npm - @aifabrix/builder - Versions diffs - 2.43.0 → 2.44.1 - Mend

@aifabrix/builder 2.43.0 → 2.44.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (371) hide show

package/.cursor/rules/anchor-docs.mdc +15 -0
package/.cursor/rules/cli-layout.mdc +75 -0
package/.cursor/rules/project-rules.mdc +8 -0
package/.npmrc.token +1 -0
package/.nyc_output/55e9d034-ddab-4579-a706-e02a91d75c91.json +1 -0
package/.nyc_output/processinfo/55e9d034-ddab-4579-a706-e02a91d75c91.json +1 -0
package/.nyc_output/processinfo/index.json +1 -0
package/README.md +1 -1
package/anchor-docs/README.md +10 -0
package/anchor-docs/_TEMPLATE +24 -0
package/bin/aifabrix.js +13 -4
package/integration/hubspot-test/README.md +31 -0
package/integration/hubspot-test/create-hubspot.js +5 -5
package/integration/hubspot-test/hubspot-test-datasource-company.json +58 -462
package/integration/hubspot-test/hubspot-test-datasource-contact.json +61 -555
package/integration/hubspot-test/hubspot-test-datasource-deal.json +63 -506
package/integration/hubspot-test/hubspot-test-datasource-users.json +42 -83
package/integration/hubspot-test/hubspot-test-deploy.json +3 -3
package/integration/hubspot-test/test-dataplane-down-tests.js +1 -7
package/integration/hubspot-test/test-dataplane-down.js +3 -3
package/integration/hubspot-test/test.js +35 -43
package/integration/hubspot-test/wizard-hubspot-test-headless.yaml +23 -0
package/integration/roundtrip-test-local/README.md +144 -0
package/integration/roundtrip-test-local/application.yaml +13 -0
package/integration/roundtrip-test-local/env.template +15 -0
package/integration/roundtrip-test-local/roundtrip-test-local-datasource-roundtrip-test-company.yaml +14 -0
package/integration/roundtrip-test-local/roundtrip-test-local-deploy.json +61 -0
package/integration/roundtrip-test-local/roundtrip-test-local-system.yaml +25 -0
package/integration/roundtrip-test-local2/README.md +144 -0
package/integration/roundtrip-test-local2/application.yaml +13 -0
package/integration/roundtrip-test-local2/env.template +15 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-datasource-company.yaml +31 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-deploy.json +86 -0
package/integration/roundtrip-test-local2/roundtrip-test-local2-system.yaml +25 -0
package/integration/test/wizard.yaml +8 -0
package/jest.config.default.js +10 -0
package/jest.config.integration.fixtures.js +22 -0
package/jest.config.integration.js +21 -18
package/jest.config.isolated.js +10 -0
package/jest.projects.js +301 -0
package/lib/api/certificates.api.js +62 -0
package/lib/api/datasources-core.api.js +3 -3
package/lib/api/dev-mtls-request.js +110 -0
package/lib/api/dev-server-https.js +145 -0
package/lib/api/dev.api.js +133 -144
package/lib/api/index.js +11 -3
package/lib/api/pipeline.api.js +67 -20
package/lib/api/types/certificates.types.js +48 -0
package/lib/api/types/dev.types.js +4 -3
package/lib/api/types/pipeline.types.js +8 -5
package/lib/api/types/validation-run.types.js +56 -0
package/lib/api/validation-run.api.js +111 -0
package/lib/api/validation-runner.js +109 -0
package/lib/app/certification-show-enrich.js +129 -0
package/lib/app/certification-verify-rows.js +60 -0
package/lib/app/config.js +1 -1
package/lib/app/deploy-status-display.js +2 -2
package/lib/app/deploy.js +7 -6
package/lib/app/display.js +2 -1
package/lib/app/dockerfile.js +3 -2
package/lib/app/down.js +2 -1
package/lib/app/helpers.js +6 -5
package/lib/app/index.js +27 -8
package/lib/app/list.js +7 -6
