@centry-digital/bukku-cli 2.0.0

package/build/index.js

@@ -0,0 +1,1685 @@
+#!/usr/bin/env node
+
+// packages/cli/src/index.ts
+import { Command as Command2 } from "commander";
+import { readFileSync } from "node:fs";
+import { fileURLToPath } from "node:url";
+import { dirname, join as join2 } from "node:path";
+
+// packages/cli/src/commands/config.ts
+import { Command } from "commander";
+
+// packages/cli/src/config/rc.ts
+import { readFile, writeFile, stat } from "node:fs/promises";
+import { join } from "node:path";
+import { homedir } from "node:os";
+var RC_PATH = join(homedir(), ".bukkurc");
+async function readRc() {
+  let content;
+  try {
+    content = await readFile(RC_PATH, "utf-8");
+  } catch (err) {
+    if (err.code === "ENOENT") {
+      return {};
+    }
+    throw err;
+  }
+  const result = {};
+  for (const line of content.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    const eqIndex = trimmed.indexOf("=");
+    if (eqIndex === -1) continue;
+    const key = trimmed.slice(0, eqIndex).trim();
+    const value = trimmed.slice(eqIndex + 1).trim();
+    if (key) result[key] = value;
+  }
+  return result;
+}
+async function writeRc(key, value) {
+  const existing = await readRc();
+  existing[key] = value;
+  const lines = Object.entries(existing).map(([k, v]) => `${k} = ${v}`);
+  await writeFile(RC_PATH, lines.join("\n") + "\n", { mode: 384 });
+}
+async function checkPermissions() {
+  if (process.platform === "win32") {
+    return { ok: true, mode: "0600" };
+  }
+  try {
+    const st = await stat(RC_PATH);
+    const mode = st.mode & 511;
+    const modeStr = "0" + mode.toString(8);
+    return { ok: mode === 384, mode: modeStr };
+  } catch (err) {
+    if (err.code === "ENOENT") {
+      return { ok: true, mode: "0000" };
+    }
+    throw err;
+  }
+}
+
+// packages/cli/src/config/auth.ts
+var AuthMissingError = class extends Error {
+  code = "AUTH_MISSING";
+  missingFields;
+  constructor(missingFields) {
+    super(`Missing required auth: ${missingFields.join(", ")}. Set via --api-token/--company-subdomain flags, BUKKU_API_TOKEN/BUKKU_COMPANY_SUBDOMAIN env vars, or ~/.bukkurc config file.`);
+    this.name = "AuthMissingError";
+    this.missingFields = missingFields;
+  }
+};
+async function resolveAuth(flags) {
+  const rc = await readRc();
+  const source = {};
+  let apiToken;
+  if (flags.apiToken) {
+    apiToken = flags.apiToken;
+    source["apiToken"] = "flags";
+  } else if (process.env["BUKKU_API_TOKEN"]) {
+    apiToken = process.env["BUKKU_API_TOKEN"];
+    source["apiToken"] = "env";
+  } else if (rc["api_token"]) {
+    apiToken = rc["api_token"];
+    source["apiToken"] = "rc";
+  }
+  let companySubdomain;
+  if (flags.companySubdomain) {
+    companySubdomain = flags.companySubdomain;
+    source["companySubdomain"] = "flags";
+  } else if (process.env["BUKKU_COMPANY_SUBDOMAIN"]) {
+    companySubdomain = process.env["BUKKU_COMPANY_SUBDOMAIN"];
+    source["companySubdomain"] = "env";
+  } else if (rc["company_subdomain"]) {
+    companySubdomain = rc["company_subdomain"];
+    source["companySubdomain"] = "rc";
+  }
+  const missing = [];
+  if (!apiToken) missing.push("apiToken");
+  if (!companySubdomain) missing.push("companySubdomain");
+  if (missing.length > 0) {
+    throw new AuthMissingError(missing);
+  }
+  return {
+    apiToken,
+    companySubdomain,
+    source
+  };
+}
+function maskToken(token) {
+  if (token.length >= 8) {
+    return token.slice(0, 4) + "..." + token.slice(-4);
+  }
+  return "****";
+}
+
+// packages/cli/src/commands/config.ts
+var VALID_KEYS = ["api_token", "company_subdomain"];
+function isValidKey(key) {
+  return VALID_KEYS.includes(key);
+}
+var configCommand = new Command("config").description("Manage CLI configuration");
+configCommand.command("set").description("Set a config value").argument("<key>", "Config key (api_token, company_subdomain)").argument("<value>", "Config value").action(async (key, value) => {
+  if (!isValidKey(key)) {
+    console.error(JSON.stringify({
+      error: "Invalid config key",
+      code: "VALIDATION_ERROR",
+      details: { valid_keys: [...VALID_KEYS] }
+    }));
+    process.exit(4);
+  }
+  await writeRc(key, value);
+  console.log(JSON.stringify({ ok: true, key, message: "Config updated" }));
+  const perms = await checkPermissions();
+  if (!perms.ok) {
+    console.error(`Warning: ~/.bukkurc has permissions ${perms.mode}, expected 0600. Run: chmod 600 ~/.bukkurc`);
+  }
+});
