inscope 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Neeraj Dalal
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,81 @@
+# inscope
+
+Per-workspace identity for [Claude Code](https://claude.com/claude-code). Scope
+MCP servers, GitHub auth, and git commit identity to the directory you are in,
+so concurrent sessions in different projects never bleed work and personal
+accounts into each other.
+
+You describe each workspace once; `inscope` owns the moving parts and keeps them
+in sync:
+
+- a `.mcp.json` at each workspace root, with uniquely named servers
+- a single zsh `chpwd` hook that resolves the right tokens from `$PWD`
+- git `includeIf` rules so commits get the right email per path
+
+Nothing sensitive is written to disk. GitHub tokens come from the `gh` keyring
+and Slack tokens from the macOS Keychain, resolved live by the hook.
+
+> Background and the why behind the design:
+> [Race-Free Identity in Claude Code](https://zerostarter.dev/blog/mcp-per-workspace).
+
+## Requirements
+
+macOS, zsh, [`gh`](https://cli.github.com), and Claude Code.
+
+## Install
+
+```bash
+npm i -g inscope
+```
+
+## Quickstart
+
+```bash
+# 1. set up the config + hook, and source it from ~/.zshrc
+inscope init
+
+# 2. sign each GitHub account into gh (once)
+gh auth login   # repeat per account
+
+# 3. map your workspaces
+inscope add ~/acme     --gh acme     --email you@acme.com --servers github,linear,notion,slack
+inscope add ~/nrjdalal --gh nrjdalal --email you@personal.dev
+
+# 4. reload your shell, then verify
+source ~/.zshrc
+inscope doctor
+```
+
+`cd ~/acme/api` and you are the work account, with work MCP servers and your
+work commit email. `cd ~/nrjdalal/blog` and you are you. No toggles, and it
+holds up with several terminals open at once.
+
+## Commands
+
+| Command        | What it does                                                         |
+| -------------- | -------------------------------------------------------------------- |
+| `inscope init`   | create the config, generate the hook, source it from `~/.zshrc`      |
+| `inscope add`    | map a directory to a gh account, git email, and MCP servers          |
+| `inscope rm`     | remove a workspace mapping                                           |
+| `inscope list`   | list configured workspaces                                           |
+| `inscope apply`  | regenerate the hook, git includes, and every `.mcp.json` from config |
+| `inscope doctor` | verify tokens, identities, and the hook resolve correctly            |
+
+Run any command with `-h` for its options.
+
+## What it manages
+
+| Surface      | Location                                                    |
+| ------------ | ----------------------------------------------------------- |
+| Config       | `~/.config/claude/workspaces.json`                          |
+| chpwd hook   | `~/.config/claude/mcp-tokens.zsh`                           |
+| MCP servers  | `<workspace>/.mcp.json`                                     |
+| Git identity | `~/.gitconfig` includeIf + `~/.config/git/<name>.gitconfig` |
+
+Edit `workspaces.json` by hand if you like, then run `inscope apply`. It only
+touches the blocks it owns; your other `.zshrc`, `.gitconfig`, and `.mcp.json`
+content is left alone.
+
+## License
+
+MIT

package/dist/bin/index.mjs

@@ -0,0 +1,139 @@
+#!/usr/bin/env node
+import{parseArgs as e}from"node:util";import t from"node:fs";import n from"node:path";import r from"node:os";import{spawnSync as i}from"node:child_process";import a from"node:readline";const o=()=>r.homedir(),s=()=>process.env.XDG_CONFIG_HOME?.trim()||n.join(o(),`.config`),c=e=>e===`~`?o():e.startsWith(`~/`)?n.join(o(),e.slice(2)):e,l=e=>{let t=c(e),r=o();return t===r?`~`:t.startsWith(r+n.sep)?`~/`+t.slice(r.length+1):t},u=e=>n.resolve(c(e)),d=()=>n.join(s(),`claude`,`workspaces.json`),f=()=>n.join(s(),`claude`,`mcp-tokens.zsh`),p=()=>n.join(s(),`git`),m=()=>n.join(o(),`.gitconfig`),h=()=>n.join(o(),`.zshrc`),g=e=>`# >>> inscope:${e} >>>`,_=e=>`# <<< inscope:${e} <<<`,v=e=>e.replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),y=e=>RegExp(`${v(g(e))}\\n[\\s\\S]*?\\n${v(_(e))}\\n?`),b=(e,t)=>{let n=t.replace(/\n+$/,``);return`${g(e)}\n${n}\n${_(e)}\n`},x=e=>{try{return t.readFileSync(e,`utf8`)}catch{return``}},S=(e,r,i)=>{t.mkdirSync(n.dirname(e),{recursive:!0});let a=x(e),o=b(r,i),s=y(r),c;if(s.test(a))c=a.replace(s,o);else{let e=a.replace(/\n*$/,``);c=e.length?`${e}\n\n${o}`:o}t.writeFileSync(e,c)},ee=(e,n)=>{let r=x(e);if(!r)return;let i=r.replace(y(n),``).replace(/\n{3,}/g,`
+
+`).replace(/^\n+/,``);t.writeFileSync(e,i)},C=(e,t)=>{let n=x(e).match(RegExp(`${v(g(t))}\\n([\\s\\S]*?)\\n${v(_(t))}`));return n?n[1]:null},w=`gitconfig`,T=e=>!!(e.git&&(e.git.email||e.git.name)),E=e=>n.join(p(),`${e}.gitconfig`),te=e=>l(e).replace(/\/+$/,``)+`/`,ne=e=>e.workspaces.filter(T).map(e=>`[includeIf "gitdir:${te(e.path)}"]\n\tpath = ${l(E(e.name))}`).join(`
+`),re=e=>{let t=[`# Managed by inscope. Do not edit by hand.`,`[user]`];return e.git?.email&&t.push(`\temail = ${e.git.email}`),e.git?.name&&t.push(`\tname = ${e.git.name}`),t.join(`
+`)+`
+`},ie=e=>{t.mkdirSync(p(),{recursive:!0});for(let n of e.workspaces)T(n)&&t.writeFileSync(E(n.name),re(n));let n=ne(e);n?S(m(),w,n):ee(m(),w)},ae=e=>{let n=E(e);t.existsSync(n)&&t.rmSync(n)},D=e=>{let t=l(e);return t===`~`?`"$HOME/"*`:t.startsWith(`~/`)?`"$HOME/${t.slice(2)}/"*`:`"${t}/"*`},O=e=>e.servers.slack?e.servers.slack.keychain:``,k=e=>{let t=[...e.workspaces].sort((e,t)=>e.name.localeCompare(t.name));return`# Managed by inscope. Do not edit by hand.
