ultrahope 0.1.10 → 0.1.12

package/README.md

@@ -12,14 +12,19 @@ npm install -g ultrahope
 
 ### Login
 
-Authenticate with your ultrahope account using device flow:
+You can try Ultrahope without logging in first. The CLI automatically creates an anonymous session and allows up to 5 requests per day with the Free plan limits.
+
+When you want to keep going, authenticate with your Ultrahope account using device flow:
 
 ```bash
 ultrahope login
 ```
 
-This will display a URL and code. Open the URL in your browser, sign in, and enter the code to authorize the CLI.
-On first successful login, `${XDG_CONFIG_HOME:-~/.config}/ultrahope/config.toml` is created automatically if missing.
+This will display a URL and code. Open the URL in your browser, sign in, and enter the code to authorize the CLI. On successful login, the CLI replaces the anonymous session with your authenticated one while keeping the local installation identity.
+
+Escalation (`Shift+E`) uses the Pro model set (`anthropic/claude-sonnet-4.6`,
+`openai/gpt-5.3-codex`). If your account is not Pro, escalation is not shown and
+requesting Pro-only models is rejected by the API.
 
 ### Translate
 
@@ -106,7 +111,7 @@ models = ["mistral/ministral-3b", "xai/grok-code-fast-1"]
 
 ### Credentials
 
-Credentials are stored in `~/.config/ultrahope/credentials.json`.
+Credentials and the local installation ID are stored in `~/.config/ultrahope/credentials.json`.
 
