Skip to content

Commit 3ebb7bf

Browse files
authored
Merge pull request #27 from ndycode/feat/unified-supersede-all-prs
supersede: unify PRs #15 #16 #17 #18 #19 #20 #24 #25 into one branch
2 parents 347fc1a + b58da45 commit 3ebb7bf

84 files changed

Lines changed: 11929 additions & 3274 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/workflows/ci.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,9 @@ jobs:
3434
- name: Security audit (CI policy)
3535
run: npm run audit:ci
3636

37+
- name: Lockfile floor guard
38+
run: npm run test -- test/lockfile-version-floor.test.ts
39+
3740
- name: Security audit (full dependency tree, non-blocking)
3841
continue-on-error: true
3942
run: npm run audit:all

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ opencode.json
88
.opencode/
99
.omx/
1010
tmp
11+
.tmp
1112
tmp*
1213
.tmp*/
1314
.tmp-*/

README.md

Lines changed: 6 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -129,11 +129,6 @@ codex auth doctor --fix
129129
| `codex auth fix --live --model gpt-5-codex` | Run repairs with live probe model |
130130
| `codex auth doctor --fix` | Diagnose and apply safe fixes |
131131

132-
Compatibility aliases are also supported:
133-
- `codex multi auth ...`
134-
- `codex multi-auth ...`
135-
- `codex multiauth ...`
136-
137132
---
138133

139134
## Dashboard Hotkeys
@@ -226,7 +221,7 @@ codex auth login
226221
<details>
227222
<summary><b>Common symptoms</b></summary>
228223

229-
- `codex auth` unrecognized: run `where codex`, then try `codex multi auth status`
224+
- `codex auth` unrecognized: run `where codex`, then follow `docs/troubleshooting.md` for routing fallback commands
230225
- Switch succeeds but wrong account appears active: run `codex auth switch <index>`, then restart session
231226
- OAuth callback on port `1455` fails: free the port and re-run `codex auth login`
232227
- `missing field id_token` / `token_expired` / `refresh_token_reused`: re-login affected account
@@ -259,6 +254,8 @@ codex auth doctor --json
259254
- Configuration: [docs/configuration.md](docs/configuration.md)
260255
- Troubleshooting: [docs/troubleshooting.md](docs/troubleshooting.md)
261256
- Commands reference: [docs/reference/commands.md](docs/reference/commands.md)
257+
- Public API contract: [docs/reference/public-api.md](docs/reference/public-api.md)
258+
- Error contracts: [docs/reference/error-contracts.md](docs/reference/error-contracts.md)
262259
- Settings reference: [docs/reference/settings.md](docs/reference/settings.md)
263260
- Storage paths: [docs/reference/storage-paths.md](docs/reference/storage-paths.md)
264261
- Upgrade guide: [docs/upgrade.md](docs/upgrade.md)
@@ -268,9 +265,9 @@ codex auth doctor --json
268265

269266
## Release Notes
270267

271-
- Current stable: [docs/releases/v0.1.3.md](docs/releases/v0.1.3.md)
272-
- Previous stable: [docs/releases/v0.1.2.md](docs/releases/v0.1.2.md)
273-
- Earlier stable: [docs/releases/v0.1.1.md](docs/releases/v0.1.1.md)
268+
- Current stable: [docs/releases/v0.1.4.md](docs/releases/v0.1.4.md)
269+
- Previous stable: [docs/releases/v0.1.3.md](docs/releases/v0.1.3.md)
270+
- Earlier stable: [docs/releases/v0.1.2.md](docs/releases/v0.1.2.md)
274271
- Archived prerelease: [docs/releases/v0.1.0-beta.0.md](docs/releases/v0.1.0-beta.0.md)
275272

276273
## License

SECURITY.md

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,11 @@ The following are not treated as vulnerabilities in this repository:
7575