+# Source of truth: ~/.config/claude/workspaces.json
+# Edit there, then run \`inscope apply\` to regenerate this file.
+#
+# One chpwd hook resolves per-workspace secrets from \$PWD on every cd: it maps
+# the current directory to a workspace, then pulls that workspace's GitHub token
+# from the gh keyring and Slack token from the macOS keychain. Nothing sensitive
+# is written to disk, and there is no shared mutable state for sessions to race.
+__inscope_resolve_identity() {
+  local ws
+  case "\${PWD}/" in
+${t.map(e=>`    ${D(e.path)}) ws=${e.name} ;;`).join(`
+`)||`    # no workspaces configured`}
+    *) ws="" ;;
+  esac
+  [[ "$ws" == "$__inscope_ws" ]] && return            # workspace unchanged, skip the lookups
+  __inscope_ws="$ws"
+  unset GITHUB_TOKEN GH_TOKEN SLACK_MCP_XOXP_TOKEN   # clear previous (and any inherited) tokens
+
+  local gh_user="" slack_svc=""
+  case "$ws" in
+${t.map(e=>{let t=[];e.gh&&t.push(`gh_user=${e.gh}`);let n=O(e);return n&&t.push(`slack_svc=${n}`),`    ${e.name}) ${t.length?t.join(`; `):`:`} ;;`}).join(`
+`)||`    # no workspaces configured`}
+    *) return ;;                                     # outside a mapped workspace: nothing set
+  esac
+
+  local tok
+  if [[ -n "$gh_user" ]]; then
+    if tok="$(gh auth token -u "$gh_user" 2>/dev/null)" && [[ -n "$tok" ]]; then
+      export GITHUB_TOKEN="$tok" GH_TOKEN="$tok"
+    else
+      print -u2 "inscope: no gh token for $gh_user; GITHUB_TOKEN/GH_TOKEN unset"
+    fi
+  fi
+  if [[ -n "$slack_svc" ]]; then
+    if tok="$(security find-generic-password -a "$USER" -s "$slack_svc" -w 2>/dev/null)" && [[ -n "$tok" ]]; then
+      export SLACK_MCP_XOXP_TOKEN="$tok"
+    else
+      print -u2 "inscope: $slack_svc not in keychain; SLACK_MCP_XOXP_TOKEN unset"
+    fi
+  fi
+}
+
+autoload -Uz add-zsh-hook
+add-zsh-hook chpwd __inscope_resolve_identity
+__inscope_ws="__init__"          # force the first resolve, clearing any inherited token
+__inscope_resolve_identity
+`},A=[`github`,`linear`,`notion`,`slack`],j=e=>A.map(t=>`${t}-${e}`),M=e=>n.join(u(e.path),`.mcp.json`),N=(e,t)=>e&&typeof e==`object`&&e.url?e.url:t,oe=e=>{let t=e.servers,n={};if(t.github&&(n[`github-${e.name}`]={type:`http`,url:`https://api.githubcopilot.com/mcp/`,headers:{Authorization:"Bearer ${GITHUB_TOKEN}"}}),t.linear&&(n[`linear-${e.name}`]={type:`http`,url:N(t.linear,`https://mcp.linear.app/mcp`)}),t.notion&&(n[`notion-${e.name}`]={type:`http`,url:N(t.notion,`https://mcp.notion.com/mcp`)}),t.slack){let r={SLACK_MCP_XOXP_TOKEN:"${SLACK_MCP_XOXP_TOKEN}"};t.slack.addMessageTool&&(r.SLACK_MCP_ADD_MESSAGE_TOOL=`true`),n[`slack-${e.name}`]={type:`stdio`,command:`npx`,args:[`-y`,`slack-mcp-server@1.3.0`,`--transport`,`stdio`],env:r}}return n},P=e=>{if(!t.existsSync(e))return{};try{return JSON.parse(t.readFileSync(e,`utf8`))}catch{return{}}},se=e=>{let n=M(e);return t.existsSync(n)?P(n):null},ce=e=>{let r=M(e);t.mkdirSync(n.dirname(r),{recursive:!0});let i=P(r),a=i.mcpServers&&typeof i.mcpServers==`object`?{...i.mcpServers}:{};for(let t of j(e.name))delete a[t];Object.assign(a,oe(e)),i.mcpServers=a,t.writeFileSync(r,JSON.stringify(i,null,2)+`
+`)},le=e=>{let n=M(e);if(!t.existsSync(n))return;let r=P(n);if(r.mcpServers&&typeof r.mcpServers==`object`)for(let t of j(e.name))delete r.mcpServers[t];t.writeFileSync(n,JSON.stringify(r,null,2)+`
+`)},F=`zshrc`,ue=e=>{let t=o();return e===t?`$HOME`:e.startsWith(t+n.sep)?`$HOME/${e.slice(t.length+1)}`:e},de=()=>{let e=ue(f()),t=`# Loads each workspace's tokens (GitHub, Slack) from $PWD on every cd.\n[ -r "${e}" ] && source "${e}"`;S(h(),F,t)},I=e=>{let r=f();t.mkdirSync(n.dirname(r),{recursive:!0}),t.writeFileSync(r,k(e)),ie(e),de();let i=[];for(let t of e.workspaces)ce(t),i.push(M(t));return{hook:r,gitconfig:e.workspaces.some(e=>e.git?.email||e.git?.name),mcp:i}},L=()=>({version:1,workspaces:[]}),R=()=>t.existsSync(d()),z=()=>{let e=d(),n=t.readFileSync(e,`utf8`),r=JSON.parse(n);return V(r),r},B=e=>{let r=d();t.mkdirSync(n.dirname(r),{recursive:!0}),t.writeFileSync(r,JSON.stringify(e,null,2)+`
