ticketlens 0.1.0

package/skills/jtb/scripts/lib/code-ref-parser.mjs

@@ -0,0 +1,113 @@
+/**
+ * Extracts code references (file paths, methods, classes, SHAs, branches, etc.)
+ * from Jira ticket text (descriptions, comments).
+ */
+
+// Module-level constants — compiled once, reused across all calls
+const RE_FILE_PATHS    = /(?:^|[\s,;(])((?:\/|[a-zA-Z0-9_.-]+\/)[a-zA-Z0-9_.\/-]*\.[a-zA-Z0-9]+)/gm;
+const RE_METHODS       = /\b([a-zA-Z_][a-zA-Z0-9_]*)\(\)/g;
+const RE_CLASSES       = /\b([A-Z][a-zA-Z0-9]*(?:_[A-Z][a-zA-Z0-9]*)+)\b/g;
+const RE_SHA_FULL      = /\b([0-9a-f]{40})\b/g;
+const RE_SHA_SHORT     = /\b([0-9a-f]{7})\b/g;
+const RE_SHA_HAS_DIGIT = /[0-9]/;
+const RE_SHA_HAS_ALPHA = /[a-f]/;
+const RE_SVN           = /\b(r\d+)\b/g;
+const RE_BRANCHES      = /\b((?:feature|bugfix|hotfix|release|fix)\/[a-zA-Z0-9_.-]+-[a-zA-Z0-9_.-]+(?:-[a-zA-Z0-9_.-]+)*)\b/g;
+const RE_NAMESPACES    = /\b([A-Z][a-zA-Z0-9]*(?:\\[A-Z][a-zA-Z0-9]*)+)\b/g;
+
+export function extractFilePaths(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_FILE_PATHS.lastIndex = 0;
+  while ((match = RE_FILE_PATHS.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractMethodNames(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_METHODS.lastIndex = 0;
+  while ((match = RE_METHODS.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractClassNames(text) {
+  if (!text) return [];
+  // Matches PascalCase names (MyClass) and underscore-separated (Zend_Controller_Action)
+  const results = [];
+  let match;
+  RE_CLASSES.lastIndex = 0;
+  while ((match = RE_CLASSES.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractShas(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_SHA_FULL.lastIndex = 0;
+  while ((match = RE_SHA_FULL.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  // 7-char short SHAs (must contain at least one digit and one letter to avoid false positives)
+  RE_SHA_SHORT.lastIndex = 0;
+  while ((match = RE_SHA_SHORT.exec(text)) !== null) {
+    if (RE_SHA_HAS_DIGIT.test(match[1]) && RE_SHA_HAS_ALPHA.test(match[1])) {
+      results.push(match[1]);
+    }
+  }
+  return [...new Set(results)];
+}
+
+export function extractSvnRevisions(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_SVN.lastIndex = 0;
+  while ((match = RE_SVN.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractBranches(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_BRANCHES.lastIndex = 0;
+  while ((match = RE_BRANCHES.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractNamespaces(text) {
+  if (!text) return [];
+  const results = [];
+  let match;
+  RE_NAMESPACES.lastIndex = 0;
+  while ((match = RE_NAMESPACES.exec(text)) !== null) {
+    results.push(match[1]);
+  }
+  return [...new Set(results)];
+}
+
+export function extractCodeReferences(text) {
+  return {
+    filePaths: extractFilePaths(text),
+    methods: extractMethodNames(text),
+    classes: extractClassNames(text),
+    shas: extractShas(text),
+    svnRevisions: extractSvnRevisions(text),
+    branches: extractBranches(text),
+    namespaces: extractNamespaces(text),
+  };
+}

package/skills/jtb/scripts/lib/commit-linker.mjs

@@ -0,0 +1,42 @@
+import { spawnSync } from 'node:child_process';
+
+const TICKET_KEY_RE = /^[A-Z][A-Z0-9]+-\d+$/;
+const SPAWN_OPTS = { encoding: 'utf8', timeout: 10_000 };
+
+function run(execFn, cmd, args, cwd) {
+  const result = execFn(cmd, args, { ...SPAWN_OPTS, cwd });
+  return result.status === 0 ? (result.stdout || '') : null;
+}
+
+export function findLinkedCommits(ticketKey, opts = {}) {
