repowise 0.1.5 → 0.1.6

package/dist/src/commands/stop.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stop.d.ts","sourceRoot":"","sources":["../../../src/commands/stop.ts"],"names":[],"mappings":"AAAA,wBAAsB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAgB1C"}

package/dist/src/commands/stop.js

@@ -0,0 +1,17 @@
+export async function stop() {
+    try {
+        const { isRunning, stopProcess } = await import('@repowise/listener/process-manager');
+        if (!(await isRunning())) {
+            console.log('Listener is not running.');
+            return;
+        }
+        await stopProcess();
+        console.log('Listener stopped.');
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : 'Unknown error';
+        console.error(`Failed to stop listener: ${message}`);
+        process.exitCode = 1;
+    }
+}
+//# sourceMappingURL=stop.js.map

package/dist/src/commands/stop.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stop.js","sourceRoot":"","sources":["../../../src/commands/stop.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,IAAI,CAAC;QACH,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,oCAAoC,CAAC,CAAC;QAEtF,IAAI,CAAC,CAAC,MAAM,SAAS,EAAE,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACxC,OAAO;QACT,CAAC;QAED,MAAM,WAAW,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;QACrE,OAAO,CAAC,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;AACH,CAAC"}

package/dist/src/lib/ai-tools.d.ts

@@ -0,0 +1,23 @@
+export type AiTool = 'cursor' | 'claude-code' | 'copilot' | 'windsurf' | 'cline' | 'codex' | 'roo-code';
+export interface ContextFileInfo {
+    fileName: string;
+    relativePath: string;
+}
+interface ToolConfig {
+    label: string;
+    fileName: string;
+    filePath: string;
+    markerStart: string;
+    markerEnd: string;
+    format: 'markdown' | 'plain-text';
+}
+export declare const AI_TOOL_CONFIG: Record<AiTool, ToolConfig>;
+export declare const SUPPORTED_TOOLS: AiTool[];
+export declare function generateReference(tool: AiTool, repoName: string, contextFolder: string, contextFiles: ContextFileInfo[]): string;
+export declare function updateToolConfig(repoRoot: string, tool: AiTool, repoName: string, contextFolder: string, contextFiles: ContextFileInfo[]): Promise<{
+    created: boolean;
+}>;
+export declare function removeToolConfig(repoRoot: string, tool: AiTool): Promise<void>;
+export declare function scanLocalContextFiles(repoRoot: string, contextFolder: string): Promise<ContextFileInfo[]>;
+export {};
+//# sourceMappingURL=ai-tools.d.ts.map

package/dist/src/lib/ai-tools.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ai-tools.d.ts","sourceRoot":"","sources":["../../../src/lib/ai-tools.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,MAAM,GACd,QAAQ,GACR,aAAa,GACb,SAAS,GACT,UAAU,GACV,OAAO,GACP,OAAO,GACP,UAAU,CAAC;AAEf,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,UAAU,UAAU;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,UAAU,GAAG,YAAY,CAAC;CACnC;AAED,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAyDrD,CAAC;AAEF,eAAO,MAAM,eAAe,EAAE,MAAM,EAA4C,CAAC;AAejF,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,eAAe,EAAE,GAC9B,MAAM,CA4DR;AAED,wBAAsB,gBAAgB,CACpC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,eAAe,EAAE,GAC9B,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAA;CAAE,CAAC,CAuC/B;AAED,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAsBpF;AAED,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,eAAe,EAAE,CAAC,CAe5B"}