7676
## Dependency and Release Hygiene
7777

78+
Security override rationale (`package.json` -> `overrides`):
79+
80+
- `hono`: pinned to `^4.12.3` to keep builds out of the vulnerable `4.12.0-4.12.1` range reported in `GHSA-xh87-mx6m-69f3` (authentication bypass advisory).
81+
- `rollup`: pinned to `^4.59.0` to keep the Vite and Vitest transitive graph above the vulnerable `<4.59.0` range surfaced by `npm audit`.
82+
7883
Before release and after dependency changes:
7984

8085
```bash
@@ -94,4 +99,4 @@ For non-vulnerability security questions, open a GitHub discussion.
9499
---
95100

96101
This project is not affiliated with OpenAI.
97-
For OpenAI platform security concerns, contact OpenAI directly.
102+
For OpenAI platform security concerns, contact OpenAI directly.

docs/DOCUMENTATION.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,11 +29,14 @@ Canonical governance for repository documentation quality and consistency.
2929
| Privacy and data handling | `docs/privacy.md` |
3030
| Upgrade and migration | `docs/upgrade.md` |
3131
| Command reference | `docs/reference/commands.md` |
32+
| Public API contract | `docs/reference/public-api.md` |
33+
| Error contract reference | `docs/reference/error-contracts.md` |
3234
| Settings reference | `docs/reference/settings.md` |
3335
| Storage path reference | `docs/reference/storage-paths.md` |
3436
| Docs style contract | `docs/STYLE_GUIDE.md` |
3537
| Docs governance (this file) | `docs/DOCUMENTATION.md` |
3638
| Architecture internals | `docs/development/ARCHITECTURE.md` |
39+
| IA/findability audit (2026-03-01) | `docs/development/IA_FINDABILITY_AUDIT_2026-03-01.md` |
3740
| Config fields internals | `docs/development/CONFIG_FIELDS.md` |
3841
| Config flow internals | `docs/development/CONFIG_FLOW.md` |
3942
| Repository ownership map | `docs/development/REPOSITORY_SCOPE.md` |
@@ -48,8 +51,9 @@ Canonical governance for repository documentation quality and consistency.
4851
1. Canonical package name: `codex-multi-auth`.
4952
2. Canonical account command family: `codex auth ...`.
5053
3. Canonical storage root: `~/.codex/multi-auth` unless explicitly overridden.
51-
4. Legacy paths/flows belong only in migration and compatibility sections.
52-
5. Public release line is `0.x`; historical pre-`0.1.0` entries are archived separately.
54+
4. Compatibility aliases (`codex multi auth`, `codex multi-auth`, `codex multiauth`) belong only in command reference, troubleshooting, or migration sections.
55+
5. Legacy paths/flows and scoped package references belong only in migration and compatibility sections.
56+
6. Public release line is `0.x`; historical pre-`0.1.0` entries are archived separately.
5357

5458
---
5559

docs/README.md

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,9 @@ Canonical documentation map for `codex-multi-auth`.
2424
| [troubleshooting.md](troubleshooting.md) | Deterministic recovery playbooks |
2525
| [privacy.md](privacy.md) | Data handling and local storage behavior |
2626
| [upgrade.md](upgrade.md) | Migration from legacy package/path history |
27-
| [releases/v0.1.3.md](releases/v0.1.3.md) | Stable release notes |
28-
| [releases/v0.1.2.md](releases/v0.1.2.md) | Previous stable release notes |
29-
| [releases/v0.1.1.md](releases/v0.1.1.md) | Earlier stable release notes |
27+
| [releases/v0.1.4.md](releases/v0.1.4.md) | Stable release notes |
28+
| [releases/v0.1.3.md](releases/v0.1.3.md) | Previous stable release notes |
29+
| [releases/v0.1.2.md](releases/v0.1.2.md) | Earlier stable release notes |
3030
| [releases/v0.1.0-beta.0.md](releases/v0.1.0-beta.0.md) | Archived prerelease notes |
3131

3232
---
