barrett/pending.nvim
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

refactor(forge): simplify auth gating (#139)

Browse source 
* docs: document S3 backend, auto-auth, and `:Pending done` command

Problem: The S3 backend had no `:Pending s3` entry in the COMMANDS
section, `:Pending auth` only mentioned Google, the `sync` config
field omitted `s3`, `_s3_sync_id` was missing from the data format
section, `:Pending done` was implemented but undocumented, and the
README lacked a features overview.

Solution: Add `:Pending s3` and `:Pending done` command docs, rewrite
`:Pending auth` to cover all backends and sub-actions, update config
and data format references, add `aws` CLI to requirements, and add a
Features section to `README.md`.

* feat(forge): add forge link parser and metadata fetcher

Problem: no way to associate tasks with GitHub, GitLab, or Codeberg
issues/PRs, or to track their remote state.

Solution: add `forge.lua` with shorthand (`gh:user/repo#42`) and full
URL parsing, async metadata fetching via `curl`, label formatting,
conceal pattern generation, token resolution, and `refresh()` for
state pull (closed/merged -> done).

* feat(config): add forge config defaults and `%l` eol specifier

Problem: no configuration surface for forge link rendering, icons,
issue format, or self-hosted instances.

Solution: add `pending.ForgeConfig` class with per-forge `token`,
`icon`, `issue_format`, and `instances` fields. Add `%l` to the
default `eol_format` so forge labels render in virtual text.

* feat(parse): extract forge refs from task body

Problem: `parse.body()` had no awareness of forge link tokens, so
`gh:user/repo#42` stayed in the description instead of metadata.

Solution: add `forge_ref` field to `pending.Metadata` and extend the
right-to-left token loop in `body()` to call `forge.parse_ref()` as
the final fallback before breaking.

* feat(diff): persist forge refs in store on write

Problem: forge refs parsed from buffer lines were discarded during
diff reconciliation and never stored in the JSON.

Solution: thread `forge_ref` through `parse_buffer` entries into
`diff.apply`, storing it in `task._extra._forge_ref` for both new
and existing tasks.

* feat(views): pass forge ref and cache to line metadata

Problem: `LineMeta` had no forge fields, so `buffer.lua` could not
render forge labels or apply forge-specific highlights.

Solution: add `forge_ref` and `forge_cache` fields to `LineMeta`,
populated from `task._extra` in both `category_view` and
`priority_view`.

* feat(buffer): render forge links as concealed text with eol virt text

Problem: forge tokens were visible as raw text with no virtual text
labels, and the eol separator logic collapsed all gaps when
non-adjacent specifiers were absent.

Solution: add forge conceal syntax patterns in `setup_syntax()`, add
`PendingForge`/`PendingForgeClosed` highlight groups, handle the
`%l` specifier in `build_eol_virt()`, fix separator collapsing to
buffer one separator between present segments, and change
`concealcursor` to `nc` (reveal in visual and insert mode).

* feat(complete): add forge shorthand omnifunc completions

Problem: no completion support for `gh:`, `gl:`, or `cb:` tokens,
requiring users to type owner/repo from memory.

Solution: extend `omnifunc` to detect `gh:`/`gl:`/`cb:` prefixes and
complete with `owner/repo#` candidates from existing forge refs in
the store.

* feat: trigger forge refresh on buffer open

Problem: forge metadata was never fetched, so virt text highlights
could not reflect remote issue/PR state.

Solution: call `forge.refresh()` in `M.open()` so metadata is
fetched once per `:Pending` invocation rather than on every render.

* test(forge): add forge parsing spec

Problem: no test coverage for forge link shorthand parsing, URL
parsing, label formatting, or API URL generation.

Solution: add `spec/forge_spec.lua` covering `_parse_shorthand`,
`parse_ref` for all three forges, full URL parsing including nested
GitLab groups, `format_label`, and `_api_url`.

* docs: document forge links feature

Problem: no user-facing documentation for forge link syntax,
configuration, or behavior.

Solution: add forge links section to `README.md` and `pending.txt`
covering shorthand/URL syntax, config options, virtual text
rendering, state pull, and auth resolution.