package/dist/src/lib/ai-tools.js

@@ -0,0 +1,193 @@
+import { readFile, writeFile, mkdir, readdir } from 'node:fs/promises';
+import { join, dirname } from 'node:path';
+export const AI_TOOL_CONFIG = {
+    cursor: {
+        label: 'Cursor',
+        fileName: '.cursorrules',
+        filePath: '.cursorrules',
+        markerStart: '# --- repowise-start ---',
+        markerEnd: '# --- repowise-end ---',
+        format: 'plain-text',
+    },
+    'claude-code': {
+        label: 'Claude Code',
+        fileName: 'CLAUDE.md',
+        filePath: 'CLAUDE.md',
+        markerStart: '<!-- repowise-start -->',
+        markerEnd: '<!-- repowise-end -->',
+        format: 'markdown',
+    },
+    copilot: {
+        label: 'GitHub Copilot',
+        fileName: 'copilot-instructions.md',
+        filePath: '.github/copilot-instructions.md',
+        markerStart: '<!-- repowise-start -->',
+        markerEnd: '<!-- repowise-end -->',
+        format: 'markdown',
+    },
+    windsurf: {
+        label: 'Windsurf',
+        fileName: '.windsurfrules',
+        filePath: '.windsurfrules',
+        markerStart: '# --- repowise-start ---',
+        markerEnd: '# --- repowise-end ---',
+        format: 'plain-text',
+    },
+    cline: {
+        label: 'Cline',
+        fileName: '.clinerules',
+        filePath: '.clinerules',
+        markerStart: '# --- repowise-start ---',
+        markerEnd: '# --- repowise-end ---',
+        format: 'plain-text',
+    },
+    codex: {
+        label: 'Codex',
+        fileName: 'AGENTS.md',
+        filePath: 'AGENTS.md',
+        markerStart: '<!-- repowise-start -->',
+        markerEnd: '<!-- repowise-end -->',
+        format: 'markdown',
+    },
+    'roo-code': {
+        label: 'Roo Code',
+        fileName: 'rules.md',
+        filePath: '.roo/rules.md',
+        markerStart: '<!-- repowise-start -->',
+        markerEnd: '<!-- repowise-end -->',
+        format: 'markdown',
+    },
+};
+export const SUPPORTED_TOOLS = Object.keys(AI_TOOL_CONFIG);
+function sanitizeRepoName(name) {
+    // Strip markdown/HTML special chars to prevent content injection
+    return name.replace(/[<>[\]`()|\\]/g, '');
+}
+function fileDescriptionFromName(fileName) {
+    return fileName
+        .replace(/\.md$/, '')
+        .split('-')
+        .map((w) => w.charAt(0).toUpperCase() + w.slice(1))
+        .join(' ');
+}
+export function generateReference(tool, repoName, contextFolder, contextFiles) {
+    const config = AI_TOOL_CONFIG[tool];
+    const safeName = sanitizeRepoName(repoName);
+    const fileLines = contextFiles.map((f) => {
+        const desc = fileDescriptionFromName(f.fileName);
+        const isOverview = f.fileName === 'project-overview.md';
+        return { path: f.relativePath, desc: isOverview ? `${desc} (full index of all files)` : desc };
+    });
+    const hasFiles = fileLines.length > 0;
+    if (config.format === 'markdown') {
+        const lines = [
+            config.markerStart,
+            '',
+            `## Project Context \u2014 ${safeName}`,
+            '',
+            `This repository has AI-optimized context files generated by RepoWise.`,
+            `Before making changes, read the relevant context files in \`${contextFolder}/\` to understand the project's architecture, coding patterns, conventions, and domain knowledge.`,
+            '',
+            `**Start here:** \`${contextFolder}/project-overview.md\` \u2014 the routing document that describes every context file and when to read it.`,
+            '',
+        ];
+        if (hasFiles) {
+            lines.push(`**Core context files:**`, '', ...fileLines.map((f) => `- \`${f.path}\` \u2014 ${f.desc}`), '', `> Additional context files may exist beyond this list. Check \`project-overview.md\` for the complete index.`);
+        }