+configCommand.command("show").description("Show resolved configuration").action(async function() {
+  const rc = await readRc();
+  const parentOpts = this.parent?.parent?.opts() ?? {};
+  const config = {};
+  if (parentOpts.apiToken) {
+    config["api_token"] = { value: maskToken(parentOpts.apiToken), source: "flags" };
+  } else if (process.env["BUKKU_API_TOKEN"]) {
+    config["api_token"] = { value: maskToken(process.env["BUKKU_API_TOKEN"]), source: "env" };
+  } else if (rc["api_token"]) {
+    config["api_token"] = { value: maskToken(rc["api_token"]), source: "rc" };
+  } else {
+    config["api_token"] = { value: null, source: "not set" };
+  }
+  if (parentOpts.companySubdomain) {
+    config["company_subdomain"] = { value: parentOpts.companySubdomain, source: "flags" };
+  } else if (process.env["BUKKU_COMPANY_SUBDOMAIN"]) {
+    config["company_subdomain"] = { value: process.env["BUKKU_COMPANY_SUBDOMAIN"], source: "env" };
+  } else if (rc["company_subdomain"]) {
+    config["company_subdomain"] = { value: rc["company_subdomain"], source: "rc" };
+  } else {
+    config["company_subdomain"] = { value: null, source: "not set" };
+  }
+  console.log(JSON.stringify({ config }));
+});
+
+// packages/core/build/utils/logger.js
+function createLogger(prefix) {
+  return (message, ...args) => {
+    console.error(`[${prefix}] ${message}`, ...args);
+  };
+}
+
+// packages/core/build/client/bukku-client.js
+import { readFile as readFile2 } from "node:fs/promises";
+import { basename, extname } from "node:path";
+var log = createLogger("bukku");
+var BukkuClient = class {
+  baseUrl = "https://api.bukku.my";
+  token;
+  subdomain;
+  constructor(config) {
+    this.token = config.apiToken;
+    this.subdomain = config.companySubdomain;
+  }
+  /**
+   * Build headers for all requests.
+   * CRITICAL: Never log the actual token value - use "Bearer ***" for debugging.
+   */
+  getHeaders(includeContentType = false) {
+    const headers = {
+      Authorization: `Bearer ${this.token}`,
+      "Company-Subdomain": this.subdomain,
+      Accept: "application/json"
+    };
+    if (includeContentType) {
+      headers["Content-Type"] = "application/json";
+    }
+    return headers;
+  }
+  /**
+   * Map file extensions to MIME types for common file types.
+   * Returns null for unknown extensions.
+   */
+  getMimeType(extension) {
+    const mimeMap = {
+      ".pdf": "application/pdf",
+      ".png": "image/png",
+      ".jpg": "image/jpeg",
+      ".jpeg": "image/jpeg",
+      ".gif": "image/gif",
+      ".txt": "text/plain",
+      ".csv": "text/csv",
+      ".json": "application/json",
+      ".xml": "application/xml",
+      ".zip": "application/zip"
+    };
+    return mimeMap[extension.toLowerCase()] || null;
+  }
+  /**
+   * Build URL with query parameters.
+   */
+  buildUrl(path, params) {
+    const url = new URL(path, this.baseUrl);
+    if (params) {
+      for (const [key, value] of Object.entries(params)) {
+        if (value !== void 0) {
+          url.searchParams.append(key, String(value));
+        }
+      }
+    }
+    return url.toString();
+  }
+  /**
+   * GET request with optional query parameters.
+   */
+  async get(path, params) {
+    const url = this.buildUrl(path, params);
+    const response = await fetch(url, {
+      method: "GET",
+      headers: this.getHeaders()
+    });
+    if (!response.ok) {
+      throw response;
+    }
+    return response.json();
+  }
+  /**
+   * POST request with JSON body.
+   */
+  async post(path, body) {
+    const url = this.buildUrl(path);
+    const response = await fetch(url, {
+      method: "POST",
+      headers: this.getHeaders(true),
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      throw response;
+    }
+    return response.json();
+  }
+  /**
+   * PUT request with JSON body.
+   */
+  async put(path, body) {
+    const url = this.buildUrl(path);
+    const response = await fetch(url, {
+      method: "PUT",
+      headers: this.getHeaders(true),
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      throw response;
+    }
+    return response.json();
+  }
+  /**
+   * PATCH request with JSON body (for status updates).
+   */
+  async patch(path, body) {
+    const url = this.buildUrl(path);
+    const response = await fetch(url, {
+      method: "PATCH",
+      headers: this.getHeaders(true),
+      body: JSON.stringify(body)
+    });
+    if (!response.ok) {
+      throw response;
+    }
+    return response.json();
+  }
+  /**
+   * DELETE request.
