@agentuity/cli 0.1.9 → 0.1.10

package/src/cmd/cloud/thread/list.ts

@@ -4,7 +4,7 @@ import * as tui from '../../../tui';
 import { threadList, type Thread } from '@agentuity/server';
 import { getCommand } from '../../../command-prefix';
 import { ErrorCode } from '../../../errors';
-import { getCatalystAPIClient } from '../../../config';
+import { getGlobalCatalystAPIClient } from '../../../config';
 
 const ThreadListResponseSchema = z.array(
 	z.object({
@@ -36,7 +36,7 @@ export const listSubcommand = createSubcommand({
 		},
 	],
 	aliases: ['ls'],
-	requires: { auth: true, region: true },
+	requires: { auth: true },
 	optional: { project: true },
 	idempotent: true,
 	pagination: {
@@ -62,8 +62,8 @@ export const listSubcommand = createSubcommand({
 		response: ThreadListResponseSchema,
 	},
 	async handler(ctx) {
-		const { logger, auth, project, opts, options, region } = ctx;
-		const catalystClient = getCatalystAPIClient(logger, auth, region);
+		const { logger, auth, project, opts, options, config } = ctx;
+		const catalystClient = await getGlobalCatalystAPIClient(logger, auth, config?.name);
 
 		const projectId = opts.projectId || project?.projectId;
 		const orgId = opts.orgId;

package/src/cmd/project/auth/init.ts

@@ -20,7 +20,7 @@ export const initSubcommand = createSubcommand({
 	name: 'init',
 	description: 'Set up Agentuity Auth for your project',
 	tags: ['mutating', 'slow', 'requires-auth'],
-	requires: { auth: true, org: true, region: true },
+	requires: { auth: true, org: true },
 	idempotent: false,
 	examples: [
 		{
@@ -46,7 +46,7 @@ export const initSubcommand = createSubcommand({
 	},
 
 	async handler(ctx) {
-		const { logger, opts, auth, orgId, region } = ctx;
+		const { logger, opts, auth, orgId, config } = ctx;
 
 		tui.newline();
 		tui.info(tui.bold('Agentuity Auth Setup'));
@@ -86,10 +86,14 @@ export const initSubcommand = createSubcommand({
 			logger,
 			auth,
 			orgId,
-			region,
+			config,
 			existingUrl: databaseUrl,
+			projectDir,
 		});
 
+		// Get the region from the selected database
+		const region = dbInfo.region;
+
 		const databaseName = dbInfo.name;
 
 		// Update .env with database URL

package/src/cmd/project/auth/shared.ts

@@ -3,11 +3,17 @@
  */
 
 import * as path from 'node:path';
-import { listResources, createResources, dbQuery } from '@agentuity/server';
+import { listOrgResources, createResources, dbQuery } from '@agentuity/server';
 import * as tui from '../../../tui';
-import { getCatalystAPIClient } from '../../../config';
+import {
+	getCatalystAPIClient,
+	getGlobalCatalystAPIClient,
+	loadProjectConfig,
+	ProjectConfigNotFoundException,
+} from '../../../config';
 import type { Logger } from '../../../types';
 import type { AuthData } from '../../../types';
+import type { Config } from '../../../types';
 import enquirer from 'enquirer';
 
 /**
@@ -16,25 +22,29 @@ import enquirer from 'enquirer';
 export interface DatabaseInfo {
 	name: string;
 	url: string;
+	region: string;
 }
 
