npm - patchwork-os - Versions diffs - 0.2.0-alpha.9 → 0.2.0-beta.0 - Mend

patchwork-os 0.2.0-alpha.9 → 0.2.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (581) hide show

package/README.bridge.md +6 -0
package/README.md +315 -35
package/deploy/bootstrap-new-vps.sh +12 -12
package/deploy/bootstrap-vps.sh +187 -0
package/deploy/deploy-dashboard.sh +174 -0
package/deploy/deploy-landing.sh +136 -0
package/dist/activationMetrics.d.ts +67 -0
package/dist/activationMetrics.js +255 -0
package/dist/activationMetrics.js.map +1 -0
package/dist/activityLog.d.ts +49 -0
package/dist/activityLog.js +78 -0
package/dist/activityLog.js.map +1 -1
package/dist/approvalHttp.d.ts +49 -2
package/dist/approvalHttp.js +217 -21
package/dist/approvalHttp.js.map +1 -1
package/dist/approvalInsights.d.ts +49 -0
package/dist/approvalInsights.js +97 -0
package/dist/approvalInsights.js.map +1 -0
package/dist/approvalQueue.d.ts +27 -1
package/dist/approvalQueue.js +123 -3
package/dist/approvalQueue.js.map +1 -1
package/dist/approvalSignals.d.ts +124 -0
package/dist/approvalSignals.js +512 -0
package/dist/approvalSignals.js.map +1 -0
package/dist/automation.d.ts +57 -0
package/dist/automation.js +156 -59
package/dist/automation.js.map +1 -1
package/dist/automationSuggestions.d.ts +79 -0
package/dist/automationSuggestions.js +150 -0
package/dist/automationSuggestions.js.map +1 -0
package/dist/bridge.d.ts +3 -0
package/dist/bridge.js +174 -143
package/dist/bridge.js.map +1 -1
package/dist/bridgeToken.js +57 -19
package/dist/bridgeToken.js.map +1 -1
package/dist/ccPermissions.d.ts +15 -0
package/dist/ccPermissions.js +21 -4
package/dist/ccPermissions.js.map +1 -1
package/dist/claudeDriver.js +74 -16
package/dist/claudeDriver.js.map +1 -1
package/dist/claudeOrchestrator.d.ts +1 -1
package/dist/claudeOrchestrator.js +14 -8
package/dist/claudeOrchestrator.js.map +1 -1
package/dist/commands/dashboard.js +1 -1
package/dist/commands/dashboard.js.map +1 -1
package/dist/commands/launchd.d.ts +2 -0
package/dist/commands/launchd.js +94 -0
package/dist/commands/launchd.js.map +1 -0
package/dist/commands/patchworkInit.d.ts +8 -0
package/dist/commands/patchworkInit.js +77 -11
package/dist/commands/patchworkInit.js.map +1 -1
package/dist/commands/recipe.d.ts +289 -0
package/dist/commands/recipe.js +1359 -0
package/dist/commands/recipe.js.map +1 -0
package/dist/commands/recipeInstall.d.ts +150 -0
package/dist/commands/recipeInstall.js +647 -0
package/dist/commands/recipeInstall.js.map +1 -0
package/dist/commands/tracesExport.d.ts +83 -0
package/dist/commands/tracesExport.js +269 -0
package/dist/commands/tracesExport.js.map +1 -0
package/dist/commands/tracesImport.d.ts +56 -0
package/dist/commands/tracesImport.js +161 -0
package/dist/commands/tracesImport.js.map +1 -0
package/dist/config.d.ts +22 -1
package/dist/config.js +108 -9
package/dist/config.js.map +1 -1
package/dist/connectorRoutes.d.ts +43 -0
package/dist/connectorRoutes.js +1609 -0
package/dist/connectorRoutes.js.map +1 -0
package/dist/connectors/asana.d.ts +198 -0
package/dist/connectors/asana.js +679 -0
package/dist/connectors/asana.js.map +1 -0
package/dist/connectors/baseConnector.d.ts +153 -0
package/dist/connectors/baseConnector.js +336 -0
package/dist/connectors/baseConnector.js.map +1 -0
package/dist/connectors/confluence.d.ts +111 -0
package/dist/connectors/confluence.js +406 -0
package/dist/connectors/confluence.js.map +1 -0
package/dist/connectors/datadog.d.ts +116 -0
package/dist/connectors/datadog.js +385 -0
package/dist/connectors/datadog.js.map +1 -0
package/dist/connectors/discord.d.ts +150 -0
package/dist/connectors/discord.js +543 -0
package/dist/connectors/discord.js.map +1 -0
package/dist/connectors/fixtureLibrary.d.ts +21 -0
package/dist/connectors/fixtureLibrary.js +70 -0
package/dist/connectors/fixtureLibrary.js.map +1 -0
package/dist/connectors/fixtureRecorder.d.ts +1 -0
package/dist/connectors/fixtureRecorder.js +35 -0
package/dist/connectors/fixtureRecorder.js.map +1 -0
package/dist/connectors/github.js +17 -18
package/dist/connectors/github.js.map +1 -1
package/dist/connectors/gitlab.d.ts +180 -0
package/dist/connectors/gitlab.js +582 -0
package/dist/connectors/gitlab.js.map +1 -0
package/dist/connectors/gmail.d.ts +4 -1
package/dist/connectors/gmail.js +149 -27
package/dist/connectors/gmail.js.map +1 -1
package/dist/connectors/googleCalendar.d.ts +4 -1
package/dist/connectors/googleCalendar.js +88 -25
package/dist/connectors/googleCalendar.js.map +1 -1
package/dist/connectors/googleDrive.d.ts +34 -0
package/dist/connectors/googleDrive.js +321 -0
package/dist/connectors/googleDrive.js.map +1 -0
package/dist/connectors/htmlEscape.d.ts +5 -0
package/dist/connectors/htmlEscape.js +13 -0
package/dist/connectors/htmlEscape.js.map +1 -0
package/dist/connectors/hubspot.d.ts +112 -0
package/dist/connectors/hubspot.js +408 -0
package/dist/connectors/hubspot.js.map +1 -0
package/dist/connectors/intercom.d.ts +102 -0
package/dist/connectors/intercom.js +402 -0
package/dist/connectors/intercom.js.map +1 -0
package/dist/connectors/jira.d.ts +98 -0
package/dist/connectors/jira.js +379 -0
package/dist/connectors/jira.js.map +1 -0
package/dist/connectors/linear.js +30 -19
package/dist/connectors/linear.js.map +1 -1
package/dist/connectors/mcpOAuth.d.ts +3 -0
package/dist/connectors/mcpOAuth.js +64 -10
package/dist/connectors/mcpOAuth.js.map +1 -1
package/dist/connectors/mockConnector.d.ts +28 -0
