@baochunli/flakes 0.0.2 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist/commands/auth.d.ts.map +1 -1
  2. package/dist/commands/auth.js +133 -13
  3. package/dist/commands/auth.js.map +1 -1
  4. package/dist/commands/host.js +1 -0
  5. package/dist/commands/host.js.map +1 -1
  6. package/dist/commands/tasks.js +3 -0
  7. package/dist/commands/tasks.js.map +1 -1
  8. package/dist/index.d.ts.map +1 -1
  9. package/dist/index.js +175 -22
  10. package/dist/index.js.map +1 -1
  11. package/dist/node_modules/@flakes/auth/package.json +1 -1
  12. package/dist/node_modules/@flakes/console/.output/nitro.json +1 -1
  13. package/dist/node_modules/@flakes/console/.output/public/assets/DocumentationPage-DM-ZYPgQ.js +1 -0
  14. package/dist/node_modules/@flakes/console/.output/public/assets/{RunPage-BC3sGoPN.js → RunPage-i03UqHYF.js} +1 -1
  15. package/dist/node_modules/@flakes/console/.output/public/assets/{RunsPage-LkYGVvbL.js → RunsPage-u8qbeAoV.js} +1 -1
  16. package/dist/node_modules/@flakes/console/.output/public/assets/{SandboxesPage-CwWMogj6.js → SandboxesPage-D8D_5kXP.js} +1 -1
  17. package/dist/node_modules/@flakes/console/.output/public/assets/{TranscriptPage-CTMgJgHp.js → TranscriptPage-ChoFjiPI.js} +1 -1
  18. package/dist/node_modules/@flakes/console/.output/public/assets/{_-DRcA_CG9.js → _-C4ecJpHe.js} +1 -1
  19. package/dist/node_modules/@flakes/console/.output/public/assets/{_runId-CO1ozt9P.js → _runId-BZXYFY32.js} +2 -2
  20. package/dist/node_modules/@flakes/console/.output/public/assets/{_taskId-CcIypX6M.js → _taskId-C28oHEU_.js} +2 -2
  21. package/dist/node_modules/@flakes/console/.output/public/assets/{account-DKgjbb-C.js → account-B4wDEC7t.js} +1 -1
  22. package/dist/node_modules/@flakes/console/.output/public/assets/{account-forms-DrHA3zEd.js → account-forms-BLo66Mqa.js} +1 -1
  23. package/dist/node_modules/@flakes/console/.output/public/assets/{auth-layout-INHonQMf.js → auth-layout-DiUSgtaY.js} +1 -1
  24. package/dist/node_modules/@flakes/console/.output/public/assets/{device-DOGZUNMB.js → device-NrLWypMd.js} +1 -1
  25. package/dist/node_modules/@flakes/console/.output/public/assets/{documentation-Dr9Bdqxh.js → documentation-NRDmcDud.js} +1 -1
  26. package/dist/node_modules/@flakes/console/.output/public/assets/{forgot-password-C7qvwcpm.js → forgot-password--3Mujc8s.js} +1 -1
  27. package/dist/node_modules/@flakes/console/.output/public/assets/{main-RzjfJZwD.js → main-KBvz0mSQ.js} +21 -87
  28. package/dist/node_modules/@flakes/console/.output/public/assets/{otp-verification-Cqa6lopR.js → otp-verification-BSXwS5bo.js} +1 -1
  29. package/dist/node_modules/@flakes/console/.output/public/assets/{reset-password-tImCgEn0.js → reset-password-C7SbNx2J.js} +1 -1
  30. package/dist/node_modules/@flakes/console/.output/public/assets/{runs-Cuk0VOVi.js → runs-xD4ynllK.js} +2 -2
  31. package/dist/node_modules/@flakes/console/.output/public/assets/{sandboxes-BBIIbVN8.js → sandboxes-Cfr1Y2Dn.js} +2 -2
  32. package/dist/node_modules/@flakes/console/.output/public/assets/{security-D3N68cBT.js → security-CCThSJae.js} +1 -1
  33. package/dist/node_modules/@flakes/console/.output/public/assets/{signin-DylILjyG.js → signin-CYeR3TaY.js} +1 -1
  34. package/dist/node_modules/@flakes/console/.output/public/assets/{signin-form-DWaa_uwj.js → signin-form-Bp22jPob.js} +1 -1
  35. package/dist/node_modules/@flakes/console/.output/public/assets/{signup-KmFQL_1g.js → signup-DHhPfohX.js} +1 -1
  36. package/dist/node_modules/@flakes/console/.output/server/{_-8ZDVkA1O.mjs → _-C-u135Pp.mjs} +3 -3
  37. package/dist/node_modules/@flakes/console/.output/server/{_-CjpSIsvB.mjs → _-DwPiGKLE.mjs} +3 -3
  38. package/dist/node_modules/@flakes/console/.output/server/_chunks/router.mjs +5 -5
  39. package/dist/node_modules/@flakes/console/.output/server/_ssr/{DocumentationPage-D85Budiq.mjs → DocumentationPage-CtBAQbzy.mjs} +4 -4
  40. package/dist/node_modules/@flakes/console/.output/server/_ssr/{documentation-Do_Mr_e4.mjs → documentation-Bf0VPrnt.mjs} +4 -4
  41. package/dist/node_modules/@flakes/console/.output/server/_ssr/{documentation-4BCES--X.mjs → documentation-PC93pMWl.mjs} +3 -3
  42. package/dist/node_modules/@flakes/console/.output/server/_ssr/{router-B3vKkNtv.mjs → router-elhBqT5k.mjs} +4 -4
  43. package/dist/node_modules/@flakes/console/.output/server/_ssr/ssr.mjs +2 -2
  44. package/dist/node_modules/@flakes/console/.output/server/{_tanstack-start-manifest_v-llXRWxjT.mjs → _tanstack-start-manifest_v-CR_hZXXv.mjs} +31 -31
  45. package/dist/node_modules/@flakes/console/package.json +1 -1
  46. package/dist/node_modules/@flakes/control-plane/package.json +1 -1
  47. package/dist/node_modules/@flakes/core/package.json +1 -1
  48. package/dist/node_modules/@flakes/harness-agent/package.json +1 -1
  49. package/dist/node_modules/@flakes/harness-sdk/package.json +1 -1
  50. package/dist/node_modules/@flakes/pi-agent/package.json +1 -1
  51. package/dist/node_modules/@flakes/protocol/package.json +1 -1
  52. package/dist/node_modules/@flakes/sandbox-runtime/package.json +1 -1
  53. package/dist/node_modules/@flakes/store/package.json +1 -1
  54. package/package.json +1 -1
  55. package/dist/node_modules/@flakes/console/.output/public/assets/DocumentationPage-DrqDulyL.js +0 -1
@@ -1,4 +1,4 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{r,t as i}from"./utils-CEE0-YEp.js";import{D as a,f as o,it as s,k as c,rt as l}from"./main-RzjfJZwD.js";var u=r(`rotate-ccw`,[[`path`,{d:`M3 12a9 9 0 1 0 9-9 9.75 9.75 0 0 0-6.74 2.74L3 8`,key:`1357e3`}],[`path`,{d:`M3 3v5h5`,key:`1xhq8a`}]]),d=n(t(),1),f=Object.defineProperty,p=Object.defineProperties,m=Object.getOwnPropertyDescriptors,h=Object.getOwnPropertySymbols,g=Object.prototype.hasOwnProperty,_=Object.prototype.propertyIsEnumerable,v=(e,t,n)=>t in e?f(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,y=(e,t)=>{for(var n in t||={})g.call(t,n)&&v(e,n,t[n]);if(h)for(var n of h(t))_.call(t,n)&&v(e,n,t[n]);return e},b=(e,t)=>p(e,m(t)),x=(e,t)=>{var n={};for(var r in e)g.call(e,r)&&t.indexOf(r)<0&&(n[r]=e[r]);if(e!=null&&h)for(var r of h(e))t.indexOf(r)<0&&_.call(e,r)&&(n[r]=e[r]);return n};function S(e){return[setTimeout(e,0),setTimeout(e,10),setTimeout(e,50)]}function C(e){let t=d.useRef();return d.useEffect(()=>{t.current=e}),t.current}var w=18,T=40,E=`${T}px`,D=[`[data-lastpass-icon-root]`,`com-1password-button`,`[data-dashlanecreated]`,`[style$="2147483647 !important;"]`].join(`,`);function O({containerRef:e,inputRef:t,pushPasswordManagerStrategy:n,isFocused:r}){let[i,a]=d.useState(!1),[o,s]=d.useState(!1),[c,l]=d.useState(!1),u=d.useMemo(()=>n===`none`?!1:(n===`increase-width`||n===`experimental-no-flickering`)&&i&&o,[i,o,n]),f=d.useCallback(()=>{let r=e.current,i=t.current;if(!r||!i||c||n===`none`)return;let o=r,s=o.getBoundingClientRect().left+o.offsetWidth,u=o.getBoundingClientRect().top+o.offsetHeight/2,d=s-w,f=u;document.querySelectorAll(D).length===0&&document.elementFromPoint(d,f)===r||(a(!0),l(!0))},[e,t,c,n]);return d.useEffect(()=>{let t=e.current;if(!t||n===`none`)return;function r(){s(window.innerWidth-t.getBoundingClientRect().right>=T)}r();let i=setInterval(r,1e3);return()=>{clearInterval(i)}},[e,n]),d.useEffect(()=>{let e=r||document.activeElement===t.current;if(n===`none`||!e)return;let i=setTimeout(f,0),a=setTimeout(f,2e3),o=setTimeout(f,5e3),s=setTimeout(()=>{l(!0)},6e3);return()=>{clearTimeout(i),clearTimeout(a),clearTimeout(o),clearTimeout(s)}},[t,r,n,f]),{hasPWMBadge:i,willPushPWMBadge:u,PWM_BADGE_SPACE_WIDTH:E}}var k=d.createContext({}),A=d.forwardRef((e,t)=>{var n=e,{value:r,onChange:i,maxLength:a,textAlign:o=`left`,pattern:s,placeholder:c,inputMode:l=`numeric`,onComplete:u,pushPasswordManagerStrategy:f=`increase-width`,pasteTransformer:p,containerClassName:m,noScriptCSSFallback:h=M,render:g,children:_}=n,v=x(n,[`value`,`onChange`,`maxLength`,`textAlign`,`pattern`,`placeholder`,`inputMode`,`onComplete`,`pushPasswordManagerStrategy`,`pasteTransformer`,`containerClassName`,`noScriptCSSFallback`,`render`,`children`]),w;let[T,E]=d.useState(typeof v.defaultValue==`string`?v.defaultValue:``),D=r??T,A=C(D),N=d.useCallback(e=>{i?.(e),E(e)},[i]),P=d.useMemo(()=>s?typeof s==`string`?new RegExp(s):s:null,[s]),F=d.useRef(null),I=d.useRef(null),L=d.useRef({value:D,onChange:N,isIOS:typeof window<`u`&&((w=window==null?void 0:window.CSS)?.supports)?.call(w,`-webkit-touch-callout`,`none`)}),R=d.useRef({prev:[F.current?.selectionStart,F.current?.selectionEnd,F.current?.selectionDirection]});d.useImperativeHandle(t,()=>F.current,[]),d.useEffect(()=>{let e=F.current,t=I.current;if(!e||!t)return;L.current.value!==e.value&&L.current.onChange(e.value),R.current.prev=[e.selectionStart,e.selectionEnd,e.selectionDirection];function n(){if(document.activeElement!==e){W(null),K(null);return}let t=e.selectionStart,n=e.selectionEnd,r=e.selectionDirection,i=e.maxLength,a=e.value,o=R.current.prev,s=-1,c=-1,l;if(a.length!==0&&t!==null&&n!==null){let e=t===n,r=t===a.length&&a.length<i;if(e&&!r){let e=t;if(e===0)s=0,c=1,l=`forward`;else if(e===i)s=e-1,c=e,l=`backward`;else if(i>1&&a.length>1){let t=0;if(o[0]!==null&&o[1]!==null){l=e<o[1]?`backward`:`forward`;let n=o[0]===o[1]&&o[0]<i;l===`backward`&&!n&&(t=-1)}s=t+e,c=t+e+1}}s!==-1&&c!==-1&&s!==c&&F.current.setSelectionRange(s,c,l)}let u=s===-1?t:s,d=c===-1?n:c,f=l??r;W(u),K(d),R.current.prev=[u,d,f]}if(document.addEventListener(`selectionchange`,n,{capture:!0}),n(),document.activeElement===e&&H(!0),!document.getElementById(`input-otp-style`)){let e=document.createElement(`style`);if(e.id=`input-otp-style`,document.head.appendChild(e),e.sheet){let t=`background: transparent !important; color: transparent !important; border-color: transparent !important; opacity: 0 !important; box-shadow: none !important; -webkit-box-shadow: none !important; -webkit-text-fill-color: transparent !important;`;j(e.sheet,`[data-input-otp]::selection { background: transparent !important; color: transparent !important; }`),j(e.sheet,`[data-input-otp]:autofill { ${t} }`),j(e.sheet,`[data-input-otp]:-webkit-autofill { ${t} }`),j(e.sheet,`@supports (-webkit-touch-callout: none) { [data-input-otp] { letter-spacing: -.6em !important; font-weight: 100 !important; font-stretch: ultra-condensed; font-optical-sizing: none !important; left: -1px !important; right: 1px !important; } }`),j(e.sheet,`[data-input-otp] + * { pointer-events: all !important; }`)}}let r=()=>{t&&t.style.setProperty(`--root-height`,`${e.clientHeight}px`)};r();let i=new ResizeObserver(r);return i.observe(e),()=>{document.removeEventListener(`selectionchange`,n,{capture:!0}),i.disconnect()}},[]);let[z,B]=d.useState(!1),[V,H]=d.useState(!1),[U,W]=d.useState(null),[G,K]=d.useState(null);d.useEffect(()=>{S(()=>{var e;(e=F.current)==null||e.dispatchEvent(new Event(`input`));let t=F.current?.selectionStart,n=F.current?.selectionEnd,r=F.current?.selectionDirection;t!==null&&n!==null&&(W(t),K(n),R.current.prev=[t,n,r])})},[D,V]),d.useEffect(()=>{A!==void 0&&D!==A&&A.length<a&&D.length===a&&u?.(D)},[a,u,A,D]);let q=O({containerRef:I,inputRef:F,pushPasswordManagerStrategy:f,isFocused:V}),J=d.useCallback(e=>{let t=e.currentTarget.value.slice(0,a);if(t.length>0&&P&&!P.test(t)){e.preventDefault();return}typeof A==`string`&&t.length<A.length&&document.dispatchEvent(new Event(`selectionchange`)),N(t)},[a,N,A,P]),Y=d.useCallback(()=>{var e;if(F.current){let t=Math.min(F.current.value.length,a-1),n=F.current.value.length;(e=F.current)==null||e.setSelectionRange(t,n),W(t),K(n)}H(!0)},[a]),X=d.useCallback(e=>{let t=F.current;if(!p&&(!L.current.isIOS||!e.clipboardData||!t))return;let n=e.clipboardData.getData(`text/plain`),r=p?p(n):n;e.preventDefault();let i=F.current?.selectionStart,o=F.current?.selectionEnd,s=(i===o?D.slice(0,i)+r+D.slice(i):D.slice(0,i)+r+D.slice(o)).slice(0,a);if(s.length>0&&P&&!P.test(s))return;t.value=s,N(s);let c=Math.min(s.length,a-1),l=s.length;t.setSelectionRange(c,l),W(c),K(l)},[a,N,P,D]),Z=d.useMemo(()=>({position:`relative`,cursor:v.disabled?`default`:`text`,userSelect:`none`,WebkitUserSelect:`none`,pointerEvents:`none`}),[v.disabled]),Q=d.useMemo(()=>({position:`absolute`,inset:0,width:q.willPushPWMBadge?`calc(100% + ${q.PWM_BADGE_SPACE_WIDTH})`:`100%`,clipPath:q.willPushPWMBadge?`inset(0 ${q.PWM_BADGE_SPACE_WIDTH} 0 0)`:void 0,height:`100%`,display:`flex`,textAlign:o,opacity:`1`,color:`transparent`,pointerEvents:`all`,background:`transparent`,caretColor:`transparent`,border:`0 solid transparent`,outline:`0 solid transparent`,boxShadow:`none`,lineHeight:`1`,letterSpacing:`-.5em`,fontSize:`var(--root-height)`,fontFamily:`monospace`,fontVariantNumeric:`tabular-nums`}),[q.PWM_BADGE_SPACE_WIDTH,q.willPushPWMBadge,o]),ee=d.useMemo(()=>d.createElement(`input`,b(y({autoComplete:v.autoComplete||`one-time-code`},v),{"data-input-otp":!0,"data-input-otp-placeholder-shown":D.length===0||void 0,"data-input-otp-mss":U,"data-input-otp-mse":G,inputMode:l,pattern:P?.source,"aria-placeholder":c,style:Q,maxLength:a,value:D,ref:F,onPaste:e=>{var t;X(e),(t=v.onPaste)==null||t.call(v,e)},onChange:J,onMouseOver:e=>{var t;B(!0),(t=v.onMouseOver)==null||t.call(v,e)},onMouseLeave:e=>{var t;B(!1),(t=v.onMouseLeave)==null||t.call(v,e)},onFocus:e=>{var t;Y(),(t=v.onFocus)==null||t.call(v,e)},onBlur:e=>{var t;H(!1),(t=v.onBlur)==null||t.call(v,e)}})),[J,Y,X,l,Q,a,G,U,v,P?.source,D]),$=d.useMemo(()=>({slots:Array.from({length:a}).map((e,t)=>{let n=V&&U!==null&&G!==null&&(U===G&&t===U||t>=U&&t<G),r=D[t]===void 0?null:D[t];return{char:r,placeholderChar:D[0]===void 0?c?.[t]??null:null,isActive:n,hasFakeCaret:n&&r===null}}),isFocused:V,isHovering:!v.disabled&&z}),[V,z,a,G,U,v.disabled,D]),te=d.useMemo(()=>g?g($):d.createElement(k.Provider,{value:$},_),[_,$,g]);return d.createElement(d.Fragment,null,h!==null&&d.createElement(`noscript`,null,d.createElement(`style`,null,h)),d.createElement(`div`,{ref:I,"data-input-otp-container":!0,style:Z,className:m},te,d.createElement(`div`,{style:{position:`absolute`,inset:0,pointerEvents:`none`}},ee)))});A.displayName=`Input`;function j(e,t){try{e.insertRule(t)}catch{console.error(`input-otp could not insert CSS rule:`,t)}}var M=`
