@apicircle/core 1.0.0

package/dist/index.d.cts

@@ -0,0 +1,1801 @@
+import { BodyType, RequestAuth, Request, RequestRun, Folder, RequestBody, HttpMethod, EnvironmentVariable, Assertion, ContextExtraction, WorkspaceSynced, LinkedSnapshot, RequestOverride, EnvironmentVariableOverride, ExecutionPlan, PlanRun } from '@apicircle/shared';
+import { W as WorkspaceState, a as WorkspacePatch } from './patches-N7mvDpXn.cjs';
+export { b as WorkspacePatchKind } from './patches-N7mvDpXn.cjs';
+
+type HeaderEntry$1 = {
+    key: string;
+    value: string;
+    enabled: boolean;
+};
+declare function getContentTypeForBodyType(bodyType: BodyType): string | null;
+/**
+ * Reverse-map a Content-Type header value to a BodyType, or null if it
+ * doesn't match any known type. Strips parameters (e.g. `;charset=utf-8`)
+ * and is case-insensitive.
+ */
+declare function getBodyTypeForContentType(contentType: string): BodyType | null;
+/**
+ * Apply (or remove) the Content-Type header on a header list to match the
+ * given body type. Pure — returns a new array.
+ *
+ * - bodyType=none → strips any existing Content-Type entry.
+ * - existing Content-Type entry → updated value, preserving order.
+ * - no Content-Type entry → appended.
+ */
+declare function applyContentTypeForBodyType(headers: HeaderEntry$1[], bodyType: BodyType): HeaderEntry$1[];
+
+/**
+ * HTTP Headers dictionary — used for autocomplete in the Headers editor.
+ *
+ * Each entry maps a header name to its known values (empty array = free text).
+ * Values that depend on context (e.g. specific MIME types) provide a curated
+ * set of the most common options.
+ */
+interface HeaderEntry {
+    name: string;
+    description: string;
+    values: string[];
+    /**
+     * `browser` — Forbidden by the Fetch spec; browsers silently ignore any
+     *             attempt to set this header from JavaScript. On Desktop (native
+     *             HTTP layer) the restriction does NOT apply — the header can
+     *             still be set manually.
+     *
+     * `app`     — Automatically injected by APICircle Studio at send-time (see
+     *             autoHeaders.ts). Users can override these in the Headers tab
+     *             and their value will take precedence.
+     *
+     * Omitted   — Fully user-controlled on both Web and Desktop.
+     */
+    reserved?: 'browser' | 'app';
+    /** Short note shown in the autocomplete to explain the reservation. */
+    reservedNote?: string;
+}
+declare const HTTP_HEADERS_MAP: HeaderEntry[];
+type HeaderSuggestionMode = 'request' | 'response';
+/**
+ * Suggest header names by case-insensitive prefix. Empty prefix returns the
+ * full suggestable list; auto-fed (`reserved: 'app'`) headers are excluded.
+ * An optional `limit` caps the number of filtered (non-empty prefix) results.
+ *
+ * `mode` filters by whether the header is request- or response-side
+ * relevant. Defaults to `'request'` for back-compat with the request
+ * editor's existing call sites.
+ */
+declare function suggestHeaders(prefix: string, limit?: number, mode?: HeaderSuggestionMode): HeaderEntry[];
+/**
+ * Get the known values for a specific header name (case-insensitive).
+ * Returns an empty array when the header has no predefined values (free text).
+ */
+declare function getHeaderValues(headerName: string): string[];
+/**
+ * Returns the HeaderEntry for an exact name match, or undefined.
+ */
+declare function getHeaderEntry(headerName: string): HeaderEntry | undefined;
+
+interface AuthApplyTarget {
+    url: string;
+    method: string;
+    headers: Record<string, string>;
+    body: BodyInit | null;
+}
+interface AuthApplyOptions {
+    /**
+     * Called when applyAuth refreshes an expired OAuth2 access token. The
+     * store wires this to persist the new accessToken / refreshToken /
+     * expiresAt onto the request's auth payload — without it the refresh
+     * works for THIS request but the next request would re-refresh because
+     * the in-memory state didn't catch up.
+     */
+    onTokenRefreshed?: (auth: Extract<RequestAuth, {
+        type: 'oauth2-client-credentials';
+    } | {
+        type: 'oauth2-auth-code';
+    } | {
+        type: 'oauth2-pkce';
+    } | {
+        type: 'oauth2-password';
+    } | {
+        type: 'oauth2-implicit';
+    } | {
+        type: 'oauth2-device';
+    }>, next: {
+        accessToken: string;
+        tokenType: string;
+        refreshToken?: string;
+        expiresAt: number;
+        obtainedScope?: string;
+    }) => void | Promise<void>;
+    /**
+     * Test seam for the refresh fetch. When omitted, the global fetch is
+     * used (matching production behavior).
+     */
+    fetchImpl?: typeof fetch;
+    /**
+     * Refresh tokens when they have less than this many milliseconds left.
+     * Default: 60_000 (1 min). Set to 0 to disable proactive refresh.
+     */
+    refreshLeewayMs?: number;
+}
+interface AuthApplyResult {
+    url: string;
+    headers: Record<string, string>;
+    /**
+     * Non-fatal warnings raised while applying auth (bad JWT key, malformed
+     * payload JSON, etc). The request still goes out — usually unauthenticated
+     * — but executeRequest surfaces these to the user so they don't see a
+     * mysterious 401 with no clue why their auth config didn't apply.
+     */
+    warnings?: AuthApplyWarning[];
+}
+interface AuthApplyWarning {
+    /** Stable code so callers can match without parsing message strings. */
+    code: 'jwt-payload-json-invalid' | 'jwt-headers-json-invalid' | 'jwt-sign-failed' | 'hawk-url-invalid' | 'oauth2-refresh-failed';
+    /** Human-readable message — safe to surface in the UI. */
+    message: string;
+}
+declare function applyAuth(target: AuthApplyTarget, auth: RequestAuth, opts?: AuthApplyOptions): Promise<AuthApplyResult>;
+
+/**
+ * Auto-fed request headers — platform-specific, non-editable, not stored.
+ *
+ * These headers are injected at send-time by the execution engine:
+ *   • They are NEVER written to IndexedDB or Git remote.
+ *   • A new X-Trace-Span-Id and traceparent are generated for every send.
+ *   • They do NOT appear in the user-visible "Headers" editor tab — the
+ *     HeadersTab "Auto-fed at send" aside lists them for reference only.
+ *
+ * User-set headers always win: if the user typed `X-Client-Version` into the
+ * Headers tab, the auto value is suppressed.
+ */
+/** Canonical desktop origin used in requests (also used by the native HTTP layer). */
+declare const DESKTOP_APP_ORIGIN = "http://app.studio.apicircle.dev";
+/**
+ * Generate a random hex span-id (16 hex chars = 64 bits, compatible with
+ * W3C Trace Context `traceparent` and OpenTelemetry span-id format).
+ */
+declare function generateSpanId(): string;
+/**
+ * Generate a W3C traceparent header value.
+ * Format: 00-<trace-id (32 hex)>-<span-id (16 hex)>-01
+ */
+declare function generateTraceParent(): string;
+/**
+ * Override hooks for tests — let test code feed deterministic values
+ * for span-id / traceparent / platform without monkey-patching `crypto`.
+ * Production code never passes these.
+ */
+interface AutoHeaderOverrides {
+    spanId?: string;
+    traceparent?: string;
+    platform?: 'desktop' | 'web';
+    version?: string;
+    name?: string;
+}
+/**
+ * Returns the set of auto-fed headers for a single request execution.
+ * Call this once per send — `X-Trace-Span-Id` and `traceparent` are
+ * re-generated on every invocation.
+ *
+ * @param userHeaders The headers the user has configured so auto-headers
+ *   do NOT override anything the user has explicitly set.
+ * @param overrides Test-only override hooks; never set in production.
+ */
+declare function buildAutoHeaders(userHeaders: Record<string, string>, overrides?: AutoHeaderOverrides): Record<string, string>;
+/**
+ * Merge auto-headers into user headers. User-defined values always win —
+ * auto-headers only fill gaps.
+ */
+declare function mergeWithAutoHeaders(userHeaders: Record<string, string>, overrides?: AutoHeaderOverrides): Record<string, string>;
+
+interface BuiltRequest {
+    url: string;
+    method: string;
+    headers: Record<string, string>;
+    body: BodyInit | null;
+    /**
+     * Non-fatal warnings raised by applyAuth (bad JWT key, malformed
+     * payload JSON, etc). executeRequest forwards these into
+     * `ExecutionResult.authWarnings` so the UI can surface them alongside
+     * the response — without them, a misconfigured JWT silently produces
+     * a 401 with no clue why.
+     */
+    authWarnings: AuthApplyWarning[];
+}
+/**
+ * Resolves an attachment slotId to a Blob (with filename for form-data).
+ * The host (UI layer) reads this from its IndexedDB attachments store.
+ * Returns null when the attachment is missing — composeBody treats missing
+ * attachments as empty fields rather than throwing.
+ */
+type AttachmentResolver = (slotId: string) => Promise<{
+    blob: Blob;
+    filename: string;
+} | null>;
+/**
+ * Split a typed URL into the base part (everything before `?`) and a
+ * structured query-row list. Used by the editor's URL input to keep the
+ * URL field and the Query Params sub-tab in sync — when the user types or
+ * pastes `?key=val`, the rows surface in the Params list automatically.
+ *
+ * Variable references like `{{NAME}}` in keys or values are preserved
+ * verbatim — they stay templated and resolve at send time. We use
+ * permissive splitting (split on `&` then on the first `=`) rather than
+ * `URLSearchParams` because URLSearchParams percent-decodes `{{` into `{{`
+ * fine but also collapses whitespace and strips empty keys, which fights
+ * the user's intent during in-progress typing.
+ */
+declare function parseUrlQuery(rawUrl: string): {
+    base: string;
+    query: Array<{
+        key: string;
+        value: string;
+        enabled: boolean;
+    }>;
+};
+/**
+ * Inverse of `parseUrlQuery`. Renders the structured query rows back into a
+ * URL-bar-friendly string, skipping disabled or empty-key rows. Values are
+ * left as-is (no double-encoding) — `composeUrl` runs at send time and
+ * handles wire encoding properly.