package/lib/app/push.js +4 -3
package/lib/app/register.js +16 -7
package/lib/app/rotate-secret.js +14 -13
package/lib/app/run-container-start.js +184 -0
package/lib/app/run-docker-fallback.js +108 -0
package/lib/app/run-env-compose.js +30 -42
package/lib/app/run-helpers.js +49 -126
package/lib/app/run-infra-requirements.js +30 -0
package/lib/app/run-resolve-image.js +21 -0
package/lib/app/run.js +74 -21
package/lib/app/show-display.js +44 -1
package/lib/app/show.js +93 -9
package/lib/build/index.js +13 -10
package/lib/certification/cli-cert-sync-skip.js +21 -0
package/lib/certification/merge-certification-from-artifact.js +185 -0
package/lib/certification/post-unified-cert-sync.js +33 -0
package/lib/certification/sync-after-external-command.js +52 -0
package/lib/certification/sync-system-certification.js +197 -0
package/lib/cli/index.js +2 -0
package/lib/cli/setup-app.help.js +67 -0
package/lib/cli/setup-app.js +61 -121
package/lib/cli/setup-app.test-commands.js +195 -0
package/lib/cli/setup-auth.js +19 -5
package/lib/cli/setup-credential-deployment.js +22 -8
package/lib/cli/setup-dev-path-commands.js +124 -0
package/lib/cli/setup-dev.js +170 -113
package/lib/cli/setup-environment.js +7 -1
package/lib/cli/setup-external-system.js +84 -23
package/lib/cli/setup-infra.js +126 -47
package/lib/cli/setup-parameters.js +32 -0
package/lib/cli/setup-secrets.js +137 -18
package/lib/cli/setup-service-user.js +1 -1
package/lib/cli/setup-utility.js +54 -22
package/lib/commands/app-down.js +5 -7
package/lib/commands/app-install.js +14 -7
package/lib/commands/app-logs.js +13 -10
package/lib/commands/app-shell.js +4 -1
package/lib/commands/app-test.js +25 -19
package/lib/commands/app.js +32 -11
package/lib/commands/auth-config.js +6 -6
package/lib/commands/auth-status.js +4 -3
package/lib/commands/credential-env.js +4 -3
package/lib/commands/credential-list.js +5 -4
package/lib/commands/credential-push.js +4 -3
package/lib/commands/datasource-unified-test-cli.js +428 -0
package/lib/commands/datasource-unified-test-cli.options.js +191 -0
package/lib/commands/datasource-unified-test-e2e-cli-helpers.js +106 -0
package/lib/commands/datasource-validation-cli.js +143 -0
package/lib/commands/datasource.js +125 -95
package/lib/commands/deployment-list.js +6 -5
package/lib/commands/dev-cli-handlers.js +122 -18
package/lib/commands/dev-down.js +4 -3
package/lib/commands/dev-init.js +231 -116
package/lib/commands/dev-show-display.js +473 -0
package/lib/commands/login-credentials.js +3 -2
package/lib/commands/login-device.js +4 -3
package/lib/commands/login.js +5 -4
package/lib/commands/logout.js +8 -7
package/lib/commands/parameters-validate.js +54 -0
package/lib/commands/repair-datasource.js +314 -68
package/lib/commands/repair-env-template.js +2 -2
package/lib/commands/repair.js +21 -3
package/lib/commands/secrets-list.js +23 -12
package/lib/commands/secrets-remove-all.js +220 -0
package/lib/commands/secrets-remove.js +21 -12
package/lib/commands/secrets-set.js +21 -12
package/lib/commands/secrets-validate.js +4 -4
package/lib/commands/secure.js +10 -9
package/lib/commands/service-user.js +26 -25
package/lib/commands/test-e2e-external.js +27 -1
package/lib/commands/up-common.js +3 -2
package/lib/commands/up-dataplane.js +29 -16
package/lib/commands/up-miso.js +19 -29
package/lib/commands/upload.js +149 -39
package/lib/commands/wizard-core-helpers.js +1 -1
package/lib/commands/wizard-dataplane.js +4 -3
package/lib/commands/wizard-helpers.js +3 -3
