edsger 0.72.6 → 0.74.0

package/dist/api/intelligence-normalize.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Report payload normalization for the direct-SDK write path.
+ *
+ * The LLM that produces intelligence reports sometimes returns structured
+ * arrays (`key_findings`, `recommendations`, …) as bare strings, or as objects
+ * keyed under synonyms (`description` instead of `finding`, `recommendation`
+ * instead of `action`, …). We canonicalize before writing so every reader — the
+ * desktop UI especially — can rely on the shape declared in the migration.
+ *
+ * This mirrors the normalizer in the MCP edge handler
+ * (`supabase/functions/mcp/handlers/intelligence.ts`). The two can't share a
+ * single module because the edge function runs on Deno (zod v3, URL imports)
+ * while this runs on Node — keep them in sync if either changes.
+ */
+/**
+ * Normalize every structured array field present in the payload. Fields that
+ * are `undefined` are left untouched so partial updates don't overwrite stored
+ * values with empty arrays.
+ */
+export declare function normalizeReportArrays<T extends Record<string, unknown>>(payload: T): T;
+/**
+ * Coerce an LLM-supplied value to a finite number, or null. Handles numbers,
+ * numeric strings, and null/garbage uniformly.
+ */
+export declare function toNumberOrNull(value: unknown): number | null;

package/dist/api/intelligence-normalize.js

@@ -0,0 +1,103 @@
+/**
+ * Report payload normalization for the direct-SDK write path.
+ *
+ * The LLM that produces intelligence reports sometimes returns structured
+ * arrays (`key_findings`, `recommendations`, …) as bare strings, or as objects
+ * keyed under synonyms (`description` instead of `finding`, `recommendation`
+ * instead of `action`, …). We canonicalize before writing so every reader — the
+ * desktop UI especially — can rely on the shape declared in the migration.
+ *
+ * This mirrors the normalizer in the MCP edge handler
+ * (`supabase/functions/mcp/handlers/intelligence.ts`). The two can't share a
+ * single module because the edge function runs on Deno (zod v3, URL imports)
+ * while this runs on Node — keep them in sync if either changes.
+ */
+const NORMALIZE_SPECS = {
+    key_findings: {
+        primary: 'finding',
+        aliases: ['description', 'insight', 'text', 'title'],
+        defaults: { severity: 'fyi', category: '' },
+    },
+    recommendations: {
+        primary: 'action',
+        aliases: ['recommendation', 'description', 'text', 'title'],
+        defaults: { priority: 'medium', effort: '', impact: '', rationale: '' },
+    },
+    competitor_highlights: {
+        primary: 'highlight',
+        aliases: ['description', 'text', 'title'],
+        defaults: { competitor_name: '', sentiment: 'neutral' },
+    },
+    market_signals: {
+        primary: 'signal',
+        aliases: ['description', 'text', 'title'],
+        defaults: { source: '', relevance: '', url: '' },
+    },
+    trends: {
+        primary: 'trend',
+        aliases: ['description', 'text', 'title'],
+        defaults: { direction: '', evidence: '' },
+    },
+};
+function normalizeItem(item, spec) {
+    if (typeof item === 'string') {
+        return { [spec.primary]: item, ...spec.defaults };
+    }
+    if (!item || typeof item !== 'object') {
+        return { [spec.primary]: '', ...spec.defaults };
+    }
+    const obj = { ...item };
+    if (typeof obj[spec.primary] !== 'string' || !obj[spec.primary]) {
+        for (const alias of spec.aliases) {
+            const v = obj[alias];
+            if (typeof v === 'string' && v.trim().length > 0) {
+                obj[spec.primary] = v;
+                break;
+            }
+        }
+        if (typeof obj[spec.primary] !== 'string') {
+            obj[spec.primary] = '';
+        }
+    }
+    for (const [key, fallback] of Object.entries(spec.defaults)) {
+        if (obj[key] === undefined || obj[key] === null) {
+            obj[key] = fallback;
+        }
+    }
+    return obj;
+}
+function normalizeArray(value, spec) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.map((item) => normalizeItem(item, spec));
+}
+/**
+ * Normalize every structured array field present in the payload. Fields that
+ * are `undefined` are left untouched so partial updates don't overwrite stored
+ * values with empty arrays.
+ */
+export function normalizeReportArrays(payload) {
+    const result = { ...payload };
+    for (const [field, spec] of Object.entries(NORMALIZE_SPECS)) {
+        if (result[field] !== undefined) {
+            ;
+            result[field] = normalizeArray(result[field], spec);
+        }
+    }
+    return result;
+}
+/**
+ * Coerce an LLM-supplied value to a finite number, or null. Handles numbers,
+ * numeric strings, and null/garbage uniformly.
+ */
+export function toNumberOrNull(value) {
+    if (typeof value === 'number') {
+        return Number.isFinite(value) ? value : null;
+    }
+    if (typeof value === 'string' && value.trim() !== '') {
+        const n = Number(value);
+        return Number.isFinite(n) ? n : null;
+    }
+    return null;
+}

