Added
- Browser-mediated CLI auth preview —
spec-kitty auth loginnow supports browser-based OAuth with Device Authorization Flow fallback, centralized token management, secure storage, and WebSocket token provisioning against the SaaS contract.
Changed
- Human CLI auth now flows through the new auth subsystem — HTTP transport, sync runtime, and tracker SaaS callers now refresh through the shared token manager instead of the legacy password/JWT credential path.
Fixed
- Browser auth CI coverage gaps — test dependencies and stale tracker refresh patch targets were corrected so the new auth stack passes the core and integration suites reliably in CI.