 /**
- * Select an existing database or create a new one
+ * Select an existing database or create a new one.
+ * When creating a new database, uses the project's region from agentuity.json if available.
  */
 export async function selectOrCreateDatabase(options: {
 	logger: Logger;
 	auth: AuthData;
 	orgId: string;
-	region: string;
+	config: Config | null;
 	existingUrl?: string;
+	projectDir?: string;
 }): Promise<DatabaseInfo> {
-	const { logger, auth, orgId, region, existingUrl } = options;
-	const catalystClient = getCatalystAPIClient(logger, auth, region);
+	const { logger, auth, orgId, config, existingUrl, projectDir } = options;
+	const profileName = config?.name;
+	const globalClient = await getGlobalCatalystAPIClient(logger, auth, profileName);
 
 	const resources = await tui.spinner({
-		message: `Fetching databases for ${orgId} in ${region}`,
+		message: `Fetching databases for ${orgId}`,
 		clearOnSuccess: true,
-		callback: async () => listResources(catalystClient, orgId, region),
+		callback: async () => listOrgResources(globalClient, { type: 'db', orgId }),
 	});
 
 	const databases = resources.db;
@@ -81,14 +91,42 @@ export async function selectOrCreateDatabase(options: {
 
 	// Handle "use existing" selection
 	if (response.database === '__existing__' && existingUrl && existingDbName) {
-		return { name: existingDbName, url: existingUrl };
+		// Find the database to get its region
+		const existingDb = databases.find((d) => d.name === existingDbName);
+		const region = existingDb?.cloud_region ?? 'usc';
+		return { name: existingDbName, url: existingUrl, region };
 	}
 
 	if (response.database === '__create__') {
+		// For creating a new database, determine the region:
+		// 1. Try to get from project's agentuity.json
+		// 2. Fall back to first existing database's region
+		// 3. Fall back to 'usc' as default
+		let region: string | undefined;
+
+		if (projectDir) {
+			try {
+				const projectConfig = await loadProjectConfig(projectDir, config);
+				region = projectConfig.region;
+				logger.trace(`[auth init] Using region from project config: ${region}`);
+			} catch (err) {
+				if (!(err instanceof ProjectConfigNotFoundException)) {
+					logger.trace(`[auth init] Error loading project config: ${err}`);
+				}
+			}
+		}
+
+		if (!region) {
+			region = databases.length > 0 ? databases[0].cloud_region : 'usc';
+			logger.trace(`[auth init] Using fallback region: ${region}`);
+		}
+
+		const regionalClient = getCatalystAPIClient(logger, auth, region);
+
 		const created = await tui.spinner({
 			message: `Creating database in ${region}`,
 			clearOnSuccess: true,
-			callback: async () => createResources(catalystClient, orgId, region, [{ type: 'db' }]),
+			callback: async () => createResources(regionalClient, orgId, region, [{ type: 'db' }]),
 		});
 
 		if (created.length === 0) {
@@ -98,14 +136,15 @@ export async function selectOrCreateDatabase(options: {
 		const newDb = created[0];
 		tui.success(`Created database: ${tui.bold(newDb.name)}`);
 
-		const updatedResources = await listResources(catalystClient, orgId, region);
+		// Fetch updated list to get the URL
+		const updatedResources = await listOrgResources(globalClient, { type: 'db', orgId });
 		const dbInfo = updatedResources.db.find((d) => d.name === newDb.name);
 
 		if (!dbInfo?.url) {
 			tui.fatal('Failed to retrieve database connection URL');
 		}
 
-		return { name: newDb.name, url: dbInfo.url };
+		return { name: newDb.name, url: dbInfo.url, region };
 	}
 
 	const selectedDb = databases.find((d) => d.name === response.database);
@@ -113,7 +152,7 @@ export async function selectOrCreateDatabase(options: {
 		tui.fatal('Failed to retrieve database connection URL');
 	}
 
-	return { name: selectedDb.name, url: selectedDb.url };
+	return { name: selectedDb.name, url: selectedDb.url, region: selectedDb.cloud_region };
 }
 
 /**

package/src/config.ts

@@ -21,6 +21,7 @@ import {
 	getAuthFromKeychain,
 	deleteAuthFromKeychain,
 } from './keychain';
+import { clearProfileCache } from './cache';
 
 export const defaultProfileName = 'production';
 