package/dist/connectors/mockConnector.js +81 -0
package/dist/connectors/mockConnector.js.map +1 -0
package/dist/connectors/notion.d.ts +143 -0
package/dist/connectors/notion.js +424 -0
package/dist/connectors/notion.js.map +1 -0
package/dist/connectors/oauthStateStore.d.ts +31 -0
package/dist/connectors/oauthStateStore.js +52 -0
package/dist/connectors/oauthStateStore.js.map +1 -0
package/dist/connectors/pagerduty.d.ts +160 -0
package/dist/connectors/pagerduty.js +464 -0
package/dist/connectors/pagerduty.js.map +1 -0
package/dist/connectors/sentry.js +5 -13
package/dist/connectors/sentry.js.map +1 -1
package/dist/connectors/slack.d.ts +16 -1
package/dist/connectors/slack.js +155 -32
package/dist/connectors/slack.js.map +1 -1
package/dist/connectors/stripe.d.ts +116 -0
package/dist/connectors/stripe.js +379 -0
package/dist/connectors/stripe.js.map +1 -0
package/dist/connectors/tokenStorage.d.ts +35 -0
package/dist/connectors/tokenStorage.js +484 -0
package/dist/connectors/tokenStorage.js.map +1 -0
package/dist/connectors/zendesk.d.ts +104 -0
package/dist/connectors/zendesk.js +442 -0
package/dist/connectors/zendesk.js.map +1 -0
package/dist/cors.d.ts +10 -0
package/dist/cors.js +29 -0
package/dist/cors.js.map +1 -0
package/dist/decisionReplay.d.ts +72 -0
package/dist/decisionReplay.js +92 -0
package/dist/decisionReplay.js.map +1 -0
package/dist/decisionTraceLog.d.ts +6 -0
package/dist/decisionTraceLog.js +54 -2
package/dist/decisionTraceLog.js.map +1 -1
package/dist/drivers/gemini/index.d.ts +5 -1
package/dist/drivers/gemini/index.js +39 -5
package/dist/drivers/gemini/index.js.map +1 -1
package/dist/drivers/index.d.ts +5 -0
package/dist/drivers/index.js +1 -1
package/dist/drivers/index.js.map +1 -1
package/dist/featureFlags.d.ts +79 -0
package/dist/featureFlags.js +208 -0
package/dist/featureFlags.js.map +1 -0
package/dist/fp/automationInterpreter.js +26 -21
package/dist/fp/automationInterpreter.js.map +1 -1
package/dist/fp/automationProgram.d.ts +1 -1
package/dist/fp/automationProgram.js.map +1 -1
package/dist/fp/automationState.js +4 -1
package/dist/fp/automationState.js.map +1 -1
package/dist/fp/policyParser.js +21 -1
package/dist/fp/policyParser.js.map +1 -1
package/dist/inboxRoutes.d.ts +22 -0
package/dist/inboxRoutes.js +114 -0
package/dist/inboxRoutes.js.map +1 -0
package/dist/index.js +1400 -201
package/dist/index.js.map +1 -1
package/dist/installGuard.d.ts +25 -0
package/dist/installGuard.js +48 -0
package/dist/installGuard.js.map +1 -0
package/dist/mcpRoutes.d.ts +37 -0
package/dist/mcpRoutes.js +76 -0
package/dist/mcpRoutes.js.map +1 -0
package/dist/oauth.d.ts +7 -1
package/dist/oauth.js +201 -39
package/dist/oauth.js.map +1 -1
package/dist/oauthRoutes.d.ts +32 -0
package/dist/oauthRoutes.js +124 -0
package/dist/oauthRoutes.js.map +1 -0
package/dist/orchestrator/orchestratorBridge.js +2 -2
package/dist/orchestrator/orchestratorBridge.js.map +1 -1
package/dist/patchworkConfig.d.ts +16 -0
package/dist/patchworkConfig.js +1 -1
package/dist/patchworkConfig.js.map +1 -1
package/dist/pluginLoader.d.ts +28 -0
package/dist/pluginLoader.js +77 -11
package/dist/pluginLoader.js.map +1 -1
package/dist/pluginWatcher.js +8 -3
package/dist/pluginWatcher.js.map +1 -1
package/dist/preToolUseHook.d.ts +12 -0
package/dist/preToolUseHook.js +23 -0
package/dist/preToolUseHook.js.map +1 -1
package/dist/recipeOrchestration.d.ts +121 -0
package/dist/recipeOrchestration.js +955 -0
package/dist/recipeOrchestration.js.map +1 -0
package/dist/recipeRoutes.d.ts +180 -0
package/dist/recipeRoutes.js +1345 -0
package/dist/recipeRoutes.js.map +1 -0
package/dist/recipes/RecipeOrchestrator.d.ts +40 -0
package/dist/recipes/RecipeOrchestrator.js +51 -0
package/dist/recipes/RecipeOrchestrator.js.map +1 -0
package/dist/recipes/agentExecutor.d.ts +29 -0
package/dist/recipes/agentExecutor.js +49 -0
package/dist/recipes/agentExecutor.js.map +1 -0
package/dist/recipes/chainedRunner.d.ts +191 -0
package/dist/recipes/chainedRunner.js +759 -0
package/dist/recipes/chainedRunner.js.map +1 -0
package/dist/recipes/compiler.js +3 -3
package/dist/recipes/compiler.js.map +1 -1
package/dist/recipes/dependencyGraph.d.ts +39 -0
package/dist/recipes/dependencyGraph.js +199 -0
package/dist/recipes/dependencyGraph.js.map +1 -0
package/dist/recipes/disabledMarkers.d.ts +48 -0
package/dist/recipes/disabledMarkers.js +52 -0
package/dist/recipes/disabledMarkers.js.map +1 -0
package/dist/recipes/installer.js +3 -3
package/dist/recipes/installer.js.map +1 -1
package/dist/recipes/legacyRecipeCompat.d.ts +10 -0
package/dist/recipes/legacyRecipeCompat.js +131 -0
package/dist/recipes/legacyRecipeCompat.js.map +1 -0
package/dist/recipes/manifest.d.ts +47 -0
package/dist/recipes/manifest.js +156 -0
package/dist/recipes/manifest.js.map +1 -0
package/dist/recipes/migrationWarnings.d.ts +12 -0
package/dist/recipes/migrationWarnings.js +44 -0
package/dist/recipes/migrationWarnings.js.map +1 -0
package/dist/recipes/migrations/index.d.ts +24 -0
package/dist/recipes/migrations/index.js +55 -0
package/dist/recipes/migrations/index.js.map +1 -0
package/dist/recipes/migrations/types.d.ts +28 -0
package/dist/recipes/migrations/types.js +2 -0
package/dist/recipes/migrations/types.js.map +1 -0
package/dist/recipes/migrations/v1.d.ts +11 -0
package/dist/recipes/migrations/v1.js +18 -0
package/dist/recipes/migrations/v1.js.map +1 -0
package/dist/recipes/names.d.ts +40 -0
package/dist/recipes/names.js +66 -0