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{r,t as i}from"./utils-CEE0-YEp.js";import{D as a,f as o,it as s,k as c,rt as l}from"./main-KBvz0mSQ.js";var u=r(`rotate-ccw`,[[`path`,{d:`M3 12a9 9 0 1 0 9-9 9.75 9.75 0 0 0-6.74 2.74L3 8`,key:`1357e3`}],[`path`,{d:`M3 3v5h5`,key:`1xhq8a`}]]),d=n(t(),1),f=Object.defineProperty,p=Object.defineProperties,m=Object.getOwnPropertyDescriptors,h=Object.getOwnPropertySymbols,g=Object.prototype.hasOwnProperty,_=Object.prototype.propertyIsEnumerable,v=(e,t,n)=>t in e?f(e,t,{enumerable:!0,configurable:!0,writable:!0,value:n}):e[t]=n,y=(e,t)=>{for(var n in t||={})g.call(t,n)&&v(e,n,t[n]);if(h)for(var n of h(t))_.call(t,n)&&v(e,n,t[n]);return e},b=(e,t)=>p(e,m(t)),x=(e,t)=>{var n={};for(var r in e)g.call(e,r)&&t.indexOf(r)<0&&(n[r]=e[r]);if(e!=null&&h)for(var r of h(e))t.indexOf(r)<0&&_.call(e,r)&&(n[r]=e[r]);return n};function S(e){return[setTimeout(e,0),setTimeout(e,10),setTimeout(e,50)]}function C(e){let t=d.useRef();return d.useEffect(()=>{t.current=e}),t.current}var w=18,T=40,E=`${T}px`,D=[`[data-lastpass-icon-root]`,`com-1password-button`,`[data-dashlanecreated]`,`[style$="2147483647 !important;"]`].join(`,`);function O({containerRef:e,inputRef:t,pushPasswordManagerStrategy:n,isFocused:r}){let[i,a]=d.useState(!1),[o,s]=d.useState(!1),[c,l]=d.useState(!1),u=d.useMemo(()=>n===`none`?!1:(n===`increase-width`||n===`experimental-no-flickering`)&&i&&o,[i,o,n]),f=d.useCallback(()=>{let r=e.current,i=t.current;if(!r||!i||c||n===`none`)return;let o=r,s=o.getBoundingClientRect().left+o.offsetWidth,u=o.getBoundingClientRect().top+o.offsetHeight/2,d=s-w,f=u;document.querySelectorAll(D).length===0&&document.elementFromPoint(d,f)===r||(a(!0),l(!0))},[e,t,c,n]);return d.useEffect(()=>{let t=e.current;if(!t||n===`none`)return;function r(){s(window.innerWidth-t.getBoundingClientRect().right>=T)}r();let i=setInterval(r,1e3);return()=>{clearInterval(i)}},[e,n]),d.useEffect(()=>{let e=r||document.activeElement===t.current;if(n===`none`||!e)return;let i=setTimeout(f,0),a=setTimeout(f,2e3),o=setTimeout(f,5e3),s=setTimeout(()=>{l(!0)},6e3);return()=>{clearTimeout(i),clearTimeout(a),clearTimeout(o),clearTimeout(s)}},[t,r,n,f]),{hasPWMBadge:i,willPushPWMBadge:u,PWM_BADGE_SPACE_WIDTH:E}}var k=d.createContext({}),A=d.forwardRef((e,t)=>{var n=e,{value:r,onChange:i,maxLength:a,textAlign:o=`left`,pattern:s,placeholder:c,inputMode:l=`numeric`,onComplete:u,pushPasswordManagerStrategy:f=`increase-width`,pasteTransformer:p,containerClassName:m,noScriptCSSFallback:h=M,render:g,children:_}=n,v=x(n,[`value`,`onChange`,`maxLength`,`textAlign`,`pattern`,`placeholder`,`inputMode`,`onComplete`,`pushPasswordManagerStrategy`,`pasteTransformer`,`containerClassName`,`noScriptCSSFallback`,`render`,`children`]),w;let[T,E]=d.useState(typeof v.defaultValue==`string`?v.defaultValue:``),D=r??T,A=C(D),N=d.useCallback(e=>{i?.(e),E(e)},[i]),P=d.useMemo(()=>s?typeof s==`string`?new RegExp(s):s:null,[s]),F=d.useRef(null),I=d.useRef(null),L=d.useRef({value:D,onChange:N,isIOS:typeof window<`u`&&((w=window==null?void 0:window.CSS)?.supports)?.call(w,`-webkit-touch-callout`,`none`)}),R=d.useRef({prev:[F.current?.selectionStart,F.current?.selectionEnd,F.current?.selectionDirection]});d.useImperativeHandle(t,()=>F.current,[]),d.useEffect(()=>{let e=F.current,t=I.current;if(!e||!t)return;L.current.value!==e.value&&L.current.onChange(e.value),R.current.prev=[e.selectionStart,e.selectionEnd,e.selectionDirection];function n(){if(document.activeElement!==e){W(null),K(null);return}let t=e.selectionStart,n=e.selectionEnd,r=e.selectionDirection,i=e.maxLength,a=e.value,o=R.current.prev,s=-1,c=-1,l;if(a.length!==0&&t!==null&&n!==null){let e=t===n,r=t===a.length&&a.length<i;if(e&&!r){let e=t;if(e===0)s=0,c=1,l=`forward`;else if(e===i)s=e-1,c=e,l=`backward`;else if(i>1&&a.length>1){let t=0;if(o[0]!==null&&o[1]!==null){l=e<o[1]?`backward`:`forward`;let n=o[0]===o[1]&&o[0]<i;l===`backward`&&!n&&(t=-1)}s=t+e,c=t+e+1}}s!==-1&&c!==-1&&s!==c&&F.current.setSelectionRange(s,c,l)}let u=s===-1?t:s,d=c===-1?n:c,f=l??r;W(u),K(d),R.current.prev=[u,d,f]}if(document.addEventListener(`selectionchange`,n,{capture:!0}),n(),document.activeElement===e&&H(!0),!document.getElementById(`input-otp-style`)){let e=document.createElement(`style`);if(e.id=`input-otp-style`,document.head.appendChild(e),e.sheet){let t=`background: transparent !important; color: transparent !important; border-color: transparent !important; opacity: 0 !important; box-shadow: none !important; -webkit-box-shadow: none !important; -webkit-text-fill-color: transparent !important;`;j(e.sheet,`[data-input-otp]::selection { background: transparent !important; color: transparent !important; }`),j(e.sheet,`[data-input-otp]:autofill { ${t} }`),j(e.sheet,`[data-input-otp]:-webkit-autofill { ${t} }`),j(e.sheet,`@supports (-webkit-touch-callout: none) { [data-input-otp] { letter-spacing: -.6em !important; font-weight: 100 !important; font-stretch: ultra-condensed; font-optical-sizing: none !important; left: -1px !important; right: 1px !important; } }`),j(e.sheet,`[data-input-otp] + * { pointer-events: all !important; }`)}}let r=()=>{t&&t.style.setProperty(`--root-height`,`${e.clientHeight}px`)};r();let i=new ResizeObserver(r);return i.observe(e),()=>{document.removeEventListener(`selectionchange`,n,{capture:!0}),i.disconnect()}},[]);let[z,B]=d.useState(!1),[V,H]=d.useState(!1),[U,W]=d.useState(null),[G,K]=d.useState(null);d.useEffect(()=>{S(()=>{var e;(e=F.current)==null||e.dispatchEvent(new Event(`input`));let t=F.current?.selectionStart,n=F.current?.selectionEnd,r=F.current?.selectionDirection;t!==null&&n!==null&&(W(t),K(n),R.current.prev=[t,n,r])})},[D,V]),d.useEffect(()=>{A!==void 0&&D!==A&&A.length<a&&D.length===a&&u?.(D)},[a,u,A,D]);let q=O({containerRef:I,inputRef:F,pushPasswordManagerStrategy:f,isFocused:V}),J=d.useCallback(e=>{let t=e.currentTarget.value.slice(0,a);if(t.length>0&&P&&!P.test(t)){e.preventDefault();return}typeof A==`string`&&t.length<A.length&&document.dispatchEvent(new Event(`selectionchange`)),N(t)},[a,N,A,P]),Y=d.useCallback(()=>{var e;if(F.current){let t=Math.min(F.current.value.length,a-1),n=F.current.value.length;(e=F.current)==null||e.setSelectionRange(t,n),W(t),K(n)}H(!0)},[a]),X=d.useCallback(e=>{let t=F.current;if(!p&&(!L.current.isIOS||!e.clipboardData||!t))return;let n=e.clipboardData.getData(`text/plain`),r=p?p(n):n;e.preventDefault();let i=F.current?.selectionStart,o=F.current?.selectionEnd,s=(i===o?D.slice(0,i)+r+D.slice(i):D.slice(0,i)+r+D.slice(o)).slice(0,a);if(s.length>0&&P&&!P.test(s))return;t.value=s,N(s);let c=Math.min(s.length,a-1),l=s.length;t.setSelectionRange(c,l),W(c),K(l)},[a,N,P,D]),Z=d.useMemo(()=>({position:`relative`,cursor:v.disabled?`default`:`text`,userSelect:`none`,WebkitUserSelect:`none`,pointerEvents:`none`}),[v.disabled]),Q=d.useMemo(()=>({position:`absolute`,inset:0,width:q.willPushPWMBadge?`calc(100% + ${q.PWM_BADGE_SPACE_WIDTH})`:`100%`,clipPath:q.willPushPWMBadge?`inset(0 ${q.PWM_BADGE_SPACE_WIDTH} 0 0)`:void 0,height:`100%`,display:`flex`,textAlign:o,opacity:`1`,color:`transparent`,pointerEvents:`all`,background:`transparent`,caretColor:`transparent`,border:`0 solid transparent`,outline:`0 solid transparent`,boxShadow:`none`,lineHeight:`1`,letterSpacing:`-.5em`,fontSize:`var(--root-height)`,fontFamily:`monospace`,fontVariantNumeric:`tabular-nums`}),[q.PWM_BADGE_SPACE_WIDTH,q.willPushPWMBadge,o]),ee=d.useMemo(()=>d.createElement(`input`,b(y({autoComplete:v.autoComplete||`one-time-code`},v),{"data-input-otp":!0,"data-input-otp-placeholder-shown":D.length===0||void 0,"data-input-otp-mss":U,"data-input-otp-mse":G,inputMode:l,pattern:P?.source,"aria-placeholder":c,style:Q,maxLength:a,value:D,ref:F,onPaste:e=>{var t;X(e),(t=v.onPaste)==null||t.call(v,e)},onChange:J,onMouseOver:e=>{var t;B(!0),(t=v.onMouseOver)==null||t.call(v,e)},onMouseLeave:e=>{var t;B(!1),(t=v.onMouseLeave)==null||t.call(v,e)},onFocus:e=>{var t;Y(),(t=v.onFocus)==null||t.call(v,e)},onBlur:e=>{var t;H(!1),(t=v.onBlur)==null||t.call(v,e)}})),[J,Y,X,l,Q,a,G,U,v,P?.source,D]),$=d.useMemo(()=>({slots:Array.from({length:a}).map((e,t)=>{let n=V&&U!==null&&G!==null&&(U===G&&t===U||t>=U&&t<G),r=D[t]===void 0?null:D[t];return{char:r,placeholderChar:D[0]===void 0?c?.[t]??null:null,isActive:n,hasFakeCaret:n&&r===null}}),isFocused:V,isHovering:!v.disabled&&z}),[V,z,a,G,U,v.disabled,D]),te=d.useMemo(()=>g?g($):d.createElement(k.Provider,{value:$},_),[_,$,g]);return d.createElement(d.Fragment,null,h!==null&&d.createElement(`noscript`,null,d.createElement(`style`,null,h)),d.createElement(`div`,{ref:I,"data-input-otp-container":!0,style:Z,className:m},te,d.createElement(`div`,{style:{position:`absolute`,inset:0,pointerEvents:`none`}},ee)))});A.displayName=`Input`;function j(e,t){try{e.insertRule(t)}catch{console.error(`input-otp could not insert CSS rule:`,t)}}var M=`
2
2
  [data-input-otp] {
3
3
  --nojs-bg: white !important;
4
4
  --nojs-fg: black !important;
@@ -1 +1 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./utils-CEE0-YEp.js";import{n as a,t as o}from"./signin-form-DWaa_uwj.js";import{t as s}from"./lock-D4OhqEPW.js";import{D as c,_ as l,d as u,f as d,it as f,k as p,m}from"./main-RzjfJZwD.js";import{t as h}from"./auth-layout-INHonQMf.js";var g=i(`check`,[[`path`,{d:`M20 6 9 17l-5-5`,key:`1gmf2c`}]]),_=i(`key-round`,[[`path`,{d:`M2.586 17.414A2 2 0 0 0 2 18.828V21a1 1 0 0 0 1 1h3a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h1a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h.172a2 2 0 0 0 1.414-.586l.814-.814a6.5 6.5 0 1 0-4-4z`,key:`1s6t7t`}],[`circle`,{cx:`16.5`,cy:`7.5`,r:`.5`,fill:`currentColor`,key:`w0ekpg`}]]),v=n(t(),1),y=e();function b(e){let t=(0,v.useId)(),n=(0,v.useId)(),[i,c]=(0,v.useState)({password:``,confirmPassword:``}),[u,d]=(0,v.useState)({});async function m(t){if(t.preventDefault(),e.pending||e.complete)return;let n=l(i);if(!n.ok){d(n.errors);return}d({}),await e.onSubmit(n.data.password)}return e.complete?(0,y.jsxs)(`div`,{className:`grid gap-4`,children:[(0,y.jsx)(`p`,{className:`rounded-md border bg-background p-3 text-sm text-muted-foreground`,children:`Your password has been updated.`}),(0,y.jsx)(p,{asChild:!0,children:(0,y.jsxs)(r,{to:`/signin`,search:{redirect:e.redirectTarget},children:[(0,y.jsx)(g,{className:`size-4`}),` Sign in`]})})]}):(0,y.jsxs)(`form`,{className:`grid gap-4`,onSubmit:m,noValidate:!0,children:[(0,y.jsx)(o,{id:t,icon:s,label:`New password`,type:`password`,autoComplete:`new-password`,value:i.password,error:u.password,onChange:e=>c(t=>({...t,password:e}))}),(0,y.jsx)(o,{id:n,icon:_,label:`Confirm password`,type:`password`,autoComplete:`new-password`,value:i.confirmPassword,error:u.confirmPassword,onChange:e=>c(t=>({...t,confirmPassword:e}))}),(0,y.jsx)(a,{message:e.error}),(0,y.jsx)(p,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,y.jsxs)(y.Fragment,{children:[(0,y.jsx)(f,{className:`size-4 animate-spin`}),` Updating password`]}):(0,y.jsxs)(y.Fragment,{children:[(0,y.jsx)(_,{className:`size-4`}),` Update password`]})})]})}function x(){let{redirect:e,token:t,error:n}=u.useSearch(),[i,a]=(0,v.useState)(!1),[o,s]=(0,v.useState)(!1),[l,f]=(0,v.useState)(!1),[p,g]=(0,v.useState)(n?`This reset link is invalid or expired.`:null);async function _(e){if(t===null){g(`This reset link is missing or expired.`);return}a(!0),g(null);let n=await c.resetPassword({token:t,newPassword:e});if(a(!1),n.error){if(m(n.error)){f(!0),g(null);return}g(d(n.error,`Could not update password.`));return}s(!0)}return(0,y.jsx)(h,{title:`Set new password`,description:`Choose a new password for your Flakes account.`,footer:(0,y.jsxs)(`p`,{children:[`Back to`,` `,(0,y.jsx)(r,{to:`/signin`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`sign in`})]}),children:t===null||n!==null||l?(0,y.jsxs)(`div`,{className:`grid gap-4`,children:[(0,y.jsx)(`p`,{className:`rounded-md border border-destructive/30 bg-background p-3 text-sm text-muted-foreground`,children:`This reset link is invalid or expired.`}),(0,y.jsx)(S,{redirectTarget:e})]}):(0,y.jsx)(b,{error:p,pending:i,complete:o,redirectTarget:e,onSubmit:_})})}function S(e){return(0,y.jsx)(p,{asChild:!0,variant:`outline`,children:(0,y.jsx)(r,{to:`/forgot-password`,search:{redirect:e.redirectTarget},children:`Request a new link`})})}export{x as component};
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./utils-CEE0-YEp.js";import{n as a,t as o}from"./signin-form-Bp22jPob.js";import{t as s}from"./lock-D4OhqEPW.js";import{D as c,_ as l,d as u,f as d,it as f,k as p,m}from"./main-KBvz0mSQ.js";import{t as h}from"./auth-layout-DiUSgtaY.js";var g=i(`check`,[[`path`,{d:`M20 6 9 17l-5-5`,key:`1gmf2c`}]]),_=i(`key-round`,[[`path`,{d:`M2.586 17.414A2 2 0 0 0 2 18.828V21a1 1 0 0 0 1 1h3a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h1a1 1 0 0 0 1-1v-1a1 1 0 0 1 1-1h.172a2 2 0 0 0 1.414-.586l.814-.814a6.5 6.5 0 1 0-4-4z`,key:`1s6t7t`}],[`circle`,{cx:`16.5`,cy:`7.5`,r:`.5`,fill:`currentColor`,key:`w0ekpg`}]]),v=n(t(),1),y=e();function b(e){let t=(0,v.useId)(),n=(0,v.useId)(),[i,c]=(0,v.useState)({password:``,confirmPassword:``}),[u,d]=(0,v.useState)({});async function m(t){if(t.preventDefault(),e.pending||e.complete)return;let n=l(i);if(!n.ok){d(n.errors);return}d({}),await e.onSubmit(n.data.password)}return e.complete?(0,y.jsxs)(`div`,{className:`grid gap-4`,children:[(0,y.jsx)(`p`,{className:`rounded-md border bg-background p-3 text-sm text-muted-foreground`,children:`Your password has been updated.`}),(0,y.jsx)(p,{asChild:!0,children:(0,y.jsxs)(r,{to:`/signin`,search:{redirect:e.redirectTarget},children:[(0,y.jsx)(g,{className:`size-4`}),` Sign in`]})})]}):(0,y.jsxs)(`form`,{className:`grid gap-4`,onSubmit:m,noValidate:!0,children:[(0,y.jsx)(o,{id:t,icon:s,label:`New password`,type:`password`,autoComplete:`new-password`,value:i.password,error:u.password,onChange:e=>c(t=>({...t,password:e}))}),(0,y.jsx)(o,{id:n,icon:_,label:`Confirm password`,type:`password`,autoComplete:`new-password`,value:i.confirmPassword,error:u.confirmPassword,onChange:e=>c(t=>({...t,confirmPassword:e}))}),(0,y.jsx)(a,{message:e.error}),(0,y.jsx)(p,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,y.jsxs)(y.Fragment,{children:[(0,y.jsx)(f,{className:`size-4 animate-spin`}),` Updating password`]}):(0,y.jsxs)(y.Fragment,{children:[(0,y.jsx)(_,{className:`size-4`}),` Update password`]})})]})}function x(){let{redirect:e,token:t,error:n}=u.useSearch(),[i,a]=(0,v.useState)(!1),[o,s]=(0,v.useState)(!1),[l,f]=(0,v.useState)(!1),[p,g]=(0,v.useState)(n?`This reset link is invalid or expired.`:null);async function _(e){if(t===null){g(`This reset link is missing or expired.`);return}a(!0),g(null);let n=await c.resetPassword({token:t,newPassword:e});if(a(!1),n.error){if(m(n.error)){f(!0),g(null);return}g(d(n.error,`Could not update password.`));return}s(!0)}return(0,y.jsx)(h,{title:`Set new password`,description:`Choose a new password for your Flakes account.`,footer:(0,y.jsxs)(`p`,{children:[`Back to`,` `,(0,y.jsx)(r,{to:`/signin`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`sign in`})]}),children:t===null||n!==null||l?(0,y.jsxs)(`div`,{className:`grid gap-4`,children:[(0,y.jsx)(`p`,{className:`rounded-md border border-destructive/30 bg-background p-3 text-sm text-muted-foreground`,children:`This reset link is invalid or expired.`}),(0,y.jsx)(S,{redirectTarget:e})]}):(0,y.jsx)(b,{error:p,pending:i,complete:o,redirectTarget:e,onSubmit:_})})}function S(e){return(0,y.jsx)(p,{asChild:!0,variant:`outline`,children:(0,y.jsx)(r,{to:`/forgot-password`,search:{redirect:e.redirectTarget},children:`Request a new link`})})}export{x as component};
@@ -1,2 +1,2 @@
1
- const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/RunsPage-LkYGVvbL.js","assets/react-DtOYBmep.js","assets/main-RzjfJZwD.js","assets/dist-BtPw3IIV.js","assets/utils-CEE0-YEp.js","assets/link-BsixJinJ.js","assets/react-dom-DrIU40PY.js","assets/matchContext-tJ0VTv5m.js","assets/redirect-BEm0VK76.js","assets/qss-4JXuaDtg.js","assets/bits-Cv0Te4iz.js","assets/card-DSG3_teC.js","assets/table-DptQuuuq.js"])))=>i.map(i=>d[i]);
2
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{b as r,ct as i,ot as a,st as o,w as s}from"./main-RzjfJZwD.js";var c=n(t()),l=e(),u=(0,c.lazy)(()=>s(()=>import(`./RunsPage-LkYGVvbL.js`).then(e=>({default:e.RunsPage})),__vite__mapDeps([0,1,2,3,4,5,6,7,8,9,10,11,12])));function d(){let{state:e}=r.useSearch(),t=a(),n=i();return f(t.pathname)===`/runs`?(0,l.jsx)(u,{filter:e,onFilterChange:e=>n({to:`/runs`,search:e?{state:e}:{},replace:!0}),onOpenRun:e=>n({to:`/runs/$runId`,params:{runId:e}})}):(0,l.jsx)(o,{})}function f(e){return e===`/`?e:e.replace(/\/$/,``)}export{d as component};
1
+ const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/RunsPage-u8qbeAoV.js","assets/react-DtOYBmep.js","assets/main-KBvz0mSQ.js","assets/dist-BtPw3IIV.js","assets/utils-CEE0-YEp.js","assets/link-BsixJinJ.js","assets/react-dom-DrIU40PY.js","assets/matchContext-tJ0VTv5m.js","assets/redirect-BEm0VK76.js","assets/qss-4JXuaDtg.js","assets/bits-Cv0Te4iz.js","assets/card-DSG3_teC.js","assets/table-DptQuuuq.js"])))=>i.map(i=>d[i]);
2
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{b as r,ct as i,ot as a,st as o,w as s}from"./main-KBvz0mSQ.js";var c=n(t()),l=e(),u=(0,c.lazy)(()=>s(()=>import(`./RunsPage-u8qbeAoV.js`).then(e=>({default:e.RunsPage})),__vite__mapDeps([0,1,2,3,4,5,6,7,8,9,10,11,12])));function d(){let{state:e}=r.useSearch(),t=a(),n=i();return f(t.pathname)===`/runs`?(0,l.jsx)(u,{filter:e,onFilterChange:e=>n({to:`/runs`,search:e?{state:e}:{},replace:!0}),onOpenRun:e=>n({to:`/runs/$runId`,params:{runId:e}})}):(0,l.jsx)(o,{})}function f(e){return e===`/`?e:e.replace(/\/$/,``)}export{d as component};
@@ -1,2 +1,2 @@
1
- const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/SandboxesPage-CwWMogj6.js","assets/react-DtOYBmep.js","assets/main-RzjfJZwD.js","assets/dist-BtPw3IIV.js","assets/utils-CEE0-YEp.js","assets/link-BsixJinJ.js","assets/react-dom-DrIU40PY.js","assets/matchContext-tJ0VTv5m.js","assets/redirect-BEm0VK76.js","assets/qss-4JXuaDtg.js","assets/arrow-right-BMW8fJP5.js","assets/external-link-BW8lpiMR.js","assets/bits-Cv0Te4iz.js","assets/card-DSG3_teC.js","assets/SandboxesLens-BUQQWmH6.js"])))=>i.map(i=>d[i]);
