ghagga 2.0.0

package/dist/commands/review.test.js

@@ -0,0 +1,161 @@
+/**
+ * CLI review command tests.
+ *
+ * Tests argument parsing, config file resolution, output formatting,
+ * and exit code mapping. The reviewPipeline is mocked to avoid
+ * needing an actual LLM API key.
+ */
+import { describe, it, expect, vi } from 'vitest';
+// ─── Mock ghagga-core to prevent actual LLM calls ───────────────
+vi.mock('ghagga-core', () => ({
+    reviewPipeline: vi.fn(),
+    DEFAULT_SETTINGS: {
+        enableSemgrep: true,
+        enableTrivy: true,
+        enableCpd: true,
+        enableMemory: true,
+        customRules: [],
+        ignorePatterns: ['*.md', '*.txt', '.gitignore', 'LICENSE', '*.lock'],
+        reviewLevel: 'normal',
+    },
+    DEFAULT_MODELS: {
+        anthropic: 'claude-sonnet-4-20250514',
+        openai: 'gpt-4o',
+        google: 'gemini-2.0-flash',
+    },
+}));
+vi.mock('node:child_process', () => ({
+    execSync: vi.fn(),
+}));
+vi.mock('node:fs', () => ({
+    readFileSync: vi.fn(),
+    existsSync: vi.fn().mockReturnValue(false),
+}));
+describe('CLI review module', () => {
+    it('exports reviewCommand function', async () => {
+        const mod = await import('./review.js');
+        expect(mod.reviewCommand).toBeTypeOf('function');
+    });
+    it('exports ReviewOptions type (verified by TypeScript at compile time)', async () => {
+        const mod = await import('./review.js');
+        expect(mod).toBeDefined();
+        expect(typeof mod.reviewCommand).toBe('function');
+    });
+    it('reviewCommand expects exactly 2 arguments (targetPath, options)', async () => {
+        const mod = await import('./review.js');
+        expect(mod.reviewCommand.length).toBe(2);
+    });
+});
+describe('CLI output formatting and exit codes', () => {
+    // We test the internal formatting/exit code logic by checking types/contracts
+    it('defines valid exit codes: PASSED=0, SKIPPED=0, FAILED=1, NEEDS_HUMAN_REVIEW=1', () => {
+        const exitCodes = {
+            PASSED: 0,
+            SKIPPED: 0,
+            FAILED: 1,
+            NEEDS_HUMAN_REVIEW: 1,
+        };
+        expect(exitCodes.PASSED).toBe(0);
+        expect(exitCodes.SKIPPED).toBe(0);
+        expect(exitCodes.FAILED).toBe(1);
+        expect(exitCodes.NEEDS_HUMAN_REVIEW).toBe(1);
+    });
+    it('ReviewResult findings have expected structure', () => {
+        const finding = {
+            severity: 'high',
+            category: 'security',
+            file: 'src/index.ts',
+            line: 42,
+            message: 'SQL injection vulnerability',
+            suggestion: 'Use parameterized queries',
+            source: 'ai',
+        };
+        expect(finding.severity).toBe('high');
+        expect(finding.category).toBe('security');
+        expect(finding.file).toBe('src/index.ts');
+        expect(finding.line).toBe(42);
+        expect(finding.source).toBe('ai');
+    });
+    it('ReviewResult has all required metadata fields', () => {
+        const metadata = {
+            mode: 'simple',
+            provider: 'anthropic',
+            model: 'claude-sonnet-4-20250514',
+            tokensUsed: 500,
+            executionTimeMs: 3200,
+            toolsRun: ['semgrep'],
+            toolsSkipped: ['trivy', 'cpd'],
+        };
+        expect(metadata.mode).toBe('simple');
+        expect(metadata.provider).toBe('anthropic');
+        expect(metadata.tokensUsed).toBeGreaterThan(0);
+        expect(metadata.executionTimeMs).toBeGreaterThan(0);
+        expect(metadata.toolsRun).toContain('semgrep');
+        expect(metadata.toolsSkipped).toHaveLength(2);
+    });
+});
+describe('CLI config file handling', () => {
+    it('.ghagga.json config shape matches expected interface', () => {
+        const config = {
+            mode: 'workflow',
+            provider: 'openai',
+            model: 'gpt-4o',
+            enableSemgrep: true,
+            enableTrivy: false,
+            enableCpd: true,
+            customRules: ['/path/to/rules.yml'],
+            ignorePatterns: ['*.test.ts', '*.spec.ts'],
+            reviewLevel: 'strict',
+        };
+        expect(config.mode).toBe('workflow');
+        expect(config.enableTrivy).toBe(false);
+        expect(config.customRules).toHaveLength(1);
+        expect(config.ignorePatterns).toContain('*.test.ts');
+    });
+    it('CLI options take priority over config file', () => {
+        // CLI says --no-semgrep, config says enableSemgrep: true
+        const cliSemgrep = false;
+        const configSemgrep = true;
+        // In the mergeSettings function, CLI ?? config ?? default
+        const resolved = cliSemgrep ?? configSemgrep;
+        expect(resolved).toBe(false); // CLI wins
+    });
+    it('falls back to config file when CLI option is undefined', () => {
+        const cliValue = undefined;
+        const configValue = 'workflow';
+        const defaultValue = 'simple';
+        const resolved = cliValue ?? configValue ?? defaultValue;
+        expect(resolved).toBe('workflow'); // Config wins over default
+    });
+    it('falls back to default when both CLI and config are undefined', () => {
+        const cliValue = undefined;
+        const configValue = undefined;
+        const defaultValue = 'normal';
+        const resolved = cliValue ?? configValue ?? defaultValue;
+        expect(resolved).toBe('normal'); // Default wins
+    });
+});
+describe('CLI input validation', () => {
+    it('valid modes are: simple, workflow, consensus', () => {
+        const validModes = ['simple', 'workflow', 'consensus'];
+        expect(validModes).toContain('simple');
+        expect(validModes).toContain('workflow');
+        expect(validModes).toContain('consensus');
+        expect(validModes).not.toContain('turbo');
+    });
+    it('valid providers are: anthropic, openai, google, github', () => {
+        const validProviders = ['anthropic', 'openai', 'google', 'github'];
+        expect(validProviders).toContain('anthropic');
+        expect(validProviders).toContain('openai');
+        expect(validProviders).toContain('google');
+        expect(validProviders).toContain('github');
+        expect(validProviders).not.toContain('mistral');
+    });
+    it('valid formats are: markdown, json', () => {
+        const validFormats = ['markdown', 'json'];
+        expect(validFormats).toContain('markdown');
+        expect(validFormats).toContain('json');
+        expect(validFormats).not.toContain('html');
+    });
+});
+//# sourceMappingURL=review.test.js.map