+`)},V=e=>{if(!e||typeof e!=`object`)throw Error(`config is not an object`);if(!Array.isArray(e.workspaces))throw Error(`config.workspaces must be an array`);let t=new Set;for(let n of e.workspaces){if(!n.name)throw Error(`a workspace is missing a name`);if(!n.path)throw Error(`workspace "${n.name}" is missing a path`);if(t.has(n.name))throw Error(`duplicate workspace name "${n.name}"`);t.add(n.name)}},H=e=>n.basename(u(e)),fe=(e,t)=>{let n=e.workspaces.find(e=>e.name===t);if(n)return n;let r=u(t);return e.workspaces.find(e=>u(e.path)===r)},pe=(e,t)=>{let n=e.workspaces.filter(e=>e.name!==t.name);return n.push({...t,path:l(t.path)}),n.sort((e,t)=>e.name.localeCompare(t.name)),{...e,workspaces:n}},me=(e,t)=>{let n=fe(e,t);return n?{cfg:{...e,workspaces:e.workspaces.filter(e=>e.name!==n.name)},removed:n}:{cfg:e}},U=(e,t,n)=>{let r=i(e,t,{encoding:`utf8`,input:n?.input});return{status:r.status??(r.error?127:1),stdout:r.stdout??``,stderr:r.stderr??``}},he=()=>process.platform===`darwin`,W=()=>process.env.USER||``,ge=(e,t=U)=>{let n=t(`gh`,[`auth`,`token`,`-u`,e]),r=n.stdout.trim();return n.status===0&&r?r:null},G=(e,t=U)=>{let n=t(`security`,[`find-generic-password`,`-a`,W(),`-s`,e,`-w`]);return n.status===0&&n.stdout.trim().length>0},_e=(e,t,n=U)=>{let r=n(`security`,[`add-generic-password`,`-U`,`-a`,W(),`-s`,e,`-w`,t]);if(r.status!==0)throw Error(`security add-generic-password failed: ${r.stderr.trim()||`unknown error`}`)},K=e=>`security add-generic-password -U -a "${W()||`$USER`}" -s ${e} -w 'xoxp-...'`,ve=(e,t=U)=>{let n=t(`git`,[`config`,`--file`,e,`user.email`]);return n.status===0?n.stdout.trim():null},ye=e=>new Promise(t=>{let n=a.createInterface({input:process.stdin,output:process.stdout}),r=n.output,i=!1;n._writeToOutput=t=>{if(!i){r.write(t),t.includes(e)&&(i=!0);return}},n.question(e,e=>{r.write(`
+`),n.close(),t(e.trim())})});var q=`inscope`,J=`0.1.0`,Y={name:`Neeraj Dalal`,email:`admin@nrjdalal.com`,url:`https://nrjdalal.com`};const X=`Map a directory to a GitHub account, git email, and MCP servers.
+Re-running with the same path or label updates that workspace.
+
+Usage:
+  $ ${q} add <path> [options]
+
+Options:
+      --gh <account>        gh account whose token this workspace uses
+      --email <email>       git commit email for this workspace
+      --git-name <name>     git commit author name (optional)
+      --label <name>        workspace name; defaults to the directory basename
+      --servers <list>      comma-separated: github,linear,notion,slack
+                            (default: github,linear,notion)
+      --slack-keychain <s>  keychain service for the Slack token
+                            (default: slack-<label>-mcp-xoxp when slack is on)
+      --slack-message       allow the Slack MCP server to post messages
+      --seed-slack          prompt for the Slack token and store it in the keychain
+  -h, --help                Display help message`,be=async t=>{let{positionals:n,values:r}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`},gh:{type:`string`},email:{type:`string`},"git-name":{type:`string`},label:{type:`string`},servers:{type:`string`},"slack-keychain":{type:`string`},"slack-message":{type:`boolean`},"seed-slack":{type:`boolean`}},args:t});r.help&&(console.log(X),process.exit(0));let i=n[0];if(!i)throw Error(X);let a=r.label||H(i),o=(r.servers??`github,linear,notion`).split(`,`).map(e=>e.trim()).filter(Boolean),s=o.includes(`slack`)||!!r[`slack-keychain`]||!!r[`seed-slack`],c=r[`slack-keychain`]||`slack-${a}-mcp-xoxp`,u={github:o.includes(`github`),linear:o.includes(`linear`),notion:o.includes(`notion`),slack:s?{keychain:c,addMessageTool:!!r[`slack-message`]}:!1},d=r.email||r[`git-name`]?{email:r.email,name:r[`git-name`]}:void 0,f={name:a,path:l(i),gh:r.gh,git:d,servers:u},p=pe(R()?z():L(),f);if(B(p),I(p),console.log(`✓ workspace "${a}" -> ${f.path}`),console.log(`✓ regenerated the hook, git includes, and ${f.path}/.mcp.json`),u.slack)if(r[`seed-slack`]){let e=await ye(`Paste the Slack xoxp token for ${c}: `);e?(_e(c,e),console.log(`✓ stored ${c} in the macOS keychain`)):console.error(`No token entered; skipped keychain write.`)}else G(c)||console.log(`\nSlack token not in the keychain yet. Store it once with:\n  ${K(c)}`);console.log(`\nLaunch \`claude\` from ${f.path} (or relaunch) to pick up the new identity.`),process.exit(0)},xe=`Regenerate the chpwd hook, git includes, and every .mcp.json
+from your config. Idempotent: run it any time the config changes.
