pierre-review 0.1.2 → 0.1.5

package/dist/api/plugins/auth.js

@@ -0,0 +1,103 @@
+import { createHash } from 'node:crypto';
+import { config } from '../../config.js';
+import { getAccountById, getLocalAccountCached, LOCAL_ACCOUNT_ID, } from '../../auth/account.js';
+// Attaches `request.account` to every request. Registered once on the root app
+// (so it covers all routes, including static/health which simply ignore it).
+//
+// Local mode: always the synthesized local account (id 1).
+// Cloud mode: resolved from the sealed session cookie (set up in registerCloudAuth,
+//   Phase 1). Unauthenticated requests get `null`; the requireAuth preHandler
+//   then 401s the data routes.
+export function registerAccountContext(app) {
+    app.decorateRequest('account', null);
+    app.addHook('onRequest', async (req) => {
+        if (config.isCloud) {
+            const accountId = readSessionAccountId(req);
+            req.account = accountId != null ? await getAccountById(accountId) : null;
+        }
+        else {
+            req.account =
+                getLocalAccountCached() ?? {
+                    id: LOCAL_ACCOUNT_ID,
+                    githubUserId: '',
+                    githubLogin: '',
+                    avatarUrl: null,
+                    isLocal: true,
+                };
+        }
+    });
+}
+// Reads {accountId} from the sealed session cookie. @fastify/secure-session is
+// only registered in cloud mode (Phase 1); guarded so this is safe pre-registration.
+function readSessionAccountId(req) {
+    const session = req
+        .session;
+    if (!session)
+        return null;
+    const raw = session.get('accountId');
+    return typeof raw === 'number' ? raw : null;
+}
+// Cloud only: register the cookie + sealed-session plugins. MUST run before
+// registerAccountContext so the session cookie is parsed by the time the
+// account-context onRequest hook reads it. The session key is derived from
+// SESSION_SECRET (sha256 → 32 bytes, the size secure-session needs).
+export async function registerSession(app) {
+    const cookie = await import('@fastify/cookie');
+    const secureSession = await import('@fastify/secure-session');
+    await app.register(cookie.default, { secret: config.sessionSecret });
+    const key = createHash('sha256').update(config.sessionSecret).digest();
+    await app.register(secureSession.default, {
+        key,
+        cookieName: 'pierre_session',
+        cookie: {
+            path: '/',
+            httpOnly: true,
+            sameSite: 'lax',
+            secure: config.appBaseUrl.startsWith('https://'),
+            maxAge: 30 * 24 * 60 * 60, // 30 days
+        },
+    });
+}
+// Cloud only: 401 any unauthenticated /api data route. Skips /api/health and
+// /api/auth/* (sign-in itself) and all non-/api requests (the SPA + landing are
+// served openly; the frontend gate handles the signed-out UI). MUST be registered
+// AFTER registerAccountContext so req.account is already resolved.
+export function registerAuthGate(app) {
+    app.addHook('onRequest', async (req, reply) => {
+        const path = req.url.split('?')[0] ?? req.url;
+        if (!path.startsWith('/api/'))
+            return;
+        if (path === '/api/health')
+            return;
+        if (path.startsWith('/api/auth/'))
+            return;
+        if (!req.account) {
+            await reply.code(401).send({
+                error: 'Unauthorized',
+                message: 'Sign in with GitHub to continue.',
+            });
+        }
+    });
+}
+// preHandler that rejects unauthenticated requests in cloud mode. A no-op in
+// local mode (the account is always present). Kept for any route that wants an
+// explicit per-route guard in addition to the global gate above.
+export async function requireAuth(req, reply) {
+    if (!config.isCloud)
+        return;
+    if (!req.account) {
+        await reply
+            .code(401)
+            .send({ error: 'Unauthorized', message: 'Sign in with GitHub to continue.' });
+    }
+}
+// The request's account id, for scoping queries. Always present in local mode;
+// in cloud mode requireAuth has already guaranteed it on data routes.
+export function accountIdOf(req) {
+    if (req.account)
+        return req.account.id;
+    if (!config.isCloud)
+        return LOCAL_ACCOUNT_ID;
+    throw new Error('no account on request (requireAuth missing?)');
+}
+//# sourceMappingURL=auth.js.map