@@ -38,8 +38,11 @@ Canonical documentation map for `codex-multi-auth`.
3838
| [reference/commands.md](reference/commands.md) | Commands, flags, and hotkeys |
3939
| [reference/settings.md](reference/settings.md) | Dashboard/backend settings and defaults |
4040
| [reference/storage-paths.md](reference/storage-paths.md) | Canonical and compatibility storage paths |
41-
| [releases/v0.1.3.md](releases/v0.1.3.md) | Current stable release notes |
41+
| [reference/public-api.md](reference/public-api.md) | Tiered public API stability and semver contract |
42+
| [reference/error-contracts.md](reference/error-contracts.md) | CLI, JSON, and helper error semantics contract |
43+
| [releases/v0.1.4.md](releases/v0.1.4.md) | Current stable release notes |
4244
| [releases/v0.1.0-beta.0.md](releases/v0.1.0-beta.0.md) | Archived prerelease reference |
45+
| [User Guides release notes](#user-guides) | Stable, previous, and archived release notes |
4346
| [releases/legacy-pre-0.1-history.md](releases/legacy-pre-0.1-history.md) | Archived pre-0.1 changelog history |
4447

4548
---
@@ -50,6 +53,7 @@ Canonical documentation map for `codex-multi-auth`.
5053
| --- | --- |
5154
| [DOCUMENTATION.md](DOCUMENTATION.md) | Documentation governance contract |
5255
| [development/ARCHITECTURE.md](development/ARCHITECTURE.md) | Runtime architecture and invariants |
56+
| [development/IA_FINDABILITY_AUDIT_2026-03-01.md](development/IA_FINDABILITY_AUDIT_2026-03-01.md) | IA/findability baseline, mismatches, and migration plan |
5357
| [development/CONFIG_FIELDS.md](development/CONFIG_FIELDS.md) | Complete field and env inventory |
5458
| [development/CONFIG_FLOW.md](development/CONFIG_FLOW.md) | Configuration resolution flow |
5559
| [development/REPOSITORY_SCOPE.md](development/REPOSITORY_SCOPE.md) | Ownership map by repository path |

docs/STYLE_GUIDE.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,8 @@ Use short sections and scan-friendly tables where they improve clarity.
4242
1. Canonical command family is `codex auth ...`.
4343
2. Canonical runtime root is `~/.codex/multi-auth`.
4444
3. Legacy command/path references belong only in migration contexts.
45-
4. Keep command flags aligned with runtime usage text.
45+
4. Compatibility aliases (`codex multi auth`, `codex multi-auth`, `codex multiauth`) belong only in command reference, troubleshooting, or migration contexts.
46+
5. Keep command flags aligned with runtime usage text.
4647

4748
---
4849

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
# Deep Audit Report (2026-03-01)
2+
3+
## Scope
4+
5+
- Full repository hardening audit from `origin/main` at commit `36cf5d4e5c4d30f5a98b44f5711379425c7c8b1a`.
6+
- Runtime, test, docs/governance, and dependency surfaces.
7+
- Executed in isolated worktree branch: `audit/deep-hardening-2026-03-01`.
8+
9+
## Findings
10+
11+
### AUD-001 (Blocker) - Documentation policy regression
12+
13+
- Surface: docs integrity contract (`test/documentation.test.ts`).
14+
- Evidence: `uses scoped package only in explicit legacy migration notes` failed.
15+
- Root cause: `docs/releases/v0.1.1.md` contained a scoped package literal outside the allowlist.
16+
- Resolution: replaced scoped literal with generic migration-only wording and explicit link to upgrade guide.
17+
- Files:
18+
- `docs/releases/v0.1.1.md`
19+
20+
### AUD-002 (High) - Runtime dependency vulnerability (`hono`)
21+
22+
- Surface: production dependency audit (`npm audit --omit=dev --audit-level=high`).
23+
- Evidence: `hono` high severity advisory (vulnerable range included locked version).
24+
- Resolution:
25+
- Raised direct dependency floor to `^4.12.2`.
26+
- Raised override floor to `^4.12.2`.
27+
