@ait-co/console-cli 0.1.39 → 0.1.40

package/dist/cli.mjs

@@ -9,7 +9,6 @@ import { checkbox, confirm, editor, input, password, select } from "@inquirer/pr
 import { imageSize } from "image-size";
 import { execFile, execFileSync, spawn } from "node:child_process";
 import { constants, createReadStream, existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
-import { createInterface } from "node:readline/promises";
 import { promisify } from "node:util";
 import { createHash } from "node:crypto";
 //#region src/api/http.ts
@@ -3611,7 +3610,7 @@ function serviceStatusFor(entry) {
 }
 const POLL_MIN_INTERVAL_SEC = 30;
 const POLL_MAX_INTERVAL_SEC = 3600;
-const statusCommand$2 = defineCommand({
+const statusCommand$1 = defineCommand({
 	meta: {
 		name: "status",
 		description: "Show the derived review state of a mini-app (under-review / rejected / approved)."
@@ -5721,7 +5720,7 @@ const appCommand = defineCommand({
 		}),
 		ls: lsCommand$4,
 		show: showCommand$2,
-		status: statusCommand$2,
+		status: statusCommand$1,
 		ratings: ratingsCommand,
 		reports: reportsCommand,
 		bundles: bundlesCommand,
@@ -9185,557 +9184,6 @@ const noticesCommand = defineCommand({
 	}
 });
 //#endregion
-//#region src/version.ts
-function resolveVersion() {
-	try {
-		const injected = globalThis.AITCC_VERSION;
-		if (typeof injected === "string" && injected.length > 0) return injected;
-	} catch {}
-	try {
-		return "0.1.39";
-	} catch {}
-	return "0.0.0-dev";
-}
-const VERSION = resolveVersion();
-//#endregion
-//#region src/telemetry/state.ts
-/**
-* Telemetry consent state + anon_id I/O for console-cli.
-*
-* Storage: ~/.config/aitcc/telemetry.json  (0600, XDG-aware via configDir())
-* Consistent with devtools' localStorage schema names where applicable.
-*/
-/** Current policy version. Bump whenever the privacy policy changes. */
-const CURRENT_POLICY_VERSION = "2026-05-18";
-function telemetryFilePath() {
-	return join(configDir(), "telemetry.json");
-}
-async function readStateFile() {
-	let raw;
-	try {
-		raw = await readFile(telemetryFilePath(), "utf8");
-	} catch {
-		return null;
-	}
-	let parsed;
-	try {
-		parsed = JSON.parse(raw);
-	} catch {
-		return null;
-	}
-	if (!parsed || typeof parsed !== "object") return null;
-	const obj = parsed;
-	if (obj.schemaVersion !== 1) return null;
-	if (obj.consent !== "granted" && obj.consent !== "denied" && obj.consent !== "undecided") return null;
-	if (typeof obj.policyVersion !== "string") return null;
-	return {
-		schemaVersion: 1,
-		consent: obj.consent,
-		policyVersion: obj.policyVersion,
-		...typeof obj.anonId === "string" ? { anonId: obj.anonId } : {},
-		...typeof obj.tier0LastSent === "string" ? { tier0LastSent: obj.tier0LastSent } : {},
-		...obj.tier0OptOut === true ? { tier0OptOut: true } : {}
-	};
-}
-async function writeStateFile(state) {
-	const path = telemetryFilePath();
-	await mkdir(dirname(path), {
-		recursive: true,
-		mode: 448
-	});
-	const tmp = `${path}.${process.pid}.${Date.now()}.tmp`;
-	try {
-		await writeFile(tmp, JSON.stringify(state, null, 2), { mode: 384 });
-		await rename(tmp, path);
-	} catch (err) {
-		await unlink(tmp).catch(() => {});
-		throw err;
-	}
-}
-/** Read the raw consent from disk. Returns 'undecided' if no file. */
-async function readConsentState() {
-	const s = await readStateFile();
-	if (!s) return "undecided";
-	return s.consent;
-}
-/**
-* Resolve effective consent with policy-version bump rule:
-*   - Previously 'granted' but on an old policy version → revert to 'undecided'
-*   - Previously 'denied' on any version → stay 'denied'
-*/
-async function resolveEffectiveConsent() {
-	const s = await readStateFile();
-	if (!s) return "undecided";
-	if (s.consent === "granted") {
-		if (s.policyVersion !== "2026-05-18") return "undecided";
-		return "granted";
-	}
-	return s.consent;
-}
-/**
-* Returns the stored anon_id, or generates + persists a new UUID v4.
