npm - flowcat - Versions diffs - 1.6.3 → 1.7.0 - Mend

flowcat 1.6.3 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/core/config.ts CHANGED Viewed

@@ -1,8 +1,10 @@
-import { access, mkdir } from "node:fs/promises";
+import { access, mkdir, readFile } from "node:fs/promises";
 import { homedir } from "node:os";
 import path from "node:path";
-import { APP_NAME } from "./constants";
+import { parse as parseEnv } from "dotenv";
+import { APP_NAME, ENV_FILE } from "./constants";
 import { readJsonFile, writeJsonAtomic } from "./json";
 export type PluginEntry = {
@@ -91,7 +93,33 @@ export const resolveAutoCommitEnabled = async (workspaceRoot: string): Promise<b
   return globalConfig.autoCommit ?? false;
 };
+export const resolveWorkspaceEnvPath = (workspaceRoot: string): string => {
+  return path.join(workspaceRoot, ENV_FILE);
+};
+export const resolveGlobalEnvPath = (): string => {
+  const configHome = process.env.XDG_CONFIG_HOME ?? path.join(homedir(), ".config");
+  return path.join(configHome, APP_NAME, ENV_FILE);
+};
+/**
+ * Read and parse an env file, returning empty object if file doesn't exist
+ */
+export const readEnvFile = async (filePath: string): Promise<Record<string, string>> => {
+  if (!(await configFileExists(filePath))) {
+    return {};
+  }
+  try {
+    const content = await readFile(filePath, "utf8");
+    return parseEnv(content);
+  } catch {
+    return {};
+  }
+};
 export const resolveGithubToken = async (workspaceRoot: string): Promise<string | null> => {
+  // 1. Check environment variables first
   if (process.env.FLOWCAT_GITHUB_TOKEN) {
     return process.env.FLOWCAT_GITHUB_TOKEN;
   }
@@ -100,6 +128,19 @@ export const resolveGithubToken = async (workspaceRoot: string): Promise<string
     return process.env.IL_GITHUB_TOKEN;
   }
+  // 2. Check workspace .env file
+  const workspaceEnv = await readEnvFile(resolveWorkspaceEnvPath(workspaceRoot));
+  if (workspaceEnv.GITHUB_TOKEN) {
+    return workspaceEnv.GITHUB_TOKEN;
+  }
+  // 3. Check global .env file
+  const globalEnv = await readEnvFile(resolveGlobalEnvPath());
+  if (globalEnv.GITHUB_TOKEN) {
+    return globalEnv.GITHUB_TOKEN;
+  }
+  // 4. Fallback to config.json (for backwards compatibility)
   const workspaceConfig = await readConfigFile(resolveWorkspaceConfigPath(workspaceRoot));
   if (workspaceConfig.github?.token) {
     return workspaceConfig.github.token;

package/core/constants.ts CHANGED Viewed

@@ -4,5 +4,6 @@ export const LOCK_DIR = ".lock";
 export const LOCK_FILE = "store.lock";
 export const TASKS_DIR = "tasks";
 export const PLUGINS_DIR = "plugins";
+export const ENV_FILE = ".env";
 export const STATUS_ORDER = ["backlog", "active", "paused", "completed", "cancelled"] as const;

package/core/gitignore.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import path from "node:path";
 import { APP_DIR } from "./constants";
-const ignoredEntries = [`${APP_DIR}/.lock/`, `${APP_DIR}/config.json`];
+const ignoredEntries = [`${APP_DIR}/.lock/`];
 export const ensureWorkspaceIgnored = async (repoRoot: string): Promise<boolean> => {
   const gitignorePath = path.join(repoRoot, ".gitignore");

package/core/workspace.ts CHANGED Viewed

@@ -1,9 +1,9 @@
-import { access, mkdir } from "node:fs/promises";
+import { access, mkdir, writeFile } from "node:fs/promises";
 import { homedir } from "node:os";
 import path from "node:path";
 import { configFileExists, resolveGlobalConfigPath, resolveWorkspaceConfigPath } from "./config";
-import { APP_DIR, APP_NAME, LOCK_DIR, PLUGINS_DIR, STATUS_ORDER, TASKS_DIR } from "./constants";
+import { APP_DIR, APP_NAME, ENV_FILE, LOCK_DIR, PLUGINS_DIR, STATUS_ORDER, TASKS_DIR } from "./constants";
 import { writeJsonAtomic } from "./json";
 export type WorkspaceKind = "explicit" | "global" | "repo";
@@ -106,22 +106,24 @@ export const ensureWorkspaceLayout = async (workspaceRoot: string): Promise<void
     ),
   );
-  // Create plugins/package.json if it doesn't exist
-  await ensurePluginsPackageJson(workspaceRoot);
+  // Create package.json for TypeScript plugin development
+  await ensureWorkspacePackageJson(workspaceRoot);
+  // Create .gitignore for workspace-local files
+  await ensureWorkspaceGitignore(workspaceRoot);
 };
 /**
- * Ensure plugins directory has a package.json for TypeScript plugin development
+ * Ensure workspace has a package.json for TypeScript plugin development
  */
-export const ensurePluginsPackageJson = async (workspaceRoot: string): Promise<void> => {
-  const packageJsonPath = path.join(workspaceRoot, PLUGINS_DIR, "package.json");
+export const ensureWorkspacePackageJson = async (workspaceRoot: string): Promise<void> => {
+  const packageJsonPath = path.join(workspaceRoot, "package.json");
   if (await exists(packageJsonPath)) {
     return;
   }
   const packageJson = {
-    name: "flowcat-plugins",
+    name: "flowcat-workspace",
     type: "module",
     private: true,
     dependencies: {
@@ -131,3 +133,21 @@ export const ensurePluginsPackageJson = async (workspaceRoot: string): Promise<v
   await writeJsonAtomic(packageJsonPath, packageJson);
 };
+/**
+ * Ensure workspace has a .gitignore for local files that shouldn't be committed
+ */
+export const ensureWorkspaceGitignore = async (workspaceRoot: string): Promise<void> => {
+  const gitignorePath = path.join(workspaceRoot, ".gitignore");
+  if (await exists(gitignorePath)) {
+    return;
+  }
+  const gitignoreContent = `# Flowcat workspace local files
+${ENV_FILE}
+${LOCK_DIR}/
+`;
+  await writeFile(gitignorePath, gitignoreContent, "utf8");
+};

package/dist/fcat.mjs CHANGED Viewed

@@ -27642,6 +27642,401 @@ var init_chunk_fcedq94e = __esm(async () => {
   import_react_devtools_core.default.connectToDevTools();
 });
+// ../../node_modules/.bun/dotenv@17.2.3/node_modules/dotenv/package.json
+var require_package = __commonJS((exports, module2) => {
+  module2.exports = {
+    name: "dotenv",
+    version: "17.2.3",
+    description: "Loads environment variables from .env file",