2
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{ct as r,w as i,x as a}from"./main-RzjfJZwD.js";var o=n(t()),s=e(),c=(0,o.lazy)(()=>i(()=>import(`./SandboxesPage-CwWMogj6.js`).then(e=>({default:e.SandboxesPage})),__vite__mapDeps([0,1,2,3,4,5,6,7,8,9,10,11,12,13,14])));function l(){let{runId:e}=a.useSearch(),t=r();return(0,s.jsx)(c,{selectedRunId:e,onSelectRun:e=>t({to:`/sandboxes`,search:{runId:e},replace:!0}),onOpenRun:e=>t({to:`/runs/$runId`,params:{runId:e},search:{view:`sandboxes`}}),onOpenTask:(e,n)=>t({to:`/runs/$runId/t/$taskId`,params:{runId:e,taskId:n}})})}export{l as component};
1
+ const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/SandboxesPage-D8D_5kXP.js","assets/react-DtOYBmep.js","assets/main-KBvz0mSQ.js","assets/dist-BtPw3IIV.js","assets/utils-CEE0-YEp.js","assets/link-BsixJinJ.js","assets/react-dom-DrIU40PY.js","assets/matchContext-tJ0VTv5m.js","assets/redirect-BEm0VK76.js","assets/qss-4JXuaDtg.js","assets/arrow-right-BMW8fJP5.js","assets/external-link-BW8lpiMR.js","assets/bits-Cv0Te4iz.js","assets/card-DSG3_teC.js","assets/SandboxesLens-BUQQWmH6.js"])))=>i.map(i=>d[i]);
2
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{ct as r,w as i,x as a}from"./main-KBvz0mSQ.js";var o=n(t()),s=e(),c=(0,o.lazy)(()=>i(()=>import(`./SandboxesPage-D8D_5kXP.js`).then(e=>({default:e.SandboxesPage})),__vite__mapDeps([0,1,2,3,4,5,6,7,8,9,10,11,12,13,14])));function l(){let{runId:e}=a.useSearch(),t=r();return(0,s.jsx)(c,{selectedRunId:e,onSelectRun:e=>t({to:`/sandboxes`,search:{runId:e},replace:!0}),onOpenRun:e=>t({to:`/runs/$runId`,params:{runId:e},search:{view:`sandboxes`}}),onOpenTask:(e,n)=>t({to:`/runs/$runId/t/$taskId`,params:{runId:e,taskId:n}})})}export{l as component};
@@ -1 +1 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{D as r,f as i}from"./main-RzjfJZwD.js";import{n as a}from"./account-forms-DrHA3zEd.js";import{a as o,i as s,n as c,r as l,t as u}from"./card-DSG3_teC.js";var d=n(t()),f=e();function p(){let[e,t]=(0,d.useState)(!1),[n,p]=(0,d.useState)(null),[m,h]=(0,d.useState)(null);async function g(e){t(!0),p(null),h(null);let n=await r.changePassword({currentPassword:e.currentPassword,newPassword:e.newPassword,revokeOtherSessions:!0});return t(!1),n.error?(p(i(n.error,`Could not change password.`)),!1):(h(`Password changed. Other sessions were revoked.`),!0)}return(0,f.jsxs)(`section`,{className:`grid max-w-3xl gap-6`,children:[(0,f.jsxs)(`header`,{className:`grid gap-1`,children:[(0,f.jsx)(`p`,{className:`font-mono text-xs uppercase tracking-[0.14em] text-muted-foreground`,children:`Account`}),(0,f.jsx)(`h1`,{className:`text-2xl font-semibold tracking-tight`,children:`Security`}),(0,f.jsx)(`p`,{className:`max-w-2xl text-sm text-muted-foreground`,children:`Change the password for your Flakes account.`})]}),(0,f.jsxs)(u,{className:`rounded-md`,children:[(0,f.jsxs)(s,{children:[(0,f.jsx)(o,{children:`Password`}),(0,f.jsx)(l,{children:`Changing your password revokes other active sessions.`})]}),(0,f.jsx)(c,{children:(0,f.jsx)(a,{pending:e,error:n,success:m,onSubmit:g})})]})]})}export{p as component};
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{D as r,f as i}from"./main-KBvz0mSQ.js";import{n as a}from"./account-forms-BLo66Mqa.js";import{a as o,i as s,n as c,r as l,t as u}from"./card-DSG3_teC.js";var d=n(t()),f=e();function p(){let[e,t]=(0,d.useState)(!1),[n,p]=(0,d.useState)(null),[m,h]=(0,d.useState)(null);async function g(e){t(!0),p(null),h(null);let n=await r.changePassword({currentPassword:e.currentPassword,newPassword:e.newPassword,revokeOtherSessions:!0});return t(!1),n.error?(p(i(n.error,`Could not change password.`)),!1):(h(`Password changed. Other sessions were revoked.`),!0)}return(0,f.jsxs)(`section`,{className:`grid max-w-3xl gap-6`,children:[(0,f.jsxs)(`header`,{className:`grid gap-1`,children:[(0,f.jsx)(`p`,{className:`font-mono text-xs uppercase tracking-[0.14em] text-muted-foreground`,children:`Account`}),(0,f.jsx)(`h1`,{className:`text-2xl font-semibold tracking-tight`,children:`Security`}),(0,f.jsx)(`p`,{className:`max-w-2xl text-sm text-muted-foreground`,children:`Change the password for your Flakes account.`})]}),(0,f.jsxs)(u,{className:`rounded-md`,children:[(0,f.jsxs)(s,{children:[(0,f.jsx)(o,{children:`Password`}),(0,f.jsx)(l,{children:`Changing your password revokes other active sessions.`})]}),(0,f.jsx)(c,{children:(0,f.jsx)(a,{pending:e,error:n,success:m,onSubmit:g})})]})]})}export{p as component};
@@ -1 +1 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./signin-form-DWaa_uwj.js";import{t as a}from"./otp-verification-Cqa6lopR.js";import{D as o,E as s,S as c,f as l,p as u}from"./main-RzjfJZwD.js";import{t as d}from"./auth-layout-INHonQMf.js";var f=n(t()),p=e();function m(){let{redirect:e}=c.useSearch(),[t,n]=(0,f.useState)(`signin`),[m,h]=(0,f.useState)(``),[g,_]=(0,f.useState)(``),[v,y]=(0,f.useState)(!1),[b,x]=(0,f.useState)(null);async function S(t){y(!0),x(null),h(t.email),_(t.password);let r=await o.signIn.email({email:t.email,password:t.password});if(r.error){if(u(r.error)){let e=await o.emailOtp.sendVerificationOtp({email:t.email,type:`email-verification`});if(y(!1),e.error){x(l(e.error,`Could not send verification code.`));return}n(`verify`);return}y(!1),x(l(r.error));return}y(!1),window.location.assign(s(e))}async function C(t){if(y(!0),x(null),(await o.emailOtp.verifyEmail({email:m,otp:t})).error){y(!1),x(`Verification failed: the six-digit code is incorrect.`);return}let r=await o.signIn.email({email:m,password:g});if(y(!1),r.error){x(`Verification succeeded, but failed to sign in: ${l(r.error)}`),n(`signin`);return}window.location.assign(s(e))}return(0,p.jsx)(d,{title:t===`signin`?`Sign in`:`Verify email`,description:t===`signin`?`Use your Flakes account to open the control console.`:`Confirm your email address to finish signing in.`,footer:(0,p.jsxs)(`p`,{children:[`Need access?`,` `,(0,p.jsx)(r,{to:`/signup`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`Create an account`})]}),children:t===`signin`?(0,p.jsx)(i,{error:b,pending:v,redirectTarget:e,onSubmit:S}):(0,p.jsx)(a,{email:m,error:b,pending:v,onVerify:C,onBack:()=>{x(null),n(`signin`)}})})}export{m as component};
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./signin-form-Bp22jPob.js";import{t as a}from"./otp-verification-BSXwS5bo.js";import{D as o,E as s,S as c,f as l,p as u}from"./main-KBvz0mSQ.js";import{t as d}from"./auth-layout-DiUSgtaY.js";var f=n(t()),p=e();function m(){let{redirect:e}=c.useSearch(),[t,n]=(0,f.useState)(`signin`),[m,h]=(0,f.useState)(``),[g,_]=(0,f.useState)(``),[v,y]=(0,f.useState)(!1),[b,x]=(0,f.useState)(null);async function S(t){y(!0),x(null),h(t.email),_(t.password);let r=await o.signIn.email({email:t.email,password:t.password});if(r.error){if(u(r.error)){let e=await o.emailOtp.sendVerificationOtp({email:t.email,type:`email-verification`});if(y(!1),e.error){x(l(e.error,`Could not send verification code.`));return}n(`verify`);return}y(!1),x(l(r.error));return}y(!1),window.location.assign(s(e))}async function C(t){if(y(!0),x(null),(await o.emailOtp.verifyEmail({email:m,otp:t})).error){y(!1),x(`Verification failed: the six-digit code is incorrect.`);return}let r=await o.signIn.email({email:m,password:g});if(y(!1),r.error){x(`Verification succeeded, but failed to sign in: ${l(r.error)}`),n(`signin`);return}window.location.assign(s(e))}return(0,p.jsx)(d,{title:t===`signin`?`Sign in`:`Verify email`,description:t===`signin`?`Use your Flakes account to open the control console.`:`Confirm your email address to finish signing in.`,footer:(0,p.jsxs)(`p`,{children:[`Need access?`,` `,(0,p.jsx)(r,{to:`/signup`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`Create an account`})]}),children:t===`signin`?(0,p.jsx)(i,{error:b,pending:v,redirectTarget:e,onSubmit:S}):(0,p.jsx)(a,{email:m,error:b,pending:v,onVerify:C,onBack:()=>{x(null),n(`signin`)}})})}export{m as component};
@@ -1 +1 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i,t as a}from"./utils-CEE0-YEp.js";import{t as o}from"./lock-D4OhqEPW.js";import{it as s,k as c,v as l}from"./main-RzjfJZwD.js";var u=i(`circle-alert`,[[`circle`,{cx:`12`,cy:`12`,r:`10`,key:`1mglay`}],[`line`,{x1:`12`,x2:`12`,y1:`8`,y2:`12`,key:`1pkeuh`}],[`line`,{x1:`12`,x2:`12.01`,y1:`16`,y2:`16`,key:`4dfq90`}]]),d=i(`log-in`,[[`path`,{d:`m10 17 5-5-5-5`,key:`1bsop3`}],[`path`,{d:`M15 12H3`,key:`6jk70r`}],[`path`,{d:`M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4`,key:`u53s6r`}]]),f=i(`mail`,[[`path`,{d:`m22 7-8.991 5.727a2 2 0 0 1-2.009 0L2 7`,key:`132q7q`}],[`rect`,{x:`2`,y:`4`,width:`20`,height:`16`,rx:`2`,key:`izxlao`}]]),p=n(t(),1),m=e();function h(e){let t=(0,p.useId)(),n=(0,p.useId)(),[i,a]=(0,p.useState)({email:``,password:``}),[u,h]=(0,p.useState)({});async function y(t){if(t.preventDefault(),e.pending)return;let n=l(i);if(!n.ok){h(n.errors);return}h({}),await e.onSubmit(n.data)}return(0,m.jsxs)(`form`,{className:`grid gap-4`,onSubmit:y,noValidate:!0,children:[(0,m.jsx)(g,{id:t,icon:f,label:`Email`,type:`email`,autoComplete:`email`,value:i.email,error:u.email,onChange:e=>a(t=>({...t,email:e}))}),(0,m.jsxs)(`div`,{className:`grid gap-1.5`,children:[(0,m.jsxs)(`div`,{className:`flex items-center justify-between gap-3`,children:[(0,m.jsx)(`label`,{htmlFor:n,className:`console-callout`,children:`Password`}),(0,m.jsx)(r,{to:`/forgot-password`,search:{redirect:e.redirectTarget},className:`text-xs text-muted-foreground underline-offset-4 hover:text-foreground hover:underline`,children:`Forgot password?`})]}),(0,m.jsx)(_,{id:n,icon:o,type:`password`,autoComplete:`current-password`,value:i.password,onChange:e=>a(t=>({...t,password:e})),error:u.password})]}),(0,m.jsx)(v,{message:e.error}),(0,m.jsx)(c,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(s,{className:`size-4 animate-spin`}),` Signing in`]}):(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(d,{className:`size-4`}),` Sign in`]})})]})}function g(e){return(0,m.jsxs)(`div`,{className:`grid gap-1.5`,children:[(0,m.jsx)(`label`,{htmlFor:e.id,className:`console-callout`,children:e.label}),(0,m.jsx)(_,{id:e.id,icon:e.icon,type:e.type,autoComplete:e.autoComplete,value:e.value,onChange:e.onChange,error:e.error})]})}function _(e){let t=e.icon;return(0,m.jsxs)(m.Fragment,{children:[(0,m.jsxs)(`div`,{className:a(`flex h-10 items-center gap-2 rounded-md border bg-background px-3 transition-colors focus-within:border-primary focus-within:ring-[3px] focus-within:ring-ring/30`,e.error&&`border-destructive`),children:[(0,m.jsx)(t,{className:`size-4 shrink-0 text-muted-foreground`}),(0,m.jsx)(`input`,{id:e.id,type:e.type,autoComplete:e.autoComplete,value:e.value,onChange:t=>e.onChange(t.target.value),"aria-invalid":e.error?!0:void 0,className:`h-full min-w-0 flex-1 bg-transparent text-sm outline-none`})]}),(0,m.jsx)(`p`,{className:`min-h-4 text-xs text-destructive`,children:e.error??``})]})}function v(e){return(0,m.jsx)(`p`,{className:`flex min-h-5 items-start gap-1.5 text-sm text-destructive`,children:e.message?(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(u,{className:`mt-0.5 size-4 shrink-0`}),(0,m.jsx)(`span`,{children:e.message})]}):null})}export{f as i,v as n,h as r,g as t};
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i,t as a}from"./utils-CEE0-YEp.js";import{t as o}from"./lock-D4OhqEPW.js";import{it as s,k as c,v as l}from"./main-KBvz0mSQ.js";var u=i(`circle-alert`,[[`circle`,{cx:`12`,cy:`12`,r:`10`,key:`1mglay`}],[`line`,{x1:`12`,x2:`12`,y1:`8`,y2:`12`,key:`1pkeuh`}],[`line`,{x1:`12`,x2:`12.01`,y1:`16`,y2:`16`,key:`4dfq90`}]]),d=i(`log-in`,[[`path`,{d:`m10 17 5-5-5-5`,key:`1bsop3`}],[`path`,{d:`M15 12H3`,key:`6jk70r`}],[`path`,{d:`M15 3h4a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2h-4`,key:`u53s6r`}]]),f=i(`mail`,[[`path`,{d:`m22 7-8.991 5.727a2 2 0 0 1-2.009 0L2 7`,key:`132q7q`}],[`rect`,{x:`2`,y:`4`,width:`20`,height:`16`,rx:`2`,key:`izxlao`}]]),p=n(t(),1),m=e();function h(e){let t=(0,p.useId)(),n=(0,p.useId)(),[i,a]=(0,p.useState)({email:``,password:``}),[u,h]=(0,p.useState)({});async function y(t){if(t.preventDefault(),e.pending)return;let n=l(i);if(!n.ok){h(n.errors);return}h({}),await e.onSubmit(n.data)}return(0,m.jsxs)(`form`,{className:`grid gap-4`,onSubmit:y,noValidate:!0,children:[(0,m.jsx)(g,{id:t,icon:f,label:`Email`,type:`email`,autoComplete:`email`,value:i.email,error:u.email,onChange:e=>a(t=>({...t,email:e}))}),(0,m.jsxs)(`div`,{className:`grid gap-1.5`,children:[(0,m.jsxs)(`div`,{className:`flex items-center justify-between gap-3`,children:[(0,m.jsx)(`label`,{htmlFor:n,className:`console-callout`,children:`Password`}),(0,m.jsx)(r,{to:`/forgot-password`,search:{redirect:e.redirectTarget},className:`text-xs text-muted-foreground underline-offset-4 hover:text-foreground hover:underline`,children:`Forgot password?`})]}),(0,m.jsx)(_,{id:n,icon:o,type:`password`,autoComplete:`current-password`,value:i.password,onChange:e=>a(t=>({...t,password:e})),error:u.password})]}),(0,m.jsx)(v,{message:e.error}),(0,m.jsx)(c,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(s,{className:`size-4 animate-spin`}),` Signing in`]}):(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(d,{className:`size-4`}),` Sign in`]})})]})}function g(e){return(0,m.jsxs)(`div`,{className:`grid gap-1.5`,children:[(0,m.jsx)(`label`,{htmlFor:e.id,className:`console-callout`,children:e.label}),(0,m.jsx)(_,{id:e.id,icon:e.icon,type:e.type,autoComplete:e.autoComplete,value:e.value,onChange:e.onChange,error:e.error})]})}function _(e){let t=e.icon;return(0,m.jsxs)(m.Fragment,{children:[(0,m.jsxs)(`div`,{className:a(`flex h-10 items-center gap-2 rounded-md border bg-background px-3 transition-colors focus-within:border-primary focus-within:ring-[3px] focus-within:ring-ring/30`,e.error&&`border-destructive`),children:[(0,m.jsx)(t,{className:`size-4 shrink-0 text-muted-foreground`}),(0,m.jsx)(`input`,{id:e.id,type:e.type,autoComplete:e.autoComplete,value:e.value,onChange:t=>e.onChange(t.target.value),"aria-invalid":e.error?!0:void 0,className:`h-full min-w-0 flex-1 bg-transparent text-sm outline-none`})]}),(0,m.jsx)(`p`,{className:`min-h-4 text-xs text-destructive`,children:e.error??``})]})}function v(e){return(0,m.jsx)(`p`,{className:`flex min-h-5 items-start gap-1.5 text-sm text-destructive`,children:e.message?(0,m.jsxs)(m.Fragment,{children:[(0,m.jsx)(u,{className:`mt-0.5 size-4 shrink-0`}),(0,m.jsx)(`span`,{children:e.message})]}):null})}export{f as i,v as n,h as r,g as t};
@@ -1 +1 @@
1