+  if (!TICKET_KEY_RE.test(ticketKey)) {
+    throw new Error(`Invalid ticket key: ${ticketKey}`);
+  }
+
+  const execFn = opts.execFn ?? spawnSync;
+  const cwd    = opts.cwd    ?? process.cwd();
+
+  // git log: last 100 commits, one line each
+  const logOut = run(execFn, 'git', ['log', '--oneline', '-100', '--all'], cwd) ?? '';
+  const commits = logOut
+    .split('\n')
+    .filter(line => line.includes(ticketKey))
+    .map(line => line.trim())
+    .filter(Boolean);
+
+  // git branch: all local + remote branches
+  const branchOut = run(execFn, 'git', ['branch', '--all'], cwd) ?? '';
+  const branches = branchOut
+    .split('\n')
+    .map(line => line.replace(/^\*?\s+/, '').trim())
+    .filter(name => name.includes(ticketKey));
+
+  // git diff HEAD: current working diff
+  const diffOut = run(execFn, 'git', ['diff', 'HEAD'], cwd);
+
+  return {
+    commits,
+    branches,
+    diff: diffOut || null,
+  };
+}

package/skills/jtb/scripts/lib/compliance-checker.mjs

@@ -0,0 +1,92 @@
+import { spawnSync } from 'node:child_process';
+import { isLicensed, showUpgradePrompt } from './license.mjs';
+import { checkUsage, incrementUsage, FREE_LIMIT } from './usage-tracker.mjs';
+import { extractRequirements } from './requirement-extractor.mjs';
+import { findLinkedCommits } from './commit-linker.mjs';
+import { analyzeDiff } from './diff-analyzer.mjs';
+import { DEFAULT_CONFIG_DIR } from './config.mjs';
+import { appendLedger } from './ledger.mjs';
+
+const STATUS_ICON = { FOUND: '✔', PARTIAL: '~', NOT_FOUND: '✖' };
+
+function formatReport({ ticketKey, requirements, analysis, usage, isPro }) {
+  const { results, coveragePercent } = analysis;
+  const lines = [
+    '',
+    `  Compliance Check — ${ticketKey}`,
+    `  ${'─'.repeat(50)}`,
+    '',
+  ];
+
+  if (requirements.length === 0) {
+    lines.push('  No acceptance criteria found in ticket description.');
+    lines.push('  Add a "Acceptance Criteria" section or Given/When/Then statements.');
+    lines.push('');
+    return lines.join('\n');
+  }
+
+  for (const { requirement, status, evidence } of results) {
+    const icon = STATUS_ICON[status] ?? '?';
+    lines.push(`  ${icon} ${requirement}`);
+    if (evidence) lines.push(`      └─ ${evidence}`);
+  }
+
+  lines.push('');
+  lines.push(`  Coverage: ${coveragePercent}%  (${results.filter(r => r.status === 'FOUND').length}/${results.length} requirements found)`);
+  lines.push('');
+
+  if (!isPro) {
+    const remaining = FREE_LIMIT - (usage.count + 1); // +1 = this check (already incremented)
+    lines.push(`  Free tier: ${remaining} compliance check${remaining !== 1 ? 's' : ''} remaining this month.`);
+    lines.push('  Upgrade to Pro for unlimited checks.');
+    lines.push('');
+  }
+
+  return lines.join('\n');
+}
+
+export async function runComplianceCheck({
+  brief,
+  ticketKey,
+  configDir = DEFAULT_CONFIG_DIR,
+  stream = process.stderr,
+  isLicensedFn       = isLicensed,
+  showUpgradeFn      = showUpgradePrompt,
+  checkUsageFn       = checkUsage,
+  incrementUsageFn   = incrementUsage,
+  extractRequirementsFn = extractRequirements,
+  findLinkedCommitsFn   = findLinkedCommits,
+  analyzeDiffFn         = analyzeDiff,
+  appendLedgerFn        = appendLedger,
+  execFn                = spawnSync,
+}) {
+  const isPro = isLicensedFn('pro', configDir);
+  const usage = checkUsageFn(configDir);
+
+  if (!isPro && !usage.canUse) {
+    showUpgradeFn('pro', '--compliance', { stream });
+    return null;
