git-coco 0.60.0 → 0.61.0

package/dist/index.js

@@ -78,7 +78,7 @@ var readline__namespace = /*#__PURE__*/_interopNamespaceDefault(readline);
 /**
  * Current build version from package.json
  */
-const BUILD_VERSION = "0.60.0";
+const BUILD_VERSION = "0.61.0";
 
 const isInteractive = (config) => {
     return config?.mode === 'interactive' || !!config?.interactive;
@@ -309,10 +309,19 @@ class LangChainExecutionError extends LangChainError {
 }
 /**
  * Authentication-related errors (missing API keys, invalid credentials, etc.)
+ *
+ * Carries `provider` + `endpoint` context so the formatter (in
+ * `commandExecutor`) can render provider-specific recovery hints
+ * ("set OPENAI_API_KEY", "run `gh auth login`", etc.) instead of the
+ * generic "verify your API key" copy. Mirrors the shape of
+ * `LangChainNetworkError` so call sites can hand the same fields to
+ * either constructor depending on which condition fired.
  */
 class LangChainAuthenticationError extends LangChainError {
-    constructor(message, context) {
-        super(message, context);
+    constructor(message, provider, endpoint, context) {
+        super(message, { ...context, provider, endpoint });
+        this.provider = provider;
+        this.endpoint = endpoint;
     }
 }
 /**
@@ -450,21 +459,27 @@ function getDefaultServiceApiKey(config) {
     const requiresAuth = provider === 'openai' || provider === 'anthropic';
     if (service.authentication.type === 'APIKey') {
         const apiKey = service.authentication.credentials?.apiKey;
+        // `endpoint` is optional on some service variants (Ollama / OpenAI-
+        // compatible) and absent on others (managed OpenAI / Anthropic).
+        // Read defensively so we still attach it when present.
+        const endpoint = service.endpoint;
         if (requiresAuth && (!apiKey || apiKey.trim() === '')) {
-            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: API key is required for ${provider} provider but not provided`, { provider, authenticationType: service.authentication.type });
+            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: API key is required for ${provider} provider but not provided`, provider, endpoint, { authenticationType: service.authentication.type });
         }
         return apiKey || '';
     }
     if (service.authentication.type === 'OAuth') {
         const token = service.authentication.credentials?.token;
+        const endpoint = service.endpoint;
         if (requiresAuth && (!token || token.trim() === '')) {
-            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: OAuth token is required for ${provider} provider but not provided`, { provider, authenticationType: service.authentication.type });
+            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: OAuth token is required for ${provider} provider but not provided`, provider, endpoint, { authenticationType: service.authentication.type });
         }
         return token || '';
     }
     if (service.authentication.type === 'None') {
         if (requiresAuth) {
-            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: ${provider} provider requires authentication but 'None' was configured`, { provider, authenticationType: service.authentication.type });
+            const endpoint = service.endpoint;
+            throw new LangChainAuthenticationError(`getDefaultServiceApiKey: ${provider} provider requires authentication but 'None' was configured`, provider, endpoint, { authenticationType: service.authentication.type });
         }
         return '';
     }
@@ -2597,18 +2612,48 @@ function formatNetworkError(error, logger) {
         logger.log('  • Verify the service endpoint is correct', { color: 'white' });
         logger.log('  • Ensure the LLM service is running and accessible', { color: 'white' });
     }
+    logger.log('  • Run `coco doctor` to verify your configured provider + endpoint', { color: 'white' });
     logger.verbose(`\nOriginal error: ${error.message}`, { color: 'gray' });
 }
 /**
- * Formats an authentication error with helpful information
+ * Formats an authentication error with provider-aware troubleshooting.
+ *
+ * Pre-MEDIUM-8 the formatter was generic — "verify your API key,
+ * check it hasn't expired" — because the error class didn't carry
+ * any provider context. Now that `LangChainAuthenticationError`
+ * carries `provider` + `endpoint` (mirroring `LangChainNetworkError`),
+ * we can name the env var the user actually needs to set and route
+ * Ollama / OpenAI-compatible / managed-provider users through the
+ * right next step.
  */
 function formatAuthenticationError(error, logger) {
+    const provider = error.provider || 'LLM service';
+    const endpoint = error.endpoint;
     logger.log('\nFailed to execute command', { color: 'yellow' });
-    logger.log('\nError: Authentication failed', { color: 'red' });
+    logger.log(`\nError: Authentication failed${error.provider ? ` for ${provider}` : ''}`, { color: 'red' });
+    if (endpoint) {
+        logger.log(`       Endpoint: ${endpoint}`, { color: 'red' });
+    }
     logger.log('\nTroubleshooting:', { color: 'cyan' });
-    logger.log('  • Verify your API key is correct', { color: 'white' });
-    logger.log('  • Check that your API key has not expired', { color: 'white' });
-    logger.log('  • Ensure the API key is set in your environment or config', { color: 'white' });
+    logger.log('  • Verify your API key is correct and has not expired', { color: 'white' });
+    // Provider-specific env var hint when we know the provider.