@@ -330,6 +331,9 @@ export async function clearAuth(): Promise<void> {
 		}
 	}
 
+	// Clear resource cache for this profile
+	await clearProfileCache(profileName);
+
 	// Also clear from config file (for backwards compatibility)
 	if (config.auth) {
 		delete config.auth;
@@ -381,6 +385,13 @@ export async function getAuth(): Promise<AuthData | null> {
 		try {
 			const keychainAuth = await getAuthFromKeychain(profileName);
 			if (keychainAuth) {
+				// If there's auth api_key in the config file, remove it since we have it in keychain
+				if (config?.auth?.api_key) {
+					const { api_key: _, ...authWithoutApiKey } = config.auth;
+					const configCopy = { ...config, auth: authWithoutApiKey };
+					cachedConfig = null; // Force cache refresh
+					await saveConfig(configCopy);
+				}
 				return {
 					apiKey: keychainAuth.api_key,
 					userId: keychainAuth.user_id,
@@ -499,13 +510,7 @@ export function generateYAMLTemplate(name: string): string {
 	return lines.join('\n');
 }
 
-class ProjectConfigNotFoundExpection extends Error {
-	public name: string;
-	constructor() {
-		super('project not found');
-		this.name = 'ProjectConfigNotFoundExpection';
-	}
-}
+export const ProjectConfigNotFoundException = StructuredError('ProjectConfigNotFoundException');
 
 type ProjectConfig = z.infer<typeof ProjectSchema>;
 
@@ -529,7 +534,7 @@ export async function loadProjectConfig(
 		// and then if so:
 		// 1. if authentication, offer to import the project
 		// 2. tell them that they need to login to use the command and import the project
-		throw new ProjectConfigNotFoundExpection();
+		throw new ProjectConfigNotFoundException({ message: 'project config not found' });
 	}
 	const text = await file.text();
 	const parsedConfig = JSON5.parse(text);
@@ -707,6 +712,57 @@ export function getCatalystAPIClient(logger: Logger, auth: AuthData, region: str
 	return new ServerAPIClient(catalystUrl, logger, auth.apiKey);
 }
 
+interface RegionsCacheData {
+	timestamp: number;
+	regions: Array<{ region: string; description: string }>;
+}
+
+/**
+ * Get the default region using priority ordering:
+ * 1. AGENTUITY_REGION environment variable
+ * 2. First entry in region-{profile}.json (nearest region, sorted by distance)
+ * 3. 'local' for local profile, 'usc' otherwise
+ *
+ * Used for API calls that can hit any Catalyst instance (global database operations).
+ * Note: This is NOT called when --region flag is provided (handled at command level).
+ */
+export async function getDefaultRegion(profileName = 'production'): Promise<string> {
+	// 1. Check environment variable first
+	if (process.env.AGENTUITY_REGION) {
+		return process.env.AGENTUITY_REGION;
+	}
+
+	// 2. Check cached regions file (sorted by distance)
+	try {
+		const cachePath = join(getDefaultConfigDir(), `regions-${profileName}.json`);
+		const file = Bun.file(cachePath);
+		if (await file.exists()) {
+			const data: RegionsCacheData = await file.json();
+			if (data.regions && data.regions.length > 0) {
+				return data.regions[0].region;
+			}
+		}
+	} catch {
+		// Fall through to default
+	}
+
+	// 3. Final fallback - 'local' for local profile, 'usc' otherwise
+	return profileName === 'local' ? 'local' : 'usc';
+}
+
+/**
+ * Get a Catalyst API client for global database operations.
+ * Uses the default region since the admin DB is global.
+ */
+export async function getGlobalCatalystAPIClient(
+	logger: Logger,
+	auth: AuthData,
+	profileName = 'production'
+) {
+	const region = await getDefaultRegion(profileName);
+	return getCatalystAPIClient(logger, auth, region);
+}
+
 export function getIONHost(config: Config | null, region: string) {
 	if (config?.overrides?.ion_url) {
 		const url = new URL(config.overrides.ion_url);