+   */
+  async delete(path) {
+    const url = this.buildUrl(path);
+    const response = await fetch(url, {
+      method: "DELETE",
+      headers: this.getHeaders()
+    });
+    if (!response.ok) {
+      throw response;
+    }
+  }
+  /**
+   * POST multipart/form-data request for file uploads.
+   * Reads file from disk and sends as multipart form data.
+   * CRITICAL: Does NOT manually set Content-Type - fetch sets it automatically with boundary.
+   *
+   * @param path - API endpoint path
+   * @param filePath - Absolute path to file on disk
+   * @returns API response
+   */
+  async postMultipart(path, filePath) {
+    const url = this.buildUrl(path);
+    const fileBuffer = await readFile2(filePath);
+    const fileName = basename(filePath);
+    const fileExtension = extname(filePath);
+    const mimeType = this.getMimeType(fileExtension) || "application/octet-stream";
+    const file = new File([fileBuffer], fileName, { type: mimeType });
+    const form = new FormData();
+    form.append("file", file);
+    const headers = this.getHeaders(false);
+    const response = await fetch(url, {
+      method: "POST",
+      headers,
+      body: form
+    });
+    if (!response.ok) {
+      throw response;
+    }
+    return response.json();
+  }
+  /**
+   * Validate token on startup by making a lightweight API call.
+   * Uses GET /contacts with page_size=1 to verify authentication.
+   * Exits process if token is invalid (401).
+   */
+  async validateToken() {
+    try {
+      await this.get("/contacts", { page_size: 1 });
+      log("Token validated successfully");
+    } catch (error) {
+      if (error instanceof Response && error.status === 401) {
+        log("Authentication Error\n");
+        log("The provided BUKKU_API_TOKEN is invalid or expired.\n");
+        log("Please check:");
+        log("  1. Token is copied correctly (no extra spaces)");
+        log("  2. API Access is enabled in Bukku Control Panel -> Integrations");
+        log("  3. Token has not been revoked or regenerated\n");
+        process.exit(1);
+      }
+      log("Failed to validate token:", error);
+      process.exit(1);
+    }
+  }
+};
+
+// packages/core/build/validation/double-entry.js
+function validateDoubleEntry(lines, minLines = 2) {
+  if (lines.length < minLines) {
+    const lineWord = lines.length === 1 ? "line" : "lines";
+    return {
+      valid: false,
+      error: `Journal entries require at least ${minLines} line items (minimum one debit and one credit). This entry has ${lines.length} ${lineWord}.`
+    };
+  }
+  let totalDebits = 0;
+  let totalCredits = 0;
+  for (const line of lines) {
+    totalDebits += line.debit_amount || 0;
+    totalCredits += line.credit_amount || 0;
+  }
+  const difference = Math.abs(totalDebits - totalCredits);
+  const EPSILON = 0.01;
+  if (difference >= EPSILON) {
+    return {
+      valid: false,
+      error: `Journal entry is unbalanced. Total debits: ${totalDebits.toFixed(2)}, Total credits: ${totalCredits.toFixed(2)}. Difference: ${difference.toFixed(2)}. Debits must equal credits in double-entry accounting.`
+    };
+  }
+  return { valid: true };
+}
+
+// packages/core/build/entities/sales-invoice.js
+var salesInvoiceConfig = {
+  entity: "sales-invoice",
+  apiBasePath: "/sales/invoices",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales invoice",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status", "payment_status"],
+  businessRules: {
+    delete: "Only draft and void invoices can be deleted. Ready or pending approval invoices cannot be deleted \u2014 use update-sales-invoice-status to void a ready invoice instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void invoice is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/sales-quote.js
+var salesQuoteConfig = {
+  entity: "sales-quote",
+  apiBasePath: "/sales/quotes",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales quote",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status"],
+  businessRules: {
+    delete: "Only draft and void quotes can be deleted. Ready or pending approval quotes cannot be deleted \u2014 use update-sales-quote-status to void a ready quote instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void quote is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/sales-order.js
+var salesOrderConfig = {
+  entity: "sales-order",
+  apiBasePath: "/sales/orders",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales order",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status"],
+  businessRules: {
+    delete: "Only draft and void orders can be deleted. Ready or pending approval orders cannot be deleted \u2014 use update-sales-order-status to void a ready order instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void order is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/sales-credit-note.js
+var salesCreditNoteConfig = {
+  entity: "sales-credit-note",
+  apiBasePath: "/sales/credit_notes",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales credit note",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status"],
+  businessRules: {
+    delete: "Only draft and void credit notes can be deleted. Ready or pending approval credit notes cannot be deleted \u2014 use update-sales-credit-note-status to void a ready credit note instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void credit note is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/sales-payment.js
+var salesPaymentConfig = {
+  entity: "sales-payment",
+  apiBasePath: "/sales/payments",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales payment",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "payment_mode"],
+  businessRules: {
+    delete: "Only draft and void payments can be deleted. Ready or pending approval payments cannot be deleted \u2014 use update-sales-payment-status to void a ready payment instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void payment is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/sales-refund.js
+var salesRefundConfig = {
+  entity: "sales-refund",
+  apiBasePath: "/sales/refunds",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "sales refund",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id"],
+  businessRules: {
+    delete: "Only draft and void refunds can be deleted. Ready or pending approval refunds cannot be deleted \u2014 use update-sales-refund-status to void a ready refund instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void refund is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/delivery-order.js
+var deliveryOrderConfig = {
+  entity: "delivery-order",
+  apiBasePath: "/sales/delivery_orders",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "delivery order",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status"],