+        lines.push('', config.markerEnd);
+        return lines.join('\n');
+    }
+    // plain-text format
+    const lines = [
+        config.markerStart,
+        `# Project Context \u2014 ${safeName}`,
+        '#',
+        `# This repository has AI-optimized context files generated by RepoWise.`,
+        `# Before making changes, read the relevant context files in ${contextFolder}/`,
+        `# to understand the project's architecture, coding patterns, conventions, and domain knowledge.`,
+        '#',
+        `# Start here: ${contextFolder}/project-overview.md`,
+        `#   The routing document that describes every context file and when to read it.`,
+    ];
+    if (hasFiles) {
+        lines.push('#', `# Core context files:`, ...fileLines.map((f) => `#   ${f.path} \u2014 ${f.desc}`), '#', '# Additional context files may exist beyond this list.', '# Check project-overview.md for the complete index.');
+    }
+    lines.push(config.markerEnd);
+    return lines.join('\n');
+}
+export async function updateToolConfig(repoRoot, tool, repoName, contextFolder, contextFiles) {
+    const config = AI_TOOL_CONFIG[tool];
+    const fullPath = join(repoRoot, config.filePath);
+    // Ensure parent directory exists for tools in subdirectories
+    const dir = dirname(fullPath);
+    if (dir !== repoRoot) {
+        await mkdir(dir, { recursive: true });
+    }
+    const referenceBlock = generateReference(tool, repoName, contextFolder, contextFiles);
+    let existing = '';
+    let created = true;
+    try {
+        existing = await readFile(fullPath, 'utf-8');
+        created = false;
+    }
+    catch (err) {
+        if (err.code !== 'ENOENT')
+            throw err;
+    }
+    const startIdx = existing.indexOf(config.markerStart);
+    const endIdx = existing.indexOf(config.markerEnd);
+    let content;
+    if (startIdx !== -1 && endIdx !== -1 && endIdx > startIdx) {
+        // Replace between markers (inclusive)
+        const before = existing.slice(0, startIdx);
+        const after = existing.slice(endIdx + config.markerEnd.length);
+        content = before + referenceBlock + after;
+    }
+    else {
+        // Append to end
+        const separator = existing.length > 0 && !existing.endsWith('\n') ? '\n\n' : existing.length > 0 ? '\n' : '';
+        content = existing + separator + referenceBlock + '\n';
+    }
+    await writeFile(fullPath, content, 'utf-8');
+    return { created };
+}
+export async function removeToolConfig(repoRoot, tool) {
+    const config = AI_TOOL_CONFIG[tool];
+    const fullPath = join(repoRoot, config.filePath);
+    let existing;
+    try {
+        existing = await readFile(fullPath, 'utf-8');
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return;
+        throw err;
+    }
+    const startIdx = existing.indexOf(config.markerStart);
+    const endIdx = existing.indexOf(config.markerEnd);
+    if (startIdx === -1 || endIdx === -1)
+        return;
+    const before = existing.slice(0, startIdx);
+    const after = existing.slice(endIdx + config.markerEnd.length);
+    const content = (before + after).replace(/\n{3,}/g, '\n\n').trim() + '\n';
+    await writeFile(fullPath, content, 'utf-8');
+}
+export async function scanLocalContextFiles(repoRoot, contextFolder) {
+    const folderPath = join(repoRoot, contextFolder);
+    try {
+        const entries = await readdir(folderPath, { withFileTypes: true });
+        return entries
+            .filter((e) => e.isFile() && e.name.endsWith('.md'))
+            .map((e) => ({
+            fileName: e.name,
+            relativePath: `${contextFolder}/${e.name}`,
+        }))
+            .sort((a, b) => a.fileName.localeCompare(b.fileName));
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return [];
+        throw err;
+    }
+}
+//# sourceMappingURL=ai-tools.js.map

