@1claw/cli 0.1.0

package/LICENSE

@@ -0,0 +1,133 @@
+# PolyForm Noncommercial License 1.0.0
+
+<https://polyformproject.org/licenses/noncommercial/1.0.0>
+
+Required Notice: Copyright (c) 2026 1Claw Contributors
+
+## Acceptance
+
+In order to get any license under these terms, you must agree
+to them as both strict obligations and conditions to all
+your licenses.
+
+## Copyright License
+
+The licensor grants you a copyright license for the
+software to do everything you might do with the software
+that would otherwise infringe the licensor's copyright
+in it for any permitted purpose. However, you may
+only distribute the software according to [Distribution
+License](#distribution-license) and make changes or new works
+based on the software according to [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Distribution License
+
+The licensor grants you an additional copyright license
+to distribute copies of the software. Your license
+to distribute covers distributing the software with
+changes and new works permitted by [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Notices
+
+You must ensure that anyone who gets a copy of any part of
+the software from you also gets a copy of these terms or the
+URL for them above, as well as copies of any plain-text lines
+beginning with `Required Notice:` that the licensor provided
+with the software. For example:
+
+> Required Notice: Copyright Yoyodyne, Inc. (http://example.com)
+
+## Changes and New Works License
+
+The licensor grants you an additional copyright license to
+make changes and new works based on the software for any
+permitted purpose.
+
+## Patent License
+
+The licensor grants you a patent license for the software that
+covers patent claims the licensor can license, or becomes able
+to license, that you would infringe by using the software.
+
+## Noncommercial Purposes
+
+Any noncommercial purpose is a permitted purpose.
+
+## Personal Uses
+
+Personal use for research, experiment, and testing for
+the benefit of public knowledge, personal study, private
+entertainment, hobby projects, amateur pursuits, or religious
+observance, without any anticipated commercial application,
+is use for a permitted purpose.
+
+## Noncommercial Organizations
+
+Use by any charitable organization, educational institution,
+public research organization, public safety or health
+organization, environmental protection organization,
+or government institution is use for a permitted purpose
+regardless of the source of funding or obligations resulting
+from the funding.
+
+## Fair Use
+
+You may have "fair use" rights for the software under the
+law. These terms do not limit them.
+
+## No Other Rights
+
+These terms do not allow you to sublicense or transfer any of
+your licenses to anyone else, or prevent the licensor from
+granting licenses to anyone else. These terms do not imply
+any other licenses.
+
+## Patent Defense
+
+If you make any written claim that the software infringes or
+contributes to infringement of any patent, your patent license
+for the software granted under these terms ends immediately. If
+your company makes such a claim, your patent license ends
+immediately for work on behalf of your company.
+
+## Violations
+
+The first time you are notified in writing that you have
+violated any of these terms, or done anything with the software
+not covered by your licenses, your licenses can nonetheless
+continue if you come into full compliance with these terms,
+and take practical steps to correct past violations, within
+32 days of receiving notice. Otherwise, all your licenses
+end immediately.
+
+## No Liability
+
+***As far as the law allows, the software comes as is, without
+any warranty or condition, and the licensor will not be liable
+to you for any damages arising out of these terms or the use
+or nature of the software, under any kind of legal claim.***
+
+## Definitions
+
+The **licensor** is the individual or entity offering these
+terms, and the **software** is the software the licensor makes
+available under these terms.
+
+**You** refers to the individual or entity agreeing to these
+terms.
+
+**Your company** is any legal entity, sole proprietorship,
+or other kind of organization that you work for, plus all
+organizations that have control over, are under the control of,
+or are under common control with that organization. **Control**
+means ownership of substantially all the assets of an entity,
+or the power to direct its management and policies by vote,
+contract, or otherwise. Control can be direct or indirect.
+
+**Your licenses** are all the licenses granted to you for the
+software under these terms.
+
+**Use** means anything you do with the software requiring one
+of your licenses.