- import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./utils-CEE0-YEp.js";import{i as a,n as o,t as s}from"./signin-form-DWaa_uwj.js";import{t as c}from"./lock-D4OhqEPW.js";import{t as l}from"./otp-verification-Cqa6lopR.js";import{t as u}from"./user-DK27uFod.js";import{C as d,D as f,E as p,f as m,it as h,k as g,y as _}from"./main-RzjfJZwD.js";import{t as v}from"./auth-layout-INHonQMf.js";var y=i(`user-plus`,[[`path`,{d:`M16 21v-2a4 4 0 0 0-4-4H6a4 4 0 0 0-4 4v2`,key:`1yyitq`}],[`circle`,{cx:`9`,cy:`7`,r:`4`,key:`nufk8`}],[`line`,{x1:`19`,x2:`19`,y1:`8`,y2:`14`,key:`1bvyxn`}],[`line`,{x1:`22`,x2:`16`,y1:`11`,y2:`11`,key:`1shjgl`}]]),b=n(t(),1),x=e();function S(e){let t=(0,b.useId)(),n=(0,b.useId)(),i=(0,b.useId)(),[l,d]=(0,b.useState)({name:``,email:``,password:``}),[f,p]=(0,b.useState)({});async function m(t){if(t.preventDefault(),e.pending)return;let n=_(l);if(!n.ok){p(n.errors);return}p({}),await e.onSubmit(n.data)}return(0,x.jsxs)(`form`,{className:`grid gap-4`,onSubmit:m,noValidate:!0,children:[(0,x.jsx)(s,{id:t,icon:u,label:`Name`,type:`text`,autoComplete:`name`,value:l.name,error:f.name,onChange:e=>d(t=>({...t,name:e}))}),(0,x.jsx)(s,{id:n,icon:a,label:`Email`,type:`email`,autoComplete:`email`,value:l.email,error:f.email,onChange:e=>d(t=>({...t,email:e}))}),(0,x.jsx)(s,{id:i,icon:c,label:`Password`,type:`password`,autoComplete:`new-password`,value:l.password,error:f.password,onChange:e=>d(t=>({...t,password:e}))}),(0,x.jsx)(o,{message:e.error}),(0,x.jsx)(g,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,x.jsxs)(x.Fragment,{children:[(0,x.jsx)(h,{className:`size-4 animate-spin`}),` Creating account`]}):(0,x.jsxs)(x.Fragment,{children:[(0,x.jsx)(y,{className:`size-4`}),` Sign up`]})}),(0,x.jsxs)(`p`,{className:`text-center text-sm text-muted-foreground`,children:[`Already have an account?`,` `,(0,x.jsx)(r,{to:`/signin`,search:{redirect:e.redirectTarget},className:`text-foreground underline-offset-4 hover:underline`,children:`Sign in`})]})]})}function C(){let{redirect:e}=d.useSearch(),[t,n]=(0,b.useState)(`signup`),[i,a]=(0,b.useState)(``),[o,s]=(0,b.useState)(``),[c,u]=(0,b.useState)(7),[h,g]=(0,b.useState)(!1),[_,y]=(0,b.useState)(null);async function C(e){g(!0),y(null),a(e.email),s(e.password);let t=await f.signUp.email({name:e.name,email:e.email,password:e.password});if(t.error){g(!1),y(m(t.error));return}let r=await f.emailOtp.sendVerificationOtp({email:e.email,type:`email-verification`});if(g(!1),r.error){y(m(r.error,`Could not send verification code.`));return}n(`verify`)}async function w(e){g(!0),y(null);let t=await f.emailOtp.verifyEmail({email:i,otp:e});if(g(!1),t.error){y(m(t.error,`Verification failed.`));return}n(`success`)}return(0,b.useEffect)(()=>{if(t!==`success`)return;let e=window.setInterval(()=>{u(e=>Math.max(0,e-1))},1e3);return()=>window.clearInterval(e)},[t]),(0,b.useEffect)(()=>{if(t!==`success`||c!==0)return;let r=!1;return g(!0),f.signIn.email({email:i,password:o}).then(t=>{if(!r){if(g(!1),t.error){y(m(t.error,`Account verified. Sign in to continue.`)),n(`signup`);return}window.location.assign(p(e))}}),()=>{r=!0}},[c,i,o,e,t]),(0,x.jsx)(v,{title:t===`signup`?`Create account`:t===`verify`?`Verify email`:`Account verified`,description:t===`signup`?`Create a Flakes user account for console access.`:t===`verify`?`Confirm your email address to finish creating your account.`:`Your email has been verified. Signing in ${c}s.`,footer:(0,x.jsxs)(`p`,{children:[`Already cleared?`,` `,(0,x.jsx)(r,{to:`/signin`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`Sign in`})]}),children:t===`signup`?(0,x.jsx)(S,{error:_,pending:h,redirectTarget:e,onSubmit:C}):t===`verify`?(0,x.jsx)(l,{email:i,error:_,pending:h,onVerify:w,onBack:()=>{y(null),n(`signup`)}}):(0,x.jsx)(`p`,{className:`text-sm text-muted-foreground`,children:`Keep this page open while the console signs you in.`})})}export{C as component};
1
+ import{h as e,t,v as n}from"./react-DtOYBmep.js";import{t as r}from"./link-BsixJinJ.js";import{r as i}from"./utils-CEE0-YEp.js";import{i as a,n as o,t as s}from"./signin-form-Bp22jPob.js";import{t as c}from"./lock-D4OhqEPW.js";import{t as l}from"./otp-verification-BSXwS5bo.js";import{t as u}from"./user-DK27uFod.js";import{C as d,D as f,E as p,f as m,it as h,k as g,y as _}from"./main-KBvz0mSQ.js";import{t as v}from"./auth-layout-DiUSgtaY.js";var y=i(`user-plus`,[[`path`,{d:`M16 21v-2a4 4 0 0 0-4-4H6a4 4 0 0 0-4 4v2`,key:`1yyitq`}],[`circle`,{cx:`9`,cy:`7`,r:`4`,key:`nufk8`}],[`line`,{x1:`19`,x2:`19`,y1:`8`,y2:`14`,key:`1bvyxn`}],[`line`,{x1:`22`,x2:`16`,y1:`11`,y2:`11`,key:`1shjgl`}]]),b=n(t(),1),x=e();function S(e){let t=(0,b.useId)(),n=(0,b.useId)(),i=(0,b.useId)(),[l,d]=(0,b.useState)({name:``,email:``,password:``}),[f,p]=(0,b.useState)({});async function m(t){if(t.preventDefault(),e.pending)return;let n=_(l);if(!n.ok){p(n.errors);return}p({}),await e.onSubmit(n.data)}return(0,x.jsxs)(`form`,{className:`grid gap-4`,onSubmit:m,noValidate:!0,children:[(0,x.jsx)(s,{id:t,icon:u,label:`Name`,type:`text`,autoComplete:`name`,value:l.name,error:f.name,onChange:e=>d(t=>({...t,name:e}))}),(0,x.jsx)(s,{id:n,icon:a,label:`Email`,type:`email`,autoComplete:`email`,value:l.email,error:f.email,onChange:e=>d(t=>({...t,email:e}))}),(0,x.jsx)(s,{id:i,icon:c,label:`Password`,type:`password`,autoComplete:`new-password`,value:l.password,error:f.password,onChange:e=>d(t=>({...t,password:e}))}),(0,x.jsx)(o,{message:e.error}),(0,x.jsx)(g,{type:`submit`,disabled:e.pending,className:`font-mono`,children:e.pending?(0,x.jsxs)(x.Fragment,{children:[(0,x.jsx)(h,{className:`size-4 animate-spin`}),` Creating account`]}):(0,x.jsxs)(x.Fragment,{children:[(0,x.jsx)(y,{className:`size-4`}),` Sign up`]})}),(0,x.jsxs)(`p`,{className:`text-center text-sm text-muted-foreground`,children:[`Already have an account?`,` `,(0,x.jsx)(r,{to:`/signin`,search:{redirect:e.redirectTarget},className:`text-foreground underline-offset-4 hover:underline`,children:`Sign in`})]})]})}function C(){let{redirect:e}=d.useSearch(),[t,n]=(0,b.useState)(`signup`),[i,a]=(0,b.useState)(``),[o,s]=(0,b.useState)(``),[c,u]=(0,b.useState)(7),[h,g]=(0,b.useState)(!1),[_,y]=(0,b.useState)(null);async function C(e){g(!0),y(null),a(e.email),s(e.password);let t=await f.signUp.email({name:e.name,email:e.email,password:e.password});if(t.error){g(!1),y(m(t.error));return}let r=await f.emailOtp.sendVerificationOtp({email:e.email,type:`email-verification`});if(g(!1),r.error){y(m(r.error,`Could not send verification code.`));return}n(`verify`)}async function w(e){g(!0),y(null);let t=await f.emailOtp.verifyEmail({email:i,otp:e});if(g(!1),t.error){y(m(t.error,`Verification failed.`));return}n(`success`)}return(0,b.useEffect)(()=>{if(t!==`success`)return;let e=window.setInterval(()=>{u(e=>Math.max(0,e-1))},1e3);return()=>window.clearInterval(e)},[t]),(0,b.useEffect)(()=>{if(t!==`success`||c!==0)return;let r=!1;return g(!0),f.signIn.email({email:i,password:o}).then(t=>{if(!r){if(g(!1),t.error){y(m(t.error,`Account verified. Sign in to continue.`)),n(`signup`);return}window.location.assign(p(e))}}),()=>{r=!0}},[c,i,o,e,t]),(0,x.jsx)(v,{title:t===`signup`?`Create account`:t===`verify`?`Verify email`:`Account verified`,description:t===`signup`?`Create a Flakes user account for console access.`:t===`verify`?`Confirm your email address to finish creating your account.`:`Your email has been verified. Signing in ${c}s.`,footer:(0,x.jsxs)(`p`,{children:[`Already cleared?`,` `,(0,x.jsx)(r,{to:`/signin`,search:{redirect:e},className:`text-foreground underline-offset-4 hover:underline`,children:`Sign in`})]}),children:t===`signup`?(0,x.jsx)(S,{error:_,pending:h,redirectTarget:e,onSubmit:C}):t===`verify`?(0,x.jsx)(l,{email:i,error:_,pending:h,onVerify:w,onBack:()=>{y(null),n(`signup`)}}):(0,x.jsx)(`p`,{className:`text-sm text-muted-foreground`,children:`Keep this page open while the console signs you in.`})})}export{C as component};
@@ -1,7 +1,7 @@
1
1
  import { c as lazyRouteComponent, g as notFound, l as createFileRoute } from "./_libs/@tanstack/react-router+[...].mjs";
2
- import { o as getDocumentationPageByPath } from "./_ssr/documentation-Do_Mr_e4.mjs";
3
- //#region node_modules/.nitro/vite/services/ssr/assets/_-8ZDVkA1O.js
4
- var $$splitComponentImporter = () => import("./_-CjpSIsvB.mjs");
2
+ import { o as getDocumentationPageByPath } from "./_ssr/documentation-Bf0VPrnt.mjs";
3
+ //#region node_modules/.nitro/vite/services/ssr/assets/_-C-u135Pp.js
4
+ var $$splitComponentImporter = () => import("./_-DwPiGKLE.mjs");
5
5
  var Route = createFileRoute("/documentation/$")({
6
6
  loader: ({ params }) => {
7
7
  const page = getDocumentationPageByPath(params._splat);
@@ -1,7 +1,7 @@
1
1
  import { c as require_jsx_runtime } from "./_libs/@radix-ui/react-arrow+[...].mjs";
2
- import { t as Route } from "./_-8ZDVkA1O.mjs";
3
- import { t as DocumentationPage } from "./_ssr/DocumentationPage-D85Budiq.mjs";
4
- //#region node_modules/.nitro/vite/services/ssr/assets/_-CjpSIsvB.js
2
+ import { t as Route } from "./_-C-u135Pp.mjs";
3
+ import { t as DocumentationPage } from "./_ssr/DocumentationPage-CtBAQbzy.mjs";
4
+ //#region node_modules/.nitro/vite/services/ssr/assets/_-DwPiGKLE.js
5
5
  var import_jsx_runtime = require_jsx_runtime();
6
6
  function DocumentationSplatRouteComponent() {
7
7
  const { path } = Route.useLoaderData();
@@ -2129,19 +2129,19 @@ var concepts_default = "---\ntitle: Concepts\ndescription: Core vocabulary for r
2129
2129
  var connect_a_host_default = "---\ntitle: Connect A Host\ndescription: Onboard user-supplied host capacity, configure pools, and run the host agent.\n---\n\nConnect a host when you want Flakes to run task work on compute you provide.\nThe setup path starts from a hosted account, creates a host directly from the\nauthenticated CLI, writes credentials locally on the host, and then keeps a\nhost agent connected to `https://flakes.dev`.\n\n## Prerequisites\n\nUse this page on the physical Linux or Mac machine that will run the Flakes host\nagent and start MatchLock sandboxes.\n\nYou need:\n\n- A signed-in account at `https://flakes.dev/console`.\n- The `flakes` CLI available on the host machine.\n- MatchLock available on the host machine.\n- A workspace directory for sandbox work.\n\nHost setup is a CLI/direct user auth flow. Do not route raw host credentials\nthrough the browser console, and do not assume the web console can display host\nsecrets. The setup route returns the raw host credential exactly once to the\nCLI so the host can persist it locally.\n\n## 1. Authorize The CLI\n\nAuthorize the CLI on the host machine against the hosted API:\n\n```sh\nflakes auth login\nflakes auth status\n```\n\n`flakes host setup` uses this stored CLI credential. If no valid credential is\navailable, setup can start the same device authorization flow before creating\nthe host.\n\n## 2. Create The Host\n\nRun setup on the host machine:\n\n```sh\nflakes host setup --config <host.toml>\n```\n\nSetup calls the direct host setup API using CLI user auth. The server creates\nthe host and its first host-scoped credential in one transaction, then returns\nthe raw credential exactly once so the CLI can write it to a protected local\ncredential file. Command output and browser console responses should expose\ncredential summaries, not the secret value.\n\nBy default, setup writes under the user's Flakes config directory. Passing\n`--config`, `--credential-file`, and `--state-dir` lets you choose explicit host\npaths.\n\n## 3. Add Pools To The Host Config\n\n`flakes host setup` writes the host identity and credential reference first. Add\none or more `[[pools]]` entries before starting the host agent:\n\n```toml\ncontrolPlaneUrl = \"https://flakes.dev\"\nhostId = \"host_...\"\ncredentialFile = \"/home/flakes/.config/flakes/host.credential\"\nstateDir = \"/home/flakes/.config/flakes/state\"\n\n[[pools]]\npoolKey = \"local-pi\"\nmatchlockImage = \"registry.example.com/flakes/pi:latest\"\nworkspace = \"/srv/flakes/workspaces\"\nadapter = \"pi\"\nmaxInstances = 2\nmaxConcurrency = 1\nadvertisedCapabilities = [\"pi\"]\n\n[pools.executablePaths]\nmatchlock = \"/usr/local/bin/matchlock\"\n\n[pools.resourceBounds]\ncpus = 4\nmemoryMb = 8192\n```\n\nPool config is host-local. The host uses values such as `matchlockImage`,\n`workspace`, `credentialFile`, `stateDir`, executable paths, mounts, and\nenvironment values locally. When the host connects, Flakes receives a sanitized\npool advertisement: pool key, provider, adapter, capacity limits, advertised\ncapabilities, and safe resource bounds.\n\n## 4. Check Status\n\nValidate the local config and read the remote host summary:\n\n```sh\nflakes host status --config <host.toml>\n```\n\nThe command checks that the credential file is private, the host config is\nvalid, and the configured pools can be advertised. When the CLI has a valid\nstored user credential, it also reads remote host, pool, and credential\nsummaries for the same account.\n\n## 5. Run The Host Agent\n\nStart the host process:\n\n```sh\nflakes host run --config <host.toml>\n```\n\nKeep this process running on the host. It connects to the hosted control plane,\nadvertises sanitized pool capacity, claims matching launch work, starts\nMatchLock only after the control plane accepts the claim, and reports lifecycle\nresults back to Flakes.\n\nThe host status moves through `created`, `offline`, `online`, and `disabled`.\nPools become schedulable only after the running host connects and Flakes\nacknowledges the pool snapshot.\n\n## Credential Handling\n\nHost credentials are separate from user CLI credentials:\n\n- `flakes auth login` stores a user CLI\n credential for the hosted API.\n- `flakes host setup` uses that user credential to create a host and first\n host-scoped credential, then writes the raw host credential only to the local\n credential file.\n- `flakes host run` reads the host credential file and uses the host-scoped\n credential to connect as that host.\n- `flakes host rotate --config <host.toml>` rotates the host-scoped credential\n through direct CLI user auth, writes the new raw host credential only to the\n credential file, and requires restarting `flakes host run` before claiming new\n launch work.\n\nThe web console in the browser is for operating and observing Flakes. It should\nnot expose raw host credential setup or rotation flows.\n";
2130
2130
  //#endregion
2131
2131
  //#region ../../docs/content/docs/get-started.mdx?raw
2132
- var get_started_default = "---\ntitle: Get Started\ndescription: Sign in to flakes.dev, authorize the CLI, and prepare the first hosted workflow.\n---\n\nStart here to sign in to the hosted console, authorize the CLI against\n`https://flakes.dev`, and decide whether you need to connect user-supplied host\ncapacity before running work.\n\n## Before You Start\n\nYou need a Flakes account and the `flakes` CLI available on your machine. This\npage assumes the CLI is already installed by your team or account setup; it does\nnot document an install method that is not yet part of the public hosted path.\n\n## 1. Sign In To The Console\n\nOpen `https://flakes.dev/console` and sign in or create an account. The console\nis where you review runs, watch task activity, inspect workpads and artifacts,\nrespond to permission requests, and send live input.\n\n## 2. Authorize The CLI\n\nAuthorize the local CLI against the hosted API:\n\n```sh\nflakes auth login\n```\n\nThe command starts a device authorization flow. Approve the request in the\nbrowser while signed in to the console. After approval, the CLI stores a Better\nAuth credential for `https://flakes.dev` in the local CLI credential store.\n\nCheck the stored CLI credential:\n\n```sh\nflakes auth status\n```\n\nRun, task, artifact, and host setup commands use that stored CLI credential\nautomatically. You should not need to handle a raw hosted API credential during\nnormal first-run setup.\n\n## 3. Confirm Host Capacity\n\nFlakes runs task work on host capacity connected to your account. If a host is\nalready online for your account, continue to [Run Work](/docs/run-work).\n\nIf you need to connect a user-supplied host, continue to\n[Connect A Host](/docs/connect-a-host). Host setup is a CLI flow that uses your\nstored CLI credential to create a host and first host-scoped credential, writes\nthat credential locally, and then starts the host agent.\n\n## 4. Keep The Console Open\n\nThe console is the primary operating surface after the CLI is authorized. Use it\nto follow the first run, inspect task history, and steer work while the host\nagent stays connected.\n";
2132
+ var get_started_default = "---\ntitle: Installing and Authorizing the CLI\ndescription: Installing and authorizing the Flakes CLI.\n---\n\nYou may start by signing up for a new account and signing in to the [Flakes console](https://flakes.dev/console). Once you signed in, the console is where you review runs, watch task activity, inspect workpads and artifacts, respond to permission requests, and send live input.\n\nTo install the Flakes CLI, run:\n\n```sh\nnpm install -g @baochunli/flakes\n```\n\nOr if you use `bun`:\n\n```sh\nbun install -g @baochunli/flakes\n```\n\nThen authorize the CLI using your Flakes account:\n\n```sh\nflakes auth login\n```\n\nThe command starts a device authorization flow. Approve the request in the browser while signed in to the console. After approval, the CLI stores your Flakes credential locally for future use.\n\nCheck the stored CLI credential:\n\n```sh\nflakes auth status\n```\n";
2133
2133
  //#endregion
2134
2134
  //#region ../../docs/content/docs/harnesses.mdx?raw
2135
2135