package/dist/src/lib/ai-tools.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ai-tools.js","sourceRoot":"","sources":["../../../src/lib/ai-tools.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AACvE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAyB1C,MAAM,CAAC,MAAM,cAAc,GAA+B;IACxD,MAAM,EAAE;QACN,KAAK,EAAE,QAAQ;QACf,QAAQ,EAAE,cAAc;QACxB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,0BAA0B;QACvC,SAAS,EAAE,wBAAwB;QACnC,MAAM,EAAE,YAAY;KACrB;IACD,aAAa,EAAE;QACb,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,yBAAyB;QACtC,SAAS,EAAE,uBAAuB;QAClC,MAAM,EAAE,UAAU;KACnB;IACD,OAAO,EAAE;QACP,KAAK,EAAE,gBAAgB;QACvB,QAAQ,EAAE,yBAAyB;QACnC,QAAQ,EAAE,iCAAiC;QAC3C,WAAW,EAAE,yBAAyB;QACtC,SAAS,EAAE,uBAAuB;QAClC,MAAM,EAAE,UAAU;KACnB;IACD,QAAQ,EAAE;QACR,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,0BAA0B;QACvC,SAAS,EAAE,wBAAwB;QACnC,MAAM,EAAE,YAAY;KACrB;IACD,KAAK,EAAE;QACL,KAAK,EAAE,OAAO;QACd,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,0BAA0B;QACvC,SAAS,EAAE,wBAAwB;QACnC,MAAM,EAAE,YAAY;KACrB;IACD,KAAK,EAAE;QACL,KAAK,EAAE,OAAO;QACd,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,yBAAyB;QACtC,SAAS,EAAE,uBAAuB;QAClC,MAAM,EAAE,UAAU;KACnB;IACD,UAAU,EAAE;QACV,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,eAAe;QACzB,WAAW,EAAE,yBAAyB;QACtC,SAAS,EAAE,uBAAuB;QAClC,MAAM,EAAE,UAAU;KACnB;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAa,MAAM,CAAC,IAAI,CAAC,cAAc,CAAa,CAAC;AAEjF,SAAS,gBAAgB,CAAC,IAAY;IACpC,iEAAiE;IACjE,OAAO,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,uBAAuB,CAAC,QAAgB;IAC/C,OAAO,QAAQ;SACZ,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;SACpB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SAClD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,IAAY,EACZ,QAAgB,EAChB,aAAqB,EACrB,YAA+B;IAE/B,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACvC,MAAM,IAAI,GAAG,uBAAuB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,CAAC,CAAC,QAAQ,KAAK,qBAAqB,CAAC;QACxD,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,YAAY,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,4BAA4B,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjG,CAAC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;IAEtC,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG;YACZ,MAAM,CAAC,WAAW;YAClB,EAAE;YACF,6BAA6B,QAAQ,EAAE;YACvC,EAAE;YACF,uEAAuE;YACvE,+DAA+D,aAAa,mGAAmG;YAC/K,EAAE;YACF,qBAAqB,aAAa,2GAA2G;YAC7I,EAAE;SACH,CAAC;QACF,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,IAAI,CACR,yBAAyB,EACzB,EAAE,EACF,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,IAAI,EAAE,CAAC,EAC3D,EAAE,EACF,8GAA8G,CAC/G,CAAC;QACJ,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,oBAAoB;IACpB,MAAM,KAAK,GAAG;QACZ,MAAM,CAAC,WAAW;QAClB,4BAA4B,QAAQ,EAAE;QACtC,GAAG;QACH,yEAAyE;QACzE,+DAA+D,aAAa,GAAG;QAC/E,iGAAiG;QACjG,GAAG;QACH,iBAAiB,aAAa,sBAAsB;QACpD,iFAAiF;KAClF,CAAC;IACF,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,CAAC,IAAI,CACR,GAAG,EACH,uBAAuB,EACvB,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,EACzD,GAAG,EACH,wDAAwD,EACxD,qDAAqD,CACtD,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC7B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,QAAgB,EAChB,IAAY,EACZ,QAAgB,EAChB,aAAqB,EACrB,YAA+B;IAE/B,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEjD,6DAA6D;IAC7D,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;QACrB,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,cAAc,GAAG,iBAAiB,CAAC,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,YAAY,CAAC,CAAC;IAEtF,IAAI,QAAQ,GAAG,EAAE,CAAC;IAClB,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,OAAO,GAAG,KAAK,CAAC;IAClB,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,MAAM,GAAG,CAAC;IAClE,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAElD,IAAI,OAAe,CAAC;IACpB,IAAI,QAAQ,KAAK,CAAC,CAAC,IAAI,MAAM,KAAK,CAAC,CAAC,IAAI,MAAM,GAAG,QAAQ,EAAE,CAAC;QAC1D,sCAAsC;QACtC,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;QAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC/D,OAAO,GAAG,MAAM,GAAG,cAAc,GAAG,KAAK,CAAC;IAC5C,CAAC;SAAM,CAAC;QACN,gBAAgB;QAChB,MAAM,SAAS,GACb,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7F,OAAO,GAAG,QAAQ,GAAG,SAAS,GAAG,cAAc,GAAG,IAAI,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC5C,OAAO,EAAE,OAAO,EAAE,CAAC;AACrB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAgB,EAAE,IAAY;IACnE,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEjD,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC/C,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO;QAC7D,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAElD,IAAI,QAAQ,KAAK,CAAC,CAAC,IAAI,MAAM,KAAK,CAAC,CAAC;QAAE,OAAO;IAE7C,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IAC/D,MAAM,OAAO,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC;IAE1E,MAAM,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,QAAgB,EAChB,aAAqB;IAErB,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QACnE,OAAO,OAAO;aACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;aACnD,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACX,QAAQ,EAAE,CAAC,CAAC,IAAI;YAChB,YAAY,EAAE,GAAG,aAAa,IAAI,CAAC,CAAC,IAAI,EAAE;SAC3C,CAAC,CAAC;aACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,EAAE,CAAC;QAChE,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC"}