package/lib/commands/wizard.js +2 -2
package/lib/core/admin-secrets.js +14 -5
package/lib/core/audit-logger.js +12 -4
package/lib/core/config-attach-extensions.js +46 -0
package/lib/core/config-runtime-paths.js +29 -0
package/lib/core/config.js +55 -56
package/lib/core/diff.js +3 -2
package/lib/core/ensure-encryption-key.js +1 -1
package/lib/core/secrets-ensure-infra.js +77 -0
package/lib/core/secrets-ensure.js +120 -64
package/lib/core/secrets-env-write.js +35 -7
package/lib/core/secrets-infra-placeholder-sync.js +61 -0
package/lib/core/secrets.js +200 -37
package/lib/core/templates-env.js +4 -3
package/lib/datasource/abac-validator.js +1 -10
package/lib/datasource/deploy.js +75 -53
package/lib/datasource/field-reference-validator.js +9 -6
package/lib/datasource/integration-context.js +63 -0
package/lib/datasource/list.js +8 -7
package/lib/datasource/log-viewer.js +189 -67
package/lib/datasource/resolve-app.js +4 -4
package/lib/datasource/test-e2e.js +113 -146
package/lib/datasource/test-integration.js +114 -122
package/lib/datasource/unified-validation-run-body.js +68 -0
package/lib/datasource/unified-validation-run-post.js +23 -0
package/lib/datasource/unified-validation-run-resolve.js +43 -0
package/lib/datasource/unified-validation-run.js +93 -0
package/lib/datasource/validate.js +157 -13
package/lib/deployment/deployer.js +4 -3
package/lib/deployment/environment.js +7 -6
package/lib/deployment/push.js +17 -8
package/lib/external-system/delete.js +4 -3
package/lib/external-system/deploy.js +166 -53
package/lib/external-system/download-helpers.js +1 -1
package/lib/external-system/download.js +7 -6
package/lib/external-system/generator.js +92 -6
package/lib/external-system/integration-test-dispatch.js +26 -0
package/lib/external-system/test-execution.js +5 -1
package/lib/external-system/test-helpers.js +0 -4
package/lib/external-system/test-system-level-helpers.js +110 -0
package/lib/external-system/test-system-level.js +83 -44
package/lib/external-system/test.js +59 -8
package/lib/generator/builders.js +23 -11
package/lib/generator/deploy-manifest-azure-kv.js +81 -0
package/lib/generator/external.js +16 -4
package/lib/generator/helpers.js +58 -3
package/lib/generator/index.js +4 -0
package/lib/generator/split-readme.js +12 -7
package/lib/generator/split-variables.js +2 -1
package/lib/generator/split.js +1 -1
package/lib/generator/wizard-readme.js +3 -3
package/lib/generator/wizard.js +8 -8
package/lib/infrastructure/compose.js +70 -7
package/lib/infrastructure/helpers-docker-check.js +67 -0
package/lib/infrastructure/helpers.js +203 -42
package/lib/infrastructure/index.js +31 -18
package/lib/infrastructure/services.js +21 -67
package/lib/internal/fs-real-sync.js +104 -0
package/lib/internal/node-fs.js +98 -0
package/lib/parameters/database-secret-values.js +173 -0
package/lib/parameters/infra-kv-discovery.js +121 -0
package/lib/parameters/infra-parameter-catalog.js +458 -0
package/lib/parameters/infra-parameter-validate.js +64 -0
package/lib/schema/application-schema.json +37 -17
package/lib/schema/datasource-test-run.schema.json +493 -0
package/lib/schema/deployment-rules.yaml +102 -63
package/lib/schema/external-datasource.schema.json +1200 -442
package/lib/schema/external-system.schema.json +203 -5
package/lib/schema/flag-map-validation-run.json +31 -0
package/lib/schema/infra-parameter.schema.json +106 -0
package/lib/schema/infra.parameter.yaml +421 -0
package/lib/schema/type/credential-auth-templates.json +40 -0
