failproofai 0.0.9 → 0.0.10-beta.1

package/scripts/translate-docs/mdx-translator.ts

@@ -14,6 +14,59 @@ import type { TranslationResult, TranslationCache } from "./types";
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const DOCS_DIR = join(__dirname, "..", "..", "docs");
 
+/**
+ * Strip stray ASCII `"` that appear right after a JSX attribute's closing
+ * quote — e.g. `<Tab title="Tab „Richtlinien"">`. The translator sometimes
+ * wraps an inner phrase in language-specific typographic quotes (`„…"`,
+ * `「…」`, etc.) but uses an ASCII `"` for the closing instead of the
+ * proper U+201D, which terminates the attribute and leaves the real
+ * closing `"` as a stray character that breaks `mintlify validate`.
+ *
+ * Also drops unmatched typographic opening quotes inside the same attribute
+ * value so the rendered title doesn't end with a dangling `„` after we strip
+ * the extras.
+ */
+export function sanitizeJsxAttributes(content: string): string {
+  // Each pair must use an OPENER that is unambiguously an opener — i.e. the
+  // codepoint never serves as a CLOSER of a different pair. That's why we
+  // skip English curly “…” (U+201C/U+201D): U+201C is also the German
+  // closer, so processing English curly after German would strip the very
+  // German closer we just preserved.
+  const openings: Array<[string, string]> = [
+    ["„", "“"], // German „ … "
+    ["«", "»"], // French « … »
+    ["‹", "›"], // French single ‹ … ›
+    ["「", "」"], // Japanese 「 … 」
+    ["『", "』"], // Japanese 『 … 』
+  ];
+  return content.replace(
+    /([a-zA-Z_-]+=")([^"\n]*)"+(?=\s|\/|>)/g,
+    (match, prefix: string, value: string) => {
+      // If the original had exactly one closing " (i.e. no extras),
+      // leave it alone — the regex's `"+` would still match a single
+      // quote, so we need to re-check the match length to be safe.
+      const expectedMinLen = `${prefix}${value}"`.length;
+      if (match.length === expectedMinLen) return match;
+      let cleaned = value;
+      for (const [open, close] of openings) {
+        const opens = cleaned.split(open).length - 1;
+        const closes = cleaned.split(close).length - 1;
+        // Drop only the surplus unmatched openers, removing from the right.
+        // A value like `„Foo“ und „Bar` (one matched pair plus one stray
+        // opener) keeps the leading `„Foo“` intact and only the dangling
+        // `„Bar` opener gets stripped.
+        let surplus = opens - closes;
+        while (surplus-- > 0) {
+          const i = cleaned.lastIndexOf(open);
+          if (i < 0) break;
+          cleaned = cleaned.slice(0, i) + cleaned.slice(i + open.length);
+        }
+      }
+      return `${prefix}${cleaned}"`;
+    },
+  );
+}
+
 /**
  * Rewrite internal doc links to include the language prefix.
  * e.g. href="/built-in-policies" -> href="/es/built-in-policies"
@@ -94,8 +147,9 @@ export async function translateMdxPage(
     options.model,
   );
 
-  // Rewrite internal links
-  const withLinks = rewriteInternalLinks(translated, lang);
+  // Strip stray quote artifacts from JSX attribute values, then rewrite links
+  const sanitized = sanitizeJsxAttributes(translated);
+  const withLinks = rewriteInternalLinks(sanitized, lang);
 
   // Write output
   mkdirSync(dirname(outputPath), { recursive: true });

package/scripts/translate-docs/translator.ts

@@ -15,7 +15,7 @@ const SYSTEM_PROMPT = `You are a professional technical documentation translator
 ## Rules
 