+
+Usage:
+  $ ${q} apply
+
+Options:
+  -h, --help  Display help message`,Se=t=>{let{values:n}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`}},args:t});n.help&&(console.log(xe),process.exit(0)),R()||(console.error(`No config found. Run \`${q} init\` first.`),process.exit(1));let r=z(),i=I(r);console.log(`✓ hook       ${i.hook}`),i.gitconfig&&console.log(`✓ gitconfig  ~/.gitconfig (includeIf block)`);for(let e of i.mcp)console.log(`✓ mcp        ${e}`);console.log(`\nApplied ${r.workspaces.length} workspace(s).`),process.exit(0)},Ce=e=>{try{return t.readFileSync(e,`utf8`)}catch{return null}},we=e=>{let t=[],n=e?.mcpServers;if(!n||typeof n!=`object`)return t;for(let[e,r]of Object.entries(n)){let n=Array.isArray(r?.args)?r.args:[];if(n.some(e=>typeof e==`string`&&/@latest$/.test(e)))t.push(e);else if(r?.command===`npx`){let r=n.find(e=>typeof e==`string`&&!e.startsWith(`-`));r&&!r.includes(`@`)&&t.push(e)}}return t},Te=(e,t=process.cwd())=>{let r=n.resolve(t);return e.workspaces.find(e=>{let t=u(e.path);return r===t||r.startsWith(t+n.sep)})},Ee=(e=U)=>{let t=e(`gh`,[`api`,`user`,`--jq`,`.login`]),n=e(`git`,[`config`,`user.email`]);return{pwd:process.cwd(),gh:t.status===0&&t.stdout.trim()?t.stdout.trim():`none`,gitEmail:n.status===0?n.stdout.trim():`none`,tokenSet:!!process.env.GITHUB_TOKEN}},De=(e,n=U)=>{let r=[];he()||r.push({status:`warn`,label:`platform`,detail:`inscope's secret resolution targets macOS (gh keyring + Keychain)`});let i=f(),a=Ce(i);a===null?r.push({status:`fail`,label:`hook`,detail:`missing ${i}; run \`inscope init\``}):a===k(e)?r.push({status:`ok`,label:`hook`,detail:i}):r.push({status:`warn`,label:`hook`,detail:"out of date; run `inscope apply`"}),r.push(C(h(),F)===null?{status:`warn`,label:`zshrc`,detail:"does not source the hook; run `inscope init`"}:{status:`ok`,label:`zshrc`,detail:`sources the hook`}),e.workspaces.some(T)&&r.push(C(m(),w)===null?{status:`fail`,label:`gitconfig`,detail:"missing includeIf block; run `inscope apply`"}:{status:`ok`,label:`gitconfig`,detail:`includeIf block present`});for(let i of e.workspaces){let e=`[${i.name}]`;if(i.gh&&r.push(ge(i.gh,n)?{status:`ok`,label:`${e} gh`,detail:`token for ${i.gh}`}:{status:`fail`,label:`${e} gh`,detail:`no token for ${i.gh}; run \`gh auth login\``}),i.servers.slack){let t=i.servers.slack.keychain;r.push(G(t,n)?{status:`ok`,label:`${e} slack`,detail:t}:{status:`fail`,label:`${e} slack`,detail:`${t} not in keychain; run \`${K(t)}\``})}if(T(i)){let a=E(i.name);if(!t.existsSync(a))r.push({status:`fail`,label:`${e} git`,detail:`missing ${a}; run \`inscope apply\``});else if(i.git?.email){let t=ve(a,n);r.push(t===i.git.email?{status:`ok`,label:`${e} git`,detail:i.git.email}:{status:`fail`,label:`${e} git`,detail:`email is ${t??`unset`}, expected ${i.git.email}`})}}let a=se(i);if(a===null)r.push({status:`warn`,label:`${e} mcp`,detail:"no .mcp.json; run `inscope apply`"});else{let t=j(i.name).filter(e=>a.mcpServers?.[e]);r.push({status:`ok`,label:`${e} mcp`,detail:`${t.length} server(s)`});let n=we(a);n.length&&r.push({status:`warn`,label:`${e} mcp`,detail:`unpinned: ${n.join(`, `)}`})}}return r},Oe=`Verify the setup: gh tokens resolve, keychain entries exist,
+git emails match per path, the hook is current, and no MCP server is unpinned.
+Exits non-zero if any check fails.
+
+Usage:
+  $ ${q} doctor
+
+Options:
+  -h, --help  Display help message`,ke={ok:`✓`,warn:`!`,fail:`✗`},Ae=t=>{let{values:n}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`}},args:t});n.help&&(console.log(Oe),process.exit(0)),R()||(console.error(`No config found. Run \`${q} init\` first.`),process.exit(1));let r=z(),i=De(r);for(let e of i)console.log(`${ke[e.status]} ${e.label}${e.detail?`  ${e.detail}`:``}`);let a=Te(r);if(a){let e=Ee();console.log(`\nThis shell (${a.name}):`),console.log(`  pwd    ${e.pwd}`),console.log(`  gh     ${e.gh}`),console.log(`  git    ${e.gitEmail}`),console.log(`  token  ${e.tokenSet?`set`:`unset`}`)}let o=i.filter(e=>e.status===`fail`).length;o&&(console.log(`\n${o} check(s) failed.`),process.exit(1)),console.log(`
+All checks passed.`),process.exit(0)},je=`Set up inscope: create the config, generate the chpwd hook, and
+source it from ~/.zshrc. Safe to run again; it never overwrites your config.
+
+Usage:
+  $ ${q} init
+
+Options:
+  -h, --help  Display help message`,Me=t=>{let{values:n}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`}},args:t});n.help&&(console.log(je),process.exit(0));let r;R()?(r=z(),console.log(`Using existing config at ${d()}`)):(r=L(),B(r),console.log(`Created ${d()}`)),I(r),console.log(`Generated the chpwd hook and added a source line to ~/.zshrc.`),console.log(`
+Next steps:
+  1. Reload your shell:           source ~/.zshrc   (or open a new terminal)
+  2. Sign each GitHub account in: gh auth login
+  3. Map a workspace:             ${q} add ~/acme --gh acme --email you@acme.com
+`),process.exit(0)},Ne=`List the configured workspaces. Run \`${q} doctor\` to verify
+that their tokens and identities actually resolve.
+
+Usage:
+  $ ${q} list
+
+Options:
+  -h, --help  Display help message`,Z=e=>[e.github&&`github`,e.linear&&`linear`,e.notion&&`notion`,e.slack&&`slack`].filter(Boolean).join(`, `)||`none`,Pe=t=>{let{values:n}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`}},args:t});n.help&&(console.log(Ne),process.exit(0)),R()||(console.error(`No config found. Run \`${q} init\` first.`),process.exit(1));let r=z();r.workspaces.length||(console.log(`No workspaces yet. Add one with \`${q} add <path> --gh <account>\`.`),process.exit(0));for(let e of r.workspaces)console.log(`${e.name}`),console.log(`  path     ${e.path}`),console.log(`  gh       ${e.gh??`(none)`}`),console.log(`  git      ${e.git?.email??`(default)`}`),console.log(`  servers  ${Z(e.servers)}`),e.servers.slack&&console.log(`  slack    keychain: ${e.servers.slack.keychain}`);process.exit(0)},Q=`Remove a workspace mapping. Drops its git include and the MCP
+servers inscope manages; leaves your keychain and gh accounts untouched.
