feat(auth): attempt browser login flow in non-TTY

[betegon]

Summary

When an unauthenticated command needed auth, the OAuth device flow (the bit that opens the browser) was gated on a stdin TTY check. So in a non-TTY — piped output, redirected stdin, CI — we'd skip it entirely and fail immediately with exit 10. This makes the CLI try to launch the browser in those cases too.

Changes

Dropped the TTY gate from autoAuthMiddleware so the device flow runs regardless of TTY. The flow is already TTY-agnostic: openBrowser is best-effort and falls back to printing the verification URL + QR code, and the copy-c key listener stays gated on process.stdin.isTTY inside runInteractiveLogin.

The recovery logic moved into a small recoverWithAutoAuth helper (keeps the middleware under the cognitive-complexity limit). On failure it branches on interactivity: an interactive terminal exits 1 (the flow already reported why), while a non-TTY re-throws the original AuthError so its standard message and exit code surface — exit 10 for not_authenticated, 11 for expired — matching the prior non-TTY behavior.

Heads up on the tradeoff: against live Sentry, an unauthenticated command in CI will now open a device-flow URL and poll until the timeout (~10 min) before failing, instead of failing instantly. That's intentional. If it ever becomes a problem, the natural follow-up is a --no-auto-auth / env opt-out.

auth status and the rc-import / scope-recovery prompts are unaffected — they opt out via skipAutoAuth or stay TTY-gated since they need interactive prompts.

Test Plan

• New e2e test in test/e2e/auth.test.ts: a non-TTY unauth api organizations/ run now prints "Starting login flow…" yet still exits 10 with the not-authenticated message (the device-code request fails fast against the mock's 404).
• All existing unauth e2e assertions (81 tests across trace/issue/project/api/log/event/bundle/auth) still pass — no hangs, since requestDeviceCode uses getSentryUrl() (= mock) and the mock 404s unknown routes.
• biome check and tsc --noEmit clean.

[github-actions]

PR Preview Action v1.8.1
🚀 View preview at https://cli.sentry.dev/_preview/pr-1100/
Built to branch gh-pages at 2026-06-12 19:32 UTC. Preview will be ready when the GitHub Pages deployment is complete.

[github-actions]

Codecov Results 📊

❌ Patch coverage is 0.00%. Project has 5015 uncovered lines.
❌ Project coverage is 81.19%. Comparing base (base) to head (head).

Files with missing lines (1)

File	Patch %	Lines
src/cli.ts	0.00%	⚠️ 12 Missing

Coverage diff

@@            Coverage Diff             @@
##          main       #PR       +/-##
==========================================
- Coverage    81.20%    81.19%    -0.01%
==========================================
  Files          383       383         —
  Lines        26651     26656        +5
  Branches     17354     17355        +1
==========================================
+ Hits         21639     21641        +2
- Misses        5012      5015        +3
- Partials      1799      1798        -1

---

Generated by Codecov Action