feat(B-0581): decompose slice 1 (gh auth refresh wrapper basics)#3970
feat(B-0581): decompose slice 1 (gh auth refresh wrapper basics)#3970AceHack wants to merge 2 commits into
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 83988bb21b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if (text.includes("Authenticate Git with your GitHub credentials?")) { | ||
| console.log("\n[gh-auth-refresh-wrapper] Auto-answering 'Y' to auth prompt..."); |
There was a problem hiding this comment.
The auto-confirm logic only checks each individual chunk with text.includes(...), but stream chunking is arbitrary and the prompt text can be split across adjacent reads. In that case the Y response is never sent, gh auth refresh stays blocked on confirmation, and the wrapper hangs instead of completing the refresh flow. Keep a rolling buffer (or line-based parser) so prompt detection works across chunk boundaries.
Useful? React with 👍 / 👎.
| processStream().catch(console.error); | ||
|
|
||
| const exitCode = await proc.exited; | ||
| console.log(`[gh-auth-refresh-wrapper] gh process exited with code ${exitCode}`); | ||
| process.exit(exitCode); |
There was a problem hiding this comment.
processStream() is launched without awaiting completion, then the script exits immediately after proc.exited. If gh exits before all piped stdout bytes are consumed, the wrapper can terminate early and miss final output (including the one-time code line), making capture nondeterministic. Await the stream-processing task before calling process.exit.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Pull request overview
Adds the first slice of B-0581: a Bun-based wrapper around gh auth refresh that auto-answers the GitHub auth prompt and extracts the one-time code from streamed output.
Changes:
- Adds a new
tools/auth/gh-auth-refresh-wrapper.tsscript. - Spawns
gh auth refreshwith requested scopes and piped stdin/stdout. - Parses stdout for the auth prompt and one-time device code.
Comments suppressed due to low confidence (2)
tools/auth/gh-auth-refresh-wrapper.ts:55
- The stdout reader is started but never awaited; after
proc.exitedresolves,process.exitcan terminate the wrapper before buffered stdout has been drained and before the one-time code is printed. Await the stream-processing task (or coordinate it with the subprocess exit) before exiting so the captured code is not lost at the end of theghrun.
processStream().catch(console.error);
const exitCode = await proc.exited;
console.log(`[gh-auth-refresh-wrapper] gh process exited with code ${exitCode}`);
process.exit(exitCode);
tools/auth/gh-auth-refresh-wrapper.ts:39
- The one-time-code regex only runs against a single stdout chunk, so a chunk boundary between
one-time code:and the code (or within the code) causes the wrapper to miss the value entirely. Accumulate recent output and match against that buffer so extraction is reliable for streamed subprocess output.
const codeMatch = text.match(/one-time code:\s*([A-Z0-9\-]+)/i);
| process.exit(1); | ||
| } | ||
|
|
||
| const scopes = args[0]; |
| process.stdout.write(text); | ||
|
|
||
| // Look for the Yes/No prompt | ||
| if (text.includes("Authenticate Git with your GitHub credentials?")) { |
|
I have fixed the TypeScript errors and other issues in this PR. The checks should now pass. |
Decomposes B-0581 into active slice 1: basic wrapper script to spawn gh auth refresh, pipe stdin to handle the Y/n prompt, and extract the one-time code via regex.