 ## Development
 

package/dist/git-ultrahope.js

@@ -36,7 +36,7 @@ function log(message, data) {
 // lib/api-client.ts
 var API_BASE_URL = process.env.ULTRAHOPE_API_URL ?? "https://ultrahope.dev";
 var InsufficientBalanceError = class extends Error {
-  constructor(balance, plan = "free", hint, actions) {
+  constructor(balance, plan = "anonymous", hint, actions) {
     super("Token balance exhausted");
     this.balance = balance;
     this.plan = plan;
@@ -55,7 +55,7 @@ var InsufficientBalanceError = class extends Error {
       }
     } else {
       lines.push(
-        "Error: Your free credit has been exhausted. Upgrade to Pro for unlimited requests with $5 included credit."
+        "Error: Free plan usage is limited. Upgrade to Pro for unlimited requests with $1 included credit."
       );
       if (this.actions?.upgrade) {
         lines.push(`  Upgrade: ${this.actions.upgrade}`);
@@ -65,11 +65,12 @@ var InsufficientBalanceError = class extends Error {
   }
 };
 var DailyLimitExceededError = class extends Error {
-  constructor(count, limit, resetsAt) {
+  constructor(count, limit, resetsAt, plan = "anonymous") {
     super("Daily request limit reached");
     this.count = count;
     this.limit = limit;
     this.resetsAt = resetsAt;
+    this.plan = plan;
     this.name = "DailyLimitExceededError";
   }
 };
@@ -79,6 +80,26 @@ var UnauthorizedError = class extends Error {
     this.name = "UnauthorizedError";
   }
 };
+var SubscriptionRequiredError = class extends Error {
+  constructor(subscribeUrl, hint) {
+    super("Active Pro subscription required");
+    this.subscribeUrl = subscribeUrl;
+    this.hint = hint;
+    this.name = "SubscriptionRequiredError";
+  }
+  formatMessage() {
+    const lines = [
+      "Error: This signed-in account requires an active Pro subscription."
+    ];
+    if (this.hint) {
+      lines.push(`  ${this.hint}`);
+    }
+    if (this.subscribeUrl) {
+      lines.push(`  Subscribe: ${this.subscribeUrl}`);
+    }
+    return lines.join("\n");
+  }
+};
 var InvalidModelError = class extends Error {
   constructor(model, allowedModels, message) {
     super(message ?? `Model '${model}' is not supported.`);
@@ -88,7 +109,7 @@ var InvalidModelError = class extends Error {
   }
 };
 var InputLengthExceededError = class extends Error {
-  constructor(count, limit, plan = "free", message) {
+  constructor(count, limit, plan = "anonymous", message) {
     super(
       message ?? `Input length ${count} exceeds the ${plan} plan limit of ${limit} characters.`
     );
@@ -141,12 +162,19 @@ function parseSseEvents(buffer) {
 }
 function handle402Error(error) {
   const payload = error;
+  if (payload?.error === "subscription_required") {
+    log("generate error (402 subscription_required)", error);
+    throw new SubscriptionRequiredError(
+      payload.actions?.subscribe,
+      payload.hint
+    );
+  }
   if (typeof payload?.balance === "number") {
     log("generate error (402 insufficient_balance)", error);
-    const plan = payload.plan === "pro" || payload.plan === "free" ? payload.plan : "free";
+    const plan2 = payload.plan === "pro" ? "pro" : "anonymous";
     throw new InsufficientBalanceError(
       payload.balance,
-      plan,
+      plan2,
       payload.hint,
       payload.actions
     );
@@ -154,14 +182,15 @@ function handle402Error(error) {
   const count = typeof payload?.count === "number" ? payload.count : 0;
   const limit = typeof payload?.limit === "number" ? payload.limit : 0;
   const resetsAt = payload?.resetsAt ?? "";
+  const plan = payload?.plan === "pro" ? "pro" : "anonymous";
   log("generate error (402 daily_limit)", error);
-  throw new DailyLimitExceededError(count, limit, resetsAt);
+  throw new DailyLimitExceededError(count, limit, resetsAt, plan);
 }
 function throwInputLengthExceededError(error) {
   const payload = error;
   const count = typeof payload?.count === "number" ? payload.count : 0;
   const limit = typeof payload?.limit === "number" ? payload.limit : 0;
-  const plan = payload?.plan === "free" ? payload.plan : "free";
+  const plan = payload?.plan === "anonymous" ? "anonymous" : "anonymous";
   const message = typeof payload?.message === "string" ? payload.message : `Input length ${count} exceeds the ${plan} plan limit of ${limit} characters.`;
   log("generate error (400 input_too_long)", error);
   throw new InputLengthExceededError(count, limit, plan, message);
@@ -185,25 +214,27 @@ function handle400Error(error) {
   throwInvalidModelError(error);
 }
 function createApiClient(token) {
-  const headers = {
-    "Content-Type": "application/json"
-  };
+  const authHeaders = {};
   if (token) {
-    headers.Authorization = `Bearer ${token}`;
+    authHeaders.Authorization = `Bearer ${token}`;
+  }
+  function jsonHeaders(extra) {
+    return {
+      ...authHeaders,
+      "Content-Type": "application/json",
+      ...extra
+    };
   }
   const client = createClient({
     baseUrl: API_BASE_URL,
-    headers
+    headers: authHeaders
   });
   return {
     async *streamCommitMessage(req, options) {
       log("streamCommitMessage request", req);
       const res = await fetch(`${API_BASE_URL}/api/v1/commit-message/stream`, {
         method: "POST",
-        headers: {
-          ...headers,
-          Accept: "text/event-stream"
-        },
+        headers: jsonHeaders({ Accept: "text/event-stream" }),
         body: JSON.stringify(req),
         signal: options?.signal
       });
@@ -269,10 +300,7 @@ function createApiClient(token) {
         `${API_BASE_URL}/api/v1/commit-message/refine/stream`,
         {
           method: "POST",
-          headers: {
-            ...headers,
-            Accept: "text/event-stream"
-          },
+          headers: jsonHeaders({ Accept: "text/event-stream" }),
           body: JSON.stringify(req),
           signal: options?.signal
         }
@@ -337,7 +365,7 @@ function createApiClient(token) {
       log("generation_score request", req);
       const res = await fetch(`${API_BASE_URL}/api/v1/generation_score`, {
         method: "POST",
-        headers,
+        headers: jsonHeaders(),
         body: JSON.stringify(req)
       });
       if (!res.ok) {
@@ -376,6 +404,23 @@ function createApiClient(token) {
       log("command_execution response", data);
       return data;
     },
+    async getEntitlement() {
+      log("entitlement request");
+      const res = await fetch(`${API_BASE_URL}/api/v1/entitlement`, {
+        method: "GET",
+        headers: jsonHeaders()
+      });
+      if (res.status === 401) {
+        log("entitlement error (401)");
+        throw new UnauthorizedError();
+      }
+      if (!res.ok) {
+        const text = await getErrorText(res, null);
+        log("entitlement error", { status: res.status, text });
+        throw new Error(`API error: ${res.status} ${text}`);
+      }
+      return res.json();
+    },
     async generateCommitMessage(req, options) {
       log("generateCommitMessage request", req);
       const { data, error, response } = await client.POST(
@@ -490,7 +535,7 @@ function createApiClient(token) {
     async requestDeviceCode() {
       const res = await fetch(`${API_BASE_URL}/api/auth/device/code`, {
         method: "POST",
-        headers,
+        headers: jsonHeaders(),
         body: JSON.stringify({ client_id: "ultrahope-cli" })
       });
       if (!res.ok) {
@@ -502,7 +547,7 @@ function createApiClient(token) {
     async pollDeviceToken(deviceCode) {
       const res = await fetch(`${API_BASE_URL}/api/auth/device/token`, {
         method: "POST",
-        headers,
+        headers: jsonHeaders(),
         body: JSON.stringify({
           grant_type: "urn:ietf:params:oauth:grant-type:device_code",
           device_code: deviceCode,
@@ -514,6 +559,32 @@ function createApiClient(token) {
         throw new Error(`API error: ${res.status} ${text}`);
       }
       return res.json();
+    },
+    async signInAnonymous() {
+      const res = await fetch(`${API_BASE_URL}/api/auth/sign-in/anonymous`, {
+        method: "POST",
+        headers: jsonHeaders(),
+        body: JSON.stringify({})
+      });
+      if (!res.ok) {
+        const text = await res.text();
+        throw new Error(`API error: ${res.status} ${text}`);
+      }
+      return res.json();
+    },
+    async deleteAnonymousUser() {
+      const res = await fetch(
+        `${API_BASE_URL}/api/auth/delete-anonymous-user`,
+        {
+          method: "POST",
+          headers: jsonHeaders(),
+          body: JSON.stringify({})
+        }
+      );
+      if (!res.ok) {
+        const text = await res.text();
+        throw new Error(`API error: ${res.status} ${text}`);
+      }
     }
   };
 }
@@ -565,6 +636,7 @@ function abortReasonForError(error) {
 }
 