package/lib/schema/type/document-storage.json +226 -0
package/lib/schema/type/message-service.json +123 -0
package/lib/schema/type/vector-store.json +88 -0
package/lib/utils/aifabrix-runtime-config-dir.js +132 -0
package/lib/utils/api-error-handler.js +2 -2
package/lib/utils/api.js +77 -17
package/lib/utils/app-register-api.js +3 -2
package/lib/utils/app-register-auth.js +1 -1
package/lib/utils/app-register-config.js +4 -4
package/lib/utils/app-register-display.js +3 -2
package/lib/utils/app-register-validator.js +3 -2
package/lib/utils/app-run-containers.js +26 -22
package/lib/utils/app-scoped-config.js +31 -0
package/lib/utils/app-service-env-from-builder.js +164 -0
package/lib/utils/build-copy.js +1 -1
package/lib/utils/build-helpers.js +20 -20
package/lib/utils/build-resolve-image.js +165 -0
package/lib/utils/cli-layout-chalk.js +8 -0
package/lib/utils/cli-test-layout-chalk.js +267 -0
package/lib/utils/cli-utils.js +88 -11
package/lib/utils/compose-db-passwords.js +138 -0
package/lib/utils/compose-generate-docker-compose.js +216 -0
package/lib/utils/compose-generator.js +197 -291
package/lib/utils/compose-miso-env.js +18 -0
package/lib/utils/compose-traefik-ingress-base.js +158 -0
package/lib/utils/config-paths.js +166 -7
package/lib/utils/config-scoped-resources-preference.js +41 -0
package/lib/utils/configuration-env-resolver.js +11 -8
package/lib/utils/controller-deployment-outcome.js +68 -0
package/lib/utils/credential-display.js +2 -2
package/lib/utils/credential-secrets-env.js +5 -5
package/lib/utils/dataplane-pipeline-warning.js +4 -3
package/lib/utils/datasource-test-run-capability-scope.js +43 -0
package/lib/utils/datasource-test-run-certificate-tty.js +82 -0
package/lib/utils/datasource-test-run-debug-display.js +137 -0
package/lib/utils/datasource-test-run-debug-slice.js +93 -0
package/lib/utils/datasource-test-run-display.js +459 -0
package/lib/utils/datasource-test-run-exit.js +83 -0
package/lib/utils/datasource-test-run-legacy-adapter.js +93 -0
package/lib/utils/datasource-test-run-report-version.js +51 -0
package/lib/utils/datasource-test-run-schema-sync.js +59 -0
package/lib/utils/datasource-test-run-tty-log.js +81 -0
package/lib/utils/datasource-validation-watch.js +266 -0
package/lib/utils/declarative-url-ports.js +47 -0
package/lib/utils/derive-env-key-from-client-id.js +41 -0
package/lib/utils/dev-ca-install.js +185 -23
package/lib/utils/dev-cert-helper.js +266 -17
package/lib/utils/dev-hosts-helper.js +307 -0
package/lib/utils/dev-init-cert-hints.js +37 -0
package/lib/utils/dev-init-health-messages.js +52 -0
package/lib/utils/dev-init-resolve.js +86 -0
package/lib/utils/dev-init-ssh-merge.js +65 -0
package/lib/utils/dev-ssh-config-helper.js +196 -0
package/lib/utils/dev-user-groups.js +93 -0
package/lib/utils/docker-build.js +42 -17
package/lib/utils/docker-exec.js +28 -0
package/lib/utils/docker-manifest-public-port.js +116 -0
package/lib/utils/docker-not-running-hint.js +52 -0
package/lib/utils/docker.js +98 -11
package/lib/utils/ensure-dev-certs-for-remote-docker.js +192 -0
package/lib/utils/env-config-loader.js +10 -91
package/lib/utils/env-copy.js +19 -10
package/lib/utils/env-map.js +35 -8
package/lib/utils/env-template.js +2 -2
package/lib/utils/environment-scoped-resources.js +144 -0
package/lib/utils/error-formatter.js +92 -13
package/lib/utils/error-formatters/http-status-errors.js +6 -5
package/lib/utils/error-formatters/network-errors.js +2 -1
package/lib/utils/error-formatters/permission-errors.js +2 -1