+  }
+
+  incrementUsageFn(configDir);
+
+  const requirements = extractRequirementsFn(brief);
+  const { diff } = findLinkedCommitsFn(ticketKey, { cwd: process.cwd() });
+  const analysis = analyzeDiffFn(requirements, diff);
+
+  const report = formatReport({ ticketKey, requirements, analysis, usage, isPro });
+  const coveragePercent = analysis.coveragePercent;
+  const missing = analysis.results
+    .filter(r => r.status === 'NOT_FOUND')
+    .map(r => r.requirement);
+
+  if (isPro) {
+    const gitEmail = execFn('git', ['config', 'user.email'], { encoding: 'utf8' }).stdout?.trim() ?? 'unknown';
+    appendLedgerFn(
+      { ticketKey, commitSha: 'HEAD', author: gitEmail || 'unknown', coverage: coveragePercent, missing },
+      { configDir, isPro }
+    );
+  }
+
+  return { report, coveragePercent, noCriteria: requirements.length === 0 };
+}

package/skills/jtb/scripts/lib/config-wizard.mjs

@@ -0,0 +1,392 @@
+/**
+ * ticketlens config — Edit settings for an existing profile.
+ * Pre-populates every field with the current value; Enter keeps it unchanged.
+ * Triage statuses use merge semantics: new entries are added, existing ones preserved.
+ */
+
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+import { existsSync, mkdirSync } from 'node:fs';
+import { createStyler } from './ansi.mjs';
+import { createSession } from './banner.mjs';
+import { classifyError } from './error-classifier.mjs';
+import { fetchCurrentUser, fetchStatuses } from './jira-client.mjs';
+import { loadProfiles, loadCredentials, saveProfile } from './profile-resolver.mjs';
+import { promptSelect } from './select-prompt.mjs';
+import { parseAge } from './cache-manager.mjs';
+import { DEFAULT_BRIEF_TTL } from './brief-cache.mjs';
+import { DEFAULT_CONFIG_DIR } from './config.mjs';
+import { visLen, SERVER_AUTH_TYPES, promptText, promptSecret, promptYN } from './prompt-helpers.mjs';
+import { isLicensed } from './license.mjs';
+
+const RETRY_OPTIONS = [
+  { label: 'Retry',             sublabel: 'Try again — same credentials (e.g. VPN just connected)', value: 'retry' },
+  { label: 'Edit credentials',  sublabel: 'Change email / token',                                   value: 'creds' },
+  { label: 'Edit from URL',     sublabel: 'Change URL, auth type, or credentials',                  value: 'url'   },
+  { label: 'Skip',              sublabel: 'Abandon connection changes — no changes saved',           value: 'skip'  },
+];
+
+// ── Main ──────────────────────────────────────────────────────────────────────
+
+export async function run({ configDir = DEFAULT_CONFIG_DIR, profileName } = {}) {
+  const stream = process.stderr;
+  const s = createStyler({ isTTY: stream.isTTY });
+  const bc = s.cyan;
+
+  const config = loadProfiles(configDir);
+  if (!config || Object.keys(config.profiles).length === 0) {
+    stream.write(`  ${s.red('✖')} No profiles configured. Run ${s.cyan('ticketlens init')} first.\n`);
+    process.exitCode = 1;
+    return;
+  }
+
+  const target = profileName || config.default || Object.keys(config.profiles)[0];
+  const profile = config.profiles[target];
+  if (!profile) {
+    stream.write(`  ${s.red('✖')} Profile "${target}" not found.\n`);
+    const names = Object.keys(config.profiles);
+    stream.write(`  ${s.dim('Available:')} ${names.map(n => s.cyan(n)).join(s.dim(', '))}\n`);
+    process.exitCode = 1;
+    return;
+  }
+
+  const creds = loadCredentials(configDir);
+  const profileCreds = creds[target] || {};