+    if (provider === 'openai' || provider === 'OpenAI') {
+        logger.log('  • Set `OPENAI_API_KEY` in your shell or `service.authentication.credentials.apiKey` in config', { color: 'white' });
+    }
+    else if (provider === 'anthropic' || provider === 'Anthropic') {
+        logger.log('  • Set `ANTHROPIC_API_KEY` in your shell or `service.authentication.credentials.apiKey` in config', { color: 'white' });
+    }
+    else if (provider === 'ollama' || provider === 'Ollama') {
+        logger.log('  • Ollama usually does not need a key — check `service.endpoint` and that `ollama serve` is running', { color: 'white' });
+    }
+    else if (provider === 'openai-compatible') {
+        logger.log('  • OpenAI-compatible endpoints need both `service.endpoint` and a valid API key', { color: 'white' });
+    }
+    else {
+        logger.log('  • Ensure the API key is set in your environment or config', { color: 'white' });
+    }
+    logger.log('  • Run `coco init` to (re)configure your provider + key', { color: 'white' });
+    logger.log('  • Run `coco doctor` to inspect the active config sources', { color: 'white' });
     logger.verbose(`\nOriginal error: ${error.message}`, { color: 'gray' });
 }
 /**
@@ -3578,8 +3623,7 @@ const handler$b = async (argv, logger) => {
         const result = clearDiffSummaryCache(repoPath);
         if (!result.ok) {
             logger.log(chalk.red(`Failed to clear diff-summary cache at ${cachePath}`));
-            process.exitCode = 1;
-            return;
+            commandExit(1, 'cache clear failed');
         }
         if (result.removed) {
             logger.log(chalk.green(`Cleared diff-summary cache at ${cachePath}`));
@@ -3619,8 +3663,7 @@ const handler$b = async (argv, logger) => {
         if (interactive) {
             const picked = await promptLanguageSelection(logger);
             if (!picked) {
-                process.exitCode = 1;
-                return;
+                commandExit(1, 'cache prefetch cancelled');
             }
             resolved = picked;
         }
@@ -3637,7 +3680,7 @@ const handler$b = async (argv, logger) => {
             `${chalk.dim(`${result.alreadyCached.length} already cached`)} · ` +
             `${chalk.red(`${result.failed.length} failed`)}`);
         if (result.failed.length > 0) {
-            process.exitCode = 1;
+            commandExit(1, `cache prefetch failed for ${result.failed.length} language(s)`);
         }
         return;
     }
@@ -3670,12 +3713,12 @@ const handler$b = async (argv, logger) => {
     }
     logger.log(chalk.red(`Unknown cache subcommand: ${subcommand}`));
     logger.log(chalk.dim('Use one of: clear, info, parsers, prefetch, clear-parsers, clear-github'));
-    process.exitCode = 1;
+    commandExit(1, `unknown cache subcommand: ${subcommand}`);
 };
 
 var cache = {
     command: command$b,
-    desc: 'Manage the diff-summary cache (clear, info)',
+    desc: 'Manage coco caches (clear, info, parsers, prefetch, github)',
     builder: builder$b,
     handler: commandExecutor(handler$b),
 };
@@ -8944,6 +8987,124 @@ async function generateAndReviewLoop({ label, factory, parser, noResult, agent,
     return result;
 }
 
+/**
+ * Centralised glyph + label vocabulary for diagnostic / status copy.
+ *
+ * Before this module each surface (commandExecutor, doctor, footer,
+ * cache, issues, prs, commit-hook flow) picked its own marks for
+ * pass / warn / fail / info — `✓` here, `✔` there, `✖` vs `✗`. Users
+ * couldn't lean on a consistent visual signal to scan output, and the
+ * audit flagged it as one of the bigger inconsistencies in the
+ * codebase.
+ *
+ * The vocabulary mirrors what Linux package managers + git-aware
+ * tools converge on (`pacman`, `apt`, `nala`, `npm doctor`, etc.) —
+ * green check / red fail / yellow warn / blue info. ASCII fallbacks
+ * are first-class so dumb terminals (TERM=dumb / vt100) still render
+ * a meaningful prefix.
+ *
+ * Conventions:
+ *   - Status glyphs (PASS / FAIL / WARN / INFO) — for diagnostic
+ *     output, command exit, doctor severity, footer message kinds.
+ *     Colour-coded variants live alongside as `*_COLORED` helpers
+ *     so callers can use either depending on context.
+ *   - Action glyphs (BULLET, ARROW) — for indented hint lines and
+ *     "next step" callouts.
+ *   - Domain glyphs (CHECK_RUN_*, DECISION_*) — keep their own
+ *     vocabularies (PR reviews, status checks) because their
+ *     semantic shape doesn't map cleanly onto pass/fail/warn/info.
+ *
+ * Use `pickGlyph(unicode, ascii, isAscii)` when you need to honor
+ * `theme.ascii` mode in a single call site.
+ */
+/**
+ * Status-severity glyph set. Same vocabulary as the workstation
+ * footer's `kind` field (info / warning / error / success / loading)
+ * plus `pass` for the doctor / "no problem" case.
+ */
+const GLYPHS = {
+    pass: '✓',
+    fail: '✖',
+    warn: '⚠',
+    info: 'ℹ',
+    bullet: '•'};
+/**
+ * Theme-tinted helpers for terminal output. These return chalk-wrapped
+ * strings so callers don't repeat the `chalk.<color>(GLYPHS.<key>)`
+ * pattern. Each maps to the canonical colour the codebase uses for
+ * that severity:
+ *
+ *   - PASS  → green
+ *   - FAIL  → red
+ *   - WARN  → yellow
+ *   - INFO  → blue
+ *
+ * Doctor's `SEVERITY_ICON` lookup is the canonical example — it now
+ * delegates here so the colours stay in sync if the theme palette
+ * shifts in the future.
+ */
+const PASS = () => chalk.green(GLYPHS.pass);
+const FAIL = () => chalk.red(GLYPHS.fail);
+const WARN = () => chalk.yellow(GLYPHS.warn);
+const INFO = () => chalk.blue(GLYPHS.info);
+
+/**
+ * Maps each provider to the env var users should set + the kebab-case
+ * provider label used in the recovery copy. `coco init` and `coco
+ * doctor` both reference these names; keeping the lookup in one place
+ * makes the messages stay aligned when a new provider lands.
+ */
+const PROVIDER_ENV_VARS = {
+    openai: { envVar: 'OPENAI_API_KEY', label: 'OpenAI' },
+    anthropic: { envVar: 'ANTHROPIC_API_KEY', label: 'Anthropic' },
+    ollama: { envVar: 'OLLAMA_API_KEY', label: 'Ollama' },
+    'openai-compatible': { envVar: 'OPENAI_API_KEY', label: 'OpenAI-compatible' },
+};
+/**
+ * Print a structured "missing API key" message + exit non-zero.
+ *
+ * Replaces the old `No API Key found. 🗝️🚪` one-liner that used to live
+ * inline in commit / changelog / recap / review handlers. Centralised
+ * because:
+ *
+ *   1. The message names the env var the user actually needs to set
+ *      (different per provider) — that was the single biggest gap in
+ *      the prior message.
+ *   2. It surfaces the configured provider + model so the user can tell
+ *      which of their providers tripped the check (useful when running
+ *      with dynamic model routing).
+ *   3. It points at `coco init` and `coco doctor` as the recovery
+ *      paths, mirroring the discoverability cue every other modern CLI
+ *      uses for first-run config errors.
+ *
+ * Throws `CommandExitError(1)` via `commandExit` — callers do NOT need
+ * to handle the return value.
