Move utility packages from root `utils/` and `configvalidator/` into
organized `internal/` subdirectories:
- utils/prompt.go → internal/cli/prompt/
- utils/colors.go → internal/cli/style/
- utils/cmd_validator.go → internal/cli/args/
- utils/fetch_oidc_token.go → internal/oidc/
- utils/remote_resolver.go → internal/vcs/
- utils/fetch_remote.go → internal/vcs/remotes.go
- configvalidator/* → internal/configvalidator/
- utils/fetch_analyzers_transformers.go → internal/configdata/

Add shell completion support via internal/cli/completion package.

Update all import paths across commands and services to reflect new
structure. This improves code organization and follows Go's internal
package conventions for better encapsulation.

- Add new `auth whoami` command to display authenticated user info
- Add new `issues browse` command for opening issues in browser
- Add GetViewer API method to fetch authenticated user details
- Refactor output messages to use pterm.Print* instead of pterm.Info
  for consistency across auth, config, issues, and repo commands
- Update dependencies (pterm, testify, bubbletea, lipgloss)

- Add `runs list` command to display analysis runs for a repository
- Add `runs issues` command to show issues for a specific run
- Add GetAnalysisRuns and GetRunIssues API methods to client
- Add GraphQL schema and queries for runs and run issues
- Refactor whoami command to use boxed output format
- Remove issues browse command
- Add runs domain types and query helpers

Update all Go dependencies to their latest versions including:
- github.com/spf13/cobra: v1.5.0 → v1.10.2
- github.com/spf13/viper: v1.7.1 → v1.21.0
- github.com/getsentry/sentry-go: v0.6.0 → v0.41.0
- github.com/stretchr/testify: v1.8.4 → v1.11.1
- github.com/fatih/color: v1.12.0 → v1.18.0
- github.com/google/go-cmp: v0.5.5 → v0.6.0

Also includes improvements to issues display:
- Add terminal width-aware table rendering with column wrapping
- Improve issue location formatting (single line vs range)
- Add color-coded severity formatting
- Add JSON export capability for run issues with --json and --output-file flags

Add support for filtering issues by analyzer, category, severity, code, and path.
Filters can be specified multiple times to match any of the provided values.

New flags:
- --analyzer: filter by analyzer shortcode
- --category: filter by issue category
- --severity: filter by severity level
- --code: filter by issue code
- --path: filter by file path (supports partial matching)

Also refactor runs command to accept commit-oid argument and wire up
issue flags via AddRunIssueFlags for better flag reusability.

- Replace Makefile with justfile, add VERSION file for version tracking
- Replace goreleaser release pipeline with build-and-deploy workflow
- Add install script template
- Move version/ package to buildinfo/
- Swap DataDog/zstd (cgo) for klauspost/compress/zstd (pure Go)
- Replace deprecated io/ioutil usage with os and io
- Bump Go version to 1.25 in CI
- Update SARIF schema URL to official OASIS source
- Add TCP readiness check for mock server in tests
- Update README with auth docs and current command list

- Add top-level issues, metrics, and vulnerabilities commands with SDK queries
- Add transparent token refresh in GraphQL client (removes need for auth refresh)
- Remove version, auth refresh, and auth whoami commands
- Add UserError type to skip user-correctable errors from Sentry
- Improve Sentry setup with panic recovery, release tagging
- Add YAML output format and source filter for run issues
- Auto-open browser on login instead of waiting for user input
- Update GraphQL schema to use issues instead of occurrences
- Use --version flag instead of version subcommand
- Clean up error messages and stale code

- Rename `repo` to `repository` and `runs` to `analysis`
- Rename `--run` flag to `--commit` across issues, metrics, and vulnerabilities
- Update default hostname from deepsource.io to deepsource.com
- Add `human` output format as new default, keep `table` as explicit option
- Add `--output-file`, `--verbose`, `--analyzer` filter, and `--limit` flags
- Remove legacy YAML config support and debug logging infrastructure
- Add `GetEnabledAnalyzers` API endpoint and repository analyzers command
- Fix report service using Errorf instead of Printf for info messages

- Rename "human" output format to "pretty" in issues, metrics, and vulnerabilities
- Simplify issues table: remove boxed style, drop wrapText, conditionally show SOURCE column
- Humanize displayed values (severity, status, reachability, ecosystem)
- Add ECOSYSTEM column to vulnerabilities table
- Use helper functions for formatting location, severity, and analyzer names

- Rename telemetry → sentry across adapters, interfaces, and container
- Introduce cmddeps.Deps struct for injectable config, client, and stdout
- Add NewCmd*WithDeps constructors to all commands for testability
- Add --output json flag to analysis command
- Add golden-file-based tests for analysis, issues, metrics, vulnerabilities,
  repo status, repo analyzers, and auth status commands
- Add NewWithGraphQLClient and NewTestService test helpers
- Always show auth URL in login flow regardless of browser open result
- Update justfile with new test paths