package/dist/commands/review.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"review.test.js","sourceRoot":"","sources":["../../src/commands/review.test.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAc,MAAM,QAAQ,CAAC;AAG9D,mEAAmE;AAEnE,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5B,cAAc,EAAE,EAAE,CAAC,EAAE,EAAE;IACvB,gBAAgB,EAAE;QAChB,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;QACjB,SAAS,EAAE,IAAI;QACf,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,EAAE;QACf,cAAc,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAC;QACpE,WAAW,EAAE,QAAQ;KACtB;IACD,cAAc,EAAE;QACd,SAAS,EAAE,0BAA0B;QACrC,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,kBAAkB;KAC3B;CACF,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,QAAQ,EAAE,EAAE,CAAC,EAAE,EAAE;CAClB,CAAC,CAAC,CAAC;AAEJ,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IACxB,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;IACrB,UAAU,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC;CAC3C,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;QACnF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1B,MAAM,CAAC,OAAO,GAAG,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;QAC/E,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sCAAsC,EAAE,GAAG,EAAE;IACpD,8EAA8E;IAE9E,EAAE,CAAC,+EAA+E,EAAE,GAAG,EAAE;QACvF,MAAM,SAAS,GAAiC;YAC9C,MAAM,EAAE,CAAC;YACT,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;YACT,kBAAkB,EAAE,CAAC;SACtB,CAAC;QAEF,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,OAAO,GAAG;YACd,QAAQ,EAAE,MAAyB;YACnC,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,6BAA6B;YACtC,UAAU,EAAE,2BAA2B;YACvC,MAAM,EAAE,IAAa;SACtB,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC1C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE,QAAiB;YACvB,QAAQ,EAAE,WAAoB;YAC9B,KAAK,EAAE,0BAA0B;YACjC,UAAU,EAAE,GAAG;YACf,eAAe,EAAE,IAAI;YACrB,QAAQ,EAAE,CAAC,SAAS,CAAC;YACrB,YAAY,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC;SAC/B,CAAC;QAEF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC5C,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC/C,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACpD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAC/C,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,UAAU;YAChB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,QAAQ;YACf,aAAa,EAAE,IAAI;YACnB,WAAW,EAAE,KAAK;YAClB,SAAS,EAAE,IAAI;YACf,WAAW,EAAE,CAAC,oBAAoB,CAAC;YACnC,cAAc,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;YAC1C,WAAW,EAAE,QAAQ;SACtB,CAAC;QAEF,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,yDAAyD;QACzD,MAAM,UAAU,GAAG,KAAK,CAAC;QACzB,MAAM,aAAa,GAAG,IAAI,CAAC;QAC3B,0DAA0D;QAC1D,MAAM,QAAQ,GAAG,UAAU,IAAI,aAAa,CAAC;QAC7C,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,MAAM,QAAQ,GAAG,SAAS,CAAC;QAC3B,MAAM,WAAW,GAAG,UAAU,CAAC;QAC/B,MAAM,YAAY,GAAG,QAAQ,CAAC;QAC9B,MAAM,QAAQ,GAAG,QAAQ,IAAI,WAAW,IAAI,YAAY,CAAC;QACzD,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,2BAA2B;IAChE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;QACtE,MAAM,QAAQ,GAAG,SAAS,CAAC;QAC3B,MAAM,WAAW,GAAG,SAAS,CAAC;QAC9B,MAAM,YAAY,GAAG,QAAQ,CAAC;QAC9B,MAAM,QAAQ,GAAG,QAAQ,IAAI,WAAW,IAAI,YAAY,CAAC;QACzD,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe;IAClD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;QACvD,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,MAAM,cAAc,GAAG,CAAC,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACnE,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC9C,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC3C,MAAM,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,YAAY,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAC1C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC3C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/commands/status.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Status command — shows current authentication and configuration.
+ */
+export declare function statusCommand(): Promise<void>;
+//# sourceMappingURL=status.d.ts.map