+  businessRules: {
+    delete: "Only draft and void delivery orders can be deleted. Ready or pending approval delivery orders cannot be deleted \u2014 use update-delivery-order-status to void a ready delivery order instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void delivery order is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "sales"
+};
+
+// packages/core/build/entities/purchase-order.js
+var purchaseOrderConfig = {
+  entity: "purchase-order",
+  apiBasePath: "/purchases/orders",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "purchase order",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status"],
+  businessRules: {
+    delete: "Only draft and void purchase orders can be deleted. Ready or pending approval purchase orders cannot be deleted \u2014 use update-purchase-order-status to void a ready purchase order instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void purchase order is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/purchase-bill.js
+var purchaseBillConfig = {
+  entity: "purchase-bill",
+  apiBasePath: "/purchases/bills",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "purchase bill",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "payment_status", "payment_mode"],
+  businessRules: {
+    delete: "Only draft and void bills can be deleted. Ready or pending approval bills cannot be deleted \u2014 use update-purchase-bill-status to void a ready bill instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void bill is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/purchase-credit-note.js
+var purchaseCreditNoteConfig = {
+  entity: "purchase-credit-note",
+  apiBasePath: "/purchases/credit_notes",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "purchase credit note",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "payment_status"],
+  businessRules: {
+    delete: "Only draft and void credit notes can be deleted. Ready or pending approval credit notes cannot be deleted \u2014 use update-purchase-credit-note-status to void a ready credit note instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void credit note is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/purchase-payment.js
+var purchasePaymentConfig = {
+  entity: "purchase-payment",
+  apiBasePath: "/purchases/payments",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "purchase payment",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "payment_status", "account_id"],
+  businessRules: {
+    delete: "Only draft and void payments can be deleted. Ready or pending approval payments cannot be deleted \u2014 use update-purchase-payment-status to void a ready payment instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void payment is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/purchase-refund.js
+var purchaseRefundConfig = {
+  entity: "purchase-refund",
+  apiBasePath: "/purchases/refunds",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "purchase refund",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "payment_status", "account_id"],
+  businessRules: {
+    delete: "Only draft and void refunds can be deleted. Ready or pending approval refunds cannot be deleted \u2014 use update-purchase-refund-status to void a ready refund instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void refund is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/goods-received-note.js
+var goodsReceivedNoteConfig = {
+  entity: "goods-received-note",
+  apiBasePath: "/purchases/goods_received_notes",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "goods received note",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "email_status", "transfer_status"],
+  businessRules: {
+    delete: "Only draft and void goods received notes can be deleted. Ready or pending approval goods received notes cannot be deleted \u2014 use update-goods-received-note-status to void a ready goods received note instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void goods received note is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "purchases"
+};
+
+// packages/core/build/entities/bank-money-in.js
+var bankMoneyInConfig = {
+  entity: "bank-money-in",
+  apiBasePath: "/banking/incomes",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "bank money in transaction",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "account_id", "email_status"],
+  businessRules: {
+    delete: "Only draft and void money in transactions can be deleted. Ready or pending approval transactions cannot be deleted \u2014 use update-bank-money-in-status to void a ready transaction instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void transaction is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "banking"
+};
+
+// packages/core/build/entities/bank-money-out.js
+var bankMoneyOutConfig = {
+  entity: "bank-money-out",
+  apiBasePath: "/banking/expenses",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "bank money out transaction",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["contact_id", "account_id", "email_status"],
+  businessRules: {
+    delete: "Only draft and void money out transactions can be deleted. Ready or pending approval transactions cannot be deleted \u2014 use update-bank-money-out-status to void a ready transaction instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void transaction is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "banking"
+};
+
+// packages/core/build/entities/bank-transfer.js
+var bankTransferConfig = {
+  entity: "bank-transfer",
+  apiBasePath: "/banking/transfers",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "bank transfer",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: true,
+  listFilters: ["account_id"],
+  businessRules: {
+    delete: "Only draft and void transfers can be deleted. Ready or pending approval transfers cannot be deleted \u2014 use update-bank-transfer-status to void a ready transfer instead.",
+    statusTransitions: "Valid transitions: draft -> pending_approval, draft -> ready, pending_approval -> ready, ready -> void. A void transfer is final and cannot be changed. There is no way to revert from ready, pending_approval, or void back to draft."
+  },
+  cliGroup: "banking"
+};
+
+// packages/core/build/entities/contact.js
+var contactConfig = {
+  entity: "contact",
+  apiBasePath: "/contacts",
+  singularKey: "contact",
+  pluralKey: "contacts",
+  description: "contact",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: ["group_id", "status", "type", "is_myinvois_ready"],
+  businessRules: {
+    delete: "Only contacts with no linked transactions can be deleted. Archive instead if the contact has transaction history."