+ */
+function handleMissingApiKey(logger, config, options) {
+    const provider = config.service?.provider || 'unknown';
+    const model = config.service?.model || 'unknown';
+    const providerInfo = PROVIDER_ENV_VARS[provider] || {
+        envVar: 'PROVIDER_API_KEY',
+        label: provider,
+    };
+    const lines = [
+        `${FAIL()} ${chalk.bold('Missing API key')} for ${chalk.cyan(providerInfo.label)} (model: ${chalk.cyan(model)})`,
+        '',
+        `${chalk.bold('Next step')} — set up an API key one of these ways:`,
+        `  ${chalk.dim(GLYPHS.bullet)} Run ${chalk.cyan('coco init')} to walk through provider + key setup`,
+        `  ${chalk.dim(GLYPHS.bullet)} Export ${chalk.cyan(providerInfo.envVar)} in your shell`,
+        `  ${chalk.dim(GLYPHS.bullet)} Add the key to ${chalk.cyan('.coco.config.json')} or ${chalk.cyan('~/.gitconfig')} (under ${chalk.cyan('[coco]')})`,
+        '',
+        `${chalk.dim('Run')} ${chalk.cyan('coco doctor')} ${chalk.dim('to diagnose the active config sources.')}`,
+    ];
+    for (const line of lines) {
+        logger.log(line);
+    }
+    // Tag the exit message with the failing command so process supervisors
+    // / CI logs can grep for it without parsing the full body.
+    commandExit(1, `${options.command}: missing API key for ${providerInfo.label}`);
+}
+
 const logSuccess = () => {
     console.log(chalk.green(chalk.bold('\nAll set! 🦾🤖')));
 };
@@ -14436,8 +14597,7 @@ const handler$a = async (argv, logger) => {
         commandExit(1);
     }
     if (config.service.authentication.type !== 'None' && !key) {
-        logger.log(`No API Key found. 🗝️🚪`, { color: 'red' });
-        commandExit(1);
+        handleMissingApiKey(logger, config, { command: 'changelog' });
     }
     const llm = getLlm(provider, model, { ...config, service: changelogService });
     const summaryLlm = getLlm(provider, summaryService.model, { ...config, service: summaryService });
@@ -16333,8 +16493,7 @@ const handler$9 = async (argv, logger) => {
     const splitService = resolveDynamicService(config, 'commitSplit');
     const model = commitService.model;
     if (config.service.authentication.type !== 'None' && !key) {
-        logger.log(`No API Key found. 🗝️🚪`, { color: 'red' });
-        commandExit(1);
+        handleMissingApiKey(logger, config, { command: 'commit' });
     }
     const tokenizer = await getTokenCounter(provider === 'openai' ? model : 'gpt-4o');
     const llm = getLlm(provider, model, { ...config, service: commitService });
@@ -17064,9 +17223,9 @@ function checkProjectConfigFile(diagnostics) {
 }
 
 const SEVERITY_ICON = {
-    error: chalk.red('✖'),
-    warn: chalk.yellow('⚠'),
-    info: chalk.blue('ℹ'),
+    error: FAIL(),
+    warn: WARN(),
+    info: INFO(),
 };
 const SEVERITY_LABEL = {
     error: chalk.red('error'),
@@ -17085,10 +17244,10 @@ function formatSourceInfo(sources) {
     for (const source of sources) {
         const label = SOURCE_LABELS[source.source] || source.source;
         if (source.path) {
-            lines.push(`  ${chalk.green('✓')} ${label} ${chalk.dim(`(${source.path})`)}`);
+            lines.push(`  ${PASS()} ${label} ${chalk.dim(`(${source.path})`)}`);
         }
         else {
-            lines.push(`  ${chalk.green('✓')} ${label}`);
+            lines.push(`  ${PASS()} ${label}`);
         }
     }
     return lines;
@@ -17125,7 +17284,7 @@ const handler$8 = async (argv, logger) => {
     // Run diagnostics
     const diagnostics = runDiagnostics(config);
     if (diagnostics.length === 0) {
-        logger.log(chalk.green('✓ No issues found. Your configuration looks good!'));
+        logger.log(chalk.green(`${PASS()} No issues found. Your configuration looks good!`));
         return;
     }
     const errors = diagnostics.filter((d) => d.severity === 'error');
@@ -17178,7 +17337,7 @@ const handler$8 = async (argv, logger) => {
             const raw = JSON.parse(fs__namespace.readFileSync(configPath, 'utf-8'));
             for (const diagnostic of fixable) {
                 diagnostic.autoFix(raw);
-                logger.log(chalk.green(`  ✓ Fixed: ${diagnostic.message}`));
+                logger.log(chalk.green(`  ${PASS()} Fixed: ${diagnostic.message}`));
             }
             // Ensure $schema is present
             if (!raw.$schema) {
@@ -17197,6 +17356,15 @@ const handler$8 = async (argv, logger) => {
             logger.log(chalk.dim(`${fixable.length} issue(s) can be auto-fixed. Run \`coco doctor --fix\` to apply.`));
         }
     }
+    // Exit non-zero when error-severity diagnostics were surfaced so CI
+    // pipelines can gate on `coco doctor` without parsing its stdout.
+    // Warnings + infos still exit clean — they're informational, not
+    // blockers. Auto-fixed errors keep the non-zero exit so the CI run
+    // surfaces "we patched something for you, please commit it" rather
+    // than masquerading as a passing check.
+    if (errors.length > 0) {
+        commandExit(1, `${errors.length} doctor error(s)`);
+    }
 };
 
 var doctor = {
@@ -17204,6 +17372,7 @@ var doctor = {
     desc: 'Check your coco configuration for common issues and suggest fixes',
     builder: builder$8,
     handler: commandExecutor(handler$8),
+    options: options$8,
 };
 
 const command$7 = 'init';
@@ -17583,11 +17752,7 @@ const handler$7 = async (argv, logger) => {
     // writes the project config to X, not the launcher's cwd. The
     // chdir has to happen before getProjectConfigFilePath resolves
     // its target path (it reads process.cwd).
-    //
-    // `InitArgv` is `Argv<InitOptions>['argv']` which yargs types as a
-    // union including Promise — pass just the `repo` field as a plain
-    // object so the helper's narrow signature stays clean.