-* Once generated it is never overwritten except after a successful deleteMyData call.
-*/
-async function getOrCreateAnonId() {
-	const s = await readStateFile();
-	if (s?.anonId) return s.anonId;
-	const id = crypto.randomUUID();
-	await writeStateFile({
-		...s ?? {
-			schemaVersion: 1,
-			consent: "undecided",
-			policyVersion: "2026-05-18"
-		},
-		anonId: id
-	});
-	return id;
-}
-async function acceptConsent() {
-	await writeStateFile({
-		schemaVersion: 1,
-		consent: "granted",
-		policyVersion: CURRENT_POLICY_VERSION,
-		anonId: (await readStateFile())?.anonId ?? crypto.randomUUID()
-	});
-}
-async function denyConsent() {
-	const s = await readStateFile();
-	await writeStateFile({
-		schemaVersion: 1,
-		consent: "denied",
-		policyVersion: CURRENT_POLICY_VERSION,
-		...s?.anonId ? { anonId: s.anonId } : {}
-	});
-}
-/** Returns true if Tier 0 pings are permanently opted out. */
-async function isTier0OptedOut() {
-	return (await readStateFile())?.tier0OptOut === true;
-}
-/** Permanently opt out of Tier 0 pings (sets tier0OptOut: true). */
-async function setTier0OptOut(optOut) {
-	const current = await readStateFile() ?? {
-		schemaVersion: 1,
-		consent: "undecided",
-		policyVersion: "2026-05-18"
-	};
-	if (optOut) await writeStateFile({
-		...current,
-		tier0OptOut: true
-	});
-	else {
-		const { tier0OptOut: _removed, ...rest } = current;
-		await writeStateFile(rest);
-	}
-}
-/**
-* Returns the ISO date (YYYY-MM-DD) of the last sent Tier 0 ping, or null.
-*/
-async function getTier0LastSent() {
-	return (await readStateFile())?.tier0LastSent ?? null;
-}
-/**
-* Record that a Tier 0 ping was sent today (ISO date marker).
-*/
-async function markTier0Sent(date) {
-	await writeStateFile({
-		...await readStateFile() ?? {
-			schemaVersion: 1,
-			consent: "undecided",
-			policyVersion: "2026-05-18"
-		},
-		tier0LastSent: date
-	});
-}
-/**
-* Delete data: send DELETE /e?anon_id=... to the server (if we have an id),
-* then rotate local anon_id so subsequent events are unlinkable.
-*/
-async function deleteMyData(endpoint) {
-	const s = await readStateFile();
-	if (!s?.anonId) return false;
-	try {
-		if (!(await fetch(`${endpoint}/e?anon_id=${encodeURIComponent(s.anonId)}`, { method: "DELETE" })).ok) return false;
-		await writeStateFile({
-			...s,
-			anonId: crypto.randomUUID()
-		});
-		return true;
-	} catch {
-		return false;
-	}
-}
-//#endregion
-//#region src/telemetry/send.ts
-/**
-* Telemetry send — fire-and-forget with one retry.
-*
-* Tier 0 rules:
-*   1. No consent check — fires regardless of opt-in state (unless opted out via tier0OptOut).
-*   2. No anon_id — server generates a daily hash.
-*   3. 5 s timeout, no retry. Drops silently on any failure.
-*
-* Tier 1 rules:
-*   1. If consent ≠ "granted" — drop silently.
-*   2. POST event as JSON with 5 s timeout.
-*   3. On network error or non-2xx: retry ONCE after 2 s. On second failure: drop.
-*   4. Meta is capped at 256 bytes (JSON-serialized); oversized meta is dropped.
-*   5. All calls are non-blocking — caller never awaits send().
-*/
-/** Meta size cap per server contract (JSON bytes). */
-const META_BYTE_CAP = 256;
-function sanitizeMeta(meta) {
-	if (meta === void 0) return void 0;
-	const serialized = JSON.stringify(meta);
-	if (new TextEncoder().encode(serialized).byteLength > META_BYTE_CAP) return void 0;
-	return meta;
-}
-async function doFetch(endpoint, payload) {
-	const controller = new AbortController();
-	const timeoutId = setTimeout(() => controller.abort(), 5e3);
-	try {
-		return (await fetch(`${endpoint}/e`, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify(payload),
-			signal: controller.signal
-		})).ok;
-	} catch {
-		return false;
-	} finally {
-		clearTimeout(timeoutId);
-	}
-}
-function delay(ms) {
-	return new Promise((resolve) => setTimeout(resolve, ms));
-}
-/** Retry delay in ms — injectable for tests. */
-let RETRY_DELAY_MS = 2e3;
-/**
-* Send a Tier 1 telemetry event. Drops silently if consent is not 'granted'.
