fraim-framework 2.0.87 → 2.0.88

package/README.md

@@ -304,6 +304,36 @@ fraim sync                          # Sync latest workflows and rules
 
 **💡 Pro Tip**: Use `fraim add-ide` when you install a new IDE after initial setup. It reuses your existing FRAIM and platform tokens, making it much faster than running full setup again.
 
+### **🧩 Personalized Jobs, Skills, and Rules**
+
+Project-specific customization now lives under `.fraim/personalized-employee/`.
+
+Recommended layout:
+
+```text
+.fraim/
+  personalized-employee/
+    jobs/
+    skills/
+    rules/
+    templates/
+```
+
+Use `fraim override` to create a local starting point:
+
+```bash
+fraim override --inherit jobs/product-building/feature-implementation.md
+fraim override --copy rules/engineering/architecture-standards.md
+```
+
+Guidance:
+- Put phased job customizations in `.fraim/personalized-employee/jobs/...`
+- Put reusable local capability snippets in `.fraim/personalized-employee/skills/...`
+- Put broad team conventions in `.fraim/personalized-employee/rules/...`
+- Put local deliverable tweaks in `.fraim/personalized-employee/templates/...`
+- Do not edit synced content under `.fraim/ai-employee/` or `.fraim/ai-manager/`; `fraim sync` will overwrite it
+- Legacy `.fraim/overrides/` is still read for compatibility, but new work should go in `.fraim/personalized-employee/`
+
 ### **🔧 Jira Integration Setup**
 
 FRAIM uses the official Model Context Protocol (MCP) server for Jira integration. The setup command automatically configures the correct format.

package/dist/src/cli/commands/add-provider.js

@@ -42,9 +42,14 @@ const updateIDEConfigs = async (provider, config) => {
     const tokenConfig = {
         github: config.tokens?.github,
         gitlab: config.tokens?.gitlab,
+        ado: config.tokens?.ado,
         jira: config.tokens?.jira
     };
-    const providerConfigs = config.providerConfigs || {};
+    const providerConfigs = Object.entries(config.providerConfigs || {}).reduce((acc, [key, value]) => {
+        const providerId = key.replace(/Config$/, '');
+        acc[providerId] = value;
+        return acc;
+    }, {});
     for (const ide of detectedIDEs) {
         try {
             const configPath = (0, ide_detector_1.expandPath)(ide.configPath);
@@ -135,11 +140,14 @@ const runAddProvider = async (provider, options) => {
     // Check if provider already configured
     const providerName = await (0, provider_registry_1.getProviderDisplayName)(provider);
     const hasExistingConfig = config.tokens[provider] ||
-        (provider === 'jira' && config.providerConfigs?.jiraConfig?.baseUrl);
+        (provider === 'jira' && config.providerConfigs?.jiraConfig?.baseUrl) ||
+        (provider === 'ado' && config.providerConfigs?.adoConfig?.organization);
     if (hasExistingConfig) {
         const displayInfo = provider === 'jira' && config.providerConfigs?.jiraConfig?.baseUrl
             ? ` (${config.providerConfigs.jiraConfig.baseUrl})`
-            : '';
+            : provider === 'ado' && config.providerConfigs?.adoConfig?.organization
+                ? ` (${config.providerConfigs.adoConfig.organization})`
+                : '';
         console.log(chalk_1.default.yellow(`⚠️  ${providerName} is already configured${displayInfo}`));
         // Skip prompt if FRAIM_FORCE_OVERWRITE is set (for testing)
         if (!process.env.FRAIM_FORCE_OVERWRITE) {
@@ -163,11 +171,12 @@ const runAddProvider = async (provider, options) => {
         if (options.token) {
             providedTokens[provider] = options.token;
         }
-        // Handle provider-specific config options (e.g., Jira URL and email)
-        if (options.url || options.email) {
+        // Handle provider-specific config options (e.g., Jira URL/email or ADO organization)
+        if (options.url || options.email || options.organization) {
             providedConfigs[provider] = {
                 ...(options.url && { baseUrl: options.url.replace(/^https?:\/\//, '').replace(/\/$/, '') }),
-                ...(options.email && { email: options.email })
+                ...(options.email && { email: options.email }),
+                ...(options.organization && { organization: options.organization })
             };
         }
         // Get credentials using generic prompt system
@@ -209,6 +218,7 @@ exports.addProviderCommand = new commander_1.Command('add-provider')
     .description(`Add or update a provider after initial setup`)
     .argument('<provider>', `Provider to add`)
     .option('--token <token>', 'Provider token (will prompt if not provided)')
+    .option('--organization <organization>', 'Organization (for providers that require it)')
     .option('--email <email>', 'Email (for providers that require it)')
     .option('--url <url>', 'Instance URL (for providers that require it)')
     .option('--no-validate', 'Skip token validation')

