@agentuity/cli 0.0.72 → 0.0.74

package/src/cmd/auth/api.ts

@@ -4,11 +4,11 @@ import type { APIClient } from '../../api';
 import { StructuredError } from '@agentuity/core';
 
 // Zod schemas for API validation
-const OTPStartDataSchema = z.object({
-	otp: z.string(),
+const CodeStartDataSchema = z.object({
+	code: z.string(),
 });
 
-const OTPCompleteDataSchema = z.object({
+const CodeCompleteDataSchema = z.object({
 	apiKey: z.string(),
 	userId: z.string(),
 	expires: z.number(),
@@ -20,8 +20,8 @@ const SignupCompleteDataSchema = z.object({
 	expiresAt: z.number(),
 });
 
-const OTPCheckRequestSchema = z.object({
-	otp: z.string(),
+const CodeCheckRequestSchema = z.object({
+	code: z.string(),
 });
 
 // Exported result types
@@ -37,23 +37,23 @@ export interface SignupResult {
 	expires: Date;
 }
 
-const OTPGenerationError = StructuredError(
-	'OTPGenerationError',
-	'Error generating the one-time login code'
+const CodeGenerationError = StructuredError(
+	'CodeGenerationError',
+	'Error generating the login code'
 );
 
-export async function generateLoginOTP(apiClient: APIClient): Promise<string> {
-	const resp = await apiClient.get('/cli/auth/start', APIResponseSchema(OTPStartDataSchema));
+export async function generateLoginCode(apiClient: APIClient): Promise<string> {
+	const resp = await apiClient.get('/cli/auth/start', APIResponseSchema(CodeStartDataSchema));
 
 	if (!resp.success) {
-		throw new OTPGenerationError();
+		throw new CodeGenerationError();
 	}
 
 	if (!resp.data) {
-		throw new OTPGenerationError();
+		throw new CodeGenerationError();
 	}
 
-	return resp.data.otp;
+	return resp.data.code;
 }
 
 const PollForLoginError = StructuredError('PollForLoginError');
@@ -64,18 +64,17 @@ const PollForLoginTimeout = StructuredError(
 
 export async function pollForLoginCompletion(
 	apiClient: APIClient,
-	otp: string,
-	timeoutMs = 60000
+	code: string,
+	timeoutMs = 300000 // 5 minutes
 ): Promise<LoginResult> {
 	const started = Date.now();
 
 	while (Date.now() - started < timeoutMs) {
-		const resp = await apiClient.request(
-			'POST',
+		const resp = await apiClient.post(
 			'/cli/auth/check',
-			APIResponseSchemaOptionalData(OTPCompleteDataSchema),
-			{ otp },
-			OTPCheckRequestSchema
+			{ code },
+			APIResponseSchemaOptionalData(CodeCompleteDataSchema),
+			CodeCheckRequestSchema
 		);
 
 		if (!resp.success) {
@@ -126,8 +125,7 @@ export async function pollForSignupCompletion(
 
 	while (Date.now() - started < timeoutMs) {
 		try {
-			const resp = await apiClient.request(
-				'GET',
+			const resp = await apiClient.get(
 				`/cli/auth/signup/${otp}`,
 				APIResponseSchema(SignupCompleteDataSchema)
 			);

package/src/cmd/auth/login.ts

@@ -1,7 +1,7 @@
 import { createSubcommand } from '../../types';
 import { getAppBaseURL } from '../../api';
 import { saveAuth } from '../../config';
-import { generateLoginOTP, pollForLoginCompletion } from './api';
+import { generateLoginCode, pollForLoginCompletion } from './api';
 import * as tui from '../../tui';
 import { getCommand } from '../../command-prefix';
 import { ErrorCode } from '../../errors';
@@ -23,41 +23,60 @@ export const loginCommand = createSubcommand({
 		const appUrl = getAppBaseURL(config);
 
 		try {
-			const otp = await tui.spinner({
-				message: 'Generating login one time code...',
+			const code = await tui.spinner({
+				message: 'Generating login code...',
 				clearOnSuccess: true,
 				callback: () => {
-					return generateLoginOTP(apiClient);
+					return generateLoginCode(apiClient);
 				},
 			});
 
-			if (!otp) {
+			if (!code) {
 				return;
 			}
 
-			const authURL = `${appUrl}/auth/cli`;
+			const authURL = `${appUrl}/auth/cli?code=${code}`;
 
-			const copied = await tui.copyToClipboard(otp);
+			const copied = await tui.copyToClipboard(authURL);
 