+ */
+declare function composeUrlWithQuery(base: string, query: ReadonlyArray<{
+    key: string;
+    value: string;
+    enabled: boolean;
+}>): string;
+/** Extract the placeholder names appearing in a URL, in document order, deduped. */
+declare function findPathPlaceholders(rawUrl: string): string[];
+/**
+ * Substitute `:name` and `{name}` placeholders in a URL's path with the
+ * matching values from `pathParams`. The query string passes through
+ * untouched — a `{{var}}` in there is a variable reference, not a path
+ * placeholder. Missing keys substitute to empty string; the Editor surfaces
+ * unbound placeholders as a UI warning, not a runtime error.
+ */
+declare function applyPathParams(rawUrl: string, pathParams: Record<string, string>): string;
+/**
+ * Build a `Cookie` header value from a list of name/value pairs. Skips
+ * disabled or empty-key rows. Returns the empty string when nothing applies.
+ * Per RFC 6265, cookie values may not contain CTL chars or `;` (which is the
+ * row separator) — we strip CTLs and also strip `;` from values to keep the
+ * row framing intact when a {{var}} resolves to something containing one.
+ */
+declare function composeCookieHeader(rows: ReadonlyArray<{
+    key: string;
+    value: string;
+    enabled: boolean;
+}>): string;
+declare function composeUrl(rawUrl: string, params: ReadonlyArray<{
+    key: string;
+    value: string;
+    enabled: boolean;
+}>): string;
+declare function composeHeaders(rows: ReadonlyArray<{
+    key: string;
+    value: string;
+    enabled: boolean;
+}>): Record<string, string>;
+/**
+ * Serialize a request body for fetch(). Async because form-data and binary
+ * may need to read attachment blobs from the host's storage layer.
+ */
+declare function composeBody(body: Request['body'], resolveAttachment?: AttachmentResolver): Promise<BodyInit | null>;
+interface BuildRequestOptions {
+    resolveAttachment?: AttachmentResolver;
+    /**
+     * applyAuth options — most importantly the `onTokenRefreshed`
+     * callback that lets the store persist refreshed OAuth2 tokens.
+     * Forwarded as-is.
+     */
+    authOptions?: AuthApplyOptions;
+    /**
+     * Test-only override hooks for the auto-fed headers. Lets specs feed
+     * deterministic values for `X-Trace-Span-Id`, `traceparent`, and
+     * `X-Client-Platform`. Production callers omit this.
+     */
+    autoHeaderOverrides?: AutoHeaderOverrides;
+}
+declare function buildRequest(req: Request, opts?: BuildRequestOptions): Promise<BuiltRequest>;
+
+/**
+ * Detect whether the host is the APICircle Studio Desktop shell.
+ *
+ * The Electron preload script attaches a bridge object on `globalThis.apicircleDesktop`
+ * (see `apps/desktop/src/main/preload.ts`). The web app exposes nothing, so a
+ * presence check is sufficient — we don't need to inspect the bridge's shape.
+ */
+declare function isDesktop(): boolean;
+
+interface ResolutionScope {
+    contextVars: Record<string, string>;
+    activeEnv: Record<string, string>;
+    priorityEnvs: Array<Record<string, string>>;
+    secrets: Record<string, string>;
+}
+interface ResolveResult {
+    value: string;
+    /** Names that were referenced but not found in any scope. */
+    missing: string[];
+}
+declare function lookup(scope: ResolutionScope, name: string): string | undefined;
+/**
+ * Replace every `{{NAME}}` in `input` with its resolved value. Unknown names
+ * are left as-is in the output (so the user can see which placeholder didn't
+ * resolve) and reported via `missing`.
+ */
+declare function resolveString(input: string, scope: ResolutionScope): ResolveResult;
+/**
+ * Resolve placeholders in every string value of an object (one level deep).
+ * Used for header / param row arrays — both keys and values are resolved.
+ * Returns a flat list of all missing names across the inputs.
+ */
+declare function resolveStringMap(obj: Record<string, string>, scope: ResolutionScope): {
+    result: Record<string, string>;
+    missing: string[];
+};
+/**
+ * Build a ResolutionScope from a Workspace + a per-request context-vars
+ * list. Optional plan-level priority overrides take precedence over the
+ * workspace's global priority order.
+ *
+ * `secrets` is passed in already-decrypted because resolveString runs
+ * synchronously — decryption happens once before send.
+ */
+declare function buildScope(args: {
+    contextVars: ReadonlyArray<{
+        key: string;
+        value: string;
+    }>;
+    environments: Record<string, Record<string, string>>;
+    activeEnvName: string | null;
+    priorityOrder: string[];
+    secrets?: Record<string, string>;
+}): ResolutionScope;
+type VariableSource = 'context' | 'active-env' | 'priority-env' | 'secret';
+interface VariableSuggestion {
+    key: string;
+    source: VariableSource;
+    /** Display-only — secrets always show as the placeholder string. */
+    preview: string;
+}
+/**
+ * Walk a ResolutionScope in precedence order and produce one suggestion
+ * per unique key. Used by the editor's `{{` autocomplete and Monaco's
+ * completion provider.
+ */
+declare function collectVariableSuggestions(scope: ResolutionScope): VariableSuggestion[];
+/**
+ * Suggestions to show given a cursor position inside a text field. Returns
+ * `null` when the cursor isn't inside an open `{{ … }}` token, so callers
+ * can hide the popup. When inside a token, returns matches filtered by the
+ * partial token text.
+ */
+declare function getVariableAutocomplete(text: string, cursorPosition: number, scope: ResolutionScope): VariableSuggestion[] | null;
+
+interface PreSendWarning {
+    kind: 'unresolved-variable' | 'unbound-path-param' | 'content-type-mismatch' | 'url-embedded-credentials';
+    message: string;
+}
+interface PreSendBlocker {
+    kind: 'auth-fields-missing' | 'unparseable-url' | 'empty-url';
+    message: string;
+}
+interface PreSendValidationResult {
+    warnings: PreSendWarning[];
+    blockers: PreSendBlocker[];
+}
+/** Inputs to the validator — the request + resolution scope. */
+interface PreSendValidationInput {
+    request: Request;
+    scope: ResolutionScope;
+}
+declare function preSendValidation({ request, scope, }: PreSendValidationInput): PreSendValidationResult;
+
+interface ExecutionResult {
+    startedAt: string;
+    durationMs: number;
+    status: number | null;
+    ok: boolean;
+    statusText: string;
+    headers: Record<string, string>;
+    body: string;
+    bodyKind: 'json' | 'text' | 'binary' | 'empty';
+    error?: string;
+    url: string;
+    method: string;
+    /**
+     * Non-fatal warnings from applyAuth (e.g. malformed JWT key, bad
+     * payload JSON). Empty array when auth applied cleanly. UI surfaces
+     * these alongside the response so users can see WHY their request
+     * went out unauthenticated.
+     */
+    authWarnings: AuthApplyWarning[];
+    /**
+     * True when the response body exceeded `MAX_RESPONSE_BODY_BYTES` and we
+     * stopped reading. The `body` field still contains the prefix we did
+     * read — callers should render a "Response truncated at X MB" badge.
+     * Omitted when the body was read in full.
+     */
+    responseTruncated?: boolean;
+}
+interface ExecuteOptions {
+    fetchImpl?: typeof fetch;
+    timeoutMs?: number | null;
+    signal?: AbortSignal;
+    resolveAttachment?: AttachmentResolver;
+    /**
+     * applyAuth options — `onTokenRefreshed` is the important one for
+     * production: the store wires it to persist refreshed OAuth2 tokens
+     * back into `RequestAuth` so subsequent sends see the new state.
+     */
+    authOptions?: AuthApplyOptions;
+    /**
+     * Test-only override hooks for the auto-fed headers. Lets specs feed
+     * deterministic values for `X-Trace-Span-Id`, `traceparent`, etc.
+     * Production callers omit this.
+     */
+    autoHeaderOverrides?: AutoHeaderOverrides;
+}
+/**
+ * Execute a request through the browser's fetch (or an injected impl for
+ * tests). Returns a flat ExecutionResult — never throws for HTTP errors.
+ * Network failures and timeouts are captured into result.error with status=null.
+ *
+ * Challenge-driven auth (Digest, NTLM) is handled here: when the first
+ * fetch returns 401 with a recognized `WWW-Authenticate` scheme, we
+ * compute the response header and re-fetch once. NTLM further requires a
+ * second retry to send the Type-3 Authenticate after the Type-2
+ * Challenge — that's transparent to the caller, the returned result
+ * reflects the FINAL response.
+ */
+declare function executeRequest(req: Request, opts?: ExecuteOptions): Promise<ExecutionResult>;
+
+/**
+ * Adapt a stored `RequestRun` into the `ExecutionResult` shape that
+ * `ResponseViewer` consumes. `RequestRun` is the persisted, post-mortem
+ * record (kept on `WorkspaceLocal.history` and capped); `ExecutionResult`
+ * is the live in-flight value the editor receives. Both expose the same
+ * conceptual fields, so the History and Execution detail views can lean
+ * on the same renderer instead of forking the layout.
+ *
+ * The body is `responseBodyPreview` (already capped by
+ * `RUN_BODY_PREVIEW_LIMIT`); the editor will show a truncation hint when
+ * `RequestRun.responseTruncated` is true.
+ */
+declare function requestRunToExecutionResult(run: RequestRun): ExecutionResult;
+
+/**
+ * HTTP Digest Access Authentication (RFC 7616, supersedes RFC 2617).
+ *
+ * Digest is a challenge-response scheme: the client makes a request, the
+ * server responds 401 with `WWW-Authenticate: Digest ...`, and the client
+ * retries with `Authorization: Digest ...` carrying a hash of the
+ * credentials + the server-supplied nonce. This module owns the parsing
+ * of the challenge directives and the construction of the response
+ * header. The challenge round-trip itself lives in `executeRequest` —
+ * it's the engine's job to fire the first request, see the 401, call
+ * back here, and re-send.
+ *
+ * Algorithm support: MD5 (default), MD5-sess, SHA-256, SHA-256-sess,
+ * SHA-512-256, and the `-sess` variants. MD5 is required for interop
+ * with the long tail of legacy servers; the implementation is in the
+ * private `_legacyHashes` module so the rest of the codebase doesn't
+ * grow new MD5 callsites.
