chore: resolve conflicts

packages/tm-core/src/auth/auth-manager.test.ts

@@ -3,16 +3,18 @@
  */
 
 import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { AuthManager } from './auth-manager';
+import { AuthManager } from './auth-manager.js';
 
 // Mock the logger to verify warnings
-vi.mock('../logger', () => ({
+const mockLogger = {
-	getLogger: () => ({
 	warn: vi.fn(),
 	info: vi.fn(),
 	debug: vi.fn(),
 	error: vi.fn()
-	})
+};
+
+vi.mock('../logger/index.js', () => ({
+	getLogger: () => mockLogger
 }));
 
 describe('AuthManager Singleton', () => {
@@ -40,7 +42,8 @@ describe('AuthManager Singleton', () => {
 	});
 
 	it('should warn when config is provided after initialization', () => {
-		const logger = vi.mocked(require('../logger').getLogger());
+		// Clear previous calls
+		mockLogger.warn.mockClear();
 
 		// First call with config
 		AuthManager.getInstance({ baseUrl: 'https://first.auth.com' });
@@ -49,13 +52,14 @@ describe('AuthManager Singleton', () => {
 		AuthManager.getInstance({ baseUrl: 'https://second.auth.com' });
 
 		// Verify warning was logged
-		expect(logger.warn).toHaveBeenCalledWith(
+		expect(mockLogger.warn).toHaveBeenCalledWith(
 			'getInstance called with config after initialization; config is ignored.'
 		);
 	});
 
 	it('should not warn when no config is provided after initialization', () => {
-		const logger = vi.mocked(require('../logger').getLogger());
+		// Clear previous calls
+		mockLogger.warn.mockClear();
 
 		// First call with config
 		AuthManager.getInstance({ configDir: '/test/config' });
@@ -64,7 +68,7 @@ describe('AuthManager Singleton', () => {
 		AuthManager.getInstance();
 
 		// Verify no warning was logged
-		expect(logger.warn).not.toHaveBeenCalled();
+		expect(mockLogger.warn).not.toHaveBeenCalled();
 	});
 
 	it('should allow resetting the instance', () => {

packages/tm-core/src/auth/auth-manager.ts

@@ -7,10 +7,11 @@ import {
 	OAuthFlowOptions,
 	AuthenticationError,
 	AuthConfig
-} from './types';
+} from './types.js';
-import { CredentialStore } from './credential-store';
+import { CredentialStore } from './credential-store.js';
-import { OAuthService } from './oauth-service';
+import { OAuthService } from './oauth-service.js';
-import { SupabaseAuthClient } from '../clients/supabase-client';
+import { SupabaseAuthClient } from '../clients/supabase-client.js';
+import { getLogger } from '../logger/index.js';
 
 /**
  * Authentication manager class
@@ -33,10 +34,23 @@ export class AuthManager {
 	static getInstance(config?: Partial<AuthConfig>): AuthManager {
 		if (!AuthManager.instance) {
 			AuthManager.instance = new AuthManager(config);
+		} else if (config) {
+			// Warn if config is provided after initialization
+			const logger = getLogger('AuthManager');
+			logger.warn(
+				'getInstance called with config after initialization; config is ignored.'
+			);
 		}
 		return AuthManager.instance;
 	}
 
+	/**
+	 * Reset the singleton instance (useful for testing)
+	 */
+	static resetInstance(): void {
+		AuthManager.instance = null as any;
+	}
+
 	/**
 	 * Get stored authentication credentials
 	 */

packages/tm-core/src/auth/credential-store.ts

@@ -4,9 +4,9 @@
 
 import fs from 'fs';
 import path from 'path';
-import { AuthCredentials, AuthenticationError, AuthConfig } from './types';
+import { AuthCredentials, AuthenticationError, AuthConfig } from './types.js';
-import { getAuthConfig } from './config';
+import { getAuthConfig } from './config.js';
-import { getLogger } from '../logger';
+import { getLogger } from '../logger/index.js';
 
 export class CredentialStore {
 	private logger = getLogger('CredentialStore');
@@ -29,17 +29,16 @@ export class CredentialStore {
 				fs.readFileSync(this.config.configFile, 'utf-8')
 			) as AuthCredentials;
 
-			// Normalize/migrate timestamps to numeric (handles both string ISO dates and numbers)
+			// Parse expiration time for validation (expects ISO string format)
-			const expiresAtMs =
+			let expiresAtMs: number | undefined;
-				typeof authData.expiresAt === 'number'
-					? authData.expiresAt
-					: authData.expiresAt
-						? Date.parse(authData.expiresAt as unknown as string)
-						: undefined;
 			
-			// Update the authData with normalized timestamp
+			if (authData.expiresAt) {
-			if (expiresAtMs !== undefined) {
+				expiresAtMs = Date.parse(authData.expiresAt);
-				authData.expiresAt = expiresAtMs;
+				if (isNaN(expiresAtMs)) {
+					// Invalid date string - treat as expired
+					this.logger.error(`Invalid expiresAt format: ${authData.expiresAt}`);
+					return null;
+				}
 			}
 
 			// Check if token is expired (API keys never expire)
@@ -91,6 +90,17 @@ export class CredentialStore {
 			// Add timestamp
 			authData.savedAt = new Date().toISOString();
 			
+			// Validate expiresAt is a valid ISO string if present
+			if (authData.expiresAt) {
+				const ms = Date.parse(authData.expiresAt);
+				if (isNaN(ms)) {
+					throw new AuthenticationError(
+						`Invalid expiresAt format: ${authData.expiresAt}`,
+						'SAVE_FAILED'
+					);
+				}
+			}
+
 			// Save credentials atomically with secure permissions
 			const tempFile = `${this.config.configFile}.tmp`;
 			fs.writeFileSync(tempFile, JSON.stringify(authData, null, 2), {