- Refreshed lockfile to patched resolved version.
28+
- Files:
29+
- `package.json`
30+
- `package-lock.json`
31+
32+
### AUD-003 (High, dev tooling) - Unexpected `rollup` vulnerability in audit CI
33+
34+
- Surface: `npm run audit:dev:allowlist`.
35+
- Evidence: high-severity `rollup` advisory was not allowlisted and failed `audit:ci`.
36+
- Resolution:
37+
- Added override `rollup: ^4.59.0`.
38+
- Refreshed lockfile to patched resolved version.
39+
- Files:
40+
- `package.json`
41+
- `package-lock.json`
42+
43+
## Validation Evidence
44+
45+
- `npm run lint` -> pass
46+
- `npm run typecheck` -> pass
47+
- `npm run build` -> pass
48+
- `npm test` -> pass (`87` files, `2071` tests)
49+
- `npm test -- test/documentation.test.ts` -> pass
50+
- `npm run audit:ci` -> pass
51+
- `audit:prod` reports `0` vulnerabilities
52+
- `audit:dev:allowlist` reports only allowlisted `minimatch` highs
53+
54+
## Architect Verification
55+
56+
- Verdict: `APPROVE` (no blockers).
57+
- Summary:
58+
- Dependency strategy is minimal and compatible with current toolchain ranges.
59+
- Docs change aligns with existing documentation integrity policy.
60+
61+
## Residual Risk
62+
63+
- Dev-only allowlisted `minimatch` findings remain visible in `audit:dev:allowlist`; currently non-blocking under repository policy.
64+
Lines changed: 150 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,150 @@
1+
# Information Architecture: CLI + Docs Findability Audit (2026-03-01)
2+
3+
Scope: user-facing command taxonomy, runtime help labels, docs navigation hierarchy, and naming consistency.
4+
5+
Evidence sources:
6+
- Runtime command/help surfaces: `lib/codex-manager.ts`, `scripts/codex-routing.js`
7+
- Docs navigation/reference surfaces: `README.md`, `docs/README.md`, `docs/reference/commands.md`, `docs/troubleshooting.md`, `docs/getting-started.md`, `docs/releases/v0.1.1.md`
8+
- Governance/test contracts: `docs/DOCUMENTATION.md`, `docs/STYLE_GUIDE.md`, `test/documentation.test.ts`
9+
10+
---
11+
12+
## Current Structure
13+
14+
### Runtime command taxonomy (current)
15+
16+
- `codex auth <subcommand>` (canonical)
17+
- Primary: `login`, `list`, `status`, `switch`, `check`, `features`
18+
- Advanced: `verify-flagged`, `forecast`, `report`, `fix`, `doctor`
19+
- Compatibility aliases:
20+
- `codex multi auth ...`
21+
- `codex multi-auth ...`
22+
- `codex multiauth ...`
23+
- Runtime usage labels before this audit mixed canonical and package-prefixed forms in help/error paths.
24+
- Prior `printUsage()` output in `lib/codex-manager.ts` used package-prefixed forms such as `codex-multi-auth auth fix [--dry-run] [--json] [--live] [--model <model>]`.
25+
- Prior `runSwitch()` error text in `lib/codex-manager.ts` used `Missing index. Usage: codex-multi-auth auth switch <index>`.
26+
- Post-fix regression baseline is now asserted in `test/documentation.test.ts` by checking canonical `codex auth ...` usage and switch-error strings.
27+
- Canonical baseline strings now used in runtime output are `codex auth fix [--dry-run] [--json] [--live] [--model <model>]` and `Missing index. Usage: codex auth switch <index>`.
28+
29+
### Docs hierarchy (current)
30+
31+
- Product entry
32+
- `README.md`
33+
- Docs portal
34+
- `docs/README.md`
35+
- User operations
36+
- `docs/index.md`
37+
- `docs/getting-started.md`
38+
- `docs/troubleshooting.md`
39+
- `docs/configuration.md`
40+
- `docs/features.md`
41+
- `docs/privacy.md`
42+
- `docs/upgrade.md`
43+
- Reference
44+
- `docs/reference/commands.md`
45+
- `docs/reference/settings.md`
46+
- `docs/reference/storage-paths.md`
47+
- Releases
48+
- `docs/releases/v0.1.1.md`
49+
- `docs/releases/v0.1.0.md`
50+