  var harnesses_default = "---\ntitle: Harnesses\ndescription: Author durable parent tasks that spawn, wait for, and resume child work.\n---\n\nA harness is a TypeScript task that coordinates other tasks. Use one when a\nworkflow needs durable fan-out, review/revise loops, staged workspace handoffs,\nor a parent task that can pause while children run and later resume from saved\nstate.\n\nFor vocabulary used here, see [Concepts](/docs/concepts).\n\n## When To Use A Harness\n\nUse the Harness SDK when the parent task needs to make decisions while work is\nrunning:\n\n- split a larger job into child tasks and collect their declared outputs;\n- run phases such as draft, review, revise, and promote;\n- wait for a group of children without keeping a local process alive;\n- pass repo-shaped state through workspace handles;\n- rebuild its next step after a yielded wait, retry, or sandbox change.\n\nDo not use a harness for a single prompt, a static dependency graph, or a job\nthat only needs ordinary task creation from the console or CLI. In those cases,\nsave normal tasks and dependencies from the Run Work flow.\n\n## Where Harness Code Runs\n\nHarness code runs only when a task using the `harness` adapter is assigned to a\nsandbox. It does not run in the console, the CLI, the host process, or as a\nprivileged control-plane script.\n\nThe product path is:\n\n1. You write and check a harness module.\n2. You submit it as an ordinary task with `--adapter harness`.\n3. Flakes schedules that task onto a sandbox that can run the harness adapter.\n4. The harness opens groups, spawns children, waits, resumes, and returns a\n normal task result.\n\nThe main package name a harness author needs is `@flakes/harness-sdk`, used for\nthe `defineHarness(...)` import in the module source.\n\n## Start From A Template\n\nCreate a starter harness, then run the checker before submitting it:\n\n```bash\nflakes harness init --template paper --dir harnesses\nflakes harness check harnesses/paper-writer.ts\n```\n\nThe current CLI starter templates are:\n\n- `paper`\n- `review-revise`\n- `fanout-fanin`\n- `autowrite`\n- `autoresearch`\n\nThe SDK source also includes `fix-review-live.ts` for live implementer/reviewer\nloops. Use it only when the child adapter advertises live task round support.\n\nIf a template uses `ctx.pi(...)` without explicit child agent IDs, provide\nchecker defaults:\n\n```bash\ncat > harnesses/defaults.json <<'JSON'\n{ \"agents\": { \"pi\": \"agent_pi_writer\" } }\nJSON\n\nflakes harness check harnesses/paper-writer.ts \\\n --defaults harnesses/defaults.json\n```\n\nSubmit a checked module as a normal task:\n\n```bash\nflakes tasks save \\\n --run paper-run \\\n --key paper-planner \\\n --title \"Paper planner\" \\\n --adapter harness \\\n --harness-file harnesses/paper-writer.ts \\\n --tool-grant flakes.tasks.spawn \\\n --tool-grant flakes.groups.open \\\n --tool-grant flakes.groups.close \\\n --tool-grant flakes.groups.wait \\\n --tool-grant flakes.workspace.commit \\\n --tool-grant flakes.workspace.resolve \\\n --tool-grant flakes.workspace.promote \\\n --tool-grant flakes.childOutputs.read\n\nflakes tasks admit --run paper-run paper-planner\n```\n\n## Groups, Spawn, Wait, And Resume\n\nHarnesses build around durable groups. A group is one named phase owned by the\nrunning parent task. In code, `ctx.group(...)` opens the group, lets you call\n`group.spawn(...)` for children, closes the child set, and waits for the group\nto settle.\n\n```ts\nimport { defineHarness } from \"@flakes/harness-sdk\";\n\nexport default defineHarness(async (ctx) => {\n const draft = await ctx.group(\n \"draft-sections\",\n { join: \"all_success\", maxChildren: 2 },\n (group) => {\n group.spawn(\n \"intro\",\n ctx.pi({\n title: \"Draft introduction\",\n prompt: \"Write the introduction and publish notes.\",\n outputs: {\n notes: ctx.output.json({ required: true }),\n },\n }),\n );\n },\n );\n\n ctx.requireGroupSuccess(draft);\n const notes = await ctx.outputs.readJson(draft, \"intro\", \"notes\");\n return ctx.succeeded({ data: { notes } });\n});\n```\n\nIf the group is not terminal yet, Flakes can yield the current assignment. The\nlogical parent task is scheduled again after the wait condition is satisfied.\nResume is reconstruction, not a live JavaScript continuation: use stable group\nkeys, child keys, output keys, workspace labels, and promotion labels, then\nrebuild decisions from durable group status, child outputs, workpad snapshots,\nand promotion records.\n\n## Workspace Handles\n\nWorkspace handles are immutable, git-backed references to bounded paths in a\nrun workspace. Use them for repo-shaped handoffs instead of copying directories\nor sharing a mutable worktree.\n\nThe normal pattern is:\n\n1. Commit bounded parent paths with `ctx.workspace.commit(...)`.\n2. Pass the returned handle to children in their `inputs`.\n3. Require children to publish bounded workspace outputs.\n4. Read a child candidate with `ctx.outputs.workspace(...)`.\n5. Review and promote selected paths with `ctx.workspace.promote(...)`.\n\n```ts\nconst base = await ctx.workspace.commit(\"paper-base\", {\n paths: [\"paper\", \".harness/plan.json\"],\n message: \"Base paper state\",\n});\n\nconst draft = await ctx.group(\"draft\", { join: \"all_success\" }, (group) => {\n group.spawn(\n \"intro\",\n ctx.pi({\n title: \"Draft intro\",\n prompt: \"Edit work/paper/intro.md and publish a candidate.\",\n inputs: { \"work/\": base },\n outputs: {\n candidate: ctx.output.workspace({\n paths: [\"work/paper/intro.md\"],\n required: true,\n }),\n },\n }),\n );\n});\n\nctx.requireGroupSuccess(draft);\nconst candidate = await ctx.outputs.workspace(draft, \"intro\", \"candidate\");\n\nawait ctx.workspace.promote(\"promote-intro\", {\n base,\n candidate,\n paths: [\"paper/intro.md\"],\n mode: \"replace_bounded_paths\",\n conflictPolicy: \"fail\",\n});\n```\n\nSmall settings can go in child `input` or in bounded workspace files written by\nthe parent before commit. Use workspace handles for source trees, papers,\nexperiment folders, and other state where history and path boundaries matter.\n\n## Current MVP Boundaries\n\nThe current Harness SDK MVP supports direct child group orchestration, yielded\nwait/resume, declared terminal child outputs, child workpad snapshots, live\nround helpers for supported child adapters, and workspace handles.\n\nIt does not support broad child browsing, spawned child `inputArtifacts`,\nshared mutable worktrees, arbitrary npm dependencies, unbounded loops without a\nclear budget, or control-plane-side TypeScript execution.\n\nKeep harnesses deterministic. Group keys, child keys, output keys, workspace\nlabels, and promotion labels should come from stable workflow input, not random\nvalues or current time.\n";
2136
2136
  //#endregion
2137
2137
  //#region ../../docs/content/docs/index.mdx?raw
2138
- var docs_default = "---\ntitle: Overview\ndescription: Hosted console docs for durable task runs on user-supplied hosts.\n---\n\nFlakes runs at `https://flakes.dev` as a hosted console for coordinating durable\nagent work on user-supplied host capacity. The console at\n`https://flakes.dev/console` is the primary operating surface: use it to review\nruns, inspect task state, read transcripts and artifacts, respond to permission\nrequests, and steer running work.\n\nFlakes keeps durable task history in the hosted control plane while work runs on\nhosts you provide. A host advertises one or more pools, Flakes matches ready\ntasks to compatible capacity, and the console remains the place to see what\nhappened even when machines, sandboxes, or task runners disconnect and return\nlater.\n\n## What Flakes Does\n\n- Coordinates long-running agent tasks as durable runs instead of throwaway\n local sessions.\n- Lets users authorize the CLI against the hosted API without handling raw\n service credentials.\n- Connects user-supplied hosts that run the host agent and advertise sanitized\n pool capacity.\n- Preserves task activity, workpads, transcripts, artifacts, and permission\n events for review in the console.\n\n## First-Run Path\n\nThe hosted product path is:\n\n1. Sign in at `https://flakes.dev/console`.\n\n2. Authorize the CLI with `flakes auth login`.\n\n3. Connect a user-supplied host with `flakes host setup` and\n `flakes host run`.\n\n4. Create runs, save tasks with dependencies, admit ready work, and close a run\n when no more top-level tasks should be added.\n\n5. Use the console to inspect task activity, live input, permission requests,\n transcripts, workpads, and artifacts.\n\nStart with [Get Started](/docs/get-started). If you are bringing your own\ncapacity, continue to [Connect A Host](/docs/connect-a-host).\n\nContributor build commands and repository internals are intentionally outside\nthis first-read product path.\n";
2138
+ var docs_default = "---\ntitle: Overview\ndescription: What is Flakes?\n---\n\n[Flakes](https://flakes.dev) is a hosted harness runtime for distributed agent workflows. Workflows run within sandbox environments, and across hosts that are supplied by the user. The [console](https://flakes.dev/console) is the primary user interface for interacting with Flakes: use it to review runs, inspect task state, read transcripts and artifacts, respond to permission requests, and steer running tasks.\n\nFlakes keeps all the transcripts, inputs, outputs and artifacts _durable_ in its control plane console. and _observable_ using its console, while workflows run on hosts you provide. A user-supplied host advertises one or more _pools_, which represents the capabilities and resources, such as GPUs, that the host supports. Flakes then matches ready tasks to compatible capabilities, and the console is the place for the user to observe what happened even when machines, sandboxes, or task runners disconnect (and return later).\n\nStart with [Get Started](/docs/get-started). To bring your own hosts, continue to [Connect A Host](/docs/connect-a-host).\n";
2139
2139
  //#endregion
2140
2140
  //#region ../../docs/content/docs/observe-and-steer.mdx?raw
2141
2141
  var observe_and_steer_default = "---\ntitle: Observe And Steer\ndescription: Inspect runs in the console, read task history, and send live input.\n---\n\nUse the console at `https://flakes.dev/console` to watch durable work, inspect\nwhat an agent did, and send live input while a task is running.\n\nThe important boundary: durable task state is the source of truth. Status,\ndependencies, workpads, activity, artifacts, and transcript pointers live in\nthe control plane. A transient agent process, sandbox assignment, or local\nsession can end and be replaced without erasing that durable task state.\n\n## Runs\n\nThe Runs page lists every run your account can read, newest first. Use the\nstate filters for all, running, succeeded, or failed runs. Each row shows the\nrun name, run id, current state, task progress, creation time, and last update.\nOpen a row to inspect the run.\n\nQueued work is visible here as a running run whose task progress has not moved\nto terminal states yet. If a run remains active longer than expected, open the\nrun and check whether tasks are waiting for capacity, waiting for dependencies,\nrunning on a sandbox, or blocked on input.\n\n## Run Detail\n\nRun detail starts with the run state, elapsed time, task terminal count, and a\ndownload action for the run history. The Overview tab has three views:\n\n- Map: shows the task graph and dependency shape.\n- Timeline: shows queue time and execution time for each task.\n- By Sandbox: groups tasks by the sandbox that ran or is running them.\n\nThe Tasks table is the operational list. It shows task number, task name,\nstatus, workpad version, sandbox, dependencies, accepted time, finished time,\nand a Task button that opens task detail.\n\nOther run tabs show declared artifacts, metrics, and active file reservations.\nDelete is available only after the run is terminal; it removes finished run\nhistory and is not a control for stopping active work.\n\n## Task Detail\n\nOpen a task from the run map, timeline, sandbox view, or Tasks table. Task\ndetail shows the task brief, acceptance criteria, adapter, live round state when\npresent, dependencies, sandbox, attempt, accepted time, heartbeat, and finished\ntime.\n\nThe Workpad panel is the durable task note. Use it for current plan, progress,\nfindings, and handoff notes. The console saves with a version check, so if\nsomeone else updated the workpad first, your edit is rejected instead of\nsilently overwriting newer text.\n\nThe Activity panel is the short timeline for product events. It can show\nworkpad edits, human input, live round events, `permission.requested`, and\n`permission.responded`. Activity is not a full transcript and does not replace\nthe workpad.\n\nThe Agent transcript panel shows the saved Pi session when the task uses the\nPi adapter. Use Parsed for a readable conversation and tool view. Use Raw when\nyou need the underlying session record. A transcript is evidence of what the\nagent did; it is not how Flakes decides whether the task succeeded.\n\n## Steer Running Work\n\nThe task transcript includes live input controls while the task is running:\n\n- Follow up: add information or answer a question from the agent.\n- Steer: nudge direction without replacing the task definition.\n\nThe console queues the message and sends it to the active running task. The\nmessage is accepted only while the task is running on a connected sandbox. If\nthe task has already finished, is waiting, or its sandbox is offline, the\ncomposer is disabled or the send fails and you can retry only after there is an\nactive running assignment again.\n\nLive input does not edit the saved task. It is an event delivered to the\ncurrent agent process. The durable record is the task state, activity entry,\nworkpad, and transcript update that follow.\n\n## Permission Requests\n\nWhen an adapter needs human approval, it can create a durable permission\nrequest. The task activity shows `permission.requested`; after a response is\naccepted it shows `permission.responded` with the decision.\n\nIf your console deployment renders an inline permission prompt, answer it from\nthe task page by approving or denying the request and include a reason when the\nprompt asks for one. A permission request accepts only one response. Flakes\ndelivers the answer only to the active assignment for that task, so stale\nagents cannot receive answers for work they no longer own.\n\nPermission requests are always visible as durable activity events. Some\ndeployments or integrations may also render an inline approval prompt in the\nconsole, but do not assume every task page has a general approve or deny\ncontrol. When no control is visible, answer the request through the integration\nor API client that surfaced it, then use the console activity and transcript to\nconfirm the response was recorded and delivered.\n\n## What To Do By State\n\n| State | What it means | What you can do |\n| --- | --- | --- |\n| queued | The task is admitted but has not started. | Check dependencies, required capabilities, and connected host capacity. Usually the right action is to wait for capacity or connect capacity that advertises the needed adapter and capabilities. |\n| running | A sandbox currently owns the task. | Watch heartbeat, activity, workpad, and transcript. Send a follow-up or steer message if the agent needs more context. |\n| waiting | The task yielded because a durable wait condition is not satisfied. | Inspect the group or dependency that must settle. Do not expect the old process to resume; Flakes resumes the logical task from durable state when the wait condition resolves. |\n| failed | The task reached a terminal failure. | Open task detail, read the activity and transcript, inspect the workpad, and decide whether to create follow-up work in a new or still-open run. |\n| blocked on input | The task needs a human answer, such as a permission decision or missing context. | Use the visible prompt or live follow-up control when available. If no permission control is visible, respond through the client or integration that owns the prompt and verify `permission.responded` in activity. |\n\nFor scheduling issues, start with the run Timeline and By Sandbox views. For\nagent behavior, start with task Activity, Workpad, and Agent transcript. For\nhuman intervention, use Follow up, Steer, and the permission response path\navailable in your deployment.\n";