+    main: "lib/main.js",
+    types: "lib/main.d.ts",
+    exports: {
+      ".": {
+        types: "./lib/main.d.ts",
+        require: "./lib/main.js",
+        default: "./lib/main.js"
+      },
+      "./config": "./config.js",
+      "./config.js": "./config.js",
+      "./lib/env-options": "./lib/env-options.js",
+      "./lib/env-options.js": "./lib/env-options.js",
+      "./lib/cli-options": "./lib/cli-options.js",
+      "./lib/cli-options.js": "./lib/cli-options.js",
+      "./package.json": "./package.json"
+    },
+    scripts: {
+      "dts-check": "tsc --project tests/types/tsconfig.json",
+      lint: "standard",
+      pretest: "npm run lint && npm run dts-check",
+      test: "tap run tests/**/*.js --allow-empty-coverage --disable-coverage --timeout=60000",
+      "test:coverage": "tap run tests/**/*.js --show-full-coverage --timeout=60000 --coverage-report=text --coverage-report=lcov",
+      prerelease: "npm test",
+      release: "standard-version"
+    },
+    repository: {
+      type: "git",
+      url: "git://github.com/motdotla/dotenv.git"
+    },
+    homepage: "https://github.com/motdotla/dotenv#readme",
+    funding: "https://dotenvx.com",
+    keywords: [
+      "dotenv",
+      "env",
+      ".env",
+      "environment",
+      "variables",
+      "config",
+      "settings"
+    ],
+    readmeFilename: "README.md",
+    license: "BSD-2-Clause",
+    devDependencies: {
+      "@types/node": "^18.11.3",
+      decache: "^4.6.2",
+      sinon: "^14.0.1",
+      standard: "^17.0.0",
+      "standard-version": "^9.5.0",
+      tap: "^19.2.0",
+      typescript: "^4.8.4"
+    },
+    engines: {
+      node: ">=12"
+    },
+    browser: {
+      fs: false
+    }
+  };
+});
+// ../../node_modules/.bun/dotenv@17.2.3/node_modules/dotenv/lib/main.js
+var require_main = __commonJS((exports, module2) => {
+  var fs2 = __require("fs");
+  var path2 = __require("path");
+  var os2 = __require("os");
+  var crypto = __require("crypto");
+  var packageJson = require_package();
+  var version = packageJson.version;
+  var TIPS = [
+    "\uD83D\uDD10 encrypt with Dotenvx: https://dotenvx.com",
+    "\uD83D\uDD10 prevent committing .env to code: https://dotenvx.com/precommit",
+    "\uD83D\uDD10 prevent building .env in docker: https://dotenvx.com/prebuild",
+    "\uD83D\uDCE1 add observability to secrets: https://dotenvx.com/ops",
+    "\uD83D\uDC65 sync secrets across teammates & machines: https://dotenvx.com/ops",
+    "\uD83D\uDDC2\uFE0F backup and recover secrets: https://dotenvx.com/ops",
+    "\u2705 audit secrets and track compliance: https://dotenvx.com/ops",
+    "\uD83D\uDD04 add secrets lifecycle management: https://dotenvx.com/ops",
+    "\uD83D\uDD11 add access controls to secrets: https://dotenvx.com/ops",
+    "\uD83D\uDEE0\uFE0F  run anywhere with `dotenvx run -- yourcommand`",
+    "\u2699\uFE0F  specify custom .env file path with { path: '/custom/path/.env' }",
+    "\u2699\uFE0F  enable debug logging with { debug: true }",
+    "\u2699\uFE0F  override existing env vars with { override: true }",
+    "\u2699\uFE0F  suppress all logs with { quiet: true }",
+    "\u2699\uFE0F  write to custom object with { processEnv: myObject }",
+    "\u2699\uFE0F  load multiple .env files with { path: ['.env.local', '.env'] }"
+  ];
+  function _getRandomTip() {
+    return TIPS[Math.floor(Math.random() * TIPS.length)];
+  }
+  function parseBoolean(value) {
+    if (typeof value === "string") {
+      return !["false", "0", "no", "off", ""].includes(value.toLowerCase());
+    }
+    return Boolean(value);
+  }
+  function supportsAnsi() {
+    return process.stdout.isTTY;
+  }
+  function dim2(text) {
+    return supportsAnsi() ? `\x1B[2m${text}\x1B[0m` : text;
+  }
+  var LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg;
+  function parse2(src) {
+    const obj = {};
+    let lines = src.toString();
+    lines = lines.replace(/\r\n?/mg, `
+`);
+    let match;
+    while ((match = LINE.exec(lines)) != null) {
+      const key = match[1];
+      let value = match[2] || "";
+      value = value.trim();
+      const maybeQuote = value[0];
+      value = value.replace(/^(['"`])([\s\S]*)\1$/mg, "$2");
+      if (maybeQuote === '"') {
+        value = value.replace(/\\n/g, `
+`);
+        value = value.replace(/\\r/g, "\r");
+      }
+      obj[key] = value;
+    }
+    return obj;
+  }
+  function _parseVault(options) {
+    options = options || {};
+    const vaultPath = _vaultPath(options);
+    options.path = vaultPath;
+    const result = DotenvModule.configDotenv(options);
+    if (!result.parsed) {
+      const err = new Error(`MISSING_DATA: Cannot parse ${vaultPath} for an unknown reason`);
+      err.code = "MISSING_DATA";
+      throw err;
+    }
+    const keys = _dotenvKey(options).split(",");
+    const length = keys.length;
+    let decrypted;
+    for (let i = 0;i < length; i++) {
+      try {
+        const key = keys[i].trim();
+        const attrs = _instructions(result, key);
+        decrypted = DotenvModule.decrypt(attrs.ciphertext, attrs.key);
+        break;
+      } catch (error) {
+        if (i + 1 >= length) {
+          throw error;
+        }
+      }
+    }
+    return DotenvModule.parse(decrypted);
+  }
+  function _warn(message) {
+    console.error(`[dotenv@${version}][WARN] ${message}`);
+  }
+  function _debug(message) {
+    console.log(`[dotenv@${version}][DEBUG] ${message}`);
+  }
+  function _log(message) {
+    console.log(`[dotenv@${version}] ${message}`);
+  }
+  function _dotenvKey(options) {
+    if (options && options.DOTENV_KEY && options.DOTENV_KEY.length > 0) {
+      return options.DOTENV_KEY;
+    }
+    if (process.env.DOTENV_KEY && process.env.DOTENV_KEY.length > 0) {
+      return process.env.DOTENV_KEY;
+    }
+    return "";
+  }
+  function _instructions(result, dotenvKey) {
+    let uri;
+    try {
+      uri = new URL(dotenvKey);
+    } catch (error) {
+      if (error.code === "ERR_INVALID_URL") {