 1. **Preserve all code blocks exactly as-is** — never translate content inside backtick-fenced code blocks (\`\`\`...\`\`\`) or inline code (\`...\`).
-2. **Preserve MDX component syntax** — tags like <Card>, <CardGroup>, <CodeGroup>, <Steps>, <Step>, <Note>, <Tip>, <Tabs>, <Tab>, <Warning> must remain unchanged. Their attribute names (title, icon, href, cols) must remain in English. Only translate the text content of the \`title\` attribute and the text body between tags.
+2. **Preserve MDX component syntax** — tags like <Card>, <CardGroup>, <CodeGroup>, <Steps>, <Step>, <Note>, <Tip>, <Tabs>, <Tab>, <Warning> must remain unchanged. Their attribute names (title, icon, href, cols) must remain in English. Only translate the text content of the \`title\` attribute and the text body between tags. **Never put an ASCII straight \`"\` inside a \`title="…"\` (or any JSX attribute value)** — it terminates the attribute and breaks MDX parsing. If the target language would normally wrap a word in quotation marks (e.g. German „…", Japanese 「…」), drop the inner quotes inside attribute values and rely on the surrounding tag for emphasis.
 3. **Preserve YAML frontmatter keys** — only translate the string values of \`title\` and \`description\`. Keep the \`icon\` value unchanged.
 4. **Preserve all URLs and paths** — never modify href values, image paths, or links.
 5. **Preserve Markdown structure** — headers (#, ##), lists (-, *), tables (|), bold (**), italic (*), links ([text](url)) must keep their Markdown formatting.

package/src/hooks/builtin-policies.ts

@@ -12,27 +12,71 @@ import { hookLogWarn } from "./hook-logger";
 
 /**
  * Whether `resolved` lives under an agent CLI's home directory
- * (~/.claude/ or ~/.codex/). Used to whitelist agent self-reads of their own
- * config and transcripts.
+ * (~/.claude/, ~/.codex/, ~/.copilot/, ~/.cursor/, ~/.pi/, ~/.gemini/, or any
+ * of OpenCode's three home-side dirs). Used to whitelist agent self-reads of
+ * their own config and transcripts.
+ *
+ * OpenCode splits its data across three locations (verified live on
+ * opencode v1.14.33 via `opencode debug paths`):
+ *   • ~/.config/opencode/   — config + plugins
+ *   • ~/.local/share/opencode/ — sessions, snapshots, opencode.db (SQLite)
+ *   • ~/.opencode/          — legacy fallback path
  */
 function isAgentInternalPath(resolved: string): boolean {
-  for (const dir of [".claude", ".codex"]) {
-    const root = join(homedir(), dir);
-    if (resolved === root || resolved.startsWith(root + "/")) return true;
+  // Normalize backslashes to forward slashes so the same `startsWith` check
+  // works on Windows. `resolve()` returns forward slashes on POSIX but
+  // backslashes on Windows; `join(homedir(), ...)` follows the same OS
+  // convention. Comparing both sides under a single forward-slash form
+  // avoids per-OS branching.
+  const normResolved = resolved.replaceAll("\\", "/");
+  for (const dir of [".claude", ".codex", ".copilot", ".cursor", ".opencode", ".pi", ".gemini"]) {
+    const root = join(homedir(), dir).replaceAll("\\", "/");
+    if (normResolved === root || normResolved.startsWith(root + "/")) return true;
+  }
+  for (const sub of [join(".config", "opencode"), join(".local", "share", "opencode")]) {
+    const root = join(homedir(), sub).replaceAll("\\", "/");
+    if (normResolved === root || normResolved.startsWith(root + "/")) return true;
   }
   return false;
 }
 
