 +30,54 @@ export async function listProducts(verbose) {
 }
 /**
  * List all ready_for_ai issues across all products
- * Iterates through all accessible products and collects their issues
+ *
+ * Direct-SDK path: a single `issues` SELECT joining `products` for the name.
+ * RLS on `issues` already filters to products the user has access to, so the
+ * old "fetch products, then fetch issues per product" N+1 dance is gone — one
+ * round trip total.
+ *
+ * MCP fallback (no Supabase session): keeps the previous N+1 behaviour so
+ * legacy CLIs still work until the desktop-app rolls out.
  */
 export async function listAllReadyIssues(verbose) {
     if (verbose) {
         logInfo('Fetching ready_for_ai issues across all products...');
     }
+    if (hasSupabaseSession()) {
+        try {
+            const { data, error } = await getSupabase()
+                .from('issues')
+                .select('*, product:products!inner(id, name)')
+                .eq('status', 'ready_for_ai')
+                .order('updated_at', { ascending: true });
+            if (error) {
+                throw new Error(error.message);
+            }
+            const allIssues = (data || []).map((row) => {
+                // The `product` join lands as a nested object; lift its name onto
+                // the row to keep the wire shape stable.
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any -- shape from PostgREST join
+                const r = row;
+                return {
+                    ...r,
+                    product_name: r.product?.name ?? undefined,
+                };
+            });
+            if (verbose) {
+                logInfo(`Found ${allIssues.length} ready_for_ai issue(s) across products`);
+                allIssues.forEach((f, i) => {
+                    logInfo(`  ${i + 1}. [${f.product_name}] ${f.name}`);
+                });
+            }
+            return allIssues;
+        }
+        catch (sdkError) {
+            if (verbose) {
+                logError(`Direct issues SELECT failed, falling back to MCP: ${sdkError instanceof Error ? sdkError.message : String(sdkError)}`);
+            }
+            // Fall through to MCP path below
+        }
+    }
     try {
         // First, get all products
         const products = await listProducts(verbose);