package/dist/commands/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,wBAAsB,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CA8BnD"}

package/dist/commands/status.js

@@ -0,0 +1,33 @@
+/**
+ * Status command — shows current authentication and configuration.
+ */
+import { loadConfig, getConfigFilePath, isLoggedIn } from '../lib/config.js';
+import { fetchGitHubUser } from '../lib/oauth.js';
+export async function statusCommand() {
+    const config = loadConfig();
+    const configPath = getConfigFilePath();
+    console.log('\ud83e\udd16 GHAGGA Status\n');
+    console.log(`   Config: ${configPath}`);
+    if (!isLoggedIn()) {
+        console.log('   Auth:   \x1b[31mNot logged in\x1b[0m');
+        console.log('\n   Run "ghagga login" to authenticate with GitHub.\n');
+        return;
+    }
+    console.log(`   Auth:   \x1b[32mLogged in\x1b[0m as \x1b[1m${config.githubLogin ?? 'unknown'}\x1b[0m`);
+    console.log(`   Provider: ${config.defaultProvider ?? 'github'}`);
+    console.log(`   Model:    ${config.defaultModel ?? 'gpt-4o-mini'}`);
+    // Validate the stored credential is still valid
+    if (config.githubToken) {
+        try {
+            const user = await fetchGitHubUser(config.githubToken);
+            console.log(`   Session: \x1b[32mValid\x1b[0m (${user.login})`);
+        }
+        catch {
+            console.log(`   Session: \x1b[31mExpired or invalid\x1b[0m`);
+            console.log('\n   Run "ghagga login" to re-authenticate.\n');
+            return;
+        }
+    }
+    console.log('');
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC7E,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,iBAAiB,EAAE,CAAC;IAEvC,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,CAAC,cAAc,UAAU,EAAE,CAAC,CAAC;IAExC,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;QACtE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,iDAAiD,MAAM,CAAC,WAAW,IAAI,SAAS,SAAS,CAAC,CAAC;IACvG,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,eAAe,IAAI,QAAQ,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,YAAY,IAAI,aAAa,EAAE,CAAC,CAAC;IAEpE,gDAAgD;IAChD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,qCAAqC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;QAClE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC7D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC7D,OAAO;QACT,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,21 @@
+#!/usr/bin/env node
+/**
+ * GHAGGA CLI — AI-powered code review from the command line.
+ *
+ * Quick start:
+ *   ghagga login                   Authenticate with GitHub (free!)
+ *   ghagga review [path]           Review staged or uncommitted changes
+ *   ghagga status                  Show current auth and config
+ *   ghagga logout                  Clear stored credentials
+ *
+ * After "ghagga login", reviews use GitHub Models (gpt-4o-mini) for free.
+ * You can override with --provider, --model, --api-key for other providers.
+ *
+ * Environment variables (override stored config):
+ *   GHAGGA_API_KEY     API key for the LLM provider
+ *   GHAGGA_PROVIDER    LLM provider: anthropic, openai, google, github, ollama
+ *   GHAGGA_MODEL       Model identifier
+ *   GITHUB_TOKEN       GitHub token (fallback for github provider)
+ */
+import 'dotenv/config';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,eAAe,CAAC"}