package/dist/recipes/names.js.map +1 -0
package/dist/recipes/nestedRecipeStep.d.ts +58 -0
package/dist/recipes/nestedRecipeStep.js +95 -0
package/dist/recipes/nestedRecipeStep.js.map +1 -0
package/dist/recipes/outputRegistry.d.ts +28 -0
package/dist/recipes/outputRegistry.js +52 -0
package/dist/recipes/outputRegistry.js.map +1 -0
package/dist/recipes/parser.js +4 -1
package/dist/recipes/parser.js.map +1 -1
package/dist/recipes/replayRun.d.ts +62 -0
package/dist/recipes/replayRun.js +97 -0
package/dist/recipes/replayRun.js.map +1 -0
package/dist/recipes/resolveRecipePath.d.ts +69 -0
package/dist/recipes/resolveRecipePath.js +202 -0
package/dist/recipes/resolveRecipePath.js.map +1 -0
package/dist/recipes/scheduler.d.ts +23 -7
package/dist/recipes/scheduler.js +225 -45
package/dist/recipes/scheduler.js.map +1 -1
package/dist/recipes/schema.d.ts +17 -2
package/dist/recipes/schemaGenerator.d.ts +28 -0
package/dist/recipes/schemaGenerator.js +565 -0
package/dist/recipes/schemaGenerator.js.map +1 -0
package/dist/recipes/stepObservation.d.ts +44 -0
package/dist/recipes/stepObservation.js +232 -0
package/dist/recipes/stepObservation.js.map +1 -0
package/dist/recipes/templateEngine.d.ts +62 -0
package/dist/recipes/templateEngine.js +201 -0
package/dist/recipes/templateEngine.js.map +1 -0
package/dist/recipes/toolRegistry.d.ts +186 -0
package/dist/recipes/toolRegistry.js +309 -0
package/dist/recipes/toolRegistry.js.map +1 -0
package/dist/recipes/tools/asana.d.ts +16 -0
package/dist/recipes/tools/asana.js +524 -0
package/dist/recipes/tools/asana.js.map +1 -0
package/dist/recipes/tools/calendar.d.ts +6 -0
package/dist/recipes/tools/calendar.js +61 -0
package/dist/recipes/tools/calendar.js.map +1 -0
package/dist/recipes/tools/confluence.d.ts +6 -0
package/dist/recipes/tools/confluence.js +254 -0
package/dist/recipes/tools/confluence.js.map +1 -0
package/dist/recipes/tools/datadog.d.ts +6 -0
package/dist/recipes/tools/datadog.js +239 -0
package/dist/recipes/tools/datadog.js.map +1 -0
package/dist/recipes/tools/diagnostics.d.ts +6 -0
package/dist/recipes/tools/diagnostics.js +36 -0
package/dist/recipes/tools/diagnostics.js.map +1 -0
package/dist/recipes/tools/discord.d.ts +18 -0
package/dist/recipes/tools/discord.js +254 -0
package/dist/recipes/tools/discord.js.map +1 -0
package/dist/recipes/tools/file.d.ts +12 -0
package/dist/recipes/tools/file.js +174 -0
package/dist/recipes/tools/file.js.map +1 -0
package/dist/recipes/tools/git.d.ts +6 -0
package/dist/recipes/tools/git.js +63 -0
package/dist/recipes/tools/git.js.map +1 -0
package/dist/recipes/tools/github.d.ts +6 -0
package/dist/recipes/tools/github.js +116 -0
package/dist/recipes/tools/github.js.map +1 -0
package/dist/recipes/tools/gitlab.d.ts +11 -0
package/dist/recipes/tools/gitlab.js +285 -0
package/dist/recipes/tools/gitlab.js.map +1 -0
package/dist/recipes/tools/gmail.d.ts +6 -0
package/dist/recipes/tools/gmail.js +434 -0
package/dist/recipes/tools/gmail.js.map +1 -0
package/dist/recipes/tools/googleDrive.d.ts +1 -0
package/dist/recipes/tools/googleDrive.js +55 -0
package/dist/recipes/tools/googleDrive.js.map +1 -0
package/dist/recipes/tools/hubspot.d.ts +6 -0
package/dist/recipes/tools/hubspot.js +232 -0
package/dist/recipes/tools/hubspot.js.map +1 -0
package/dist/recipes/tools/index.d.ts +30 -0
package/dist/recipes/tools/index.js +33 -0
package/dist/recipes/tools/index.js.map +1 -0
package/dist/recipes/tools/intercom.d.ts +6 -0
package/dist/recipes/tools/intercom.js +226 -0
package/dist/recipes/tools/intercom.js.map +1 -0
package/dist/recipes/tools/jira.d.ts +14 -0
package/dist/recipes/tools/jira.js +369 -0
package/dist/recipes/tools/jira.js.map +1 -0
package/dist/recipes/tools/linear.d.ts +7 -0
package/dist/recipes/tools/linear.js +307 -0
package/dist/recipes/tools/linear.js.map +1 -0
package/dist/recipes/tools/meetingNotes.d.ts +21 -0
package/dist/recipes/tools/meetingNotes.js +701 -0
package/dist/recipes/tools/meetingNotes.js.map +1 -0
package/dist/recipes/tools/notion.d.ts +6 -0
package/dist/recipes/tools/notion.js +278 -0
package/dist/recipes/tools/notion.js.map +1 -0
package/dist/recipes/tools/pagerduty.d.ts +15 -0
package/dist/recipes/tools/pagerduty.js +451 -0
package/dist/recipes/tools/pagerduty.js.map +1 -0
package/dist/recipes/tools/sentry.d.ts +12 -0
package/dist/recipes/tools/sentry.js +73 -0
package/dist/recipes/tools/sentry.js.map +1 -0
package/dist/recipes/tools/slack.d.ts +6 -0
package/dist/recipes/tools/slack.js +82 -0
package/dist/recipes/tools/slack.js.map +1 -0
package/dist/recipes/tools/stripe.d.ts +6 -0
package/dist/recipes/tools/stripe.js +265 -0
package/dist/recipes/tools/stripe.js.map +1 -0
package/dist/recipes/tools/zendesk.d.ts +6 -0
package/dist/recipes/tools/zendesk.js +245 -0
package/dist/recipes/tools/zendesk.js.map +1 -0
package/dist/recipes/validation.d.ts +13 -0
package/dist/recipes/validation.js +617 -0
package/dist/recipes/validation.js.map +1 -0
package/dist/recipes/yamlRunner.d.ts +116 -1
package/dist/recipes/yamlRunner.js +1000 -401
package/dist/recipes/yamlRunner.js.map +1 -1
package/dist/recipesHttp.d.ts +137 -6
package/dist/recipesHttp.js +941 -29
package/dist/recipesHttp.js.map +1 -1
package/dist/riskTier.js +7 -1
package/dist/riskTier.js.map +1 -1
package/dist/runLog.d.ts +100 -1
package/dist/runLog.js +258 -5
package/dist/runLog.js.map +1 -1
package/dist/schemas/dry-run-plan.v1.json +139 -0
package/dist/schemas/recipe.v1.json +684 -0
package/dist/server.d.ts +121 -8