package/src/env-util.ts

@@ -8,6 +8,42 @@ export interface EnvVars {
 	[key: string]: string;
 }
 
+/**
+ * Prefixes for public/frontend-exposed environment variables
+ */
+export const PUBLIC_VAR_PREFIXES = ['VITE_', 'AGENTUITY_PUBLIC_', 'PUBLIC_'] as const;
+
+/**
+ * Check if a key is a public variable (exposed to frontend)
+ */
+export function isPublicVarKey(key: string): boolean {
+	const upperKey = key.toUpperCase();
+	return PUBLIC_VAR_PREFIXES.some((prefix) => upperKey.startsWith(prefix));
+}
+
+/**
+ * Check if a key is a reserved AGENTUITY key (except AGENTUITY_PUBLIC_)
+ */
+export function isReservedAgentuityKey(key: string): boolean {
+	const upperKey = key.toUpperCase();
+	return upperKey.startsWith('AGENTUITY_') && !upperKey.startsWith('AGENTUITY_PUBLIC_');
+}
+
+/**
+ * Get public variable keys from secrets that should not be secrets
+ */
+export function getPublicSecretKeys(secrets: EnvVars): string[] {
+	return Object.keys(secrets).filter(isPublicVarKey);
+}
+
+/**
+ * Validate that no public variables are being added as secrets
+ * Returns the list of invalid keys, or empty array if valid
+ */
+export function validateNoPublicSecrets(secrets: EnvVars): string[] {
+	return getPublicSecretKeys(secrets);
+}
+
 /**
  * Find an existing .env file for reading.
  */
@@ -162,14 +198,16 @@ export function mergeEnvVars(
 }
 
 /**
- * Filter out AGENTUITY_ prefixed keys from env vars
+ * Filter out reserved AGENTUITY_ prefixed keys from env vars
  * This is used when pushing to the cloud to avoid sending SDK keys
+ * Note: AGENTUITY_PUBLIC_* keys are allowed (they are public env vars)
  */
-export function filterAgentuitySdkKeys(vars: EnvVars): EnvVars {
+export function filterAgentuitySdkKeys(vars?: EnvVars): EnvVars {
+	if (!vars) return {};
 	const filtered: EnvVars = {};
 
 	for (const [key, value] of Object.entries(vars)) {
-		if (!key.startsWith('AGENTUITY_')) {
+		if (!isReservedAgentuityKey(key)) {
 			filtered[key] = value;
 		}
 	}
@@ -186,6 +224,7 @@ const secretExactKeys = ['DATABASE_URL'];
  * Split env vars into env and secrets based on key names
  * Convention: Keys ending with _SECRET, _KEY, _TOKEN, _PASSWORD are secrets
  * Also treats DATABASE_URL as a secret since it contains credentials
+ * Note: Public vars (VITE_, AGENTUITY_PUBLIC_, PUBLIC_) always go to env, never secrets
  */
 export function splitEnvAndSecrets(vars: EnvVars): {
 	env: EnvVars;
@@ -197,8 +236,14 @@ export function splitEnvAndSecrets(vars: EnvVars): {
 	const secretSuffixes = ['_SECRET', '_KEY', '_TOKEN', '_PASSWORD', '_PRIVATE'];
 
 	for (const [key, value] of Object.entries(vars)) {
-		// Skip AGENTUITY_ prefixed keys
-		if (key.startsWith('AGENTUITY_')) {
+		// Skip reserved AGENTUITY_ prefixed keys (except AGENTUITY_PUBLIC_)
+		if (isReservedAgentuityKey(key)) {
+			continue;
+		}
+
+		// Public vars always go to env, never secrets
+		if (isPublicVarKey(key)) {
+			env[key] = value;
 			continue;
 		}
 