package/dist/src/lib/api.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../src/lib/api.ts"],"names":[],"mappings":"AAMA,wBAAsB,UAAU,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,CAAC,CAAC,CAgBnF"}
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../../src/lib/api.ts"],"names":[],"mappings":"AAWA,wBAAsB,UAAU,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,CAAC,CAAC,CAkCnF"}

package/dist/src/lib/api.js

@@ -1,15 +1,36 @@
-const API_URL = process.env['REPOWISE_API_URL'] ?? 'https://api.repowise.ai';
+import { clearCredentials, getValidCredentials } from './auth.js';
+import { getEnvConfig } from './env.js';
+function getApiUrl() {
+    return process.env['REPOWISE_API_URL'] ?? getEnvConfig().apiUrl;
+}
 export async function apiRequest(path, options) {
-    const response = await fetch(`${API_URL}${path}`, {
+    const credentials = await getValidCredentials();
+    if (!credentials) {
+        throw new Error('Not logged in. Run `repowise login` first.');
+    }
+    const response = await fetch(`${getApiUrl()}${path}`, {
         ...options,
         headers: {
             'Content-Type': 'application/json',
+            Authorization: `Bearer ${credentials.accessToken}`,
             ...options?.headers,
         },
     });
+    if (response.status === 401) {
+        await clearCredentials();
+        throw new Error('Session expired. Run `repowise login` again.');
+    }
     if (!response.ok) {
-        const body = (await response.json());
-        throw new Error(body.error?.message ?? 'Request failed');
+        let message = `Request failed with status ${response.status}`;
+        try {
+            const body = (await response.json());
+            if (body.error?.message)
+                message = body.error.message;
+        }
+        catch {
+            // Response body is not JSON (e.g. gateway 502/503) — use default message
+        }
+        throw new Error(message);
     }
     const json = (await response.json());
     return json.data;

package/dist/src/lib/api.js.map

@@ -1 +1 @@
-{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/lib/api.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,yBAAyB,CAAC;AAM7E,MAAM,CAAC,KAAK,UAAU,UAAU,CAAI,IAAY,EAAE,OAAqB;IACrE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,GAAG,IAAI,EAAE,EAAE;QAChD,GAAG,OAAO;QACV,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,GAAG,OAAO,EAAE,OAAO;SACpB;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,IAAI,gBAAgB,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;IACpD,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC"}
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/lib/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,SAAS,SAAS;IAChB,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,YAAY,EAAE,CAAC,MAAM,CAAC;AAClE,CAAC;AAMD,MAAM,CAAC,KAAK,UAAU,UAAU,CAAI,IAAY,EAAE,OAAqB;IACrE,MAAM,WAAW,GAAG,MAAM,mBAAmB,EAAE,CAAC;IAEhD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,EAAE,GAAG,IAAI,EAAE,EAAE;QACpD,GAAG,OAAO;QACV,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,UAAU,WAAW,CAAC,WAAW,EAAE;YAClD,GAAG,OAAO,EAAE,OAAO;SACpB;KACF,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QAC5B,MAAM,gBAAgB,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,IAAI,OAAO,GAAG,8BAA8B,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC9D,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAa,CAAC;YACjD,IAAI,IAAI,CAAC,KAAK,EAAE,OAAO;gBAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACP,yEAAyE;QAC3E,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;IACpD,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC"}

package/dist/src/lib/auth.d.ts

@@ -1,10 +1,28 @@
+export declare const CLI_CALLBACK_PORT = 19876;
 export interface StoredCredentials {
     accessToken: string;
     refreshToken: string;
     idToken: string;
     expiresAt: number;
 }
+export declare function generateCodeVerifier(): string;
+export declare function generateCodeChallenge(verifier: string): string;
+export declare function generateState(): string;
+export declare function getAuthorizeUrl(codeChallenge: string, state: string): string;
+export interface CallbackResult {
+    code: string;
+    state: string;
+}
+export declare function startCallbackServer(): Promise<CallbackResult>;
+export declare function exchangeCodeForTokens(code: string, codeVerifier: string): Promise<StoredCredentials>;
+export declare function refreshTokens(refreshToken: string): Promise<StoredCredentials>;
 export declare function getStoredCredentials(): Promise<StoredCredentials | null>;
 export declare function storeCredentials(credentials: StoredCredentials): Promise<void>;
 export declare function clearCredentials(): Promise<void>;
+export declare function getValidCredentials(): Promise<StoredCredentials | null>;
+export declare function performLogin(): Promise<StoredCredentials>;
+export declare function decodeIdToken(idToken: string): {
+    email: string;
+    tenantId?: string;
+};
 //# sourceMappingURL=auth.d.ts.map