+			tui.newline();
+			console.log(`Your login code: ${tui.bold(code)}`);
 			tui.newline();
 			if (copied) {
-				console.log(`Code copied to clipboard: ${tui.bold(otp)}`);
+				console.log('Login URL copied to clipboard! Open it in your browser:');
 			} else {
-				console.log('Copy the following code:');
-				tui.newline();
-				console.log(`  ${tui.bold(otp)}`);
+				console.log('Open this URL in your browser to approve the login:');
 			}
 			tui.newline();
-			console.log('Then open the URL in your browser and paste the code:');
-			tui.newline();
 			console.log(`  ${tui.link(authURL)}`);
 			tui.newline();
-			console.log(tui.muted('This code will expire in 60 seconds'));
+			console.log(tui.muted('Press Enter to open in your browser, or Ctrl+C to cancel'));
 			tui.newline();
 
-			console.log('Waiting for login to complete...');
-
-			const result = await pollForLoginCompletion(apiClient, otp);
+			const result = await tui.spinner({
+				type: 'countdown',
+				message: 'Waiting for approval',
+				timeoutMs: 300000, // 5 minutes
+				clearOnSuccess: true,
+				onEnterPress: () => {
+					// Open URL in default browser
+					const platform = process.platform;
+					if (platform === 'win32') {
+						// Windows: use cmd.exe to invoke start (it's a shell builtin, not an executable)
+						// Empty string is required as the window title argument
+						Bun.spawn(['cmd', '/c', 'start', '', authURL], {
+							stdout: 'ignore',
+							stderr: 'ignore',
+						});
+					} else {
+						const command = platform === 'darwin' ? 'open' : 'xdg-open';
+						Bun.spawn([command, authURL], { stdout: 'ignore', stderr: 'ignore' });
+					}
+				},
+				callback: async () => {
+					return await pollForLoginCompletion(apiClient, code);
+				},
+			});
 
 			await saveAuth({
 				apiKey: result.apiKey,

package/src/cmd/auth/ssh/api.ts

@@ -58,11 +58,10 @@ const AddSSHKeyUnexpectedError = StructuredError(
 );
 
 export async function addSSHKey(apiClient: APIClient, publicKey: string): Promise<AddSSHKeyResult> {
-	const resp = await apiClient.request(
-		'POST',
+	const resp = await apiClient.post(
 		'/cli/auth/ssh-keys',
-		APIResponseSchema(AddSSHKeyResponseSchema),
-		{ publicKey }
+		{ publicKey },
+		APIResponseSchema(AddSSHKeyResponseSchema)
 	);
 
 	if (!resp.success) {
@@ -79,11 +78,7 @@ export async function addSSHKey(apiClient: APIClient, publicKey: string): Promis
 const ListSSHKeysError = StructuredError('ListSSHKeysError');
 
 export async function listSSHKeys(apiClient: APIClient): Promise<SSHKey[]> {
-	const resp = await apiClient.request(
-		'GET',
-		'/cli/auth/ssh-keys',
-		APIResponseSchema(z.array(SSHKeySchema))
-	);
+	const resp = await apiClient.get('/cli/auth/ssh-keys', APIResponseSchema(z.array(SSHKeySchema)));
 
 	if (!resp.success) {
 		throw new ListSSHKeysError({ message: resp.message });
@@ -95,6 +90,7 @@ export async function listSSHKeys(apiClient: APIClient): Promise<SSHKey[]> {
 const RemoveSSHKeysError = StructuredError('RemoveSSHKeysError');
 
 export async function removeSSHKey(apiClient: APIClient, fingerprint: string): Promise<boolean> {
+	// NOTE: Using .request() here because DELETE with body is required by the API
 	const resp = await apiClient.request(
 		'DELETE',
 		'/cli/auth/ssh-keys',

package/src/cmd/build/ast.ts

@@ -1,5 +1,5 @@
 import * as acornLoose from 'acorn-loose';
-import { basename, dirname, relative } from 'node:path';
+import { dirname, relative } from 'node:path';
 import { parse as parseCronExpression } from '@datasert/cronjs-parser';
 import { generate } from 'astring';
 import type { BuildMetadata } from '../../types';
@@ -10,6 +10,7 @@ import type { LogLevel } from '../../types';
 import { join } from 'node:path';
 import { existsSync, mkdirSync } from 'node:fs';
 import JSON5 from 'json5';
+import { formatSchemaCode } from './format-schema';
 
 const logger = createLogger((process.env.AGENTUITY_LOG_LEVEL || 'info') as LogLevel);
 