package/dist/index.js

@@ -0,0 +1,133 @@
+#!/usr/bin/env node
+/**
+ * GHAGGA CLI — AI-powered code review from the command line.
+ *
+ * Quick start:
+ *   ghagga login                   Authenticate with GitHub (free!)
+ *   ghagga review [path]           Review staged or uncommitted changes
+ *   ghagga status                  Show current auth and config
+ *   ghagga logout                  Clear stored credentials
+ *
+ * After "ghagga login", reviews use GitHub Models (gpt-4o-mini) for free.
+ * You can override with --provider, --model, --api-key for other providers.
+ *
+ * Environment variables (override stored config):
+ *   GHAGGA_API_KEY     API key for the LLM provider
+ *   GHAGGA_PROVIDER    LLM provider: anthropic, openai, google, github, ollama
+ *   GHAGGA_MODEL       Model identifier
+ *   GITHUB_TOKEN       GitHub token (fallback for github provider)
+ */
+import 'dotenv/config';
+import { Command } from 'commander';
+import { DEFAULT_MODELS } from 'ghagga-core';
+import { loadConfig, getStoredToken } from './lib/config.js';
+import { reviewCommand } from './commands/review.js';
+import { loginCommand } from './commands/login.js';
+import { logoutCommand } from './commands/logout.js';
+import { statusCommand } from './commands/status.js';
+const program = new Command();
+program
+    .name('ghagga')
+    .description('AI-powered code review CLI')
+    .version('2.0.0');
+// ─── Login ──────────────────────────────────────────────────────
+program
+    .command('login')
+    .description('Authenticate with GitHub (uses free AI models)')
+    .action(async () => {
+    await loginCommand();
+});
+// ─── Logout ─────────────────────────────────────────────────────
+program
+    .command('logout')
+    .description('Clear stored GitHub credentials')
+    .action(() => {
+    logoutCommand();
+});
+// ─── Status ─────────────────────────────────────────────────────
+program
+    .command('status')
+    .description('Show current authentication and configuration')
+    .action(async () => {
+    await statusCommand();
+});
+// ─── Review ─────────────────────────────────────────────────────
+program
+    .command('review')
+    .description('Review local code changes using AI')
+    .argument('[path]', 'Path to the repository', '.')
+    .option('-m, --mode <mode>', 'Review mode', 'simple')
+    .option('-p, --provider <provider>', 'LLM provider (auto-detected from login)', process.env['GHAGGA_PROVIDER'])
+    .option('--model <model>', 'LLM model identifier', process.env['GHAGGA_MODEL'])
+    .option('--api-key <key>', 'LLM provider API key', process.env['GHAGGA_API_KEY'])
+    .option('-f, --format <format>', 'Output format', 'markdown')
+    .option('--no-semgrep', 'Disable Semgrep static analysis')
+    .option('--no-trivy', 'Disable Trivy vulnerability scanning')
+    .option('--no-cpd', 'Disable CPD duplicate detection')
+    .option('-c, --config <path>', 'Path to .ghagga.json config file')
+    .option('-v, --verbose', 'Show detailed progress during review')
+    .action(async (path, options) => {
+    // ── Auto-resolve auth from stored config ──────────────────
+    const config = loadConfig();
+    const storedToken = getStoredToken();
+    // Priority: CLI flag > env var > stored config
+    if (!options.provider) {
+        options.provider = config.defaultProvider ?? 'github';
+    }
+    if (!options.model) {
+        options.model = config.defaultModel ?? undefined;
+    }
+    // Auto-resolve API key: CLI flag > env var > GITHUB_TOKEN > stored token
+    if (!options.apiKey) {
+        if (options.provider === 'github') {
+            options.apiKey = process.env['GITHUB_TOKEN'] ?? storedToken ?? undefined;
+        }
+    }
+    // ── Validate mode ─────────────────────────────────────────
+    const validModes = ['simple', 'workflow', 'consensus'];
+    if (!validModes.includes(options.mode)) {
+        console.error(`\u274c Invalid mode "${options.mode}". Choose from: ${validModes.join(', ')}`);
+        process.exit(1);
+    }
+    // ── Validate provider ─────────────────────────────────────
+    const validProviders = ['anthropic', 'openai', 'google', 'github', 'ollama'];
+    if (!validProviders.includes(options.provider)) {
+        console.error(`\u274c Invalid provider "${options.provider}". Choose from: ${validProviders.join(', ')}`);
+        process.exit(1);
+    }
+    // ── Validate format ───────────────────────────────────────
+    const validFormats = ['markdown', 'json'];
+    if (!validFormats.includes(options.format)) {
+        console.error(`\u274c Invalid format "${options.format}". Choose from: ${validFormats.join(', ')}`);
+        process.exit(1);