package/dist/api/intelligence.js

@@ -1,5 +1,6 @@
-import { getSupabase, hasSupabaseSession } from '../supabase/client.js';
+import { ensureSupabaseSession, getSupabase, hasSupabaseSession, } from '../supabase/client.js';
 import { logError, logInfo } from '../utils/logger.js';
+import { normalizeReportArrays, toNumberOrNull, } from './intelligence-normalize.js';
 import { callMcpEndpoint } from './mcp-client.js';
 // =============================================================================
 // MCP response helper
@@ -180,8 +181,41 @@ export async function saveSnapshot(snapshot, verbose) {
         logInfo(`Saving snapshot for competitor: ${snapshot.competitor_id}`);
     }
     try {
-        const result = await callMcpEndpoint('intelligence/snapshots/save', snapshot);
-        return parseMcpResponse(result, null);
+        // Direct SDK write under the user's RLS session — no MCP fallback.
+        // Await the synced session first so the insert carries the user JWT
+        // (otherwise it races out as `anon` and trips RLS).
+        const ready = await ensureSupabaseSession();
+        if (!ready) {
+            logError('Failed to save snapshot: no Supabase session (sign in to the desktop app)');
+            return null;
+        }
+        const source = ['ai_analysis', 'manual', 'scheduled'].includes(snapshot.source)
+            ? snapshot.source
+            : 'ai_analysis';
+        const { data, error } = await getSupabase()
+            .from('competitor_snapshots')
+            .insert({
+            competitor_id: snapshot.competitor_id,
+            product_id: snapshot.product_id,
+            issues: snapshot.issues ?? [],
+            pricing: snapshot.pricing ?? {},
+            tech_stack: snapshot.tech_stack ?? [],
+            app_rating: toNumberOrNull(snapshot.app_rating),
+            app_review_count: toNumberOrNull(snapshot.app_review_count),
+            app_version: snapshot.app_version ?? null,
+            app_last_updated: snapshot.app_last_updated ?? null,
+            recent_reviews: snapshot.recent_reviews ?? [],
+            social_mentions: snapshot.social_mentions ?? {},
+            changes_detected: snapshot.changes_detected ?? [],
+            source,
+            raw_data: snapshot.raw_data ?? null,
+        })
+            .select()
+            .single();
+        if (error) {
+            throw new Error(error.message);
+        }
+        return data ?? null;
     }
     catch (error) {
         logError(`Failed to save snapshot: ${error instanceof Error ? error.message : String(error)}`);
@@ -273,8 +307,54 @@ export async function saveReport(report, verbose) {
         logInfo(`Saving intelligence report: ${report.title}`);
     }
     try {
-        const result = await callMcpEndpoint('intelligence/reports/save', report);
-        return parseMcpResponse(result, null);
+        // Direct SDK write — no MCP fallback. intelligence_reports.created_by is
+        // NOT NULL and RLS checks `created_by = auth.uid()`, so we resolve the
+        // user from the synced session and canonicalize the LLM arrays first.
+        const ready = await ensureSupabaseSession();
+        if (!ready) {
+            logError('Failed to save report: no Supabase session (sign in to the desktop app)');
+            return null;
+        }
+        const { data: sessionData } = await getSupabase().auth.getSession();