package/src/utils/apt-validator.ts

@@ -0,0 +1,215 @@
+import { StructuredError, type Logger } from '@agentuity/core';
+import type { Config } from '../types';
+import { getAppBaseURL } from '@agentuity/server';
+import { getUserAgent } from '../api';
+import { getDefaultConfigDir } from '../config';
+import { join, dirname } from 'node:path';
+import { mkdir } from 'node:fs/promises';
+import { z } from 'zod';
+
+const AptValidationError = StructuredError('AptValidationError');
+const AptValidationAPIError = StructuredError('AptValidationAPIError')<{
+	status?: number;
+	body?: string;
+}>();
+const AptValidationResponseError = StructuredError('AptValidationResponseError')<{
+	parseError?: string;
+}>();
+
+export interface InvalidPackage {
+	package: string;
+	error: string;
+	requestedVersion?: string;
+	availableVersions?: string[];
+	searchUrl: string;
+}
+
+export interface AptValidationResult {
+	valid: string[];
+	invalid: InvalidPackage[];
+}
+
+const InvalidPackageSchema = z.object({
+	package: z.string(),
+	error: z.string(),
+	requestedVersion: z.string().optional(),
+	availableVersions: z.array(z.string()).optional(),
+	searchUrl: z.string(),
+});
+
+const ValidateAptDependenciesResponseSchema = z.object({
+	success: z.boolean(),
+	data: z
+		.object({
+			valid: z.array(z.string()),
+			invalid: z.array(InvalidPackageSchema),
+		})
+		.optional(),
+	message: z.string().optional(),
+});
+
+const REQUEST_TIMEOUT_MS = 30000; // 30 seconds client-side timeout
+
+const CacheEntrySchema = z.object({
+	timestamp: z.number(),
+});
+
+const ValidationCacheSchema = z.object({
+	version: z.number(),
+	entries: z.record(z.string(), CacheEntrySchema),
+});
+
+type ValidationCache = z.infer<typeof ValidationCacheSchema>;
+
+const CACHE_VERSION = 1;
+const CACHE_TTL_MS = 90 * 24 * 60 * 60 * 1000; // 90 days
+
+function getCachePath(): string {
+	return join(getDefaultConfigDir(), 'dependency-validation.json');
+}
+
+async function loadCache(logger: Logger): Promise<ValidationCache> {
+	const cachePath = getCachePath();
+	try {
+		const file = Bun.file(cachePath);
+		if (await file.exists()) {
+			const content = await file.json();
+			const parsed = ValidationCacheSchema.safeParse(content);
+			if (parsed.success && parsed.data.version === CACHE_VERSION) {
+				return parsed.data;
+			}
+			logger.debug('Cache invalid or version mismatch, starting fresh');
+		}
+	} catch (err) {
+		logger.debug('Failed to load validation cache: %s', err);
+	}
+	return { version: CACHE_VERSION, entries: {} };
+}
+
+async function saveCache(cache: ValidationCache, logger: Logger): Promise<void> {
+	const cachePath = getCachePath();
+	try {
+		await mkdir(dirname(cachePath), { recursive: true });
+		await Bun.write(cachePath, JSON.stringify(cache, null, 2));
+	} catch (err) {
+		logger.debug('Failed to save validation cache: %s', err);
+	}
+}
+
+function isCacheEntryValid(entry: z.infer<typeof CacheEntrySchema>): boolean {
+	return Date.now() - entry.timestamp < CACHE_TTL_MS;
+}
+
+/**
+ * Validate apt dependencies against the Debian package repository.