 /**
  * Whether `resolved` is a settings/hooks file for an agent CLI:
- *   • Claude Code: `.claude/settings.json`, `.claude/settings.local.json`, etc.
- *   • Codex: `.codex/hooks.json`
+ *   • Claude Code:  `.claude/settings.json`, `.claude/settings.local.json`, etc.
+ *   • Codex:        `.codex/hooks.json`
+ *   • Copilot CLI:  `.copilot/hooks/*.json`, `.github/hooks/*.json`
+ *   • Cursor Agent: `.cursor/hooks.json`
+ *   • OpenCode:     `.opencode/opencode.{json,jsonc}`,
+ *                   `.opencode/plugins/*.{mjs,js,ts}`,
+ *                   `~/.config/opencode/{opencode.json,opencode.jsonc,config.json}`,
+ *                   `~/.config/opencode/plugins/*.{mjs,js,ts}`
+ *   • Pi:           `.pi/settings.json` (project) and `.pi/agent/settings.json`
+ *                   (user); also the Pi-managed extension dir
+ *                   `.pi/extensions/` / `.pi/agent/extensions/`.
+ *   • Gemini CLI:   `.gemini/settings.json` (both project and user scope —
+ *                   user is `~/.gemini/settings.json`); also the Gemini-managed
+ *                   hooks scripts dir `.gemini/hooks/`.
  * These must NEVER be edited by the agent itself — that would let it disable
  * its own protections.
  */
 function isAgentSettingsFile(resolved: string): boolean {
   if (/[\\/]\.claude[\\/]settings(?:\.[^/\\]+)?\.json$/.test(resolved)) return true;
   if (/[\\/]\.codex[\\/]hooks\.json$/.test(resolved)) return true;
+  if (/[\\/]\.copilot[\\/]hooks[\\/][^/\\]+\.json$/.test(resolved)) return true;
+  if (/[\\/]\.github[\\/]hooks[\\/][^/\\]+\.json$/.test(resolved)) return true;
+  if (/[\\/]\.cursor[\\/]hooks\.json$/.test(resolved)) return true;
+  // OpenCode: project config + plugins, user config + plugins, legacy config.
+  if (/[\\/]\.opencode[\\/]opencode\.jsonc?$/.test(resolved)) return true;
+  if (/[\\/]\.opencode[\\/]plugins[\\/][^/\\]+\.(?:mjs|js|ts)$/.test(resolved)) return true;
+  if (/[\\/]\.config[\\/]opencode[\\/]opencode\.jsonc?$/.test(resolved)) return true;
+  if (/[\\/]\.config[\\/]opencode[\\/]config\.json$/.test(resolved)) return true;
+  if (/[\\/]\.config[\\/]opencode[\\/]plugins[\\/][^/\\]+\.(?:mjs|js|ts)$/.test(resolved)) return true;
+  // Pi: settings + extensions dirs (project and user-scope variants).
+  if (/[\\/]\.pi[\\/](?:agent[\\/])?settings\.json$/.test(resolved)) return true;
+  if (/[\\/]\.pi[\\/](?:agent[\\/])?extensions[\\/]/.test(resolved)) return true;
+  // Gemini: settings.json + hooks dir referenced by `command: $GEMINI_PROJECT_DIR/.gemini/hooks/...`.
+  if (/[\\/]\.gemini[\\/]settings\.json$/.test(resolved)) return true;
+  if (/[\\/]\.gemini[\\/]hooks[\\/]/.test(resolved)) return true;
   return false;
 }
 
@@ -735,7 +779,7 @@ function blockReadOutsideCwd(ctx: PolicyContext): PolicyResult {
     for (const p of paths) {
       const resolved = resolve(cwd, p);
       if (isClaudeSettingsFile(resolved)) {
-        return deny(`Reading Claude settings file blocked: ${resolved}`);
+        return deny(`Reading agent settings file blocked: ${resolved}`);
       }
       if (isClaudeInternalPath(resolved)) continue; // Whitelist ~/.claude/
       if (resolved === "/dev/null") continue; // Harmless special file
@@ -758,7 +802,7 @@ function blockReadOutsideCwd(ctx: PolicyContext): PolicyResult {
 
   // Block settings files in any .claude directory before whitelisting
   if (isClaudeSettingsFile(resolved)) {
-    return deny(`Reading Claude settings file blocked: ${resolved}`);
+    return deny(`Reading agent settings file blocked: ${resolved}`);
   }
 
   // Whitelist ~/.claude/ — Claude Code's own config, plans, memory, and settings
@@ -1365,17 +1409,44 @@ function requireCiGreenBeforeStop(ctx: PolicyContext): PolicyResult {
     const branch = getCurrentBranch(cwd);
     if (!branch || branch === "HEAD") return allow("Detached HEAD, skipping CI check.");
 
-    // 1. GitHub Actions workflow runs
+    // Resolve HEAD up front — the workflow-runs filter below uses it to
+    // ignore runs targeting prior commits on the same branch (otherwise a
+    // stale failure on commit X is still reported after the fix on Y lands).
+    // Third-party checks and commit statuses (queried by SHA below) already
+    // scope to HEAD via getThirdPartyCheckRuns / getCommitStatuses.
+    const sha = getHeadSha(cwd);
+
+    // 1. GitHub Actions workflow runs (filtered to current HEAD, deduped by name)
     let workflowRuns: CiCheck[] = [];
     try {
+      // --limit 20 (was 5): a busy branch can push the latest run for some
+      // workflow out of the top-5 window after the SHA filter. 20 covers
+      // ~4 commits worth of runs for a 5-workflow repo without being slow.
       const runsJson = execFileSync(
         "gh",
-        ["run", "list", "--branch", branch, "--limit", "5", "--json", "status,conclusion,name"],
+        ["run", "list", "--branch", branch, "--limit", "20", "--json", "status,conclusion,name,headSha"],
         { cwd, encoding: "utf8", stdio: ["pipe", "pipe", "pipe"], timeout: 15000 },
       ).trim();
 