+  },
+  cliGroup: "contacts"
+};
+
+// packages/core/build/entities/contact-group.js
+var contactGroupConfig = {
+  entity: "contact-group",
+  apiBasePath: "/contacts/groups",
+  singularKey: "group",
+  pluralKey: "groups",
+  description: "contact group",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  cliGroup: "contacts"
+};
+
+// packages/core/build/entities/product.js
+var productConfig = {
+  entity: "product",
+  apiBasePath: "/products",
+  singularKey: "product",
+  pluralKey: "products",
+  description: "product. Use list-tax-codes to find valid tax code IDs for sale_tax_code_id and purchase_tax_code_id. Use list-accounts to find valid account IDs for sale_account_id, purchase_account_id, and inventory_account_id. Use list-product-groups to find group IDs for group_ids.",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: ["search", "stock_level", "mode", "type", "include_archived"],
+  businessRules: {
+    delete: "Only products that are not used in any transactions can be deleted. Archive instead if the product has transaction history."
+  },
+  cliGroup: "products"
+};
+
+// packages/core/build/entities/product-bundle.js
+var productBundleConfig = {
+  entity: "product-bundle",
+  apiBasePath: "/products/bundles",
+  singularKey: "bundle",
+  pluralKey: "bundles",
+  description: "product bundle. Bundles aggregate multiple products with optional discounts. To list bundles, use list-products with type=bundle. Use list-products to find product IDs for bundle items.",
+  operations: ["get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  businessRules: {
+    delete: "Only bundles that are not used in any transactions can be deleted."
+  },
+  cliGroup: "products"
+};
+
+// packages/core/build/entities/product-group.js
+var productGroupConfig = {
+  entity: "product-group",
+  apiBasePath: "/products/groups",
+  singularKey: "group",
+  pluralKey: "groups",
+  description: "product group. Groups organize products into categories. Use list-products to find product IDs for the product_ids array.",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  cliGroup: "products"
+};
+
+// packages/core/build/entities/journal-entry.js
+var journalEntryConfig = {
+  entity: "journal-entry",
+  apiBasePath: "/journal_entries",
+  singularKey: "transaction",
+  pluralKey: "transactions",
+  description: "journal entry",
+  operations: ["list", "get", "delete"],
+  hasStatusUpdate: true,
+  listFilters: [],
+  businessRules: {
+    delete: "Only draft and void journal entries can be deleted. Ready journal entries cannot be deleted -- use update-journal-entry-status to void a ready entry instead.",
+    statusTransitions: "Valid transitions: draft -> ready, ready -> void. A void entry is final and cannot be changed."
+  },
+  cliGroup: "accounting"
+};
+
+// packages/core/build/entities/account.js
+var accountConfig = {
+  entity: "account",
+  apiBasePath: "/accounts",
+  singularKey: "account",
+  pluralKey: "accounts",
+  description: "account",
+  operations: ["get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  businessRules: {
+    delete: "Only accounts that are not assigned to locked system type, have no children, and are not used in transactions can be deleted. Use archive-account instead if the account has transaction history."
+  },
+  cliGroup: "accounting"
+};
+
+// packages/core/build/entities/file.js
+var fileConfig = {
+  entity: "file",
+  apiBasePath: "/files",
+  singularKey: "file",
+  pluralKey: "files",
+  description: "file. Files are typically attached to sales and purchase transactions using file_ids arrays. Use upload-file to add new files.",
+  operations: ["list", "get"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  cliGroup: "files"
+};
+
+// packages/core/build/entities/location.js
+var locationConfig = {
+  entity: "location",
+  apiBasePath: "/locations",
+  singularKey: "location",
+  pluralKey: "locations",
+  description: "location for multi-branch accounting. Use locations to track which branch or office a transaction belongs to.",
+  operations: ["list", "create"],
+  hasStatusUpdate: false,
+  listFilters: ["include_archived"],
+  cliGroup: "control-panel"
+};
+
+// packages/core/build/entities/tag.js
+var tagConfig = {
+  entity: "tag",
+  apiBasePath: "/tags",
+  singularKey: "tag",
+  pluralKey: "tags",
+  description: "tag for categorizing transactions and documents. Tags must belong to a tag group \u2014 use list-tag-groups to find available groups and their tag_group_id before creating a tag.",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: [],
+  businessRules: {
+    delete: "API may restrict deletion if tag is referenced by transactions. Archive the tag instead if deletion fails."
+  },
+  cliGroup: "control-panel"
+};
+
+// packages/core/build/entities/tag-group.js
+var tagGroupConfig = {
+  entity: "tag-group",
+  apiBasePath: "/tags/groups",
+  singularKey: "tag_group",
+  pluralKey: "tag_groups",
+  description: "tag group for organizing tags into categories. Tag groups contain tags as children \u2014 the list response includes nested tag arrays for each group.",
+  operations: ["list", "get", "create", "update", "delete"],
+  hasStatusUpdate: false,
+  listFilters: ["include_archived"],
+  businessRules: {
+    delete: "API may restrict deletion if tag group contains tags or is referenced by transactions. Archive instead, or manually delete child tags first."