package/dist/src/lib/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/lib/auth.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAO9E;AAED,wBAAsB,gBAAgB,CAAC,WAAW,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAGpF;AAED,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC,CAMtD"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/lib/auth.ts"],"names":[],"mappings":"AAUA,eAAO,MAAM,iBAAiB,QAAQ,CAAC;AAmBvC,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAED,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED,wBAAgB,aAAa,IAAI,MAAM,CAEtC;AAID,wBAAgB,eAAe,CAAC,aAAa,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAiB5E;AAQD,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,wBAAgB,mBAAmB,IAAI,OAAO,CAAC,cAAc,CAAC,CA8E7D;AAID,wBAAsB,qBAAqB,CACzC,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CA+B5B;AAID,wBAAsB,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,CA2BpF;AAID,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAY9E;AAED,wBAAsB,gBAAgB,CAAC,WAAW,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAIpF;AAED,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC,CAMtD;AAED,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAiB7E;AAID,wBAAsB,YAAY,IAAI,OAAO,CAAC,iBAAiB,CAAC,CA2B/D;AA0CD,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CAYnF"}

package/dist/src/lib/auth.js

@@ -1,27 +1,271 @@
-import { readFile, writeFile, mkdir } from 'node:fs/promises';
+import { createHash, randomBytes } from 'node:crypto';
+import { readFile, writeFile, mkdir, chmod, unlink } from 'node:fs/promises';
+import http from 'node:http';
 import { homedir } from 'node:os';
 import { join } from 'node:path';
+import { getEnvConfig } from './env.js';
 const CONFIG_DIR = join(homedir(), '.repowise');
 const CREDENTIALS_PATH = join(CONFIG_DIR, 'credentials.json');
+export const CLI_CALLBACK_PORT = 19876;
+const CALLBACK_TIMEOUT_MS = 120_000; // 2 minutes
+// Cognito config — read lazily so tests can set env vars before function calls
+function getCognitoConfig() {
+    const env = getEnvConfig();
+    return {
+        domain: process.env['REPOWISE_COGNITO_DOMAIN'] ?? env.cognitoDomain,
+        clientId: process.env['REPOWISE_COGNITO_CLIENT_ID'] ?? env.cognitoClientId,
+        region: process.env['REPOWISE_COGNITO_REGION'] ?? env.cognitoRegion,
+        customDomain: env.customDomain,
+    };
+}
+function getCognitoBaseUrl() {
+    const { domain, region, customDomain } = getCognitoConfig();
+    return customDomain ? `https://${domain}` : `https://${domain}.auth.${region}.amazoncognito.com`;
+}
+// --- PKCE (Proof Key for Code Exchange) ---
+export function generateCodeVerifier() {
+    return randomBytes(32).toString('base64url');
+}
+export function generateCodeChallenge(verifier) {
+    return createHash('sha256').update(verifier).digest('base64url');
+}
+export function generateState() {
+    return randomBytes(32).toString('hex');
+}
+// --- Cognito URL Construction ---
+export function getAuthorizeUrl(codeChallenge, state) {
+    const { clientId } = getCognitoConfig();
+    if (!clientId) {
+        throw new Error('Missing REPOWISE_COGNITO_CLIENT_ID environment variable. Configure it before running login.');
+    }
+    const params = new URLSearchParams({
+        response_type: 'code',
+        client_id: clientId,
+        redirect_uri: `http://localhost:${CLI_CALLBACK_PORT}/callback`,
+        code_challenge: codeChallenge,
+        code_challenge_method: 'S256',
+        scope: 'openid email profile',
+        state,
+    });
+    return `${getCognitoBaseUrl()}/oauth2/authorize?${params.toString()}`;
+}
+function getTokenUrl() {
+    return `${getCognitoBaseUrl()}/oauth2/token`;
+}
+export function startCallbackServer() {
+    return new Promise((resolve, reject) => {
+        const server = http.createServer((req, res) => {
+            // req.url is always defined for incoming HTTP requests (only undefined for client requests)
+            const url = new URL(req.url, `http://localhost:${CLI_CALLBACK_PORT}`);
+            if (url.pathname !== '/callback') {
+                res.writeHead(404);
+                res.end();
+                return;
+            }