+ */
+interface DigestChallenge {
+    realm: string;
+    nonce: string;
+    /** Comma-separated list per RFC 7616; the first one we recognize wins. */
+    qop?: string;
+    opaque?: string;
+    algorithm?: string;
+    /** Server-supplied opaque token returned verbatim in the response. */
+    domain?: string;
+    /** Stale=true means the previous nonce expired but credentials are still valid. */
+    stale?: string;
+    /** Any directives we don't model end up here for diagnostics. */
+    [extra: string]: string | undefined;
+}
+/**
+ * Parse the value of a `WWW-Authenticate: Digest ...` header into its
+ * directives. The header may appear with or without the `Digest ` prefix
+ * (callers sometimes strip it); both forms work.
+ *
+ * Quoted values have the surrounding quotes removed; unquoted values are
+ * taken as-is up to the next comma or whitespace. Unknown directives are
+ * preserved on the returned object so diagnostics can surface them.
+ */
+declare function parseDigestChallenge(header: string): DigestChallenge;
+interface BuildDigestArgs {
+    method: string;
+    /** Request URI as it appears on the wire (path + query, not the full URL). */
+    uri: string;
+    username: string;
+    password: string;
+    challenge: DigestChallenge;
+    /**
+     * Override for the client nonce. If omitted, 16 random hex chars are
+     * generated via `crypto.getRandomValues`. Tests pass a fixed value to
+     * make the resulting header deterministic.
+     */
+    cnonce?: string;
+    /**
+     * Nonce-count, per RFC 7616 §3.4. Each request reusing the same server
+     * nonce should bump nc; we default to 1 because the engine clears the
+     * stored challenge when the server rotates the nonce. 8 hex chars,
+     * lowercase.
+     */
+    nc?: string;
+    /**
+     * Body for `qop=auth-int` (entity-body hash). Ignored for `qop=auth`.
+     * Strings, `Uint8Array`, `ArrayBuffer`, and `Blob` are all hashable;
+     * if `null`/`undefined` we still emit auth-int but with the empty-body
+     * hash. FormData / ReadableStream callers should serialize first
+     * (auth-int requires the EXACT bytes the server will see).
+     */
+    entityBody?: string | Uint8Array | ArrayBuffer | Blob | null;
+}
+/**
+ * Build the `Authorization: Digest ...` header value (without the
+ * `Authorization:` prefix — caller prepends it).
+ *
+ * Returns a string ready to put on the wire. Throws when the challenge
+ * specifies an algorithm we don't support; the engine should surface
+ * that as a "this server's auth scheme isn't supported yet" error
+ * rather than retrying forever.
+ */
+declare function buildDigestAuthHeader(args: BuildDigestArgs): Promise<string>;
+
+/**
+ * Build the Type-1 Negotiate message, base64-encoded for use as
+ * `Authorization: NTLM <value>`. Sent by the client to advertise its
+ * capabilities and trigger the server's challenge response.
+ */
+declare function buildNtlmType1Negotiate(domain: string, workstation: string): string;
+interface NtlmType2Challenge {
+    /** 8-byte server challenge nonce. */
+    challenge: Uint8Array;
+    /**
+     * Variable-length AV_PAIR target-info block. Echoed verbatim in the
+     * Type-3 NTLMv2 blob so the server can verify the response.
+     */
+    targetInfo: Uint8Array;
+    /**
+     * Original raw bytes of the entire Type-2 message — required when the
+     * caller wants to compute a MIC over `Type1 || Type2 || Type3` per
+     * [MS-NLMP] §3.1.5.1.2. Set automatically by `parseNtlmType2Challenge`.
+     * Optional so callers constructing the challenge literal in tests can
+     * skip it; MIC computation needs the parser-produced form.
+     */
+    rawBytes?: Uint8Array;
+}
+/**
+ * Parse the Type-2 Challenge message extracted from the server's
+ * `WWW-Authenticate: NTLM <base64>` reply. Returns the server challenge
+ * + target info bytes that feed into Type-3 construction.
+ */
+declare function parseNtlmType2Challenge(base64: string): NtlmType2Challenge;
+interface BuildNtlmType3Args {
+    username: string;
+    password: string;
+    domain: string;
+    workstation: string;
+    challenge: NtlmType2Challenge;
+    /** Override for the 8-byte client challenge — tests pass a fixed value. */
+    clientChallenge?: Uint8Array;
+    /** Override for the timestamp (ms since epoch) — tests pass a fixed value. */
+    timestampMs?: number;
+    /**
+     * Raw bytes of the Type-1 Negotiate message we sent in the previous
+     * round. When BOTH this and `type2Message` are provided, we emit a
+     * 16-byte MIC at offset 72 of the Type-3 message and set MsvAvFlags
+     * bit 0x2 in the AV_PAIR target info — required by hardened Win Server
+     * 2019+ AD configurations per [MS-NLMP] §3.1.5.1.2. When either is
+     * absent we preserve the legacy "no MIC" layout for back-compat with
+     * older servers that reject the longer header.
+     */
+    type1Message?: Uint8Array;
+    /** Raw bytes of the Type-2 Challenge message — paired with `type1Message`. */
+    type2Message?: Uint8Array;
+}
+/**
+ * Build the Type-3 Authenticate message (NTLMv2). Computes the NTLMv2
+ * hash, the NTProofStr (HMAC-MD5 over server-challenge + blob), and
+ * packs everything into the binary message format. Returns base64 for
+ * use as `Authorization: NTLM <value>`.
+ */
+declare function buildNtlmType3Authenticate(args: BuildNtlmType3Args): string;
+
+/**
+ * Hawk authentication scheme (https://github.com/mozilla/hawk).
+ *
+ * Hawk uses an HMAC of a normalized request string keyed by a shared
+ * secret. Unlike Digest / NTLM there's no challenge round-trip — every
+ * request is signed independently using:
+ *
+ *   normalized = "hawk.1.header\n{ts}\n{nonce}\n{METHOD}\n{path?query}\n
+ *                 {host-lc}\n{port}\n{payload-hash}\n{ext}\n"
+ *   mac        = base64(HMAC-{algorithm}(secret, normalized))
+ *
+ * We default to SHA-256 (the modern recommendation); SHA-1 is supported
+ * for interop with legacy Hawk servers. Body-payload hashing is a future
+ * extension — for now we always pass an empty payload-hash, which the
+ * server must verify by setting `Hash: ""` or skipping payload validation.
+ */
+interface HawkSignArgs {
+    method: string;
+    /**
+     * Full request URL — we extract scheme/host/port/path/query from this
+     * since the normalized string needs lowercase host + numeric port.
+     */
+    url: string;
+    hawkId: string;
+    hawkKey: string;
+    algorithm?: 'sha256' | 'sha1';
+    /**
+     * Override for the timestamp (Unix seconds). Tests pass a fixed value;
+     * production callers either omit (use `Date.now()`) or apply
+     * `timestampOffset` to compensate for client-server clock skew.
+     */
+    timestamp?: number;
+    /**
+     * 8 hex chars by default; tests pass a fixed value. The server tracks
+     * (id, ts, nonce) tuples to detect replay, so even fixed tests are
+     * one-shot.
+     */
+    nonce?: string;
+    /** Optional `app=` and `dlg=` directives for delegated requests. */
+    app?: string;
+    delegation?: string;
+    /** Optional `ext=` directive for application-specific data. */
+    ext?: string;
+    /**
+     * Optional payload + content-type for body-binding. When present, the
+     * normalized request string includes a `hash=BASE64(H(payload))` line
+     * AND we emit a `hash="…"` directive in the Authorization header.
+     * Servers configured with body-binding reject requests that lack this;
+     * leaving the field undefined preserves the prior behavior (server
+     * must accept body-less signing).
+     */
+    payload?: {
+        body: string | ArrayBuffer | Uint8Array;
+        contentType: string;
+    };
+}
+declare function buildHawkAuthHeader(args: HawkSignArgs): Promise<string>;
+
+/**
+ * AWS Signature Version 4 — request signing for AWS APIs.
+ *
+ * SigV4 is per-request HMAC chain over a canonical-request string. The
+ * server (or a STS-issued temporary credentials provider) verifies the
+ * signature using the same algorithm, so request integrity is end-to-end
+ * without any callback / handshake.
+ *
+ *   canonical = METHOD\nPATH\nQUERY\nHEADERS\nSIGNED_HEADERS\nPAYLOAD_HASH
+ *   stringToSign = "AWS4-HMAC-SHA256\n{amzDate}\n{credScope}\n{sha256(canonical)}"
+ *   kSigning = HMAC(HMAC(HMAC(HMAC("AWS4{secret}", date), region), service), "aws4_request")
+ *   signature = hex(HMAC(kSigning, stringToSign))
+ *
+ * Two delivery modes:
+ *  - `header`: sets `Authorization: AWS4-HMAC-SHA256 Credential=..., SignedHeaders=..., Signature=...`
+ *  - `query`: rewrites the URL with `X-Amz-*` query params (presigned URL).
+ *
+ * Body hashing only runs in `header` mode (presigned URLs always
+ * advertise `UNSIGNED-PAYLOAD`). Streaming / chunked bodies fall through
+ * to `UNSIGNED-PAYLOAD` because we'd otherwise have to buffer the entire
+ * stream before signing.
+ */
+/**
+ * Body shapes we can hash for SigV4 payload signing. Anything we can't
+ * read as bytes synchronously goes to `UNSIGNED-PAYLOAD` — AWS accepts
+ * that as long as `x-amz-content-sha256: UNSIGNED-PAYLOAD` is in the
+ * signed headers. ReadableStream falls into this bucket since draining
+ * it before signing would consume the body before fetch can send it.
+ */
+type SigV4Body = string | ArrayBuffer | Uint8Array | Blob | URLSearchParams | FormData | ReadableStream<Uint8Array> | null | undefined;
+interface SigV4SignArgs {
+    method: string;
+    url: string;
+    /** Existing request headers — passed through and merged with SigV4 additions. */
+    headers: Record<string, string>;
+    /**
+     * Body for payload hashing. `string`, `ArrayBuffer`, `Uint8Array`,
+     * `Blob`, and `URLSearchParams` are hashed verbatim. `FormData` and
+     * `ReadableStream` fall through to `UNSIGNED-PAYLOAD` — AWS accepts
+     * that signing mode and many AWS SDKs default to it for streaming.