* feat(forge): add `find_refs()` inline token scanner

Problem: forge tokens were extracted by `parse.body()` which stripped
them from the description, making editing awkward and multi-ref lines
impossible.

Solution: add `find_refs(text)` that scans a string for all forge
tokens by whitespace tokenization, returning byte offsets and parsed
refs without modifying the input. Remove unused `conceal_patterns()`.

* refactor: move forge ref detection from `parse.body()` to `diff`

Problem: `parse.body()` stripped forge tokens from the description,
losing the raw text. This made inline overlay rendering impossible
since the token no longer existed in the buffer.

Solution: remove the `forge.parse_ref()` branch from `parse.body()`
and call `forge.find_refs()` in `diff.parse_buffer()` instead. The
description now retains forge tokens verbatim; `_extra._forge_ref`
is still populated from the first matched ref.

* feat(buffer): render forge links as inline conceal overlays

Problem: forge tokens were stripped from the buffer and shown as EOL
virtual text via `%l`. The token disappeared from the editable line,
and multi-ref tasks broke.

Solution: compute `forge_spans` in `views.lua` with byte offsets for
each forge token in the rendered line. In `apply_inline_row()`, place
extmarks with `conceal=''` and `virt_text_pos='inline'` to visually
replace each raw token with its formatted label. Clear stale
`forge_spans` on dirty rows to prevent `end_col` out-of-range errors
after edits like `dd`.

* fix(config): remove `%l` from default `eol_format`

Problem: forge links are now rendered inline, making the `%l` EOL
specifier redundant in the default format.

Solution: change default `eol_format` from `'%l  %c  %r  %d'` to
`'%c  %r  %d'`. The `%l` specifier remains functional for users who
explicitly set it.

* test(forge): update specs for inline forge refs

Problem: existing tests asserted that `parse.body()` stripped forge
tokens from the description and populated `meta.forge_ref`. The
`conceal_patterns` test referenced a removed function.

Solution: update `parse.body` integration tests to assert tokens stay
in the description. Add `find_refs()` tests covering single/multiple
refs, URLs, byte offsets, and empty cases. Remove `conceal_patterns`
test. Update diff tests to assert description includes the token.

* docs: update forge links for inline overlay rendering

Problem: documentation described forge tokens as stripped from the
description and rendered via EOL `%l` specifier by default.

Solution: update forge links section to describe inline conceal
overlay rendering. Update default `eol_format` reference. Change
`issue_format` field description from "EOL label" to "inline overlay
label".

* ci: format

* refactor(forge): remove `%l` eol specifier, add `auto_close` config, fix icons

Problem: `%l` was dead code after inline overlays replaced EOL
rendering. Auto-close was always on with no opt-out. Forge icon
defaults were empty strings.

Solution: remove `%l` from the eol format parser and renderer. Add
`forge.auto_close` (default `false`) to gate state-pull. Set nerd
font icons: `` (GitHub), `` (GitLab), `` (Codeberg). Keep
conceal active in insert mode via `concealcursor = 'nic'`.

* fix(config): set correct nerd font icons for forge defaults

* refactor(forge): replace curl/token auth with CLI-native API calls

Problem: Forge metadata fetching required manual token management —
config fields, CLI token extraction, and curl with auth headers. Each
forge had a different auth path, and Codeberg had no CLI support at all.

Solution: Delete `get_token()` and `_api_url()`, replace with
`_api_args()` that builds `gh api`, `glab api`, or `tea api` arg
arrays. The CLIs handle auth internally. Add `warn_missing_cli` config
(default true) that warns once per forge per session on failure. Add
forge CLI checks to `:checkhealth`. Remove `token` from config/docs.

* refactor(forge): extract ForgeBackend class and registry

Problem: adding a new forge required touching 5 lookup tables
(`FORGE_HOSTS`, `FORGE_CLI`, `FORGE_AUTH_CMD`, `SHORTHAND_PREFIX`,
`_warned_forges`) and every branching site in `_api_args`,
`fetch_metadata`, and `parse_ref`.