+
+Usage:
+  $ ${q} rm <path|label>
+
+Options:
+  -h, --help  Display help message`,Fe=t=>{let{positionals:n,values:r}=e({allowPositionals:!0,options:{help:{type:`boolean`,short:`h`}},args:t});r.help&&(console.log(Q),process.exit(0));let i=n[0];if(!i)throw Error(Q);R()||(console.error(`No config found. Run \`${q} init\` first.`),process.exit(1));let{cfg:a,removed:o}=me(z(),i);o||(console.error(`No workspace matching "${i}".`),process.exit(1)),le(o),ae(o.name),B(a),I(a),console.log(`✓ removed workspace "${o.name}"`),o.servers.slack&&console.log(`Note: the keychain entry ${o.servers.slack.keychain} was left in place.\nDelete it with: security delete-generic-password -s ${o.servers.slack.keychain}`),process.exit(0)},$=`Version:
+  ${q}@${J}
+
+Per-workspace identity for Claude Code: scope MCP servers, GitHub auth, and git
+commit identity to the directory you are in, so concurrent sessions never clash.
+
+Usage:
+  $ ${q} <command> [options]
+
+Commands:
+  init           Create the config, generate the hook, source it from ~/.zshrc
+  add <path>     Map a directory to a GitHub account, git email, and MCP servers
+  rm <path>      Remove a workspace mapping (alias: remove)
+  list           List configured workspaces (alias: ls)
+  apply          Regenerate the hook, git includes, and .mcp.json (alias: sync)
+  doctor         Verify tokens, identities, and the hook resolve correctly
+
+Options:
+  -v, --version  Display version
+  -h, --help     Display help
+
+Author:
+  ${Y.name} <${Y.email}> (${Y.url})`;(async()=>{try{let e=process.argv.slice(2),t=e[0],n=e.slice(1);switch(t){case`init`:return Me(n);case`add`:return await be(n);case`rm`:case`remove`:return Fe(n);case`ls`:case`list`:return Pe(n);case`apply`:case`sync`:return Se(n);case`doctor`:return Ae(n)}(t===`-v`||t===`--version`)&&(console.log(`${q}@${J}`),process.exit(0)),(!t||t===`-h`||t===`--help`)&&(console.log($),process.exit(0)),console.error(`unknown command: ${e.join(` `)}\n`),console.error($),process.exit(1)}catch(e){console.error(e.message),process.exit(1)}})();export{};

package/dist/index.d.mts

@@ -0,0 +1,107 @@
+//#region src/config.d.ts
+type SlackServer = {
+  keychain: string;
+  addMessageTool?: boolean;
+};
+type HttpServer = {
+  url?: string;
+};
+type Servers = {
+  github?: boolean;
+  linear?: boolean | HttpServer;
+  notion?: boolean | HttpServer;
+  slack?: SlackServer | false;
+};
+type Workspace = {
+  name: string;
+  path: string;
+  gh?: string;
+  git?: {
+    email?: string;
+    name?: string;
+  };
+  servers: Servers;
+};
+type Config = {
+  version: number;
+  workspaces: Workspace[];
+};
+declare const CONFIG_VERSION = 1;
+declare const defaultConfig: () => Config;
+declare const configExists: () => boolean;
+declare const loadConfig: () => Config;
+declare const saveConfig: (cfg: Config) => void;
+declare const validateConfig: (cfg: Config) => void;
+declare const labelFromPath: (p: string) => string;
+declare const findWorkspace: (cfg: Config, key: string) => Workspace | undefined;
+declare const upsertWorkspace: (cfg: Config, ws: Workspace) => Config;
+declare const removeWorkspace: (cfg: Config, key: string) => {
+  cfg: Config;
+  removed?: Workspace;
+};
+//#endregion
+//#region src/apply.d.ts
+declare const ZSHRC_BLOCK_ID = "zshrc";
+declare const ensureZshrcSource: () => void;
+type ApplyResult = {
+  hook: string;
+  gitconfig: boolean;
+  mcp: string[];
+};
+declare const applyAll: (cfg: Config) => ApplyResult;
+//#endregion
+//#region src/secrets.d.ts
+type RunResult = {
+  status: number;
+  stdout: string;
+  stderr: string;
+};
+type Runner = (cmd: string, args: string[], opts?: {
+  input?: string;
+}) => RunResult;
+declare const defaultRunner: Runner;
+declare const isMacOS: () => boolean;
+declare const ghToken: (account: string, run?: Runner) => string | null;
+declare const ghStatus: (run?: Runner) => string;
+declare const keychainHas: (service: string, run?: Runner) => boolean;
+declare const keychainSet: (service: string, token: string, run?: Runner) => void;
+declare const keychainSetCommand: (service: string) => string;
+declare const gitEmailForFile: (file: string, run?: Runner) => string | null;
+//#endregion
+//#region src/doctor.d.ts
+type CheckStatus = "ok" | "warn" | "fail";
+type Check = {
+  status: CheckStatus;
+  label: string;
+  detail?: string;
+};
+declare const currentWorkspace: (cfg: Config, cwd?: string) => Workspace | undefined;
+declare const liveSnapshot: (run?: Runner) => {
+  pwd: string;
+  gh: string;
+  gitEmail: string;
+  tokenSet: boolean;
+};
+declare const runDoctor: (cfg: Config, run?: Runner) => Check[];
+//#endregion
+//#region src/generators/hook.d.ts
+declare const renderHook: (cfg: Config) => string;
+//#endregion
+//#region src/generators/gitconfig.d.ts
+declare const renderGitInclude: (cfg: Config) => string;
+declare const renderPerWorkspaceGitconfig: (ws: Workspace) => string;
