refactor: add reusable extensions core plumbing

[JSRRosenbaum]

Summary

• add the source-agnostic plumbing needed for extension branches to layer HN / GitHub Stars / Reddit / Web on top of current FT
• keep this branch limited to reusable core pieces only

What changed

• add reusable Firefox profile and cookie discovery improvements
• add reusable status rendering helpers
• add reusable namespace/path helpers
• add classify --limit support and portable Firefox config test coverage

Key commits

• 9e0b3f5 feat: add classify limit and portable firefox config test
• f809793 refactor: improve shared firefox profile discovery
• e8f60b6 refactor: add reusable core status and path helpers

Verification

• npx tsx --test tests/config.test.ts tests/engine.test.ts tests/firefox-cookies.test.ts tests/firefox-profile-detection.test.ts tests/namespace-helpers.test.ts
• npm run build

Notes

• this is the base branch for the multi-source extension stack
• no HN / stars / reddit / web feature code lives here directly

[JSRRosenbaum]

Posting context for reviewers:

This PR is the base of a larger stacked multi-source FT extension series.

Please review this PR as source-agnostic core plumbing only:

• shared Firefox profile/cookie discovery improvements
• shared status rendering helpers
• shared namespace/path helpers
• classify --limit support and portable Firefox config coverage

The dependent feature layers currently live as stacked PRs in my fork because I don’t have push rights to create the intermediate base branches on upstream:

• HN: feat: add hacker news integration on extensions core JSRRosenbaum/fieldtheory-cli#2
• gh-stars: feat: add github stars integration on extensions core JSRRosenbaum/fieldtheory-cli#3
• reddit: feat: add reddit integration on extensions core JSRRosenbaum/fieldtheory-cli#4
• web: feat: add web integration on extensions core JSRRosenbaum/fieldtheory-cli#5

So for upstream review, this PR should be treated as the base branch for that stack.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit e8f60b6. Configure here.}

[cursor]

Leading newline and padding break formatBookmarkStatus output

High Severity

renderStatusSections unconditionally prepends \n to its output, and formatStatusLine pads labels to 14 characters. This changes the output of formatBookmarkStatus from starting with "Bookmarks" to starting with "\nBookmarks", and from "bookmarks: 99" to "bookmarks: 99" (extra padding). The existing test in bookmarks-service.test.ts asserts assert.match(text, /^Bookmarks/) and assert.match(text, /bookmarks: 99/), both of which will now fail. The ft status CLI output also gets an unexpected leading blank line.

Additional Locations (1)

• src/bookmarks-service.ts#L62-L73

 

^{Reviewed by Cursor Bugbot for commit e8f60b6. Configure here.}

[cursor]

Cookie validation and trimming removed from Firefox path

Medium Severity

The refactored extractFirefoxXCookies no longer trims or validates cookie values against the printable-ASCII range (/^[\x21-\x7E]+$/). The Chrome path still calls sanitizeCookieValue for this purpose. Cookie values with leading/trailing whitespace or non-printable characters will now be embedded directly into the cookieHeader, potentially causing malformed HTTP headers or silent auth failures.

 

^{Reviewed by Cursor Bugbot for commit e8f60b6. Configure here.}