+     */
+    body?: SigV4Body;
+    accessKeyId: string;
+    secretAccessKey: string;
+    region: string;
+    service: string;
+    /** STS-issued session token; copied to `X-Amz-Security-Token`. */
+    sessionToken?: string;
+    /** Where to put the signature — header (default) or query (presigned URL). */
+    addTo?: 'header' | 'query';
+    /**
+     * S3 specifically does NOT collapse double slashes or normalize dot
+     * segments — it treats `bucket/foo//bar` as a different object from
+     * `bucket/foo/bar`. Set true when `service: 's3'` to preserve the
+     * raw path. Default false (matches non-S3 services like execute-api).
+     *
+     * If you don't pass this and `service === 's3'`, we auto-enable it —
+     * the common case for S3 callers is "preserve my path exactly".
+     */
+    preservePathSlashes?: boolean;
+    /**
+     * Override `now` for tests. The amz-date stamp must be the SAME instant
+     * used to build the credential scope, so we capture once.
+     */
+    now?: Date;
+}
+interface SigV4SignResult {
+    url: string;
+    headers: Record<string, string>;
+}
+declare function applyAwsSigV4(args: SigV4SignArgs): Promise<SigV4SignResult>;
+
+/**
+ * JWT (RFC 7519) signing — Bearer token generation.
+ *
+ * This is the "self-signed assertion" variant of `jwt-bearer` auth: the
+ * client mints a JWT signed with its own key, then sends it as
+ * `Authorization: Bearer <jwt>`. Different from OAuth2 JWT-bearer flow
+ * (RFC 7523) where the JWT is exchanged at a token endpoint for an
+ * access token — that flow goes through `auth/oauth2/grants.ts` and
+ * uses this signer to mint the assertion.
+ *
+ * Algorithms:
+ *  - HS256 / HS384 / HS512: HMAC with shared secret (most common).
+ *  - RS256 / RS384 / RS512: RSA-SHA — caller supplies a private key
+ *    in PKCS#8 PEM. Imported via `crypto.subtle.importKey`.
+ *  - ES256 / ES384 / ES512: ECDSA-P256/384/521 — same PKCS#8 path.
+ *  - **none**: refused. Always reject `alg: "none"` regardless of caller
+ *    intent — RFC 8725 §3.1 calls this out as the canonical JWT mistake.
+ *
+ * The header `typ` defaults to `"JWT"`; callers can override via the
+ * `additionalHeaders` arg to set e.g. `kid` for key discovery.
+ */
+type JwtAlgorithm = 'HS256' | 'HS384' | 'HS512' | 'RS256' | 'RS384' | 'RS512' | 'PS256' | 'PS384' | 'PS512' | 'ES256' | 'ES384' | 'ES512' | 'EdDSA';
+interface JwtSignArgs {
+    /** Signing algorithm — must match the key material in `secretOrKey`. */
+    algorithm: JwtAlgorithm;
+    /**
+     * Shared secret for HMAC (HS256/384/512) or PEM-encoded PKCS#8
+     * private key for RSA / ECDSA. For HMAC, plain UTF-8 strings work;
+     * for asymmetric, the PEM must include the BEGIN/END markers.
+     */
+    secretOrKey: string;
+    /** Token claims. `iat` is auto-added when missing; `exp` is left to the caller. */
+    payload: Record<string, unknown>;
+    /** Extra header fields beyond `alg` and `typ` (e.g. `kid`, `cty`). */
+    additionalHeaders?: Record<string, unknown>;
+}
+declare function signJwt(args: JwtSignArgs): Promise<string>;
+
+/**
+ * PKCE (Proof Key for Code Exchange — RFC 7636) primitives.
+ *
+ * Authorization-code grant adds a `code_verifier` (43–128 random URL-safe
+ * chars) generated on the client. The auth request carries a derived
+ * `code_challenge` (either the verifier itself for `plain`, or
+ * `BASE64URL(SHA-256(verifier))` for `S256`); the token-exchange request
+ * carries the verifier itself. The server confirms `H(verifier) === challenge`
+ * before issuing tokens, neutralizing intercepted authorization codes.
+ *
+ * S256 is the only method we recommend; `plain` exists in the spec for
+ * environments without SHA-256 (basically none today). We support both
+ * because some legacy IdPs still negotiate `plain` even when S256 is
+ * available.
+ */
+/**
+ * Generate a fresh PKCE code verifier — 43..128 random characters from
+ * the unreserved URL set (RFC 3986 §2.3). Default length is 64, well
+ * inside the spec's allowed range.
+ *
+ * Sampling is uniform: we mask each random byte with `& 0x3f` to project
+ * onto exactly 64 alphabet positions, so every alphabet character is
+ * equally likely. The earlier `% 66` implementation introduced a small
+ * but measurable modulo bias.
+ */
+declare function generateCodeVerifier(length?: number): string;
+type PkceMethod = 'S256' | 'plain';
+/**
+ * Compute the `code_challenge` that pairs with a verifier. The browser's
+ * SubtleCrypto handles SHA-256; for `plain` we just echo the verifier.
+ */
+declare function computeCodeChallenge(verifier: string, method?: PkceMethod): Promise<string>;
+
+/**
+ * The single token-endpoint client used by every OAuth2 grant.
+ *
+ * RFC 6749 §4 endpoints accept `application/x-www-form-urlencoded` with
+ * `grant_type` plus grant-specific fields. Client credentials may go in
+ * the Authorization header (`client_secret_basic`) or the body
+ * (`client_secret_post`); some IdPs only accept one or the other, so the
+ * caller picks via `clientAuthMethod`.
+ *
+ * On success the IdP returns:
+ *
+ *   { access_token, token_type, expires_in?, refresh_token?, scope? }
+ *
+ * On failure (RFC 6749 §5.2):
+ *
+ *   { error, error_description?, error_uri? }   with HTTP 400/401
+ *
+ * We surface the failure as an Error whose `.message` includes both
+ * `error` and `error_description` so the UI can show "invalid_grant: bad
+ * code" without parsing JSON itself. The structured response is also
+ * attached to `.cause` for callers who need to dispatch on `error_code`
+ * (e.g. device flow's `authorization_pending` / `slow_down` cases).
+ */
+interface OAuth2TokenResponse {
+    accessToken: string;
+    tokenType: string;
+    expiresIn?: number;
+    refreshToken?: string;
+    scope?: string;
+    /** Captured raw response — useful for OpenID Connect `id_token` etc. */
+    raw: Record<string, unknown>;
+}
+interface OAuth2ErrorResponse {
+    error: string;
+    errorDescription?: string;
+    errorUri?: string;
+    /** HTTP status the IdP returned (400, 401, 403, …). */
+    status: number;
+    /** Captured raw body — useful for diagnostics and grant-specific dispatch. */
+    raw: Record<string, unknown>;
+}
+/**
+ * Pre-signed client-assertion JWT for `private_key_jwt` client
+ * authentication (RFC 7521 §4.2 / RFC 7523 §2.2). The auth tab signs
+ * the assertion locally via `signJwt` and passes it here; we add the
+ * required `client_assertion` + `client_assertion_type` body fields.
+ * Used in place of `clientSecret` — the IdP verifies the assertion
+ * against the registered public key.
+ */
+interface ClientAssertion {
+    /** The signed JWT (header.payload.signature) — output of `signJwt`. */
+    jwt: string;
+    /** RFC 7523 mandates this exact value. Other types exist (e.g. SAML2) but aren't used here. */
+    type?: string;
+}
+interface FetchOAuth2TokenArgs {
+    tokenUrl: string;
+    /**
+     * Grant-specific body fields. `grant_type` MUST be set by the caller —
+     * this helper doesn't infer it. Value type is `URLSearchParams` so the
+     * caller controls the exact wire format and can reuse the same body
+     * for retry / refresh paths.
+     */
+    body: URLSearchParams;
+    clientId: string;
+    /**
+     * Confidential clients only. Public clients (PKCE in a SPA) leave this
+     * undefined — the IdP recognizes the client by id alone.
+     */
+    clientSecret?: string;
+    /**
+     * Where to put the client credentials. `header` = HTTP Basic with
+     * `id:secret`. `body` = `client_id` + `client_secret` URL-form fields.
+     * Defaults to `header` (the RFC's preferred method).
+     *
+     * Ignored when `clientAssertion` is set — assertion takes precedence
+     * because mixing both is a misconfiguration the server will reject.
+     */
+    clientAuthMethod?: 'header' | 'body';
+    /**
+     * Optional `private_key_jwt` style client authentication. When set,
+     * the body carries `client_assertion` + `client_assertion_type` and
+     * `clientSecret` is NOT sent. Used by Azure AD, GCP, and any IdP
+     * that prefers signed assertions over shared secrets.
+     */
+    clientAssertion?: ClientAssertion;
+    /** Optional extra parameters appended to the body — IdP-specific knobs. */
+    extraParams?: Record<string, string>;
+    /** Override fetch for tests / desktop bridge. */
+    fetchImpl?: typeof fetch;
+    /** Per-call abort. Composed with the global request signal upstream. */
+    signal?: AbortSignal;
+}
+/**
+ * OAuth2 token endpoint failure. The structured `errorBody` carries the
+ * error code (`invalid_grant`, `authorization_pending`, etc) plus
+ * `error_description` / `error_uri` and the HTTP status — callers can
+ * dispatch on `errorBody.error` for grant-specific behavior (device
+ * flow's `authorization_pending` / `slow_down`, refresh re-auth, etc).
+ *
+ * Naming note: we deliberately don't shadow the standard `Error.cause`
+ * field. Callers using TypeScript can still use `instanceof` + the
+ * `errorBody` accessor; callers reading the `cause` property get the
+ * standard "what was the original exception" semantics.
+ */
+declare class OAuth2TokenError extends Error {
+    readonly errorBody: OAuth2ErrorResponse;
+    constructor(errorBody: OAuth2ErrorResponse);
+}
+declare function fetchOAuth2Token(args: FetchOAuth2TokenArgs): Promise<OAuth2TokenResponse>;
+
+/**
+ * Per-grant OAuth2 runners. Each function POSTs to the token endpoint
+ * with the body shape RFC 6749 specifies for that grant, and returns a
+ * normalized `OAuth2TokenResponse`. Callbacks (browser redirects to
+ * `redirect_uri?code=...`) and device-code polling intervals are the
+ * caller's job — these runners ONLY exchange.
+ *
+ * Refresh handling is in `refreshToken()` rather than per-grant: the
+ * refresh-token grant is identical regardless of which grant minted the
+ * original token.