package/dist/api/plugins/error-handler.js

@@ -1,11 +1,9 @@
-// Centralised error handling: validation errors -> 400, anything with an
-// explicit statusCode is honoured, everything else -> 500.
-//
-// `spaFallback` is set in single-process production mode (when the built SPA is
-// served alongside the API). Fastify allows only one not-found handler per
-// context, so the SPA fallback lives here rather than as a second
-// setNotFoundHandler in app.ts.
-export function registerErrorHandler(app, spaFallback = false) {
+// Centralised error handling + the single not-found handler (Fastify allows one
+// per context). The not-found handler doubles as the SPA/landing router:
+//   /api/* unknown          → JSON 404 (both modes)
+//   /app, /app/* (GET)      → the timeline SPA index (client routing / reload)
+//   /, other non-/api (GET) → cloud: the landing page; local: 302 → /app
+export function registerErrorHandler(app, opts) {
     app.setErrorHandler((err, req, reply) => {
         if (err.validation) {
             reply.status(400).send({
@@ -25,11 +23,28 @@ export function registerErrorHandler(app, spaFallback = false) {
         });
     });
     app.setNotFoundHandler((req, reply) => {
-        // SPA fallback: any non-/api GET that didn't match a static asset returns
-        // index.html so client-side routes work on reload. Unknown /api routes still
-        // return JSON 404 (below). `reply.sendFile` is decorated by @fastify/static.
-        if (spaFallback && req.method === 'GET' && !req.url.startsWith('/api')) {
-            return reply.sendFile('index.html');
+        const path = req.url.split('?')[0] ?? req.url;
+        // Unknown API routes always return a JSON 404 (never an HTML page).
+        if (path.startsWith('/api')) {
+            return reply.status(404).send({
+                error: 'NotFound',
+                message: `Route ${req.method} ${req.url} not found`,
+            });
+        }
+        if (req.method === 'GET') {
+            // The SPA lives under /app — serve its index for any unmatched /app path so
+            // deep-links and reloads work.
+            if (opts.serveSpa && (path === '/app' || path.startsWith('/app/'))) {
+                return reply.sendFile('index.html', opts.publicDir);
+            }
+            // Root + other non-/api paths: cloud serves the public landing page; local
+            // sends the user straight into the app (never shows a landing).
+            if (opts.serveLanding) {
+                return reply.sendFile('index.html', opts.publicLandingDir);
+            }
+            if (opts.serveSpa) {
+                return reply.redirect('/app/');
+            }
         }
         return reply.status(404).send({
             error: 'NotFound',