Solution: introduce a `ForgeBackend` class with `parse_url`,
`api_args`, and `parse_state` methods, plus a `register()` /
`backends()` registry. New forges (Gitea, Forgejo) are a single
`register()` call via the `gitea_backend()` convenience constructor.

* ci: format

* fix(forge): fix ghost extmarks, false auth warnings, and needless API calls

Problem: extmarks ghosted after `cc`/undo on task lines, auth warnings
fired even when CLIs were authenticated, and `refresh()` hit forge APIs
on every buffer open regardless of `auto_close`.

Solution: add `invalidate = true` to all extmarks so Neovim cleans them
up on text deletion. Run `auth status` before warning to verify the CLI
is actually unauthenticated. Gate `refresh()` behind `auto_close` config.

* ci: typing and formatting

* refactor(forge): simplify auth gating and rename `gitea_backend`

Problem: forge auth/warning logic was scattered through
`fetch_metadata` — per-API-call auth status checks, `_warned` flags,
and `warn_missing_cli` conditionals on every fetch.

Solution: replace `_warned` with `_auth` (cached per session), add
`is_configured()` to skip unconfigured forges entirely, extract
`check_auth()` for one-time auth verification, and strip
`fetch_metadata` to a pure API caller returning `ForgeFetchError`.
Gate `refresh` and new `validate_refs` with both checks. Rename
`gitea_backend` to `gitea_forge`.
This commit is contained in:
Barrett Ruth 2026-03-11 12:28:22 -04:00
parent a4f782a5fb
commit 646237016c
6 changed files with 220 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