package/dist/server.js +538 -735
package/dist/server.js.map +1 -1
package/dist/ssrfGuard.d.ts +54 -0
package/dist/ssrfGuard.js +122 -0
package/dist/ssrfGuard.js.map +1 -0
package/dist/streamableHttp.d.ts +39 -1
package/dist/streamableHttp.js +128 -17
package/dist/streamableHttp.js.map +1 -1
package/dist/tokenUsageTracker.d.ts +33 -0
package/dist/tokenUsageTracker.js +146 -0
package/dist/tokenUsageTracker.js.map +1 -0
package/dist/tools/activityLog.d.ts +2 -0
package/dist/tools/addLinearComment.d.ts +1 -0
package/dist/tools/addLinearComment.js +4 -2
package/dist/tools/addLinearComment.js.map +1 -1
package/dist/tools/batchLsp.d.ts +3 -0
package/dist/tools/bridgeDoctor.d.ts +1 -0
package/dist/tools/bridgeDoctor.js +2 -2
package/dist/tools/bridgeDoctor.js.map +1 -1
package/dist/tools/bridgeStatus.d.ts +1 -0
package/dist/tools/cancelClaudeTask.d.ts +2 -0
package/dist/tools/cancelClaudeTask.js +1 -0
package/dist/tools/cancelClaudeTask.js.map +1 -1
package/dist/tools/checkDocumentDirty.d.ts +1 -0
package/dist/tools/clipboard.d.ts +2 -0
package/dist/tools/closeTabs.d.ts +2 -0
package/dist/tools/codeLens.d.ts +1 -0
package/dist/tools/contextBundle.d.ts +1 -0
package/dist/tools/createIssueFromAIComment.d.ts +1 -0
package/dist/tools/createLinearIssue.d.ts +1 -0
package/dist/tools/ctxGetTaskContext.d.ts +1 -0
package/dist/tools/ctxQueryTraces.d.ts +1 -0
package/dist/tools/ctxSaveTrace.d.ts +1 -0
package/dist/tools/debug.d.ts +4 -0
package/dist/tools/decorations.d.ts +2 -0
package/dist/tools/documentLinks.d.ts +1 -0
package/dist/tools/editText.d.ts +1 -0
package/dist/tools/enrichCommit.d.ts +1 -0
package/dist/tools/enrichStackTrace.d.ts +1 -0
package/dist/tools/explainDiagnostic.d.ts +1 -0
package/dist/tools/explainSymbol.d.ts +1 -0
package/dist/tools/fetchCalendarEvents.d.ts +1 -0
package/dist/tools/fetchGithubIssue.d.ts +1 -0
package/dist/tools/fetchGithubPR.d.ts +1 -0
package/dist/tools/fetchLinearIssue.d.ts +1 -0
package/dist/tools/fetchSentryIssue.d.ts +1 -0
package/dist/tools/fetchSlackProfile.d.ts +1 -0
package/dist/tools/fetchSlackProfile.js +4 -1
package/dist/tools/fetchSlackProfile.js.map +1 -1
package/dist/tools/fileOperations.d.ts +3 -0
package/dist/tools/fileWatcher.d.ts +2 -0
package/dist/tools/findFiles.d.ts +1 -0
package/dist/tools/findRelatedTests.d.ts +1 -0
package/dist/tools/fixAllLintErrors.d.ts +1 -0
package/dist/tools/foldingRanges.d.ts +1 -0
package/dist/tools/formatDocument.d.ts +1 -0
package/dist/tools/generateTests.d.ts +1 -0
package/dist/tools/getAIComments.d.ts +1 -0
package/dist/tools/getAnalyticsReport.d.ts +1 -0
package/dist/tools/getArchitectureContext.d.ts +1 -0
package/dist/tools/getBufferContent.d.ts +1 -0
package/dist/tools/getChangeImpact.d.ts +1 -0
package/dist/tools/getClaudeTaskStatus.d.ts +2 -0
package/dist/tools/getClaudeTaskStatus.js +1 -0
package/dist/tools/getClaudeTaskStatus.js.map +1 -1
package/dist/tools/getCodeCoverage.d.ts +1 -0
package/dist/tools/getCommitsForIssue.d.ts +1 -0
package/dist/tools/getConnectorStatus.d.ts +1 -0
package/dist/tools/getCurrentSelection.d.ts +2 -0
package/dist/tools/getDebugState.d.ts +1 -0
package/dist/tools/getDependencyTree.d.ts +1 -0
package/dist/tools/getDiagnostics.d.ts +1 -0
package/dist/tools/getDiffFromHandoff.d.ts +1 -0
package/dist/tools/getDocumentSymbols.d.ts +25 -0
package/dist/tools/getDocumentSymbols.js +74 -8
package/dist/tools/getDocumentSymbols.js.map +1 -1
package/dist/tools/getFileTree.d.ts +1 -0
package/dist/tools/getGitDiff.d.ts +1 -0
package/dist/tools/getGitHotspots.d.ts +1 -0
package/dist/tools/getGitLog.d.ts +1 -0
package/dist/tools/getGitStatus.d.ts +1 -0
package/dist/tools/getImportTree.d.ts +1 -0
package/dist/tools/getImportedSignatures.d.ts +1 -0
package/dist/tools/getOpenEditors.d.ts +1 -0
package/dist/tools/getPRTemplate.d.ts +1 -0
package/dist/tools/getProjectContext.d.ts +1 -0
package/dist/tools/getProjectInfo.d.ts +1 -0
package/dist/tools/getSecurityAdvisories.d.ts +1 -0
package/dist/tools/getSecurityAdvisories.js +10 -1
package/dist/tools/getSecurityAdvisories.js.map +1 -1
package/dist/tools/getSessionUsage.d.ts +4 -0
package/dist/tools/getSessionUsage.js +3 -0
package/dist/tools/getSessionUsage.js.map +1 -1
package/dist/tools/getSymbolHistory.d.ts +1 -0
package/dist/tools/getToolCapabilities.d.ts +1 -0
package/dist/tools/getTypeSignature.d.ts +1 -0
package/dist/tools/getWorkspaceFolders.d.ts +1 -0
package/dist/tools/getWorkspaceSettings.d.ts +1 -0
package/dist/tools/gitHistory.d.ts +2 -0
package/dist/tools/gitWrite.d.ts +11 -0
package/dist/tools/github/actions.d.ts +2 -0
package/dist/tools/github/actions.js +4 -2
package/dist/tools/github/actions.js.map +1 -1
package/dist/tools/github/composite.d.ts +342 -0
package/dist/tools/github/composite.js +343 -0
package/dist/tools/github/composite.js.map +1 -0
package/dist/tools/github/index.d.ts +1 -0
package/dist/tools/github/index.js +1 -0
package/dist/tools/github/index.js.map +1 -1
package/dist/tools/github/issues.d.ts +4 -0
package/dist/tools/github/issues.js +8 -4
package/dist/tools/github/issues.js.map +1 -1
package/dist/tools/github/pr.d.ts +7 -0
package/dist/tools/github/pr.js +50 -12
package/dist/tools/github/pr.js.map +1 -1
package/dist/tools/handoffNote.d.ts +4 -0
package/dist/tools/handoffNote.js +2 -0
package/dist/tools/handoffNote.js.map +1 -1
package/dist/tools/hoverAtCursor.d.ts +1 -0
package/dist/tools/httpClient.d.ts +2 -0
package/dist/tools/index.d.ts +8 -0