package/lib/utils/error-formatters/validation-errors.js +2 -1
package/lib/utils/external-readme.js +8 -1
package/lib/utils/external-system-display.js +242 -136
package/lib/utils/external-system-local-test-tty.js +389 -0
package/lib/utils/external-system-readiness-core.js +377 -0
package/lib/utils/external-system-readiness-deploy-display.js +270 -0
package/lib/utils/external-system-readiness-display-internals.js +150 -0
package/lib/utils/external-system-readiness-display.js +186 -0
package/lib/utils/external-system-system-test-tty-overview.js +120 -0
package/lib/utils/external-system-system-test-tty.js +417 -0
package/lib/utils/external-system-test-helpers.js +24 -6
package/lib/utils/external-system-validators.js +30 -12
package/lib/utils/health-check-url.js +119 -0
package/lib/utils/health-check.js +59 -25
package/lib/utils/help-builder.js +11 -8
package/lib/utils/image-version.js +4 -8
package/lib/utils/infra-containers.js +4 -7
package/lib/utils/infra-env-defaults.js +162 -0
package/lib/utils/infra-status-display.js +167 -0
package/lib/utils/infra-status.js +16 -8
package/lib/utils/local-secrets.js +3 -4
package/lib/utils/paths.js +148 -47
package/lib/utils/port-resolver.js +10 -23
package/lib/utils/redis-env-scope.js +62 -0
package/lib/utils/register-aifabrix-shell-env.js +204 -0
package/lib/utils/remote-builder-validation.js +99 -0
package/lib/utils/remote-dev-auth.js +117 -21
package/lib/utils/remote-docker-env.js +67 -15
package/lib/utils/remote-secrets-loader.js +13 -4
package/lib/utils/resolve-docker-image-ref.js +124 -0
package/lib/utils/schema-loader.js +22 -9
package/lib/utils/secrets-bash-kv.js +25 -0
package/lib/utils/secrets-generator.js +169 -49
package/lib/utils/secrets-helpers.js +70 -59
package/lib/utils/secrets-kv-scope.js +60 -0
package/lib/utils/secrets-utils.js +32 -38
package/lib/utils/secrets-validation.js +3 -1
package/lib/utils/secrets-yaml-preserve.js +109 -0
package/lib/utils/ssh-key-helper.js +4 -2
package/lib/utils/template-helpers.js +2 -2
package/lib/utils/test-log-writer.js +3 -3
package/lib/utils/token-manager.js +1 -2
package/lib/utils/url-declarative-public-base.js +188 -0
package/lib/utils/url-declarative-resolve-build.js +493 -0
package/lib/utils/url-declarative-resolve-load-doc.js +51 -0
package/lib/utils/url-declarative-resolve.js +220 -0
package/lib/utils/url-declarative-token-parse.js +74 -0
package/lib/utils/url-declarative-url-flags.js +50 -0
package/lib/utils/url-declarative-vdir-inactive-env.js +99 -0
package/lib/utils/url-public-path-prefix.js +34 -0
package/lib/utils/urls-local-registry.js +220 -0
package/lib/utils/validation-report-tty-kit.js +77 -0
package/lib/utils/validation-run-poll.js +112 -0
package/lib/utils/validation-run-post-retry.js +85 -0
package/lib/utils/validation-run-request.js +116 -0
package/lib/utils/variable-transformer.js +21 -4
package/lib/utils/yaml-preserve.js +33 -14
package/lib/validation/datasource-warnings.js +56 -0
package/lib/validation/env-template-auth.js +1 -1
package/lib/validation/external-manifest-validator.js +27 -7
package/lib/validation/validate-display.js +37 -31
package/lib/validation/validate-external-cert-sync.js +23 -0
package/lib/validation/validate.js +8 -14
package/lib/validation/validator-unresolved-placeholders.js +98 -0
package/lib/validation/validator.js +22 -65
package/lib/validation/wizard-config-validator.js +2 -1
package/package.json +9 -4
package/scripts/check-datasource-test-run-schema-sync.js +34 -0