package/README.md

@@ -0,0 +1,215 @@
+# @1claw/cli
+
+Command-line interface for [1Claw](https://1claw.xyz) — HSM-backed secret management for AI agents and humans.
+
+Designed for CI/CD pipelines, DevOps workflows, and server environments.
+
+## Installation
+
+```bash
+npm install -g @1claw/cli
+```
+
+Or use directly with npx:
+
+```bash
+npx @1claw/cli login
+```
+
+## Authentication
+
+### Interactive login (recommended)
+
+```bash
+1claw login
+```
+
+Opens your browser to `1claw.xyz/cli/verify` where you confirm the login code. The CLI polls for approval and stores the token locally in `~/.config/1claw/`.
+
+### Email/password login
+
+```bash
+1claw login --email
+```
+
+Prompts for email and password. Supports MFA if enabled on your account.
+
+### CI/CD (non-interactive)
+
+Set environment variables — no login command needed:
+
+```bash
+export ONECLAW_TOKEN="your-jwt"
+# or
+export ONECLAW_API_KEY="1ck_..."
+```
+
+## Commands
+
+### Auth
+
+```bash
+1claw login              # Browser-based login
+1claw login --email      # Email/password login
+1claw logout             # Clear stored credentials
+1claw whoami             # Show current user info
+```
+
+### Vaults
+
+```bash
+1claw vault list                    # List all vaults
+1claw vault create my-vault         # Create a vault
+1claw vault get <id>                # Get vault details
+1claw vault delete <id>             # Delete a vault
+1claw vault link <id>               # Set default vault for this machine
+1claw vault unlink                  # Remove default vault
+```
+
+### Secrets
+
+```bash
+1claw secret list                              # List secrets (metadata only)
+1claw secret list --prefix api-keys/           # Filter by prefix
+1claw secret get <path>                        # Fetch decrypted value
+1claw secret get <path> --quiet                # Raw value only (for piping)
+1claw secret set <path> <value>                # Create/update a secret
+1claw secret set <path> --type password        # With explicit type
+echo "sk_live_..." | 1claw secret set <path> --stdin   # From stdin
+1claw secret delete <path>                     # Soft-delete
+1claw secret rotate <path> <new-value>         # New version
+1claw secret describe <path>                   # Metadata without value
+```
+
+### Environment (CI/CD)
+
+```bash
+1claw env pull                                 # Pull secrets as .env format
+1claw env pull --format json                   # As JSON
+1claw env pull --format shell                  # As export statements
+1claw env pull -o .env.local                   # Write to file
+1claw env push .env                            # Push .env file to vault
+1claw env run -- npm start                     # Run with secrets injected
+1claw env run --prefix config/ -- ./deploy.sh  # Only inject matching secrets
+```
+
+### Agents
+
+```bash
+1claw agent list                               # List agents
+1claw agent create my-agent                    # Create an agent
+1claw agent get <id>                           # Agent details
+1claw agent delete <id>                        # Delete an agent
+1claw agent token <id>                         # Generate agent JWT
+1claw agent token <id> --quiet                 # Raw token (for piping)
+```
+
+### Policies
+
+```bash
+1claw policy list                              # List policies for default vault
+1claw policy create \
+  --principal-type agent \
+  --principal-id <uuid> \
+  --path "api-keys/*" \
+  --permissions read,write                     # Create a policy
+1claw policy delete <id>                       # Remove a policy
+```
+
+### Sharing
+
+```bash
+1claw share create <secret-id> --link          # Open share link
+1claw share create <secret-id> --to user:<id>  # Share with a user
+1claw share create <secret-id> --to agent:<id> # Share with an agent
+1claw share list                               # List outbound shares
+1claw share list --inbound                     # List inbound shares
+1claw share accept <id>                        # Accept a share
+1claw share decline <id>                       # Decline a share
+1claw share revoke <id>                        # Revoke a share
+```
+
+### Billing
+
+```bash
+1claw billing status                           # Plan, usage, limits
+1claw billing credits                          # Credit balance
+1claw billing usage                            # Detailed usage table
+1claw billing ledger                           # Credit transaction history
+```
+
+### Audit
+
+```bash
+1claw audit list                               # Recent audit events
+1claw audit list --vault <id>                  # Filter by vault
+1claw audit list --action secret.read          # Filter by action
+```
+
+### MFA
+
+```bash
+1claw mfa status                               # Check 2FA status
+1claw mfa enable                               # Set up TOTP 2FA
+1claw mfa disable                              # Turn off 2FA
+```
+
+### Configuration
+
+```bash
+1claw config list                              # Show all config
+1claw config get api-url                       # Get a value
+1claw config set output-format json            # Set default output
+```
+
+## Global options
+
+```bash
+--json           # Force JSON output on any command
+--api-url <url>  # Override API URL for this invocation
+--version        # Print version
+--help           # Show help
+```
+
+## Configuration
+
+Config is stored in `~/.config/1claw/config.json`. Keys:
+
+| Key             | Default                 | Description                                 |
+| --------------- | ----------------------- | ------------------------------------------- |
+| `api-url`       | `https://api.1claw.xyz` | API base URL                                |
+| `output-format` | `table`                 | Default output: `table`, `json`, or `plain` |
+| `default-vault` | (none)                  | Default vault ID for commands               |
+
+## CI/CD examples
+
+### GitHub Actions
+
+```yaml
+- name: Deploy with secrets
+  env:
+      ONECLAW_TOKEN: ${{ secrets.ONECLAW_TOKEN }}
+      ONECLAW_VAULT_ID: ${{ secrets.ONECLAW_VAULT_ID }}
+  run: |
+      npx @1claw/cli env pull -o .env.production
+      npm run deploy
+```
+
+### Docker
+
+```dockerfile
+RUN npm install -g @1claw/cli
+CMD ["1claw", "env", "run", "--", "node", "server.js"]
+```
+
+### Shell script
+
+```bash
+#!/bin/bash
+eval $(1claw env pull --format shell)
+./my-app
+```
+
+## License
+
+[PolyForm Noncommercial 1.0.0](../../LICENSE)