+ * Uses a local cache to avoid redundant API calls.
+ * Calls the app API which checks packages against snapshot.debian.org.
+ */
+export async function validateAptDependencies(
+	packages: string[],
+	region: string,
+	config: Config | null,
+	logger: Logger
+): Promise<AptValidationResult> {
+	if (packages.length === 0) {
+		return { valid: [], invalid: [] };
+	}
+
+	const cache = await loadCache(logger);
+	const now = Date.now();
+
+	const cachedValid: string[] = [];
+	const uncachedPackages: string[] = [];
+
+	// Check cache for each package (only valid packages are cached)
+	for (const pkg of packages) {
+		const entry = cache.entries[pkg];
+		if (entry && isCacheEntryValid(entry)) {
+			cachedValid.push(pkg);
+			logger.debug('Cache hit (valid): %s', pkg);
+		} else {
+			uncachedPackages.push(pkg);
+			logger.debug('Cache miss: %s', pkg);
+		}
+	}
+
+	// If all packages are cached, return immediately
+	if (uncachedPackages.length === 0) {
+		logger.debug('All %d packages found in cache', packages.length);
+		return { valid: cachedValid, invalid: [] };
+	}
+
+	logger.debug(
+		'Validating %d uncached packages (%d cached)',
+		uncachedPackages.length,
+		packages.length - uncachedPackages.length
+	);
+
+	const appBaseUrl = getAppBaseURL(region, config?.overrides);
+	const url = `${appBaseUrl}/api/cli/validate/apt-dependencies`;
+
+	const response = await fetch(url, {
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/json',
+			'User-Agent': getUserAgent(config),
+		},
+		body: JSON.stringify({ packages: uncachedPackages }),
+		signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
+	});
+
+	if (!response.ok) {
+		const text = await response.text();
+		throw new AptValidationAPIError({
+			message: `Failed to validate apt dependencies: HTTP ${response.status}`,
+			status: response.status,
+			body: text,
+		});
+	}
+
+	let json: unknown;
+	try {
+		json = await response.json();
+	} catch (err) {
+		throw new AptValidationResponseError({
+			message: 'Invalid JSON in API response',
+			parseError: err instanceof Error ? err.message : String(err),
+		});
+	}
+
+	const parsed = ValidateAptDependenciesResponseSchema.safeParse(json);
+
+	if (!parsed.success) {
+		throw new AptValidationResponseError({
+			message: 'Invalid API response structure',
+			parseError: parsed.error.message,
+		});
+	}
+
+	const result = parsed.data;
+
+	if (!result.success || !result.data) {
+		throw new AptValidationError({
+			message: result.message ?? 'Failed to validate apt dependencies',
+		});
+	}
+
+	// Update cache with valid results only (don't cache invalid packages)
+	for (const pkg of result.data.valid) {
+		cache.entries[pkg] = { timestamp: now };
+	}
+
+	await saveCache(cache, logger);
+
+	logger.debug(
+		'Apt validation complete: %d valid, %d invalid (from API)',
+		result.data.valid.length,
+		result.data.invalid.length
+	);
+
+	// Combine cached and fresh results
+	return {
+		valid: [...cachedValid, ...result.data.valid],
+		invalid: result.data.invalid,
+	};
+}