 // lib/auth.ts
+import { randomUUID } from "crypto";
 import * as fs from "fs";
 import * as os from "os";
 import * as path from "path";
@@ -574,19 +646,74 @@ function getCredentialsPath() {
   const filename = env && env !== "production" ? `credentials.${env}.json` : "credentials.json";
   return path.join(configDir, "ultrahope", filename);
 }
-async function getToken() {
+async function getCredentials() {
   const credPath = getCredentialsPath();
   try {
     const content = await fs.promises.readFile(credPath, "utf-8");
     const creds = JSON.parse(content);
-    return creds.access_token ?? null;
+    if (typeof creds.access_token !== "string" || creds.access_token.length === 0) {
+      return null;
+    }
+    return {
+      accessToken: creds.access_token,
+      authKind: creds.auth_kind === "anonymous" ? "anonymous" : "authenticated",
+      installationId: await ensureInstallationId(creds)
+    };
   } catch {
     return null;
   }
 }
+async function writeCredentials(creds) {
+  const credPath = getCredentialsPath();
+  const dir = path.dirname(credPath);
+  await fs.promises.mkdir(dir, { recursive: true });
+  await fs.promises.writeFile(credPath, JSON.stringify(creds, null, 2), {
+    mode: 384
+  });
+}
+async function ensureInstallationId(creds) {
+  if (creds?.installation_id && creds.installation_id.length > 0) {
+    return creds.installation_id;
+  }
+  const installationId = randomUUID();
+  await writeCredentials({
+    access_token: creds?.access_token ?? "",
+    auth_kind: creds?.auth_kind,
+    installation_id: installationId
+  });
+  return installationId;
+}
+async function getInstallationId() {
+  const credPath = getCredentialsPath();
+  try {
+    const content = await fs.promises.readFile(credPath, "utf-8");
+    const creds = JSON.parse(content);
+    return await ensureInstallationId(creds);
+  } catch {
+    return await ensureInstallationId(null);
+  }
+}
+async function getToken() {
+  const existing = await getCredentials();
+  if (existing) {
+    return existing.accessToken;
+  }
+  const api = createApiClient();
+  const anonymousSession = await api.signInAnonymous();
+  await saveToken(anonymousSession.token, "anonymous");
+  return anonymousSession.token;
+}
+async function saveToken(token, authKind = "authenticated") {
+  const installationId = await getInstallationId();
+  await writeCredentials({
+    access_token: token,
+    auth_kind: authKind,
+    installation_id: installationId
+  });
+}
 