251
lua/pending/forge.lua
View file

@ -15,6 +15,9 @@ local log = require('pending.log')
---@field labels? string[]
---@field fetched_at string
---@class pending.ForgeFetchError
---@field kind 'not_found'|'auth'|'network'
---@class pending.ForgeBackend
---@field name string
---@field shorthand string
@ -24,7 +27,7 @@ local log = require('pending.log')
---@field auth_status_args string[]
---@field default_icon string
---@field default_issue_format string
---@field _warned boolean
---@field _auth 'unknown'|'ok'|'failed'
---@field parse_url fun(self: pending.ForgeBackend, url: string): pending.ForgeRef?
---@field api_args fun(self: pending.ForgeBackend, ref: pending.ForgeRef): string[]
---@field parse_state fun(self: pending.ForgeBackend, decoded: table): 'open'|'closed'|'merged'
@ -50,7 +53,7 @@ local _instances_resolved = false
---@param backend pending.ForgeBackend
---@return nil
function M.register(backend)
backend._warned = false
backend._auth = 'unknown'
table.insert(_backends, backend)
_by_name[backend.name] = backend
_by_shorthand[backend.shorthand] = backend
@ -63,6 +66,53 @@ function M.backends()
return _backends
end
---@param forge_name string
---@return boolean
function M.is_configured(forge_name)
local raw = vim.g.pending
if not raw or not raw.forge then
return false
end
return raw.forge[forge_name] ~= nil
end
---@param backend pending.ForgeBackend
---@param callback fun(ok: boolean)
function M.check_auth(backend, callback)
if backend._auth == 'ok' then
callback(true)
return
end
if backend._auth == 'failed' then
callback(false)
return
end
if vim.fn.executable(backend.cli) == 0 then
backend._auth = 'failed'
local forge_cfg = config.get().forge or {}
if forge_cfg.warn_missing_cli ~= false then
log.warn(('%s not found — run `%s`'):format(backend.cli, backend.auth_cmd))
end
callback(false)
return
end
vim.system(backend.auth_status_args, { text = true }, function(result)
vim.schedule(function()
if result.code == 0 then
backend._auth = 'ok'
callback(true)
else
backend._auth = 'failed'
local forge_cfg = config.get().forge or {}
if forge_cfg.warn_missing_cli ~= false then
log.warn(('%s not authenticated — run `%s`'):format(backend.cli, backend.auth_cmd))
end
callback(false)
end
end)
end)
end
function M._reset_instances()
_instances_resolved = false
_by_shorthand = {}
@ -243,57 +293,28 @@ function M.format_label(ref, cache)
return text, hl
end
---@class pending.ForgeFetchError
---@field code 'not_found'|'auth'|'cli_missing'|'network'
---@field message string
---@param ref pending.ForgeRef
---@param callback fun(cache: pending.ForgeCache?, err: pending.ForgeFetchError?)
function M.fetch_metadata(ref, callback)
local args = M._api_args(ref)
local backend = _by_name[ref.forge]
if backend and vim.fn.executable(backend.cli) == 0 then
vim.schedule(function()
local forge_cfg = config.get().forge or {}
if forge_cfg.warn_missing_cli ~= false and not backend._warned then
backend._warned = true
log.warn(('%s not installed'):format(backend.cli))
end
callback(nil, { code = 'cli_missing', message = backend.cli .. ' not installed' })
end)
return
end
vim.system(args, { text = true }, function(result)
if result.code ~= 0 or not result.stdout or result.stdout == '' then
local kind = 'network'
local stderr = result.stderr or ''
local err_code = 'network' ---@type 'not_found'|'auth'|'network'
if stderr:find('404') or stderr:find('Not Found') then
err_code = 'not_found'
elseif stderr:find('401') or stderr:find('requires authentication') then
err_code = 'auth'
kind = 'not_found'
elseif stderr:find('401') or stderr:find('403') or stderr:find('auth') then
kind = 'auth'
end
vim.schedule(function()
local forge_cfg = config.get().forge or {}
if
backend
and forge_cfg.warn_missing_cli ~= false
and not backend._warned
then
backend._warned = true
log.warn(
('%s not found or not authenticated — run `%s`'):format(backend.cli, backend.auth_cmd)
)
end
callback(nil, { code = err_code, message = stderr })
callback(nil, { kind = kind })
end)
return
end
local ok, decoded = pcall(vim.json.decode, result.stdout)
if not ok or not decoded then
vim.schedule(function()
callback(nil)
callback(nil, { kind = 'network' })
end)
return
end
@ -328,58 +349,105 @@ function M.refresh(s)
return
end
local tasks = s:tasks()
local pending_fetches = 0
local any_changed = false
local any_fetched = false
local by_forge = {} ---@type table<string, pending.Task[]>
for _, task in ipairs(tasks) do
if task.status ~= 'deleted' and task._extra and task._extra._forge_ref then
local ref = task._extra._forge_ref --[[@as pending.ForgeRef]]
pending_fetches = pending_fetches + 1
M.fetch_metadata(ref, function(cache)
pending_fetches = pending_fetches - 1
if cache then
task._extra._forge_cache = cache
any_fetched = true
if
forge_cfg.close
and (cache.state == 'closed' or cache.state == 'merged')
and (task.status == 'pending' or task.status == 'wip' or task.status == 'blocked')
then
task.status = 'done'
task['end'] = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]]