2142
2142
  //#endregion
2143
2143
  //#region ../../docs/content/docs/reference/index.mdx?raw
2144
- var reference_default = "---\ntitle: Reference\ndescription: CLI commands, host configuration, selected API routes, and integrator exports for hosted Flakes.\n---\n\nUse this page after you understand the main workflows. It is a lookup for the\nhosted console at `https://flakes.dev`, the `flakes` CLI, user-supplied hosts,\nand selected integration surfaces.\n\nFor first-run steps, start with [Get Started](/docs/get-started). For host\nsetup, see [Connect A Host](/docs/connect-a-host).\n\n## CLI Command Reference\n\nCLI commands target the hosted control plane at `https://flakes.dev`. Most\ncommands use the stored credential from `flakes auth login`; commands that also\naccept `--token` are mainly for trusted automation.\n\n### Auth\n\n| Command | Use |\n| --- | --- |\n| `flakes auth login` | Start device authorization, open the browser approval page, and save the CLI credential. |\n| `flakes auth login --no-open` | Print the verification URL and user code without opening a browser. Useful on remote shells. |\n| `flakes auth login --timeout-ms 600000` | Wait longer for browser approval. |\n| `flakes auth status` | Show whether the stored CLI credential is authenticated, expired, or missing. |\n| `flakes auth logout` | Remove the stored CLI credential. |\n\n### Host Setup And Operation\n\n| Command | Use |\n| --- | --- |\n| `flakes host setup --config <host.toml>` | Create a host and first host-scoped credential through direct CLI user auth, then write the host config. |\n| `flakes host setup --config <host.toml> --credential-file <path> --state-dir <dir> --host-name <name>` | Override the credential file, state directory, or displayed host name. |\n| `flakes host setup --config <host.toml> --json` | Emit structured setup output with redacted host and credential summaries. The raw credential is not printed. |\n| `flakes host rotate --config <host.toml>` | Request a new host credential, write it to the configured credential file, and retire the replaced credential. Restart the host process afterward. |\n| `flakes host rotate --config <host.toml> --json` | Emit structured rotation output, including the new credential summary and next steps. The raw credential is not printed. |\n| `flakes host run --config <host.toml>` | Start the host runtime and connect capacity to Flakes. This process should stay running. |\n| `flakes host status --config <host.toml>` | Validate local config and, when a CLI credential is available, read remote host, pool, and credential status. |\n| `flakes host status --config <host.toml> --json` | Emit structured local and remote status. |\n\nSetup writes new files only when the target config and credential file do not\nalready exist. Setup and rotation require an authenticated CLI user credential\nfor the same hosted origin; they are direct user bearer auth flows, not console\nproxy flows.\n\n### Runs\n\n| Command | Use |\n| --- | --- |\n| `flakes runs create --key <run-key> --name \"Release notes\"` | Create or reuse a run identified by a stable run key. |\n| `flakes runs close <run-key>` | Close the run so no more top-level tasks can be admitted. |\n| `flakes runs close <run-key> --wait --timeout-ms 600000` | Close the run and poll until the run reaches a terminal state or the timeout expires. |\n| `flakes inspect <run-id-or-key>` | Read a run. A non-`run_` value is treated as a run key. |\n| `flakes inspect <task-id> --task` | Read a task explicitly. |\n| `flakes logs <task-id> --after <cursor> --limit <n>` | Read bounded task logs. |\n| `flakes metrics <run-id>` | Read run metrics. |\n\n### Tasks\n\n| Command | Use |\n| --- | --- |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Draft\" --adapter pi --body \"Write the draft.\"` | Save or update a not-yet-admitted task. |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Draft\" --adapter pi --body-file prompt.md --required-capability pi --depends-on outline` | Save a task with a file body, capability requirement, and dependency. |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Plan\" --adapter harness --harness-file harnesses/paper-writer.ts --tool-grant flakes.tasks.spawn` | Submit a harness module as a normal task. |\n| `flakes tasks admit --run <run-key> <task-key>` | Admit specific saved tasks for scheduling. |\n| `flakes tasks admit --run <run-key> --all` | Admit all saved tasks that are ready for admission. |\n\nTask save accepts `--acceptance`, `--depends-on`, `--required-capability`, and\n`--tool-grant` more than once. `--harness-file` requires `--adapter harness`.\n\n### Workpads And File Reservations\n\n| Command | Use |\n| --- | --- |\n| `flakes tasks workpad show <task-id>` | Read a task workpad as JSON. |\n| `flakes tasks workpad show <task-id> --raw` | Print only the Markdown body. |\n| `flakes tasks workpad save <task-id> --file <workpad.md> --base-version <version>` | Save a workpad with an optimistic version check. |\n| `flakes tasks workpad template <task-id> -o <workpad.md>` | Create a local Markdown template for editing. |\n| `flakes tasks workpad pull` | Inside a running Flakes task, pull the assignment-local workpad into the thread state directory. |\n| `flakes tasks workpad push` | Inside a running Flakes task, push the assignment-local workpad with its saved base version. |\n| `flakes tasks files reserve <path...> --reason \"editing\" --json` | Inside a running task, reserve assignment-scoped file paths before editing. |\n| `flakes tasks files release <path...> --json` | Release assignment-scoped file reservations. |\n| `flakes tasks files release --all --json` | Release all reservations owned by the current assignment. |\n| `flakes tasks files list --json` | List current assignment file reservations. |\n| `flakes tasks files check <path...> --json` | Check whether paths conflict with existing reservations. |\n\nThe `pull`, `push`, and `files` commands are attached to a running task through\nthread-local environment variables. They fail outside a running Flakes task.\n\n### Messages And Permissions\n\nMessages and permission responses do not have standalone top-level CLI commands.\nUse the console controls when available, or call the selected API routes:\n\n| Route | Use |\n| --- | --- |\n| `POST /v1/tasks/:taskId/messages` | Send a `follow_up` or `steer` message to a running task. |\n| `POST /v1/tasks/:taskId/permissions/:permissionRequestId/respond` | Answer a task permission request with `approved` or `denied`. |\n\nBoth routes require the task to be running on a connected sandbox. See\n[Observe And Steer](/docs/observe-and-steer) for user-facing behavior.\n\n### Harness Checks\n\n| Command | Use |\n| --- | --- |\n| `flakes harness init --template paper --dir harnesses` | Create a starter harness module. |\n| `flakes harness init --template review-revise --dir harnesses --file review.ts --force` | Write a specific template and overwrite the target file. |\n| `flakes harness check harnesses/paper-writer.ts` | Typecheck and validate a harness module before submission. |\n| `flakes harness check harnesses/paper-writer.ts --defaults harnesses/defaults.json --json` | Check with adapter/agent defaults and emit structured diagnostics. |\n\nCurrent template names are `paper`, `review-revise`, `fanout-fanin`,\n`autowrite`, and `autoresearch`.\n\n### Artifacts\n\n| Command | Use |\n| --- | --- |\n| `flakes artifacts create --file artifact.json` | Create artifact metadata, optionally with inline bytes in the JSON payload. |\n| `flakes artifacts get <artifact-id>` | Read artifact metadata. |\n| `flakes artifacts fetch <artifact-id> -o <file>` | Fetch artifact bytes to a file. |\n| `flakes artifacts fetch <artifact-id> --raw` | Write exact artifact bytes to stdout. |\n\n## Host Config Reference\n\n`flakes host setup` writes a starter Host config TOML file. Add at least one\npool before running `flakes host run`.\n\n```toml\ncontrolPlaneUrl = \"https://flakes.dev\"\nhostId = \"host_abc123\"\ncredentialFile = \"/Users/me/.config/flakes/host.credential\"\nstateDir = \"/Users/me/.config/flakes/state\"\n\n[[pools]]\npoolKey = \"mac-coding\"\nmatchlockImage = \"registry.example/flakes/macos:latest\"\nworkspace = \"/Users/me/flakes-workspaces\"\nmounts = [\"/Users/me/.cache/flakes:/cache\"]\nadapter = \"pi\"\nmaxInstances = 2\nmaxConcurrency = 1\nadvertisedCapabilities = [\"pi\", \"node\", \"mac\"]\n\n[pools.resourceBounds]\nmemoryMb = 8192\ncpus = 4\n\n[pools.env]\nEXAMPLE = \"value\"\n\n[pools.executablePaths]\nmatchlock = \"/usr/local/bin/matchlock\"\nflakes = \"/usr/local/bin/flakes\"\n```\n\n### Top-Level Fields\n\n| Field | Required | Meaning |\n| --- | --- | --- |\n| `controlPlaneUrl` | Yes | Hosted API origin. Host setup writes `https://flakes.dev`. |\n| `hostId` | Yes | Host identity returned by setup. It must be a non-empty identifier. |\n| `credentialFile` | Yes | Absolute path to the host-scoped credential file. `credentialFile must be an absolute path`; it must be a regular file owned by the current user, not a symlink, with `0600` permissions. |\n| `stateDir` | No | Absolute private directory for host runtime state. When omitted, it defaults beside the credential file. The runtime also creates a generated sandbox config directory under this state directory. |\n| `pools` | Yes | One to 64 pool definitions. A config with no pools is invalid for `flakes host run`. |\n\n### Pool Fields\n\n| Field | Required | Meaning |\n| --- | --- | --- |\n| `poolKey` | Yes | Stable pool identifier advertised to Flakes. Must be unique within the host config. |\n| `provider` | Implied | The current provider is `matchlock`. It is advertised as `provider: \"matchlock\"`; it is not a required TOML field. |\n| `matchlockImage` | Yes | Local MatchLock image or template used by the host to launch sandboxes. This is local-only and is not sent in the sanitized pool advertisement. |\n| `workspace` | Yes | Absolute local directory used as the pool workspace. It must exist and must be a directory. This is local-only. |\n| `mounts` | No | Local mount strings passed to the provider. These stay on the host. |\n| `adapter` | Yes | Adapter the sandbox should run, such as `pi` or `harness`. This is advertised for scheduling. |\n| `maxInstances` | Yes | Positive integer limit for provider instances in the pool. |\n| `maxConcurrency` | Yes | Positive integer limit for concurrent work in each advertised sandbox config. |\n| `advertisedCapabilities` | Yes | Up to 64 scheduling capability strings, such as `pi`, `node`, or `mac`. These become advertised as `capabilities`. |\n| `resourceBounds` | No | Small sanitized record for scheduler-facing bounds, such as CPU or memory. Oversized or unsafe records are rejected. |\n| `env` | No | Local environment variables for provider startup. These are local-only and are not advertised. |\n| `executablePaths.matchlock` | Yes | Absolute path to the MatchLock executable. It must exist, be a file, be executable, and not be a symlink. |\n| `executablePaths.<name>` | No | Additional executable paths, for example `flakes`. These are local-only. |\n\n### Sanitized Pool Advertisement\n\nThe host sends only a sanitized pool advertisement to the control plane:\n\n- `poolKey`\n- `provider`\n- `adapter`\n- `maxInstances`\n- `maxConcurrency`\n- `capabilities`\n- sanitized `resourceBounds`, when present\n\nLocal-only fields stay on the host: `matchlockImage`, `workspace`, `mounts`,\n`env`, `credentialFile`, `stateDir`, and `executablePaths`. Do not rely on\nthose fields appearing in the console or API pool responses.\n\n## Selected API Reference\n\nThis section is for integrators. Ordinary users should prefer the console and\nCLI workflows above. Unless noted otherwise, routes use `/v1`, require a user\nbearer credential for the same hosted origin, and are scoped to the authenticated\nowner.\n\n### Runs And Tasks\n\n| Route | Use |\n| --- | --- |\n| `PUT /v1/runs/:runKey` | Create or idempotently read a run by stable key. Body includes `name`; optional `metadata` is stored with the run key. |\n| `GET /v1/runs?state=<state>&cursor=<cursor>&limit=<n>` | List owned runs. |\n| `GET /v1/runs/:runId` | Read one owned run by run ID. |\n| `DELETE /v1/runs/:runId` | Delete an owned run after cancel delivery is attempted for live tasks. |\n| `POST /v1/runs/:runKey/close` | Close a run so no more top-level work can be admitted. |\n| `GET /v1/runs/:runId/tasks` | List tasks with workpad metadata for console task overview screens. |\n| `PUT /v1/runs/:runKey/tasks/:taskKey` | Save a task before admission. Body includes task metadata, target adapter, input, dependencies, capabilities, and grants. |\n| `POST /v1/runs/:runKey/tasks/admit` | Admit selected task keys or all saved tasks. |\n| `GET /v1/tasks/:taskId` | Read one task. |\n| `POST /v1/tasks/:taskId/cancel` | Request cancellation for a live task and record task state. |\n| `GET /v1/tasks/:taskId/logs` | Read bounded task logs. |\n| `GET /v1/tasks/:taskId/activity` | Read activity events such as workpad updates, human input, and permission events. |\n\n### Workpads, Messages, And Permissions\n\n| Route | Use |\n| --- | --- |\n| `GET /v1/tasks/:taskId/workpad` | Read the current task workpad. |\n| `PUT /v1/tasks/:taskId/workpad` | Save Markdown with `bodyMarkdown` and `baseVersion`. A stale version returns `workpad_version_conflict` with the current workpad. Workpads are limited to 512 KiB. |\n| `POST /v1/tasks/:taskId/messages` | Queue `follow_up` or `steer` input for a running task. Messages must be non-empty and at most 20000 characters. |\n| `POST /v1/tasks/:taskId/permissions/:permissionRequestId/respond` | Send `approved` or `denied` for a permission request. A request accepts only one answer and must still belong to the active assignment. |\n| `GET /v1/tasks/:taskId/rounds/:roundKey/outputs/:outputKey/fetch` | Read a bounded JSON or text live-round output. |\n| `GET /v1/tasks/:taskId/rounds/:roundKey/outputs/:outputKey/workspace` | Resolve a live-round workspace output handle. |\n\n### Hosts\n\n| Route | Use |\n| --- | --- |\n| `GET /v1/hosts` | List owned hosts. |\n| `POST /v1/hosts` | Create a host record directly for integrator workflows that do not need the CLI to mint a local host credential. |\n| `POST /v1/hosts/setup` | Create a host and its first host-scoped credential in one transaction. Requires direct user bearer auth and returns the raw credential exactly once for CLI persistence. |\n| `GET /v1/hosts/:hostId` | Read one owned host. |\n| `PATCH /v1/hosts/:hostId` | Update safe display fields and user metadata. Runtime, adapter, path, env, image, provider, and status metadata keys are rejected. |\n| `POST /v1/hosts/:hostId/disable` | Disable a host. Disabled hosts cannot claim new work. |\n| `DELETE /v1/hosts/:hostId` | Delete a host only when active lifecycle state no longer blocks deletion. |\n| `GET /v1/hosts/:hostId/pools` | Read pools synced from the running host. There is no user-facing pool write route; edit host TOML and restart or reconnect the host. |\n| `GET /v1/hosts/:hostId/credentials` | List redacted host credential summaries. |\n| `GET /v1/hosts/:hostId/credentials/:hostCredentialId` | Read one redacted host credential summary. |\n| `POST /v1/hosts/:hostId/credentials/rotate` | Rotate a host credential. Requires direct user bearer auth and returns the raw replacement credential once. |\n| `POST /v1/hosts/:hostId/credentials/:hostCredentialId/revoke` | Revoke a host credential. |\n\nHost setup and credential rotation require direct user bearer auth. Do not send\nthose requests through the browser console proxy.\n\n### Artifacts And Run Outputs\n\n| Route | Use |\n| --- | --- |\n| `POST /v1/artifacts` | Create artifact metadata and optional inline bytes. |\n| `GET /v1/artifacts/:artifactId` | Read artifact metadata. |\n| `GET /v1/artifacts/:artifactId/fetch` | Fetch artifact bytes. |\n| `GET /v1/runs/:runId/artifacts` | List artifacts associated with a run. |\n| `GET /v1/runs/:runId/history.jsonl` | Export redacted run history as JSONL. |\n| `GET /v1/runs/:runId/file-reservations` | List file reservations visible for the run. |\n| `GET /v1/runs/:runId/metrics` | Read evaluation metrics for the run. |\n\nSandbox-scoped workspace, group, and live-round routes are runtime surfaces for\nadapters and harness execution. Integrators should normally use the CLI,\nselected client routes, or Harness SDK helpers instead of calling those routes\ndirectly.\n\n## Relevant Exports\n\nThe hosted API and CLI are the primary user boundary. These exports are useful\nonly for integrations, harness modules, adapters, or repository-local tooling.\n\n| Export | Use |\n| --- | --- |\n| `@flakes/harness-sdk` | Harness authors import `defineHarness`, use `HarnessContext`, and call helpers such as `ctx.group(...)`, `ctx.groups.open(...)`, `ctx.output.json(...)`, `ctx.outputs.readJson(...)`, `ctx.workpads.read(...)`, `ctx.workspace.commit(...)`, `ctx.workspace.promote(...)`, and `ctx.liveTasks.send(...)`. |\n| `@flakes/core` | Integrators that build typed payloads can reuse schemas and types for run/task IDs, saved tasks, task metadata, task groups, task spawn requests, workpads, file reservations, and workspace handles. Common names include `WorkspaceHandle`, `WorkspaceHandleSchema`, `TaskProductMetadataSchema`, and `TaskWorkpadPutRequestSchema`. |\n| `@flakes/protocol` | Runtime implementers can parse and validate sandbox and host stream messages with protocol schemas and safe parse helpers. Ordinary API clients do not need these types. |\n| `@flakes/cli` | Test harnesses or wrappers can call `runCli(...)` with injected IO and transport dependencies instead of shelling out. The installed binary remains `flakes`. |\n\nDo not treat this table as a package architecture guide. It lists only the\nexports a user, harness author, or integrator might reasonably need.\n";