package/dist/api/routes/auth.js

@@ -0,0 +1,106 @@
+import { randomBytes } from 'node:crypto';
+import { config } from '../../config.js';
+import { encryptToken } from '../../auth/crypto.js';
+import { upsertCloudAccount } from '../../auth/account.js';
+export async function authRoutes(app) {
+    const redirectUri = `${config.appBaseUrl}/api/auth/callback`;
+    const secureCookie = config.appBaseUrl.startsWith('https://');
+    // 302 → GitHub authorize, with a CSRF state in a short-lived signed cookie.
+    app.get('/api/auth/login', async (_req, reply) => {
+        const state = randomBytes(16).toString('hex');
+        reply.setCookie('pierre_oauth_state', state, {
+            path: '/',
+            httpOnly: true,
+            sameSite: 'lax',
+            secure: secureCookie,
+            signed: true,
+            maxAge: 600,
+        });
+        const params = new URLSearchParams({
+            client_id: config.githubAppClientId,
+            redirect_uri: redirectUri,
+            state,
+        });
+        return reply.redirect(`https://github.com/login/oauth/authorize?${params.toString()}`);
+    });
+    // Verify state → exchange code for a token → fetch the user → upsert account →
+    // set session → 302 to the app.
+    app.get('/api/auth/callback', async (req, reply) => {
+        const { code, state } = req.query;
+        const rawCookie = req.cookies.pierre_oauth_state;
+        const unsigned = rawCookie
+            ? req.unsignCookie(rawCookie)
+            : { valid: false, value: null };
+        reply.clearCookie('pierre_oauth_state', { path: '/' });
+        if (!code || !state || !unsigned.valid || unsigned.value !== state) {
+            return reply
+                .code(400)
+                .send({ error: 'BadRequest', message: 'Invalid or expired OAuth state.' });
+        }
+        // Exchange the code for a user access token.
+        let token;
+        try {
+            const res = await fetch('https://github.com/login/oauth/access_token', {
+                method: 'POST',
+                headers: { accept: 'application/json', 'content-type': 'application/json' },
+                body: JSON.stringify({
+                    client_id: config.githubAppClientId,
+                    client_secret: config.githubAppClientSecret,
+                    code,
+                    redirect_uri: redirectUri,
+                }),
+            });
+            const json = (await res.json());
+            if (!json.access_token) {
+                return reply.code(401).send({
+                    error: 'Unauthorized',
+                    message: `OAuth token exchange failed: ${json.error_description ?? json.error ?? 'no token'}`,
+                });
+            }
+            token = json.access_token;
+        }
+        catch (err) {
+            return reply.code(502).send({
+                error: 'GitHubError',
+                message: `OAuth exchange request failed: ${err instanceof Error ? err.message : err}`,
+            });
+        }
+        // Identify the user.
+        let user;
+        try {
+            const res = await fetch('https://api.github.com/user', {
+                headers: {
+                    authorization: `token ${token}`,
+                    accept: 'application/vnd.github+json',
+                    'x-github-api-version': '2022-11-28',
+                },
+            });
+            if (!res.ok) {
+                return reply
+                    .code(401)
+                    .send({ error: 'Unauthorized', message: 'Failed to fetch GitHub user.' });
+            }
+            user = (await res.json());
+        }
+        catch (err) {
+            return reply.code(502).send({
+                error: 'GitHubError',
+                message: `Fetching GitHub user failed: ${err instanceof Error ? err.message : err}`,
+            });
+        }
+        const account = await upsertCloudAccount({
+            githubUserId: user.node_id,
+            githubLogin: user.login,
+            avatarUrl: user.avatar_url,
+            accessTokenEnc: encryptToken(token),
+        });
+        req.session.set('accountId', account.id);
+        return reply.redirect('/app');
+    });
+    // Clear the session.
+    app.post('/api/auth/logout', async (req, reply) => {
+        req.session.delete();
+        return reply.code(204).send();
+    });
+}
+//# sourceMappingURL=auth.js.map