package/dist/src/cli/commands/init-project.js

@@ -10,6 +10,7 @@ const path_1 = __importDefault(require("path"));
 const os_1 = __importDefault(require("os"));
 const chalk_1 = __importDefault(require("chalk"));
 const prompts_1 = __importDefault(require("prompts"));
+const child_process_1 = require("child_process");
 const sync_1 = require("./sync");
 const platform_detection_1 = require("../utils/platform-detection");
 const version_utils_1 = require("../utils/version-utils");
@@ -21,6 +22,11 @@ const promptForJiraProjectKey = async (jiraBaseUrl) => {
     console.log(chalk_1.default.blue('\n🎫 Jira Project Configuration'));
     console.log(chalk_1.default.gray(`Jira instance: ${jiraBaseUrl}`));
     console.log(chalk_1.default.gray('Enter the Jira project key for this repository (e.g., TEAM, PROJ, DEV)\n'));
+    if (process.env.FRAIM_NON_INTERACTIVE) {
+        const defaultKey = process.env.FRAIM_JIRA_PROJECT_KEY || 'PROJ';
+        console.log(chalk_1.default.yellow(`\nℹ️  Non-interactive mode: using Jira project key "${defaultKey}"`));
+        return defaultKey;
+    }
     const response = await (0, prompts_1.default)({
         type: 'text',
         name: 'projectKey',
@@ -60,6 +66,77 @@ const checkGlobalSetup = () => {
         return { exists: true, mode: 'integrated', tokens: {} };
     }
 };
+/**
+ * Install GitHub workflow files to .github/workflows/
+ * Gracefully handles cases where gh CLI is not available
+ */
+const installGitHubWorkflows = (projectRoot) => {
+    const workflowsDir = path_1.default.join(projectRoot, '.github', 'workflows');
+    // Find registry directory (works in both dev and installed package)
+    const registryDir = fs_1.default.existsSync(path_1.default.join(__dirname, '..', '..', '..', 'registry'))
+        ? path_1.default.join(__dirname, '..', '..', '..', 'registry')
+        : path_1.default.join(__dirname, '..', '..', 'registry');
+    const sourceDir = path_1.default.join(registryDir, 'github', 'workflows');
+    // Create .github/workflows directory if it doesn't exist
+    if (!fs_1.default.existsSync(workflowsDir)) {
+        fs_1.default.mkdirSync(workflowsDir, { recursive: true });
+    }
+    const workflowFiles = ['phase-change.yml', 'status-change.yml', 'sync-on-pr-review.yml'];
+    workflowFiles.forEach((file) => {
+        const sourcePath = path_1.default.join(sourceDir, file);
+        const destPath = path_1.default.join(workflowsDir, file);
+        if (fs_1.default.existsSync(sourcePath)) {
+            fs_1.default.copyFileSync(sourcePath, destPath);
+            console.log(chalk_1.default.green(`Installed workflow: .github/workflows/${file}`));
+        }
+        else {
+            console.log(chalk_1.default.yellow(`Warning: Workflow not found in registry: ${file}`));
+        }
+    });
+};
+/**
+ * Create GitHub labels using gh CLI
+ * Gracefully handles cases where gh CLI is not available
+ */
+const createGitHubLabels = (projectRoot) => {
+    // Check if gh CLI is available
+    try {
+        (0, child_process_1.execSync)('gh --version', { stdio: 'ignore' });
+    }
+    catch {
+        console.log(chalk_1.default.yellow('GitHub CLI (gh) not found. Skipping label creation.'));
+        console.log(chalk_1.default.gray('Install gh CLI to enable automatic label creation: https://cli.github.com/'));
+        return;
+    }
+    // Read labels from labels.json
+    const labelsPath = path_1.default.join(__dirname, '..', '..', '..', 'labels.json');
+    if (!fs_1.default.existsSync(labelsPath)) {
+        console.log(chalk_1.default.yellow('labels.json not found. Skipping label creation.'));