+declare const applyGitconfig: (cfg: Config) => void;
+//#endregion
+//#region src/generators/mcp.d.ts
+declare const SLACK_MCP_VERSION = "1.3.0";
+declare const managedKeys: (name: string) => string[];
+declare const mcpFilePath: (ws: Workspace) => string;
+declare const renderServers: (ws: Workspace) => Record<string, unknown>;
+declare const renderMcp: (ws: Workspace) => {
+  mcpServers: Record<string, unknown>;
+};
+declare const readMcp: (ws: Workspace) => Record<string, any> | null;
+declare const applyMcp: (ws: Workspace) => void;
+declare const removeMcp: (ws: Workspace) => void;
+//#endregion
+export { ApplyResult, CONFIG_VERSION, Check, CheckStatus, Config, HttpServer, RunResult, Runner, SLACK_MCP_VERSION, Servers, SlackServer, Workspace, ZSHRC_BLOCK_ID, applyAll, applyGitconfig, applyMcp, configExists, currentWorkspace, defaultConfig, defaultRunner, ensureZshrcSource, findWorkspace, ghStatus, ghToken, gitEmailForFile, isMacOS, keychainHas, keychainSet, keychainSetCommand, labelFromPath, liveSnapshot, loadConfig, managedKeys, mcpFilePath, readMcp, removeMcp, removeWorkspace, renderGitInclude, renderHook, renderMcp, renderPerWorkspaceGitconfig, renderServers, runDoctor, saveConfig, upsertWorkspace, validateConfig };

package/dist/index.mjs

@@ -0,0 +1,56 @@
+import e from"node:fs";import t from"node:path";import n from"node:os";import{spawnSync as r}from"node:child_process";const i=()=>n.homedir(),a=()=>process.env.XDG_CONFIG_HOME?.trim()||t.join(i(),`.config`),o=e=>e===`~`?i():e.startsWith(`~/`)?t.join(i(),e.slice(2)):e,s=e=>{let n=o(e),r=i();return n===r?`~`:n.startsWith(r+t.sep)?`~/`+n.slice(r.length+1):n},c=e=>t.resolve(o(e)),l=()=>t.join(a(),`claude`,`workspaces.json`),u=()=>t.join(a(),`claude`,`mcp-tokens.zsh`),d=()=>t.join(a(),`git`),f=()=>t.join(i(),`.gitconfig`),p=()=>t.join(i(),`.zshrc`),ee=1,te=()=>({version:1,workspaces:[]}),m=()=>e.existsSync(l()),h=()=>{let t=l(),n=e.readFileSync(t,`utf8`),r=JSON.parse(n);return _(r),r},g=n=>{let r=l();e.mkdirSync(t.dirname(r),{recursive:!0}),e.writeFileSync(r,JSON.stringify(n,null,2)+`
+`)},_=e=>{if(!e||typeof e!=`object`)throw Error(`config is not an object`);if(!Array.isArray(e.workspaces))throw Error(`config.workspaces must be an array`);let t=new Set;for(let n of e.workspaces){if(!n.name)throw Error(`a workspace is missing a name`);if(!n.path)throw Error(`workspace "${n.name}" is missing a path`);if(t.has(n.name))throw Error(`duplicate workspace name "${n.name}"`);t.add(n.name)}},ne=e=>t.basename(c(e)),v=(e,t)=>{let n=e.workspaces.find(e=>e.name===t);if(n)return n;let r=c(t);return e.workspaces.find(e=>c(e.path)===r)},re=(e,t)=>{let n=e.workspaces.filter(e=>e.name!==t.name);return n.push({...t,path:s(t.path)}),n.sort((e,t)=>e.name.localeCompare(t.name)),{...e,workspaces:n}},ie=(e,t)=>{let n=v(e,t);return n?{cfg:{...e,workspaces:e.workspaces.filter(e=>e.name!==n.name)},removed:n}:{cfg:e}},y=e=>`# >>> inscope:${e} >>>`,b=e=>`# <<< inscope:${e} <<<`,x=e=>e.replace(/[.*+?^${}()|[\]\\]/g,`\\$&`),S=e=>RegExp(`${x(y(e))}\\n[\\s\\S]*?\\n${x(b(e))}\\n?`),ae=(e,t)=>{let n=t.replace(/\n+$/,``);return`${y(e)}\n${n}\n${b(e)}\n`},C=t=>{try{return e.readFileSync(t,`utf8`)}catch{return``}},w=(n,r,i)=>{e.mkdirSync(t.dirname(n),{recursive:!0});let a=C(n),o=ae(r,i),s=S(r),c;if(s.test(a))c=a.replace(s,o);else{let e=a.replace(/\n*$/,``);c=e.length?`${e}\n\n${o}`:o}e.writeFileSync(n,c)},oe=(t,n)=>{let r=C(t);if(!r)return;let i=r.replace(S(n),``).replace(/\n{3,}/g,`
+
+`).replace(/^\n+/,``);e.writeFileSync(t,i)},T=(e,t)=>{let n=C(e).match(RegExp(`${x(y(t))}\\n([\\s\\S]*?)\\n${x(b(t))}`));return n?n[1]:null},E=`gitconfig`,D=e=>!!(e.git&&(e.git.email||e.git.name)),O=e=>t.join(d(),`${e}.gitconfig`),k=e=>s(e).replace(/\/+$/,``)+`/`,A=e=>e.workspaces.filter(D).map(e=>`[includeIf "gitdir:${k(e.path)}"]\n\tpath = ${s(O(e.name))}`).join(`
+`),j=e=>{let t=[`# Managed by inscope. Do not edit by hand.`,`[user]`];return e.git?.email&&t.push(`\temail = ${e.git.email}`),e.git?.name&&t.push(`\tname = ${e.git.name}`),t.join(`
+`)+`
+`},M=t=>{e.mkdirSync(d(),{recursive:!0});for(let n of t.workspaces)D(n)&&e.writeFileSync(O(n.name),j(n));let n=A(t);n?w(f(),E,n):oe(f(),E)},se=e=>{let t=s(e);return t===`~`?`"$HOME/"*`:t.startsWith(`~/`)?`"$HOME/${t.slice(2)}/"*`:`"${t}/"*`},ce=e=>e.servers.slack?e.servers.slack.keychain:``,N=e=>{let t=[...e.workspaces].sort((e,t)=>e.name.localeCompare(t.name));return`# Managed by inscope. Do not edit by hand.
+# Source of truth: ~/.config/claude/workspaces.json
+# Edit there, then run \`inscope apply\` to regenerate this file.
+#
+# One chpwd hook resolves per-workspace secrets from \$PWD on every cd: it maps
+# the current directory to a workspace, then pulls that workspace's GitHub token
+# from the gh keyring and Slack token from the macOS keychain. Nothing sensitive
+# is written to disk, and there is no shared mutable state for sessions to race.