+  const hostname = (() => { try { return new URL(profile.baseUrl).hostname; } catch { return profile.baseUrl; } })();
+
+  // Header box
+  const headerLines = [
+    `Editing profile ${s.bold(s.cyan(`"${target}"`))}`,
+    `${s.dim('Server:')}  ${hostname}`,
+  ];
+  const innerWidth = headerLines.reduce((max, l) => Math.max(max, visLen(l)), 0) + 4;
+  stream.write('\n');
+  stream.write(bc('╭' + '─'.repeat(innerWidth) + '╮') + '\n');
+  for (const line of headerLines) {
+    const pad = innerWidth - visLen(line) - 1;
+    stream.write(bc('│') + ' ' + line + ' '.repeat(Math.max(0, pad)) + bc('│') + '\n');
+  }
+  stream.write(bc('╰' + '─'.repeat(innerWidth) + '╯') + '\n');
+
+  // ── Connection ─────────────────────────────────────────────────────────────
+  stream.write(`\n  ${s.dim('──── Connection ────')}\n\n`);
+
+  // Working copies — mutated by the retry loop if the user edits
+  let url  = profile.baseUrl;
+  let auth = profile.auth;
+  let email = profile.email || '';
+  const existingToken = profileCreds.pat || profileCreds.apiToken || '';
+  let token = existingToken;
+
+  // ── URL ───────────────────────────────────────────────────────────────────
+  const urlTyped = await promptText(
+    s.dim('Jira URL') + s.dim(`  [current: ${profile.baseUrl}]:`),
+    { stream, defaultValue: profile.baseUrl }
+  );
+  if (urlTyped !== profile.baseUrl) {
+    // Auto-prefix https:// when the user omits the protocol
+    url = /^https?:\/\//i.test(urlTyped)
+      ? urlTyped.replace(/\/$/, '')
+      : `https://${urlTyped.replace(/\/$/, '')}`;
+    if (url !== urlTyped) stream.write(`  ${s.dim('○')} Interpreted as ${url}\n`);
+  }
+
+  // ── Auth type ─────────────────────────────────────────────────────────────
+  const isCloud = /\.atlassian\.net(\/|$)/i.test(url);
+  if (isCloud && auth !== 'cloud') {
+    auth = 'cloud';
+    stream.write(`  ${s.green('✔')} Jira Cloud detected — using email + API token\n`);
+  } else if (!isCloud) {
+    const currentIdx = SERVER_AUTH_TYPES.findIndex(a => a.value === auth);
+    stream.write(`\n  ${s.dim('Auth type:')}\n\n`);
+    const authIdx = await promptSelect(SERVER_AUTH_TYPES, {
+      stream,
+      hint: '↑/↓ select   Enter confirm',
+      initialIndex: Math.max(0, currentIdx),
+    });
+    if (authIdx !== null) auth = SERVER_AUTH_TYPES[authIdx].value;
+  }
+
+  // ── Email / username ──────────────────────────────────────────────────────
+  if (auth === 'cloud' || auth === 'basic') {
+    const emailHint = email ? s.dim(`  [current: ${email}]`) : '';
+    const emailLabel = (auth === 'cloud' ? s.dim('Email') : s.dim('Username')) + emailHint + s.dim(':');
+    email = await promptText(emailLabel, {
+      stream,
+      defaultValue: email,
+      validate: (v) => {
+        if (!v) return 'Cannot be empty.';
+        if (auth === 'cloud' && !v.includes('@')) return 'Enter a valid email address.';
+        return null;
+      },
+    });
+  }
+
+  // ── Token / PAT / password ────────────────────────────────────────────────
+  const tokenHint = existingToken ? s.dim('  [keep existing]') : '';
+  const tokenLabel = (auth === 'cloud'
+    ? s.dim('API token')
+    : auth === 'pat'
+      ? s.dim('Personal access token')
+      : s.dim('Password')) + tokenHint + s.dim(':');
+  token = await promptSecret(tokenLabel, { stream, existingValue: existingToken });
+  const tokenChanged = token !== existingToken;
+
+  // ── Connection test (only when something changed) ─────────────────────────
+  const connectionChanged = url !== profile.baseUrl