package/dist/cmd/cloud/secret/delete.d.ts

@@ -1,2 +0,0 @@
-export declare const deleteSubcommand: import("../../..").SubcommandDefinition;
-//# sourceMappingURL=delete.d.ts.map

package/dist/cmd/cloud/secret/delete.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"delete.d.ts","sourceRoot":"","sources":["../../../../src/cmd/cloud/secret/delete.ts"],"names":[],"mappings":"AAkBA,eAAO,MAAM,gBAAgB,yCA8C3B,CAAC"}

package/dist/cmd/cloud/secret/delete.js

@@ -1,53 +0,0 @@
-import { z } from 'zod';
-import { createSubcommand } from '../../../types';
-import * as tui from '../../../tui';
-import { projectEnvDelete } from '@agentuity/server';
-import { findExistingEnvFile, readEnvFile, writeEnvFile, filterAgentuitySdkKeys, } from '../../../env-util';
-import { getCommand } from '../../../command-prefix';
-const SecretDeleteResponseSchema = z.object({
-    success: z.boolean().describe('Whether the operation succeeded'),
-    key: z.string().describe('Secret key name that was deleted'),
-    path: z.string().describe('Local file path where secret was removed'),
-});
-export const deleteSubcommand = createSubcommand({
-    name: 'delete',
-    aliases: ['del', 'remove', 'rm'],
-    description: 'Delete a secret',
-    tags: ['destructive', 'deletes-resource', 'slow', 'requires-auth', 'requires-project'],
-    idempotent: true,
-    examples: [
-        { command: getCommand('secret delete OLD_API_KEY'), description: 'Delete item' },
-        { command: getCommand('secret rm DATABASE_URL'), description: 'Delete item' },
-    ],
-    requires: { auth: true, project: true, apiClient: true },
-    schema: {
-        args: z.object({
-            key: z.string().describe('the secret key to delete'),
-        }),
-        response: SecretDeleteResponseSchema,
-    },
-    async handler(ctx) {
-        const { args, apiClient, project, projectDir } = ctx;
-        // Delete from cloud (using secrets field)
-        await tui.spinner('Deleting secret from cloud', () => {
-            return projectEnvDelete(apiClient, {
-                id: project.projectId,
-                secrets: [args.key],
-            });
-        });
-        // Update local .env file
-        const envFilePath = await findExistingEnvFile(projectDir);
-        const currentEnv = await readEnvFile(envFilePath);
-        delete currentEnv[args.key];
-        // Filter out AGENTUITY_ keys before writing
-        const filteredEnv = filterAgentuitySdkKeys(currentEnv);
-        await writeEnvFile(envFilePath, filteredEnv);
-        tui.success(`Secret '${args.key}' deleted successfully (cloud + ${envFilePath})`);
-        return {
-            success: true,
-            key: args.key,
-            path: envFilePath,
-        };
-    },
-});
-//# sourceMappingURL=delete.js.map

package/dist/cmd/cloud/secret/delete.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"delete.js","sourceRoot":"","sources":["../../../../src/cmd/cloud/secret/delete.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EACN,mBAAmB,EACnB,WAAW,EACX,YAAY,EACZ,sBAAsB,GACtB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;IAChE,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kCAAkC,CAAC;IAC5D,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0CAA0C,CAAC;CACrE,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,gBAAgB,CAAC;IAChD,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC;IAChC,WAAW,EAAE,iBAAiB;IAC9B,IAAI,EAAE,CAAC,aAAa,EAAE,kBAAkB,EAAE,MAAM,EAAE,eAAe,EAAE,kBAAkB,CAAC;IACtF,UAAU,EAAE,IAAI;IAChB,QAAQ,EAAE;QACT,EAAE,OAAO,EAAE,UAAU,CAAC,2BAA2B,CAAC,EAAE,WAAW,EAAE,aAAa,EAAE;QAChF,EAAE,OAAO,EAAE,UAAU,CAAC,wBAAwB,CAAC,EAAE,WAAW,EAAE,aAAa,EAAE;KAC7E;IACD,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE;IACxD,MAAM,EAAE;QACP,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YACd,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,0BAA0B,CAAC;SACpD,CAAC;QACF,QAAQ,EAAE,0BAA0B;KACpC;IAED,KAAK,CAAC,OAAO,CAAC,GAAG;QAChB,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,GAAG,CAAC;QAErD,0CAA0C;QAC1C,MAAM,GAAG,CAAC,OAAO,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpD,OAAO,gBAAgB,CAAC,SAAS,EAAE;gBAClC,EAAE,EAAE,OAAO,CAAC,SAAS;gBACrB,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC;aACnB,CAAC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,yBAAyB;QACzB,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,UAAU,CAAC,CAAC;QAC1D,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;QAClD,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAE5B,4CAA4C;QAC5C,MAAM,WAAW,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,YAAY,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QAE7C,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,GAAG,mCAAmC,WAAW,GAAG,CAAC,CAAC;QAElF,OAAO;YACN,OAAO,EAAE,IAAI;YACb,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,IAAI,EAAE,WAAW;SACjB,CAAC;IACH,CAAC;CACD,CAAC,CAAC"}

package/dist/cmd/cloud/secret/get.d.ts

@@ -1,2 +0,0 @@
-export declare const getSubcommand: import("../../..").SubcommandDefinition;
-//# sourceMappingURL=get.d.ts.map

package/dist/cmd/cloud/secret/get.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../src/cmd/cloud/secret/get.ts"],"names":[],"mappings":"AAYA,eAAO,MAAM,aAAa,yCAgExB,CAAC"}