 // lib/command-execution.ts
-import { randomUUID } from "crypto";
+import { randomUUID as randomUUID2 } from "crypto";
 
 // lib/daily-limit-prompt.ts
 import * as readline from "readline";
@@ -730,9 +857,7 @@ async function showDailyLimitPrompt(info) {
     );
   }
   console.log("");
-  console.log(
-    `${theme.primary}Commit message generation was skipped${theme.reset}`
-  );
+  console.log(`${theme.primary}Generation was skipped${theme.reset}`);
   console.log("");
   console.log(
     ui.bullet(`Daily request limit reached (${info.count} / ${info.limit})`)
@@ -745,7 +870,7 @@ async function showDailyLimitPrompt(info) {
     );
     console.log(`  ${ui.link("ultrahope jj describe")}`);
     console.log("");
-    console.log(`${theme.primary}Or upgrade your plan:${theme.reset}`);
+    console.log(`${theme.primary}Or upgrade to Pro:${theme.reset}`);
     console.log(`  ${ui.link(PRICING_URL)}`);
     return;
   }
@@ -755,7 +880,7 @@ async function showDailyLimitPrompt(info) {
     `${theme.secondary}  1) Retry after the daily limit resets${theme.reset}`
   );
   console.log(
-    `${theme.secondary}  2) Upgrade your plan to continue immediately${theme.reset}`
+    `${theme.secondary}  2) Upgrade to Pro to continue immediately${theme.reset}`
   );
   console.log("");
   const choice = await promptChoice();
@@ -883,12 +1008,13 @@ async function handleUpgrade() {
 
 // lib/command-execution.ts
 function startCommandExecution(options) {
-  const commandExecutionId = randomUUID();
+  const commandExecutionId = randomUUID2();
   const cliSessionId = commandExecutionId;
   const abortController = new AbortController();
   const commandExecutionPromise = options.api.commandExecution({
     commandExecutionId,
     cliSessionId,
+    installationId: options.installationId,
     command: options.command,
     args: options.args,
     api: options.apiPath,
@@ -933,8 +1059,12 @@ async function handleCommandExecutionError(error, options) {
     console.error(error.formatMessage());
     process.exit(1);
   }
+  if (error instanceof SubscriptionRequiredError) {
+    console.error(error.formatMessage());
+    process.exit(1);
+  }
   if (error instanceof InputLengthExceededError) {
-    console.error("\x1B[31m\u2716\x1B[0m Input is too long for the Free plan.");
+    console.error("\x1B[31m\u2716\x1B[0m Input is too long for anonymous usage.");
     console.error(
       `  Max allowed characters: ${error.limit}. Received: ${error.count}.`
     );
@@ -1064,10 +1194,7 @@ async function* generateCommitMessages(options) {
     models
   });
   const token = await getToken();
-  if (!token) {
-    console.error("Error: Not authenticated. Run `ultrahope login` first.");
-    process.exit(1);
-  }
+  const installationId = await getInstallationId();
   const api = createApiClient(token);
   const generateWithRetry = async function* (payload) {
     const maxAttempts = 3;
@@ -1077,6 +1204,7 @@ async function* generateCommitMessages(options) {
         const stream = options.refine ? api.streamCommitMessageRefine(
           {
             cliSessionId,
+            installationId,
             model: payload.model,
             originalMessage: options.refine.originalMessage,
             refineInstruction: options.refine.refineInstruction
@@ -1085,6 +1213,7 @@ async function* generateCommitMessages(options) {
         ) : api.streamCommitMessage(
           {
             ...payload,
+            installationId,
             input: diff,
             guide: options.guide
           },
@@ -1378,6 +1507,77 @@ function formatDiffStats(stats) {
   return parts.join(", ");
 }
 