@@ -213,11 +214,11 @@ function extractSchemaCode(callargexp: ASTObjectExpression): {
 	for (const prop of schemaObj.properties) {
 		if (prop.key.type === 'Identifier') {
 			if (prop.key.name === 'input' && prop.value) {
-				// Generate source code from AST node
-				inputSchemaCode = generate(prop.value);
+				// Generate source code from AST node and format it
+				inputSchemaCode = formatSchemaCode(generate(prop.value));
 			} else if (prop.key.name === 'output' && prop.value) {
-				// Generate source code from AST node
-				outputSchemaCode = generate(prop.value);
+				// Generate source code from AST node and format it
+				outputSchemaCode = formatSchemaCode(generate(prop.value));
 			}
 		}
 	}
@@ -524,7 +525,7 @@ export async function parseAgentMetadata(
 	});
 	let exportName: string | undefined;
 	const rel = relative(rootDir, filename);
-	const name = basename(dirname(filename));
+	let name: string | undefined; // Will be set from createAgent identifier
 	const version = hash(contents);
 	const id = getAgentId(projectId, deploymentId, rel, version);
 
@@ -560,6 +561,9 @@ export async function parseAgentMetadata(
 						);
 					}
 
+					// Extract agent identifier from createAgent first argument
+					name = nameArg.value;
+
 					const callargexp = configArg;
 
 					// Extract schema code before processing metadata
@@ -588,7 +592,7 @@ export async function parseAgentMetadata(
 							break;
 						}
 					}
-					if (!result) {
+					if (!result && name) {
 						result = createAgentMetadataNode(
 							id,
 							name,
@@ -656,6 +660,9 @@ export async function parseAgentMetadata(
 										);
 									}
 
+									// Extract agent identifier from createAgent first argument
+									name = nameArg.value;
+
 									const callargexp = configArg;
 
 									// Extract schema code before processing metadata
@@ -684,7 +691,7 @@ export async function parseAgentMetadata(
 											break;
 										}
 									}
-									if (!result) {
+									if (!result && name) {
 										result = createAgentMetadataNode(
 											id,
 											name,
@@ -782,6 +789,8 @@ function hasValidatorCall(args: unknown[]): ValidatorInfo {
 		// Check if this is a CallExpression with callee named 'validator'
 		if (node.type === 'CallExpression') {
 			const callExpr = node as ASTCallExpression;
+
+			// Check for standalone validator({ input, output })
 			if (callExpr.callee.type === 'Identifier') {
 				const identifier = callExpr.callee as ASTNodeIdentifier;
 				if (identifier.name === 'validator') {
@@ -789,7 +798,13 @@ function hasValidatorCall(args: unknown[]): ValidatorInfo {
 					const schemas = extractValidatorSchemas(callExpr);
 					return { hasValidator: true, ...schemas };
 				}
+				// Check for zValidator('json', schema)
+				if (identifier.name === 'zValidator') {
+					const schemas = extractZValidatorSchema(callExpr);
+					return { hasValidator: true, ...schemas };
+				}
 			}
+
 			// Check for agent.validator()
 			if (callExpr.callee.type === 'MemberExpression') {
 				const member = callExpr.callee as ASTMemberExpression;
@@ -799,7 +814,9 @@ function hasValidatorCall(args: unknown[]): ValidatorInfo {
 						member.object.type === 'Identifier'
 							? (member.object as ASTNodeIdentifier).name
 							: undefined;
-					return { hasValidator: true, agentVariable };
+					// Also check for schema overrides: agent.validator({ input, output })
+					const schemas = extractValidatorSchemas(callExpr);
+					return { hasValidator: true, agentVariable, ...schemas };
 				}
 			}
 		}
@@ -845,14 +862,59 @@ function extractValidatorSchemas(callExpr: ASTCallExpression): {
 	return result;
 }
 