+        const userId = sessionData.session?.user?.id;
+        if (!userId) {
+            logError('Failed to save report: could not resolve user from session');
+            return null;
+        }
+        const normalized = normalizeReportArrays({
+            key_findings: report.key_findings ?? [],
+            recommendations: report.recommendations ?? [],
+            competitor_highlights: report.competitor_highlights ?? [],
+            market_signals: report.market_signals ?? [],
+            trends: report.trends ?? [],
+        });
+        const { data, error } = await getSupabase()
+            .from('intelligence_reports')
+            .insert({
+            product_id: report.product_id,
+            report_type: report.report_type,
+            title: report.title,
+            summary: report.summary ?? null,
+            full_report: report.full_report ?? null,
+            key_findings: normalized.key_findings,
+            recommendations: normalized.recommendations,
+            competitor_highlights: normalized.competitor_highlights,
+            market_signals: normalized.market_signals,
+            trends: normalized.trends,
+            persona_updates: report.persona_updates ?? null,
+            pmf_score: toNumberOrNull(report.pmf_score),
+            pmf_signals: report.pmf_signals ?? null,
+            guidance: report.guidance ?? null,
+            status: report.status ?? 'completed',
+            snapshot_ids: report.snapshot_ids ?? [],
+            created_by: userId,
+        })
+            .select()
+            .single();
+        if (error) {
+            throw new Error(error.message);
+        }
+        return data ?? null;
     }
     catch (error) {
         logError(`Failed to save report: ${error instanceof Error ? error.message : String(error)}`);
@@ -286,11 +366,34 @@ export async function updateReport(reportId, updates, verbose) {
         logInfo(`Updating report: ${reportId}`);
     }
     try {
-        const result = await callMcpEndpoint('intelligence/reports/update', {
-            report_id: reportId,
-            ...updates,
-        });
-        return parseMcpResponse(result, null);
+        // Direct SDK write — no MCP fallback.
+        const ready = await ensureSupabaseSession();
+        if (!ready) {
+            logError('Failed to update report: no Supabase session (sign in to the desktop app)');
+            return null;
+        }
+        // Only send keys the caller provided so a partial update doesn't clobber
+        // stored columns. Numeric/array fields are coerced/canonicalized.
+        const payload = {};
+        for (const [key, value] of Object.entries(updates)) {
+            if (value !== undefined) {
+                payload[key] = value;
+            }
+        }
+        if ('pmf_score' in payload) {
+            payload.pmf_score = toNumberOrNull(payload.pmf_score);
+        }
+        const normalized = normalizeReportArrays(payload);
+        const { data, error } = await getSupabase()
+            .from('intelligence_reports')
+            .update(normalized)
+            .eq('id', reportId)
+            .select()
+            .single();
+        if (error) {
+            throw new Error(error.message);
+        }
+        return data ?? null;
     }
     catch (error) {
         logError(`Failed to update report: ${error instanceof Error ? error.message : String(error)}`);