+// lib/entitlement-cache.ts
+import fs3 from "fs/promises";
+import * as os3 from "os";
+import path3 from "path";
+var ENTITLEMENT_CACHE_TTL_MS = 1e3 * 60 * 15;
+function getEntitlementCachePath() {
+  const configDir = process.env.XDG_CONFIG_HOME ?? path3.join(os3.homedir(), ".config");
+  const filename = "entitlement-cache.json";
+  return path3.join(configDir, "ultrahope", filename);
+}
+async function readEntitlementCache() {
+  const cachePath = getEntitlementCachePath();
+  try {
+    const raw = await fs3.readFile(cachePath, "utf-8");
+    const parsed = JSON.parse(raw);
+    if (parsed && typeof parsed === "object" && "entitlement" in parsed && "fetchedAt" in parsed && typeof parsed.entitlement === "string" && typeof parsed.fetchedAt === "string") {
+      if (parsed.entitlement === "anonymous" || parsed.entitlement === "authenticated_unpaid" || parsed.entitlement === "pro") {
+        return {
+          entitlement: parsed.entitlement,
+          fetchedAt: parsed.fetchedAt
+        };
+      }
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+function normalizeCachedAt(fetchedAt) {
+  const value = Date.parse(fetchedAt);
+  return Number.isFinite(value) ? value : NaN;
+}
+function isEntitlementCacheFresh(record) {
+  const fetchedAt = normalizeCachedAt(record.fetchedAt);
+  if (!Number.isFinite(fetchedAt)) return false;
+  return Date.now() - fetchedAt <= ENTITLEMENT_CACHE_TTL_MS;
+}
+async function writeEntitlementCache(entitlement) {
+  const cachePath = getEntitlementCachePath();
+  const dir = path3.dirname(cachePath);
+  await fs3.mkdir(dir, { recursive: true });
+  const payload = {
+    entitlement,
+    fetchedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  await fs3.writeFile(cachePath, JSON.stringify(payload), { mode: 384 });
+}
+
+// lib/entitlement-capability.ts
+async function resolveEntitlementCapability(api, authKind) {
+  if (authKind !== "authenticated") {
+    return { escalate: false };
+  }
+  const cache = await readEntitlementCache();
+  if (cache && isEntitlementCacheFresh(cache)) {
+    return {
+      escalate: cache.entitlement === "pro"
+    };
+  }
+  const capability = { escalate: true };
+  void (async () => {
+    try {
+      const response = await api.getEntitlement();
+      capability.escalate = response.entitlement === "pro";
+      await writeEntitlementCache(response.entitlement);
+    } catch {
+    }
+  })();
+  return capability;
+}
+
 // lib/renderer.ts
 import * as readline2 from "readline";
 