package/dist/tools/index.js +47 -8
package/dist/tools/index.js.map +1 -1
package/dist/tools/inlayHints.d.ts +1 -0
package/dist/tools/launchQuickTask.d.ts +2 -0
package/dist/tools/launchQuickTask.js +1 -0
package/dist/tools/launchQuickTask.js.map +1 -1
package/dist/tools/listClaudeTasks.d.ts +2 -0
package/dist/tools/listClaudeTasks.js +1 -0
package/dist/tools/listClaudeTasks.js.map +1 -1
package/dist/tools/listTerminals.d.ts +1 -0
package/dist/tools/lsp.d.ts +14 -0
package/dist/tools/navigateToSymbolByName.d.ts +1 -0
package/dist/tools/openDiff.d.ts +1 -0
package/dist/tools/openFile.d.ts +1 -0
package/dist/tools/openInBrowser.d.ts +1 -0
package/dist/tools/organizeImports.d.ts +1 -0
package/dist/tools/performanceReport.d.ts +1 -0
package/dist/tools/planPersistence.d.ts +5 -0
package/dist/tools/previewEdit.d.ts +1 -0
package/dist/tools/refactorAnalyze.d.ts +1 -0
package/dist/tools/refactorPreview.d.ts +2 -0
package/dist/tools/refactorPreview.js +1 -0
package/dist/tools/refactorPreview.js.map +1 -1
package/dist/tools/replaceBlock.d.ts +1 -0
package/dist/tools/resumeClaudeTask.d.ts +2 -0
package/dist/tools/resumeClaudeTask.js +1 -0
package/dist/tools/resumeClaudeTask.js.map +1 -1
package/dist/tools/runClaudeTask.d.ts +2 -0
package/dist/tools/runClaudeTask.js +1 -0
package/dist/tools/runClaudeTask.js.map +1 -1
package/dist/tools/runCommand.d.ts +1 -0
package/dist/tools/runTests.d.ts +1 -0
package/dist/tools/saveDocument.d.ts +1 -0
package/dist/tools/screenshotAndAnnotate.d.ts +1 -0
package/dist/tools/searchAndReplace.d.ts +1 -0
package/dist/tools/searchTools.d.ts +1 -0
package/dist/tools/searchTools.js +1 -1
package/dist/tools/searchTools.js.map +1 -1
package/dist/tools/searchWorkspace.d.ts +1 -0
package/dist/tools/selectionRanges.d.ts +1 -0
package/dist/tools/semanticTokens.d.ts +1 -0
package/dist/tools/setActiveWorkspaceFolder.d.ts +1 -0
package/dist/tools/signatureHelp.d.ts +1 -0
package/dist/tools/slackListChannels.d.ts +1 -0
package/dist/tools/slackListChannels.js.map +1 -1
package/dist/tools/slackPostMessage.d.ts +1 -0
package/dist/tools/slackPostMessage.js +11 -6
package/dist/tools/slackPostMessage.js.map +1 -1
package/dist/tools/terminal.d.ts +6 -0
package/dist/tools/testTraceToSource.d.ts +1 -0
package/dist/tools/testTraceToSource.js +2 -2
package/dist/tools/testTraceToSource.js.map +1 -1
package/dist/tools/transaction.d.ts +23 -0
package/dist/tools/transaction.js +29 -0
package/dist/tools/transaction.js.map +1 -1
package/dist/tools/typeHierarchy.d.ts +1 -0
package/dist/tools/updateLinearIssue.d.ts +1 -0
package/dist/tools/updateLinearIssue.js +20 -6
package/dist/tools/updateLinearIssue.js.map +1 -1
package/dist/tools/utils.d.ts +2 -0
package/dist/tools/utils.js.map +1 -1
package/dist/tools/vscodeCommands.d.ts +2 -0
package/dist/tools/vscodeTasks.d.ts +2 -0
package/dist/tools/workspaceSettings.d.ts +1 -0
package/dist/traceEncryption.d.ts +46 -0
package/dist/traceEncryption.js +124 -0
package/dist/traceEncryption.js.map +1 -0
package/dist/transport.d.ts +46 -1
package/dist/transport.js +173 -19
package/dist/transport.js.map +1 -1
package/package.json +30 -8
package/scripts/mcp-stdio-shim.cjs +19 -3
package/scripts/start-all.sh +30 -1
package/templates/automation-policies/recipe-authoring.json +25 -0
package/templates/automation-policy.example.json +6 -0
package/templates/co.patchwork-os.bridge.plist +34 -0
package/templates/policies/README.md +72 -0
package/templates/policies/conservative.json +14 -0
package/templates/policies/developer.json +14 -0
package/templates/policies/headless-ci.json +24 -0
package/templates/policies/personal-assistant.json +15 -0
package/templates/policies/regulated-industry.json +18 -0
package/templates/recipes/lint-on-save.yaml +1 -2
package/templates/recipes/morning-brief-slack.yaml +57 -0
package/templates/recipes/morning-brief.yaml +2 -2
package/templates/recipes/project-health-check.yaml +50 -0
package/templates/recipes/webhook/README.md +70 -0
package/templates/recipes/webhook/capture-thought.yaml +26 -0
package/templates/recipes/webhook/customer-escalation.yaml +49 -0
package/templates/recipes/webhook/incident-intake.yaml +46 -0
package/templates/recipes/webhook/meeting-prep.yaml +48 -0
package/templates/recipes/webhook/morning-brief.yaml +57 -0

package/dist/connectors/asana.js ADDED Viewed

@@ -0,0 +1,679 @@
+/**
+ * Asana connector — read workspaces, projects, tasks, and current user, plus
+ * writes (createTask, updateTask, completeTask, addTaskComment).
+ *
+ * OAuth 2.0 Authorization Code Grant. Asana is a confidential client (bridge
+ * holds client secret), so PKCE is not used. Refresh tokens are issued; access
+ * tokens expire after 1 hour (3600s).
+ *
+ * Auth: standard OAuth 2.0 with `client_id` + `client_secret` + `redirect_uri`.
+ *   - Env vars: ASANA_CLIENT_ID, ASANA_CLIENT_SECRET (mirrors discord/slack)
+ *   - Stored: getSecretJsonSync("asana") → AsanaTokens
+ *   - Header: Authorization: Bearer <access_token>
+ *
+ * Scope note: Asana's only OAuth scope is `default`, which grants read+write
+ * combined — there is no read-only-only scope. Defense lives at the recipe-tool
+ * layer where each tool declares `isWrite: true|false`. Newer Asana accounts
+ * may also expose granular scopes; we set `default` for compatibility.
+ *
+ * Read tools: getCurrentUser, listWorkspaces, listProjects, listTasks, getTask.
+ * Write tools: createTask, updateTask, completeTask, addTaskComment.