       if (runsJson && runsJson !== "[]") {
-        workflowRuns = JSON.parse(runsJson) as CiCheck[];
+        const allWorkflowRuns = JSON.parse(runsJson) as Array<CiCheck & { headSha?: string }>;
+        // Filter to runs targeting the current HEAD commit only — not
+        // historical runs for prior commits on the same branch. When `sha`
+        // is unavailable (e.g. brand-new repo with no commits) fall back
+        // to the unfiltered list so the policy still has something to act on.
+        const headRuns = sha
+          ? allWorkflowRuns.filter((r) => r.headSha === sha)
+          : allWorkflowRuns;
+        // Dedupe by workflow name, keeping the first occurrence (gh run list
+        // returns newest-first). This handles GitHub's "Re-run all jobs" which
+        // creates a fresh run record with the same name + headSha — without
+        // dedupe the older failed record would still trip the deny.
+        const seen = new Set<string>();
+        workflowRuns = headRuns.filter((r) => {
+          if (seen.has(r.name)) return false;
+          seen.add(r.name);
+          return true;
+        });
       }
     } catch {
       // fail-open for workflow runs; continue to check third-party checks
@@ -1384,7 +1455,6 @@ function requireCiGreenBeforeStop(ctx: PolicyContext): PolicyResult {
     // 2. Third-party check runs (CodeRabbit, SonarCloud, Codecov, etc.)
     let thirdPartyChecks: CiCheck[] = [];
     let commitStatuses: CiCheck[] = [];
-    const sha = getHeadSha(cwd);
     if (sha) {
       thirdPartyChecks = getThirdPartyCheckRuns(cwd, sha);
       commitStatuses = getCommitStatuses(cwd, sha);
@@ -1879,7 +1949,7 @@ export const BUILTIN_POLICIES: BuiltinPolicyDefinition[] = [
   },
   {
     name: "require-ci-green-before-stop",
-    description: "Require CI checks to pass on the current branch before Claude stops",
+    description: "Require CI checks to pass on the current HEAD commit before Claude stops (ignores stale runs on prior commits)",
     fn: requireCiGreenBeforeStop,
     match: { events: ["Stop"] },
     defaultEnabled: false,

package/src/hooks/handler.ts

@@ -5,8 +5,16 @@
  * ~/.failproofai/policies-config.json, evaluates matching policies, persists
  * activity to disk, and returns the appropriate exit code + stdout response.
  */
-import type { HookEventType, IntegrationType, SessionMetadata, CodexHookEventType } from "./types";
-import { CODEX_EVENT_MAP } from "./types";
+import type {
+  HookEventType,
+  IntegrationType,
+  SessionMetadata,
+  CodexHookEventType,
+  CursorHookEventType,
+  PiHookEventType,
+  GeminiHookEventType,
+} from "./types";
+import { CODEX_EVENT_MAP, CURSOR_EVENT_MAP, PI_EVENT_MAP, GEMINI_EVENT_MAP, GEMINI_TOOL_MAP } from "./types";
 import type { PolicyFunction, PolicyResult } from "./policy-types";
 import { readMergedHooksConfig } from "./hooks-config";
 import { registerBuiltinPolicies } from "./builtin-policies";
@@ -22,18 +30,56 @@ import { hookLogInfo, hookLogWarn } from "./hook-logger";
 