package/dist/api/routes/claude-review.js

@@ -0,0 +1,349 @@
+import { config } from '../../config.js';
+import { getClaudeReviewById, getClaudeReviewContext, getFindingPostContext, getLatestClaudeReview, listClaudeReviewHistory, } from '../../db/queries.js';
+import { markFindingPosted, markReviewPosted, updateFinding, updateReviewDraft, } from '../../review/persist.js';
+import { getReviewStatus, listActiveReviews, requestReviewCancel, startReview, } from '../../review/review-manager.js';
+import { detectClaudeAuth } from '../../review/auth.js';
+import { hasUserAnthropicKey, setUserAnthropicKey, } from '../../review/local-settings.js';
+import { buildReview, fetchCurrentHeadSha, fetchPrDiff, findingCommentBody, stripNoiseFromDiff, submitGithubComment, submitGithubReview, } from '../../review/post-review.js';
+import { isNoiseFile } from '../../review/prompt.js';
+import { accountIdOf } from '../plugins/auth.js';
+const MODELS = ['claude-opus-4-8', 'claude-sonnet-4-6', 'claude-haiku-4-5'];
+const VERDICTS = ['COMMENT', 'REQUEST_CHANGES', 'APPROVE'];
+const idParam = {
+    params: {
+        type: 'object',
+        required: ['id'],
+        properties: { id: { type: 'integer' } },
+    },
+};
+const reviewIdParam = {
+    params: {
+        type: 'object',
+        required: ['reviewId'],
+        properties: { reviewId: { type: 'integer' } },
+    },
+};
+const findingIdParam = {
+    params: {
+        type: 'object',
+        required: ['findingId'],
+        properties: { findingId: { type: 'integer' } },
+    },
+};
+const generateSchema = {
+    ...idParam,
+    body: {
+        type: 'object',
+        required: ['model'],
+        additionalProperties: false,
+        properties: { model: { type: 'string', enum: MODELS } },
+    },
+};
+const updateReviewSchema = {
+    ...reviewIdParam,
+    body: {
+        type: 'object',
+        additionalProperties: false,
+        properties: {
+            userBody: { type: 'string' },
+            userVerdict: { type: 'string', enum: VERDICTS },
+        },
+    },
+};
+const updateFindingSchema = {
+    ...findingIdParam,
+    body: {
+        type: 'object',
+        additionalProperties: false,
+        properties: {
+            included: { type: 'boolean' },
+            editedBody: { type: 'string' },
+        },
+    },
+};
+const postSchema = {
+    ...reviewIdParam,
+    body: {
+        type: 'object',
+        required: ['userVerdict'],
+        additionalProperties: false,
+        properties: { userVerdict: { type: 'string', enum: VERDICTS } },
+    },
+};
+// Feature is opt-in (ENABLE_CLAUDE_REVIEW). When off, mutating routes 404.
+function featureOff(reply) {
+    reply.status(404);
+    return {
+        error: 'NotFound',
+        message: 'Claude Review is disabled (set ENABLE_CLAUDE_REVIEW=true).',
+    };
+}
+export async function claudeReviewRoutes(app) {
+    // Latest run + findings + history + auth + enabled.
+    app.get('/api/prs/:id/claude-review', { schema: idParam }, async (req) => {
+        const { id } = req.params;
+        if (!config.claudeReviewEnabled) {
+            return {
+                enabled: false,
+                auth: 'none',
+                hasUserKey: false,
+                review: null,
+                history: [],
+            };
+        }
+        const accountId = accountIdOf(req);
+        const auth = detectClaudeAuth();
+        return {
+            enabled: true,
+            auth: auth.status,
+            authMessage: auth.status === 'none' ? auth.message : undefined,
+            hasUserKey: hasUserAnthropicKey(),
+            review: await getLatestClaudeReview(id, accountId),
+            history: await listClaudeReviewHistory(id, accountId),
+        };
+    });
+    // Set or clear the locally-stored Anthropic API key (local mode only — the
+    // whole route file is unregistered in cloud). An empty `key` clears it.
+    app.put('/api/claude-review/key', {
+        schema: {
+            body: {
+                type: 'object',
+                required: ['key'],
+                additionalProperties: false,
+                properties: { key: { type: 'string' } },
+            },
+        },
+    }, async (req) => {
+        const { key } = req.body;
+        setUserAnthropicKey(key);
+        return { hasUserKey: hasUserAnthropicKey(), auth: detectClaudeAuth().status };
+    });
+    // Kick off a run. 404 disabled/unknown PR, 400 no auth / no head, 409 busy.
+    app.post('/api/prs/:id/claude-review', { schema: generateSchema }, async (req, reply) => {
+        const { id } = req.params;
+        const { model } = req.body;
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const auth = detectClaudeAuth();
+        if (auth.status === 'none') {
+            reply.status(400);
+            return { error: 'NoClaudeAuth', message: auth.message };
+        }
+        const result = await startReview(id, model, app.log);
+        if (!result.ok) {
+            if (result.reason === 'not_found') {
+                reply.status(404);
+                return { error: 'NotFound', message: `PR ${id} not found` };
+            }
+            if (result.reason === 'no_head') {
+                reply.status(400);
+                return {
+                    error: 'NoHead',
+                    message: 'PR has no head commit to review yet.',
+                };
+            }
+            if (result.reason === 'disabled')
+                return featureOff(reply);
+            // already_running | busy
+            reply.status(409);
+            return {
+                error: 'Conflict',
+                message: result.reason === 'already_running'
+                    ? 'A review is already running for this PR.'
+                    : 'Another review is in progress; try again shortly.',
+            };
+        }
+        reply.status(202);
+        return { reviewId: result.reviewId, status: 'queued' };
+    });
+    // Live progress poll target.
+    app.get('/api/prs/:id/claude-review/status', { schema: idParam }, async (req) => {
+        const { id } = req.params;
+        if (!config.claudeReviewEnabled) {
+            return { status: 'idle', reviewId: null, progress: null };
+        }
+        return await getReviewStatus(id);
+    });
+    app.post('/api/prs/:id/claude-review/cancel', { schema: idParam }, async (req, reply) => {
+        const { id } = req.params;
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const ok = requestReviewCancel(id);
+        if (!ok) {
+            reply.status(404);
+            return { error: 'NotFound', message: 'No running review for this PR.' };
+        }
+        return { status: 'cancelling' };
+    });
+    // All in-flight reviews (global progress banner). Static path — Fastify
+    // prioritises it over the /:reviewId param route.
+    app.get('/api/claude-reviews/active', async () => {
+        if (!config.claudeReviewEnabled)