-    applyRepoCwd({ repo: argv.repo });
+    applyRepoCwd(argv);
     const options = loadConfig(argv);
     logger.log(LOGO);
     let scope = options?.scope;
@@ -17722,6 +17887,44 @@ const handler$7 = async (argv, logger) => {
             await installCommitlintPackages(scope, logger);
         }
         logger.log(`\ninit successful! 🦾🤖🎉`, { color: 'green' });
+        // Post-write verification — run the same check `coco doctor` runs
+        // so the user finds out about typos / structural issues now,
+        // before their first `coco commit`. Re-load from disk so we
+        // verify the persisted config (not the in-memory shape we just
+        // built), which catches transcription bugs in the appenders.
+        try {
+            const persistedConfig = loadConfig({});
+            const diagnostics = runDiagnostics(persistedConfig);
+            const errors = diagnostics.filter((d) => d.severity === 'error');
+            const warnings = diagnostics.filter((d) => d.severity === 'warn');
+            if (errors.length === 0 && warnings.length === 0) {
+                logger.log(`${PASS()} Verified: no issues found in your new config.`, { color: 'green' });
+            }
+            else {
+                if (errors.length > 0) {
+                    logger.log(`${FAIL()} ${errors.length} error(s) found in the persisted config:`, { color: 'red' });
+                    for (const diagnostic of errors) {
+                        logger.log(`  ${chalk.red(diagnostic.message)}`);
+                    }
+                }
+                if (warnings.length > 0) {
+                    logger.log(`${WARN()} ${warnings.length} warning(s) found in the persisted config:`, { color: 'yellow' });
+                    for (const diagnostic of warnings) {
+                        logger.log(`  ${chalk.yellow(diagnostic.message)}`);
+                    }
+                }
+                logger.log(`${chalk.dim('Run')} ${chalk.cyan('coco doctor')} ${chalk.dim('for the full diagnostic report.')}`);
+            }
+        }
+        catch (verifyError) {
+            // Verification is a polish step, not a blocker. If it crashes
+            // (e.g. config file written to a path the loader can't reach
+            // from the current cwd), fall through to a hint instead of
+            // failing the whole init flow — the config is on disk and
+            // the user can run `coco doctor` themselves.
+            logger.log(`${chalk.dim('Skipped post-init verification:')} ${verifyError.message}`, { color: 'gray' });
+            logger.log(`${chalk.dim('Run')} ${chalk.cyan('coco doctor')} ${chalk.dim('to verify your config manually.')}`);
+        }
     }
     else {
         logger.log('\ninit cancelled.', { color: 'yellow' });
@@ -17763,7 +17966,7 @@ async function installCommitlintPackages(scope, logger) {
 
 var init = {
     command: command$7,
-    desc: 'install & configure coco globally or for the current project',
+    desc: 'Install & configure coco globally or for the current project',
     builder: builder$7,
     handler: commandExecutor(handler$7),
     options: options$7,
@@ -17847,19 +18050,76 @@ async function getGitHubRepository(git) {
     return url ? parseGitHubRemoteUrl$1(url) : undefined;
 }
 /**
- * Probe `gh auth status` and return whether the GitHub CLI is
- * installed AND authenticated. Used by every data fetcher to short-
- * circuit before issuing real API calls — keeps the failure-mode
- * messaging consistent ("CLI missing or not authenticated") instead
- * of leaking through as a generic spawn error.
+ * Probe `gh auth status` and return a structured status describing
+ * exactly which of the failure modes is in play. Used by every data
+ * fetcher to short-circuit before issuing real API calls — and now
+ * lets the caller surface a tailored recovery hint per failure mode
+ * instead of one catch-all message.
+ *
+ * Distinguishing the modes:
+ *   - ENOENT (`gh: command not found`) → `not-installed`
+ *   - `gh auth status` exits non-zero with stderr matching the
+ *     "not logged into" / "authentication required" pattern →
+ *     `not-authenticated`
+ *   - Anything else (permission denied on the binary, timeout, etc.)
+ *     → `unknown` with the underlying error message attached for
+ *     diagnostic display.
  */
-async function isGhAuthenticated(runner) {
+async function getGhStatus(runner) {
     try {
         await runner(['auth', 'status', '--hostname', 'github.com']);
-        return true;
+        return { kind: 'ok' };
     }
-    catch {
-        return false;
+    catch (error) {
+        const err = error;
+        // ENOENT = the binary itself is missing. exec/spawn surfaces this
+        // as either `code === 'ENOENT'` (Node's spawn error code) or a
+        // message containing "ENOENT". Either form is unambiguous.
+        if (err.code === 'ENOENT' || (err.message && err.message.includes('ENOENT'))) {
+            return { kind: 'not-installed' };
+        }
+        // gh exits non-zero from `auth status` when the user isn't logged
+        // in. The message body contains "not logged into" or "logged in
+        // failed" depending on the gh version. Both patterns are stable
+        // enough to gate on without scope-locking to a specific gh
+        // release.
+        const stderr = err.stderr || err.message || '';
+        if (/not logged into|authentication.*required|you are not/i.test(stderr)) {
+            return { kind: 'not-authenticated', detail: stderr.trim().split('\n')[0] };
+        }
+        // Anything else — permission denied, timeout, etc. Surface the
+        // raw message so the user can read it; treat as unavailable.
+        return { kind: 'unknown', detail: err.message || 'gh auth status failed' };
+    }
+}
+/**
+ * Backwards-compatible boolean wrapper around `getGhStatus`. Kept so
+ * existing callers (data loaders, sidebar fetchers) don't all have to
+ * migrate at once. New call sites should use `getGhStatus` directly
+ * to access the discriminated failure modes.
+ */
+async function isGhAuthenticated(runner) {
+    const status = await getGhStatus(runner);
+    return status.kind === 'ok';
+}
+/**
+ * Render a user-facing recovery hint for a non-`ok` gh status. Used by
+ * `commands/issues` / `commands/prs` / pull-request workflow surfaces
+ * so every "gh is unavailable" message tells the user the exact next
+ * step. Keeps the wording in sync across surfaces — if a user runs
+ * `coco prs` and `coco issues` back to back, the same broken state
+ * surfaces the same fix.