package/scripts/diagnose-cli.js +150 -0
package/scripts/install-local.js +307 -55
package/scripts/pnpm-global-remove.js +48 -0
package/templates/README.md +15 -2
package/templates/applications/dataplane/application.yaml +52 -2
package/templates/applications/dataplane/env.template +79 -17
package/templates/applications/dataplane/rbac.yaml +8 -0
package/templates/applications/keycloak/application.yaml +9 -1
package/templates/applications/keycloak/env.template +15 -6
package/templates/applications/miso-controller/application.yaml +10 -2
package/templates/applications/miso-controller/env.template +42 -12
package/templates/applications/miso-controller/rbac.yaml +5 -0
package/templates/external-system/README.md.hbs +20 -7
package/templates/external-system/deploy.js.hbs +5 -5
package/templates/external-system/external-datasource.yaml.hbs +197 -118
package/templates/infra/compose.yaml.hbs +33 -16
package/templates/infra/servers.json.hbs +3 -1
package/templates/python/docker-compose.hbs +16 -0
package/templates/typescript/docker-compose.hbs +16 -0
package/lib/api/external-test.api.js +0 -111
package/lib/schema/env-config.yaml +0 -60

package/lib/commands/dev-cli-handlers.js CHANGED Viewed

@@ -1,3 +1,4 @@
+const { formatSuccessLine } = require('../utils/cli-test-layout-chalk');
 /**
  * @fileoverview CLI action handlers for dev list/add/update/pin/delete (remote Builder Server)
  * @author AI Fabrix Team
@@ -9,6 +10,12 @@ const config = require('../core/config');
 const logger = require('../utils/logger');
 const devApi = require('../api/dev.api');
 const { getRemoteDevAuth } = require('../utils/remote-dev-auth');
+const { isValidIpv4 } = require('../utils/dev-hosts-helper');
+const {
+  parseDevGroupsOption,
+  validateDevGroups,
+  augmentDevUserGroupsServerError
+} = require('../utils/dev-user-groups');
 const REMOTE_NOT_CONFIGURED_MSG = 'Remote server is not configured. Set remote-server and run "aifabrix dev init" first.';
@@ -39,7 +46,7 @@ async function handleDevList() {
     logger.log(chalk.yellow(REMOTE_NOT_CONFIGURED_MSG));
     return;
   }
-  const users = await devApi.listUsers(auth.serverUrl, auth.clientCertPem);
+  const users = await devApi.listUsers(auth.serverUrl, auth.clientCertPem, auth.serverCaPem || undefined);
   if (users.length === 0) {
     logger.log(chalk.gray('No developers registered.'));
     return;
@@ -71,14 +78,23 @@ async function handleDevList() {
 async function handleDevAdd(options) {
   const auth = await getRemoteDevAuth();
   if (!auth) throw new Error(REMOTE_NOT_CONFIGURED_MSG);
-  const groups = (options.groups || 'developer').split(',').map(s => s.trim()).filter(Boolean);
-  const user = await devApi.createUser(auth.serverUrl, auth.clientCertPem, {
-    developerId: options.developerId,
-    name: options.name,
-    email: options.email,
-    groups: groups.length ? groups : ['developer']
-  });
-  logger.log(chalk.green(`✓ Developer ${user.id} created. Use "aifabrix dev pin ${user.id}" to create a PIN for onboarding.`));
+  let groups = parseDevGroupsOption(
+    options.groups !== undefined && options.groups !== null ? options.groups : 'developer'
+  );
+  if (groups.length === 0) groups = ['developer'];
+  validateDevGroups(groups);
+  try {
+    const user = await devApi.createUser(auth.serverUrl, auth.clientCertPem, {
+      developerId: options.developerId,
+      name: options.name,
+      email: options.email,
+      groups
+    }, auth.serverCaPem || undefined);