+        const err = new Error("INVALID_DOTENV_KEY: Wrong format. Must be in valid uri format like dotenv://:key_1234@dotenvx.com/vault/.env.vault?environment=development");
+        err.code = "INVALID_DOTENV_KEY";
+        throw err;
+      }
+      throw error;
+    }
+    const key = uri.password;
+    if (!key) {
+      const err = new Error("INVALID_DOTENV_KEY: Missing key part");
+      err.code = "INVALID_DOTENV_KEY";
+      throw err;
+    }
+    const environment = uri.searchParams.get("environment");
+    if (!environment) {
+      const err = new Error("INVALID_DOTENV_KEY: Missing environment part");
+      err.code = "INVALID_DOTENV_KEY";
+      throw err;
+    }
+    const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`;
+    const ciphertext = result.parsed[environmentKey];
+    if (!ciphertext) {
+      const err = new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: Cannot locate environment ${environmentKey} in your .env.vault file.`);
+      err.code = "NOT_FOUND_DOTENV_ENVIRONMENT";
+      throw err;
+    }
+    return { ciphertext, key };
+  }
+  function _vaultPath(options) {
+    let possibleVaultPath = null;
+    if (options && options.path && options.path.length > 0) {
+      if (Array.isArray(options.path)) {
+        for (const filepath of options.path) {
+          if (fs2.existsSync(filepath)) {
+            possibleVaultPath = filepath.endsWith(".vault") ? filepath : `${filepath}.vault`;
+          }
+        }
+      } else {
+        possibleVaultPath = options.path.endsWith(".vault") ? options.path : `${options.path}.vault`;
+      }
+    } else {
+      possibleVaultPath = path2.resolve(process.cwd(), ".env.vault");
+    }
+    if (fs2.existsSync(possibleVaultPath)) {
+      return possibleVaultPath;
+    }
+    return null;
+  }
+  function _resolveHome(envPath) {
+    return envPath[0] === "~" ? path2.join(os2.homedir(), envPath.slice(1)) : envPath;
+  }
+  function _configVault(options) {
+    const debug = parseBoolean(process.env.DOTENV_CONFIG_DEBUG || options && options.debug);
+    const quiet = parseBoolean(process.env.DOTENV_CONFIG_QUIET || options && options.quiet);
+    if (debug || !quiet) {
+      _log("Loading env from encrypted .env.vault");
+    }
+    const parsed = DotenvModule._parseVault(options);
+    let processEnv = process.env;
+    if (options && options.processEnv != null) {
+      processEnv = options.processEnv;
+    }
+    DotenvModule.populate(processEnv, parsed, options);
+    return { parsed };
+  }
+  function configDotenv(options) {
+    const dotenvPath = path2.resolve(process.cwd(), ".env");
+    let encoding = "utf8";
+    let processEnv = process.env;
+    if (options && options.processEnv != null) {
+      processEnv = options.processEnv;
+    }
+    let debug = parseBoolean(processEnv.DOTENV_CONFIG_DEBUG || options && options.debug);
+    let quiet = parseBoolean(processEnv.DOTENV_CONFIG_QUIET || options && options.quiet);
+    if (options && options.encoding) {
+      encoding = options.encoding;
+    } else {
+      if (debug) {
+        _debug("No encoding is specified. UTF-8 is used by default");
+      }
+    }
+    let optionPaths = [dotenvPath];
+    if (options && options.path) {
+      if (!Array.isArray(options.path)) {
+        optionPaths = [_resolveHome(options.path)];
+      } else {
+        optionPaths = [];
+        for (const filepath of options.path) {
+          optionPaths.push(_resolveHome(filepath));
+        }
+      }
+    }
+    let lastError;
+    const parsedAll = {};
+    for (const path3 of optionPaths) {
+      try {
+        const parsed = DotenvModule.parse(fs2.readFileSync(path3, { encoding }));
+        DotenvModule.populate(parsedAll, parsed, options);
+      } catch (e) {
+        if (debug) {
+          _debug(`Failed to load ${path3} ${e.message}`);
+        }
+        lastError = e;
+      }
+    }
+    const populated = DotenvModule.populate(processEnv, parsedAll, options);
+    debug = parseBoolean(processEnv.DOTENV_CONFIG_DEBUG || debug);
+    quiet = parseBoolean(processEnv.DOTENV_CONFIG_QUIET || quiet);
+    if (debug || !quiet) {
+      const keysCount = Object.keys(populated).length;
+      const shortPaths = [];
+      for (const filePath of optionPaths) {
+        try {
+          const relative = path2.relative(process.cwd(), filePath);
+          shortPaths.push(relative);
+        } catch (e) {
+          if (debug) {
+            _debug(`Failed to load ${filePath} ${e.message}`);
+          }
+          lastError = e;
+        }
+      }
+      _log(`injecting env (${keysCount}) from ${shortPaths.join(",")} ${dim2(`-- tip: ${_getRandomTip()}`)}`);
+    }
+    if (lastError) {
+      return { parsed: parsedAll, error: lastError };
+    } else {
+      return { parsed: parsedAll };
+    }
+  }
+  function config(options) {
+    if (_dotenvKey(options).length === 0) {
+      return DotenvModule.configDotenv(options);
+    }
+    const vaultPath = _vaultPath(options);
+    if (!vaultPath) {
+      _warn(`You set DOTENV_KEY but you are missing a .env.vault file at ${vaultPath}. Did you forget to build it?`);
+      return DotenvModule.configDotenv(options);
+    }
+    return DotenvModule._configVault(options);
+  }
+  function decrypt(encrypted, keyStr) {
+    const key = Buffer.from(keyStr.slice(-64), "hex");
+    let ciphertext = Buffer.from(encrypted, "base64");
+    const nonce = ciphertext.subarray(0, 12);
+    const authTag = ciphertext.subarray(-16);
+    ciphertext = ciphertext.subarray(12, -16);
+    try {
+      const aesgcm = crypto.createDecipheriv("aes-256-gcm", key, nonce);
+      aesgcm.setAuthTag(authTag);
+      return `${aesgcm.update(ciphertext)}${aesgcm.final()}`;
+    } catch (error) {
+      const isRange = error instanceof RangeError;
+      const invalidKeyLength = error.message === "Invalid key length";
+      const decryptionFailed = error.message === "Unsupported state or unable to authenticate data";