package/dist/bin/1claw.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=1claw.d.ts.map

package/dist/bin/1claw.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"1claw.d.ts","sourceRoot":"","sources":["../../bin/1claw.ts"],"names":[],"mappings":""}

package/dist/bin/1claw.js

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+import { createProgram } from "../src/index.js";
+const program = createProgram();
+program.parseAsync(process.argv).catch((err) => {
+    console.error(err);
+    process.exit(1);
+});
+//# sourceMappingURL=1claw.js.map

package/dist/bin/1claw.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"1claw.js","sourceRoot":"","sources":["../../bin/1claw.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IAC3C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC,CAAC,CAAC"}

package/dist/src/auth.d.ts

@@ -0,0 +1,6 @@
+import { type StoredAuth } from "./config.js";
+export declare function loginWithDevice(): Promise<StoredAuth | null>;
+export declare function loginWithCredentials(email: string, password: string): Promise<StoredAuth | null>;
+export declare function completeMfaLogin(mfaToken: string, code: string): Promise<StoredAuth | null>;
+export declare function requireAuth(): string;
+//# sourceMappingURL=auth.d.ts.map

package/dist/src/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/auth.ts"],"names":[],"mappings":"AAUA,OAAO,EAAiC,KAAK,UAAU,EAAE,MAAM,aAAa,CAAC;AAqB7E,wBAAsB,eAAe,IAAI,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CA6FlE;AAED,wBAAsB,oBAAoB,CACtC,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAoC5B;AAED,wBAAsB,gBAAgB,CAClC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CA8B5B;AAED,wBAAgB,WAAW,IAAI,MAAM,CAkBpC"}