-* Returns a Promise but callers should NOT await it — fire-and-forget only.
-*/
-async function send(endpoint, event, version, meta) {
-	if (await readConsentState() !== "granted") return;
-	const sanitized = sanitizeMeta(meta);
-	const payload = {
-		tier: 1,
-		source: "console-cli",
-		event,
-		anon_id: await getOrCreateAnonId(),
-		version,
-		ts: Date.now(),
-		...sanitized !== void 0 ? { meta: sanitized } : {}
-	};
-	if (await doFetch(endpoint, payload)) return;
-	await delay(RETRY_DELAY_MS);
-	await doFetch(endpoint, payload);
-}
-/**
-* Send a Tier 0 anonymous daily ping.
-* - No anon_id (server generates a daily hash from IP+UA).
-* - No retry. 5 s timeout. Fire-and-forget.
-* - Callers should NOT await this.
-*/
-async function sendTier0Ping(endpoint, version) {
-	const payload = {
-		tier: 0,
-		source: "console-cli",
-		version,
-		platform: process.platform
-	};
-	const controller = new AbortController();
-	const timeoutId = setTimeout(() => controller.abort(), 5e3);
-	try {
-		await fetch(`${endpoint}/e`, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify(payload),
-			signal: controller.signal
-		});
-	} catch {} finally {
-		clearTimeout(timeoutId);
-	}
-}
-//#endregion
-//#region src/telemetry/index.ts
-/**
-* Telemetry client — internal to @ait-co/console-cli.
-*
-* Usage: import { trackInvocation, trackTier0Ping } from './telemetry/index.js'
-*
-* Tier 0 (opt-out): anonymous daily ping. Fires on every invocation; client-side
-*   daily dedupe via tier0LastSent. Respects AITCC_TELEMETRY=off, --no-telemetry,
-*   and permanent tier0OptOut flag.
-*
-* Tier 1 (opt-in): detailed events. First invocation on a TTY prompts the user;
-*   non-TTY (CI) defaults to deny.
-*
-* Endpoint override for staging: AITCC_TELEMETRY_ENV=staging
-* (or automatically when VERSION contains '-dev').
-*/
-function resolveEndpoint() {
-	if (process.env.AITCC_TELEMETRY_ENV === "staging") return "https://t-staging.aitc.dev";
-	if (VERSION.includes("-dev")) return "https://t-staging.aitc.dev";
-	return "https://t.aitc.dev";
-}
-const TELEMETRY_ENDPOINT = resolveEndpoint();
-/** Returns true if this is the very first run (telemetry.json does not exist). */
-function isFirstRun() {
-	return !existsSync(telemetryFilePath());
-}
-/**
-* Prompt for consent on TTY. Defaults to deny on any non-TTY or error.
-* Called once per install (no file yet) when stdin/stdout are both TTYs.
-*/
-async function promptConsent() {
-	if (!process.stdin.isTTY || !process.stdout.isTTY) {
-		await denyConsent();
-		return;
-	}
-	const rl = createInterface({
-		input: process.stdin,
-		output: process.stdout
-	});
-	try {
-		process.stderr.write([
-			"",
-			"aitcc 사용 개선을 위해 익명 사용 통계를 수집해도 될까요?",
-			"  · 개인 식별 정보 없음  · 랜덤 익명 ID만 사용  · 언제든 off 가능",
-			"  자세한 내용: https://docs.aitc.dev/privacy",
-			""
-		].join("\n"));
-		if ((await rl.question("보내도 될까요? [y/N] ")).trim().toLowerCase() === "y") await acceptConsent();
-		else await denyConsent();
-	} catch {
-		await denyConsent();
-	} finally {
-		rl.close();
-	}
-}
-/**
-* Check whether telemetry is globally disabled via environment or CLI flag.
-* Accepts the parsed --no-telemetry flag value from argv.
-*/
-function isTelemetryGloballyDisabled(noTelemetryFlag) {
-	if (noTelemetryFlag) return true;
-	const env = process.env.AITCC_TELEMETRY;
-	if (env !== void 0 && env.toLowerCase() === "off") return true;
-	return false;
-}
-/**
-* Send a Tier 0 anonymous daily ping (fire-and-forget).