+    || auth !== profile.auth
+    || email !== (profile.email || '')
+    || tokenChanged;
+
+  let connected = !connectionChanged;
+
+  if (connectionChanged) {
+    let startFrom = 'test';
+
+    setupLoop: while (true) {
+      // Re-prompt URL + auth
+      if (startFrom === 'url') {
+        stream.write('\n');
+        const reTyped = await promptText(
+          s.dim('Jira URL') + s.dim(`  [current: ${url}]:`),
+          { stream, defaultValue: url }
+        );
+        if (reTyped !== url) {
+          url = /^https?:\/\//i.test(reTyped)
+            ? reTyped.replace(/\/$/, '')
+            : `https://${reTyped.replace(/\/$/, '')}`;
+          if (url !== reTyped) stream.write(`  ${s.dim('○')} Interpreted as ${url}\n`);
+        }
+        const reCloud = /\.atlassian\.net(\/|$)/i.test(url);
+        if (reCloud) {
+          auth = 'cloud';
+          stream.write(`  ${s.green('✔')} Jira Cloud detected — using email + API token\n\n`);
+        } else if (auth === 'cloud') {
+          stream.write(`\n  ${s.dim('Auth type:')}\n\n`);
+          const idx = await promptSelect(SERVER_AUTH_TYPES, { stream, hint: '↑/↓ select   Enter confirm' });
+          if (idx !== null) auth = SERVER_AUTH_TYPES[idx].value;
+        }
+        startFrom = 'creds';
+      }
+
+      // Re-prompt email + token (pre-populated)
+      if (startFrom === 'creds') {
+        if (auth === 'cloud' || auth === 'basic') {
+          const eHint = email ? s.dim(`  [current: ${email}]`) : '';
+          const eLabel = (auth === 'cloud' ? s.dim('Email') : s.dim('Username')) + eHint + s.dim(':');
+          email = await promptText(eLabel, {
+            stream,
+            defaultValue: email,
+            validate: (v) => {
+              if (!v) return 'Cannot be empty.';
+              if (auth === 'cloud' && !v.includes('@')) return 'Enter a valid email address.';
+              return null;
+            },
+          });
+        }
+        const tHint = token ? s.dim('  [keep existing]') : '';
+        const tLabel = (auth === 'cloud' ? s.dim('API token') : auth === 'pat' ? s.dim('Personal access token') : s.dim('Password')) + tHint + s.dim(':');
+        token = await promptSecret(tLabel, { stream, existingValue: token });
+      }
+
+      // Test connection
+      const testEnv = {
+        JIRA_BASE_URL: url,
+        JIRA_EMAIL: email,
+        JIRA_API_TOKEN: auth !== 'pat' ? token : '',
+        JIRA_PAT: auth === 'pat' ? token : '',
+      };
+      const testVersion = auth === 'cloud' ? 3 : 2;
+      const session = createSession({ baseUrl: url, profileName: target, email: email || undefined, pat: auth === 'pat' ? token : undefined }, { stream });
+      stream.write('\n');
+      session.spin('Testing connection...');
+
+      try {
+        await fetchCurrentUser({ env: testEnv, apiVersion: testVersion });
+        session.connected();
+        connected = true;
+        break setupLoop;
+      } catch (err) {
+        session.failed();
+        const classified = classifyError(err, { baseUrl: url, profileName: target });
+        session.footer(classified.message, 'error', classified.hint);
+      }
+
+      stream.write(`\n  ${s.dim('What would you like to do?')}\n\n`);
+      const retryIdx = await promptSelect(RETRY_OPTIONS, { stream, hint: '↑/↓ select   Enter confirm' });
+      if (retryIdx === null || RETRY_OPTIONS[retryIdx].value === 'skip') break setupLoop;
+      startFrom = RETRY_OPTIONS[retryIdx].value;
+    }
+
+    if (!connected) {