+/**
+ * Extract schema from zValidator() call arguments
+ * Example: zValidator('json', mySchema) or zValidator('json', z.object({...}))
+ * Returns the schema as inputSchemaVariable since zValidator is for request body validation
+ * Only extracts schemas for 'json' target, not 'query', 'param', 'header', or 'cookie'
+ */
+function extractZValidatorSchema(callExpr: ASTCallExpression): {
+	inputSchemaVariable?: string;
+} {
+	const result: { inputSchemaVariable?: string } = {};
+
+	// zValidator requires at least 2 arguments: zValidator(target, schema)
+	if (!callExpr.arguments || callExpr.arguments.length < 2) {
+		return result;
+	}
+
+	// First argument should be 'json' literal
+	const targetArg = callExpr.arguments[0] as ASTNode;
+	if (targetArg.type === 'Literal') {
+		const targetValue = (targetArg as ASTLiteral).value;
+		// Only extract schemas for JSON body validation
+		if (targetValue !== 'json') {
+			return result;
+		}
+	} else {
+		// If first arg is not a literal, we can't determine the target, skip
+		return result;
+	}
+
+	// Second argument is the schema
+	const schemaArg = callExpr.arguments[1] as ASTNode;
+
+	// If it's an identifier (variable reference), extract the name
+	if (schemaArg.type === 'Identifier') {
+		result.inputSchemaVariable = (schemaArg as ASTNodeIdentifier).name;
+	}
+	// If it's inline schema (CallExpression like z.object({...})), we detect but don't extract yet
+	// TODO: Extract inline schema code
+
+	return result;
+}
+
 export async function parseRoute(
 	rootDir: string,
 	filename: string,
 	projectId: string,
 	deploymentId: string
 ): Promise<BuildMetadata['routes']> {
-	const contents = await Bun.file(filename).text();
-	const version = hash(contents);
+	const rawContents = await Bun.file(filename).text();
+	const version = hash(rawContents);
+	// Transpile TypeScript to JavaScript so acorn-loose can parse it properly
+	const transpiler = new Bun.Transpiler({ loader: 'ts', target: 'bun' });
+	const contents = transpiler.transformSync(rawContents);
 	const ast = acornLoose.parse(contents, {
 		locations: true,
 		ecmaVersion: 'latest',
@@ -933,12 +995,24 @@ export async function parseRoute(
 	}
 
 	const rel = relative(rootDir, filename);
-	const dir = dirname(filename);
-	const name = basename(dir);
 
 	// For src/api/index.ts, we don't want to add the folder name since it's the root API router
 	const isRootApi = filename.includes('src/api/index.ts');
-	const routeName = isRootApi ? '' : name;
+
+	// For nested routes, use the full path from src/api/ instead of just the immediate parent
+	// e.g., src/api/v1/users/route.ts -> routeName = "v1/users"
+	//       src/api/auth/route.ts -> routeName = "auth"
+	//       src/api/test.ts -> routeName = "" (file directly in src/api/)
+	let routeName = '';
+	if (!isRootApi) {
+		const apiMatch = filename.match(/src\/api\/(.+?)\/[^/]+\.ts$/);
+		if (apiMatch) {
+			// File in subdirectory: src/api/auth/route.ts -> "auth"
+			routeName = apiMatch[1];
+		}
+		// For files directly in src/api/ (e.g., test.ts), routeName stays empty
+		// This prevents double /api prefix since these files often define full paths
+	}
 
 	const routes: RouteDefinition = [];
 	const routePrefix = '/api';

package/src/cmd/build/bundler.ts

@@ -4,6 +4,7 @@ import { cpSync, existsSync, mkdirSync, rmSync, readdirSync } from 'node:fs';
 import gitParseUrl from 'git-url-parse';
 import { StructuredError } from '@agentuity/core';
 import * as tui from '../../tui';
+import { pauseStepUI } from '../../steps';
 import AgentuityBundler, { getBuildMetadata } from './plugin';
 import { getFilesRecursively } from './file';
 import { getVersion } from '../../version';
@@ -16,25 +17,38 @@ import { type DeployOptions } from '../../schemas/deploy';
 
 const minBunVersion = '>=1.3.3';
 
-async function checkBunVersion() {
+async function checkBunVersion(): Promise<string[]> {
 	if (semver.satisfies(Bun.version, minBunVersion)) {
-		return;
+		return []; // Version is OK, no output needed
 	}
-	const message = `The current Bun installed is using version ${Bun.version}. This project requires Bun version ${minBunVersion} to build.`;
-	tui.warning(message);
-	if (process.stdin.isTTY) {
-		const ok = await tui.confirm('You would you to upgrade now?');
+
+	const message = `Bun is using version ${Bun.version}. This project requires Bun version ${minBunVersion} to build.`;
+
+	if (process.stdin.isTTY && process.stdout.isTTY) {
+		// Pause the step UI for interactive prompt
+		const resume = pauseStepUI();
+
+		tui.warning(message);
+		const ok = await tui.confirm('Would you like to upgrade now?');
+
+		// Small delay to ensure console.log('') in confirm completes
+		await new Promise((resolve) => setTimeout(resolve, 10));
+
+		resume(); // Resume step UI
+
 		if (ok) {
 			await $`bun upgrade`.quiet();
 			const version = (await $`bun -v`.quiet().text()).trim();
-			tui.success(`Bun upgraded to ${version}`);
-			return;
+			// Return success message to show in output box
+			return [tui.colorSuccess(`Upgraded Bun to ${version}`)];
 		}
 	}
+
+	// Failed to upgrade or user declined
 	throw new InvalidBunVersion({
 		current: Bun.version,
 		required: minBunVersion,
-		message: `Please see https://bun.sh/ for information on how to download the latest version.`,
+		message,
 	});
 }
 