package/dist/src/auth.js

@@ -0,0 +1,151 @@
+import open from "open";
+import ora from "ora";
+import chalk from "chalk";
+import { api, apiNoAuth } from "./client.js";
+import { setAuth, getApiUrl } from "./config.js";
+import { printError } from "./output.js";
+export async function loginWithDevice() {
+    const spinner = ora("Requesting login code…").start();
+    let device;
+    try {
+        device = await apiNoAuth("/auth/device/code", {
+            method: "POST",
+            body: { client_id: "cli" },
+        });
+    }
+    catch (err) {
+        spinner.fail("Failed to request device code");
+        printError(err.message);
+        return null;
+    }
+    spinner.stop();
+    const dashboardUrl = getApiUrl().replace("api.", "");
+    const verifyUrl = `${dashboardUrl}/cli/verify?code=${device.user_code}`;
+    console.log();
+    console.log(chalk.bold("  Login to 1Claw"));
+    console.log();
+    console.log(`  Your code: ${chalk.cyan.bold(device.user_code)}`);
+    console.log();
+    console.log(`  Open this URL to authenticate:`);
+    console.log(`  ${chalk.underline(verifyUrl)}`);
+    console.log();
+    try {
+        await open(verifyUrl);
+        console.log(chalk.dim("  Browser opened. Waiting for approval…"));
+    }
+    catch {
+        console.log(chalk.dim("  Open the URL above in your browser."));
+    }
+    console.log();
+    const pollSpinner = ora("Waiting for approval…").start();
+    const deadline = Date.now() + device.expires_in * 1000;
+    const interval = (device.interval ?? 5) * 1000;
+    while (Date.now() < deadline) {
+        await sleep(interval);
+        try {
+            const result = await apiNoAuth("/auth/device/token", {
+                method: "POST",
+                body: {
+                    device_code: device.device_code,
+                    grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+                },
+            });
+            if (result.access_token) {
+                pollSpinner.succeed("Authenticated!");
+                const auth = {
+                    token: result.access_token,
+                    email: result.email ?? "",
+                    userId: result.user_id ?? "",
+                    orgId: result.org_id ?? "",
+                    expiresAt: result.expires_in
+                        ? new Date(Date.now() + result.expires_in * 1000).toISOString()
+                        : undefined,
+                };
+                setAuth(auth);
+                return auth;
+            }
+            if (result.error === "expired_token") {
+                pollSpinner.fail("Login code expired. Run `1claw login` again.");
+                return null;
+            }
+            if (result.error === "access_denied") {
+                pollSpinner.fail("Login was denied.");
+                return null;
+            }
+        }
+        catch {
+            // authorization_pending — keep polling
+        }
+    }
+    pollSpinner.fail("Login timed out. Run `1claw login` again.");
+    return null;
+}
+export async function loginWithCredentials(email, password) {
+    try {
+        const result = await apiNoAuth("/auth/token", {
+            method: "POST",
+            body: { email, password },
+        });
+        if (result.mfa_required && result.mfa_token) {
+            return { mfaToken: result.mfa_token };
+        }
+        const me = await api("/auth/me", { token: result.access_token });
+        const auth = {
+            token: result.access_token,
+            email: me.email,
+            userId: me.id,
+            orgId: me.org_id,
+            expiresAt: new Date(Date.now() + result.expires_in * 1000).toISOString(),
+        };
+        setAuth(auth);
+        return auth;
+    }
+    catch (err) {
+        printError(err.message);
+        return null;
+    }
+}
+export async function completeMfaLogin(mfaToken, code) {
+    try {
+        const result = await apiNoAuth("/auth/mfa/verify", {
+            method: "POST",
+            body: { mfa_token: mfaToken, code },
+        });
+        const me = await api("/auth/me", { token: result.access_token });
+        const auth = {
+            token: result.access_token,
+            email: me.email,
+            userId: me.id,
+            orgId: me.org_id,
+            expiresAt: new Date(Date.now() + result.expires_in * 1000).toISOString(),
+        };
+        setAuth(auth);
+        return auth;
+    }
+    catch (err) {
+        printError(err.message);
+        return null;
+    }
+}
+export function requireAuth() {
+    const token = process.env.ONECLAW_TOKEN ??
+        process.env.ONECLAW_API_KEY ??
+        (() => {
+            try {
+                const { getToken } = require("./config.js");
+                return getToken();
+            }
+            catch {
+                return null;
+            }
+        })();
+    if (!token) {
+        printError("Not authenticated. Run `1claw login` first.");
+        process.exit(1);
+    }
+    return token;
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+//# sourceMappingURL=auth.js.map