2144
+ var reference_default = "---\ntitle: Reference\ndescription: CLI commands, host configuration, selected API routes, and integrator exports for hosted Flakes.\n---\n\nUse this page after you understand the main workflows. It is a lookup for the\nhosted console at `https://flakes.dev`, the `flakes` CLI, user-supplied hosts,\nand selected integration surfaces.\n\nFor first-run steps, start with [Get Started](/docs/get-started). For host\nsetup, see [Connect A Host](/docs/connect-a-host).\n\n## CLI Command Reference\n\nCLI commands target the hosted control plane at `https://flakes.dev`. Most\ncommands use the stored credential from `flakes auth login`; commands that also\naccept `--token` are mainly for trusted automation.\n\n### Auth\n\n| Command | Use |\n| --- | --- |\n| `flakes auth login` | Start device authorization, open the browser approval page, and save the CLI credential. |\n| `flakes auth login --no-open` | Print the verification URL and user code without opening a browser. Useful on remote shells. |\n| `flakes auth login --timeout-ms 600000` | Wait longer for browser approval. |\n| `flakes auth login --json` | Emit the device-code and authenticated records as newline-delimited JSON for automation. |\n| `flakes auth status` | Show whether the stored CLI credential is authenticated, expired, or missing. |\n| `flakes auth status --json` | Emit structured credential status. |\n| `flakes auth logout` | Remove the stored CLI credential. |\n| `flakes auth logout --json` | Emit structured logout output. |\n\n### Local Runtime And Config\n\nThese commands are mostly for local development, smoke checks, or authoring\nruntime config files. The hosted path usually starts with auth and host setup.\n\n| Command | Use |\n| --- | --- |\n| `flakes init --database-url <url>` | Write starter local server/sandbox config, env snippets, and copyable startup commands. |\n| `flakes init --database-url <url> --dir <dir> --root-dir <dir> --port <port> --adapter pi` | Override generated paths, server port, and starter adapter. `--adapter harness` is also supported. |\n| `flakes init --database-url <url> --force --json` | Overwrite existing generated files and emit structured output. |\n| `flakes server --config <server.toml>` | Validate config, open the PostgreSQL store, and start the control-plane server. `-c` is also accepted. |\n| `flakes server --config <server.toml> --host 127.0.0.1 --port 7733 --dry-run` | Validate server config and print a redacted JSON summary without starting the daemon. |\n| `flakes sandbox --config <sandbox.toml>` | Validate config, load adapters, and start the sandbox daemon. `-c` is also accepted. |\n| `flakes sandbox --config <sandbox.toml> --dry-run` | Validate sandbox config and print the daemon descriptor without opening a control-plane stream. |\n| `flakes up --server-config <server.toml> --sandbox-config <sandbox.toml>` | Start a local tmux session with the server and one or more sandbox daemons. Pass `--sandbox-config` more than once for multiple sandboxes. |\n| `flakes up --server-config <server.toml> --sandbox-config <sandbox.toml> --host 127.0.0.1 --port 7733 --session flakes --ready-timeout-ms 15000 --dry-run --json` | Preview or start local runtime commands with explicit listen settings, tmux session name, readiness timeout, and structured output. |\n| `flakes down --session flakes --dry-run --json` | Stop or preview stopping a local tmux runtime session. |\n| `flakes config schema` | Print annotated TOML examples for server and sandbox config. |\n| `flakes config schema server` | Print only the server config example. `sandbox` is also supported. |\n\n### Host Setup And Operation\n\n| Command | Use |\n| --- | --- |\n| `flakes host setup --config <host.toml>` | Create a host and first host-scoped credential through direct CLI user auth, then write the host config. |\n| `flakes host setup --config <host.toml> --credential-file <path> --state-dir <dir> --host-name <name>` | Override the credential file, state directory, or displayed host name. |\n| `flakes host setup --config <host.toml> --no-open --timeout-ms 600000` | Run setup on a remote shell and let the embedded device-login flow wait longer for approval. |\n| `flakes host setup --config <host.toml> --json` | Emit structured setup output with redacted host and credential summaries. The raw credential is not printed. |\n| `flakes host rotate --config <host.toml>` | Request a new host credential, write it to the configured credential file, and retire the replaced credential. Restart the host process afterward. |\n| `flakes host rotate --config <host.toml> --json` | Emit structured rotation output, including the new credential summary and next steps. The raw credential is not printed. |\n| `flakes host run --config <host.toml>` | Start the host runtime and connect capacity to Flakes. This process should stay running. |\n| `flakes host status --config <host.toml>` | Validate local config and, when a CLI credential is available, read remote host, pool, and credential status. |\n| `flakes host status --config <host.toml> --json` | Emit structured local and remote status. |\n\nSetup writes new files only when the target config and credential file do not\nalready exist. Setup and rotation require an authenticated CLI user credential\nfor the same hosted origin; they are direct user bearer auth flows, not console\nproxy flows.\n\n### Runs\n\n| Command | Use |\n| --- | --- |\n| `flakes runs create --key <run-key> --name \"Release notes\"` | Create or reuse a run identified by a stable run key. |\n| `flakes runs create --key <run-key> --name \"Release notes\" --token <token>` | Create a run using an explicit automation bearer token instead of the stored CLI credential. `-t` is also accepted. |\n| `flakes runs close <run-key>` | Close the run so no more top-level tasks can be admitted. |\n| `flakes runs close <run-key> --wait --timeout-ms 600000` | Close the run and poll until the run reaches a terminal state or the timeout expires. |\n| `flakes runs close <run-key> --token <token>` | Close a run using an explicit automation bearer token. `-t` is also accepted. |\n| `flakes inspect <run-id-or-key>` | Read a run. A non-`run_` value is treated as a run key. |\n| `flakes inspect <task-id> --task` | Read a task explicitly. |\n| `flakes logs <task-id> --after <cursor> --limit <n>` | Read bounded task logs. |\n| `flakes metrics <run-id>` | Read run metrics. |\n\n`runs`, `inspect`, `logs`, and `metrics` accept `--token <token>` or `-t\n<token>` when trusted automation should bypass the stored CLI credential.\n\n### Tasks\n\n| Command | Use |\n| --- | --- |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Draft\" --adapter pi --body \"Write the draft.\"` | Save or update a not-yet-admitted task. |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Draft\" --adapter pi --body-file prompt.md --required-capability pi --depends-on outline` | Save a task with a file body, capability requirement, and dependency. |\n| `flakes tasks save --run <run-key> --key <task-key> --title \"Plan\" --adapter harness --harness-file harnesses/paper-writer.ts --tool-grant flakes.tasks.spawn` | Submit a harness module as a normal task. |\n| `flakes tasks admit --run <run-key> <task-key>` | Admit specific saved tasks for scheduling. |\n| `flakes tasks admit --run <run-key> --all` | Admit all saved tasks that are ready for admission. |\n\nTask save accepts `--acceptance`, `--depends-on`, `--required-capability`, and\n`--tool-grant` more than once. `--harness-file` requires `--adapter harness`.\nTask commands that call the hosted API accept `--token <token>` or `-t <token>`\nfor trusted automation.\n\n### Workpads And File Reservations\n\n| Command | Use |\n| --- | --- |\n| `flakes tasks workpad show <task-id>` | Read a task workpad as JSON. |\n| `flakes tasks workpad show <task-id> --raw` | Print only the Markdown body. |\n| `flakes tasks workpad save <task-id> --file <workpad.md> --base-version <version>` | Save a workpad with an optimistic version check. `-f` is also accepted for `--file`. |\n| `flakes tasks workpad template <task-id> --output <workpad.md>` | Create a local Markdown template for editing. `-o` is also accepted. |\n| `flakes tasks workpad pull` | Inside a running Flakes task, pull the assignment-local workpad into the thread state directory. |\n| `flakes tasks workpad push` | Inside a running Flakes task, push the assignment-local workpad with its saved base version. |\n| `flakes tasks files reserve <path...> --reason \"editing\" --json` | Inside a running task, reserve assignment-scoped file paths before editing. |\n| `flakes tasks files reserve <path...> --prefix --json` | Reserve path prefixes instead of exact paths. |\n| `flakes tasks files release <path...> --json` | Release assignment-scoped file reservations. |\n| `flakes tasks files release <path...> --prefix --json` | Release prefix reservations instead of exact-path reservations. |\n| `flakes tasks files release --all --json` | Release all reservations owned by the current assignment. |\n| `flakes tasks files list --json` | List current assignment file reservations. |\n| `flakes tasks files check <path...> --json` | Check whether paths conflict with existing reservations. |\n| `flakes tasks files check <path...> --prefix --json` | Check prefix selectors for conflicts. |\n\nThe `pull`, `push`, and `files` commands are attached to a running task through\nthread-local environment variables. They fail outside a running Flakes task.\n\n### Messages And Permissions\n\nMessages and permission responses do not have standalone top-level CLI commands.\nUse the console controls when available, or call the selected API routes:\n\n| Route | Use |\n| --- | --- |\n| `POST /v1/tasks/:taskId/messages` | Send a `follow_up` or `steer` message to a running task. |\n| `POST /v1/tasks/:taskId/permissions/:permissionRequestId/respond` | Answer a task permission request with `approved` or `denied`. |\n\nBoth routes require the task to be running on a connected sandbox. See\n[Observe And Steer](/docs/observe-and-steer) for user-facing behavior.\n\n### Harness Checks\n\n| Command | Use |\n| --- | --- |\n| `flakes harness init --template paper --dir harnesses` | Create a starter harness module. |\n| `flakes harness init --template review-revise --dir harnesses --file review.ts --force` | Write a specific template and overwrite the target file. |\n| `flakes harness check harnesses/paper-writer.ts` | Typecheck and validate a harness module before submission. |\n| `flakes harness check harnesses/paper-writer.ts --defaults harnesses/defaults.json --json` | Check with adapter/agent defaults and emit structured diagnostics. |\n\nCurrent template names are `paper`, `review-revise`, `fanout-fanin`,\n`autowrite`, and `autoresearch`.\n\n### Artifacts\n\n| Command | Use |\n| --- | --- |\n| `flakes artifacts create --file artifact.json` | Create artifact metadata, optionally with inline bytes in the JSON payload. `-f` is also accepted. |\n| `flakes artifacts get <artifact-id>` | Read artifact metadata. |\n| `flakes artifacts fetch <artifact-id> --location-id <location-id>` | Fetch a specific artifact location when more than one location is available. |\n| `flakes artifacts fetch <artifact-id> --output <file>` | Fetch artifact bytes to a file. `-o` is also accepted. |\n| `flakes artifacts fetch <artifact-id> --raw` | Write exact artifact bytes to stdout. |\n\nArtifact commands accept `--token <token>` or `-t <token>` for trusted\nautomation.\n\n## Host Config Reference\n\n`flakes host setup` writes a starter Host config TOML file. Add at least one\npool before running `flakes host run`.\n\n```toml\ncontrolPlaneUrl = \"https://flakes.dev\"\nhostId = \"host_abc123\"\ncredentialFile = \"/Users/me/.config/flakes/host.credential\"\nstateDir = \"/Users/me/.config/flakes/state\"\n\n[[pools]]\npoolKey = \"mac-coding\"\nmatchlockImage = \"registry.example/flakes/macos:latest\"\nworkspace = \"/Users/me/flakes-workspaces\"\nmounts = [\"/Users/me/.cache/flakes:/cache\"]\nadapter = \"pi\"\nmaxInstances = 2\nmaxConcurrency = 1\nadvertisedCapabilities = [\"pi\", \"node\", \"mac\"]\n\n[pools.resourceBounds]\nmemoryMb = 8192\ncpus = 4\n\n[pools.env]\nEXAMPLE = \"value\"\n\n[pools.executablePaths]\nmatchlock = \"/usr/local/bin/matchlock\"\nflakes = \"/usr/local/bin/flakes\"\n```\n\n### Top-Level Fields\n\n| Field | Required | Meaning |\n| --- | --- | --- |\n| `controlPlaneUrl` | Yes | Hosted API origin. Host setup writes `https://flakes.dev`. |\n| `hostId` | Yes | Host identity returned by setup. It must be a non-empty identifier. |\n| `credentialFile` | Yes | Absolute path to the host-scoped credential file. `credentialFile must be an absolute path`; it must be a regular file owned by the current user, not a symlink, with `0600` permissions. |\n| `stateDir` | No | Absolute private directory for host runtime state. When omitted, it defaults beside the credential file. The runtime also creates a generated sandbox config directory under this state directory. |\n| `pools` | Yes | One to 64 pool definitions. A config with no pools is invalid for `flakes host run`. |\n\n### Pool Fields\n\n| Field | Required | Meaning |\n| --- | --- | --- |\n| `poolKey` | Yes | Stable pool identifier advertised to Flakes. Must be unique within the host config. |\n| `provider` | Implied | The current provider is `matchlock`. It is advertised as `provider: \"matchlock\"`; it is not a required TOML field. |\n| `matchlockImage` | Yes | Local MatchLock image or template used by the host to launch sandboxes. This is local-only and is not sent in the sanitized pool advertisement. |\n| `workspace` | Yes | Absolute local directory used as the pool workspace. It must exist and must be a directory. This is local-only. |\n| `mounts` | No | Local mount strings passed to the provider. These stay on the host. |\n| `adapter` | Yes | Adapter the sandbox should run, such as `pi` or `harness`. This is advertised for scheduling. |\n| `maxInstances` | Yes | Positive integer limit for provider instances in the pool. |\n| `maxConcurrency` | Yes | Positive integer limit for concurrent work in each advertised sandbox config. |\n| `advertisedCapabilities` | Yes | Up to 64 scheduling capability strings, such as `pi`, `node`, or `mac`. These become advertised as `capabilities`. |\n| `resourceBounds` | No | Small sanitized record for scheduler-facing bounds, such as CPU or memory. Oversized or unsafe records are rejected. |\n| `env` | No | Local environment variables for provider startup. These are local-only and are not advertised. |\n| `executablePaths.matchlock` | Yes | Absolute path to the MatchLock executable. It must exist, be a file, be executable, and not be a symlink. |\n| `executablePaths.