package/dist/api/intelligence.js

@@ -1,3 +1,4 @@
+import { getSupabase, hasSupabaseSession } from '../supabase/client.js';
 import { logError, logInfo } from '../utils/logger.js';
 import { callMcpEndpoint } from './mcp-client.js';
 // =============================================================================
@@ -71,6 +72,23 @@ export async function updateCompetitor(competitorId, updates, verbose) {
         logInfo(`Updating competitor: ${competitorId}`);
     }
     try {
+        if (hasSupabaseSession()) {
+            try {
+                const { data, error } = await getSupabase()
+                    .from('product_competitors')
+                    .update(updates)
+                    .eq('id', competitorId)
+                    .select()
+                    .single();
+                if (error) {
+                    throw new Error(error.message);
+                }
+                return data ?? null;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
         const result = await callMcpEndpoint('intelligence/competitors/update', {
             competitor_id: competitorId,
             ...updates,
@@ -87,6 +105,21 @@ export async function deleteCompetitor(competitorId, verbose) {
         logInfo(`Deleting competitor: ${competitorId}`);
     }
     try {
+        if (hasSupabaseSession()) {
+            try {
+                const { error } = await getSupabase()
+                    .from('product_competitors')
+                    .delete()
+                    .eq('id', competitorId);
+                if (error) {
+                    throw new Error(error.message);
+                }
+                return true;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
         await callMcpEndpoint('intelligence/competitors/delete', {
             competitor_id: competitorId,
         });
@@ -105,6 +138,29 @@ export async function getSnapshots(opts, verbose) {
         logInfo(`Fetching snapshots`);
     }
     try {
+        if (hasSupabaseSession()) {
+            try {
+                let query = getSupabase().from('competitor_snapshots').select('*');
+                if (opts.competitorId) {
+                    query = query.eq('competitor_id', opts.competitorId);
+                }
+                if (opts.productId) {
+                    query = query.eq('product_id', opts.productId);
+                }
+                query = query.order('created_at', { ascending: false });
+                if (opts.limit) {
+                    query = query.limit(opts.limit);
+                }
+                const { data, error } = await query;
+                if (error) {
+                    throw new Error(error.message);
+                }
+                return (data || []);
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
         const result = await callMcpEndpoint('intelligence/snapshots/list', {
             competitor_id: opts.competitorId,
             product_id: opts.productId,
@@ -140,6 +196,32 @@ export async function getReports(productId, opts, verbose) {
         logInfo(`Fetching intelligence reports for product: ${productId}`);
     }
     try {
+        if (hasSupabaseSession()) {
+            try {
+                let query = getSupabase()
+                    .from('intelligence_reports')
+                    .select('*')
+                    .eq('product_id', productId);
+                if (opts?.reportType) {
+                    query = query.eq('report_type', opts.reportType);
+                }
+                if (opts?.status) {
+                    query = query.eq('status', opts.status);
+                }
+                query = query.order('created_at', { ascending: false });
+                if (opts?.limit) {
+                    query = query.limit(opts.limit);
+                }
+                const { data, error } = await query;
+                if (error) {
+                    throw new Error(error.message);
+                }
+                return (data || []);
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
         const result = await callMcpEndpoint('intelligence/reports/list', {
             product_id: productId,
             report_type: opts?.reportType,
@@ -160,6 +242,22 @@ export async function getReport(reportId, verbose) {
         logInfo(`Fetching report: ${reportId}`);
     }
     try {
+        if (hasSupabaseSession()) {
+            try {
+                const { data, error } = await getSupabase()
+                    .from('intelligence_reports')
+                    .select('*')
+                    .eq('id', reportId)
+                    .maybeSingle();
+                if (error) {
+                    throw new Error(error.message);
+                }
+                return data ?? null;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
         const result = await callMcpEndpoint('intelligence/reports/get', {
             report_id: reportId,
         });

package/dist/api/issues/get-issue.js

@@ -1,3 +1,4 @@
+import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
 import { logInfo } from '../../utils/logger.js';
 import { callMcpEndpoint } from '../mcp-client.js';
 /**
@@ -7,6 +8,31 @@ export async function getIssue(issueId, verbose) {
     if (verbose) {
         logInfo(`Fetching issue details for: ${issueId}`);
     }
+    if (hasSupabaseSession()) {
+        try {
+            const { data, error } = await getSupabase()
+                .from('issues')
+                .select('*')
+                .eq('id', issueId)
+                .maybeSingle();
+            if (error) {
+                throw new Error(error.message);
+            }
+            if (!data) {
+                throw new Error(`Issue not found: ${issueId}`);
+            }
+            return data;
+        }
+        catch (sdkErr) {
+            // Surface "not found" immediately so callers don't double-fetch via
+            // MCP for an issue that genuinely doesn't exist.
+            if (sdkErr instanceof Error &&
+                sdkErr.message === `Issue not found: ${issueId}`) {
+                throw sdkErr;
+            }
+            // Other errors fall through to MCP
+        }
+    }
     const result = (await callMcpEndpoint('issues/get', {
         issue_id: issueId,
     }));