+            return { reviews: [] };
+        return { reviews: await listActiveReviews() };
+    });
+    // A specific past run (with findings) — drives the history selector.
+    app.get('/api/claude-reviews/:reviewId', { schema: reviewIdParam }, async (req, reply) => {
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const { reviewId } = req.params;
+        const review = await getClaudeReviewById(reviewId, accountIdOf(req));
+        if (!review) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Review ${reviewId} not found` };
+        }
+        return review;
+    });
+    // Save the user's authored draft (never touches Claude's summary/verdict).
+    app.patch('/api/claude-reviews/:reviewId', { schema: updateReviewSchema }, async (req, reply) => {
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const { reviewId } = req.params;
+        const body = req.body;
+        const ok = await updateReviewDraft(reviewId, body);
+        if (!ok) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Review ${reviewId} not found` };
+        }
+        return { status: 'ok' };
+    });
+    // Tick a finding for inline posting and/or save the user's reworded body.
+    app.patch('/api/claude-findings/:findingId', { schema: updateFindingSchema }, async (req, reply) => {
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const { findingId } = req.params;
+        const body = req.body;
+        const ok = await updateFinding(findingId, body);
+        if (!ok) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Finding ${findingId} not found` };
+        }
+        return { status: 'ok' };
+    });
+    // Post a single anchored finding as a standalone inline comment (no review
+    // submitted). Pins to the run's head SHA; 409 if the PR head has since moved.
+    app.post('/api/claude-findings/:findingId/post', { schema: findingIdParam }, async (req, reply) => {
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const { findingId } = req.params;
+        const ctx = await getFindingPostContext(findingId, accountIdOf(req));
+        if (!ctx) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Finding ${findingId} not found` };
+        }
+        const f = ctx.finding;
+        if (f.line == null || !f.anchored) {
+            reply.status(400);
+            return {
+                error: 'NotAnchored',
+                message: "This finding isn't anchored to a diff line, so it can't post inline.",
+            };
+        }
+        try {
+            const currentHead = await fetchCurrentHeadSha(ctx.owner, ctx.name, ctx.prNumber);
+            if (currentHead !== ctx.reviewHeadSha) {
+                reply.status(409);
+                return {
+                    error: 'HeadMoved',
+                    message: 'The PR head has moved since this review. Re-review before posting.',
+                };
+            }
+            const { commentId } = await submitGithubComment({
+                owner: ctx.owner,
+                name: ctx.name,
+                prNumber: ctx.prNumber,
+                commitId: ctx.reviewHeadSha,
+                path: f.path,
+                line: f.line,
+                side: f.side,
+                body: findingCommentBody({
+                    body: f.body,
+                    editedBody: f.editedBody,
+                    suggestion: f.suggestion,
+                }),
+            });
+            await markFindingPosted(findingId, commentId);
+            const result = {
+                githubCommentId: commentId,
+                postedAt: new Date().toISOString(),
+            };
+            return result;
+        }
+        catch (err) {
+            reply.status(502);
+            return {
+                error: 'GitHubError',
+                message: err instanceof Error ? err.message : String(err),
+            };
+        }
+    });
+    // Post a single GitHub review (or, with ?dryRun=true, return the exact payload
+    // without calling GitHub).
+    app.post('/api/claude-reviews/:reviewId/post', { schema: postSchema }, async (req, reply) => {
+        if (!config.claudeReviewEnabled)
+            return featureOff(reply);
+        const { reviewId } = req.params;
+        const { userVerdict } = req.body;
+        const dryRun = req.query.dryRun === 'true';
+        const accountId = accountIdOf(req);
+        const ctx = await getClaudeReviewContext(reviewId, accountId);
+        if (!ctx) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Review ${reviewId} not found` };
+        }
+        const review = await getClaudeReviewById(reviewId, accountId);
+        if (!review) {
+            reply.status(404);
+            return { error: 'NotFound', message: `Review ${reviewId} not found` };
+        }
+        try {
+            // Re-validate against the live head — if it moved, a re-review is needed.
+            const currentHead = await fetchCurrentHeadSha(ctx.owner, ctx.name, ctx.prNumber);
+            if (currentHead !== ctx.review.headSha) {
+                reply.status(409);
+                return {
+                    error: 'HeadMoved',
+                    message: 'The PR head has moved since this review. Re-review before posting.',
+                };
+            }
+            // Persist the chosen verdict so the run records what was posted.
+            await updateReviewDraft(reviewId, { userVerdict });
+            const rawDiff = await fetchPrDiff(ctx.owner, ctx.name, ctx.prNumber);
+            const { diff } = stripNoiseFromDiff(rawDiff, isNoiseFile);
+            const built = buildReview({
+                commitId: ctx.review.headSha,
+                body: review.userBody ?? '',
+                event: userVerdict,
+                includedFindings: review.findings.filter((f) => f.included),
+                diff,
+            });
+            if (dryRun)
+                return built.preview;
+            const { reviewId: ghReviewId } = await submitGithubReview({
+                owner: ctx.owner,
+                name: ctx.name,
+                prNumber: ctx.prNumber,
+                commitId: ctx.review.headSha,
+                body: review.userBody ?? '',
+                event: userVerdict,
+                comments: built.preview.comments,
+            });
+            await markReviewPosted(reviewId, ghReviewId, built.postedFindingIds);
+            const result = {
+                postedReviewId: ghReviewId,
+                postedAt: new Date().toISOString(),
+                postedCommentCount: built.preview.comments.length,
+                skippedUnanchored: built.preview.skippedUnanchored,
+            };
+            return result;
+        }
+        catch (err) {
+            reply.status(502);
+            return {
+                error: 'GitHubError',
+                message: err instanceof Error ? err.message : String(err),
+            };
+        }
+    });
+}
+//# sourceMappingURL=claude-review.js.map