+ *
+ * Idempotency: Asana doesn't honor an Idempotency-Key header. Writes simply
+ * throw on error — callers must dedupe via app-level checks if needed.
+ *
+ * HTTP routes (wired in src/server.ts):
+ *   GET    /connections/asana/auth     — redirect to Asana consent
+ *   GET    /connections/asana/callback — exchange code for tokens
+ *   POST   /connections/asana/test     — ping Asana API
+ *   DELETE /connections/asana          — clear stored tokens
+ *
+ * Asana wraps every API response in `{ data: ... }`. We unwrap consistently
+ * inside this class so recipe-tool wrappers see clean arrays/objects.
+ *
+ * Extends BaseConnector for unified auth, retry, rate-limit, error handling.
+ * Token refresh is delegated to BaseConnector.refreshToken() via apiCall.
+ */
+import crypto from "node:crypto";
+import { BaseConnector, } from "./baseConnector.js";
+import { escHtml } from "./htmlEscape.js";
+import { deleteSecretJsonSync, getSecretJsonSync, storeSecretJsonSync, } from "./tokenStorage.js";
+const ASANA_API_BASE = "https://app.asana.com/api/1.0";
+const ASANA_AUTH_URL = "https://app.asana.com/-/oauth_authorize";
+const ASANA_TOKEN_URL = "https://app.asana.com/-/oauth_token";
+const SCOPES = ["default"];
+// ── Config ───────────────────────────────────────────────────────────────────
+function clientId() {
+    return process.env.ASANA_CLIENT_ID ?? "";
+}
+function clientSecret() {
+    return process.env.ASANA_CLIENT_SECRET ?? "";
+}
+function redirectUri() {
+    const base = (process.env.PATCHWORK_BRIDGE_URL ??
+        `http://localhost:${process.env.PATCHWORK_BRIDGE_PORT ?? "3101"}`).replace(/\/$/, "");
+    return `${base}/connections/asana/callback`;
+}
+function isConfigured() {
+    return Boolean(clientId() && clientSecret());
+}
+// ── Token persistence ────────────────────────────────────────────────────────
+export function loadTokens() {
+    return getSecretJsonSync("asana");
+}
+export function saveTokens(tokens) {
+    storeSecretJsonSync("asana", tokens);
+}
+export function clearTokens() {
+    try {
+        deleteSecretJsonSync("asana");
+    }
+    catch {
+        // ignore
+    }
+}
+export function isConnected() {
+    return loadTokens() !== null;
+}
+// ── State (CSRF) ─────────────────────────────────────────────────────────────
+// In-memory map keyed by hex random — short-lived (5 min). Mirrors discord's
+// approach (Set + setTimeout).
+import { createOAuthStateStore } from "./oauthStateStore.js";
+const STATE_TTL_MS = 5 * 60 * 1000;
+const pendingStates = createOAuthStateStore({ ttlMs: STATE_TTL_MS });
+function generateState() {
+    const state = crypto.randomBytes(32).toString("hex");
+    if (!pendingStates.add(state)) {
+        throw new Error("OAuth state store full — too many concurrent authorize requests");
+    }
+    return state;
+}
+function consumeState(state) {
+    return pendingStates.consume(state);
+}
+// ── Connector class ──────────────────────────────────────────────────────────
+export class AsanaConnector extends BaseConnector {
+    providerName = "asana";
+    getOAuthConfig() {
+        // Resolve credentials from env first, then fall back to credentials we
+        // stored at auth time (so refresh keeps working even if env is unset).
+        const tokens = loadTokens();
+        const id = clientId() || tokens?._client_id || "";
+        const secret = clientSecret() || tokens?._client_secret || "";
+        if (!id || !secret)
+            return null;
+        return {
+            clientId: id,
+            clientSecret: secret,
+            tokenEndpoint: ASANA_TOKEN_URL,
+            scopes: SCOPES,
+        };
+    }
+    async authenticate() {
+        const tokens = loadTokens();
+        if (!tokens) {
+            throw new Error("Asana not connected. Visit /connections/asana/auth to authorize.");
+        }
+        return {
+            token: tokens.access_token,
+            refreshToken: tokens.refresh_token,
+            expiresAt: tokens.expires_at ? new Date(tokens.expires_at) : undefined,
+            scopes: tokens.scope ? tokens.scope.split(" ") : SCOPES,
+        };
+    }
+    /**
+     * Persist refreshed tokens after BaseConnector.refreshToken() updates
+     * `this.auth`. BaseConnector calls `saveTokens()` (its own method on the
+     * tokenStorage StoredToken shape); we additionally mirror to our
+     * Asana-specific JSON so loadTokens() keeps working for HTTP probes.
+     */
+    async saveTokens() {
+        await super.saveTokens();
+        if (!this.auth)
+            return;
+        const existing = loadTokens();
+        saveTokens({
+            access_token: this.auth.token,
+            refresh_token: this.auth.refreshToken,
+            expires_at: this.auth.expiresAt
+                ? this.auth.expiresAt.getTime()
+                : undefined,
+            scope: this.auth.scopes?.join(" "),
+            token_type: existing?.token_type ?? "Bearer",
+            _client_id: existing?._client_id,
+            _client_secret: existing?._client_secret,
+            username: existing?.username,
+            user_gid: existing?.user_gid,
+            email: existing?.email,
+            connected_at: existing?.connected_at ?? new Date().toISOString(),
+        });
+    }
+    async healthCheck() {
+        try {
+            const result = await this.apiCall(async (token) => {
+                const res = await fetch(`${ASANA_API_BASE}/users/me`, {
+                    headers: this.buildHeaders(token),
+                });
+                if (!res.ok)
+                    throw res;
+                return res.json();
+            });
+            if ("error" in result)
+                return { ok: false, error: result.error };
+            return { ok: true };
+        }
+        catch (err) {
+            return { ok: false, error: this.normalizeError(err) };
+        }
+    }
+    normalizeError(error) {
+        if (error instanceof Response) {
+            const s = error.status;
+            // Asana 4xx payloads have an `errors: [{message, help}]` array — surface
+            // the first message when we can. We can't await here because the body
+            // may already be consumed; callers that want detail should pre-read.