+__inscope_resolve_identity() {
+  local ws
+  case "\${PWD}/" in
+${t.map(e=>`    ${se(e.path)}) ws=${e.name} ;;`).join(`
+`)||`    # no workspaces configured`}
+    *) ws="" ;;
+  esac
+  [[ "$ws" == "$__inscope_ws" ]] && return            # workspace unchanged, skip the lookups
+  __inscope_ws="$ws"
+  unset GITHUB_TOKEN GH_TOKEN SLACK_MCP_XOXP_TOKEN   # clear previous (and any inherited) tokens
+
+  local gh_user="" slack_svc=""
+  case "$ws" in
+${t.map(e=>{let t=[];e.gh&&t.push(`gh_user=${e.gh}`);let n=ce(e);return n&&t.push(`slack_svc=${n}`),`    ${e.name}) ${t.length?t.join(`; `):`:`} ;;`}).join(`
+`)||`    # no workspaces configured`}
+    *) return ;;                                     # outside a mapped workspace: nothing set
+  esac
+
+  local tok
+  if [[ -n "$gh_user" ]]; then
+    if tok="$(gh auth token -u "$gh_user" 2>/dev/null)" && [[ -n "$tok" ]]; then
+      export GITHUB_TOKEN="$tok" GH_TOKEN="$tok"
+    else
+      print -u2 "inscope: no gh token for $gh_user; GITHUB_TOKEN/GH_TOKEN unset"
+    fi
+  fi
+  if [[ -n "$slack_svc" ]]; then
+    if tok="$(security find-generic-password -a "$USER" -s "$slack_svc" -w 2>/dev/null)" && [[ -n "$tok" ]]; then
+      export SLACK_MCP_XOXP_TOKEN="$tok"
+    else
+      print -u2 "inscope: $slack_svc not in keychain; SLACK_MCP_XOXP_TOKEN unset"
+    fi
+  fi
+}
+
+autoload -Uz add-zsh-hook
+add-zsh-hook chpwd __inscope_resolve_identity
+__inscope_ws="__init__"          # force the first resolve, clearing any inherited token
+__inscope_resolve_identity
+`},P=`1.3.0`,le=[`github`,`linear`,`notion`,`slack`],F=e=>le.map(t=>`${t}-${e}`),I=e=>t.join(c(e.path),`.mcp.json`),L=(e,t)=>e&&typeof e==`object`&&e.url?e.url:t,R=e=>{let t=e.servers,n={};if(t.github&&(n[`github-${e.name}`]={type:`http`,url:`https://api.githubcopilot.com/mcp/`,headers:{Authorization:"Bearer ${GITHUB_TOKEN}"}}),t.linear&&(n[`linear-${e.name}`]={type:`http`,url:L(t.linear,`https://mcp.linear.app/mcp`)}),t.notion&&(n[`notion-${e.name}`]={type:`http`,url:L(t.notion,`https://mcp.notion.com/mcp`)}),t.slack){let r={SLACK_MCP_XOXP_TOKEN:"${SLACK_MCP_XOXP_TOKEN}"};t.slack.addMessageTool&&(r.SLACK_MCP_ADD_MESSAGE_TOOL=`true`),n[`slack-${e.name}`]={type:`stdio`,command:`npx`,args:[`-y`,`slack-mcp-server@${P}`,`--transport`,`stdio`],env:r}}return n},z=e=>({mcpServers:R(e)}),B=t=>{if(!e.existsSync(t))return{};try{return JSON.parse(e.readFileSync(t,`utf8`))}catch{return{}}},V=t=>{let n=I(t);return e.existsSync(n)?B(n):null},H=n=>{let r=I(n);e.mkdirSync(t.dirname(r),{recursive:!0});let i=B(r),a=i.mcpServers&&typeof i.mcpServers==`object`?{...i.mcpServers}:{};for(let e of F(n.name))delete a[e];Object.assign(a,R(n)),i.mcpServers=a,e.writeFileSync(r,JSON.stringify(i,null,2)+`
+`)},U=t=>{let n=I(t);if(!e.existsSync(n))return;let r=B(n);if(r.mcpServers&&typeof r.mcpServers==`object`)for(let e of F(t.name))delete r.mcpServers[e];e.writeFileSync(n,JSON.stringify(r,null,2)+`
+`)},W=`zshrc`,ue=e=>{let n=i();return e===n?`$HOME`:e.startsWith(n+t.sep)?`$HOME/${e.slice(n.length+1)}`:e},G=()=>{let e=ue(u()),t=`# Loads each workspace's tokens (GitHub, Slack) from $PWD on every cd.\n[ -r "${e}" ] && source "${e}"`;w(p(),W,t)},de=n=>{let r=u();e.mkdirSync(t.dirname(r),{recursive:!0}),e.writeFileSync(r,N(n)),M(n),G();let i=[];for(let e of n.workspaces)H(e),i.push(I(e));return{hook:r,gitconfig:n.workspaces.some(e=>e.git?.email||e.git?.name),mcp:i}},K=(e,t,n)=>{let i=r(e,t,{encoding:`utf8`,input:n?.input});return{status:i.status??(i.error?127:1),stdout:i.stdout??``,stderr:i.stderr??``}},q=()=>process.platform===`darwin`,J=()=>process.env.USER||``,Y=(e,t=K)=>{let n=t(`gh`,[`auth`,`token`,`-u`,e]),r=n.stdout.trim();return n.status===0&&r?r:null},fe=(e=K)=>{let t=e(`gh`,[`auth`,`status`]);return(t.stdout+t.stderr).trim()},X=(e,t=K)=>{let n=t(`security`,[`find-generic-password`,`-a`,J(),`-s`,e,`-w`]);return n.status===0&&n.stdout.trim().length>0},pe=(e,t,n=K)=>{let r=n(`security`,[`add-generic-password`,`-U`,`-a`,J(),`-s`,e,`-w`,t]);if(r.status!==0)throw Error(`security add-generic-password failed: ${r.stderr.trim()||`unknown error`}`)},Z=e=>`security add-generic-password -U -a "${J()||`$USER`}" -s ${e} -w 'xoxp-...'`,Q=(e,t=K)=>{let n=t(`git`,[`config`,`--file`,e,`user.email`]);return n.status===0?n.stdout.trim():null},me=t=>{try{return e.readFileSync(t,`utf8`)}catch{return null}},he=e=>{let t=[],n=e?.mcpServers;if(!n||typeof n!