@@ -102,7 +116,9 @@ export async function bundle({
 	env,
 	region,
 	logger,
-}: BundleOptions) {
+}: BundleOptions): Promise<{ output: string[] }> {
+	const output: string[] = [];
+
 	const appFile = join(rootDir, 'app.ts');
 	if (!existsSync(appFile)) {
 		throw new AppFileNotFoundError({
@@ -110,7 +126,8 @@ export async function bundle({
 		});
 	}
 
-	await checkBunVersion();
+	const versionOutput = await checkBunVersion();
+	output.push(...versionOutput);
 
 	const outDir = customOutDir ?? join(rootDir, '.agentuity');
 	const srcDir = join(rootDir, 'src');
@@ -312,6 +329,8 @@ export async function bundle({
 		id: projectId ?? '',
 		name: pkgContents.name,
 		version: pkgContents.version,
+		description: pkgContents.description,
+		keywords: pkgContents.keywords,
 		orgId: orgId ?? '',
 	};
 	buildmetadata.deployment = {
@@ -713,4 +732,6 @@ export async function bundle({
 		`${outDir}/.routemapping.json`,
 		dev ? JSON.stringify(routeMapping, null, 2) : JSON.stringify(routeMapping)
 	);
+
+	return { output };
 }

package/src/cmd/build/format-schema.ts

@@ -0,0 +1,66 @@
+/**
+ * Simple formatter for schema code strings.
+ * Adds basic indentation and line breaks for readability.
+ */
+export function formatSchemaCode(code: string): string {
+	if (!code) return code;
+
+	let indentLevel = 0;
+	const indentSize = 2;
+	const lines: string[] = [];
+	let currentLine = '';
+
+	for (let i = 0; i < code.length; i++) {
+		const char = code[i];
+		const nextChar = code[i + 1];
+		const prevChar = i > 0 ? code[i - 1] : '';
+
+		// Skip existing whitespace/newlines
+		if (char === '\n' || char === '\r' || (char === ' ' && prevChar === ' ')) {
+			continue;
+		}
+
+		// Handle opening braces
+		if (char === '{') {
+			currentLine += char;
+			lines.push(' '.repeat(indentLevel * indentSize) + currentLine.trim());
+			indentLevel++;
+			currentLine = '';
+			continue;
+		}
+
+		// Handle closing braces
+		if (char === '}') {
+			if (currentLine.trim()) {
+				lines.push(' '.repeat(indentLevel * indentSize) + currentLine.trim());
+				currentLine = '';
+			}
+			indentLevel--;
+			// Check if next char is closing paren - if so, put on same line
+			if (nextChar === ')') {
+				currentLine = '}';
+			} else {
+				lines.push(' '.repeat(indentLevel * indentSize) + char);
+			}
+			continue;
+		}
+
+		// Handle commas - add line break after
+		if (char === ',') {
+			currentLine += char;
+			lines.push(' '.repeat(indentLevel * indentSize) + currentLine.trim());
+			currentLine = '';
+			continue;
+		}
+
+		// Accumulate characters
+		currentLine += char;
+	}
+
+	// Add any remaining content
+	if (currentLine.trim()) {
+		lines.push(' '.repeat(indentLevel * indentSize) + currentLine.trim());
+	}
+
+	return lines.join('\n');
+}

package/src/cmd/build/index.ts

@@ -77,6 +77,20 @@ export const command = createCommand({
 				logger: ctx.logger,
 			});
 
+			// Copy profile-specific .env file AFTER bundling (bundler clears outDir first)
+			if (opts.dev && ctx.config?.name) {
+				const envSourcePath = join(absoluteProjectDir, `.env.${ctx.config.name}`);
+				const envDestPath = join(outDir, '.env');
+
+				const envFile = Bun.file(envSourcePath);
+				if (await envFile.exists()) {
+					await Bun.write(envDestPath, envFile);
+					ctx.logger.debug(`Copied ${envSourcePath} to ${envDestPath}`);
+				} else {
+					ctx.logger.debug(`No .env.${ctx.config.name} file found, skipping env copy`);
+				}
+			}
+
 			// Run TypeScript type checking after registry generation (skip in dev mode)
 			if (!opts.dev && !opts.skipTypeCheck) {
 				try {