@@ -2955,6 +3155,12 @@ var selectorRenderCapabilities = {
   escalate: true,
   clickConfirm: false
 };
+function resolveSelectorCapabilities(options) {
+  return {
+    ...selectorRenderCapabilities,
+    escalate: options?.escalate ?? selectorRenderCapabilities.escalate
+  };
+}
 function renderError(error, slotsLength, output) {
   const readyCount = slotsLength;
   const message = error instanceof Error ? error.message : String(error ?? "Unknown error");
@@ -3103,9 +3309,13 @@ async function selectCandidate(options) {
     let generationRun = 0;
     let generationController = null;
     let isPromptOpen = false;
+    let dynamicCapabilities = resolveSelectorCapabilities(options.capabilities);
     const ttyReader = ttyInput;
     const ttyWriter = ttyOutput;
     const renderer = createRenderer(ttyWriter);
+    const updateDynamicCapabilities = () => {
+      dynamicCapabilities = resolveSelectorCapabilities(options.capabilities);
+    };
     const setRawModeSafe2 = (enabled) => {
       try {
         const r = ttyReader;
@@ -3117,6 +3327,7 @@ async function selectCandidate(options) {
     setRawModeSafe2(true);
     ttyReader.resume();
     const render = () => {
+      updateDynamicCapabilities();
       const allowPromptRender = context.mode === "prompt" && context.promptKind === "edit";
       if (!cleanedUp && (!isPromptOpen || allowPromptRender)) {
         const frame = selectorRenderFrame({
@@ -3129,7 +3340,7 @@ async function selectCandidate(options) {
           nowMs: Date.now(),
           spinnerFrames: SPINNER_FRAMES,
           copy: renderCopy,
-          capabilities: selectorRenderCapabilities
+          capabilities: dynamicCapabilities
         });
         renderer.render(renderSelectorTextFromRenderFrame(frame));
       }
@@ -3145,7 +3356,7 @@ async function selectCandidate(options) {
         nowMs: Date.now(),
         spinnerFrames: SPINNER_FRAMES,
         copy: renderCopy,
-        capabilities: selectorRenderCapabilities
+        capabilities: dynamicCapabilities
       });
       const selected = result.selectedCandidate?.content ?? result.selected ?? "";
       const selectedTitle = normalizeCandidateContentForDisplay(selected) || selected;
@@ -3270,7 +3481,7 @@ async function selectCandidate(options) {
             nowMs: Date.now(),
             spinnerFrames: SPINNER_FRAMES,
             copy: renderCopy,
-            capabilities: selectorRenderCapabilities
+            capabilities: dynamicCapabilities
           });
           const costSuffix = frame.viewModel.header.totalCostLabel ? ` (total: ${frame.viewModel.header.totalCostLabel})` : "";
           const generatedLine = `${frame.viewModel.header.generatedLabel}${costSuffix}`;
@@ -3391,7 +3602,7 @@ async function selectCandidate(options) {
               nowMs: Date.now(),
               spinnerFrames: SPINNER_FRAMES,
               copy: renderCopy,
-              capabilities: selectorRenderCapabilities,
+              capabilities: dynamicCapabilities,
               bufferText: buffer.getText()
             });
             const prompt = frame.prompt;
@@ -3467,7 +3678,7 @@ async function selectCandidate(options) {
                 nowMs: Date.now(),
                 spinnerFrames: SPINNER_FRAMES,
                 copy: renderCopy,
-                capabilities: selectorRenderCapabilities,
+                capabilities: dynamicCapabilities,
                 bufferText: buffer.getText()
               });
               const prompt = frame.prompt;
@@ -3551,6 +3762,8 @@ async function selectCandidate(options) {
         }
         if (key.name === "e" && key.shift) {
           if (!hasReadySlot(context.slots)) return;
+          updateDynamicCapabilities();
+          if (!dynamicCapabilities.escalate) return;
           applyResult(transitionSelectorFlow(context, { type: "ESCALATE" }));
           return;
         }
@@ -3881,12 +4094,12 @@ async function commit(args2) {
     process.exit(1);
   }
   try {
+    const existingCredentials = await getCredentials();
+    const authKind = existingCredentials?.authKind ?? "anonymous";
     const token = await getToken();
-    if (!token) {
-      console.error("Error: Not authenticated. Run `ultrahope login` first.");
-      process.exit(1);
-    }
+    const installationId = await getInstallationId();
     const api = createApiClient(token);
+    const capabilities = await resolveEntitlementCapability(api, authKind);
     const apiClient = api;
     let guideHint;
     let refineMessage;
@@ -3912,6 +4125,7 @@ async function commit(args2) {
       const apiPath = isRefineAttempt ? "/v1/commit-message/refine" : "/v1/commit-message";
       const { commandExecutionPromise, abortController, cliSessionId } = startCommandExecution({
         api,
+        installationId,
         command: "commit",
         args: args2,
         apiPath,
@@ -3963,7 +4177,8 @@ async function commit(args2) {
         models,
         inlineEditPrompt: true,
         initialGuideHint: guideHint,
-        isEscalation
+        isEscalation,
+        capabilities
       });
       if (result.action === "abort") {
         if (result.error instanceof InvalidModelError) {