+ */
+function describeGhStatus(status) {
+    switch (status.kind) {
+        case 'ok':
+            return 'GitHub CLI is installed and authenticated.';
+        case 'not-installed':
+            return 'GitHub CLI (`gh`) is not installed. Install it from https://cli.github.com/ and run `gh auth login`.';
+        case 'not-authenticated':
+            return `GitHub CLI is installed but not authenticated. Run \`gh auth login\` (scopes: \`repo\`, \`read:org\`).${status.detail ? ` Details: ${status.detail}` : ''}`;
+        case 'unknown':
+            return `GitHub CLI returned an unexpected error: ${status.detail}. Try \`gh auth status\` directly to diagnose.`;
     }
 }
 
@@ -18051,13 +18311,14 @@ async function getIssueList(git, filter = {}, runner = defaultGhRunner) {
             message: 'No GitHub remote detected.',
         };
     }
-    if (!(await isGhAuthenticated(runner))) {
+    const ghStatus = await getGhStatus(runner);
+    if (ghStatus.kind !== 'ok') {
         return {
             available: true,
             authenticated: false,
             repository,
             filter,
-            message: 'GitHub CLI is missing or not authenticated.',
+            message: describeGhStatus(ghStatus),
         };
     }
     try {
@@ -18169,6 +18430,7 @@ var issues = {
     desc: 'List GitHub issues for the current repository (read-only triage)',
     builder: builder$6,
     handler: commandExecutor(handler$6),
+    options: options$6,
 };
 
 const command$5 = 'log';
@@ -22985,6 +23247,13 @@ const LOG_INK_KEY_BINDINGS = [
         description: 'Create a lightweight tag at the cursored commit.',
         contexts: ['history'],
     },
+    {
+        id: 'viewKeys',
+        keys: ['g?'],
+        label: 'keys',
+        description: 'Show the single-key actions available in the current view (which-key strip).',
+        contexts: ['normal'],
+    },
     {
         id: 'themePicker',
         keys: ['gC'],
@@ -23712,6 +23981,48 @@ function getLogInkHelpSections(options) {
         },
     ];
 }
+/**
+ * True when a key string is a single, bare printable key (e.g. `c`, `R`,
+ * `[`) rather than a chord (`gh`, `gg`) or a named special key (`up`,
+ * `page down`). Used by the which-key view-keys strip, which surfaces only
+ * the single-key overloads — the chord set already has its own overlay.
+ */
+function isBareSingleKey(key) {
+    return key.length === 1 && key !== ' ';
+}
+/**
+ * Single-key bindings available in the current view (#1137). Powers the
+ * `g?` which-key strip: the per-view counterpart to the `g`-chord overlay.
+ *
+ * Sourced entirely from `LOG_INK_KEY_BINDINGS` (no duplicated key data) and
+ * filtered the same way the help overlay's "This view" section is — by
+ * `contexts` against the active view + focus — then narrowed to bindings
+ * that expose at least one bare single key. Globals (`q`, `?`, `/`, `:`, …)
+ * are excluded: they're always available and already live in the footer and
+ * onboarding tour, so the strip stays focused on the deliberate per-view
+ * overloads (`c`, `R`, `a`, `m`, `S`, `[`/`]`, …) the keymap guard protects.
+ *
+ * Sorted by the first bare key for stable, scannable output.
+ */
+function getLogInkViewKeyBindings(options) {
+    return LOG_INK_KEY_BINDINGS
+        .filter((binding) => !GLOBAL_BINDING_IDS.includes(binding.id) &&
+        bindingMatchesViewContext(binding, options) &&
+        binding.keys.some(isBareSingleKey))
+        .sort((a, b) => {
+        const aKey = a.keys.find(isBareSingleKey) ?? '';
+        const bKey = b.keys.find(isBareSingleKey) ?? '';
+        return aKey.localeCompare(bKey);
+    });
+}
+/**
+ * Format only the bare single keys of a binding for the view-keys strip
+ * (e.g. `['up', 'k']` → `k`). Named/chord keys are dropped — the strip is
+ * about the single-key affordance, and the full key list lives in `?` help.
+ */
+function formatBindingBareKeys(binding) {
+    return binding.keys.filter(isBareSingleKey).join(' / ');
+}
 function bindingToPaletteCommand(binding) {
     return {
         id: binding.id,
@@ -25225,7 +25536,39 @@ function replaceRows(state, rows) {
 }
 function appendRows(state, rows) {
     const selected = getSelectedInkCommit(state);
-    const nextRows = [...state.rows, ...rows];
+    // Dedup the merged row list by commit hash so the graph renderer —
+    // which windows directly over `state.rows` (toFullGraphItems →
+    // expandRowsWithSpacers) — and the selection list (deduped commits)
+    // agree on one canonical, duplicate-free row order. Overlapping
+    // appends, notably the anchored `loadCommitContext` page that
+    // re-walks history from the tip, otherwise stack the newest commits
+    // below the oldest ones already loaded. The renderer then shows the
+    // initial commit directly above HEAD and the cursor can scroll
+    // forever through the duplicated tail — the history graph "looping
+    // back on itself". Drop graph-only topology rows that trail a dropped
+    // duplicate commit too, since they describe that duplicate's lanes
+    // and would otherwise dangle.
+    const seenHashes = new Set();
+    const nextRows = [];
+    let droppingTrailingGraph = false;
+    for (const row of [...state.rows, ...rows]) {
+        if (row.type === 'commit') {
+            if (seenHashes.has(row.hash)) {
+                droppingTrailingGraph = true;
+                continue;
+            }
+            seenHashes.add(row.hash);
+            droppingTrailingGraph = false;
+            nextRows.push(row);
+            continue;
+        }
+        // Graph-only topology row: keep it unless it trails a just-dropped
+        // duplicate commit (then it belongs to the duplicate page's lanes).
+        if (droppingTrailingGraph) {
+            continue;
+        }
+        nextRows.push(row);
+    }
     const seen = new Set();
     const commits = getCommitRows(nextRows).filter((commit) => {
         if (seen.has(commit.hash)) {
@@ -25317,6 +25660,7 @@ function createLogInkState(rows, options = {}) {
         fullGraph: options.fullGraph ?? true,
         showHelp: false,
         helpScrollOffset: 0,
+        showViewKeys: false,
         showCommandPalette: false,
         workflowActionId: undefined,
         pendingConfirmationId: undefined,
@@ -25822,6 +26166,22 @@ function applyLogInkAction(state, action) {
                 pendingKey: undefined,
             };
         }
+        case 'returnFromCommit': {
+            // After a successful commit we leave the compose view automatically.
+            // Where to: a still-dirty tree the user was staging from returns to
+            // the Status view so they can finish the rest; an otherwise-complete
+            // commit returns to the History view, where the new commit now shows.
+            // We pop frames one at a time (reusing withPoppedView) so sidebar-tab
+            // and diff-state restoration stays identical to manual Esc/back —
+            // this also unwinds an intermediate `diff` frame (status → diff →
+            // compose) back to the status frame it sits under.