- `docs/releases/v0.1.0-beta.0.md`
51+
- `docs/releases/legacy-pre-0.1-history.md`
52+
53+
Hierarchy depth is 3 or fewer levels.
54+
55+
---
56+
57+
## Task-to-Location Mapping (Current)
58+
59+
Scoring rubric:
60+
- `Match`: task is discoverable in the expected location within one navigation hop.
61+
- `Near-miss`: task is discoverable but appears in unexpected locations or requires extra context-switch hops.
62+
- `Lost`: task is not discoverable through expected navigation.
63+
64+
| User Task | Expected Location | Actual Location | Findability |
65+
| --- | --- | --- | --- |
66+
| Log in first account | `README.md` quick start / `docs/getting-started.md` | Match | Match |
67+
| Find all auth commands and flags | `docs/reference/commands.md` | Match | Match |
68+
| Understand alias availability | `docs/reference/commands.md` (or troubleshooting fallback) | Also shown in `README.md` and `docs/getting-started.md` | Near-miss |
69+
| Interpret CLI usage output | Canonical `codex auth ...` labels | Mixed with `codex-multi-auth auth ...` in runtime usage strings | Near-miss |
70+
| Check current stable release notes | `docs/releases/v0.1.1.md` via docs portal reference | `docs/README.md` reference table labeled `v0.1.0` as current stable | Near-miss |
71+
| Find scoped legacy package guidance | Migration docs only (`docs/upgrade.md`, selected troubleshooting) | Also surfaced in stable release notes `docs/releases/v0.1.1.md` | Near-miss |
72+
73+
Findability score (core tasks): 2/6 clear first-attempt match.
74+
75+
Verification evidence snapshot (2026-03-01):
76+
- Runtime source checks in `lib/codex-manager.ts` confirm canonical `codex auth ...` usage labels and switch-error wording.
77+
- Documentation checks in `test/documentation.test.ts` validate stable release pointer correctness and alias-scope allowlists.
78+
- Alias detection checks are case-insensitive to prevent false negatives on mixed-case docs labels.
79+
80+
Near-miss to remediation traceability:
81+
- `Understand alias availability` -> resolved by scoping aliases to reference/troubleshooting/migration surfaces and removing alias examples from primary onboarding flows.
82+
- `Interpret CLI usage output` -> resolved by canonicalizing runtime help and error usage strings to `codex auth ...` in `lib/codex-manager.ts`.
83+
- `Check current stable release notes` -> resolved by updating docs portal stable pointer to `docs/releases/v0.1.1.md`.
84+
- `Find scoped legacy package guidance` -> resolved by keeping scoped-package references in migration contexts and removing them from stable release notes.
85+
86+
---
87+
88+
## Naming Inconsistencies Found
89+
90+
| Concept | Variant A | Variant B | Recommended |
91+
| --- | --- | --- | --- |
92+
| Canonical command label | `codex auth ...` | `codex-multi-auth auth ...` | `codex auth ...` for all primary user-facing help text |
93+
| Alias placement policy | Reference/troubleshooting intent | Also in primary README/getting-started command flows | Keep aliases in reference/troubleshooting/migration contexts only |
94+
| Stable release pointer | `v0.1.1` in user guides | `v0.1.0` labeled current stable in docs reference table | Use `v0.1.1` as current stable consistently |
95+
| Scoped legacy package mention | Migration-only contexts | Stable release notes mention | Keep scoped package guidance migration-only |
96+
97+
---
98+
99+
## Proposed Structure
100+
101+
### Navigation model
102+
103+
- Keep existing shallow hierarchy and layer model.
104+
- Enforce one canonical location per task category:
105+
- "How to run commands": `docs/reference/commands.md`
106+
- "Fallback routing or alias recovery": `docs/troubleshooting.md`