+            const code = url.searchParams.get('code');
+            const state = url.searchParams.get('state');
+            const error = url.searchParams.get('error');
+            if (error) {
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end(callbackPage('Authentication Failed', 'Something went wrong. Please close this tab and try again.', true));
+                server.close();
+                reject(new Error(`Authentication error: ${error}`));
+                return;
+            }
+            if (!code || !state) {
+                res.writeHead(400, { 'Content-Type': 'text/html' });
+                res.end(callbackPage('Missing Parameters', 'The callback was missing required data. Please close this tab and try again.', true));
+                server.close();
+                reject(new Error('Missing code or state in callback'));
+                return;
+            }
+            res.writeHead(200, { 'Content-Type': 'text/html' });
+            res.end(callbackPage('Authentication Successful', 'You can close this tab and return to the terminal.', false));
+            server.close();
+            resolve({ code, state });
+        });
+        server.listen(CLI_CALLBACK_PORT, '127.0.0.1');
+        server.on('error', (err) => {
+            if (err.code === 'EADDRINUSE') {
+                reject(new Error(`Port ${CLI_CALLBACK_PORT} is already in use. Close the conflicting process and try again.`));
+            }
+            else {
+                reject(err);
+            }
+        });
+        const timeout = setTimeout(() => {
+            server.close();
+            reject(new Error('Authentication timed out. Please try again.'));
+        }, CALLBACK_TIMEOUT_MS);
+        server.on('close', () => clearTimeout(timeout));
+    });
+}
+// --- Token Exchange ---
+export async function exchangeCodeForTokens(code, codeVerifier) {
+    const response = await fetch(getTokenUrl(), {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            grant_type: 'authorization_code',
+            client_id: getCognitoConfig().clientId,
+            redirect_uri: `http://localhost:${CLI_CALLBACK_PORT}/callback`,
+            code,
+            code_verifier: codeVerifier,
+        }),
+    });
+    if (!response.ok) {
+        const text = await response.text();
+        throw new Error(`Token exchange failed: ${response.status} ${text}`);
+    }
+    const data = (await response.json());
+    return {
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token,
+        idToken: data.id_token,
+        expiresAt: Date.now() + data.expires_in * 1000,
+    };
+}
+// --- Token Refresh ---
+export async function refreshTokens(refreshToken) {
+    const response = await fetch(getTokenUrl(), {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+        body: new URLSearchParams({
+            grant_type: 'refresh_token',
+            client_id: getCognitoConfig().clientId,
+            refresh_token: refreshToken,
+        }),
+    });
+    if (!response.ok) {
+        throw new Error(`Token refresh failed: ${response.status}`);
+    }
+    const data = (await response.json());
+    return {
+        accessToken: data.access_token,
+        refreshToken, // Cognito does not return a new refresh token
+        idToken: data.id_token,
+        expiresAt: Date.now() + data.expires_in * 1000,
+    };
+}
+// --- Credential Storage ---
 export async function getStoredCredentials() {
     try {
         const data = await readFile(CREDENTIALS_PATH, 'utf-8');
         return JSON.parse(data);
     }
-    catch {
-        return null;
+    catch (err) {
+        // File doesn't exist or corrupt JSON — treat as no credentials
+        if (err.code === 'ENOENT' || err instanceof SyntaxError) {
+            return null;
+        }
+        // Permission errors (EPERM, EACCES) should surface — the file exists but can't be read
+        throw err;
     }
 }
 export async function storeCredentials(credentials) {
-    await mkdir(CONFIG_DIR, { recursive: true });
-    await writeFile(CREDENTIALS_PATH, JSON.stringify(credentials, null, 2), { mode: 0o600 });
+    await mkdir(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    await writeFile(CREDENTIALS_PATH, JSON.stringify(credentials, null, 2));