+      if (isRange || invalidKeyLength) {
+        const err = new Error("INVALID_DOTENV_KEY: It must be 64 characters long (or more)");
+        err.code = "INVALID_DOTENV_KEY";
+        throw err;
+      } else if (decryptionFailed) {
+        const err = new Error("DECRYPTION_FAILED: Please check your DOTENV_KEY");
+        err.code = "DECRYPTION_FAILED";
+        throw err;
+      } else {
+        throw error;
+      }
+    }
+  }
+  function populate(processEnv, parsed, options = {}) {
+    const debug = Boolean(options && options.debug);
+    const override = Boolean(options && options.override);
+    const populated = {};
+    if (typeof parsed !== "object") {
+      const err = new Error("OBJECT_REQUIRED: Please check the processEnv argument being passed to populate");
+      err.code = "OBJECT_REQUIRED";
+      throw err;
+    }
+    for (const key of Object.keys(parsed)) {
+      if (Object.prototype.hasOwnProperty.call(processEnv, key)) {
+        if (override === true) {
+          processEnv[key] = parsed[key];
+          populated[key] = parsed[key];
+        }
+        if (debug) {
+          if (override === true) {
+            _debug(`"${key}" is already defined and WAS overwritten`);
+          } else {
+            _debug(`"${key}" is already defined and was NOT overwritten`);
+          }
+        }
+      } else {
+        processEnv[key] = parsed[key];
+        populated[key] = parsed[key];
+      }
+    }
+    return populated;
+  }
+  var DotenvModule = {
+    configDotenv,
+    _configVault,
+    _parseVault,
+    config,
+    decrypt,
+    parse: parse2,
+    populate
+  };
+  exports.configDotenv = DotenvModule.configDotenv;
+  exports._configVault = DotenvModule._configVault;
+  exports._parseVault = DotenvModule._parseVault;
+  exports.config = DotenvModule.config;
+  exports.decrypt = DotenvModule.decrypt;
+  exports.parse = DotenvModule.parse;
+  exports.populate = DotenvModule.populate;
+  module2.exports = DotenvModule;
+});
 // ../../node_modules/.bun/imurmurhash@0.1.4/node_modules/imurmurhash/imurmurhash.js
 var require_imurmurhash = __commonJS((exports, module2) => {
   (function() {
@@ -28670,8 +29065,8 @@ GFS4: `);
     fs3.createReadStream = createReadStream;
     fs3.createWriteStream = createWriteStream;
     var fs$readFile = fs3.readFile;
-    fs3.readFile = readFile2;
-    function readFile2(path3, options, cb) {
+    fs3.readFile = readFile3;
+    function readFile3(path3, options, cb) {
       if (typeof options === "function")
         cb = options, options = null;
       return go$readFile(path3, options, cb);
@@ -72268,7 +72663,8 @@ var coerce = {
 };
 var NEVER = INVALID;
 // ../../packages/core/src/config.ts
-import { access, mkdir } from "fs/promises";
+var import_dotenv = __toESM(require_main(), 1);
+import { access, mkdir, readFile as readFile2 } from "fs/promises";
 import { homedir } from "os";
 import path2 from "path";
@@ -72279,6 +72675,7 @@ var LOCK_DIR = ".lock";
 var LOCK_FILE = "store.lock";
 var TASKS_DIR = "tasks";
 var PLUGINS_DIR = "plugins";
+var ENV_FILE = ".env";
 var STATUS_ORDER = ["backlog", "active", "paused", "completed", "cancelled"];
 // ../../packages/core/src/json.ts
@@ -72326,6 +72723,24 @@ var updateConfigFile = async (filePath, updater) => {
   await writeConfigFile(filePath, next);
   return next;
 };
+var resolveWorkspaceEnvPath = (workspaceRoot) => {
+  return path2.join(workspaceRoot, ENV_FILE);
+};
+var resolveGlobalEnvPath = () => {
+  const configHome = process.env.XDG_CONFIG_HOME ?? path2.join(homedir(), ".config");
+  return path2.join(configHome, APP_NAME, ENV_FILE);
+};
+var readEnvFile = async (filePath) => {
+  if (!await configFileExists(filePath)) {
+    return {};
+  }
+  try {
+    const content = await readFile2(filePath, "utf8");
+    return import_dotenv.parse(content);
+  } catch {
+    return {};
+  }
+};
 var resolveGithubToken = async (workspaceRoot) => {
   if (process.env.FLOWCAT_GITHUB_TOKEN) {
     return process.env.FLOWCAT_GITHUB_TOKEN;
@@ -72333,6 +72748,14 @@ var resolveGithubToken = async (workspaceRoot) => {
   if (process.env.IL_GITHUB_TOKEN) {
     return process.env.IL_GITHUB_TOKEN;
   }
+  const workspaceEnv = await readEnvFile(resolveWorkspaceEnvPath(workspaceRoot));
+  if (workspaceEnv.GITHUB_TOKEN) {
+    return workspaceEnv.GITHUB_TOKEN;
+  }
+  const globalEnv = await readEnvFile(resolveGlobalEnvPath());
+  if (globalEnv.GITHUB_TOKEN) {
+    return globalEnv.GITHUB_TOKEN;
+  }
   const workspaceConfig = await readConfigFile(resolveWorkspaceConfigPath(workspaceRoot));
   if (workspaceConfig.github?.token) {
     return workspaceConfig.github.token;
@@ -72343,11 +72766,11 @@ var resolveGithubToken = async (workspaceRoot) => {
 // ../../packages/core/src/lock.ts
 var import_proper_lockfile = __toESM(require_proper_lockfile(), 1);
-import { writeFile } from "fs/promises";
+import { writeFile as writeFile2 } from "fs/promises";
 import path5 from "path";
 // ../../packages/core/src/workspace.ts
-import { access as access2, mkdir as mkdir2 } from "fs/promises";
+import { access as access2, mkdir as mkdir2, writeFile } from "fs/promises";
 import { homedir as homedir2 } from "os";
 import path3 from "path";
 var exists = async (filePath) => {
@@ -72412,15 +72835,16 @@ var ensureWorkspaceLayout = async (workspaceRoot) => {
   await mkdir2(path3.join(workspaceRoot, LOCK_DIR), { recursive: true });
   await mkdir2(path3.join(workspaceRoot, PLUGINS_DIR), { recursive: true });
   await Promise.all(STATUS_ORDER.map((status) => mkdir2(path3.join(workspaceRoot, TASKS_DIR, status), { recursive: true })));
-  await ensurePluginsPackageJson(workspaceRoot);
+  await ensureWorkspacePackageJson(workspaceRoot);
+  await ensureWorkspaceGitignore(workspaceRoot);
 };
-var ensurePluginsPackageJson = async (workspaceRoot) => {
-  const packageJsonPath = path3.join(workspaceRoot, PLUGINS_DIR, "package.json");
+var ensureWorkspacePackageJson = async (workspaceRoot) => {
