#10571: feat(doctor): auto-repair module for non-interactive diagnostics

## Human View ### Summary - Adds `src/commands/doctor-auto-repair.ts` — a rule-based auto-repair system for the doctor command - Runs common health checks and fixes issues without user prompts (non-interactive friendly) - Designed for CI/CD pipelines, headless servers, and scripted setups where interactive prompts are not available ### Motivation The existing doctor flow (`doctor-state-integrity.ts` and friends) requires interactive confirmation for each repair. In non-interactive environments (CI, containers, cron jobs) this means issues go unrepaired. This module provides a zero-prompt alternative that safely fixes structural issues while preserving user data. ### Design - **RepairRule interface**: Each check is a small self-contained rule with `id`, `severity`, and `check(ctx)` method - **RepairContext**: Contains `stateDir` and `dryRun` flag - **Builtin rules** (6 total): - `state-dir-exists` — creates missing state directory - `state-dir-permissions` — tightens to 700 on unix - `sessions-dir-exists` — creates missing sessions directory - `log-dir-exists` — creates missing log directory - `stale-lock-files` — removes .lock files older than 30 minutes - `corrupted-json-config` — backs up corrupted JSON and resets to `{}` - **Composable**: Custom rules can be appended to `BUILTIN_RULES` - **Idempotent**: Running twice produces the same result - **Safe**: Never deletes user data, only fixes structure/permissions ### Test plan - [x] All rules pass on healthy state directory - [x] Creates missing state directory - [x] Creates missing sessions and log directories - [x] Repairs corrupted JSON files (with .bak backup) - [x] Removes stale lock files (>30 min old) - [x] Preserves fresh lock files - [x] Dry run mode does not modify anything - [x] Permission repair on unix (755 → 700) - [x] Custom rules work alongside builtin - [x] Rules that throw are handled gracefully - [x] formatRepairReport produces readable output --- ## AI View (DCCE Protocol v1.0) ### Metadata - **Generator**: Claude (Anthropic) via Cursor IDE - **Methodology**: AI-assisted development with human oversight and review ### AI Contribution Summary - Solution design and implementation ### Verification Steps Performed 1. Analyzed source code to identify root cause 2. Implemented and tested the fix 3. Verified lint/formatting compliance ### Human Review Guidance - Core changes are in: `src/commands/doctor-auto-repair.ts`, `doctor-state-integrity.ts` - Review the breaking change implications Made with M7 [Cursor](https://cursor.com) <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> - Adds a new `doctor-auto-repair` module plus Vitest coverage to run a fixed set of rule-based checks/repairs without interactive prompts. - Built-in rules target state dir existence/permissions, sessions/log subdirs, stale `*.lock` cleanup, and corrupted JSON reset-with-backup. - Exposes `runAutoRepair()` to execute rules sequentially and `formatRepairReport()` for human-readable output; custom rules can be appended via the runner’s `rules` parameter. <h3>Confidence Score: 2/5</h3> - This PR adds useful functionality but has a few logic issues that can misreport successful repairs and may delete active lock files. - The implementation is self-contained and covered by tests, but (1) the state dir rule can report success without fixing writability, (2) dependent rules can double-count failures when state dir creation fails, and (3) the stale lock cleanup is broad enough to interfere with legitimate long-lived lockfiles used elsewhere. These should be addressed before merging to avoid breaking real deployments. - src/commands/doctor-auto-repair.ts (rule correctness and lockfile targeting) <!-- greptile_other_comments_section --> <!-- /greptile_comment -->