+    await chmod(CREDENTIALS_PATH, 0o600);
 }
 export async function clearCredentials() {
     try {
-        await writeFile(CREDENTIALS_PATH, '{}', { mode: 0o600 });
+        await unlink(CREDENTIALS_PATH);
+    }
+    catch (err) {
+        if (err.code !== 'ENOENT')
+            throw err;
+    }
+}
+export async function getValidCredentials() {
+    const creds = await getStoredCredentials();
+    if (!creds)
+        return null;
+    // Refresh if within 5 minutes of expiry
+    if (Date.now() > creds.expiresAt - 5 * 60 * 1000) {
+        try {
+            const refreshed = await refreshTokens(creds.refreshToken);
+            await storeCredentials(refreshed);
+            return refreshed;
+        }
+        catch {
+            await clearCredentials();
+            return null;
+        }
+    }
+    return creds;
+}
+// --- Auto-Login (Story 2.1) ---
+export async function performLogin() {
+    const codeVerifier = generateCodeVerifier();
+    const codeChallenge = generateCodeChallenge(codeVerifier);
+    const state = generateState();
+    const authorizeUrl = getAuthorizeUrl(codeChallenge, state);
+    const callbackPromise = startCallbackServer();
+    try {
+        const open = (await import('open')).default;
+        await open(authorizeUrl);
+    }
+    catch {
+        // Print URL as fallback
+        console.log(`\nOpen this URL in your browser to authenticate:\n`);
+        console.log(authorizeUrl);
+    }
+    const { code, state: returnedState } = await callbackPromise;
+    if (returnedState !== state) {
+        throw new Error('State mismatch — possible CSRF attack. Please try again.');
+    }
+    const credentials = await exchangeCodeForTokens(code, codeVerifier);
+    await storeCredentials(credentials);
+    return credentials;
+}
+// --- ID Token Decoding ---
+function callbackPage(title, message, isError) {
+    const icon = isError
+        ? '<svg width="48" height="48" fill="none" viewBox="0 0 24 24"><circle cx="12" cy="12" r="10" stroke="#ef4444" stroke-width="2"/><path stroke="#ef4444" stroke-width="2" stroke-linecap="round" d="M15 9l-6 6M9 9l6 6"/></svg>'
+        : '<svg width="48" height="48" fill="none" viewBox="0 0 24 24"><circle cx="12" cy="12" r="10" stroke="#10b981" stroke-width="2"/><path stroke="#10b981" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" d="M8 12l3 3 5-5"/></svg>';
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>${title} — RepoWise</title>
+  <link rel="icon" href="https://staging.repowise.ai/favicon.svg" type="image/svg+xml">
+  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
+  <style>
+    * { margin: 0; padding: 0; box-sizing: border-box; }
+    body { font-family: 'Inter', system-ui, sans-serif; background: #0a0b14; color: #e4e4e7; min-height: 100vh; display: flex; align-items: center; justify-content: center; }
+    .card { text-align: center; max-width: 440px; padding: 48px 40px; }
+    .logo { margin-bottom: 32px; }
+    .logo svg { height: 48px; width: auto; }
+    .icon { margin-bottom: 20px; }
+    h1 { font-size: 24px; font-weight: 700; margin-bottom: 8px; color: ${isError ? '#ef4444' : '#e4e4e7'}; }
+    p { font-size: 15px; color: #a1a1aa; line-height: 1.5; }
+  </style>
+</head>
+<body>
+  <div class="card">
+    <div class="logo">
+      <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 200 50" height="48">
+        <text x="0" y="38" font-family="Inter, system-ui, sans-serif" font-weight="700" font-size="36" fill="#e4e4e7">Repo<tspan fill="#6c5ce7">Wise</tspan></text>
+      </svg>
+    </div>
+    <div class="icon">${icon}</div>
+    <h1>${title}</h1>
+    <p>${message}</p>
+  </div>
+</body>
+</html>`;
+}
+export function decodeIdToken(idToken) {
+    try {
+        const parts = idToken.split('.');
+        if (parts.length < 2)
+            return { email: 'unknown' };
+        const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString());
+        return { email: payload.email ?? 'unknown', tenantId: payload['custom:tenant_id'] };
     }
     catch {
-        // Ignore if file doesn't exist
+        return { email: 'unknown' };
     }
 }
 //# sourceMappingURL=auth.js.map