<name>` | No | Additional executable paths, for example `flakes`. These are local-only. |\n\n### Sanitized Pool Advertisement\n\nThe host sends only a sanitized pool advertisement to the control plane:\n\n- `poolKey`\n- `provider`\n- `adapter`\n- `maxInstances`\n- `maxConcurrency`\n- `capabilities`\n- sanitized `resourceBounds`, when present\n\nLocal-only fields stay on the host: `matchlockImage`, `workspace`, `mounts`,\n`env`, `credentialFile`, `stateDir`, and `executablePaths`. Do not rely on\nthose fields appearing in the console or API pool responses.\n\n## Selected API Reference\n\nThis section is for integrators. Ordinary users should prefer the console and\nCLI workflows above. Unless noted otherwise, routes use `/v1`, require a user\nbearer credential for the same hosted origin, and are scoped to the authenticated\nowner.\n\n### Runs And Tasks\n\n| Route | Use |\n| --- | --- |\n| `PUT /v1/runs/:runKey` | Create or idempotently read a run by stable key. Body includes `name`; optional `metadata` is stored with the run key. |\n| `GET /v1/runs?state=<state>&cursor=<cursor>&limit=<n>` | List owned runs. |\n| `GET /v1/runs/:runId` | Read one owned run by run ID. |\n| `DELETE /v1/runs/:runId` | Delete an owned run after cancel delivery is attempted for live tasks. |\n| `POST /v1/runs/:runKey/close` | Close a run so no more top-level work can be admitted. |\n| `GET /v1/runs/:runId/tasks` | List tasks with workpad metadata for console task overview screens. |\n| `PUT /v1/runs/:runKey/tasks/:taskKey` | Save a task before admission. Body includes task metadata, target adapter, input, dependencies, capabilities, and grants. |\n| `POST /v1/runs/:runKey/tasks/admit` | Admit selected task keys or all saved tasks. |\n| `GET /v1/tasks/:taskId` | Read one task. |\n| `POST /v1/tasks/:taskId/cancel` | Request cancellation for a live task and record task state. |\n| `GET /v1/tasks/:taskId/logs` | Read bounded task logs. |\n| `GET /v1/tasks/:taskId/activity` | Read activity events such as workpad updates, human input, and permission events. |\n\n### Workpads, Messages, And Permissions\n\n| Route | Use |\n| --- | --- |\n| `GET /v1/tasks/:taskId/workpad` | Read the current task workpad. |\n| `PUT /v1/tasks/:taskId/workpad` | Save Markdown with `bodyMarkdown` and `baseVersion`. A stale version returns `workpad_version_conflict` with the current workpad. Workpads are limited to 512 KiB. |\n| `POST /v1/tasks/:taskId/messages` | Queue `follow_up` or `steer` input for a running task. Messages must be non-empty and at most 20000 characters. |\n| `POST /v1/tasks/:taskId/permissions/:permissionRequestId/respond` | Send `approved` or `denied` for a permission request. A request accepts only one answer and must still belong to the active assignment. |\n| `GET /v1/tasks/:taskId/rounds/:roundKey/outputs/:outputKey/fetch` | Read a bounded JSON or text live-round output. |\n| `GET /v1/tasks/:taskId/rounds/:roundKey/outputs/:outputKey/workspace` | Resolve a live-round workspace output handle. |\n\n### Hosts\n\n| Route | Use |\n| --- | --- |\n| `GET /v1/hosts` | List owned hosts. |\n| `POST /v1/hosts` | Create a host record directly for integrator workflows that do not need the CLI to mint a local host credential. |\n| `POST /v1/hosts/setup` | Create a host and its first host-scoped credential in one transaction. Requires direct user bearer auth and returns the raw credential exactly once for CLI persistence. |\n| `GET /v1/hosts/:hostId` | Read one owned host. |\n| `PATCH /v1/hosts/:hostId` | Update safe display fields and user metadata. Runtime, adapter, path, env, image, provider, and status metadata keys are rejected. |\n| `POST /v1/hosts/:hostId/disable` | Disable a host. Disabled hosts cannot claim new work. |\n| `DELETE /v1/hosts/:hostId` | Delete a host only when active lifecycle state no longer blocks deletion. |\n| `GET /v1/hosts/:hostId/pools` | Read pools synced from the running host. There is no user-facing pool write route; edit host TOML and restart or reconnect the host. |\n| `GET /v1/hosts/:hostId/credentials` | List redacted host credential summaries. |\n| `GET /v1/hosts/:hostId/credentials/:hostCredentialId` | Read one redacted host credential summary. |\n| `POST /v1/hosts/:hostId/credentials/rotate` | Rotate a host credential. Requires direct user bearer auth and returns the raw replacement credential once. |\n| `POST /v1/hosts/:hostId/credentials/:hostCredentialId/revoke` | Revoke a host credential. |\n\nHost setup and credential rotation require direct user bearer auth. Do not send\nthose requests through the browser console proxy.\n\n### Artifacts And Run Outputs\n\n| Route | Use |\n| --- | --- |\n| `POST /v1/artifacts` | Create artifact metadata and optional inline bytes. |\n| `GET /v1/artifacts/:artifactId` | Read artifact metadata. |\n| `GET /v1/artifacts/:artifactId/fetch` | Fetch artifact bytes. |\n| `GET /v1/runs/:runId/artifacts` | List artifacts associated with a run. |\n| `GET /v1/runs/:runId/history.jsonl` | Export redacted run history as JSONL. |\n| `GET /v1/runs/:runId/file-reservations` | List file reservations visible for the run. |\n| `GET /v1/runs/:runId/metrics` | Read evaluation metrics for the run. |\n\nSandbox-scoped workspace, group, and live-round routes are runtime surfaces for\nadapters and harness execution. Integrators should normally use the CLI,\nselected client routes, or Harness SDK helpers instead of calling those routes\ndirectly.\n\n## Relevant Exports\n\nThe hosted API and CLI are the primary user boundary. These exports are useful\nonly for integrations, harness modules, adapters, or repository-local tooling.\n\n| Export | Use |\n| --- | --- |\n| `@flakes/harness-sdk` | Harness authors import `defineHarness`, use `HarnessContext`, and call helpers such as `ctx.group(...)`, `ctx.groups.open(...)`, `ctx.output.json(...)`, `ctx.outputs.readJson(...)`, `ctx.workpads.read(...)`, `ctx.workspace.commit(...)`, `ctx.workspace.promote(...)`, and `ctx.liveTasks.send(...)`. |\n| `@flakes/core` | Integrators that build typed payloads can reuse schemas and types for run/task IDs, saved tasks, task metadata, task groups, task spawn requests, workpads, file reservations, and workspace handles. Common names include `WorkspaceHandle`, `WorkspaceHandleSchema`, `TaskProductMetadataSchema`, and `TaskWorkpadPutRequestSchema`. |\n| `@flakes/protocol` | Runtime implementers can parse and validate sandbox and host stream messages with protocol schemas and safe parse helpers. Ordinary API clients do not need these types. |\n| `@flakes/cli` | Test harnesses or wrappers can call `runCli(...)` with injected IO and transport dependencies instead of shelling out. The installed binary remains `flakes`. |\n\nDo not treat this table as a package architecture guide. It lists only the\nexports a user, harness author, or integrator might reasonably need.\n";
2145
2145
  //#endregion
2146
2146
  //#region ../../docs/content/docs/run-work.mdx?raw
2147
2147
  var run_work_default = "---\ntitle: Run Work\ndescription: Create runs, save tasks, admit ready work, and close durable workflows.\n---\n\nRun Work covers the control-plane workflow for creating durable work from the\nhosted product. Use it after you can sign in at `https://flakes.dev/console`,\nauthorize the CLI, and see enough connected host capacity for the adapter you\nwant to use.\n\n## The Model\n\nA run is the durable container for one job. It holds saved tasks, admitted\ntasks, dependencies, task status, workpads, activity, artifacts, and history.\nThat durable task state lives in Flakes even if an agent process exits, a\nsandbox disconnects, or a transient agent process starts again on another\nassignment.\n\nA saved task is a draft definition inside an open run. Save tasks while you are\nstill shaping the graph: title, Markdown body, acceptance criteria, target\nadapter, dependencies, required capabilities, and any grants needed by a\nplanner or harness. Saved tasks are not schedulable yet.\n\nAdmission turns saved tasks into durable runtime work. After a task is\nadmitted, treat it as immutable user intent: do not expect to edit, delete, or\nrewire it. Add another saved task before admission, or have an authorized\nrunning task append children through its granted runtime tools.\n\nClosing a run means no more top-level saved tasks should be admitted by the\nclient. Close does not stop work that is already admitted. With `--wait`, the\nCLI waits for the run to reach a terminal state or until the timeout expires.\nIf the timeout expires, the run can still continue in the console.\n\n## Create A Run\n\nThis example uses the hosted user-auth flow. It assumes the CLI is already\ninstalled and host capacity has been connected by you or your workspace\noperator.\n\n```bash\nflakes auth login\n\nflakes runs create \\\n --key release-notes \\\n --name \"Draft release notes\"\n\nflakes tasks save \\\n --run release-notes \\\n --key draft \\\n --title \"Draft release notes\" \\\n --adapter pi \\\n --body \"Read the shipped changes and draft concise release notes for users.\" \\\n --acceptance \"Notes describe user-visible changes\" \\\n --acceptance \"Open questions are listed at the end\" \\\n --required-capability pi\n\nflakes tasks save \\\n --run release-notes \\\n --key review \\\n --title \"Review release notes\" \\\n --adapter pi \\\n --body \"Review the draft for accuracy, missing risks, and unclear wording.\" \\\n --depends-on draft \\\n --acceptance \"Review comments are actionable\" \\\n --required-capability pi\n\nflakes tasks admit --run release-notes --all\nflakes runs close release-notes --wait --timeout-ms 600000\n```\n\nThe first command authorizes the CLI against `https://flakes.dev`. The run is\ncreated under your account, the two tasks are saved under stable keys, and the\n`review` task depends on `draft`. Admission makes both tasks part of the\ndurable graph. The close command tells Flakes there is no more top-level work\nto add and then waits for the graph to settle.\n\n## Shape The Graph\n\nUse dependencies only for real ordering requirements. A task with unsatisfied\ndependencies is not ready, even if capacity is available. In the example above,\n`review` waits until `draft` is terminal according to the dependency policy\nbefore it can run.\n\nUse required capabilities to keep work on compatible capacity. A task that\nrequires `pi` should only be assigned to connected capacity that advertises the\n`pi` capability and the matching adapter. If no connected host capacity can\nsatisfy the adapter and required capabilities, the task stays queued.\n\nAcceptance criteria should be short, observable checks. The agent receives the\ntask title, body, and acceptance criteria as its brief, and the console shows\nthe same user-facing context on the task page.\n\n## Scheduling\n\nFlakes schedules admitted, ready tasks to connected host capacity. A host\nadvertises sanitized pool capacity: adapter, capabilities, and concurrency,\nnot local paths, secrets, mounts, or private execution details. The scheduler\nmatches each queued task against ready dependencies, required capabilities, and\navailable concurrency.\n\nQueued work usually means one of three things:\n\n- a dependency has not finished;\n- no connected host capacity currently matches the adapter or required\n capabilities;\n- matching capacity exists, but all concurrency is busy.\n\nWhen capacity appears, Flakes can assign the task to a sandbox. The task then\nmoves through running status as the sandbox accepts the assignment and starts\nthe agent process. The process and its local session are transient. The task\nrecord, status, workpad, activity, artifacts, and transcript pointers are the\ndurable state.\n\n## Dynamic Work\n\nA trusted client should use `flakes tasks save` and `flakes tasks admit` for the\ninitial graph. A running planner or harness can append children only when its\nadmitted task includes the needed grants, such as `flakes.tasks.spawn` and the\ntask-group grants documented in [Harnesses](/docs/harnesses).\n\nSpawned children are appended to the same run. They do not edit existing\naccepted tasks, and they do not inherit broad graph-editing powers unless the\nparent explicitly grants the runtime tools the workflow needs.\n\n## Close And Wait\n\nClose a run when the client has admitted all intended top-level work. Keep the\nrun open while a planner is expected to add children. Close it after the\nplanner has created the work you want the scheduler to drain.\n\n`flakes runs close RUN_KEY --wait` is useful for scripts and handoffs. It\nreturns the latest run body after the wait completes or times out, while the\nconsole remains the best place to inspect detailed task state.\n\n`WAITING` is different from queued capacity. A task in `WAITING` has yielded its\ncurrent assignment because it is waiting on durable state, such as a closed\ntask group. It is not schedulable until the wait condition is satisfied. When\nthe condition resolves, Flakes can resume the logical task from durable state\nwith a fresh assignment.\n";
@@ -2365,11 +2365,11 @@ function DocumentationPage(props) {
2365
2365
  }),
2366
2366
  /* @__PURE__ */ (0, import_jsx_runtime.jsx)("h1", {
2367
2367
  className: "mt-1 text-lg font-semibold tracking-tight",
2368
- children: "Flakes docs"
2368
+ children: "Flakes"
2369
2369
  }),
2370
2370
  /* @__PURE__ */ (0, import_jsx_runtime.jsx)("p", {
2371
2371
  className: "mt-1 max-w-2xl text-sm text-muted-foreground",
2372
- children: "User-facing guides and reference for running Flakes, onboarding hosts, and writing durable task work."
2372
+ children: "Guides and reference for using Flakes, a harness runtime for distributed agent workflows."
2373
2373
  })
2374
2374
  ]
2375
2375
  })
@@ -6,8 +6,8 @@ import { t as cn } from "./utils-C_uf36nf.mjs";
6
6
  import { B as ChevronRight, M as FileText, N as ExternalLink, W as BookOpen, j as Folder } from "../_libs/lucide-react.mjs";
7
7
  import { t as Markdown } from "../_libs/react-markdown+[...].mjs";
8
8
  import { t as remarkGfm } from "../_libs/remark-gfm.mjs";
9
- import { i as documentationPathFromHref, n as documentationNavItems, o as getDocumentationPageByPath, r as documentationPages } from "./documentation-Do_Mr_e4.mjs";
10
- //#region node_modules/.nitro/vite/services/ssr/assets/DocumentationPage-D85Budiq.js
9
+ import { i as documentationPathFromHref, n as documentationNavItems, o as getDocumentationPageByPath, r as documentationPages } from "./documentation-Bf0VPrnt.mjs";
10
+ //#region node_modules/.nitro/vite/services/ssr/assets/DocumentationPage-CtBAQbzy.js
11
11
  var import_jsx_runtime = require_jsx_runtime();
12
12
  var import_react = /* @__PURE__ */ __toESM(require_react());
13
13
  function DocumentationPage(props) {
@@ -25,11 +25,11 @@ function DocumentationPage(props) {
25
25
  }),
26
26
  /* @__PURE__ */ (0, import_jsx_runtime.jsx)("h1", {
27
27
  className: "mt-1 text-lg font-semibold tracking-tight",
28
- children: "Flakes docs"
28
+ children: "Flakes"
29
29
  }),
30
30
  /* @__PURE__ */ (0, import_jsx_runtime.jsx)("p", {
31
31
  className: "mt-1 max-w-2xl text-sm text-muted-foreground",
32
- children: "User-facing guides and reference for running Flakes, onboarding hosts, and writing durable task work."
32
+ children: "Guides and reference for using Flakes, a harness runtime for distributed agent workflows."
33
33
  })
34
34
  ]
35
35
  })