package/dist/commands/features/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * CLI command: edsger features <productId> --scan-id <id>
+ *
+ * Clones every repository linked to the product, asks Claude to catalogue
+ * the user-facing features it delivers, and persists them via the
+ * product_features table. The desktop UI creates a pending feature_scans
+ * row first then invokes the CLI with --scan-id; the CLI flips status
+ * running → success/failed and writes features via the MCP toolkit.
+ */
+export interface FeaturesCliOptions {
+    scanId: string;
+    guidance?: string;
+    verbose?: boolean;
+}
+export declare function runFeatures(productId: string, options: FeaturesCliOptions): Promise<void>;

package/dist/commands/features/index.js

@@ -0,0 +1,34 @@
+/**
+ * CLI command: edsger features <productId> --scan-id <id>
+ *
+ * Clones every repository linked to the product, asks Claude to catalogue
+ * the user-facing features it delivers, and persists them via the
+ * product_features table. The desktop UI creates a pending feature_scans
+ * row first then invokes the CLI with --scan-id; the CLI flips status
+ * running → success/failed and writes features via the MCP toolkit.
+ */
+import { runFeaturesPhase } from '../../phases/features/index.js';
+import { logError, logInfo, logSuccess } from '../../utils/logger.js';
+export async function runFeatures(productId, options) {
+    const { scanId, guidance, verbose } = options;
+    if (!productId) {
+        throw new Error('A product ID is required for features');
+    }
+    if (!scanId) {
+        throw new Error('--scan-id is required (the pending feature_scans row id)');
+    }
+    logInfo(`Starting features scan for product ${productId}`);
+    const result = await runFeaturesPhase({
+        productId,
+        scanId,
+        guidance,
+        verbose,
+    });
+    if (result.status === 'success') {
+        logSuccess(result.message);
+    }
+    else {
+        logError(result.message);
+        process.exit(1);
+    }
+}

package/dist/commands/pr-resolve/index.d.ts

@@ -5,7 +5,9 @@
 export interface PRResolveCliOptions {
     prUrl: string;
     prId?: string;
+    /** Repo-only mode: resolve GitHub config from a repositories row. */
+    repoId?: string;
     verbose?: boolean;
     learn?: boolean;
 }
-export declare function runPRResolve(productId: string, options: PRResolveCliOptions): Promise<void>;
+export declare function runPRResolve(productId: string | undefined, options: PRResolveCliOptions): Promise<void>;

package/dist/commands/pr-resolve/index.js

@@ -2,31 +2,36 @@
  * CLI command: edsger pr-resolve <productId> --pr-url <url>
  * Resolves PR change requests: fixes what's genuinely better, explains what it won't change.
  */
-import { getGitHubConfigByProduct } from '../../api/github.js';
+import { getGitHubConfigByProduct, getGitHubConfigByRepository, } from '../../api/github.js';
 import { resolveStandalonePR } from '../../phases/pr-resolve/index.js';
 import { logError, logInfo, logSuccess } from '../../utils/logger.js';
 export async function runPRResolve(productId, options) {
-    const { prUrl, prId, verbose } = options;
-    logInfo(`Starting PR resolve for product ${productId}`);
+    const { prUrl, prId, repoId, verbose } = options;
+    const scopeLabel = repoId ? `repository ${repoId}` : `product ${productId}`;
+    logInfo(`Starting PR resolve for ${scopeLabel}`);
     logInfo(`PR URL: ${prUrl}`);
-    // Get GitHub config via product developer settings
-    const githubConfig = await getGitHubConfigByProduct(productId, verbose);
+    // Resolve GitHub config from the repository (repo-only mode) or the product.
+    const githubConfig = repoId
+        ? await getGitHubConfigByRepository(repoId, verbose)
+        : await getGitHubConfigByProduct(productId ?? '', verbose);
     if (!githubConfig.configured ||
         !githubConfig.token ||
         !githubConfig.owner ||
         !githubConfig.repo) {
-        logError(`GitHub not configured for product ${productId}: ${githubConfig.message || 'No installation found'}`);
+        logError(`GitHub not configured for ${scopeLabel}: ${githubConfig.message || 'No installation found'}`);
         process.exit(1);
     }
     const result = await resolveStandalonePR({
         productId,
+        repositoryId: repoId,
         pullRequestUrl: prUrl,
         githubToken: githubConfig.token,
         owner: githubConfig.owner,
         repo: githubConfig.repo,
         prId,
         verbose,
-        learn: options.learn,
+        // Checklist learning is product-scoped; skip it in repo-only mode.
+        learn: repoId ? false : options.learn,
     });
     if (result.status === 'success') {
         logSuccess(`PR resolve completed: ${result.message}`);

package/dist/commands/pr-review/index.d.ts

@@ -5,6 +5,8 @@
 export interface PRReviewCliOptions {
     prUrl: string;
     prId?: string;
+    /** Repo-only mode: resolve GitHub config from a repositories row. */
+    repoId?: string;
     verbose?: boolean;
 }
-export declare function runPRReview(productId: string, options: PRReviewCliOptions): Promise<void>;
+export declare function runPRReview(productId: string | undefined, options: PRReviewCliOptions): Promise<void>;