+            const target = action.stillDirty && state.viewStack.includes('status') ? 'status' : HOME_VIEW;
+            let next = state;
+            while (next.viewStack.length > 1 && topOfStack(next.viewStack) !== target) {
+                next = withPoppedView(next);
+            }
+            return { ...next, pendingKey: undefined };
+        }
         case 'navigateOpenDiffForCommit': {
             const next = withPushedView(state, 'diff');
             const filteredCommits = state.filteredCommits;
@@ -26018,6 +26378,7 @@ function applyLogInkAction(state, action) {
                 showCommandPalette: false,
                 showHelp: false,
                 helpScrollOffset: 0,
+                showViewKeys: false,
                 pendingKey: undefined,
             };
         case 'toggleGraph':
@@ -26036,9 +26397,24 @@ function applyLogInkAction(state, action) {
                 // than picking up where the user last scrolled.
                 helpScrollOffset: 0,
                 showCommandPalette: false,
+                // Opening full help supersedes the compact view-keys strip — this
+                // is the progressive-disclosure step (`?` from the strip expands
+                // to the full categorized help, #1137).
+                showViewKeys: false,
                 pendingKey: undefined,
             };
         }
+        case 'toggleViewKeys':
+            return {
+                ...state,
+                showViewKeys: !state.showViewKeys,
+                // The view-keys strip is mutually exclusive with the other
+                // overlays; opening it closes anything else that was showing.
+                showHelp: false,
+                helpScrollOffset: 0,
+                showCommandPalette: false,
+                pendingKey: undefined,
+            };
         case 'scrollHelp':
             // No upper-bound clamp here — the renderer caps the offset
             // against the actual content height at render time. The
@@ -26055,6 +26431,7 @@ function applyLogInkAction(state, action) {
                 showCommandPalette: opening,
                 showHelp: false,
                 helpScrollOffset: 0,
+                showViewKeys: false,
                 // Reset palette interaction state on every open/close so the next
                 // session starts from a clean slate.
                 paletteFilter: '',
@@ -26102,8 +26479,9 @@ function applyLogInkAction(state, action) {
             return {
                 ...state,
                 showThemePicker: opening,
-                // Only one overlay at a time — close help / palette on open.
+                // Only one overlay at a time — close help / palette / view-keys on open.
                 showHelp: false,
+                showViewKeys: false,
                 showCommandPalette: false,
                 themePickerFilter: '',
                 themePickerIndex: 0,
@@ -26903,6 +27281,10 @@ function getLogInkPaletteExecuteEvents(command, state) {
             // Palette closes on execute (toggleCommandPalette runs first), then
             // this opens the theme picker.
             return [action({ type: 'toggleThemePicker' })];
+        case 'viewKeys':
+            // Palette closes on execute (toggleCommandPalette runs first), then
+            // this opens the per-view which-key strip (#1137).
+            return [action({ type: 'toggleViewKeys' })];
         case 'openProjectConfig':
             return [{ type: 'openConfigInEditor', scope: 'project' }];
         case 'openGlobalConfig':
@@ -27631,6 +28013,26 @@ function getLogInkInputEvents(state, inputValue, key = {}, context = {}) {
         }
         return [];
     }
+    // #1137 — the `g?` which-key strip. While it's open the keyboard is
+    // claimed (mirrors the help overlay) so a stray keystroke can't drop
+    // the user into a per-view action they didn't mean to trigger. Esc
+    // closes; `?` is the progressive-disclosure step up to the full
+    // categorized help; `q` still quits. Everything else is swallowed —
+    // the user peeks, dismisses, then presses the key they came for.
+    if (state.showViewKeys) {
+        if (key.escape) {
+            return [action({ type: 'toggleViewKeys' })];
+        }
+        if (inputValue === '?') {
+            // Expand the compact strip into the full help overlay. `toggleHelp`
+            // clears `showViewKeys` so the two never render at once.
+            return [action({ type: 'toggleHelp' })];
+        }
+        if (inputValue === 'q') {
+            return [{ type: 'exit' }];
+        }
+        return [];
+    }
     // #879 item 4 — Esc cancels an in-flight bisect-start wizard. Runs
     // BEFORE the generic `popView` so we both clear the wizard state
     // and walk back to the bisect view in one keystroke. Without this
@@ -27674,6 +28076,17 @@ function getLogInkInputEvents(state, inputValue, key = {}, context = {}) {
         }
         return [{ type: 'exit' }];
     }
+    // `g?` chord (#1137) — open the per-view which-key strip. Placed
+    // BEFORE the bare `?` (full help) check below so the chord is read as
+    // a unit: with `g` pending, `?` opens the view-keys strip rather than
+    // toggling full help. Surfaces automatically in the `g` which-key menu
+    // because its key is a two-char `g`-prefixed binding.
+    if (state.pendingKey === 'g' && inputValue === '?') {
+        return [
+            action({ type: 'setPendingKey', value: undefined }),
+            action({ type: 'toggleViewKeys' }),
+        ];
+    }
     if (inputValue === '?') {
         return [action({ type: 'toggleHelp' })];
     }
@@ -30656,7 +31069,7 @@ function fetchBranch(git, branch) {
     if (!branch.upstream || !branch.remote) {
         return Promise.resolve({
             ok: false,
-            message: `${branch.shortName} has no upstream — nothing to fetch.`,
+            message: `${branch.shortName} has no upstream — set one with \`git push -u <remote> ${branch.shortName}\` to enable fetch.`,
         });
     }
     // `branch.upstream` is the short form (e.g. `origin/main`); the
@@ -30694,7 +31107,7 @@ function pullBranch(git, branch, currentBranchName) {
     if (!branch.upstream || !branch.remote) {
         return Promise.resolve({
             ok: false,
-            message: `${branch.shortName} has no upstream — nothing to pull.`,
+            message: `${branch.shortName} has no upstream — set one with \`git push -u <remote> ${branch.shortName}\` to enable pull.`,
         });
     }
     // Current branch — defer to the in-place workflow.