+      stream.write(`\n  ${s.yellow('○')} Connection changes discarded. ${s.dim('Run')} ${s.cyan('ticketlens config')} ${s.dim('again to retry.')}\n\n`);
+      process.exitCode = 1;
+      return;
+    }
+  }
+
+  // ── Optional settings ──────────────────────────────────────────────────────
+  stream.write(`\n  ${s.dim('──── Optional ────')}\n\n`);
+
+  // Ticket prefixes
+  const curPrefixes = (profile.ticketPrefixes || []).join(', ');
+  const prefixInput = await promptText(
+    s.dim('Ticket prefixes') + s.dim(curPrefixes ? `  [current: ${curPrefixes}]:` : '  (e.g. PROJ,OPS — press Enter to skip):'),
+    { stream }
+  );
+  const existing = new Set(profile.ticketPrefixes || []);
+  if (prefixInput) {
+    for (const v of prefixInput.split(',').map(v => v.trim().toUpperCase()).filter(Boolean)) {
+      existing.add(v);
+    }
+  }
+  const ticketPrefixes = [...existing];
+
+  // Project path (single — used for auto-profile detection from cwd)
+  const home = homedir();
+  const cwd = process.cwd();
+  const cwdDisplay = cwd.startsWith(home) ? '~' + cwd.slice(home.length) : cwd;
+  const curPath = (profile.projectPaths || [])[0] || '';
+  const pathInput = await promptText(
+    s.dim('Project path') + s.dim(curPath ? `  [current: ${curPath}]:` : `  [${cwdDisplay}]:`),
+    { stream }
+  );
+  const rawPath = (pathInput.trim() || curPath || cwdDisplay).replace(/\/+$/, '');
+
+  const projectPaths = [];
+  if (rawPath) {
+    const expanded = rawPath.startsWith('~') ? join(home, rawPath.slice(1)) : rawPath;
+    if (existsSync(expanded)) {
+      projectPaths.push(rawPath);
+      stream.write(`  ${s.green('✔')} ${rawPath}\n`);
+    } else {
+      stream.write(`  ${s.yellow('○')} ${s.dim(rawPath)} — directory not found\n`);
+      const doCreate = await promptYN(`Create ${rawPath}?`, { stream });
+      if (doCreate) {
+        try {
+          mkdirSync(expanded, { recursive: true });
+          projectPaths.push(rawPath);
+          stream.write(`  ${s.green('✔')} Created\n`);
+        } catch (mkErr) {
+          stream.write(`  ${s.red('✖')} Could not create: ${mkErr.message}\n`);
+        }
+      }
+    }
+  }
+
+  // ── Triage statuses (merge semantics) ────────────────────────────────────
+  // Typing new values ADDS them to the current list (with partial matching).
+  // Existing statuses are never removed by this prompt.
+  const currentStatuses = profile.triageStatuses?.length
+    ? profile.triageStatuses
+    : ['In Progress', 'Code Review', 'QA'];
+  const curStatusesStr = currentStatuses.join(', ');
+
+  const statusInput = await promptText(
+    s.dim('Add triage statuses') + s.dim(`  [current: ${curStatusesStr} — Enter to keep]:`),
+    { stream }
+  );
+
+  let triageStatuses = currentStatuses;
+
+  if (statusInput) {
+    const newEntries = statusInput.split(',').map(v => v.trim()).filter(Boolean);
+    const existingLower = new Set(currentStatuses.map(n => n.toLowerCase()));
+    // Only validate statuses that aren't already in the list
+    const toValidate = newEntries.filter(n => !existingLower.has(n.toLowerCase()));
+
+    if (toValidate.length > 0) {
+      const validateEnv = {
+        JIRA_BASE_URL: url,
+        JIRA_EMAIL: email,
+        JIRA_API_TOKEN: auth !== 'pat' ? token : '',
+        JIRA_PAT: auth === 'pat' ? token : '',
+      };
+      const validateApiVersion = auth === 'cloud' ? 3 : 2;
+
+      stream.write(`  ${s.dim('Validating new statuses...')}\n`);
+      try {