+  },
+  cliGroup: "control-panel"
+};
+
+// packages/core/build/entities/index.js
+var allEntityConfigs = [
+  salesInvoiceConfig,
+  salesQuoteConfig,
+  salesOrderConfig,
+  salesCreditNoteConfig,
+  salesPaymentConfig,
+  salesRefundConfig,
+  deliveryOrderConfig,
+  purchaseOrderConfig,
+  purchaseBillConfig,
+  purchaseCreditNoteConfig,
+  purchasePaymentConfig,
+  purchaseRefundConfig,
+  goodsReceivedNoteConfig,
+  bankMoneyInConfig,
+  bankMoneyOutConfig,
+  bankTransferConfig,
+  contactConfig,
+  contactGroupConfig,
+  productConfig,
+  productBundleConfig,
+  productGroupConfig,
+  journalEntryConfig,
+  accountConfig,
+  fileConfig,
+  locationConfig,
+  tagConfig,
+  tagGroupConfig
+];
+
+// packages/cli/src/output/error.ts
+var ExitCode = {
+  SUCCESS: 0,
+  GENERAL: 1,
+  AUTH: 2,
+  API: 3,
+  VALIDATION: 4
+};
+function outputError(err, exitCode) {
+  process.stderr.write(JSON.stringify(err) + "\n");
+  process.exit(exitCode);
+}
+
+// packages/cli/src/commands/wrapper.ts
+function withAuth(handler) {
+  return async function() {
+    const mergedOpts = this.optsWithGlobals();
+    let auth;
+    try {
+      auth = await resolveAuth({
+        apiToken: mergedOpts.apiToken,
+        companySubdomain: mergedOpts.companySubdomain
+      });
+    } catch (err) {
+      if (err instanceof AuthMissingError) {
+        outputError(
+          {
+            error: "Authentication required. Set credentials via --api-token flag, BUKKU_API_TOKEN env var, or bukku config set",
+            code: "AUTH_MISSING",
+            details: null
+          },
+          ExitCode.AUTH
+        );
+      }
+      throw err;
+    }
+    const client = new BukkuClient({
+      apiToken: auth.apiToken,
+      companySubdomain: auth.companySubdomain
+    });
+    try {
+      await handler({ client, opts: mergedOpts, auth });
+    } catch (err) {
+      if (err instanceof Response) {
+        let body = {};
+        try {
+          body = await err.json();
+        } catch {
+        }
+        outputError(
+          {
+            error: body["message"] || "API error",
+            code: "API_ERROR",
+            details: body["errors"] || null
+          },
+          ExitCode.API
+        );
+      }
+      outputError(
+        {
+          error: err instanceof Error ? err.message : "Unknown error",
+          code: "GENERAL_ERROR"
+        },
+        ExitCode.GENERAL
+      );
+    }
+  };
+}
+
+// packages/cli/src/output/json.ts
+function outputJson(data) {
+  process.stdout.write(JSON.stringify(data, null, 2) + "\n");
+}
+
+// packages/cli/src/output/table.ts
+function col(key, header, width, align = "left") {
+  return { key, header, width, align };
+}
+function id(width = 6) {
+  return col("id", "ID", width, "right");
+}
+var paymentColumns = [
+  id(6),
+  col("date", "Date", 12),
+  col("number", "Number", 15),
+  col("contact_name", "Contact", 25),
+  col("total", "Amount", 12, "right")
+];
+function transactionColumns() {
+  return [
+    id(6),
+    col("date", "Date", 12),
+    col("number", "Number", 15),
+    col("contact_name", "Contact", 25),
+    col("total", "Total", 12, "right"),
+    col("status", "Status", 12)
+  ];
+}
+var DEFAULT_COLUMNS = [
+  id(8),
+  col("name", "Name", 30),
+  col("description", "Description", 40)
+];
+var TABLE_COLUMNS = {
+  // Sales / Purchase transaction types
+  "sales-invoice": transactionColumns(),
+  "sales-quote": transactionColumns(),
+  "sales-order": transactionColumns(),
+  "sales-credit-note": transactionColumns(),
+  "sales-payment": paymentColumns,
+  "sales-refund": paymentColumns,
+  "delivery-order": [id(6), col("date", "Date", 12), col("number", "Number", 15), col("contact_name", "Contact", 25), col("status", "Status", 12)],
+  "purchase-bill": transactionColumns(),
+  "purchase-order": transactionColumns(),
+  "purchase-credit-note": transactionColumns(),
+  "purchase-payment": paymentColumns,
+  "purchase-refund": paymentColumns,
+  "goods-received-note": [id(6), col("date", "Date", 12), col("number", "Number", 15), col("contact_name", "Contact", 25), col("status", "Status", 12)],
+  // Banking
+  "bank-money-in": transactionColumns(),
+  "bank-money-out": transactionColumns(),
+  "bank-transfer": [id(6), col("date", "Date", 12), col("number", "Number", 15), col("total", "Amount", 12, "right"), col("status", "Status", 12)],
+  // Contacts
+  "contact": [id(6), col("name", "Name", 30), col("email", "Email", 25), col("type", "Type", 10), col("phone", "Phone", 15)],