+    }
+    // ── Validate API key (not required for ollama) ─────────────
+    if (!options.apiKey && options.provider !== 'ollama') {
+        console.error('\u274c No API key available.\n');
+        console.error('   Quick fix: run "ghagga login" to authenticate with GitHub (free!)');
+        console.error('   Or pass --api-key <key> or set GHAGGA_API_KEY.');
+        console.error('   Or use --provider ollama for local models (no key needed).\n');
+        process.exit(1);
+    }
+    // Ollama doesn't need an API key — use a placeholder
+    if (options.provider === 'ollama' && !options.apiKey) {
+        options.apiKey = 'ollama';
+    }
+    // ── Resolve model default ─────────────────────────────────
+    const provider = options.provider;
+    const model = options.model ?? DEFAULT_MODELS[provider];
+    await reviewCommand(path, {
+        mode: options.mode,
+        provider,
+        model,
+        apiKey: options.apiKey,
+        format: options.format,
+        semgrep: options.semgrep,
+        trivy: options.trivy,
+        cpd: options.cpd,
+        config: options.config,
+        verbose: options.verbose ?? false,
+    });
+});
+program.parse();
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,eAAe,CAAC;AAEvB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAE7C,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,QAAQ,CAAC;KACd,WAAW,CAAC,4BAA4B,CAAC;KACzC,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,mEAAmE;AAEnE,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,gDAAgD,CAAC;KAC7D,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,YAAY,EAAE,CAAC;AACvB,CAAC,CAAC,CAAC;AAEL,mEAAmE;AAEnE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,iCAAiC,CAAC;KAC9C,MAAM,CAAC,GAAG,EAAE;IACX,aAAa,EAAE,CAAC;AAClB,CAAC,CAAC,CAAC;AAEL,mEAAmE;AAEnE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,+CAA+C,CAAC;KAC5D,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,aAAa,EAAE,CAAC;AACxB,CAAC,CAAC,CAAC;AAEL,mEAAmE;AAEnE,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,oCAAoC,CAAC;KACjD,QAAQ,CAAC,QAAQ,EAAE,wBAAwB,EAAE,GAAG,CAAC;KACjD,MAAM,CACL,mBAAmB,EACnB,aAAa,EACb,QAAQ,CACT;KACA,MAAM,CACL,2BAA2B,EAC3B,yCAAyC,EACzC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAC/B;KACA,MAAM,CACL,iBAAiB,EACjB,sBAAsB,EACtB,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAC5B;KACA,MAAM,CACL,iBAAiB,EACjB,sBAAsB,EACtB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAC9B;KACA,MAAM,CACL,uBAAuB,EACvB,eAAe,EACf,UAAU,CACX;KACA,MAAM,CAAC,cAAc,EAAE,iCAAiC,CAAC;KACzD,MAAM,CAAC,YAAY,EAAE,sCAAsC,CAAC;KAC5D,MAAM,CAAC,UAAU,EAAE,iCAAiC,CAAC;KACrD,MAAM,CAAC,qBAAqB,EAAE,kCAAkC,CAAC;KACjE,MAAM,CAAC,eAAe,EAAE,sCAAsC,CAAC;KAC/D,MAAM,CAAC,KAAK,EAAE,IAAY,EAAE,OAA6B,EAAE,EAAE;IAC5D,6DAA6D;IAC7D,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,+CAA+C;IAC/C,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,OAAO,CAAC,QAAQ,GAAG,MAAM,CAAC,eAAe,IAAI,QAAQ,CAAC;IACxD,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,CAAC,KAAK,GAAG,MAAM,CAAC,YAAY,IAAI,SAAS,CAAC;IACnD,CAAC;IAED,yEAAyE;IACzE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,WAAW,IAAI,SAAS,CAAC;QAC3E,CAAC;IACH,CAAC;IAED,6DAA6D;IAC7D,MAAM,UAAU,GAAiB,CAAC,QAAQ,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;IACrE,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAkB,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,KAAK,CACX,wBAAwB,OAAO,CAAC,IAAI,mBAAmB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC/E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6DAA6D;IAC7D,MAAM,cAAc,GAAkB,CAAC,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC5F,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAuB,CAAC,EAAE,CAAC;QAC9D,OAAO,CAAC,KAAK,CACX,4BAA4B,OAAO,CAAC,QAAQ,mBAAmB,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC3F,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,OAAO,CAAC,KAAK,CACX,0BAA0B,OAAO,CAAC,MAAM,mBAAmB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACrF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8DAA8D;IAC9D,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;QACtF,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,qDAAqD;IACrD,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACrD,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC;IAC5B,CAAC;IAED,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAuB,CAAC;IACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC;IAExD,MAAM,aAAa,CAAC,IAAI,EAAE;QACxB,IAAI,EAAE,OAAO,CAAC,IAAkB;QAChC,QAAQ;QACR,KAAK;QACL,MAAM,EAAE,OAAO,CAAC,MAAO;QACvB,MAAM,EAAE,OAAO,CAAC,MAA6B;QAC7C,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,KAAK;KAClC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/lib/config.d.ts