@@ -32002,13 +32415,14 @@ async function getPullRequestList(git, filter = {}, runner = defaultGhRunner) {
             message: 'No GitHub remote detected.',
         };
     }
-    if (!(await isGhAuthenticated(runner))) {
+    const ghStatus = await getGhStatus(runner);
+    if (ghStatus.kind !== 'ok') {
         return {
             available: true,
             authenticated: false,
             repository,
             filter,
-            message: 'GitHub CLI is missing or not authenticated.',
+            message: describeGhStatus(ghStatus),
         };
     }
     try {
@@ -32874,6 +33288,7 @@ function renderFooter$1(h, components, state, context, theme, idleTip, spinnerFr
     // of the runtime's `forcedPane` derivation in `app.ts`.
     const overlayForcesPane = Boolean(state.splitPlan ||
         state.showHelp ||
+        state.showViewKeys ||
         state.showCommandPalette ||
         state.showThemePicker ||
         state.gitignorePicker ||
@@ -34778,8 +35193,16 @@ function renderComposeSurface(ctx, spinnerFrame = 0) {
     const bodyVisualLines = compose.body
         ? compose.body.split('\n').flatMap((line) => wrapCells(line, bodyTextWidth)).slice(0, bodyRowsAvailable)
         : ['<empty>'];
-    const summaryVisualLines = wrapCells(`${compose.summary || '<empty>'}${summaryCursor}`, Math.max(8, width - 11) // "Summary  " (9) + 2 chrome = 11
-    );
+    // Summary now renders on its own indented line under the label (like the
+    // body), so it wraps at the full content width instead of the cramped
+    // "Summary  " (9) + chrome budget it had when label and value shared a row.
+    const summaryVisualLines = compose.summary
+        ? compose.summary.split('\n').flatMap((line) => wrapCells(line, bodyTextWidth))
+        : ['<empty>'];
+    // Subject length drives a subtle counter on the Summary label: dim under
+    // 50, warning past the conventional 50-char soft limit, danger past 72.
+    // Counted in code points so multibyte subjects aren't over-counted.
+    const summaryLength = [...compose.summary].length;
     // State-line cycles through three modes (#881 phase 3 added the
     // loading variant): editing copy when the user is typing, cancel
     // hint when an AI draft is generating, default guidance otherwise.
@@ -34799,6 +35222,52 @@ function renderComposeSurface(ctx, spinnerFrame = 0) {
     const noStagedHint = !isLogInkContextKeyLoading(contextStatus, 'worktree')
         ? formatLogInkComposeEmpty({ hasStaged: hasStagedFiles })
         : undefined;
+    // Section header for a field (Summary / Body). The active field's label
+    // carries an arrow marker + the repo's selection highlight (matching the
+    // status surface, see status/index.ts) so the user can see which field
+    // their keystrokes target — even before entering edit mode, and even
+    // under NO_COLOR where the marker + bold/dim carry the signal alone. An
+    // optional length counter (Summary only) trails the label outside the
+    // highlight so its own warning/danger color stays legible.
+    const renderSectionHeader = (name, field, count) => {
+        const active = compose.field === field;
+        const highlight = active && focused && !theme.noColor;
+        const marker = active ? (theme.ascii ? '> ' : '▸ ') : '  ';
+        const badge = active && compose.editing ? '  EDITING' : '';
+        const children = [
+            h(Text, {
+                key: `compose-${field}-label`,
+                bold: active,
+                dimColor: !active,
+                backgroundColor: highlight ? theme.colors.selection : undefined,
+                color: highlight ? theme.colors.selectionForeground : undefined,
+            }, `${marker}${name}${badge}`),
+        ];
+        if (count !== undefined) {
+            const countColor = theme.noColor
+                ? undefined
+                : count > 72
+                    ? theme.colors.danger
+                    : count > 50
+                        ? theme.colors.warning
+                        : undefined;
+            children.push(h(Text, {
+                key: `compose-${field}-count`,
+                color: countColor,
+                dimColor: countColor === undefined,
+            }, ` ${count}`));
+        }
+        return h(Box, { key: `compose-${field}-header` }, ...children);
+    };
+    // Content lines for a field — indented two cells under the header, with
+    // the edit cursor parked on the final line when this field is active.
+    const renderSectionContent = (lines, field, cursor) => lines.map((line, index) => {
+        const isLast = index === lines.length - 1;
+        return h(Text, {
+            key: `compose-${field}-${index}`,
+            dimColor: line === '<empty>',
+        }, `  ${line}${cursor && isLast ? cursor : ''}`);
+    });
     return h(Box, {
         borderColor: focusBorderColor(theme, focused),
         borderStyle: theme.borderStyle,
@@ -34806,20 +35275,7 @@ function renderComposeSurface(ctx, spinnerFrame = 0) {
         flexShrink: 0,
         paddingX: 1,
         width,
-    }, h(Box, { justifyContent: 'space-between' }, h(Text, { bold: true }, panelTitle('Compose commit', focused)), h(Text, { dimColor: true }, statusLine)), h(Text, undefined, ''), h(Text, {
-        bold: compose.field === 'summary' && compose.editing,
-    }, `Summary  ${summaryVisualLines[0] || ''}`), ...summaryVisualLines.slice(1).map((line, index) => h(Text, {
-        key: `compose-summary-${index}`,
-        bold: compose.field === 'summary' && compose.editing,
-    }, `         ${line}`)), h(Text, undefined, ''), h(Text, {
-        bold: compose.field === 'body' && compose.editing,
-    }, 'Body'), ...bodyVisualLines.map((line, index) => {
-        const isLast = index === bodyVisualLines.length - 1;
-        return h(Text, {
-            key: `compose-body-${index}`,
-            dimColor: line === '<empty>',
-        }, `  ${line}${bodyCursor && isLast ? bodyCursor : ''}`);
-    }), 
+    }, h(Box, { justifyContent: 'space-between' }, h(Text, { bold: true }, panelTitle('Compose commit', focused)), h(Text, { dimColor: true }, statusLine)), h(Text, undefined, ''), renderSectionHeader('Summary', 'summary', summaryLength > 0 ? summaryLength : undefined), ...renderSectionContent(summaryVisualLines, 'summary', summaryCursor), h(Text, undefined, ''), renderSectionHeader('Body', 'body'), ...renderSectionContent(bodyVisualLines, 'body', bodyCursor), 
     // Loading indicator + post-action message belong inline with the draft
     // (they describe what just happened to the fields above). The state-
     // line ("Editing — Enter switches summary↔body…" / "Press e to edit
@@ -37157,6 +37613,54 @@ function renderChordOverlay(h, components, state, width, theme, focused) {
         paddingX: 1,
     }, ...lines);
 }
+/**
+ * Which-key view-keys strip (#1137). The per-view counterpart to the
+ * `g`-chord overlay: opened by `g?`, it lists the single-key actions
+ * available in the current view (the deliberate overloads — `c`, `R`,
+ * `a`, `m`, `S`, `[`/`]`, …) with their labels, sourced from
+ * `LOG_INK_KEY_BINDINGS` filtered by the active view + focus.