+    logger.log(formatSuccessLine(`Developer ${user.id} created. Use "aifabrix dev pin ${user.id}" to create a PIN for onboarding.`));
+  } catch (err) {
+    augmentDevUserGroupsServerError(err, groups);
+    throw err;
+  }
 }
 /**
@@ -95,27 +111,115 @@ async function handleDevUpdate(developerId, options) {
   const body = {};
   if (options.name) body.name = options.name;
   if (options.email) body.email = options.email;
-  if (options.groups) body.groups = options.groups.split(',').map(s => s.trim()).filter(Boolean);
+  if (options.groups) {
+    const groups = parseDevGroupsOption(options.groups);
+    if (groups.length === 0) {
+      throw new Error('--groups must list at least one valid group');
+    }
+    validateDevGroups(groups);
+    body.groups = groups;
+  }
   if (Object.keys(body).length === 0) {
     throw new Error('Provide at least one of --name, --email, --groups');
   }
-  await devApi.updateUser(auth.serverUrl, auth.clientCertPem, id, body);
-  logger.log(chalk.green(`✓ Developer ${id} updated.`));
+  try {
+    await devApi.updateUser(auth.serverUrl, auth.clientCertPem, id, body, auth.serverCaPem || undefined);
+    logger.log(formatSuccessLine(`Developer ${id} updated.`));
+  } catch (err) {
+    augmentDevUserGroupsServerError(err, body.groups);
+    throw err;
+  }
+}
+function logPinHostsVariantLines(baseInit, id, hostsIp) {
+  logger.log(
+    chalk.cyan('2) Hosts file / administrator')
+    + chalk.gray(
+      ' — use when the hostname does not resolve and your organisation does not publish DNS for it. '
+      + 'Run in an elevated terminal so the hosts file can be updated, or add the entry manually:'
+    )
+  );
+  if (hostsIp) {
+    logger.log(`   ${baseInit} --add-hosts --hosts-ip ${hostsIp}`);
+  } else {
+    logger.log(`   ${baseInit} --add-hosts --hosts-ip <server-LAN-IPv4>`);
+    logger.log(
+      chalk.gray(
+        `   Replace <server-LAN-IPv4> with the Builder Server IPv4, or re-run: aifabrix dev pin ${id} --hosts-ip <ip>`
+      )
+    );
+  }
+}
+/**
+ * Log copy-paste dev init commands for the developer (standard vs hosts-file).
+ * @param {Object} p
+ * @param {string} p.id - Developer ID
+ * @param {string} p.serverUrl - Builder Server base URL
+ * @param {string} p.pin - One-time PIN
+ * @param {string} p.expiresAt - PIN expiry (API string)
+ * @param {string} [p.hostsIp] - Optional IPv4 for the hosts variant
+ * @returns {void}
+ */
+function logDevPinShareInstructions(p) {
+  const { id, serverUrl, pin, expiresAt, hostsIp } = p;
+  const baseInit = `aifabrix dev init --developer-id ${id} --server ${serverUrl} --pin ${pin}`;
+  const pinOnly = `aifabrix dev init --pin ${pin}`;
+  logger.log(formatSuccessLine(`PIN created for ${id}, expires ${expiresAt}.`));
+  logger.log('');
+  logger.log(
+    chalk.bold('Share with the developer — they run one command (the PIN is one-time):')
+  );
+  logger.log('');
+  logger.log(
+    chalk.cyan('1) Standard')
+    + chalk.gray(' — use when this machine can resolve the server hostname (DNS or hosts already set):')
+  );
+  logger.log(`   ${baseInit}`);
+  logger.log('');
+  logPinHostsVariantLines(baseInit, id, hostsIp);
+  logger.log('');
+  logger.log(
+    chalk.cyan('3) Config already has remote-server + developer-id')
+    + chalk.gray(
+      ' — e.g. second machine / SSH session after settings were merged; same onboarding, PIN only:'
+    )
+  );
+  logger.log(`   ${pinOnly}`);
+  logger.log('');
 }
 /**
  * Handle dev pin – create/regenerate PIN (remote only).