+ */
+
+type ClientAuthMethod = 'header' | 'body';
+type FetchImpl = typeof fetch;
+interface ClientCredentialsArgs {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret: string;
+    scope?: string;
+    clientAuthMethod?: ClientAuthMethod;
+    extraParams?: Record<string, string>;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+}
+/** RFC 6749 §4.4 — machine-to-machine, no user. */
+declare function runClientCredentials(args: ClientCredentialsArgs): Promise<OAuth2TokenResponse>;
+interface RopcArgs {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret?: string;
+    username: string;
+    password: string;
+    scope?: string;
+    clientAuthMethod?: ClientAuthMethod;
+    extraParams?: Record<string, string>;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+}
+/**
+ * RFC 6749 §4.3 — Resource Owner Password Credentials. Marked DEPRECATED
+ * in OAuth 2.1; we support it because legacy IdPs still require it for
+ * specific testing / migration scenarios. The auth panel surfaces a
+ * warning banner about the deprecation.
+ */
+declare function runRopc(args: RopcArgs): Promise<OAuth2TokenResponse>;
+interface AuthCodeExchangeArgs {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret?: string;
+    /** The `code` value the IdP redirected back with. */
+    code: string;
+    /** Must match the redirect_uri sent in the initial /authorize request. */
+    redirectUri: string;
+    clientAuthMethod?: ClientAuthMethod;
+    extraParams?: Record<string, string>;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+}
+/** RFC 6749 §4.1 — Authorization Code grant. */
+declare function exchangeAuthCode(args: AuthCodeExchangeArgs): Promise<OAuth2TokenResponse>;
+interface PkceExchangeArgs extends AuthCodeExchangeArgs {
+    /** The verifier we generated when constructing the auth URL. */
+    codeVerifier: string;
+}
+/**
+ * RFC 7636 — Authorization Code with PKCE. Same body as plain auth-code
+ * plus `code_verifier`. clientSecret is optional (public clients omit it).
+ */
+declare function exchangePkce(args: PkceExchangeArgs): Promise<OAuth2TokenResponse>;
+interface DeviceAuthorizationResponse {
+    deviceCode: string;
+    userCode: string;
+    verificationUri: string;
+    /** Optional convenience URI with the user_code already embedded. */
+    verificationUriComplete?: string;
+    /** Seconds the device should poll the token endpoint. */
+    interval: number;
+    /** Seconds before deviceCode expires. */
+    expiresIn: number;
+    raw: Record<string, unknown>;
+}
+interface DeviceAuthorizationArgs {
+    deviceAuthorizationUrl: string;
+    clientId: string;
+    clientSecret?: string;
+    scope?: string;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+}
+/**
+ * RFC 8628 §3.1 — Device Authorization Request. Returns the device_code
+ * + user_code so the caller can show the user_code + verification URI to
+ * a human, then poll the token endpoint with `pollDeviceFlow`.
+ */
+declare function requestDeviceAuthorization(args: DeviceAuthorizationArgs): Promise<DeviceAuthorizationResponse>;
+interface PollDeviceFlowArgs {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret?: string;
+    deviceCode: string;
+    /** Initial poll interval in seconds. Bumped to `interval + 5` on `slow_down`. */
+    intervalSeconds: number;
+    /** Max overall wait. When elapsed, throws an `OAuth2TokenError` of error="expired_token". */
+    maxWaitMs?: number;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+    /**
+     * Optional progress callback fired on every poll cycle. UI uses this
+     * to update the visible "still waiting…" indicator and tick down the
+     * remaining time. Receives `{ pollCount, elapsedMs, lastError }` —
+     * `lastError` is set when the IdP responded `slow_down` so the UI
+     * can hint the user to wait.
+     */
+    onPoll?: (info: {
+        pollCount: number;
+        elapsedMs: number;
+        lastError?: string;
+    }) => void;
+    /** Test seam — overrides `setTimeout` / `Date.now` for fake clocks. */
+    scheduler?: {
+        sleep: (ms: number) => Promise<void>;
+        now: () => number;
+    };
+}
+/**
+ * RFC 8628 §3.4 — poll the token endpoint until the user authorizes the
+ * device, then return the token. Honors `authorization_pending` /
+ * `slow_down` / `access_denied` / `expired_token`.
+ */
+declare function pollDeviceFlow(args: PollDeviceFlowArgs): Promise<OAuth2TokenResponse>;
+interface RefreshTokenArgs {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret?: string;
+    refreshToken: string;
+    /** Some IdPs require the original scope on refresh. */
+    scope?: string;
+    clientAuthMethod?: ClientAuthMethod;
+    extraParams?: Record<string, string>;
+    fetchImpl?: FetchImpl;
+    signal?: AbortSignal;
+}
+/**
+ * RFC 6749 §6 — refresh a previously obtained token. Identical wire
+ * shape regardless of the grant that minted the original token; the
+ * caller decides when to call it (typical heuristic: when
+ * `expiresAt < now + 60s`).
+ */
+declare function refreshToken(args: RefreshTokenArgs): Promise<OAuth2TokenResponse>;
+/**
+ * Build the `/authorize` URL the user is redirected to for auth-code or
+ * implicit flows. PKCE callers append `code_challenge` + `code_challenge_method`
+ * via `extraParams`. Doesn't open a browser — that's the host bridge's job.
+ */
+declare function buildAuthorizeUrl(args: {
+    authorizeUrl: string;
+    clientId: string;
+    redirectUri: string;
+    responseType: 'code' | 'token';
+    scope?: string;
+    state?: string;
+    extraParams?: Record<string, string>;
+}): string;
+
+interface ResolveInheritedAuthArgs {
+    /** The request's stated auth (may be `{ type: 'inherit' }`). */
+    requestAuth: RequestAuth;
+    /** The folderId the request lives in (null if at the root). */
+    folderId: string | null;
+    /** All known folders, keyed by id. */
+    folders: Record<string, Folder>;
+}
+/**
+ * If `requestAuth` is anything other than `inherit`, returns it unchanged.
+ * Otherwise walks up the folder chain looking for the first folder whose
+ * own `auth` is set and is not itself `inherit` or `none`. Folders with
+ * `inherit` or `none` auth are transparent (skipped, walk continues).
+ */
+declare function resolveInheritedAuth({ requestAuth, folderId, folders, }: ResolveInheritedAuthArgs): RequestAuth;
+
+interface ParsedCurl {
+    method: Request['method'];
+    url: string;
+    headers: Request['headers'];
+    query: Request['query'];
+    body: RequestBody;
+    auth: RequestAuth;
+    /** Unrecognised flags / fragments — the UI can show these as a warning. */
+    warnings: string[];
+}
+/**
+ * Tokenise a shell-style argv from a string. Handles single/double quotes,
+ * backslash escapes, and whitespace-splitting. Doesn't try to be a full
+ * POSIX shell — `$VAR` expansion, command substitution, and globs all
+ * pass through verbatim.
+ */
+declare function tokenizeCurl(input: string): string[];
+declare function parseCurl(input: string): ParsedCurl;
+
+interface ImportedRequest {
+    name: string;
+    method: HttpMethod;
+    url: string;
+    headers: Array<{
+        key: string;
+        value: string;
+        enabled: boolean;
+    }>;
+    query: Array<{
+        key: string;
+        value: string;
+        enabled: boolean;
+    }>;
+    body: RequestBody;
+    auth: RequestAuth;
+}
+interface ImportedFolder {
+    name: string;
+    /** Index path from root (deterministic id assignment is the caller's job). */
+    pathIds: number[];
+    parentPathIds: number[] | null;
+}
+interface ParsedPostmanCollection {
+    collectionName: string;
+    folders: ImportedFolder[];
+    requests: Array<ImportedRequest & {
+        folderPathIds: number[] | null;
+    }>;
+    warnings: string[];
+}
+declare function isPostmanV2Collection(doc: unknown): boolean;
+declare function parsePostmanCollection(input: string): ParsedPostmanCollection;
+
+interface ParsedPostmanEnvironment {
+    /** Suggested env name; the user can change at import time. */
+    name: string;
+    variables: EnvironmentVariable[];
+    warnings: string[];
+}
+declare function isPostmanEnvironment(doc: unknown): boolean;
+declare function parsePostmanEnvironment(input: string): ParsedPostmanEnvironment;
+
+declare function isInsomniaExport(doc: unknown): boolean;
+declare function parseInsomniaCollection(input: string): ParsedPostmanCollection;
+
+/**
+ * Result of evaluating one assertion against a response. Carries a snapshot
+ * of the assertion definition so downstream UI (History detail view, run
+ * exports, plan reports) can render the verdict without joining back to the
+ * source request — which may have been renamed, edited, or deleted by the
+ * time the user looks at history.
+ */
+interface AssertionResult {
+    assertionId: string;
+    kind: Assertion['kind'];
+    op: Assertion['op'];
+    target?: string;
+    expected: string | number;
+    passed: boolean;
+    /**
+     * Human-readable explanation. Always populated by `runAssertions` — pass
+     * cases get positive descriptions ("status: 200 equals 200"), fail cases
+     * get the diff. Optional in the type because the persisted shape in
+     * `RequestRun.assertions` predates this and may carry undefined for older
+     * history entries.
+     */
+    detail?: string;
+}
+declare function runAssertions(assertions: ReadonlyArray<Assertion>, exec: ExecutionResult): AssertionResult[];
+/**
+ * Read a dotted-path value from a JSON tree. Supports `a.b.c` and bracket
+ * indexing `arr[0]`. Returns `undefined` for missing segments.
+ */
+declare function readJsonPath(root: unknown, path: string): unknown;
+
+interface ContextExtractionResult {
+    extracted: Record<string, string>;
+    warnings: string[];
+}
+declare function extractContext(result: ExecutionResult, extractions: ReadonlyArray<ContextExtraction>): ContextExtractionResult;
+
+interface EncryptedPayload {
+    iv: string;
+    ciphertext: string;
+}
+/**
+ * Encrypt a UTF-8 string with the given AES-GCM key. Returns base64-encoded
+ * iv + ciphertext, safe to embed in JSON / push to Git.
+ */
+declare function encryptString(plaintext: string, key: CryptoKey): Promise<EncryptedPayload>;
+/**
+ * Decrypt a payload produced by `encryptString`. Throws on bad key, tampered
+ * ciphertext, or malformed input.
+ */
+declare function decryptString(payload: EncryptedPayload, key: CryptoKey): Promise<string>;
+/**
+ * Generate a fresh AES-GCM 256-bit key. The host persists it (typically as
+ * a JWK in IndexedDB) so subsequent sessions can decrypt prior values.