package/dist/commands/pr-review/index.js

@@ -2,24 +2,28 @@
  * CLI command: edsger pr-review <productId> --pr-url <url>
  * Reviews a standalone GitHub PR and posts comments.
  */
-import { getGitHubConfigByProduct } from '../../api/github.js';
+import { getGitHubConfigByProduct, getGitHubConfigByRepository, } from '../../api/github.js';
 import { reviewStandalonePR } from '../../phases/pr-review/index.js';
 import { logError, logInfo, logSuccess } from '../../utils/logger.js';
 export async function runPRReview(productId, options) {
-    const { prUrl, prId, verbose } = options;
-    logInfo(`Starting PR review for product ${productId}`);
+    const { prUrl, prId, repoId, verbose } = options;
+    const scopeLabel = repoId ? `repository ${repoId}` : `product ${productId}`;
+    logInfo(`Starting PR review for ${scopeLabel}`);
     logInfo(`PR URL: ${prUrl}`);
-    // Get GitHub config via product developer settings
-    const githubConfig = await getGitHubConfigByProduct(productId, verbose);
+    // Resolve GitHub config from the repository (repo-only mode) or the product.
+    const githubConfig = repoId
+        ? await getGitHubConfigByRepository(repoId, verbose)
+        : await getGitHubConfigByProduct(productId ?? '', verbose);
     if (!githubConfig.configured ||
         !githubConfig.token ||
         !githubConfig.owner ||
         !githubConfig.repo) {
-        logError(`GitHub not configured for product ${productId}: ${githubConfig.message || 'No installation found'}`);
+        logError(`GitHub not configured for ${scopeLabel}: ${githubConfig.message || 'No installation found'}`);
         process.exit(1);
     }
     const result = await reviewStandalonePR({
         productId,
+        repositoryId: repoId,
         pullRequestUrl: prUrl,
         githubToken: githubConfig.token,
         owner: githubConfig.owner,

package/dist/commands/sync-github-pull-requests/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * CLI command: `edsger sync-github-pull-requests <repoId>`
+ *
+ * Mirrors a connected GitHub repo's pull requests into the local
+ * `pull_requests` table (scoped by repository_id) for the repo detail page.
+ * Idempotent — already-synced PRs are refreshed, never duplicated.
+ */
+export interface SyncGithubPullRequestsCliOptions {
+    verbose?: boolean;
+}
+export declare function runSyncGithubPullRequests(repositoryId: string, options?: SyncGithubPullRequestsCliOptions): Promise<void>;

package/dist/commands/sync-github-pull-requests/index.js

@@ -0,0 +1,42 @@
+/**
+ * CLI command: `edsger sync-github-pull-requests <repoId>`
+ *
+ * Mirrors a connected GitHub repo's pull requests into the local
+ * `pull_requests` table (scoped by repository_id) for the repo detail page.
+ * Idempotent — already-synced PRs are refreshed, never duplicated.
+ */
+import { getGitHubConfigByRepository } from '../../api/github.js';
+import { syncGithubPullRequests } from '../../phases/sync-github-pull-requests/index.js';
+import { logError, logInfo, logSuccess } from '../../utils/logger.js';
+export async function runSyncGithubPullRequests(repositoryId, options = {}) {
+    const { verbose } = options;
+    logInfo(`Starting GitHub pull request sync for repository ${repositoryId}`);
+    const githubConfig = await getGitHubConfigByRepository(repositoryId, verbose);
+    if (!githubConfig.configured ||
+        !githubConfig.token ||
+        !githubConfig.owner ||
+        !githubConfig.repo) {
+        logError(`GitHub not configured for repository ${repositoryId}: ${githubConfig.message || 'No installation found'}`);
+        process.exit(1);
+    }
+    const result = await syncGithubPullRequests({
+        repositoryId,
+        githubToken: githubConfig.token,
+        owner: githubConfig.owner,
+        repo: githubConfig.repo,
+        verbose,
+    });
+    if (result.status === 'success') {
+        logSuccess(`GitHub PR sync completed: ${result.message}`);
+        if (result.repository) {
+            logInfo(`Repository: ${result.repository}`);
+        }
+        if (result.fetchedCount !== undefined) {
+            logInfo(`Fetched ${result.fetchedCount} · created ${result.createdCount ?? 0} · updated ${result.updatedCount ?? 0}`);
+        }
+    }
+    else {
+        logError(`GitHub PR sync failed: ${result.message}`);
+        process.exit(1);
+    }
+}