 /**
  * Canonicalize an event name to PascalCase. Codex sends snake_case event names
- * on stdin and as the --hook arg; Claude Code sends PascalCase. The internal
- * registry, builtin policies, and policy.match.events all key on PascalCase.
+ * on stdin and as the --hook arg; Cursor sends camelCase (`preToolUse`,
+ * `beforeSubmitPrompt`); Pi sends underscore_lower_snake_case (`tool_call`,
+ * `session_start`); Claude Code sends PascalCase. Copilot CLI is installed
+ * in "VS Code compatible" PascalCase mode (see integrations.ts), so its events
+ * arrive PascalCase already. Gemini also sends PascalCase but with different
+ * names (`BeforeTool`, `BeforeAgent`, `AfterAgent`); we map via GEMINI_EVENT_MAP.
+ * The internal registry, builtin policies, and policy.match.events all key on
+ * PascalCase.
  */
 function canonicalizeEventType(raw: string, cli: IntegrationType): HookEventType {
   if (cli === "codex") {
     const mapped = CODEX_EVENT_MAP[raw as CodexHookEventType];
     if (mapped) return mapped;
   }
-  // Already PascalCase or unknown — pass through; HOOK_EVENT_TYPES type-checks downstream.
+  if (cli === "cursor") {
+    const mapped = CURSOR_EVENT_MAP[raw as CursorHookEventType];
+    if (mapped) return mapped;
+  }
+  if (cli === "pi") {
+    const mapped = PI_EVENT_MAP[raw as PiHookEventType];
+    if (mapped) return mapped;
+  }
+  if (cli === "gemini") {
+    const mapped = GEMINI_EVENT_MAP[raw as GeminiHookEventType];
+    if (mapped) return mapped;
+  }
+  // claude / copilot / unknown — already PascalCase, pass through.
+  // HOOK_EVENT_TYPES type-checks downstream.
   return raw as HookEventType;
 }
 
+/**
+ * Canonicalize a per-CLI tool name to the Claude PascalCase form that builtin
+ * policies match on (e.g. `Bash`, `Read`, `Write`, `Edit`). Today only Gemini
+ * needs this — its tools are snake_case (`run_shell_command`, `read_file`,
+ * `write_file`, `replace`, …). Other CLIs pass through unchanged: Claude /
+ * Codex / Copilot already use PascalCase, and Cursor / Pi pre-canonicalize
+ * inside their own plugin shims before the payload reaches this binary.
+ *
+ * Unknown tool names (MCP `mcp_*`, third-party extensions, Skills) pass
+ * through unchanged so non-builtin tooling isn't lost.
+ */
+function canonicalizeToolName(raw: string | undefined, cli: IntegrationType): string | undefined {
+  if (!raw) return raw;
+  if (cli === "gemini") {
+    return GEMINI_TOOL_MAP[raw] ?? raw;
+  }
+  return raw;
+}
+
 export async function handleHookEvent(
   eventType: string,
   cli: IntegrationType = "claude",
@@ -79,6 +125,17 @@ export async function handleHookEvent(
   // Canonicalize event name (Codex sends snake_case; internals expect PascalCase)
   const canonicalEventType = canonicalizeEventType(eventType, cli);
 
+  // Canonicalize tool name in place so both the policy-registry tool-name
+  // filter and policy bodies (`ctx.toolName === "Bash"`) see the canonical
+  // form. Today only Gemini's snake_case names need translation; other CLIs
+  // are no-ops here. Mutating `parsed.tool_name` keeps the activity store +
+  // telemetry tagging consistent (they read from `parsed.tool_name`).
+  const rawToolName = parsed.tool_name as string | undefined;
+  const canonicalToolName = canonicalizeToolName(rawToolName, cli);
+  if (canonicalToolName !== rawToolName) {
+    parsed.tool_name = canonicalToolName;
+  }
+
   // Extract session metadata from payload
   const sessionId = parsed.session_id as string | undefined;
   const session: SessionMetadata = {
@@ -87,6 +144,11 @@ export async function handleHookEvent(
     cwd: parsed.cwd as string | undefined,
     permissionMode: resolvePermissionMode(cli, parsed, sessionId),
     hookEventName: parsed.hook_event_name as string | undefined,
+    // Preserve the raw CLI-side event name (eventType arg) before
+    // canonicalization. Response shapes that round-trip the agent-emitted
+    // event name (e.g. Gemini's `hookSpecificOutput.hookEventName`) prefer
+    // this over the canonicalized form when stdin omits hook_event_name.
+    rawHookEventName: eventType,
     cli,
   };
 