=`object`)return t;for(let[e,r]of Object.entries(n)){let n=Array.isArray(r?.args)?r.args:[];if(n.some(e=>typeof e==`string`&&/@latest$/.test(e)))t.push(e);else if(r?.command===`npx`){let r=n.find(e=>typeof e==`string`&&!e.startsWith(`-`));r&&!r.includes(`@`)&&t.push(e)}}return t},ge=(e,n=process.cwd())=>{let r=t.resolve(n);return e.workspaces.find(e=>{let n=c(e.path);return r===n||r.startsWith(n+t.sep)})},$=(e=K)=>{let t=e(`gh`,[`api`,`user`,`--jq`,`.login`]),n=e(`git`,[`config`,`user.email`]);return{pwd:process.cwd(),gh:t.status===0&&t.stdout.trim()?t.stdout.trim():`none`,gitEmail:n.status===0?n.stdout.trim():`none`,tokenSet:!!process.env.GITHUB_TOKEN}},_e=(t,n=K)=>{let r=[];q()||r.push({status:`warn`,label:`platform`,detail:`inscope's secret resolution targets macOS (gh keyring + Keychain)`});let i=u(),a=me(i);a===null?r.push({status:`fail`,label:`hook`,detail:`missing ${i}; run \`inscope init\``}):a===N(t)?r.push({status:`ok`,label:`hook`,detail:i}):r.push({status:`warn`,label:`hook`,detail:"out of date; run `inscope apply`"}),r.push(T(p(),W)===null?{status:`warn`,label:`zshrc`,detail:"does not source the hook; run `inscope init`"}:{status:`ok`,label:`zshrc`,detail:`sources the hook`}),t.workspaces.some(D)&&r.push(T(f(),E)===null?{status:`fail`,label:`gitconfig`,detail:"missing includeIf block; run `inscope apply`"}:{status:`ok`,label:`gitconfig`,detail:`includeIf block present`});for(let i of t.workspaces){let t=`[${i.name}]`;if(i.gh&&r.push(Y(i.gh,n)?{status:`ok`,label:`${t} gh`,detail:`token for ${i.gh}`}:{status:`fail`,label:`${t} gh`,detail:`no token for ${i.gh}; run \`gh auth login\``}),i.servers.slack){let e=i.servers.slack.keychain;r.push(X(e,n)?{status:`ok`,label:`${t} slack`,detail:e}:{status:`fail`,label:`${t} slack`,detail:`${e} not in keychain; run \`${Z(e)}\``})}if(D(i)){let a=O(i.name);if(!e.existsSync(a))r.push({status:`fail`,label:`${t} git`,detail:`missing ${a}; run \`inscope apply\``});else if(i.git?.email){let e=Q(a,n);r.push(e===i.git.email?{status:`ok`,label:`${t} git`,detail:i.git.email}:{status:`fail`,label:`${t} git`,detail:`email is ${e??`unset`}, expected ${i.git.email}`})}}let a=V(i);if(a===null)r.push({status:`warn`,label:`${t} mcp`,detail:"no .mcp.json; run `inscope apply`"});else{let e=F(i.name).filter(e=>a.mcpServers?.[e]);r.push({status:`ok`,label:`${t} mcp`,detail:`${e.length} server(s)`});let n=he(a);n.length&&r.push({status:`warn`,label:`${t} mcp`,detail:`unpinned: ${n.join(`, `)}`})}}return r};export{ee as CONFIG_VERSION,P as SLACK_MCP_VERSION,W as ZSHRC_BLOCK_ID,de as applyAll,M as applyGitconfig,H as applyMcp,m as configExists,ge as currentWorkspace,te as defaultConfig,K as defaultRunner,G as ensureZshrcSource,v as findWorkspace,fe as ghStatus,Y as ghToken,Q as gitEmailForFile,q as isMacOS,X as keychainHas,pe as keychainSet,Z as keychainSetCommand,ne as labelFromPath,$ as liveSnapshot,h as loadConfig,F as managedKeys,I as mcpFilePath,V as readMcp,U as removeMcp,ie as removeWorkspace,A as renderGitInclude,N as renderHook,z as renderMcp,j as renderPerWorkspaceGitconfig,R as renderServers,_e as runDoctor,g as saveConfig,re as upsertWorkspace,_ as validateConfig};

package/package.json

@@ -0,0 +1,74 @@
+{
+  "name": "inscope",
+  "version": "0.1.0",
+  "description": "Per-workspace identity for Claude Code: scope MCP servers, GitHub auth, and git commit identity to the directory you are in.",
+  "keywords": [
+    "claude-code",
+    "mcp",
+    "cli",
+    "git",
+    "github",
+    "identity",
+    "workspace",
+    "zsh",
+    "chpwd"
+  ],
+  "homepage": "https://github.com/nrjdalal/inscope#readme",
+  "bugs": "https://github.com/nrjdalal/inscope/issues",
+  "repository": "nrjdalal/inscope",
+  "funding": "https://github.com/sponsors/nrjdalal",
+  "license": "MIT",
+  "author": {
+    "name": "Neeraj Dalal",
+    "email": "admin@nrjdalal.com",
+    "url": "https://nrjdalal.com"
+  },
+  "type": "module",
+  "exports": "./dist/index.mjs",
+  "types": "./dist/index.d.mts",
+  "bin": {
+    "inscope": "./dist/bin/index.mjs"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "bin": "tsdown && node dist/bin/index.mjs",
+    "build": "tsdown",
+    "dev": "tsdown --watch",
+    "test": "bun test",
+    "typecheck": "tsc --noEmit",
+    "prepare": "npx simple-git-hooks"
+  },
+  "simple-git-hooks": {
+    "pre-commit": "npx lint-staged",
+    "commit-msg": "npx commitlint --edit $1"
+  },
+  "commitlint": {
+    "extends": [
+      "@commitlint/config-conventional"
+    ]
+  },
+  "lint-staged": {
+    "*": "prettier --write --ignore-unknown",
+    "package.json": "sort-package-json"
+  },
+  "prettier": {
+    "plugins": [
+      "@ianvs/prettier-plugin-sort-imports"
+    ],
+    "semi": false
+  },
+  "devDependencies": {
+    "@commitlint/cli": "^19.8.1",
+    "@commitlint/config-conventional": "^19.8.1",
+    "@ianvs/prettier-plugin-sort-imports": "^4.4.2",
+    "@types/node": "^22.15.32",
+    "lint-staged": "^15.5.2",
+    "prettier": "^3.5.3",
+    "simple-git-hooks": "^2.13.0",
+    "sort-package-json": "^3.2.1",
+    "tsdown": "^0.16.4",
+    "typescript": "^5.8.3"
+  }
+}