+  "contact-group": [id(6), col("name", "Name", 30), col("contacts_count", "Contacts", 10, "right")],
+  // Products
+  "product": [id(6), col("name", "Name", 30), col("code", "Code", 12), col("type", "Type", 10), col("sale_price", "Price", 12, "right")],
+  "product-bundle": [id(6), col("name", "Name", 30), col("code", "Code", 12), col("sale_price", "Price", 12, "right")],
+  "product-group": [id(6), col("name", "Name", 30)],
+  // Accounting
+  "journal-entry": [id(6), col("date", "Date", 12), col("number", "Number", 15), col("description", "Description", 30), col("status", "Status", 12)],
+  "account": [id(6), col("code", "Code", 8), col("name", "Name", 30), col("category", "Category", 12), col("balance", "Balance", 12, "right")],
+  // Files
+  "file": [id(6), col("name", "Name", 35), col("content_type", "Type", 20), col("size", "Size", 10, "right")],
+  // Control Panel
+  "location": [id(6), col("name", "Name", 30), col("is_archived", "Archived", 10)],
+  "tag": [id(6), col("name", "Name", 30), col("tag_group_id", "Group ID", 10, "right")],
+  "tag-group": [id(6), col("name", "Name", 30)]
+};
+function toStr(value) {
+  if (value == null) return "";
+  if (typeof value === "boolean") return value ? "yes" : "no";
+  return String(value);
+}
+function fit(text, width, align) {
+  if (text.length > width) {
+    return width > 3 ? text.slice(0, width - 3) + "..." : text.slice(0, width);
+  }
+  return align === "right" ? text.padStart(width) : text.padEnd(width);
+}
+function formatTable(rows, columns) {
+  const gap = "  ";
+  const lines = [];
+  lines.push(columns.map((c) => fit(c.header, c.width, c.align)).join(gap));
+  lines.push(columns.map((c) => "-".repeat(c.width)).join(gap));
+  for (const row of rows) {
+    lines.push(
+      columns.map((c) => fit(toStr(row[c.key]), c.width, c.align)).join(gap)
+    );
+  }
+  return lines.join("\n") + "\n";
+}
+function outputTable(data, columns) {
+  const items = Array.isArray(data) ? data : [data];
+  if (items.length === 0) {
+    process.stdout.write("(no results)\n");
+    return;
+  }
+  const entityName = columns?.[0];
+  const colDefs = entityName && TABLE_COLUMNS[entityName] || DEFAULT_COLUMNS;
+  const rows = items;
+  process.stdout.write(formatTable(rows, colDefs));
+}
+
+// packages/cli/src/input/json.ts
+async function readJsonInput(opts) {
+  if (opts.data != null) {
+    try {
+      return JSON.parse(opts.data);
+    } catch (err) {
+      outputError(
+        {
+          error: "Invalid JSON input: " + (err instanceof SyntaxError ? err.message : String(err)),
+          code: "VALIDATION_ERROR"
+        },
+        ExitCode.VALIDATION
+      );
+    }
+  }
+  if (!process.stdin.isTTY) {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    const raw = Buffer.concat(chunks).toString("utf-8");
+    try {
+      return JSON.parse(raw);
+    } catch (err) {
+      outputError(
+        {
+          error: "Invalid JSON input: " + (err instanceof SyntaxError ? err.message : String(err)),
+          code: "VALIDATION_ERROR"
+        },
+        ExitCode.VALIDATION
+      );
+    }
+  }
+  outputError(
+    {
+      error: "JSON input required. Use --data flag or pipe JSON to stdin",
+      code: "VALIDATION_ERROR"
+    },
+    ExitCode.VALIDATION
+  );
+}
+
+// packages/cli/src/output/dry-run.ts
+function outputDryRun(opts) {
+  const maskedToken = opts.token.length > 6 ? opts.token.slice(0, 3) + "****" : "****";
+  const output = {
+    dry_run: true,
+    method: opts.method,
+    url: `https://api.bukku.my${opts.path}`,
+    headers: {
+      Authorization: `Bearer ${maskedToken}`,
+      "Company-Subdomain": opts.subdomain
+    }
+  };
+  if (opts.body !== void 0) {
+    output.body = opts.body;
+  }
+  outputJson(output);
+}
+
+// packages/cli/src/commands/factory.ts
+var RESOURCE_NAME_MAP = {
+  "sales-invoice": "invoices",
+  "sales-quote": "quotes",
+  "sales-order": "orders",
+  "sales-credit-note": "credit-notes",
+  "sales-payment": "payments",
+  "sales-refund": "refunds",
+  "delivery-order": "delivery-orders",
+  "purchase-bill": "bills",
+  "purchase-order": "orders",
+  "purchase-credit-note": "credit-notes",
+  "purchase-payment": "payments",
+  "purchase-refund": "refunds",
+  "goods-received-note": "goods-received-notes",
+  "bank-money-in": "money-in",
+  "bank-money-out": "money-out",
+  "bank-transfer": "transfers",
+  "contact": "contacts",