@@ -0,0 +1,41 @@
+/**
+ * CLI configuration management.
+ *
+ * Stores auth credentials and preferences in ~/.config/ghagga/config.json
+ * following the XDG Base Directory specification.
+ */
+export interface GhaggaCliConfig {
+    /** GitHub OAuth access token from Device Flow */
+    githubToken?: string;
+    /** GitHub username (fetched after login) */
+    githubLogin?: string;
+    /** Default LLM provider */
+    defaultProvider?: string;
+    /** Default model for the provider */
+    defaultModel?: string;
+}
+/**
+ * Load the CLI config file. Returns empty config if not found.
+ */
+export declare function loadConfig(): GhaggaCliConfig;
+/**
+ * Save the CLI config file. Creates the directory if needed.
+ */
+export declare function saveConfig(config: GhaggaCliConfig): void;
+/**
+ * Clear all stored auth credentials.
+ */
+export declare function clearConfig(): void;
+/**
+ * Check if the user is logged in (has a stored token).
+ */
+export declare function isLoggedIn(): boolean;
+/**
+ * Get the stored GitHub token, or null if not logged in.
+ */
+export declare function getStoredToken(): string | null;
+/**
+ * Get the config file path (for display in status/error messages).
+ */
+export declare function getConfigFilePath(): string;
+//# sourceMappingURL=config.d.ts.map

package/dist/lib/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAQH,MAAM,WAAW,eAAe;IAC9B,iDAAiD;IACjD,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,2BAA2B;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,qCAAqC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAgBD;;GAEG;AACH,wBAAgB,UAAU,IAAI,eAAe,CAa5C;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,eAAe,GAAG,IAAI,CASxD;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,IAAI,CAElC;AAED;;GAEG;AACH,wBAAgB,UAAU,IAAI,OAAO,CAGpC;AAED;;GAEG;AACH,wBAAgB,cAAc,IAAI,MAAM,GAAG,IAAI,CAG9C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C"}