task.modified = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]]
any_changed = true
end
else
task._extra._forge_cache = {
state = 'open',
fetched_at = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]],
}
local fname = task._extra._forge_ref.forge
if not by_forge[fname] then
by_forge[fname] = {}
end
table.insert(by_forge[fname], task)
end
end
local any_work = false
for fname, forge_tasks in pairs(by_forge) do
if M.is_configured(fname) and _by_name[fname] then
any_work = true
M.check_auth(_by_name[fname], function(authed)
if not authed then
return
end
if pending_fetches == 0 then
if any_changed then
s:save()
end
local buffer = require('pending.buffer')
if
(any_changed or any_fetched)
and buffer.bufnr()
and vim.api.nvim_buf_is_valid(buffer.bufnr())
then
buffer.render()
end
local remaining = #forge_tasks
local any_changed = false
local any_fetched = false
for _, task in ipairs(forge_tasks) do
local ref = task._extra._forge_ref --[[@as pending.ForgeRef]]
M.fetch_metadata(ref, function(cache)
remaining = remaining - 1
if cache then
task._extra._forge_cache = cache
any_fetched = true
if
(cache.state == 'closed' or cache.state == 'merged')
and (task.status == 'pending' or task.status == 'wip' or task.status == 'blocked')
then
task.status = 'done'
task['end'] = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]]
task.modified = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]]
any_changed = true
end
else
task._extra._forge_cache = {
state = 'open',
fetched_at = os.date('!%Y-%m-%dT%H:%M:%SZ') --[[@as string]],
}
end
if remaining == 0 then
if any_changed then
s:save()
end
local buffer = require('pending.buffer')
if
(any_changed or any_fetched)
and buffer.bufnr()
and vim.api.nvim_buf_is_valid(buffer.bufnr())
then
buffer.render()
end
end
end)
end
end)
end
end
if pending_fetches == 0 then
if not any_work then
log.info('No linked tasks to refresh.')
end
end
---@param refs pending.ForgeRef[]
function M.validate_refs(refs)
local by_forge = {} ---@type table<string, pending.ForgeRef[]>
for _, ref in ipairs(refs) do
local fname = ref.forge
if not by_forge[fname] then
by_forge[fname] = {}
end
table.insert(by_forge[fname], ref)
end
for fname, forge_refs in pairs(by_forge) do
if not M.is_configured(fname) or not _by_name[fname] then
goto continue
end
M.check_auth(_by_name[fname], function(authed)
if not authed then
return
end
for _, ref in ipairs(forge_refs) do
M.fetch_metadata(ref, function(_, err)
if err and err.kind == 'not_found' then
log.warn(('%s:%s/%s#%d not found'):format(ref.forge, ref.owner, ref.repo, ref.number))
end
end)
end
end)
::continue::
end
end
---@param opts {name: string, shorthand: string, default_host: string, cli?: string, auth_cmd?: string, auth_status_args?: string[], default_icon?: string, default_issue_format?: string}
---@return pending.ForgeBackend
function M.gitea_backend(opts)
function M.gitea_forge(opts)
return {
name = opts.name,
shorthand = opts.shorthand,
@ -389,7 +457,6 @@ function M.gitea_backend(opts)
auth_status_args = opts.auth_status_args or { opts.cli or 'tea', 'login', 'list' },
default_icon = opts.default_icon or '',
default_issue_format = opts.default_issue_format or '%i %o/%r#%n',
_warned = false,
parse_url = function(self, url)
_ensure_instances()
local host, owner, repo, kind, number =
@ -440,7 +507,6 @@ M.register({
auth_status_args = { 'gh', 'auth', 'status' },
default_icon = '',
default_issue_format = '%i %o/%r#%n',
_warned = false,
parse_url = function(self, url)
_ensure_instances()
local host, owner, repo, kind, number =
@ -491,7 +557,6 @@ M.register({
auth_status_args = { 'glab', 'auth', 'status' },
default_icon = '',
default_issue_format = '%i %o/%r#%n',
_warned = false,
parse_url = function(self, url)
_ensure_instances()
local host, path, kind, number = url:match('^https?://([^/]+)/(.+)/%-/([%w_]+)/(%d+)$')
@ -547,7 +612,6 @@ M.register({
auth_status_args = { 'tea', 'login', 'list' },
default_icon = '',
default_issue_format = '%i %o/%r#%n',
_warned = false,
parse_url = function(self, url)
_ensure_instances()
local host, owner, repo, kind, number =
@ -588,31 +652,4 @@ M.register({
end,
})
---@param refs pending.ForgeRef[]
function M.validate_refs(refs)
local forge_cfg = config.get().forge or {}
if not forge_cfg.validate then
return
end
for _, ref in ipairs(refs) do
M.fetch_metadata(ref, function(_, err)
if err then
local label = ref.owner .. '/' .. ref.repo .. '#' .. ref.number
local backend = _by_name[ref.forge]
if err.code == 'not_found' then
log.warn(('%s not found — check owner, repo, and number'):format(label))
elseif err.code == 'auth' then
local cmd = backend and backend.auth_cmd or 'auth'
log.warn(('%s: not authenticated — run `%s`'):format(label, cmd))
elseif err.code == 'cli_missing' then
local cli = backend and backend.cli or 'cli'
log.warn(('%s: %s not installed'):format(label, cli))
else
log.warn(('%s: validation failed'):format(label))
end
end
end)
end
end
return M