package/dist/index.js

@@ -19,6 +19,7 @@ import { runConfigGet, runConfigList, runConfigSet, runConfigUnset, } from './co
 import { runDataFlow } from './commands/data-flow/index.js';
 import { runDiscover } from './commands/discover/index.js';
 import { runErDiagram } from './commands/er-diagram/index.js';
+import { runFeatures } from './commands/features/index.js';
 import { runFinancingDeck } from './commands/financing-deck/index.js';
 import { runFindArchitecture } from './commands/find-architecture/index.js';
 import { runFindBugs } from './commands/find-bugs/index.js';
@@ -46,6 +47,7 @@ import { runStateDiagram } from './commands/state-diagram/index.js';
 import { runSyncAws } from './commands/sync-aws/index.js';
 import { runSyncDatadog } from './commands/sync-datadog/index.js';
 import { runSyncGithubIssues } from './commands/sync-github-issues/index.js';
+import { runSyncGithubPullRequests } from './commands/sync-github-pull-requests/index.js';
 import { runSyncOrgRepos } from './commands/sync-org-repos/index.js';
 import { runSyncSentryIssues } from './commands/sync-sentry-issues/index.js';
 import { runSyncTerraform } from './commands/sync-terraform/index.js';
@@ -763,13 +765,17 @@ program
 // Subcommand: edsger pr-review <productId>
 // ============================================================
 program
-    .command('pr-review <productId>')
-    .description('AI-review a GitHub PR for a product')
+    .command('pr-review [productId]')
+    .description('AI-review a GitHub PR for a product (or standalone repository)')
     .requiredOption('--pr-url <url>', 'GitHub PR URL')
     .option('--pr-id <id>', 'Pull request record ID in database')
+    .option('--repo-id <id>', 'Run in repo-only mode against a single repositories row (no product context)')
     .option('-v, --verbose', 'Verbose output')
     .action(async (productId, opts) => {
     try {
+        if (!productId && !opts.repoId) {
+            throw new Error('Provide a productId or --repo-id (repo-only mode) for pr-review');
+        }
         await runPRReview(productId, opts);
     }
     catch (error) {
@@ -842,6 +848,21 @@ program
     }
 });
 // ============================================================
+// Subcommand: edsger sync-github-pull-requests <repoId>
+// ============================================================
+program
+    .command('sync-github-pull-requests <repoId>')
+    .description("Mirror a connected GitHub repo's pull requests into the local pull_requests list for the repo detail page (idempotent — refreshes, never duplicates)")
+    .option('-v, --verbose', 'Verbose output')
+    .action(async (repoId, opts) => {
+    try {
+        await runSyncGithubPullRequests(repoId, opts);
+    }
+    catch (error) {
+        exitWithError(error);
+    }
+});
+// ============================================================
 // Subcommand: edsger sync-org-repos <teamId>
 // ============================================================
 program
@@ -1081,17 +1102,42 @@ program
     }
 });
 // ============================================================
+// Subcommand: edsger features <productId>
+// ============================================================
+program
+    .command('features <productId>')
+    .description('Scan every repository linked to a product for the user-facing features it delivers and persist them via the product_features table. Manually defined features are enriched, never rewritten. Writes against the pending feature_scans row identified by --scan-id.')
+    .requiredOption('--scan-id <id>', 'Pending feature_scans row id to drive (created by the desktop UI before invocation)')
+    .option('-g, --guidance <text>', 'Human direction for the AI (focus areas, exclusions)')
+    .option('-v, --verbose', 'Verbose output')
+    .action(async (productId, opts) => {
+    try {
+        await runFeatures(productId, {
+            scanId: opts.scanId,
+            guidance: opts.guidance,
+            verbose: opts.verbose,
+        });
+    }
+    catch (error) {
+        exitWithError(error);
+    }
+});
+// ============================================================
 // Subcommand: edsger pr-resolve <productId>
 // ============================================================
 program
-    .command('pr-resolve <productId>')
-    .description('AI-resolve change requests on a GitHub PR')
+    .command('pr-resolve [productId]')
+    .description('AI-resolve change requests on a GitHub PR for a product (or standalone repository)')
     .requiredOption('--pr-url <url>', 'GitHub PR URL')
     .option('--pr-id <id>', 'Pull request record ID in database')
+    .option('--repo-id <id>', 'Run in repo-only mode against a single repositories row (no product context)')
     .option('--no-learn', 'Skip checklist learning after resolve')
     .option('-v, --verbose', 'Verbose output')
     .action(async (productId, opts) => {
     try {
+        if (!productId && !opts.repoId) {
+            throw new Error('Provide a productId or --repo-id (repo-only mode) for pr-resolve');
+        }
         await runPRResolve(productId, opts);
     }
     catch (error) {