+ *
+ * Renders in the detail panel slot like the chord overlay. `?` steps up
+ * to the full categorized help; Esc closes.
+ */
+function renderViewKeysOverlay(h, components, state, width, theme, focused) {
+    const { Box, Text } = components;
+    const bindings = getLogInkViewKeyBindings({
+        activeView: state.activeView,
+        focus: state.focus,
+    });
+    const accent = theme.noColor ? undefined : theme.colors.accent;
+    const lines = [
+        h(Text, { key: 'view-keys-title', bold: true }, panelTitle(`keys · ${state.activeView}`, focused)),
+        h(Text, { key: 'view-keys-spacer' }, ''),
+    ];
+    if (bindings.length === 0) {
+        lines.push(h(Text, {
+            key: 'view-keys-empty',
+            dimColor: true,
+        }, truncateCells('No single-key actions in this view — use ? for the full help.', width - 4)));
+    }
+    else {
+        // Pad keys to the widest entry so labels align into a scannable column.
+        const keyColumn = bindings.reduce((max, binding) => Math.max(max, formatBindingBareKeys(binding).length), 0);
+        for (const binding of bindings) {
+            const keys = formatBindingBareKeys(binding);
+            lines.push(h(Text, { key: `view-keys-${binding.id}` }, h(Text, { color: accent, bold: true }, `  ${keys.padEnd(keyColumn)}  `), h(Text, undefined, truncateCells(`${binding.label.padEnd(14)} ${binding.description}`, width - keyColumn - 7))));
+        }
+    }
+    lines.push(h(Text, { key: 'view-keys-foot-spacer' }, ''));
+    lines.push(h(Text, {
+        key: 'view-keys-hint',
+        dimColor: true,
+    }, truncateCells('? full help · esc closes', width - 4)));
+    return h(Box, {
+        borderColor: focusBorderColor(theme, focused),
+        borderStyle: theme.borderStyle,
+        flexDirection: 'column',
+        width,
+        paddingX: 1,
+    }, ...lines);
+}
 function renderHelpPanel(h, components, state, width, theme, focused, bodyRows = 0) {
     const { Box, Text } = components;
     // Build the full list of body rows (everything below the title).
@@ -39835,6 +40339,12 @@ function renderDetailPanel(h, components, state, context, contextStatus, detail,
     if (state.showHelp) {
         return renderHelpPanel(h, components, state, width, theme, focused, bodyRows);
     }
+    // #1137 — the `g?` which-key strip lists the current view's single-key
+    // actions. Checked alongside the other overlays; the reducer keeps it
+    // mutually exclusive with help / palette / pickers.
+    if (state.showViewKeys) {
+        return renderViewKeysOverlay(h, components, state, width, theme, focused);
+    }
     if (state.showCommandPalette) {
         return renderCommandPalette(h, components, state, width, theme, focused);
     }
@@ -40740,6 +41250,10 @@ function LogInkApp(deps) {
             worktree,
         }), issuedAtDepth);
         setContextStatus((current) => updateLogInkContextStatus(current, 'worktree', 'ready'), issuedAtDepth);
+        // Returned so callers needing the *fresh* overview (e.g. post-commit
+        // navigation) can read it directly instead of racing the async
+        // `setContext` update, which won't be visible in their closure.
+        return worktree;
     }, [git, runtimes.length, setContext, setContextStatus]);
     // Live refresh: watch .git metadata + the working tree root and reload
     // context when something changes outside the TUI (editor save, external
@@ -41602,7 +42116,14 @@ function LogInkApp(deps) {
             // and see the pre-commit log (same silent-failure shape as
             // the split-apply case caught in this PR).
             await refreshHistoryRows();
-            await refreshWorktreeContext();
+            const worktree = await refreshWorktreeContext();
+            // Leave the compose view automatically: a still-dirty tree returns
+            // to Status (so the user can keep staging), an otherwise-complete
+            // commit returns to History (where the new commit now shows). The
+            // reducer inspects the live viewStack to pick the destination.
+            const stillDirty = Boolean(worktree &&
+                worktree.stagedCount + worktree.unstagedCount + worktree.untrackedCount > 0);
+            dispatch({ type: 'returnFromCommit', stillDirty });
         }
     }, [
         context.worktree?.stagedCount,
@@ -44313,6 +44834,7 @@ function LogInkApp(deps) {
     const forcedPane = state.splitPlan
         ? 'main'
         : state.showHelp ||
+            state.showViewKeys ||
             state.showCommandPalette ||
             state.showThemePicker ||
             state.gitignorePicker ||
@@ -45125,6 +45647,7 @@ var prs = {
     desc: 'List GitHub pull requests for the current repository (read-only triage)',
     builder: builder$4,
     handler: commandExecutor(handler$3),
+    options: options$4,
 };
 
 const RecapLlmResponseSchema = objectType({
@@ -45204,8 +45727,7 @@ const handler$2 = async (argv, logger) => {
     const summaryService = resolveDynamicService(config, 'summarize');
     const model = recapService.model;
     if (config.service.authentication.type !== 'None' && !key) {
-        logger.log(`No API Key found. 🗝️🚪`, { color: 'red' });
-        commandExit(1);
+        handleMissingApiKey(logger, config, { command: 'recap' });
     }
     const tokenizer = await getTokenCounter(provider === 'openai' ? model : 'gpt-4o');
     const llm = getLlm(provider, model, { ...config, service: recapService });
@@ -45793,8 +46315,7 @@ const handler$1 = async (argv, logger) => {
     const summaryService = resolveDynamicService(config, argv.branch ? 'largeDiff' : 'summarize');
     const model = reviewService.model;
     if (config.service.authentication.type !== 'None' && !key) {
-        logger.log(`No API Key found. 🗝️🚪`, { color: 'red' });
-        commandExit(1);
+        handleMissingApiKey(logger, config, { command: 'review' });
     }
     const tokenizer = await getTokenCounter(provider === 'openai' ? model : 'gpt-4o');
     const llm = getLlm(provider, model, { ...config, service: reviewService });