+            const detail = error
+                ._asanaDetail;
+            const tag = detail ? `: ${detail}` : "";
+            if (s === 401)
+                return {
+                    code: "auth_expired",
+                    message: `Asana authentication failed — token expired or revoked${tag}`,
+                    retryable: true,
+                    suggestedAction: "Reconnect via /connections/asana/auth",
+                };
+            if (s === 403)
+                return {
+                    code: "permission_denied",
+                    message: `Insufficient Asana permissions for this resource${tag}`,
+                    retryable: false,
+                };
+            if (s === 404)
+                return {
+                    code: "not_found",
+                    message: `Asana resource not found${tag}`,
+                    retryable: false,
+                };
+            if (s === 429) {
+                const retryAfter = error.headers.get("retry-after");
+                return {
+                    code: "rate_limited",
+                    message: `Asana API rate limit exceeded${retryAfter ? ` (retry after ${retryAfter}s)` : ""}${tag}`,
+                    retryable: true,
+                    suggestedAction: retryAfter
+                        ? `Wait ${retryAfter}s and retry`
+                        : "Wait and retry",
+                    providerDetail: retryAfter ? { retryAfter } : undefined,
+                };
+            }
+            return {
+                code: "provider_error",
+                message: `Asana API error: HTTP ${s}${tag}`,
+                retryable: s >= 500,
+            };
+        }
+        if (error instanceof Error) {
+            if (error.message.includes("ENOTFOUND") ||
+                error.message.includes("ECONNREFUSED")) {
+                return {
+                    code: "network_error",
+                    message: `Cannot connect to Asana: ${error.message}`,
+                    retryable: true,
+                };
+            }
+        }
+        return {
+            code: "provider_error",
+            message: error instanceof Error ? error.message : String(error),
+            retryable: false,
+        };
+    }
+    getStatus() {
+        const tokens = loadTokens();
+        return {
+            id: "asana",
+            status: tokens ? "connected" : "disconnected",
+            lastSync: tokens?.connected_at,
+            workspace: tokens?.username,
+        };
+    }
+    // ── API Methods ────────────────────────────────────────────────────────────
+    async getCurrentUser() {
+        const result = await this.apiCall(async (token) => {
+            const res = await fetch(`${ASANA_API_BASE}/users/me`, {
+                headers: this.buildHeaders(token),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    async listWorkspaces(params = {}) {
+        const result = await this.apiCall(async (token) => {
+            const qs = new URLSearchParams({
+                limit: String(Math.min(Math.max(params.limit ?? 50, 1), 100)),
+            });
+            const res = await fetch(`${ASANA_API_BASE}/workspaces?${qs}`, {
+                headers: this.buildHeaders(token),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    async listProjects(params) {
+        if (!params.workspaceGid) {
+            throw new Error("listProjects requires workspaceGid");
+        }
+        const result = await this.apiCall(async (token) => {
+            const qs = new URLSearchParams({
+                workspace: params.workspaceGid,
+                limit: String(Math.min(Math.max(params.limit ?? 50, 1), 100)),
+            });
+            const res = await fetch(`${ASANA_API_BASE}/projects?${qs}`, {
+                headers: this.buildHeaders(token),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    async listTasks(params = {}) {
+        // Asana's GET /tasks requires either `project` OR (`assignee` + `workspace`).
+        // Asana itself returns a 400 when this is wrong; we surface a clearer error
+        // up front so recipe authors see the real problem instantly.
+        const hasProject = Boolean(params.projectGid);
+        const hasAssigneePair = Boolean(params.assignee && params.workspaceGid);
+        if (!hasProject && !hasAssigneePair) {
+            throw new Error("listTasks requires either projectGid, or assignee + workspaceGid");
+        }
+        const result = await this.apiCall(async (token) => {
+            const qs = new URLSearchParams({
+                limit: String(Math.min(Math.max(params.limit ?? 50, 1), 100)),
+            });
+            if (params.projectGid)
+                qs.set("project", params.projectGid);
+            if (params.assignee)
+                qs.set("assignee", params.assignee);
+            if (params.workspaceGid)
+                qs.set("workspace", params.workspaceGid);
+            const res = await fetch(`${ASANA_API_BASE}/tasks?${qs}`, {
+                headers: this.buildHeaders(token),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    async getTask(taskGid) {
+        if (!taskGid)
+            throw new Error("getTask requires taskGid");
+        const result = await this.apiCall(async (token) => {
+            const res = await fetch(`${ASANA_API_BASE}/tasks/${encodeURIComponent(taskGid)}`, { headers: this.buildHeaders(token) });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    // ── Write methods ──────────────────────────────────────────────────────────
+    // Asana wraps both request and response bodies in `{ data: ... }`. We
+    // unwrap the response consistently here so recipe-tool wrappers see the
+    // clean object. Required-param validation happens up front so recipe
+    // authors get a clear error instead of an Asana 400.
+    async createTask(params) {
+        if (!params.name)
+            throw new Error("createTask requires name");
+        if (!params.workspaceGid) {
+            throw new Error("createTask requires workspaceGid");
+        }
+        const result = await this.apiCall(async (token) => {
+            const data = {
+                workspace: params.workspaceGid,
+                name: params.name,
+            };
+            if (params.projectGid)
+                data.projects = [params.projectGid];
+            if (params.notes !== undefined)
+                data.notes = params.notes;
+            if (params.assigneeGid)
+                data.assignee = params.assigneeGid;
+            if (params.dueOn)
+                data.due_on = params.dueOn;
+            if (params.parentTaskGid)
+                data.parent = params.parentTaskGid;
+            const res = await fetch(`${ASANA_API_BASE}/tasks`, {
+                method: "POST",
+                headers: this.buildHeaders(token),
+                body: JSON.stringify({ data }),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    async updateTask(taskGid, updates) {
+        if (!taskGid)
+            throw new Error("updateTask requires taskGid");
+        // Strip undefined keys — Asana interprets `undefined`-stringified values
+        // differently than missing keys. Only forward fields that were explicitly
+        // provided by the caller.
+        const data = {};
+        if (updates.name !== undefined)
+            data.name = updates.name;
+        if (updates.notes !== undefined)
+            data.notes = updates.notes;
+        if (updates.completed !== undefined)
+            data.completed = updates.completed;
+        if (updates.assigneeGid !== undefined)
+            data.assignee = updates.assigneeGid;
+        if (updates.dueOn !== undefined)
+            data.due_on = updates.dueOn;
+        if (Object.keys(data).length === 0) {
+            throw new Error("updateTask requires at least one field to update");
+        }
+        const result = await this.apiCall(async (token) => {
+            const res = await fetch(`${ASANA_API_BASE}/tasks/${encodeURIComponent(taskGid)}`, {
+                method: "PUT",
+                headers: this.buildHeaders(token),
+                body: JSON.stringify({ data }),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    /**
+     * Convenience wrapper around updateTask that flips `completed: true`. Lower
+     * risk than other updates since it's a single, well-known state transition.