package/dist/api/routes/me.js

@@ -1,4 +1,6 @@
-import { ensureLocalUser } from '../../github/local-user.js';
+import { config } from '../../config.js';
+import { accountToLocalUser } from '../../auth/account.js';
+import { accountIdOf } from '../plugins/auth.js';
 import { dismissMyTurn, getMyTurn } from '../../db/queries.js';
 const dismissSchema = {
     body: {
@@ -12,9 +14,9 @@ const dismissSchema = {
     },
 };
 export async function meRoutes(app) {
-    app.get('/api/me', async () => {
-        const user = ensureLocalUser();
-        const myTurn = getMyTurn();
+    app.get('/api/me', async (req) => {
+        const user = accountToLocalUser(req.account);
+        const myTurn = await getMyTurn(accountIdOf(req));
         return {
             user,
             counts: {
@@ -22,12 +24,14 @@ export async function meRoutes(app) {
                 yourPrsActivity: myTurn.yourPrs.length,
                 threadsAwaiting: myTurn.threadsAwaiting.length,
             },
+            claudeReviewEnabled: config.claudeReviewEnabled,
+            deploymentMode: config.deploymentMode,
         };
     });
-    app.get('/api/my-turn', async () => getMyTurn());
+    app.get('/api/my-turn', async (req) => getMyTurn(accountIdOf(req)));
     app.post('/api/my-turn/dismiss', { schema: dismissSchema }, async (req) => {
         const { kind, refId } = req.body;
-        dismissMyTurn(kind, refId);
+        await dismissMyTurn(accountIdOf(req), kind, refId);
         return { status: 'ok' };
     });
 }

package/dist/api/routes/mergers.js

@@ -1,7 +1,8 @@
 import { getMergers } from '../../db/queries.js';
+import { accountIdOf } from '../plugins/auth.js';
 // Per-repo "merge rights" inference (distinct users who've merged a PR there).
 // Reference data — no filters; the frontend looks it up per timeline row.
 export async function mergersRoutes(app) {
-    app.get('/api/mergers', async () => getMergers());
+    app.get('/api/mergers', async (req) => getMergers(accountIdOf(req)));
 }
 //# sourceMappingURL=mergers.js.map

package/dist/api/routes/open-prs.js

@@ -1,4 +1,5 @@
 import { getOpenPrs } from '../../db/queries.js';
+import { accountIdOf } from '../plugins/auth.js';
 function parseIntList(raw) {
     if (!raw)
         return null;
@@ -11,7 +12,8 @@ function parseIntList(raw) {
 export async function openPrsRoutes(app) {
     app.get('/api/open-prs', async (req) => {
         const q = req.query;
-        const prs = getOpenPrs({
+        const prs = await getOpenPrs({
+            accountId: accountIdOf(req),
             repoIds: parseIntList(q.repoIds),
             userIds: parseIntList(q.userIds),
         });