package/dist/api/issues/issue-utils.js

@@ -1,3 +1,5 @@
+import { getUserId } from '../../auth/auth-store.js';
+import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
 import { logError, logInfo } from '../../utils/logger.js';
 import { callMcpEndpoint } from '../mcp-client.js';
 /**
@@ -17,6 +19,56 @@ export async function claimNextIssue(productId, verbose) {
             ? `Attempting to claim next ready_for_ai issue for product: ${productId}`
             : 'Attempting to claim next ready_for_ai issue across all products');
     }
+    // Direct-SDK path: call the existing claim_next_ready_issue RPC. The RPC is
+    // SECURITY INVOKER and gates access by `developer_id = p_worker_id`, so the
+    // user JWT is honoured naturally.
+    const userId = getUserId();
+    if (hasSupabaseSession() && userId) {
+        try {
+            const { data, error } = await getSupabase().rpc('claim_next_ready_issue', {
+                p_worker_id: userId,
+                p_product_id: productId ?? null,
+            });
+            if (error) {
+                throw new Error(error.message);
+            }
+            const row = Array.isArray(data) ? data[0] : data;
+            if (!row) {
+                if (verbose) {
+                    logInfo('No issues available for processing');
+                }
+                return null;
+            }
+            // RPC returns rows with `issue_*` prefixed column names — unwrap to
+            // the IssueInfo shape callers already consume.
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any -- raw RPC row
+            const r = row;
+            const issue = {
+                id: r.issue_id,
+                name: r.issue_name,
+                description: r.issue_description,
+                technical_design: r.issue_technical_design,
+                status: r.issue_status,
+                execution_mode: r.issue_execution_mode,
+                workflow: r.issue_workflow,
+                product_id: r.issue_product_id,
+                created_at: r.issue_created_at,
+                updated_at: r.issue_updated_at,
+                autonomous_hours: r.issue_autonomous_hours,
+                execution_plan: r.issue_execution_plan,
+            };
+            if (verbose) {
+                logInfo(`✅ Claimed issue: ${issue.name} (${issue.id})`);
+            }
+            return issue;
+        }
+        catch (sdkError) {
+            if (verbose) {
+                logError(`Direct issues/claim failed, falling back to MCP: ${sdkError instanceof Error ? sdkError.message : String(sdkError)}`);
+            }
+            // Fall through to MCP path
+        }
+    }
     try {
         const result = (await callMcpEndpoint('issues/claim', productId ? { product_id: productId } : {}));
         if (result.issue) {

package/dist/api/issues/test-cases.js

@@ -1,3 +1,4 @@
+import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
 import { logError, logInfo } from '../../utils/logger.js';
 import { callMcpEndpoint } from '../mcp-client.js';
 /**
@@ -7,6 +8,22 @@ export async function getTestCases(issueId, verbose) {
     if (verbose) {
         logInfo(`Fetching test cases for issue: ${issueId}`);
     }
+    if (hasSupabaseSession()) {
+        try {
+            const { data, error } = await getSupabase()
+                .from('test_cases')
+                .select('*')
+                .eq('issue_id', issueId)
+                .order('created_at', { ascending: true });
+            if (error) {
+                throw new Error(error.message);
+            }
+            return (data || []);
+        }
+        catch {
+            // Fall through to MCP
+        }
+    }
     const result = (await callMcpEndpoint('test_cases/list', {
         issue_id: issueId,
     }));
@@ -20,16 +37,38 @@ export async function createTestCase(issueId, testCase, verbose) {
         if (verbose) {
             logInfo(`Creating test case for issue: ${issueId}`);
         }
-        await callMcpEndpoint('test_cases/create', {
-            issue_id: issueId,
-            test_cases: [
-                {
+        let usedSdk = false;
+        if (hasSupabaseSession()) {
+            try {
+                const { error } = await getSupabase()
+                    .from('test_cases')
+                    .insert({
+                    issue_id: issueId,
                     name: testCase.name,
                     description: testCase.description,
                     is_critical: testCase.is_critical || false,
-                },
-            ],
-        });
+                });
+                if (error) {
+                    throw new Error(error.message);
+                }
+                usedSdk = true;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
+        if (!usedSdk) {
+            await callMcpEndpoint('test_cases/create', {
+                issue_id: issueId,
+                test_cases: [
+                    {
+                        name: testCase.name,
+                        description: testCase.description,
+                        is_critical: testCase.is_critical || false,
+                    },
+                ],
+            });
+        }
         if (verbose) {
             logInfo('✅ Test case created successfully');
         }
@@ -71,9 +110,27 @@ export async function deleteTestCase(testCaseId, verbose) {
         if (verbose) {
             logInfo(`Deleting test case: ${testCaseId}`);
         }
-        await callMcpEndpoint('test_cases/delete', {
-            test_case_id: testCaseId,
-        });
+        let usedSdk = false;
+        if (hasSupabaseSession()) {
+            try {
+                const { error } = await getSupabase()
+                    .from('test_cases')
+                    .delete()
+                    .eq('id', testCaseId);
+                if (error) {
+                    throw new Error(error.message);
+                }
+                usedSdk = true;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
+        if (!usedSdk) {
+            await callMcpEndpoint('test_cases/delete', {
+                test_case_id: testCaseId,
+            });
+        }
         if (verbose) {
             logInfo('✅ Test case deleted successfully');
         }
@@ -93,10 +150,28 @@ export async function updateTestCaseStatus(testCaseId, status, verbose) {
         if (verbose) {
             logInfo(`Updating test case ${testCaseId} status to: ${status}`);
         }
-        await callMcpEndpoint('test_cases/update_status', {
-            test_case_id: testCaseId,
-            status,
-        });
+        let usedSdk = false;
+        if (hasSupabaseSession()) {
+            try {
+                const { error } = await getSupabase()
+                    .from('test_cases')
+                    .update({ status })
+                    .eq('id', testCaseId);
+                if (error) {
+                    throw new Error(error.message);
+                }
+                usedSdk = true;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
+        if (!usedSdk) {
+            await callMcpEndpoint('test_cases/update_status', {
+                test_case_id: testCaseId,
+                status,
+            });
+        }
         if (verbose) {
             logInfo('✅ Test case status updated successfully');
         }