-*
-* Skips if:
-*   - AITCC_TELEMETRY=off or --no-telemetry flag
-*   - tier0OptOut === true in the state file
-*   - already sent today (tier0LastSent === today's ISO date)
-*
-* On success, records today's date in tier0LastSent for client-side daily dedupe.
-* The server also deduplicates server-side via KV, so this is an extra client guard.
-*/
-async function trackTier0Ping(noTelemetryFlag = false) {
-	try {
-		if (isTelemetryGloballyDisabled(noTelemetryFlag)) return;
-		if (await isTier0OptedOut()) return;
-		const today = (/* @__PURE__ */ new Date()).toISOString().slice(0, 10);
-		if (await getTier0LastSent() === today) return;
-		sendTier0Ping(TELEMETRY_ENDPOINT, VERSION);
-		await markTier0Sent(today);
-	} catch {}
-}
-/** True only on the first invocation after a fresh install. */
-async function isNewInstall() {
-	const markerPath = `${telemetryFilePath()}.install`;
-	if (existsSync(markerPath)) return false;
-	try {
-		await writeFile(markerPath, "1", { mode: 384 });
-		return true;
-	} catch {
-		return false;
-	}
-}
-/**
-* Called at CLI entry point with the resolved top-level command name.
-* Handles first-run Tier 1 consent prompt, install detection, and Tier 1 event send.
-* Fire-and-forget: do NOT await this.
-*
-* Note: Tier 0 ping is sent separately via trackTier0Ping() before this call.
-*/
-async function trackInvocation(command, noTelemetryFlag = false) {
-	try {
-		if (isTelemetryGloballyDisabled(noTelemetryFlag)) return;
-		if (isFirstRun()) await promptConsent();
-		if (await resolveEffectiveConsent() !== "granted") return;
-		if (await isNewInstall()) send(TELEMETRY_ENDPOINT, "cli_install", VERSION, {
-			platform: process.platform,
-			arch: process.arch
-		});
-		send(TELEMETRY_ENDPOINT, "cli_invoked", VERSION, { command });
-	} catch {}
-}
-const telemetryCommand = defineCommand({
-	meta: {
-		name: "telemetry",
-		description: "Manage anonymous usage telemetry."
-	},
-	subCommands: {
-		status: defineCommand({
-			meta: {
-				name: "status",
-				description: "Show current telemetry status for both Tier 0 and Tier 1."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				const [tier1Consent, tier0OptOut, tier0LastSent, anonId] = await Promise.all([
-					resolveEffectiveConsent(),
-					isTier0OptedOut(),
-					getTier0LastSent(),
-					resolveEffectiveConsent().then((c) => c === "granted" ? getOrCreateAnonId() : null)
-				]);
-				const filePath = telemetryFilePath();
-				const tier0Status = tier0OptOut ? "off (opted out)" : "on";
-				const tier0Display = tier0LastSent ? `${tier0Status}  (last sent: ${tier0LastSent})` : tier0Status;
-				if (args.json) {
-					process.stdout.write(`${JSON.stringify({
-						ok: true,
-						tier0: {
-							status: tier0OptOut ? "opted-out" : "on",
-							lastSent: tier0LastSent ?? null
-						},
-						tier1: {
-							consent: tier1Consent,
-							policyVersion: CURRENT_POLICY_VERSION,
-							...anonId ? { anonId } : {}
-						},
-						endpoint: TELEMETRY_ENDPOINT,
-						filePath
-					})}\n`);
-					return exitAfterFlush(ExitCode.Ok);
-				}
-				process.stdout.write("Telemetry status\n");
-				process.stdout.write(`  Tier 0 (anonymous daily ping): ${tier0Display}\n`);
-				process.stdout.write(`  Tier 1 (opt-in events):        ${tier1Consent}  (policyVersion: ${CURRENT_POLICY_VERSION})\n`);
-				process.stdout.write(`\nEndpoint:   ${TELEMETRY_ENDPOINT}\n`);
-				if (anonId) process.stdout.write(`Anon ID:    ${anonId}\n`);
-				process.stdout.write(`State file: ${filePath}\n`);
-				return exitAfterFlush(ExitCode.Ok);
-			}
-		}),
-		enable: defineCommand({
-			meta: {
-				name: "enable",
-				description: "Enable anonymous usage telemetry (opt-in)."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				await acceptConsent();
-				const anonId = await getOrCreateAnonId();
-				if (args.json) process.stdout.write(`${JSON.stringify({