package/dist/phases/features/index.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Features phase: clone EVERY repository linked to the product
+ * (product_repositories), ask Claude to catalogue the user-facing features
+ * the product delivers, and persist them via the product_features table.
+ *
+ * Multi-repo: unlike recipes (single primary repo), features are discovered
+ * across the whole product. Repo resolution + cloning is shared with the
+ * diagram phases (cloneDiagramRepos): each repo is cloned into its own
+ * subdirectory of a per-product parent dir, and the agent runs in the
+ * parent so it can explore all of them in one pass.
+ *
+ * Production-grade behaviours layered on top of the basic agent loop
+ * (mirrors the recipes phase):
+ *
+ *   - Heartbeat: `last_heartbeat_at` on the feature_scans row is refreshed
+ *     on every assistant message so the reader can detect stalled / crashed
+ *     runs (see desktop-app/.../services/db/feature-scans.ts for the lazy
+ *     reaper).
+ *   - Cancellation-safe writes: markRunning / markSuccess / markFailed only
+ *     touch rows whose status is in {pending, running}. If the user clicked
+ *     Stop and the row is now 'cancelled', the final write no-ops.
+ *   - Per-call MCP writes: agent commits each create / update / remove as
+ *     it goes. There is no "submit at the end" buffer — partial progress
+ *     survives even if the agent later errors out.
+ */
+import type { SupabaseClient } from '@supabase/supabase-js';
+import { type ClonedRepo } from '../diagram-shared/clone-repos.js';
+import type { FeatureSummary } from './types.js';
+export interface FeaturesPhaseOptions {
+    productId: string;
+    scanId: string;
+    guidance?: string;
+    verbose?: boolean;
+}
+export interface FeaturesPhaseResult {
+    status: 'success' | 'error' | 'cancelled';
+    message: string;
+    counts?: {
+        created: number;
+        updated: number;
+        removed: number;
+    };
+}
+/**
+ * Repo-scope note for the agent's user prompt. Unlike the diagram phases'
+ * describeRepoScope (which asks for one unified flow), this tells the agent
+ * the exact full names it may use in the `repos` field of each feature.
+ */
+export declare function describeFeatureRepoScope(repos: ClonedRepo[]): string;
+export declare function runFeaturesPhase(options: FeaturesPhaseOptions): Promise<FeaturesPhaseResult>;
+export declare function listProductRepositoryIds(supabase: SupabaseClient, productId: string): Promise<string[]>;
+export declare function getScanCreator(supabase: SupabaseClient, scanId: string): Promise<{
+    created_by: string;
+} | null>;
+export declare function listProductFeatures(supabase: SupabaseClient, productId: string): Promise<FeatureSummary[]>;
+/**
+ * Claim the row by flipping `pending` → `running`. Returns true on success
+ * (we won the claim) and false when the row has already moved on (e.g. user
+ * cancelled before the CLI started). Bounded by the status filter so we
+ * can't accidentally resurrect a 'cancelled' row.
+ */
+export declare function markRunning(supabase: SupabaseClient, scanId: string): Promise<boolean>;
+export declare function heartbeat(supabase: SupabaseClient, scanId: string): Promise<void>;
+export declare function markFailed(supabase: SupabaseClient, scanId: string, errorMessage: string): Promise<boolean>;
+export declare function markSuccess(supabase: SupabaseClient, scanId: string): Promise<boolean>;