package/dist/src/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth.ts"],"names":[],"mappings":"AAMA,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,GAAG,EAAE,SAAS,EAAiB,MAAM,aAAa,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,SAAS,EAA8B,MAAM,aAAa,CAAC;AAC7E,OAAO,EAAE,UAAU,EAAgB,MAAM,aAAa,CAAC;AAoBvD,MAAM,CAAC,KAAK,UAAU,eAAe;IACjC,MAAM,OAAO,GAAG,GAAG,CAAC,wBAAwB,CAAC,CAAC,KAAK,EAAE,CAAC;IAEtD,IAAI,MAA0B,CAAC;IAC/B,IAAI,CAAC;QACD,MAAM,GAAG,MAAM,SAAS,CAAqB,mBAAmB,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE;SAC7B,CAAC,CAAC;IACP,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC9C,UAAU,CAAE,GAAa,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,OAAO,CAAC,IAAI,EAAE,CAAC;IAEf,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,GAAG,YAAY,oBAAoB,MAAM,CAAC,SAAS,EAAE,CAAC;IAExE,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,IAAI,CAAC;QACD,MAAM,IAAI,CAAC,SAAS,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,MAAM,WAAW,GAAG,GAAG,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,CAAC;IACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC;IACvD,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;IAE/C,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;QAEtB,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,SAAS,CAC1B,oBAAoB,EACpB;gBACI,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE;oBACF,WAAW,EAAE,MAAM,CAAC,WAAW;oBAC/B,UAAU,EACN,8CAA8C;iBACrD;aACJ,CACJ,CAAC;YAEF,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtB,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;gBAEtC,MAAM,IAAI,GAAe;oBACrB,KAAK,EAAE,MAAM,CAAC,YAAY;oBAC1B,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE;oBACzB,MAAM,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE;oBAC5B,KAAK,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;oBAC1B,SAAS,EAAE,MAAM,CAAC,UAAU;wBACxB,CAAC,CAAC,IAAI,IAAI,CACJ,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI,CACxC,CAAC,WAAW,EAAE;wBACjB,CAAC,CAAC,SAAS;iBAClB,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC;gBACd,OAAO,IAAI,CAAC;YAChB,CAAC;YAED,IAAI,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBACnC,WAAW,CAAC,IAAI,CACZ,8CAA8C,CACjD,CAAC;gBACF,OAAO,IAAI,CAAC;YAChB,CAAC;YAED,IAAI,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBACnC,WAAW,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBACtC,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,uCAAuC;QAC3C,CAAC;IACL,CAAC;IAED,WAAW,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IAC9D,OAAO,IAAI,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACtC,KAAa,EACb,QAAgB;IAEhB,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,SAAS,CAK3B,aAAa,EAAE;YACd,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE;SAC5B,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YAC1C,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,EAA2B,CAAC;QACnE,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,GAAG,CAChB,UAAU,EACV,EAAE,KAAK,EAAE,MAAM,CAAC,YAAY,EAAE,CACjC,CAAC;QAEF,MAAM,IAAI,GAAe;YACrB,KAAK,EAAE,MAAM,CAAC,YAAY;YAC1B,KAAK,EAAE,EAAE,CAAC,KAAK;YACf,MAAM,EAAE,EAAE,CAAC,EAAE;YACb,KAAK,EAAE,EAAE,CAAC,MAAM;YAChB,SAAS,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI,CACxC,CAAC,WAAW,EAAE;SAClB,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IAChB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,UAAU,CAAE,GAAa,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IAChB,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAClC,QAAgB,EAChB,IAAY;IAEZ,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,SAAS,CAG3B,kBAAkB,EAAE;YACnB,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE;SACtC,CAAC,CAAC;QAEH,MAAM,EAAE,GAAG,MAAM,GAAG,CAChB,UAAU,EACV,EAAE,KAAK,EAAE,MAAM,CAAC,YAAY,EAAE,CACjC,CAAC;QAEF,MAAM,IAAI,GAAe;YACrB,KAAK,EAAE,MAAM,CAAC,YAAY;YAC1B,KAAK,EAAE,EAAE,CAAC,KAAK;YACf,MAAM,EAAE,EAAE,CAAC,EAAE;YACb,KAAK,EAAE,EAAE,CAAC,MAAM;YAChB,SAAS,EAAE,IAAI,IAAI,CACf,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,UAAU,GAAG,IAAI,CACxC,CAAC,WAAW,EAAE;SAClB,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IAChB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,UAAU,CAAE,GAAa,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IAChB,CAAC;AACL,CAAC;AAED,MAAM,UAAU,WAAW;IACvB,MAAM,KAAK,GACP,OAAO,CAAC,GAAG,CAAC,aAAa;QACzB,OAAO,CAAC,GAAG,CAAC,eAAe;QAC3B,CAAC,GAAG,EAAE;YACF,IAAI,CAAC;gBACD,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;gBAC5C,OAAO,QAAQ,EAAE,CAAC;YACtB,CAAC;YAAC,MAAM,CAAC;gBACL,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAET,IAAI,CAAC,KAAK,EAAE,CAAC;QACT,UAAU,CAAC,6CAA6C,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IACD,OAAO,KAAK,CAAC;AACjB,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACrB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC7D,CAAC"}

package/dist/src/client.d.ts

@@ -0,0 +1,18 @@
+export declare class ApiError extends Error {
+    status: number;
+    detail: string;
+    code?: string | undefined;
+    constructor(status: number, detail: string, code?: string | undefined);
+}
+export declare function api<T = unknown>(path: string, options?: {
+    method?: string;
+    body?: unknown;
+    token?: string;
+    query?: Record<string, string | number | boolean | undefined>;
+}): Promise<T>;
+export declare function apiNoAuth<T = unknown>(path: string, options?: {
+    method?: string;
+    body?: unknown;
+    query?: Record<string, string | number | boolean | undefined>;
+}): Promise<T>;
+//# sourceMappingURL=client.d.ts.map