+        return;
+    }
+    try {
+        const labels = JSON.parse(fs_1.default.readFileSync(labelsPath, 'utf8'));
+        labels.forEach((label) => {
+            try {
+                // Try to create the label, ignore if it already exists
+                (0, child_process_1.execSync)(`gh label create "${label.name}" --color "${label.color}" --description "${label.description}"`, { cwd: projectRoot, stdio: 'ignore' });
+                console.log(chalk_1.default.green(`Created label: ${label.name}`));
+            }
+            catch (error) {
+                // Label might already exist, which is fine
+                if (error.message && error.message.includes('already exists')) {
+                    console.log(chalk_1.default.gray(`Label already exists: ${label.name}`));
+                }
+                else {
+                    console.log(chalk_1.default.yellow(`Could not create label ${label.name}: ${error.message}`));
+                }
+            }
+        });
+    }
+    catch (error) {
+        console.log(chalk_1.default.yellow(`Error reading labels.json: ${error.message}`));
+    }
+};
 const runInitProject = async () => {
     console.log(chalk_1.default.blue('Initializing FRAIM project...'));
     const globalSetup = checkGlobalSetup();
@@ -170,6 +247,13 @@ const runInitProject = async () => {
     if ((0, fraim_gitignore_1.ensureFraimSyncedContentIgnored)(projectRoot)) {
         console.log(chalk_1.default.green('Updated .gitignore with FRAIM synced content ignore rules'));
     }
+    // Install GitHub workflows and create labels for GitHub repositories
+    const detection = (0, platform_detection_1.detectPlatformFromGit)();
+    if (detection.provider === 'github') {
+        console.log(chalk_1.default.blue('\nSetting up GitHub workflows and labels...'));
+        installGitHubWorkflows(projectRoot);
+        createGitHubLabels(projectRoot);
+    }
     if (!process.env.FRAIM_SKIP_SYNC) {
         await (0, sync_1.runSync)({});
     }
@@ -180,7 +264,25 @@ const runInitProject = async () => {
         console.log(chalk_1.default.green(`${status} project Codex config at ${codexLocalResult.path}`));
     }
     console.log(chalk_1.default.green('\nFRAIM project initialized!'));
-    console.log(chalk_1.default.cyan('Try: Ask your AI agent "list fraim workflows"'));
+    if (!process.env.FRAIM_NON_INTERACTIVE) {
+        const response = await (0, prompts_1.default)({
+            type: 'confirm',
+            name: 'runOnboarding',
+            message: 'Would you like to set up your AI employee for success? Use the "ai-manager/jobs/project-setup/project-onboarding" job now.',
+            initial: true
+        });
+        if (response.runOnboarding) {
+            console.log(chalk_1.default.blue('\n🚀 Proactive Onboarding: Project Success Setup'));
+            console.log(chalk_1.default.gray('Simply tell your AI agent: "run the project-onboarding job under ai-manager/project-setup"'));
+            console.log(chalk_1.default.gray('This will help the AI understand your project goals, tech stack, and industry context.'));
+        }
+        else {
+            console.log(chalk_1.default.cyan('\nTip: You can always ask your AI agent to "list fraim jobs" to see what\'s available.'));
+        }
+    }
+    else {
+        console.log(chalk_1.default.cyan('\nWould you like to set up your AI employee for success? Use the "ai-manager/jobs/project-setup/project-onboarding" job now.'));
+    }
 };
 exports.runInitProject = runInitProject;
 exports.initProjectCommand = new commander_1.Command('init-project')