107+
- "Migration from legacy package/path": `docs/upgrade.md`
108+
- "Current stable release": `docs/releases/v0.1.1.md`
109+
110+
### Labeling model
111+
112+
- Canonical command wording in runtime help/error text: `codex auth ...`
113+
- Compatibility alias wording restricted to reference/troubleshooting/migration sections.
114+
- Scoped legacy package guidance restricted to migration contexts.
115+
116+
---
117+
118+
## Migration Path
119+
120+
1. Canonicalize runtime usage/error strings to `codex auth ...`.
121+
2. Remove alias examples from primary README/onboarding flows; keep fallback routing guidance in troubleshooting/reference.
122+
3. Correct docs portal reference table to current stable release (`v0.1.1`).
123+
4. Remove scoped package mention from stable release notes and point to upgrade guide for migration details.
124+
5. Maintain deterministic regression checks in `test/documentation.test.ts`:
125+
- `uses scoped package only in explicit legacy migration notes` (`test/documentation.test.ts:104`) enforces scoped package boundaries.
126+
- `keeps compatibility command aliases scoped to reference, troubleshooting, or migration docs` (`test/documentation.test.ts:127`) enforces alias-visibility boundaries with explicit allowlist files.
127+
- `keeps fix command flag docs aligned across README, reference, and CLI usage text` (`test/documentation.test.ts:160`) enforces canonical runtime help/error wording.
128+
- Keep cross-platform verification requirements explicit: Windows-oriented validation patterns (for example HOME/USERPROFILE handling and Windows path guidance checks in `test/documentation.test.ts:244-245`) must be extended whenever new shell-sensitive command rendering is introduced, including explicit `codex auth` output-escaping checks for `cmd.exe` and `PowerShell`.
129+
130+
---
131+
132+
## Task-to-Location Mapping (Proposed)
133+
134+
| User Task | Location | Findability Improvement |
135+
| --- | --- | --- |
136+
| Run login/switch/check commands | `README.md` and `docs/getting-started.md` with canonical labels | Removes mixed labels in first-run paths |
137+
| Discover full command/flag matrix | `docs/reference/commands.md` | Retains single authoritative command catalog |
138+
| Recover from command routing problems | `docs/troubleshooting.md` | Alias fallback remains discoverable but contextual |
139+
| Verify current stable release | `docs/README.md` -> `docs/releases/v0.1.1.md` | Eliminates stale stable-pointer ambiguity |
140+
| Migrate from scoped legacy package | `docs/upgrade.md` | Prevents legacy naming bleed into stable operational docs |
141+
142+
Target findability score for core tasks after remediation: 6/6 first-attempt match.
143+
144+
---
145+
146+
## Out of Scope
147+
148+
- Visual design or formatting redesign.
149+
- Runtime behavior changes to command routing/alias support.
150+
- Internal module naming unrelated to user-facing findability.

docs/getting-started.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -89,9 +89,10 @@ If `codex auth` is not recognized:
8989

9090
```bash
9191
where codex
92-
codex multi auth status
9392
```
9493

94+
Then continue with [troubleshooting.md](troubleshooting.md#verify-install-and-routing) for routing fallback commands.
95+
9596
If OAuth callback on `1455` fails:
9697

9798
- Stop the process using port `1455`.
@@ -111,4 +112,4 @@ codex auth check
111112
- [features.md](features.md)
112113
- [configuration.md](configuration.md)
113114
- [troubleshooting.md](troubleshooting.md)
114-
- [reference/commands.md](reference/commands.md)
115+
- [reference/commands.md](reference/commands.md)

0 commit comments

Comments
 (0)