+ */
+declare function generateAesKey(): Promise<CryptoKey>;
+/**
+ * Generate a fresh per-slot salt (16 random bytes, base64-encoded). Salts are
+ * stored in `synced.secretKeys[id].salt` — they're not secret, but they do
+ * need to be stable for the slot's lifetime so ciphertext encrypted on one
+ * device is decryptable on another.
+ */
+declare function generateSlotSalt(): string;
+/**
+ * Derive an AES-GCM key from a slot's plaintext value via PBKDF2-SHA-256.
+ * The salt is base64 and travels through Git in `synced.secretKeys[id].salt`;
+ * the value is user-supplied and never leaves the device. Same `(value,
+ * salt)` pair always derives the same key, so a teammate cloning the repo
+ * gets matching keys once they enter the slot value on their machine.
+ */
+declare function deriveKeyFromSlotValue(value: string, saltBase64: string): Promise<CryptoKey>;
+/** Export an AES-GCM key as a JSON Web Key (for IDB storage). */
+declare function exportKey(key: CryptoKey): Promise<JsonWebKey>;
+/** Import an AES-GCM key previously exported via `exportKey`. */
+declare function importKey(jwk: JsonWebKey): Promise<CryptoKey>;
+/**
+ * Serialize an EncryptedPayload to a single string we can store in
+ * `Environment.variables[i].value`. The schema is `enc:v1:<iv>:<ciphertext>`
+ * — versioned so we can rotate algorithms later without ambiguity.
+ */
+declare function serializePayload(payload: EncryptedPayload): string;
+declare function tryParsePayload(value: string): EncryptedPayload | null;
+
+/**
+ * Validate a branch name against GitHub's ref rules. Returns null when the
+ * name is acceptable, otherwise a short reason. We enforce a stricter
+ * subset (no spaces, ASCII only, length ≤ 100) so the auto-generated names
+ * always pass.
+ */
+declare function validateBranchName(name: string): string | null;
+/** Lowercase ASCII slug, hyphenated, no leading/trailing/double hyphens. */
+declare function slugify(input: string): string;
+interface BranchNameOptions {
+    /** The workspace's local display name (from the registry entry). */
+    displayName: string;
+    /** Inject a fixed id in tests; defaults to 6 random hex chars. */
+    idGen?: () => string;
+}
+declare function generateWorkingBranchName(opts: BranchNameOptions): string;
+
+/**
+ * Stringify a WorkspaceSynced doc with deeply-sorted object keys + 2-space
+ * indent + trailing newline (so editors don't re-stamp the file when the
+ * user opens it). Arrays preserve their existing order — that's part of
+ * the workspace's user-visible shape (priority list, tree children, etc).
+ */
+declare function serializeWorkspaceForGit(synced: WorkspaceSynced): string;
+
+/** Error thrown when the input fails any of our checks. `code` lets the UI
+ *  branch on the specific failure (oversized, bad JSON, wrong shape, etc.)
+ *  without parsing the message string. */
+declare class RemoteWorkspaceParseError extends Error {
+    readonly code: 'oversized' | 'invalid-json' | 'not-object' | 'missing-workspace-id' | 'missing-collections' | 'missing-environments';
+    constructor(message: string, code: 'oversized' | 'invalid-json' | 'not-object' | 'missing-workspace-id' | 'missing-collections' | 'missing-environments');
+}
+/**
+ * Parse a remote `workspace.json` and return a `WorkspaceSynced` we can
+ * safely merge into store state. Throws `RemoteWorkspaceParseError` on
+ * any failure — callers should catch and surface to the user as a
+ * "this workspace was modified by an incompatible version" message.
+ *
+ * The returned object is NOT a deep clone of the input; if any nested
+ * object had a `__proto__` etc. key, that key was dropped at the reviver
+ * level. Strings, numbers, and arrays pass through unchanged.
+ *
+ * The function is intentionally PERMISSIVE about unknown fields — newer
+ * versions of Studio may add fields we don't know about, and we want
+ * those workspaces to remain readable. We only enforce the fields the
+ * existing codebase positively requires.
+ */
+declare function parseWorkspaceJson(content: string): WorkspaceSynced;
+
+/**
+ * Return a copy of `synced` with every credential-bearing field in every
+ * Request.auth blanked to ''. Identity fields are preserved. Pure — does
+ * not mutate the input. Safe to call on partially-shaped workspaces.
+ */
+declare function redactForGit(synced: WorkspaceSynced): WorkspaceSynced;
+/**
+ * Scan the already-serialised workspace JSON for any credential-only
+ * field name with a non-empty value. Throws if found — the push path
+ * should treat the throw as fatal (refuse to upload).
+ *
+ * The match is intentionally narrow: only the names in
+ * `PLAINTEXT_CREDENTIAL_FIELD_NAMES`, only with a NON-EMPTY string value.
+ * An empty-string credential (`"password":""`) is acceptable — that's
+ * what `redactForGit` produces.
+ *
+ * Implementation note: we use a regex rather than walking the parsed
+ * tree because (a) the input has already been serialised, and (b) the
+ * regex catches every nesting level without us having to know the shape.
+ * The risk of false positives is bounded because the field names are
+ * specific (no `value` / `token` / `key` in the list).
+ */
+declare function assertNoPlaintextCredentials(serialized: string): void;
+
+interface AttachmentSlotRef {
+    slotId: string;
+    sha256?: string;
+    filename?: string;
+    mimeType?: string;
+    size?: number;
+}
+/**
+ * Walk every request in the synced doc and return one entry per unique
+ * attachment slotId it references. Form-data file rows and the binary
+ * body's attachment ref both contribute. Duplicates (same slotId
+ * referenced twice — defensive only; slot ids are normally unique) are
+ * collapsed; the first occurrence wins.
+ */
+declare function collectAttachmentSlots(synced: WorkspaceSynced): AttachmentSlotRef[];
+
+interface ParsedVersion {
+    major: number;
+    minor: number;
+    patch: number;
+    prerelease: string | null;
+    build: string | null;
+}
+declare function parseSemver(version: string): ParsedVersion | null;
+declare function isValidSemver(version: string): boolean;
+/**
+ * Compare two semver strings. Returns negative if `a < b`, positive if
+ * `a > b`, 0 if equal. Build metadata is ignored (per semver spec). A
+ * prerelease label sorts BEFORE its corresponding release (1.0.0-rc.1 <
+ * 1.0.0). Within prereleases, dot-separated identifiers compare numeric
+ * vs string per the spec.
+ */
+declare function compareSemver(a: string, b: string): number;
+/** Sort an array of semver strings — newest first (descending). */
+declare function sortVersionsDesc(versions: readonly string[]): string[];
+
+interface PublishReleaseArgs {
+    version: string;
+    notes: string;
+    /** Optional bookkeeping — the git commit SHA the release points at. */
+    sha?: string;
+    /** Optional bookkeeping — git tag name (the source of truth is the ledger). */
+    tagName?: string;
+    publishedAt?: string;
+}
+/**
+ * Append a new release to `synced.releases.self.versions` and bump
+ * `currentVersion`. Pure — does not touch IDB or Git.
+ *
+ * Throws on invalid semver, duplicate version, or invalid notes shape.
+ */
+declare function publishRelease(synced: WorkspaceSynced, args: PublishReleaseArgs): Promise<WorkspaceSynced>;
+/** Flip the `deprecated` flag on a version. Soft signal — version is still installable. */
+declare function deprecateRelease(synced: WorkspaceSynced, version: string): WorkspaceSynced;
+/**
+ * Flip the `yanked` flag on a version. Hard signal — consumers should
+ * be told this version is broken / unsafe and offered a different one.
+ */
+declare function yankRelease(synced: WorkspaceSynced, version: string): WorkspaceSynced;
+
+type MonacoLanguage = 'json' | 'xml' | 'html' | 'graphql' | 'javascript' | 'yaml' | 'plaintext';
+declare function normalizeContentType(contentType?: string): string;
+declare function getLanguageFromContentType(contentType?: string): MonacoLanguage;
+/**
+ * Map a workspace BodyType to its Monaco language. Used by the editor
+ * to set the right syntax highlighter even before Content-Type lands.
+ */
+declare function getLanguageFromBodyType(bodyType: 'none' | 'json' | 'text' | 'urlencoded' | 'form-data' | 'binary' | 'xml' | 'graphql'): MonacoLanguage;
+declare const supportedContentTypeLanguageMap: Readonly<Record<string, MonacoLanguage>>;
+
+interface GraphQLSchemaInfo {
+    /** Object/Interface types and their fields. */
+    types: Map<string, {
+        fields: GraphQLField[];
+    }>;
+    /** Top-level operations (Query, Mutation, Subscription). */
+    rootTypes: {
+        query?: string;
+        mutation?: string;
+        subscription?: string;
+    };
+    /** Scalar + enum names. */
+    scalars: string[];
+    enums: string[];
+}
+interface GraphQLField {
+    name: string;
+    type: string;
+    description?: string;
+}
+declare function parseGraphqlSchema(source: string, kind: 'sdl' | 'introspection'): GraphQLSchemaInfo;
+
+type DiffStatus = 'unchanged' | 'local-only' | 'remote-only' | 'both-equal' | 'conflict';
+type EntityBucket = 'request' | 'folder' | 'environment' | 'linkedWorkspace' | 'mockServer' | 'executionPlan' | 'secretKey' | 'globalSchema' | 'globalGraphql' | 'linkedRequestOverride' | 'linkedEnvOverride' | 'releasePerLink' | 'tree' | 'environmentsActive' | 'environmentsPriority' | 'releaseSelf' | 'secretCrypto';
+interface DiffEntry {
+    bucket: EntityBucket;
+    /** Entity id within the bucket. Empty string for singleton buckets. */
+    key: string;
+    status: DiffStatus;
+    /** Human-readable label for the resolver UI. */
+    label: string;
+    base: unknown;
+    local: unknown;
+    remote: unknown;
+}
+interface ThreeWayDiff {
+    entries: DiffEntry[];
+    conflicts: DiffEntry[];
+}
+type ConflictResolution = 'mine' | 'theirs';
+/** Map keyed by `bucket:key` (e.g. `request:r-1`, `releaseSelf:`). */
+type ResolutionMap = Record<string, ConflictResolution>;
+/**
+ * Compute the per-entity diff. Returns every entity touched on at least
+ * one side, plus a flat list of conflicts (subset of entries with status
+ * 'conflict') for the resolver.