package/dist/src/cli/commands/login.js

@@ -0,0 +1,84 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loginCommand = void 0;
+const commander_1 = require("commander");
+const chalk_1 = __importDefault(require("chalk"));
+const device_flow_service_1 = require("../internal/device-flow-service");
+const provider_client_1 = require("../api/provider-client");
+const script_sync_utils_1 = require("../utils/script-sync-utils");
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const version_utils_1 = require("../utils/version-utils");
+const auto_mcp_setup_1 = require("../setup/auto-mcp-setup");
+exports.loginCommand = new commander_1.Command('login')
+    .description('Login to platforms (GitHub, etc.)');
+exports.loginCommand
+    .command('github')
+    .description('Login to GitHub using Device Flow')
+    .action(async () => {
+    // Load the token to global config
+    const globalConfigDir = (0, script_sync_utils_1.getUserFraimDir)();
+    const globalConfigPath = path_1.default.join(globalConfigDir, 'config.json');
+    let config = {};
+    if (fs_1.default.existsSync(globalConfigPath)) {
+        config = JSON.parse(fs_1.default.readFileSync(globalConfigPath, 'utf8'));
+    }
+    if (!config.apiKey) {
+        console.error(chalk_1.default.red('\n❌ No FRAIM API key found. Please run "fraim setup" first.'));
+        process.exit(1);
+    }
+    const client = new provider_client_1.ProviderClient(config.apiKey);
+    let githubConfig;
+    try {
+        const providers = await client.getAllProviders();
+        githubConfig = providers.find(p => p.id === 'github')?.deviceFlowConfig;
+        if (!githubConfig) {
+            console.error(chalk_1.default.red('\n❌ Device flow configuration for GitHub not found on server.'));
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        console.error(chalk_1.default.red(`\n❌ Failed to fetch provider configuration: ${error.message}`));
+        process.exit(1);
+    }
+    const deviceFlow = new device_flow_service_1.DeviceFlowService(githubConfig);
+    try {
+        const token = await deviceFlow.login();
+        config.tokens = {
+            ...(config.tokens || {}),
+            github: token
+        };
+        config.version = config.version || (0, version_utils_1.getFraimVersion)();
+        config.updatedAt = new Date().toISOString();
+        fs_1.default.writeFileSync(globalConfigPath, JSON.stringify(config, null, 2));
+        console.log(chalk_1.default.green('\n✅ GitHub token saved to global configuration.'));
+        // Trigger MCP reconfiguration
+        if (config.apiKey) {
+            console.log(chalk_1.default.blue('🔌 Updating MCP server configurations...'));
+            const mcpTokens = {};
+            Object.entries(config.tokens).forEach(([id, t]) => {
+                mcpTokens[id] = t;
+            });
+            // Re-use existing provider configs if any
+            const providerConfigsMap = {};
+            if (config.providerConfigs) {
+                Object.entries(config.providerConfigs).forEach(([key, val]) => {
+                    const providerId = key.replace('Config', '');
+                    providerConfigsMap[providerId] = val;
+                });
+            }
+            await (0, auto_mcp_setup_1.autoConfigureMCP)(config.apiKey, mcpTokens, undefined, providerConfigsMap);
+            console.log(chalk_1.default.green('✅ MCP servers updated with new GitHub token.'));
+        }
+        else {
+            console.log(chalk_1.default.yellow('⚠️  No FRAIM API key found. Run "fraim setup" to complete configuration.'));
+        }
+    }
+    catch (error) {
+        console.error(chalk_1.default.red(`\n❌ Login failed: ${error.message}`));
+        process.exit(1);
+    }
+});