  * @param {string} [developerId] - Developer ID (optional; uses config if omitted)
+ * @param {Object} [options] - Commander options
+ * @param {string} [options.hostsIp] - From --hosts-ip (embeds IPv4 in the hosts variant)
  * @returns {Promise<void>}
  */
-async function handleDevPin(developerId) {
+async function handleDevPin(developerId, options = {}) {
   const auth = await getRemoteDevAuth();
   if (!auth) throw new Error(REMOTE_NOT_CONFIGURED_MSG);
   const id = developerId || await config.getDeveloperId();
   if (!id) throw new Error('developerId is required (argument or set developer-id in config)');
-  const res = await devApi.createPin(auth.serverUrl, auth.clientCertPem, id);
-  logger.log(chalk.green(`✓ PIN created for ${id}, expires ${res.expiresAt}.`));
-  logger.log(chalk.yellow(`  Give this PIN once to the developer for: aifabrix dev init --developer-id ${id} --server ${auth.serverUrl} --pin ${res.pin}`));
+  const rawHostsIp = options.hostsIp ?? options['hosts-ip'];
+  let hostsIp = '';
+  if (rawHostsIp !== undefined && rawHostsIp !== null) {
+    const trimmed = String(rawHostsIp).trim();
+    if (trimmed !== '') {
+      if (!isValidIpv4(trimmed)) {
+        throw new Error('Invalid --hosts-ip (use an IPv4 address, e.g. 192.168.1.25)');
+      }
+      hostsIp = trimmed;
+    }
+  }
+  const res = await devApi.createPin(auth.serverUrl, auth.clientCertPem, id, auth.serverCaPem || undefined);
+  logDevPinShareInstructions({
+    id,
+    serverUrl: auth.serverUrl,
+    pin: res.pin,
+    expiresAt: res.expiresAt,
+    hostsIp: hostsIp || undefined
+  });
 }
 /**
@@ -128,8 +232,8 @@ async function handleDevDelete(developerId) {
   if (!auth) throw new Error(REMOTE_NOT_CONFIGURED_MSG);
   const id = developerId;
   if (!id) throw new Error('Developer ID is required (positional argument or --developer-id).');
-  await devApi.deleteUser(auth.serverUrl, auth.clientCertPem, id);
-  logger.log(chalk.green(`✓ Developer ${id} removed.`));
+  await devApi.deleteUser(auth.serverUrl, auth.clientCertPem, id, auth.serverCaPem || undefined);
+  logger.log(formatSuccessLine(`Developer ${id} removed.`));
 }
 module.exports = {

package/lib/commands/dev-down.js CHANGED Viewed

@@ -1,3 +1,4 @@
+const { formatSuccessParagraph } = require('../utils/cli-test-layout-chalk');
 /**
  * dev down – stop Mutagen sync sessions and optionally app containers for this developer.
  *
@@ -38,7 +39,7 @@ async function stopMutagenSessions(developerId) {
     const toTerminate = sessions.filter(name => name.startsWith(prefix));
     for (const name of toTerminate) {
       await execAsync(`"${mutagenPath}" sync terminate "${name}"`, { timeout: 5000 });
-      logger.log(chalk.green(`  ✓ Stopped sync session: ${name}`));
+      logger.log(chalk.green(`  ✔ Stopped sync session: ${name}`));
     }
     if (toTerminate.length === 0 && sessions.length > 0) {
       logger.log(chalk.gray('No sync sessions for this developer.'));
@@ -98,7 +99,7 @@ async function handleDevDown(options = {}) {
       if (!appName) continue;
       try {
         await appLib.downApp(appName, {});
-        logger.log(chalk.green(`  ✓ Stopped app: ${appName}`));
+        logger.log(chalk.green(`  ✔ Stopped app: ${appName}`));
       } catch (err) {
         logger.log(chalk.yellow(`  ⚠ Could not stop ${appName}: ${err.message}`));
       }
@@ -108,7 +109,7 @@ async function handleDevDown(options = {}) {
     }
   }
-  logger.log(chalk.green('\n✓ dev down complete.\n'));
+  logger.log(formatSuccessParagraph('dev down complete.\n'));
 }
 module.exports = { handleDevDown };