+ *
+ * `base` is the lastPulledSnapshot. When null (first refresh ever), every
+ * remote entity that doesn't match local becomes a conflict — there's no
+ * shared ancestor to pick a side automatically.
+ */
+declare function computeThreeWayDiff(base: WorkspaceSynced | null, local: WorkspaceSynced, remote: WorkspaceSynced): ThreeWayDiff;
+/**
+ * Apply a fully-resolved diff: take fast-forwards (remote-only) into
+ * local, keep local-only changes verbatim, and resolve every conflict
+ * via the supplied `resolutions` map (`bucket:key` → 'mine' | 'theirs').
+ *
+ * Throws when any conflict is missing a resolution — the caller is
+ * expected to populate the modal first.
+ */
+declare function applyMerge(local: WorkspaceSynced, remote: WorkspaceSynced, diff: ThreeWayDiff, resolutions: ResolutionMap): WorkspaceSynced;
+
+interface UnpushedChange {
+    bucket: EntityBucket;
+    /** Entity id within the bucket; empty string for singletons (tree, etc.). */
+    key: string;
+    label: string;
+    kind: 'added' | 'modified' | 'removed';
+    base: unknown;
+    local: unknown;
+}
+interface UnpushedSummary {
+    added: number;
+    modified: number;
+    removed: number;
+    total: number;
+    /** Per-entry list, sorted by bucket then label so the preview list renders predictably. */
+    changes: UnpushedChange[];
+    computedAt: string;
+}
+declare function summarizeUnpushedChanges(base: WorkspaceSynced | null, current: WorkspaceSynced, options?: {
+    now?: () => Date;
+}): UnpushedSummary;
+/**
+ * Cheap "anything to push?" check for the BranchCard badge. Avoids
+ * recomputing the full preview list when the caller only needs a
+ * boolean. Identity short-circuits on referential equality of `current`
+ * and `base` — common when the store hasn't mutated since pull.
+ */
+declare function hasUnpushedChanges(base: WorkspaceSynced | null, current: WorkspaceSynced): boolean;
+/** Stable empty value for callers that want to default-render an empty summary. */
+declare const EMPTY_UNPUSHED_SUMMARY: UnpushedSummary;
+
+type LinkedUpdateStatus = 'unchanged' | 'source-only' | 'local-only' | 'both-changed' | 'new-in-source' | 'removed-in-source';
+type LinkedUpdateBucket = 'request' | 'folder' | 'environment-var';
+interface LinkedUpdateEntry<TBase = unknown, TTarget = unknown, TOverride = unknown> {
+    bucket: LinkedUpdateBucket;
+    /** Identifier scoped to the bucket. For env-var, format `<envName>:<varKey>`. */
+    key: string;
+    label: string;
+    status: LinkedUpdateStatus;
+    base: TBase | null;
+    target: TTarget | null;
+    override: TOverride | null;
+}
+interface LinkedUpdatePreview {
+    fromVersion: string | null;
+    toVersion: string;
+    entries: LinkedUpdateEntry[];
+    /** Quick counts for the modal summary line. */
+    summary: Record<LinkedUpdateStatus, number>;
+}
+interface PreviewArgs {
+    fromVersion: string | null;
+    toVersion: string;
+    base: LinkedSnapshot | null;
+    target: LinkedSnapshot;
+    /** All request overrides keyed by `${linkedWorkspaceId}:${itemId}` — caller pre-filters to one link. */
+    requestOverrides: RequestOverride[];
+    /** All env-var overrides for this link. */
+    envVarOverrides: EnvironmentVariableOverride[];
+}
+/**
+ * Pure function — returns a structured preview of every change between
+ * `base` and `target`, classified by status and annotated with the
+ * consumer's overrides where applicable. Caller renders the modal and
+ * collects resolutions for `both-changed` entries.
+ */
+declare function previewLinkedUpdate(args: PreviewArgs): LinkedUpdatePreview;
+/**
+ * Map status → 'mine' | 'theirs' for entries the user has resolved.
+ * 'mine' = keep the override / orphan. 'theirs' = adopt source.
+ *
+ * `source-only`, `new-in-source`, and `local-only` don't need a
+ * resolution (auto-applied), so this map is keyed only by entries that
+ * are `both-changed` or `removed-in-source` (the latter optionally lets
+ * the user keep their override as a consumer-only request — a rarer
+ * choice).
+ */
+type LinkedUpdateResolutionMap = Record<string, 'mine' | 'theirs'>;
+interface ApplyArgs {
+    base: LinkedSnapshot | null;
+    target: LinkedSnapshot;
+    preview: LinkedUpdatePreview;
+    resolutions: LinkedUpdateResolutionMap;
+    /** All overrides for this link, BEFORE the apply. */
+    requestOverrides: RequestOverride[];
+    envVarOverrides: EnvironmentVariableOverride[];
+}
+interface ApplyResult {
+    /** New canonical snapshot to cache (replaces base). */
+    nextSnapshot: LinkedSnapshot;
+    /** Override entries the consumer keeps after applying. */
+    nextRequestOverrides: RequestOverride[];
+    nextEnvVarOverrides: EnvironmentVariableOverride[];
+    /** Per-entry record of what we did, surfaced to the toast / activity log. */
+    log: Array<{
+        entryKey: string;
+        bucket: LinkedUpdateBucket;
+        action: string;
+    }>;
+}
+/**
+ * Apply a fully-resolved preview. Pure — does not touch IDB or the store.
+ *
+ * Throws when any `both-changed` entry is missing a resolution.
+ */
+declare function applyLinkedUpdate(args: ApplyArgs): ApplyResult;
+
+interface ApplyMutationOptions {
+    /** ISO timestamp to stamp into `updatedAt`. Defaults to the current time. */
+    now?: string;
+}
+interface ApplyMutationResult {
+    next: WorkspaceState;
+    changedIds: string[];
+}
+declare function applyMutation(state: WorkspaceState, patch: WorkspacePatch, options?: ApplyMutationOptions): ApplyMutationResult;
+
+/**
+ * Best-known identity of whoever launched a plan run. Recorded for display
+ * and handed to the `authorize` hook. `unknown` is the headless default when
+ * no GitHub session or OS user can be determined.
+ */
+interface RunActor {
+    kind: 'github' | 'os' | 'unknown';
+    /** GitHub login, OS username, or 'unknown'. */
+    name: string;
+}
+declare const ANONYMOUS_ACTOR: RunActor;
+/**
+ * Thrown by an `authorize` hook to deny a run. `runPlan` lets it propagate
+ * untouched so callers (the CLI) can map it to a distinct exit code. Today no
+ * built-in hook throws it — it exists for the per-user run restrictions that
+ * are planned but not yet designed.
+ */
+declare class PlanRunDeniedError extends Error {
+    constructor(message: string);
+}
+/** Context handed to the `authorize` hook before any HTTP request fires. */
+interface PlanRunAuthorizationContext {
+    planId: string;
+    plan: ExecutionPlan;
+    actor: RunActor;
+    state: WorkspaceState;
+}
+interface RunPlanOptions {
+    /** Evaluate the per-request assertions. Defaults to `true`. */
+    withAssertions?: boolean;
+    /**
+     * Halt the run after the first failed step — including missing / linked
+     * steps — regardless of the plan's own `stopOnAssertionFailure`. This is
+     * the `apicircle run --bail` behaviour. Defaults to `false`.
+     */
+    bail?: boolean;
+    /**
+     * Name of a local environment to layer on top of the run's env priority
+     * order (highest precedence). Used by `apicircle run --env <name>`. A name
+     * with no matching environment simply contributes nothing.
+     */
+    env?: string;
+    /** Injected fetch — defaults to `globalThis.fetch`. Tests pass a stub. */
+    fetchImpl?: typeof fetch;
+    /** Aborts the run between steps and the in-flight request. */
+    signal?: AbortSignal;
+    /** Per-request hard timeout in ms. `null` disables. Defaults to executeRequest's 30s. */
+    timeoutMs?: number | null;
+    /** Plaintext secret values keyed by `secretKeyId`, for encrypted env vars. */
+    secretsById?: Record<string, string>;
+    /** Identity of whoever launched the run. Defaults to {@link ANONYMOUS_ACTOR}. */
+    actor?: RunActor;
+    /**
+     * Authorization seam. Called once, before the first request, with the
+     * resolved plan + actor. Throw (ideally {@link PlanRunDeniedError}) to deny
+     * the run. Omit for an unrestricted run — the current default everywhere.
+     */
+    authorize?: (ctx: PlanRunAuthorizationContext) => void | Promise<void>;
+    /** Invoked after each step settles — lets a CLI stream progress live. */
+    onStep?: (step: PlanStepResult) => void;
+}
+interface PlanStepResult {
+    /** Index into `plan.steps` — stable even when steps are skipped. */
+    stepIndex: number;
+    requestId: string;
+    requestName: string;
+    requestMethod: string;
+    /** True when the step was skipped via `enabled: false`. */
+    skipped: boolean;
+    /** Execution result, or `null` for a skipped / unresolvable step. */
+    result: ExecutionResult | null;
+    assertionResults: AssertionResult[];
+    /** `{{VAR}}` placeholders that didn't resolve in url / headers / query / body / auth. */
+    missingVariables: string[];
+    /** True when the request succeeded and (if enabled) every assertion passed. */
+    passed: boolean;
+    /** Set when the step couldn't run at all (missing / linked / unsupported). */
+    error?: string;
+}
+interface RunPlanResult {
+    planRun: PlanRun;
+    /** One entry per step, including skipped ones (in `plan.steps` order). */
+    steps: PlanStepResult[];
+    /**
+     * Workspace with the plan-run + request-runs appended to history and any
+     * refreshed OAuth2 tokens persisted onto `synced`. Save this back to disk.
+     */
+    nextState: WorkspaceState;
+    /** True when every executed (non-skipped) step passed. Vacuously true when none ran. */
+    passed: boolean;
+}
+type ResolvePlanRefResult = {
+    ok: true;
+    id: string;
+    plan: ExecutionPlan;
+} | {
+    ok: false;
+    error: string;
+    available: string[];
+};
+/**
+ * Resolve a user-supplied plan reference (a plan id, or a plan name) against a
+ * workspace. Name matching is case-insensitive and trimmed; an ambiguous name
+ * (two plans share it) is rejected so the caller can ask for an id instead.