package/dist/lib/config.js

@@ -0,0 +1,73 @@
+/**
+ * CLI configuration management.
+ *
+ * Stores auth credentials and preferences in ~/.config/ghagga/config.json
+ * following the XDG Base Directory specification.
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+// ─── Paths ──────────────────────────────────────────────────────
+function getConfigDir() {
+    const xdgConfig = process.env['XDG_CONFIG_HOME'];
+    const base = xdgConfig || join(homedir(), '.config');
+    return join(base, 'ghagga');
+}
+function getConfigPath() {
+    return join(getConfigDir(), 'config.json');
+}
+// ─── Read / Write ───────────────────────────────────────────────
+/**
+ * Load the CLI config file. Returns empty config if not found.
+ */
+export function loadConfig() {
+    const configPath = getConfigPath();
+    if (!existsSync(configPath)) {
+        return {};
+    }
+    try {
+        const raw = readFileSync(configPath, 'utf-8');
+        return JSON.parse(raw);
+    }
+    catch {
+        return {};
+    }
+}
+/**
+ * Save the CLI config file. Creates the directory if needed.
+ */
+export function saveConfig(config) {
+    const configDir = getConfigDir();
+    const configPath = getConfigPath();
+    if (!existsSync(configDir)) {
+        mkdirSync(configDir, { recursive: true });
+    }
+    writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+}
+/**
+ * Clear all stored auth credentials.
+ */
+export function clearConfig() {
+    saveConfig({});
+}
+/**
+ * Check if the user is logged in (has a stored token).
+ */
+export function isLoggedIn() {
+    const config = loadConfig();
+    return !!config.githubToken;
+}
+/**
+ * Get the stored GitHub token, or null if not logged in.
+ */
+export function getStoredToken() {
+    const config = loadConfig();
+    return config.githubToken ?? null;
+}
+/**
+ * Get the config file path (for display in status/error messages).
+ */
+export function getConfigFilePath() {
+    return getConfigPath();
+}
+//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAkBlC,mEAAmE;AAEnE,SAAS,YAAY;IACnB,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACjD,MAAM,IAAI,GAAG,SAAS,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;IACrD,OAAO,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,IAAI,CAAC,YAAY,EAAE,EAAE,aAAa,CAAC,CAAC;AAC7C,CAAC;AAED,mEAAmE;AAEnE;;GAEG;AACH,MAAM,UAAU,UAAU;IACxB,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IAEnC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAoB,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,MAAuB;IAChD,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IAEnC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW;IACzB,UAAU,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU;IACxB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,OAAO,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,OAAO,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,aAAa,EAAE,CAAC;AACzB,CAAC"}

package/dist/lib/oauth.d.ts

@@ -0,0 +1,55 @@
+/**
+ * GitHub OAuth Device Flow for CLI authentication.
+ *
+ * Implements RFC 8628 (Device Authorization Grant) against GitHub's
+ * OAuth endpoints. The user visits github.com/login/device, enters
+ * a short code, and the CLI receives an access token.
+ *
+ * @see https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#device-flow
+ */
+/** GHAGGA OAuth App Client ID (public — safe to embed in code) */
+export declare const GITHUB_CLIENT_ID = "Ov23liyYpSgDqOLUFa5k";
+export interface DeviceCodeResponse {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    expires_in: number;
+    interval: number;
+}
+export interface AccessTokenResponse {
+    access_token: string;
+    token_type: string;
+    scope: string;
+}
+export interface DeviceFlowError {
+    error: string;
+    error_description?: string;
+    interval?: number;
+}
+export interface GitHubUser {
+    login: string;
+    id: number;
+    avatar_url: string;
+}
+/**
+ * Step 1: Request device and user verification codes from GitHub.
+ */
+export declare function requestDeviceCode(): Promise<DeviceCodeResponse>;
+/**
+ * Step 3: Poll GitHub for the access token until the user authorizes.
+ *
+ * Respects the polling interval and handles slow_down errors by
+ * increasing the interval as required by the spec.
+ *
+ * @param deviceCode - The device_code from Step 1
+ * @param interval - Polling interval in seconds from Step 1
+ * @param expiresIn - Expiration time in seconds from Step 1
+ * @returns The access token on success
+ * @throws On timeout, access_denied, or other fatal errors
+ */
+export declare function pollForAccessToken(deviceCode: string, interval: number, expiresIn: number): Promise<AccessTokenResponse>;
+/**
+ * Fetch the authenticated user's profile from GitHub API.
+ */
+export declare function fetchGitHubUser(token: string): Promise<GitHubUser>;
+//# sourceMappingURL=oauth.d.ts.map

package/dist/lib/oauth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/lib/oauth.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,kEAAkE;AAClE,eAAO,MAAM,gBAAgB,yBAAyB,CAAC;AAIvD,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;CACpB;AAID;;GAEG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,kBAAkB,CAAC,CAmBrE;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,mBAAmB,CAAC,CAuD9B;AAID;;GAEG;AACH,wBAAsB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAcxE"}