package/dist/api/issues/update-issue.js

@@ -1,3 +1,4 @@
+import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
 import { logError, logInfo } from '../../utils/logger.js';
 import { callMcpEndpoint } from '../mcp-client.js';
 /**
@@ -8,10 +9,28 @@ export async function updateIssue(issueId, updates, verbose) {
         if (verbose) {
             logInfo(`Updating issue: ${issueId}`);
         }
-        await callMcpEndpoint('issues/update', {
-            issue_id: issueId,
-            ...updates,
-        });
+        let usedSdk = false;
+        if (hasSupabaseSession()) {
+            try {
+                const { error } = await getSupabase()
+                    .from('issues')
+                    .update(updates)
+                    .eq('id', issueId);
+                if (error) {
+                    throw new Error(error.message);
+                }
+                usedSdk = true;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
+        if (!usedSdk) {
+            await callMcpEndpoint('issues/update', {
+                issue_id: issueId,
+                ...updates,
+            });
+        }
         if (verbose) {
             logInfo('✅ Issue updated successfully');
         }
@@ -55,10 +74,29 @@ export async function markWorkflowPhaseCompleted(issueId, phaseName, verbose) {
             logInfo(`Marking workflow phase '${normalizedPhaseName}' as completed for issue: ${issueId}`);
         }
         // Fetch current issue to get workflow
-        const response = (await callMcpEndpoint('issues/get', {
-            issue_id: issueId,
-        }));
-        const issue = response?.issues?.[0];
+        let issue = null;
+        if (hasSupabaseSession()) {
+            try {
+                const { data, error } = await getSupabase()
+                    .from('issues')
+                    .select('workflow')
+                    .eq('id', issueId)
+                    .maybeSingle();
+                if (error) {
+                    throw new Error(error.message);
+                }
+                issue = data;
+            }
+            catch {
+                // Fall through to MCP
+            }
+        }
+        if (issue == null) {
+            const response = (await callMcpEndpoint('issues/get', {
+                issue_id: issueId,
+            }));
+            issue = response?.issues?.[0] || null;
+        }
         if (!issue) {
             logError(`Issue not found: ${issueId}`);
             return false;