+  const packageJsonPath = path3.join(workspaceRoot, "package.json");
   if (await exists(packageJsonPath)) {
     return;
   }
   const packageJson = {
-    name: "flowcat-plugins",
+    name: "flowcat-workspace",
     type: "module",
     private: true,
     dependencies: {
@@ -72429,12 +72853,23 @@ var ensurePluginsPackageJson = async (workspaceRoot) => {
   };
   await writeJsonAtomic(packageJsonPath, packageJson);
 };
+var ensureWorkspaceGitignore = async (workspaceRoot) => {
+  const gitignorePath = path3.join(workspaceRoot, ".gitignore");
+  if (await exists(gitignorePath)) {
+    return;
+  }
+  const gitignoreContent = `# Flowcat workspace local files
+${ENV_FILE}
+${LOCK_DIR}/
+`;
+  await writeFile(gitignorePath, gitignoreContent, "utf8");
+};
 // ../../packages/core/src/lock.ts
 var withWorkspaceLock = async (workspaceRoot, fn) => {
   await ensureWorkspaceLayout(workspaceRoot);
   const lockPath = path5.join(workspaceRoot, LOCK_DIR, LOCK_FILE);
-  await writeFile(lockPath, "", { flag: "a" });
+  await writeFile2(lockPath, "", { flag: "a" });
   const release = await import_proper_lockfile.default.lock(lockPath, {
     stale: 60000,
     retries: {
@@ -81750,14 +82185,14 @@ var taskMatchesQuery = (task, query) => {
 import path11 from "path";
 // ../../packages/core/src/gitignore.ts
-import { readFile as readFile2, writeFile as writeFile2 } from "fs/promises";
+import { readFile as readFile3, writeFile as writeFile3 } from "fs/promises";
 import path10 from "path";
-var ignoredEntries = [`${APP_DIR}/.lock/`, `${APP_DIR}/config.json`];
+var ignoredEntries = [`${APP_DIR}/.lock/`];
 var ensureWorkspaceIgnored = async (repoRoot) => {
   const gitignorePath = path10.join(repoRoot, ".gitignore");
   let current = "";
   try {
-    current = await readFile2(gitignorePath, "utf8");
+    current = await readFile3(gitignorePath, "utf8");
   } catch {
     current = "";
   }
@@ -81773,7 +82208,7 @@ var ensureWorkspaceIgnored = async (repoRoot) => {
   const next = `${current}${separator}${missingEntries.join(`
 `)}
 `;
-  await writeFile2(gitignorePath, next, "utf8");
+  await writeFile3(gitignorePath, next, "utf8");
   return true;
 };

package/dist/fweb ADDED Viewed

Binary file

package/dist/index.mjs CHANGED Viewed

@@ -1804,6 +1804,401 @@ var require_commander = __commonJS((exports, module) => {
   exports.InvalidOptionArgumentError = InvalidArgumentError;
 });
+// ../../node_modules/.bun/dotenv@17.2.3/node_modules/dotenv/package.json
+var require_package = __commonJS((exports, module) => {
+  module.exports = {
+    name: "dotenv",
+    version: "17.2.3",
+    description: "Loads environment variables from .env file",
+    main: "lib/main.js",
+    types: "lib/main.d.ts",
+    exports: {
+      ".": {
+        types: "./lib/main.d.ts",
+        require: "./lib/main.js",
+        default: "./lib/main.js"
+      },
+      "./config": "./config.js",
+      "./config.js": "./config.js",
+      "./lib/env-options": "./lib/env-options.js",
+      "./lib/env-options.js": "./lib/env-options.js",
+      "./lib/cli-options": "./lib/cli-options.js",
+      "./lib/cli-options.js": "./lib/cli-options.js",
+      "./package.json": "./package.json"
+    },
+    scripts: {
+      "dts-check": "tsc --project tests/types/tsconfig.json",
+      lint: "standard",
+      pretest: "npm run lint && npm run dts-check",
+      test: "tap run tests/**/*.js --allow-empty-coverage --disable-coverage --timeout=60000",
+      "test:coverage": "tap run tests/**/*.js --show-full-coverage --timeout=60000 --coverage-report=text --coverage-report=lcov",
+      prerelease: "npm test",
+      release: "standard-version"
+    },
+    repository: {
+      type: "git",
+      url: "git://github.com/motdotla/dotenv.git"
+    },
+    homepage: "https://github.com/motdotla/dotenv#readme",
+    funding: "https://dotenvx.com",
+    keywords: [
+      "dotenv",
+      "env",
+      ".env",
+      "environment",
+      "variables",
+      "config",
+      "settings"
+    ],
+    readmeFilename: "README.md",
+    license: "BSD-2-Clause",
+    devDependencies: {
+      "@types/node": "^18.11.3",
+      decache: "^4.6.2",
+      sinon: "^14.0.1",
+      standard: "^17.0.0",
+      "standard-version": "^9.5.0",
+      tap: "^19.2.0",
+      typescript: "^4.8.4"
+    },
+    engines: {
+      node: ">=12"
+    },
+    browser: {
+      fs: false
+    }
+  };
+});
+// ../../node_modules/.bun/dotenv@17.2.3/node_modules/dotenv/lib/main.js
+var require_main = __commonJS((exports, module) => {
+  var fs = __require("fs");
+  var path = __require("path");
+  var os = __require("os");
+  var crypto = __require("crypto");
+  var packageJson = require_package();
+  var version = packageJson.version;
+  var TIPS = [
+    "\uD83D\uDD10 encrypt with Dotenvx: https://dotenvx.com",
+    "\uD83D\uDD10 prevent committing .env to code: https://dotenvx.com/precommit",
+    "\uD83D\uDD10 prevent building .env in docker: https://dotenvx.com/prebuild",
+    "\uD83D\uDCE1 add observability to secrets: https://dotenvx.com/ops",
+    "\uD83D\uDC65 sync secrets across teammates & machines: https://dotenvx.com/ops",
+    "\uD83D\uDDC2️ backup and recover secrets: https://dotenvx.com/ops",
+    "✅ audit secrets and track compliance: https://dotenvx.com/ops",
+    "\uD83D\uDD04 add secrets lifecycle management: https://dotenvx.com/ops",
+    "\uD83D\uDD11 add access controls to secrets: https://dotenvx.com/ops",
+    "\uD83D\uDEE0️  run anywhere with `dotenvx run -- yourcommand`",
+    "⚙️  specify custom .env file path with { path: '/custom/path/.env' }",
+    "⚙️  enable debug logging with { debug: true }",
+    "⚙️  override existing env vars with { override: true }",
+    "⚙️  suppress all logs with { quiet: true }",
+    "⚙️  write to custom object with { processEnv: myObject }",
+    "⚙️  load multiple .env files with { path: ['.env.local', '.env'] }"
+  ];
+  function _getRandomTip() {
+    return TIPS[Math.floor(Math.random() * TIPS.length)];
+  }