package/dist/src/cli/commands/setup.js

@@ -245,7 +245,7 @@ const runSetup = async (options) => {
     let providedConfigs = {};
     if (isUpdate) {
         // Update existing setup - add platforms
-        console.log(chalk_1.default.blue('📝 Updating existing FRAIM configuration...\n'));
+        console.log(chalk_1.default.blue('📝 Existing FRAIM configuration detected.\n'));
         try {
             const existingConfig = JSON.parse(fs_1.default.readFileSync(globalConfigPath, 'utf8'));
             // Allow updating FRAIM key even without provider changes
@@ -258,11 +258,141 @@ const runSetup = async (options) => {
             // Check if this is just a key update or a provider update
             const isKeyUpdate = options.key && options.key !== existingConfig.apiKey;
             const isProviderUpdate = requestedProviders.length > 0;
-            // Only proceed if there's something to update
+            // If no specific changes requested, offer interactive update
             if (!isKeyUpdate && !isProviderUpdate) {
-                console.log(chalk_1.default.yellow('⚠️ No changes specified.'));
-                console.log(chalk_1.default.gray('Use --key to update FRAIM key, or --github, --gitlab, etc. to add providers.'));
-                return;
+                console.log(chalk_1.default.gray('   Current configuration:'));
+                console.log(chalk_1.default.gray(`   • Mode: ${existingConfig.mode || 'integrated'}`));
+                // Show existing tokens
+                const { getProvider } = await Promise.resolve().then(() => __importStar(require('../providers/provider-registry')));
+                if (existingConfig.tokens && Object.keys(existingConfig.tokens).length > 0) {
+                    const providerNames = await Promise.all(Object.keys(existingConfig.tokens).map(async (id) => {
+                        const provider = await getProvider(id);
+                        return provider?.displayName || id;
+                    }));
+                    console.log(chalk_1.default.gray(`   • Providers: ${providerNames.join(', ')}`));
+                }
+                else {
+                    console.log(chalk_1.default.gray('   • Providers: none'));
+                }
+                console.log();
+                // Ask user what they want to do
+                const response = await (0, prompts_1.default)({
+                    type: 'select',
+                    name: 'action',
+                    message: 'What would you like to do?',
+                    choices: [
+                        {
+                            title: 'Add a provider',
+                            value: 'add-provider',
+                            description: 'Add a new platform integration (GitHub, GitLab, etc.)'
+                        },
+                        {
+                            title: 'Update FRAIM key',
+                            value: 'update-key',
+                            description: 'Change your FRAIM API key'
+                        },
+                        {
+                            title: 'Reconfigure from scratch',
+                            value: 'reconfigure',
+                            description: 'Start fresh setup (will preserve existing config as backup)'
+                        },
+                        {
+                            title: 'Cancel',
+                            value: 'cancel',
+                            description: 'Exit without making changes'
+                        }
+                    ],
+                    initial: 0
+                });
+                if (!response.action || response.action === 'cancel') {
+                    console.log(chalk_1.default.gray('\nSetup cancelled. No changes made.'));
+                    return;
+                }
+                if (response.action === 'add-provider') {
+                    console.log(chalk_1.default.blue('\n📦 Adding a provider...\n'));
+                    const providerClient = new provider_client_1.ProviderClient(fraimKey, process.env.FRAIM_REMOTE_URL || undefined);
+                    // Prompt for which provider to add
+                    const providersToAdd = await (0, provider_prompts_1.promptForProviders)(providerClient);
+                    requestedProviders = providersToAdd;
+                }
+                else if (response.action === 'update-key') {
+                    console.log(chalk_1.default.blue('\n🔑 Updating FRAIM key...\n'));
+                    fraimKey = await promptForFraimKey();
+                }
+                else if (response.action === 'reconfigure') {
+                    console.log(chalk_1.default.blue('\n🔄 Starting fresh setup...\n'));
+                    // Backup existing config
+                    const backupPath = globalConfigPath + '.backup.' + Date.now();
+                    fs_1.default.copyFileSync(globalConfigPath, backupPath);
+                    console.log(chalk_1.default.gray(`   Backed up existing config to: ${path_1.default.basename(backupPath)}\n`));
+                    // Treat as fresh setup
+                    fraimKey = options.key || await promptForFraimKey();
+                    console.log(chalk_1.default.green('✅ FRAIM key accepted\n'));
+                    mode = options.mode ? parseModeOption(options.mode) : await promptForMode();