- Change table headers from ALL CAPS to Title Case across all commands
- Normalize status labels to Title Case in analysis output
- Rename default output format from "table" to "pretty", keeping "table" as alias
- Add "pretty" to shell completion candidates

- Introduce buildinfo app identity vars (AppName, ConfigDirName, KeychainSvc, KeychainKey) with prod defaults
- Override identity at startup when buildMode=dev via ldflags, giving dev builds their own binary name, config dir, and keychain entries
- Update build-and-deploy workflow to pass buildMode and use dynamic binary names per environment
- Replace hardcoded "deepsource" strings with buildinfo vars in config, keychain, and root command
- Remove shell completion generation (gen-completions.sh deleted, references stripped from workflows and Homebrew formula)
- Add just install step to CI workflow
- Rename deploy -> deploy-prod in justfile, add build alias

- Add the three info-level progress lines that the report service now
  emits (preparing, compression check, uploading)

- Update report golden file with info-level progress lines
- Fix case mismatches in OIDC tests (failed -> Failed, can not -> cannot, provider -> Provider)

- Add environment check to codesign, notarize, and verify signing steps
- Only run Apple signing workflow when building for prod

- GitHub Actions blocks job outputs that match secret values
- Move bucket resolution from resolve-env outputs to deploy step
- Reference secrets directly in deploy job based on environment

- Point dev base_url to cli.deepsource.one subdomain instead of deepsource.one/cli
- Drop cli/ key prefix for dev R2 uploads since the subdomain serves the bucket root
- Fix manifest path in install script (/manifest.json, not /build/manifest.json)

- Set autoDetectedBranch when resolving PR for branch in issues, metrics,
  and vulnerabilities commands so auto-detected context is preserved
- Change Infof style from colored "→" prefix to plain "Note:" with a
  leading blank line for better readability
- Update tests to match new Infof format and add missing
  HasUnpushedCommitsFunc mock

- Remove analyzer name tag from issue lines, show only severity and text
- Return branch name as scope label when commit OID is empty
- Remove unused analyzerDisplayName function

- Wait for in-progress analysis runs before fetching PR issues on
  auto-detected branches
- Sort issues by severity (critical > major > minor) within each
  file group in human output
- Fix double-space between severity tag and issue text
- Skip unpushed commits warning when there are no issues to show
- Update test mock to include analysis runs query

- Show interactive scope picker (default branch / PR / commit) when no
  issues are found on the auto-detected branch, so the user can quickly
  retry without re-running the command
- Extend local-changes warning to detect uncommitted changes alongside
  unpushed commits, with distinct messages for each combination
- Add HasUncommittedChanges helper in cmdutil and wire injectable funcs
  through Deps for testability
- Fix summary line indentation in human output
- Add tests for all new paths and two new empty-response golden files

- When issues list is empty on an auto-detected branch, check if the
  latest run is still in-progress before showing the scope menu
- Catches cases where resolveIssues bypassed WaitOrFallback (e.g. PR
  path ignoring FALLBACK status)
- Interactive mode offers wait/fallback choice, non-interactive falls
  back to last completed run automatically
- Add tests for safety net in both interactive and non-interactive modes

- Use commit OID from resolved run in PR issues path
- Replace quoted branch name (%q) with plain "branch <name>" in warnings
- Pluralize category names in issue summary when count > 1

- Strip interactive scope menu, TTY waiting, and alternative scope prompting from issues command
- Remove --default-branch flag from report-card command
- Simplify WaitOrFallback to always fall back to last completed run
- Add in-progress run handling and local changes warnings to metrics and vulns commands
- Add output indentation for tables and Pluralize helper for footer counts
- Move golang.org/x/term to indirect dependency
- Remove unused interactive deps from cmddeps (SelectFromOptionsFunc, GetSingleLineInputFunc, IsInteractiveFunc)
- Delete orphaned golden files and related tests

- Fix os.Exit bypassing defer recovery handler in main.go
- Remove hardcoded test token from report test files
- Fix unused parameter in auth status test
- Extract ResolveAutoBranch to deduplicate branch resolution logic across issues, metrics, and vulnerabilities commands
- Extract applyLimit helper in metrics command
- Refactor reportcard test to use assertion helpers instead of compound booleans
- Extract verifyTokenWithServer helper in login command
- Fix report golden file ellipsis mismatch
- Simplify justfile test target to single go test ./... invocation

- Replace hardcoded "deepsource" with resolve-env binary_name output
- Keeps legacy install script consistent with the rest of the workflow

- Prefix "branch " to scope labels in issues, metrics, reportcard, and
  vulnerabilities commands so output reads "branch main" instead of "main"
- Switch deploy tags from annotated (-a) to signed (-s) in justfile

- Homebrew formula generation and push to homebrew-cli repo no longer needed