+        const available = await fetchStatuses({ env: validateEnv, apiVersion: validateApiVersion });
+        const lowerMap = new Map(available.map(n => [n.toLowerCase(), n]));
+        stream.write('\x1b[A\r\x1b[2K');
+
+        const toAdd = [];
+        for (const name of toValidate) {
+          if (available.includes(name)) {
+            toAdd.push(name);
+            stream.write(`  ${s.green('✔')} ${name}\n`);
+          } else {
+            // Case-insensitive exact match
+            const exact = lowerMap.get(name.toLowerCase());
+            if (exact) {
+              stream.write(`  ${s.yellow('~')} ${s.dim(name)}  →  ${s.cyan(exact)}\n`);
+              toAdd.push(exact);
+            } else {
+              // Partial match: "QA" → "QA Testing"
+              const partial = available.find(a =>
+                a.toLowerCase().includes(name.toLowerCase()) ||
+                name.toLowerCase().startsWith(a.toLowerCase().split(' ')[0])
+              );
+              if (partial) {
+                stream.write(`  ${s.yellow('~')} ${s.dim(name)}  →  ${s.cyan(partial)}\n`);
+                toAdd.push(partial);
+              } else {
+                stream.write(`  ${s.red('✖')} ${name}  ${s.dim('(not found — skipped)')}\n`);
+              }
+            }
+          }
+        }
+
+        triageStatuses = [...currentStatuses, ...toAdd];
+        if (toAdd.length > 0) {
+          stream.write(`  ${s.dim('Updated list:')} ${triageStatuses.map(n => s.cyan(n)).join(s.dim(', '))}\n`);
+        }
+      } catch {
+        stream.write('\x1b[A\r\x1b[2K');
+        // Jira unreachable — add without validation, deduped
+        const toAddRaw = toValidate.filter(n => !existingLower.has(n.toLowerCase()));
+        triageStatuses = [...currentStatuses, ...toAddRaw];
+      }
+    }
+  }
+
+  // ── Cache TTL (Pro feature) ───────────────────────────────────────────────
+  let cacheTtl = DEFAULT_BRIEF_TTL;
+  if (isLicensed('pro', configDir)) {
+    const curTtl = profile.cacheTtl || DEFAULT_BRIEF_TTL;
+    const ttlInput = await promptText(
+      s.dim('Brief cache TTL') + s.dim(`  [current: ${curTtl} — e.g. 4h, 7d, 30d, 0 to disable — Enter to keep]:`),
+      { stream, validate: (v) => {
+        if (!v || v === curTtl) return null;
+        if (v === '0') return null;
+        return parseAge(v) === null ? 'Use a number followed by h, d, w, m, or y (e.g. 4h, 7d, 30d)' : null;
+      } }
+    );
+    cacheTtl = ttlInput || curTtl;
+  } else {
+    stream.write(`  ${s.dim('○')} Brief cache TTL: ${s.dim('4h')}  ${s.dim('·')}  ${s.cyan('Pro')} ${s.dim('unlocks configurable TTL → ticketlens.dev/pricing')}\n`);
+  }
+
+  // ── Save ───────────────────────────────────────────────────────────────────
+  const updated = {
+    ...profile,
+    baseUrl: url,
+    auth,
+    triageStatuses,
+  };
+  if (email) updated.email = email;
+  if (ticketPrefixes.length > 0) updated.ticketPrefixes = ticketPrefixes;
+  else delete updated.ticketPrefixes;
+  if (projectPaths.length > 0) updated.projectPaths = projectPaths;
+  else delete updated.projectPaths;
+  if (cacheTtl && cacheTtl !== DEFAULT_BRIEF_TTL) updated.cacheTtl = cacheTtl;
+  else delete updated.cacheTtl;
+
+  // Only write credentials file if the token actually changed
+  const credData = (token !== existingToken)
+    ? (auth === 'pat' ? { pat: token } : { apiToken: token })
+    : {};
+
+  saveProfile(target, updated, credData, configDir);
+  stream.write(`\n  ${s.green('✔')} Profile ${s.bold(s.cyan(`"${target}"`))} updated.\n\n`);
+}