+                    const parsed = await parseLegacyOptions(options, fraimKey);
+                    requestedProviders = parsed.requestedProviders;
+                    providedTokens = parsed.providedTokens;
+                    providedConfigs = parsed.providedConfigs;
+                    // Clear existing tokens/configs for fresh start
+                    Object.keys(tokens).forEach(key => delete tokens[key]);
+                    Object.keys(configs).forEach(key => delete configs[key]);
+                    // Continue with fresh setup flow
+                    const providerClient = new provider_client_1.ProviderClient(fraimKey, process.env.FRAIM_REMOTE_URL || undefined);
+                    if (mode === 'integrated') {
+                        let providersToSetup = requestedProviders;
+                        if (providersToSetup.length === 0) {
+                            providersToSetup = await (0, provider_prompts_1.promptForProviders)(providerClient);
+                        }
+                        for (const providerId of providersToSetup) {
+                            try {
+                                const creds = await (0, provider_prompts_1.promptForProviderCredentials)(providerClient, providerId, providedTokens[providerId], providedConfigs[providerId]);
+                                tokens[providerId] = creds.token;
+                                if (creds.config) {
+                                    configs[providerId] = creds.config;
+                                }
+                            }
+                            catch (e) {
+                                const providerName = await (0, provider_registry_1.getProviderDisplayName)(providerId);
+                                console.log(chalk_1.default.red(`❌ Failed to get ${providerName} credentials`));
+                                process.exit(1);
+                            }
+                        }
+                    }
+                    else if (mode === 'split') {
+                        // Split mode setup
+                        console.log(chalk_1.default.blue('\n🔀 Split Mode Configuration'));
+                        console.log(chalk_1.default.gray('Configure separate platforms for code hosting and issue tracking.\n'));
+                        const codeRepoProvider = await (0, provider_prompts_1.promptForSingleProvider)(providerClient, 'code');
+                        const creds1 = await (0, provider_prompts_1.promptForProviderCredentials)(providerClient, codeRepoProvider, providedTokens[codeRepoProvider], providedConfigs[codeRepoProvider]);
+                        tokens[codeRepoProvider] = creds1.token;
+                        if (creds1.config) {
+                            configs[codeRepoProvider] = creds1.config;
+                        }
+                        const issueProvider = await (0, provider_prompts_1.promptForSingleProvider)(providerClient, 'issues');
+                        if (!tokens[issueProvider]) {
+                            const creds2 = await (0, provider_prompts_1.promptForProviderCredentials)(providerClient, issueProvider, providedTokens[issueProvider], providedConfigs[issueProvider]);
+                            tokens[issueProvider] = creds2.token;
+                            if (creds2.config) {
+                                configs[issueProvider] = creds2.config;
+                            }
+                        }
+                    }
+                    // Save and configure MCP
+                    console.log(chalk_1.default.blue('\n💾 Saving global configuration...'));
+                    saveGlobalConfig(fraimKey, mode, tokens, configs);
+                    console.log(chalk_1.default.blue('\n🔌 Configuring MCP servers...'));
+                    const mcpTokens = {};
+                    Object.entries(tokens).forEach(([id, token]) => {
+                        mcpTokens[id] = token;
+                    });
+                    const providerConfigsMap = {};
+                    Object.entries(configs).forEach(([providerId, config]) => {
+                        providerConfigsMap[providerId] = config;
+                    });
+                    await (0, auto_mcp_setup_1.autoConfigureMCP)(fraimKey, mcpTokens, options.ide ? [options.ide] : undefined, providerConfigsMap);
+                    console.log(chalk_1.default.green('\n🎯 Reconfiguration complete!'));
+                    return;
+                }
             }
             mode = existingConfig.mode || 'integrated';
             // Preserve existing tokens
@@ -276,14 +406,6 @@ const runSetup = async (options) => {
                     configs[providerId] = value;
                 });
             }
-            console.log(chalk_1.default.gray(`   Current mode: ${mode}`));
-            // Show existing tokens
-            const { getProvider } = await Promise.resolve().then(() => __importStar(require('../providers/provider-registry')));
-            const providerNames = await Promise.all(Object.keys(tokens).map(async (id) => {
-                const provider = await getProvider(id);
-                return provider?.displayName || id;
-            }));
-            console.log(chalk_1.default.gray(`   Existing tokens: ${providerNames.join(', ') || 'none'}\n`));
         }
         catch (e) {
             console.log(chalk_1.default.red('❌ Failed to read existing configuration'));