+  function parseBoolean(value) {
+    if (typeof value === "string") {
+      return !["false", "0", "no", "off", ""].includes(value.toLowerCase());
+    }
+    return Boolean(value);
+  }
+  function supportsAnsi() {
+    return process.stdout.isTTY;
+  }
+  function dim(text) {
+    return supportsAnsi() ? `\x1B[2m${text}\x1B[0m` : text;
+  }
+  var LINE = /(?:^|^)\s*(?:export\s+)?([\w.-]+)(?:\s*=\s*?|:\s+?)(\s*'(?:\\'|[^'])*'|\s*"(?:\\"|[^"])*"|\s*`(?:\\`|[^`])*`|[^#\r\n]+)?\s*(?:#.*)?(?:$|$)/mg;
+  function parse(src) {
+    const obj = {};
+    let lines = src.toString();
+    lines = lines.replace(/\r\n?/mg, `
+`);
+    let match;
+    while ((match = LINE.exec(lines)) != null) {
+      const key = match[1];
+      let value = match[2] || "";
+      value = value.trim();
+      const maybeQuote = value[0];
+      value = value.replace(/^(['"`])([\s\S]*)\1$/mg, "$2");
+      if (maybeQuote === '"') {
+        value = value.replace(/\\n/g, `
+`);
+        value = value.replace(/\\r/g, "\r");
+      }
+      obj[key] = value;
+    }
+    return obj;
+  }
+  function _parseVault(options) {
+    options = options || {};
+    const vaultPath = _vaultPath(options);
+    options.path = vaultPath;
+    const result = DotenvModule.configDotenv(options);
+    if (!result.parsed) {
+      const err = new Error(`MISSING_DATA: Cannot parse ${vaultPath} for an unknown reason`);
+      err.code = "MISSING_DATA";
+      throw err;
+    }
+    const keys = _dotenvKey(options).split(",");
+    const length = keys.length;
+    let decrypted;
+    for (let i = 0;i < length; i++) {
+      try {
+        const key = keys[i].trim();
+        const attrs = _instructions(result, key);
+        decrypted = DotenvModule.decrypt(attrs.ciphertext, attrs.key);
+        break;
+      } catch (error) {
+        if (i + 1 >= length) {
+          throw error;
+        }
+      }
+    }
+    return DotenvModule.parse(decrypted);
+  }
+  function _warn(message) {
+    console.error(`[dotenv@${version}][WARN] ${message}`);
+  }
+  function _debug(message) {
+    console.log(`[dotenv@${version}][DEBUG] ${message}`);
+  }
+  function _log(message) {
+    console.log(`[dotenv@${version}] ${message}`);
+  }
+  function _dotenvKey(options) {
+    if (options && options.DOTENV_KEY && options.DOTENV_KEY.length > 0) {
+      return options.DOTENV_KEY;
+    }
+    if (process.env.DOTENV_KEY && process.env.DOTENV_KEY.length > 0) {
+      return process.env.DOTENV_KEY;
+    }
+    return "";
+  }
+  function _instructions(result, dotenvKey) {
+    let uri;
+    try {
+      uri = new URL(dotenvKey);
+    } catch (error) {
+      if (error.code === "ERR_INVALID_URL") {
+        const err = new Error("INVALID_DOTENV_KEY: Wrong format. Must be in valid uri format like dotenv://:key_1234@dotenvx.com/vault/.env.vault?environment=development");
+        err.code = "INVALID_DOTENV_KEY";
+        throw err;
+      }
+      throw error;
+    }
+    const key = uri.password;
+    if (!key) {
+      const err = new Error("INVALID_DOTENV_KEY: Missing key part");
+      err.code = "INVALID_DOTENV_KEY";
+      throw err;
+    }
+    const environment = uri.searchParams.get("environment");
+    if (!environment) {
+      const err = new Error("INVALID_DOTENV_KEY: Missing environment part");
+      err.code = "INVALID_DOTENV_KEY";
+      throw err;
+    }
+    const environmentKey = `DOTENV_VAULT_${environment.toUpperCase()}`;
+    const ciphertext = result.parsed[environmentKey];
+    if (!ciphertext) {
+      const err = new Error(`NOT_FOUND_DOTENV_ENVIRONMENT: Cannot locate environment ${environmentKey} in your .env.vault file.`);
+      err.code = "NOT_FOUND_DOTENV_ENVIRONMENT";
+      throw err;
+    }
+    return { ciphertext, key };
+  }
+  function _vaultPath(options) {
+    let possibleVaultPath = null;
+    if (options && options.path && options.path.length > 0) {
+      if (Array.isArray(options.path)) {
+        for (const filepath of options.path) {
+          if (fs.existsSync(filepath)) {
+            possibleVaultPath = filepath.endsWith(".vault") ? filepath : `${filepath}.vault`;
+          }
+        }
+      } else {
+        possibleVaultPath = options.path.endsWith(".vault") ? options.path : `${options.path}.vault`;
+      }
+    } else {
+      possibleVaultPath = path.resolve(process.cwd(), ".env.vault");
+    }
+    if (fs.existsSync(possibleVaultPath)) {
+      return possibleVaultPath;
+    }
+    return null;
+  }
+  function _resolveHome(envPath) {
+    return envPath[0] === "~" ? path.join(os.homedir(), envPath.slice(1)) : envPath;
+  }
+  function _configVault(options) {
+    const debug = parseBoolean(process.env.DOTENV_CONFIG_DEBUG || options && options.debug);
+    const quiet = parseBoolean(process.env.DOTENV_CONFIG_QUIET || options && options.quiet);
+    if (debug || !quiet) {
+      _log("Loading env from encrypted .env.vault");
+    }
+    const parsed = DotenvModule._parseVault(options);
+    let processEnv = process.env;
+    if (options && options.processEnv != null) {
+      processEnv = options.processEnv;
+    }
+    DotenvModule.populate(processEnv, parsed, options);
+    return { parsed };
+  }
+  function configDotenv(options) {
+    const dotenvPath = path.resolve(process.cwd(), ".env");
+    let encoding = "utf8";
+    let processEnv = process.env;
+    if (options && options.processEnv != null) {
+      processEnv = options.processEnv;
+    }
+    let debug = parseBoolean(processEnv.DOTENV_CONFIG_DEBUG || options && options.debug);
+    let quiet = parseBoolean(processEnv.DOTENV_CONFIG_QUIET || options && options.quiet);
+    if (options && options.encoding) {
+      encoding = options.encoding;
+    } else {
+      if (debug) {
+        _debug("No encoding is specified. UTF-8 is used by default");
+      }
+    }
+    let optionPaths = [dotenvPath];
+    if (options && options.path) {
+      if (!Array.isArray(options.path)) {
+        optionPaths = [_resolveHome(options.path)];