+ */
+declare function resolvePlanRef(synced: WorkspaceSynced, ref: string): ResolvePlanRefResult;
+/**
+ * Execute every enabled step of `planId` against the workspace. Never throws
+ * for HTTP / assertion failures — those land in the returned step results.
+ * Throws only for a missing plan or a denial from the `authorize` hook.
+ */
+declare function runPlan(state: WorkspaceState, planId: string, opts?: RunPlanOptions): Promise<RunPlanResult>;
+
+/**
+ * Token Oriented Object Notation (TOON) encoder.
+ *
+ * Compact, indentation-based serialization that drops most of JSON's
+ * structural noise (quotes around keys/values where unambiguous, braces,
+ * commas, colons-with-spaces). Optimized for LLM token budgets and
+ * eyeballing — typical JSON shrinks 25–50% when re-encoded.
+ *
+ * Two encoding shapes are produced:
+ *
+ *  - **Tabular** for arrays of homogeneous flat objects (common API list
+ *    payloads). The header lists keys once, the rows list values once:
+ *
+ *      users[2]{id,name,active}:
+ *        1,Alice,true
+ *        2,Bob,false
+ *
+ *  - **Indented** for everything else:
+ *
+ *      meta:
+ *        page: 1
+ *        items:
+ *          - id: 1
+ *            name: Alice
+ *
+ * Strings are quoted only when they contain characters that would otherwise
+ * break the line shape (commas, colons, leading/trailing whitespace, etc.).
+ * Output is intentionally lossless for round-tripping primitive types — but
+ * a TOON decoder is out of scope for this module: the encoder exists so the
+ * UI can show an "X% smaller" hint and an optional preview.
+ */
+type Json$2 = string | number | boolean | null | Json$2[] | {
+    [key: string]: Json$2;
+};
+declare function toToon(value: Json$2): string;
+
+/**
+ * Minimal block-style YAML encoder. Sibling of `toon.ts` — same job
+ * (compact, indentation-based representation of JSON-shaped data) but
+ * sticks to standard YAML syntax instead of TOON's tabular shorthand,
+ * so the user can compare the two.
+ *
+ * For arrays of homogeneous flat objects YAML still emits one list item
+ * per row (unlike TOON's `name[count]{cols}: rows` table), so YAML is
+ * usually slightly larger than TOON on tabular payloads but identical or
+ * very close on nested ones. Keeping both gives the user the full picture
+ * when deciding which format to feed downstream.
+ */
+type Json$1 = string | number | boolean | null | Json$1[] | {
+    [key: string]: Json$1;
+};
+declare function toYaml(value: Json$1): string;
+
+/**
+ * Minimal RFC 4180-ish CSV encoder, used purely as a "what if you sent
+ * this as CSV" savings preview. Returns null when the input isn't an
+ * array of homogeneous flat objects — CSV only makes sense for tabular
+ * data, and forcing it on nested JSON would either lose information or
+ * inflate the payload, defeating the point of the savings hint.
+ */
+type Json = string | number | boolean | null | Json[] | {
+    [key: string]: Json;
+};
+declare function toCsv(value: Json): string | null;
+
+/**
+ * Output formats we measure savings for. Minification is NOT in this
+ * list on purpose — stripping whitespace from pretty-printed JSON isn't
+ * a "transformation", it's the wire-effective baseline most APIs already
+ * send. Comparing TOON/YAML/CSV against pretty JSON would inflate the
+ * apparent savings; we always normalize to minified JSON first.
+ */
+type TransformFormat = 'toon' | 'yaml' | 'csv';
+interface TransformCandidate {
+    format: TransformFormat;
+    /** Encoded payload. Available so the UI can offer "view" / "copy". */
+    preview: string;
+    /** UTF-8 bytes of `preview`. */
+    bytes: number;
+    /**
+     * Bytes saved vs `minifiedBytes` (the wire baseline), expressed as a
+     * percentage with one decimal. Clamped at 0 — candidates that don't
+     * beat the baseline are dropped from `candidates` entirely.
+     */
+    percentSaved: number;
+}
+interface TransformSavings {
+    /** UTF-8 bytes of the body as received (may be pretty-printed). */
+    originalBytes: number;
+    /**
+     * UTF-8 bytes of the same body re-emitted as compact JSON. This is
+     * the honest wire-baseline — most APIs already send minified JSON,
+     * and any "transformation savings" should be measured against that,
+     * not against a verbose pretty-printed version. When `originalBytes ===
+     * minifiedBytes`, the wire body was already compact; when they differ,
+     * the UI can surface that delta separately as a "minify only" tip
+     * without mixing it into transformation savings.
+     */
+    minifiedBytes: number;
+    /** Sorted by percentSaved descending. Empty when nothing beats minified. */
+    candidates: TransformCandidate[];
+}
+/**
+ * Compute savings candidates for a response body. Only JSON-shaped
+ * content is inspected — binary, plain text, and HTML return an empty
+ * candidate list. Pure, no side effects.
+ *
+ * Baselines:
+ *  - `originalBytes`  : received-as-is. What the editor is currently rendering.
+ *  - `minifiedBytes`  : what the wire would have carried with whitespace stripped.
+ *  - `candidates[].percentSaved` : measured against `minifiedBytes`. So a
+ *    "20% smaller as TOON" claim means TOON beats compact JSON by 20%,
+ *    not that it beats pretty JSON by 20%.
+ */
+declare function computeTransformSavings(body: string, contentType?: string): TransformSavings;
+declare const TRANSFORM_FORMAT_LABELS: Record<TransformFormat, string>;
+
+export { ANONYMOUS_ACTOR, type ApplyMutationOptions, type ApplyMutationResult, type AssertionResult, type AttachmentResolver, type AttachmentSlotRef, type AuthApplyOptions, type AuthApplyResult, type AuthApplyTarget, type AuthApplyWarning, type AuthCodeExchangeArgs, type AutoHeaderOverrides, type BranchNameOptions, type BuildDigestArgs, type BuildNtlmType3Args, type BuildRequestOptions, type BuiltRequest, type ClientCredentialsArgs, type ConflictResolution, type HeaderEntry$1 as ContentTypeHeaderEntry, type ContextExtractionResult, DESKTOP_APP_ORIGIN, type DeviceAuthorizationArgs, type DeviceAuthorizationResponse, type DiffEntry, type DiffStatus, type DigestChallenge, EMPTY_UNPUSHED_SUMMARY, type EncryptedPayload, type EntityBucket, type ExecuteOptions, type ExecutionResult, type FetchOAuth2TokenArgs, type GraphQLField, type GraphQLSchemaInfo, HTTP_HEADERS_MAP, type HawkSignArgs, type HeaderEntry, type HeaderSuggestionMode, type ImportedFolder, type ImportedRequest, type JwtAlgorithm, type JwtSignArgs, type ApplyArgs as LinkedApplyArgs, type ApplyResult as LinkedApplyResult, type PreviewArgs as LinkedPreviewArgs, type LinkedUpdateBucket, type LinkedUpdateEntry, type LinkedUpdatePreview, type LinkedUpdateResolutionMap, type LinkedUpdateStatus, type MonacoLanguage, type NtlmType2Challenge, type OAuth2ErrorResponse, OAuth2TokenError, type OAuth2TokenResponse, type ParsedCurl, type ParsedPostmanCollection, type ParsedPostmanEnvironment, type ParsedVersion, type PkceExchangeArgs, type PkceMethod, type PlanRunAuthorizationContext, PlanRunDeniedError, type PlanStepResult, type PollDeviceFlowArgs, type PreSendBlocker, type PreSendValidationInput, type PreSendValidationResult, type PreSendWarning, type PublishReleaseArgs, type RefreshTokenArgs, RemoteWorkspaceParseError, type ResolutionMap, type ResolutionScope, type ResolveInheritedAuthArgs, type ResolvePlanRefResult, type ResolveResult, type RopcArgs, type RunActor, type RunPlanOptions, type RunPlanResult, type SigV4SignArgs, type SigV4SignResult, TRANSFORM_FORMAT_LABELS, type ThreeWayDiff, type TransformCandidate, type TransformFormat, type TransformSavings, type UnpushedChange, type UnpushedSummary, type VariableSource, type VariableSuggestion, WorkspacePatch, WorkspaceState, applyAuth, applyAwsSigV4, applyContentTypeForBodyType, applyLinkedUpdate, applyMerge, applyMutation, applyPathParams, assertNoPlaintextCredentials, buildAuthorizeUrl, buildAutoHeaders, buildDigestAuthHeader, buildHawkAuthHeader, buildNtlmType1Negotiate, buildNtlmType3Authenticate, buildRequest, buildScope, collectAttachmentSlots, collectVariableSuggestions, compareSemver, composeBody, composeCookieHeader, composeHeaders, composeUrl, composeUrlWithQuery, computeCodeChallenge, computeThreeWayDiff, computeTransformSavings, decryptString, deprecateRelease, deriveKeyFromSlotValue, encryptString, exchangeAuthCode, exchangePkce, executeRequest, exportKey, extractContext, fetchOAuth2Token, findPathPlaceholders, generateAesKey, generateCodeVerifier, generateSlotSalt, generateSpanId, generateTraceParent, generateWorkingBranchName, getBodyTypeForContentType, getContentTypeForBodyType, getHeaderEntry, getHeaderValues, getLanguageFromBodyType, getLanguageFromContentType, getVariableAutocomplete, hasUnpushedChanges, importKey, isDesktop, isInsomniaExport, isPostmanEnvironment, isPostmanV2Collection, isValidSemver, lookup, mergeWithAutoHeaders, normalizeContentType, parseCurl, parseDigestChallenge, parseGraphqlSchema, parseInsomniaCollection, parseNtlmType2Challenge, parsePostmanCollection, parsePostmanEnvironment, parseSemver, parseUrlQuery, parseWorkspaceJson, pollDeviceFlow, preSendValidation, previewLinkedUpdate, publishRelease, readJsonPath, redactForGit, refreshToken, requestDeviceAuthorization, requestRunToExecutionResult, resolveInheritedAuth, resolvePlanRef, resolveString, resolveStringMap, runAssertions, runClientCredentials, runPlan, runRopc, serializePayload, serializeWorkspaceForGit, signJwt, slugify, sortVersionsDesc, suggestHeaders, summarizeUnpushedChanges, supportedContentTypeLanguageMap, toCsv, toToon, toYaml, tokenizeCurl, tryParsePayload, validateBranchName, yankRelease };