package/dist/src/cli/fraim.js

@@ -47,6 +47,7 @@ const add_ide_1 = require("./commands/add-ide");
 const add_provider_1 = require("./commands/add-provider");
 const override_1 = require("./commands/override");
 const list_overridable_1 = require("./commands/list-overridable");
+const login_1 = require("./commands/login");
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const program = new commander_1.Command();
@@ -83,6 +84,7 @@ program.addCommand(add_ide_1.addIDECommand);
 program.addCommand(add_provider_1.addProviderCommand);
 program.addCommand(override_1.overrideCommand);
 program.addCommand(list_overridable_1.listOverridableCommand);
+program.addCommand(login_1.loginCommand);
 // Wait for async command initialization before parsing
 (async () => {
     // Import the initialization promise from setup command

package/dist/src/cli/internal/device-flow-service.js

@@ -0,0 +1,83 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DeviceFlowService = void 0;
+const axios_1 = __importDefault(require("axios"));
+const chalk_1 = __importDefault(require("chalk"));
+class DeviceFlowService {
+    constructor(config) {
+        this.config = config;
+    }
+    /**
+     * Start the Device Flow Login
+     */
+    async login() {
+        console.log(chalk_1.default.blue('\n🔗 Starting Authentication...'));
+        try {
+            // 1. Request device and user codes
+            const deviceCode = await this.requestDeviceCode();
+            console.log(chalk_1.default.yellow('\nACTION REQUIRED:'));
+            console.log(`1. Go to: ${chalk_1.default.cyan.underline(deviceCode.verification_uri)}`);
+            console.log(`2. Enter the code: ${chalk_1.default.bold.green(deviceCode.user_code)}`);
+            console.log(chalk_1.default.gray(`\nWaiting for authorization (expires in ${Math.floor(deviceCode.expires_in / 60)} minutes)...`));
+            // 2. Poll for the access token
+            const token = await this.pollForToken(deviceCode.device_code, deviceCode.interval);
+            console.log(chalk_1.default.green('\n✅ Authentication Successful!'));
+            return token;
+        }
+        catch (error) {
+            console.error(chalk_1.default.red(`\n❌ Authentication failed: ${error.message}`));
+            throw error;
+        }
+    }
+    async requestDeviceCode() {
+        const response = await axios_1.default.post(this.config.authUrl, {
+            client_id: this.config.clientId,
+            scope: this.config.scope
+        }, {
+            headers: { Accept: 'application/json' }
+        });
+        return response.data;
+    }
+    async pollForToken(deviceCode, interval) {
+        let currentInterval = interval * 1000;
+        return new Promise((resolve, reject) => {
+            const poll = async () => {
+                try {
+                    const response = await axios_1.default.post(this.config.tokenUrl, {
+                        client_id: this.config.clientId,
+                        device_code: deviceCode,
+                        grant_type: 'urn:ietf:params:oauth:grant-type:device_code'
+                    }, {
+                        headers: { Accept: 'application/json' }
+                    });
+                    if (response.data.access_token) {
+                        resolve(response.data.access_token);
+                        return;
+                    }
+                    if (response.data.error) {
+                        const error = response.data.error;
+                        if (error === 'authorization_pending') {
+                            // Keep polling
+                            setTimeout(poll, currentInterval);
+                        }
+                        else if (error === 'slow_down') {
+                            currentInterval += 5000;
+                            setTimeout(poll, currentInterval);
+                        }
+                        else {
+                            reject(new Error(response.data.error_description || error));
+                        }
+                    }
+                }
+                catch (error) {
+                    reject(error);
+                }
+            };
+            setTimeout(poll, currentInterval);
+        });
+    }
+}
+exports.DeviceFlowService = DeviceFlowService;

package/dist/src/cli/mcp/mcp-server-registry.js

@@ -99,19 +99,20 @@ function buildStdioServer(mcpConfig, token, config) {
     if (!mcpConfig.command) {
         throw new Error('Stdio MCP server requires command');
     }
+    const resolveTemplate = (template) => {
+        let value = template.replace('{token}', token);
+        if (config) {
+            for (const [configKey, configValue] of Object.entries(config)) {
+                value = value.replace(`{config.${configKey}}`, String(configValue));
+            }
+        }
+        return value;
+    };
     // Build environment variables from template
     const env = {};
     if (mcpConfig.envTemplate) {
         for (const [key, template] of Object.entries(mcpConfig.envTemplate)) {
-            let value = template;
-            // Replace {token} placeholder
-            value = value.replace('{token}', token);
-            // Replace {config.key} placeholders
-            if (config) {
-                for (const [configKey, configValue] of Object.entries(config)) {
-                    value = value.replace(`{config.${configKey}}`, String(configValue));
-                }
-            }
+            let value = resolveTemplate(template);
             // Handle URL normalization for Jira
             if (key === 'JIRA_URL' && value && !value.startsWith('http')) {
                 value = `https://${value}`;
@@ -121,7 +122,7 @@ function buildStdioServer(mcpConfig, token, config) {
     }
     return {
         command: mcpConfig.command,
-        args: mcpConfig.args || [],
+        args: (mcpConfig.args || []).map(resolveTemplate),
         env
     };
 }