package/src/hooks/install-prompt.ts

@@ -30,8 +30,13 @@ export interface PromptOptions {
   includeBeta?: boolean;
 }
 
+/** Whether the prompt is being shown for an install or an uninstall flow.
+ *  Drives heading + hint text so `policies --uninstall` no longer says
+ *  "Install Hooks". */
+export type CliPromptAction = "install" | "uninstall";
+
 /**
- * Resolve which agent CLIs to install hooks for.
+ * Resolve which agent CLIs to install/uninstall hooks for.
  *
  * Rules:
  *   • If `explicit` is provided (from `--cli`), use it as-is.
@@ -42,14 +47,26 @@ export interface PromptOptions {
  *
  * Returns the selected IntegrationType[] (always non-empty).
  */
-export async function resolveTargetClis(explicit?: IntegrationType[]): Promise<IntegrationType[]> {
+export async function resolveTargetClis(
+  explicit?: IntegrationType[],
+  action: CliPromptAction = "install",
+): Promise<IntegrationType[]> {
   if (explicit && explicit.length > 0) return [...new Set(explicit)];
 
   const detected = detectInstalledClis();
 
   if (detected.length === 0) {
+    if (action === "uninstall") {
+      // Uninstall flow: no agent CLIs detected — nothing to remove from. Default to
+      // claude so removeHooks operates over Claude's scopes (no-op if no settings file).
+      console.log(
+        "\x1B[33mWarning: no agent CLI binary found in PATH (claude, codex, copilot, cursor-agent, opencode, pi, gemini). " +
+          "Defaulting to Claude Code; nothing will be removed if no settings file exists.\x1B[0m",
+      );
+      return ["claude"];
+    }
     console.log(
-      "\x1B[33mWarning: no agent CLI binary found in PATH (claude, codex). " +
+      "\x1B[33mWarning: no agent CLI binary found in PATH (claude, codex, copilot, cursor-agent, opencode, pi, gemini). " +
         "Defaulting to Claude Code; hooks will activate when an agent is installed.\x1B[0m",
     );
     return ["claude"];
@@ -57,26 +74,29 @@ export async function resolveTargetClis(explicit?: IntegrationType[]): Promise<I
 
   if (detected.length === 1) {
     const integration = getIntegration(detected[0]);
-    console.log(`Detected ${integration.displayName}; installing hooks for it.`);
+    const verb = action === "uninstall" ? "removing hooks from" : "installing hooks for";
+    console.log(`Detected ${integration.displayName}; ${verb} it.`);
     return detected;
   }
 
   // Multiple detected. Prompt or default.
-  if (!process.stdin.isTTY) return detected; // non-interactive: install for all detected
+  if (!process.stdin.isTTY) return detected; // non-interactive: install/remove for all detected
 
-  return promptCliTargetSelection(detected);
+  return promptCliTargetSelection(detected, action);
 }
 
 /**
- * Interactive arrow-key single-select for "install for which CLI?" when
+ * Interactive arrow-key single-select for "install/remove for which CLI?" when
  * multiple agent CLIs are detected. Visual style mirrors promptPolicySelection.
  */
 async function promptCliTargetSelection(
   detected: IntegrationType[],
+  action: CliPromptAction = "install",
 ): Promise<IntegrationType[]> {
   const labels = detected.map((id) => getIntegration(id).displayName).join(" + ");
+  const allLabel = detected.length > 2 ? "All" : "Both";
   const options: Array<{ label: string; description: string; value: IntegrationType[] }> = [
-    { label: "Both", description: labels, value: detected },
+    { label: allLabel, description: labels, value: detected },
     ...detected.map((id) => ({
       label: `${getIntegration(id).displayName} only`,
       description: "",
@@ -122,14 +142,17 @@ async function promptCliTargetSelection(
     return result;
   }
 
+  const heading = action === "uninstall" ? "Remove Hooks" : "Install Hooks";
+  const verb = action === "uninstall" ? "remove from" : "install";
+
   function render(): void {
     const cols = process.stdout.columns || 120;
     hideCursor();
 
     const lines: string[] = [];
-    lines.push("  Failproof AI — Install Hooks");
+    lines.push(`  Failproof AI — ${heading}`);
     lines.push("");
-    lines.push(`  \x1B[2mDetected ${labels}. Choose where to install:\x1B[0m`);
+    lines.push(`  \x1B[2mDetected ${labels}. Choose where to ${verb}:\x1B[0m`);
     lines.push("");
 
     for (let i = 0; i < options.length; i++) {