+     */
+    async completeTask(taskGid) {
+        if (!taskGid)
+            throw new Error("completeTask requires taskGid");
+        return this.updateTask(taskGid, { completed: true });
+    }
+    async addTaskComment(taskGid, options) {
+        if (!taskGid)
+            throw new Error("addTaskComment requires taskGid");
+        if (!options.text)
+            throw new Error("addTaskComment requires non-empty text");
+        const result = await this.apiCall(async (token) => {
+            const res = await fetch(`${ASANA_API_BASE}/tasks/${encodeURIComponent(taskGid)}/stories`, {
+                method: "POST",
+                headers: this.buildHeaders(token),
+                body: JSON.stringify({
+                    data: { text: options.text, type: "comment" },
+                }),
+            });
+            this.captureRateLimit(res);
+            if (!res.ok)
+                throw await this.attachErrorDetail(res);
+            const json = (await res.json());
+            return json.data;
+        });
+        if ("error" in result)
+            throw new Error(result.error.message);
+        return result.data;
+    }
+    // ── Helpers ────────────────────────────────────────────────────────────────
+    buildHeaders(token) {
+        return {
+            Authorization: `Bearer ${token}`,
+            Accept: "application/json",
+            "Content-Type": "application/json",
+        };
+    }
+    captureRateLimit(res) {
+        this.updateRateLimitFromHeaders({
+            "x-ratelimit-remaining": res.headers.get("x-ratelimit-remaining") ?? undefined,
+            "x-ratelimit-reset": res.headers.get("x-ratelimit-reset") ?? undefined,
+            "retry-after": res.headers.get("retry-after") ?? undefined,
+        });
+    }
+    /**
+     * Read the response body once and stash the first Asana `errors[].message`
+     * onto a sidecar property so normalizeError can include it without a second
+     * read. Returns the same Response for `throw` to consume.
+     */
+    async attachErrorDetail(res) {
+        try {
+            const body = (await res.clone().json());
+            const first = body?.errors?.[0]?.message;
+            if (first) {
+                res._asanaDetail = first;
+            }
+        }
+        catch {
+            // body wasn't JSON or already consumed — proceed without detail
+        }
+        return res;
+    }
+}
+// ── Singleton ────────────────────────────────────────────────────────────────
+let _instance = null;
+function resetAsanaConnector() {
+    _instance = null;
+}
+export function getAsanaConnector() {
+    if (!_instance) {
+        _instance = new AsanaConnector();
+    }
+    return _instance;
+}
+export { getAsanaConnector as asana };
+/**
+ * GET /connections/asana/auth — redirect to Asana consent screen.
+ */
+export function handleAsanaAuthorize() {
+    if (!isConfigured()) {
+        return {
+            status: 503,
+            contentType: "application/json",
+            body: JSON.stringify({
+                ok: false,
+                error: "Asana connector not configured. Set ASANA_CLIENT_ID and ASANA_CLIENT_SECRET.",
+            }),
+        };
+    }
+    const state = generateState();
+    const params = new URLSearchParams({
+        client_id: clientId(),
+        redirect_uri: redirectUri(),
+        response_type: "code",
+        scope: SCOPES.join(" "),
+        state,
+    });
+    return {
+        status: 302,
+        body: "",
+        redirect: `${ASANA_AUTH_URL}?${params.toString()}`,
+    };
+}
+/**
+ * GET /connections/asana/callback — exchange code for tokens.
+ */
+export async function handleAsanaCallback(code, state, error) {
+    if (error) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Asana connect failed</h2><pre>${escHtml(error)}</pre></body></html>`,
+        };
+    }
+    if (!code || !state) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Asana connect failed</h2><pre>missing code or state</pre></body></html>`,
+        };
+    }
+    if (!consumeState(state)) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Asana connect failed</h2><pre>invalid or expired state</pre></body></html>`,
+        };
+    }
+    try {
+        const params = new URLSearchParams({
+            grant_type: "authorization_code",
+            code,
+            redirect_uri: redirectUri(),
+            client_id: clientId(),
+            client_secret: clientSecret(),
+        });
+        const res = await fetch(ASANA_TOKEN_URL, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                Accept: "application/json",
+            },
+            body: params.toString(),
+        });
+        if (!res.ok) {
+            const body = await res.text();
+            throw new Error(`Token exchange HTTP ${res.status}: ${body}`);
+        }
+        const json = (await res.json());
+        if (!json.access_token) {
+            throw new Error("Token exchange returned no access_token");
+        }
+        // Asana's token response includes `data: { gid, name, email }` for the
+        // authorizing user — use that if present, otherwise fall back to /users/me.
+        let username = json.data?.name;
+        let userGid = json.data?.gid ??
+            (typeof json.data?.id === "number" ? String(json.data.id) : undefined);
+        let userEmail = json.data?.email;
+        if (!username) {
+            try {
+                const userRes = await fetch(`${ASANA_API_BASE}/users/me`, {
+                    headers: { Authorization: `Bearer ${json.access_token}` },
+                });
+                if (userRes.ok) {
+                    const u = (await userRes.json());
+                    username = u.data?.name;
+                    userGid = u.data?.gid ?? userGid;
+                    userEmail = u.data?.email ?? userEmail;
+                }
+            }
+            catch {
+                // best-effort
+            }
+        }
+        const expiresAt = typeof json.expires_in === "number" && json.expires_in > 0
+            ? Date.now() + json.expires_in * 1000
+            : undefined;
+        saveTokens({
+            access_token: json.access_token,
+            refresh_token: json.refresh_token,
+            expires_at: expiresAt,
+            scope: json.scope,
+            token_type: json.token_type ?? "Bearer",
+            _client_id: clientId() || undefined,
+            _client_secret: clientSecret() || undefined,
+            username,
+            user_gid: userGid,
+            email: userEmail,
+            connected_at: new Date().toISOString(),
+        });
+        resetAsanaConnector();
+        return {
+            status: 200,
+            contentType: "text/html",
+            body: `<html><body><h2>Asana connected${username ? ` as ${escHtml(username)}` : ""}</h2><script>try { window.opener.postMessage('patchwork:asana:connected', '*'); } catch(_) {} window.close();</script></body></html>`,
+        };
+    }
+    catch (err) {
+        return {
+            status: 400,
+            contentType: "text/html",
+            body: `<html><body><h2>Asana connect failed</h2><pre>${escHtml(err instanceof Error ? err.message : String(err))}</pre></body></html>`,
+        };
+    }
+}
+/**
+ * POST /connections/asana/test — verify stored token works.
+ */
+export async function handleAsanaTest() {
+    const tokens = loadTokens();
+    if (!tokens) {
+        return {
+            status: 400,
+            contentType: "application/json",
+            body: JSON.stringify({ ok: false, error: "Asana not connected" }),
+        };
+    }
+    try {
+        const connector = getAsanaConnector();
+        const check = await connector.healthCheck();
+        return {
+            status: check.ok ? 200 : 401,
+            contentType: "application/json",
+            body: JSON.stringify(check.ok
+                ? { ok: true, username: tokens.username }
+                : { ok: false, error: check.error?.message }),
+        };
+    }
+    catch (err) {
+        return {
+            status: 500,
+            contentType: "application/json",
+            body: JSON.stringify({
+                ok: false,
+                error: err instanceof Error ? err.message : String(err),
+            }),
+        };
+    }
+}
+/**
+ * DELETE /connections/asana — clear stored tokens.
+ *
+ * Asana does not expose a public OAuth revocation endpoint, so we just drop
+ * local credentials. The token remains valid at Asana until it naturally
+ * expires (1h) or the user revokes the integration in their Asana account
+ * settings.
+ */
+export async function handleAsanaDisconnect() {
+    clearTokens();
+    resetAsanaConnector();
+    return {
+        status: 200,
+        contentType: "application/json",
+        body: JSON.stringify({ ok: true }),
+    };
+}
+//# sourceMappingURL=asana.js.map