+      } else {
+        optionPaths = [];
+        for (const filepath of options.path) {
+          optionPaths.push(_resolveHome(filepath));
+        }
+      }
+    }
+    let lastError;
+    const parsedAll = {};
+    for (const path2 of optionPaths) {
+      try {
+        const parsed = DotenvModule.parse(fs.readFileSync(path2, { encoding }));
+        DotenvModule.populate(parsedAll, parsed, options);
+      } catch (e) {
+        if (debug) {
+          _debug(`Failed to load ${path2} ${e.message}`);
+        }
+        lastError = e;
+      }
+    }
+    const populated = DotenvModule.populate(processEnv, parsedAll, options);
+    debug = parseBoolean(processEnv.DOTENV_CONFIG_DEBUG || debug);
+    quiet = parseBoolean(processEnv.DOTENV_CONFIG_QUIET || quiet);
+    if (debug || !quiet) {
+      const keysCount = Object.keys(populated).length;
+      const shortPaths = [];
+      for (const filePath of optionPaths) {
+        try {
+          const relative = path.relative(process.cwd(), filePath);
+          shortPaths.push(relative);
+        } catch (e) {
+          if (debug) {
+            _debug(`Failed to load ${filePath} ${e.message}`);
+          }
+          lastError = e;
+        }
+      }
+      _log(`injecting env (${keysCount}) from ${shortPaths.join(",")} ${dim(`-- tip: ${_getRandomTip()}`)}`);
+    }
+    if (lastError) {
+      return { parsed: parsedAll, error: lastError };
+    } else {
+      return { parsed: parsedAll };
+    }
+  }
+  function config(options) {
+    if (_dotenvKey(options).length === 0) {
+      return DotenvModule.configDotenv(options);
+    }
+    const vaultPath = _vaultPath(options);
+    if (!vaultPath) {
+      _warn(`You set DOTENV_KEY but you are missing a .env.vault file at ${vaultPath}. Did you forget to build it?`);
+      return DotenvModule.configDotenv(options);
+    }
+    return DotenvModule._configVault(options);
+  }
+  function decrypt(encrypted, keyStr) {
+    const key = Buffer.from(keyStr.slice(-64), "hex");
+    let ciphertext = Buffer.from(encrypted, "base64");
+    const nonce = ciphertext.subarray(0, 12);
+    const authTag = ciphertext.subarray(-16);
+    ciphertext = ciphertext.subarray(12, -16);
+    try {
+      const aesgcm = crypto.createDecipheriv("aes-256-gcm", key, nonce);
+      aesgcm.setAuthTag(authTag);
+      return `${aesgcm.update(ciphertext)}${aesgcm.final()}`;
+    } catch (error) {
+      const isRange = error instanceof RangeError;
+      const invalidKeyLength = error.message === "Invalid key length";
+      const decryptionFailed = error.message === "Unsupported state or unable to authenticate data";
+      if (isRange || invalidKeyLength) {
+        const err = new Error("INVALID_DOTENV_KEY: It must be 64 characters long (or more)");
+        err.code = "INVALID_DOTENV_KEY";
+        throw err;
+      } else if (decryptionFailed) {
+        const err = new Error("DECRYPTION_FAILED: Please check your DOTENV_KEY");
+        err.code = "DECRYPTION_FAILED";
+        throw err;
+      } else {
+        throw error;
+      }
+    }
+  }
+  function populate(processEnv, parsed, options = {}) {
+    const debug = Boolean(options && options.debug);
+    const override = Boolean(options && options.override);
+    const populated = {};
+    if (typeof parsed !== "object") {
+      const err = new Error("OBJECT_REQUIRED: Please check the processEnv argument being passed to populate");
+      err.code = "OBJECT_REQUIRED";
+      throw err;
+    }
+    for (const key of Object.keys(parsed)) {
+      if (Object.prototype.hasOwnProperty.call(processEnv, key)) {
+        if (override === true) {
+          processEnv[key] = parsed[key];
+          populated[key] = parsed[key];
+        }
+        if (debug) {
+          if (override === true) {
+            _debug(`"${key}" is already defined and WAS overwritten`);
+          } else {
+            _debug(`"${key}" is already defined and was NOT overwritten`);
+          }
+        }
+      } else {
+        processEnv[key] = parsed[key];
+        populated[key] = parsed[key];
+      }
+    }
+    return populated;
+  }
+  var DotenvModule = {
+    configDotenv,
+    _configVault,
+    _parseVault,
+    config,
+    decrypt,
+    parse,
+    populate
+  };
+  exports.configDotenv = DotenvModule.configDotenv;
+  exports._configVault = DotenvModule._configVault;
+  exports._parseVault = DotenvModule._parseVault;
+  exports.config = DotenvModule.config;
+  exports.decrypt = DotenvModule.decrypt;
+  exports.parse = DotenvModule.parse;
+  exports.populate = DotenvModule.populate;
+  module.exports = DotenvModule;
+});
 // ../../node_modules/.bun/imurmurhash@0.1.4/node_modules/imurmurhash/imurmurhash.js
 var require_imurmurhash = __commonJS((exports, module) => {
   (function() {
@@ -2832,8 +3227,8 @@ GFS4: `);
     fs2.createReadStream = createReadStream;
     fs2.createWriteStream = createWriteStream;
     var fs$readFile = fs2.readFile;
-    fs2.readFile = readFile2;
-    function readFile2(path2, options, cb) {
+    fs2.readFile = readFile3;
+    function readFile3(path2, options, cb) {
       if (typeof options === "function")
         cb = options, options = null;
       return go$readFile(path2, options, cb);
@@ -25136,7 +25531,8 @@ var coerce = {
 };
 var NEVER = INVALID;
 // ../../packages/core/src/config.ts
-import { access, mkdir } from "node:fs/promises";
+var import_dotenv = __toESM(require_main(), 1);
+import { access, mkdir, readFile as readFile2 } from "node:fs/promises";
 import { homedir } from "node:os";
 import path from "node:path";
@@ -25147,6 +25543,7 @@ var LOCK_DIR = ".lock";
 var LOCK_FILE = "store.lock";
 var TASKS_DIR = "tasks";
 var PLUGINS_DIR = "plugins";
+var ENV_FILE = ".env";
 var STATUS_ORDER = ["backlog", "active", "paused", "completed", "cancelled"];
 // ../../packages/core/src/json.ts
@@ -25202,6 +25599,24 @@ var resolveAutoCommitEnabled = async (workspaceRoot) => {
   const globalConfig = await readConfigFile(resolveGlobalConfigPath());