-					ok: true,
-					consent: "granted",
-					anonId
-				})}\n`);
-				else {
-					process.stdout.write("Telemetry enabled. Thank you!\n");
-					process.stdout.write(`Anon ID: ${anonId}\n`);
-				}
-				return exitAfterFlush(ExitCode.Ok);
-			}
-		}),
-		disable: defineCommand({
-			meta: {
-				name: "disable",
-				description: "Disable anonymous usage telemetry."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				await denyConsent();
-				if (args.json) process.stdout.write(`${JSON.stringify({
-					ok: true,
-					consent: "denied"
-				})}\n`);
-				else process.stdout.write("Telemetry disabled.\n");
-				return exitAfterFlush(ExitCode.Ok);
-			}
-		}),
-		delete: defineCommand({
-			meta: {
-				name: "delete",
-				description: "Delete your telemetry data from the server and rotate the local anon_id."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				const beforeConsent = await readConsentState();
-				const ok = await deleteMyData(TELEMETRY_ENDPOINT);
-				if (args.json) process.stdout.write(`${JSON.stringify({
-					ok,
-					...ok ? {} : { reason: beforeConsent === "undecided" ? "no-data" : "server-error" }
-				})}\n`);
-				else if (ok) process.stdout.write("Deletion request sent. Your data has been removed and a new anon ID assigned.\n");
-				else if (beforeConsent === "undecided") process.stdout.write("No telemetry data to delete (telemetry was never enabled).\n");
-				else process.stderr.write("Deletion request failed. Please try again or contact the maintainers.\n");
-				return exitAfterFlush(ok || beforeConsent === "undecided" ? ExitCode.Ok : ExitCode.NetworkError);
-			}
-		}),
-		"tier0-off": defineCommand({
-			meta: {
-				name: "tier0-off",
-				description: "Permanently opt out of the Tier 0 anonymous daily ping."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				await setTier0OptOut(true);
-				if (args.json) process.stdout.write(`${JSON.stringify({
-					ok: true,
-					tier0: { status: "opted-out" }
-				})}\n`);
-				else process.stdout.write("Tier 0 anonymous ping disabled. No daily pings will be sent.\n");
-				return exitAfterFlush(ExitCode.Ok);
-			}
-		}),
-		"tier0-on": defineCommand({
-			meta: {
-				name: "tier0-on",
-				description: "Re-enable the Tier 0 anonymous daily ping after a previous tier0-off."
-			},
-			args: { json: {
-				type: "boolean",
-				description: "Emit machine-readable JSON.",
-				default: false
-			} },
-			async run({ args }) {
-				await setTier0OptOut(false);
-				if (args.json) process.stdout.write(`${JSON.stringify({
-					ok: true,
-					tier0: { status: "on" }
-				})}\n`);
-				else process.stdout.write("Tier 0 anonymous ping re-enabled.\n");
-				return exitAfterFlush(ExitCode.Ok);
-			}
-		})
-	}
-});
-//#endregion
 //#region src/github.ts
 const REPO_OWNER = "apps-in-toss-community";
 const REPO_NAME = "console-cli";
@@ -9869,6 +9317,19 @@ function sha256OfFile(path) {
 	});
 }
 //#endregion
+//#region src/version.ts
+function resolveVersion() {
+	try {
+		const injected = globalThis.AITCC_VERSION;
+		if (typeof injected === "string" && injected.length > 0) return injected;
+	} catch {}
+	try {
+		return "0.1.40";
+	} catch {}
+	return "0.0.0-dev";
+}
+const VERSION = resolveVersion();
+//#endregion
 //#region src/commands/upgrade.ts
 const execFileP = promisify(execFile);
 function isStandaloneBinary() {
@@ -11016,15 +10477,10 @@ const main = defineCommand({
 		keys: keysCommand,
 		notices: noticesCommand,
 		me: meCommand,
-		telemetry: telemetryCommand,
 		completion: completionCommand
 	}
 });
 cleanupStaleUpgradeArtifacts().catch(() => {});
-const _telemetryCmd = process.argv.slice(2).find((a) => !a.startsWith("-")) ?? "(none)";
-const _noTelemetry = process.argv.includes("--no-telemetry");
-trackTier0Ping(_noTelemetry);
-trackInvocation(_telemetryCmd, _noTelemetry);
 runMain(main);
 //#endregion
 export {};