package/dist/src/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAEA,qBAAa,QAAS,SAAQ,KAAK;IAEpB,MAAM,EAAE,MAAM;IACd,MAAM,EAAE,MAAM;IACd,IAAI,CAAC,EAAE,MAAM;gBAFb,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,IAAI,CAAC,EAAE,MAAM,YAAA;CAK3B;AAgBD,wBAAsB,GAAG,CAAC,CAAC,GAAG,OAAO,EACjC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE;IACL,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC,CAAC;CAC5D,GACP,OAAO,CAAC,CAAC,CAAC,CA+BZ;AAED,wBAAsB,SAAS,CAAC,CAAC,GAAG,OAAO,EACvC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE;IACL,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC,CAAC;CAC5D,GACP,OAAO,CAAC,CAAC,CAAC,CAEZ"}

package/dist/src/client.js

@@ -0,0 +1,58 @@
+import { getApiUrl, getToken } from "./config.js";
+export class ApiError extends Error {
+    status;
+    detail;
+    code;
+    constructor(status, detail, code) {
+        super(`${status}: ${detail}`);
+        this.status = status;
+        this.detail = detail;
+        this.code = code;
+        this.name = "ApiError";
+    }
+}
+async function parseErrorBody(res) {
+    try {
+        const body = (await res.json());
+        return {
+            detail: body.detail ?? body.message ?? body.error ?? res.statusText,
+            code: body.code,
+        };
+    }
+    catch {
+        return { detail: res.statusText };
+    }
+}
+export async function api(path, options = {}) {
+    const baseUrl = getApiUrl();
+    const token = options.token ?? getToken();
+    const url = new URL(`/v1${path}`, baseUrl);
+    if (options.query) {
+        for (const [k, v] of Object.entries(options.query)) {
+            if (v !== undefined)
+                url.searchParams.set(k, String(v));
+        }
+    }
+    const headers = {
+        "Content-Type": "application/json",
+        "User-Agent": "@1claw/cli",
+    };
+    if (token)
+        headers["Authorization"] = `Bearer ${token}`;
+    const res = await fetch(url.toString(), {
+        method: options.method ?? "GET",
+        headers,
+        body: options.body ? JSON.stringify(options.body) : undefined,
+    });
+    if (!res.ok) {
+        const err = await parseErrorBody(res);
+        throw new ApiError(res.status, err.detail, err.code);
+    }
+    if (res.status === 204)
+        return undefined;
+    return res.json();
+}
+export async function apiNoAuth(path, options = {}) {
+    return api(path, { ...options, token: "" });
+}
+//# sourceMappingURL=client.js.map

package/dist/src/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAElD,MAAM,OAAO,QAAS,SAAQ,KAAK;IAEpB;IACA;IACA;IAHX,YACW,MAAc,EACd,MAAc,EACd,IAAa;QAEpB,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,EAAE,CAAC,CAAC;QAJvB,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAQ;QACd,SAAI,GAAJ,IAAI,CAAS;QAGpB,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;IAC3B,CAAC;CACJ;AAED,KAAK,UAAU,cAAc,CACzB,GAAa;IAEb,IAAI,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA2B,CAAC;QAC1D,OAAO;YACH,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,UAAU;YACnE,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC;IACN,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;IACtC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,GAAG,CACrB,IAAY,EACZ,UAKI,EAAE;IAEN,MAAM,OAAO,GAAG,SAAS,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,QAAQ,EAAE,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IAE3C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAChB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,KAAK,SAAS;gBAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5D,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAA2B;QACpC,cAAc,EAAE,kBAAkB;QAClC,YAAY,EAAE,YAAY;KAC7B,CAAC;IACF,IAAI,KAAK;QAAE,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;IAExD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;QACpC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;QAC/B,OAAO;QACP,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;KAChE,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACV,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;QACtC,MAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,SAAc,CAAC;IAE9C,OAAO,GAAG,CAAC,IAAI,EAAgB,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAC3B,IAAY,EACZ,UAII,EAAE;IAEN,OAAO,GAAG,CAAI,IAAI,EAAE,EAAE,GAAG,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;AACnD,CAAC"}

package/dist/src/commands/agent.d.ts

@@ -0,0 +1,3 @@
+import { Command } from "commander";
+export declare const agentCommand: Command;
+//# sourceMappingURL=agent.d.ts.map

package/dist/src/commands/agent.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent.d.ts","sourceRoot":"","sources":["../../../src/commands/agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAwBpC,eAAO,MAAM,YAAY,SAAoD,CAAC"}