   return globalConfig.autoCommit ?? false;
 };
+var resolveWorkspaceEnvPath = (workspaceRoot) => {
+  return path.join(workspaceRoot, ENV_FILE);
+};
+var resolveGlobalEnvPath = () => {
+  const configHome = process.env.XDG_CONFIG_HOME ?? path.join(homedir(), ".config");
+  return path.join(configHome, APP_NAME, ENV_FILE);
+};
+var readEnvFile = async (filePath) => {
+  if (!await configFileExists(filePath)) {
+    return {};
+  }
+  try {
+    const content = await readFile2(filePath, "utf8");
+    return import_dotenv.parse(content);
+  } catch {
+    return {};
+  }
+};
 var resolveGithubToken = async (workspaceRoot) => {
   if (process.env.FLOWCAT_GITHUB_TOKEN) {
     return process.env.FLOWCAT_GITHUB_TOKEN;
@@ -25209,6 +25624,14 @@ var resolveGithubToken = async (workspaceRoot) => {
   if (process.env.IL_GITHUB_TOKEN) {
     return process.env.IL_GITHUB_TOKEN;
   }
+  const workspaceEnv = await readEnvFile(resolveWorkspaceEnvPath(workspaceRoot));
+  if (workspaceEnv.GITHUB_TOKEN) {
+    return workspaceEnv.GITHUB_TOKEN;
+  }
+  const globalEnv = await readEnvFile(resolveGlobalEnvPath());
+  if (globalEnv.GITHUB_TOKEN) {
+    return globalEnv.GITHUB_TOKEN;
+  }
   const workspaceConfig = await readConfigFile(resolveWorkspaceConfigPath(workspaceRoot));
   if (workspaceConfig.github?.token) {
     return workspaceConfig.github.token;
@@ -25219,11 +25642,11 @@ var resolveGithubToken = async (workspaceRoot) => {
 // ../../packages/core/src/lock.ts
 var import_proper_lockfile = __toESM(require_proper_lockfile(), 1);
-import { writeFile } from "node:fs/promises";
+import { writeFile as writeFile2 } from "node:fs/promises";
 import path3 from "node:path";
 // ../../packages/core/src/workspace.ts
-import { access as access2, mkdir as mkdir2 } from "node:fs/promises";
+import { access as access2, mkdir as mkdir2, writeFile } from "node:fs/promises";
 import { homedir as homedir2 } from "node:os";
 import path2 from "node:path";
 var exists = async (filePath) => {
@@ -25288,15 +25711,16 @@ var ensureWorkspaceLayout = async (workspaceRoot) => {
   await mkdir2(path2.join(workspaceRoot, LOCK_DIR), { recursive: true });
   await mkdir2(path2.join(workspaceRoot, PLUGINS_DIR), { recursive: true });
   await Promise.all(STATUS_ORDER.map((status) => mkdir2(path2.join(workspaceRoot, TASKS_DIR, status), { recursive: true })));
-  await ensurePluginsPackageJson(workspaceRoot);
+  await ensureWorkspacePackageJson(workspaceRoot);
+  await ensureWorkspaceGitignore(workspaceRoot);
 };
-var ensurePluginsPackageJson = async (workspaceRoot) => {
-  const packageJsonPath = path2.join(workspaceRoot, PLUGINS_DIR, "package.json");
+var ensureWorkspacePackageJson = async (workspaceRoot) => {
+  const packageJsonPath = path2.join(workspaceRoot, "package.json");
   if (await exists(packageJsonPath)) {
     return;
   }
   const packageJson = {
-    name: "flowcat-plugins",
+    name: "flowcat-workspace",
     type: "module",
     private: true,
     dependencies: {
@@ -25305,12 +25729,23 @@ var ensurePluginsPackageJson = async (workspaceRoot) => {
   };
   await writeJsonAtomic(packageJsonPath, packageJson);
 };
+var ensureWorkspaceGitignore = async (workspaceRoot) => {
+  const gitignorePath = path2.join(workspaceRoot, ".gitignore");
+  if (await exists(gitignorePath)) {
+    return;
+  }
+  const gitignoreContent = `# Flowcat workspace local files
+${ENV_FILE}
+${LOCK_DIR}/
+`;
+  await writeFile(gitignorePath, gitignoreContent, "utf8");
+};
 // ../../packages/core/src/lock.ts
 var withWorkspaceLock = async (workspaceRoot, fn) => {
   await ensureWorkspaceLayout(workspaceRoot);
   const lockPath = path3.join(workspaceRoot, LOCK_DIR, LOCK_FILE);
-  await writeFile(lockPath, "", { flag: "a" });
+  await writeFile2(lockPath, "", { flag: "a" });
   const release = await import_proper_lockfile.default.lock(lockPath, {
     stale: 60000,
     retries: {
@@ -30793,14 +31228,14 @@ var registerEditCommand = (program2, helpers) => {
 import path8 from "node:path";
 // ../../packages/core/src/gitignore.ts
-import { readFile as readFile2, writeFile as writeFile2 } from "node:fs/promises";
+import { readFile as readFile3, writeFile as writeFile3 } from "node:fs/promises";
 import path7 from "node:path";
-var ignoredEntries = [`${APP_DIR}/.lock/`, `${APP_DIR}/config.json`];
+var ignoredEntries = [`${APP_DIR}/.lock/`];
 var ensureWorkspaceIgnored = async (repoRoot) => {
   const gitignorePath = path7.join(repoRoot, ".gitignore");
   let current = "";
   try {
-    current = await readFile2(gitignorePath, "utf8");
+    current = await readFile3(gitignorePath, "utf8");
   } catch {
     current = "";
   }
@@ -30816,7 +31251,7 @@ var ensureWorkspaceIgnored = async (repoRoot) => {
   const next = `${current}${separator}${missingEntries.join(`
 `)}
 `;
-  await writeFile2(gitignorePath, next, "utf8");
+  await writeFile3(gitignorePath, next, "utf8");
   return true;
 };
@@ -31924,7 +32359,7 @@ var registerWhereCommand = (program2, helpers) => {
 };
 // helpers.ts
-import { readFile as readFile3 } from "node:fs/promises";
+import { readFile as readFile4 } from "node:fs/promises";
 import path10 from "node:path";
 import { fileURLToPath } from "node:url";
@@ -32240,7 +32675,7 @@ var resolvePackageVersion = async () => {
   while (true) {
     const candidate = path10.join(current, "package.json");
     try {
-      const raw = await readFile3(candidate, "utf8");
+      const raw = await readFile4(candidate, "utf8");
       const parsed = JSON.parse(raw);
       if (isPackageJson(parsed) && typeof parsed.version === "string") {
         return parsed.version;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "flowcat",
-  "version": "1.6.3",
+  "version": "1.7.0",
   "type": "module",
   "repository": {
     "type": "git",
@@ -9,7 +9,8 @@
   },
   "bin": {
     "flowcat": "dist/index.mjs",
-    "fcat": "dist/fcat.mjs"
+    "fcat": "dist/fcat.mjs",
+    "fweb": "dist/fweb"
   },
   "files": [
     "dist",