repopilot 0.8.0

Local-first CLI for repository audit, architecture risk detection, baseline tracking, and CI-friendly code review.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

#!/usr/bin/env node

const crypto = require("node:crypto");
const fs = require("node:fs");
const https = require("node:https");
const os = require("node:os");
const path = require("node:path");
const { spawnSync } = require("node:child_process");

const ROOT = path.join(__dirname, "..");
const VENDOR_DIR = path.join(ROOT, "vendor");
const PACKAGE_JSON = require(path.join(ROOT, "package.json"));

function targetTriple(platform = process.platform, arch = process.arch) {
  if (platform === "darwin" && arch === "x64") return "x86_64-apple-darwin";
  if (platform === "darwin" && arch === "arm64") return "aarch64-apple-darwin";
  if (platform === "linux" && arch === "x64") return "x86_64-unknown-linux-gnu";
  if (platform === "linux" && arch === "arm64") return "aarch64-unknown-linux-gnu";
  if (platform === "win32" && arch === "x64") return "x86_64-pc-windows-msvc";
  throw new Error(`Unsupported platform: ${platform}/${arch}`);
}

function archiveExt(target) {
  return target.endsWith("windows-msvc") ? "zip" : "tar.gz";
}

function assetName(version, target) {
  return `repopilot-v${version}-${target}.${archiveExt(target)}`;
}

function releaseUrl(version, file) {
  return `https://github.com/MykytaStel/repopilot/releases/download/v${version}/${file}`;
}

function download(url, destination) {
  return new Promise((resolve, reject) => {
    const file = fs.createWriteStream(destination);
    https
      .get(url, (response) => {
        if (response.statusCode >= 300 && response.statusCode < 400 && response.headers.location) {
          file.close();
          fs.rmSync(destination, { force: true });
          download(response.headers.location, destination).then(resolve, reject);
          return;
        }
        if (response.statusCode !== 200) {
          file.close();
          fs.rmSync(destination, { force: true });
          reject(new Error(`Download failed (${response.statusCode}): ${url}`));
          return;
        }
        response.pipe(file);
        file.on("finish", () => file.close(resolve));
      })
      .on("error", (error) => {
        file.close();
        fs.rmSync(destination, { force: true });
        reject(error);
      });
  });
}

function sha256(file) {
  const hash = crypto.createHash("sha256");
  hash.update(fs.readFileSync(file));
  return hash.digest("hex");
}

function expectedChecksum(checksumText) {
  const first = checksumText.trim().split(/\s+/)[0];
  if (!/^[a-fA-F0-9]{64}$/.test(first)) {
    throw new Error("Invalid checksum file format");
  }
  return first.toLowerCase();
}

function verifyChecksum(archivePath, checksumText) {
  const expected = expectedChecksum(checksumText);
  const actual = sha256(archivePath);
  if (actual !== expected) {
    throw new Error(`Checksum mismatch for ${path.basename(archivePath)}: expected ${expected}, got ${actual}`);
  }
}

function extractArchive(archivePath, destination, target) {
  fs.rmSync(destination, { recursive: true, force: true });
  fs.mkdirSync(destination, { recursive: true });

  const result = target.endsWith("windows-msvc")
    ? spawnSync("powershell", ["-NoProfile", "-Command", `Expand-Archive -Force '${archivePath}' '${destination}'`], { stdio: "inherit" })
    : spawnSync("tar", ["-xzf", archivePath, "-C", destination], { stdio: "inherit" });

  if (result.status !== 0) {
    throw new Error(`Failed to extract ${archivePath}`);
  }
}

async function install() {
  if (process.env.REPOPILOT_SKIP_DOWNLOAD === "1" || process.env.REPOPILOT_SKIP_DOWNLOAD === "true") {
    console.log("Skipping RepoPilot binary download because REPOPILOT_SKIP_DOWNLOAD is set.");
    return;
  }

  const target = targetTriple();
  const version = PACKAGE_JSON.version;
  const archive = assetName(version, target);
  const tmp = fs.mkdtempSync(path.join(os.tmpdir(), "repopilot-"));
  const archivePath = path.join(tmp, archive);
  const checksumPath = `${archivePath}.sha256`;
  const extractDir = path.join(tmp, "extract");
  const binaryName = target.endsWith("windows-msvc") ? "repopilot.exe" : "repopilot";

  try {
    await download(releaseUrl(version, archive), archivePath);
    await download(releaseUrl(version, `${archive}.sha256`), checksumPath);
    verifyChecksum(archivePath, fs.readFileSync(checksumPath, "utf8"));
    extractArchive(archivePath, extractDir, target);

    fs.mkdirSync(VENDOR_DIR, { recursive: true });
    fs.copyFileSync(path.join(extractDir, binaryName), path.join(VENDOR_DIR, binaryName));
    fs.chmodSync(path.join(VENDOR_DIR, binaryName), 0o755);
  } finally {
    fs.rmSync(tmp, { recursive: true, force: true });
  }
}

if (require.main === module) {
  install().catch((error) => {
    console.error(`Failed to install RepoPilot binary: ${error.message}`);
    console.error("Set REPOPILOT_SKIP_DOWNLOAD=1 to skip download or REPOPILOT_BINARY_PATH to use an existing binary.");
    process.exit(1);
  });
}

module.exports = {
  archiveExt,
  assetName,
  expectedChecksum,
  targetTriple,
  verifyChecksum,
};