+  "contact-group": "groups",
+  "product": "products",
+  "product-bundle": "bundles",
+  "product-group": "groups",
+  "journal-entry": "journal-entries",
+  "account": "accounts",
+  "file": "files",
+  "location": "locations",
+  "tag": "tags",
+  "tag-group": "tag-groups"
+};
+var GROUP_DESCRIPTIONS = {
+  sales: "Sales invoices, quotes, orders, credit notes, payments, refunds",
+  purchases: "Purchase bills, orders, credit notes, payments, refunds",
+  banking: "Bank transactions and transfers",
+  contacts: "Customers, suppliers, and contacts",
+  products: "Products, bundles, and product groups",
+  accounting: "Chart of accounts and journal entries",
+  files: "File uploads and attachments",
+  "control-panel": "Locations, tags, and tag groups"
+};
+function pluralize(desc) {
+  if (desc.endsWith("y") && !desc.endsWith("ay") && !desc.endsWith("ey") && !desc.endsWith("oy") && !desc.endsWith("uy")) {
+    return desc.slice(0, -1) + "ies";
+  }
+  if (desc.endsWith("s") || desc.endsWith("x") || desc.endsWith("z") || desc.endsWith("ch") || desc.endsWith("sh")) {
+    return desc + "es";
+  }
+  return desc + "s";
+}
+function toFlagName(param) {
+  return param.replace(/_/g, "-");
+}
+function addListCommand(resourceCmd, config) {
+  const listCmd = resourceCmd.command("list").description(`List ${pluralize(config.description)}`);
+  listCmd.option("--limit <n>", "Maximum items per page", void 0).option("--page <n>", "Page number", void 0).option("--search <text>", "Search text", void 0).option("--date-from <date>", "Filter from date (YYYY-MM-DD)", void 0).option("--date-to <date>", "Filter to date (YYYY-MM-DD)", void 0).option("--status <status>", "Filter by status", void 0).option("--sort-by <field>", "Sort by field", void 0).option("--sort-dir <dir>", "Sort direction (asc, desc)", void 0).option("--all", "Fetch all pages", false).option("--format <format>", "Output format (json, table)", "json");
+  if (config.listFilters) {
+    for (const filter of config.listFilters) {
+      const flagName = toFlagName(filter);
+      if (["search", "status"].includes(filter)) continue;
+      listCmd.option(`--${flagName} <value>`, `Filter by ${filter}`, void 0);
+    }
+  }
+  listCmd.action(
+    withAuth(async ({ client, opts }) => {
+      const params = {};
+      if (opts.limit != null) params.page_size = Number(opts.limit);
+      if (opts.page != null) params.page = Number(opts.page);
+      if (opts.search != null) params.search = opts.search;
+      if (opts.dateFrom != null) params.date_from = opts.dateFrom;
+      if (opts.dateTo != null) params.date_to = opts.dateTo;
+      if (opts.status != null) params.status = opts.status;
+      if (opts.sortBy != null) params.sort_by = opts.sortBy;
+      if (opts.sortDir != null) params.sort_dir = opts.sortDir;
+      if (config.listFilters) {
+        for (const filter of config.listFilters) {
+          if (["search", "status"].includes(filter)) continue;
+          const camelKey = toFlagName(filter).replace(/-([a-z])/g, (_, c) => c.toUpperCase());
+          if (opts[camelKey] != null) {
+            params[filter] = opts[camelKey];
+          }
+        }
+      }
+      const format = opts.format;
+      if (opts.all) {
+        const pageSize = params.page_size ?? 100;
+        params.page_size = pageSize;
+        params.page = 1;
+        const firstResponse = await client.get(config.apiBasePath, params);
+        const paging = firstResponse.paging;
+        const allItems = [...firstResponse[config.pluralKey] || []];
+        const totalPages = Math.ceil(paging.total / paging.per_page);
+        if (totalPages > 1) {
+          process.stderr.write(`Fetching page 1/${totalPages}...
+`);
+        }
+        for (let page = 2; page <= totalPages; page++) {
+          process.stderr.write(`Fetching page ${page}/${totalPages}...
+`);
+          params.page = page;
+          const response = await client.get(config.apiBasePath, params);
+          const items = response[config.pluralKey] || [];
+          allItems.push(...items);
+        }
+        if (format === "table") {
+          outputTable(allItems, [config.entity]);
+        } else {
+          outputJson(allItems);
+        }
+      } else {
+        const data = await client.get(config.apiBasePath, params);
+        if (format === "table") {
+          const response = data;
+          const items = response[config.pluralKey] || [];
+          outputTable(items, [config.entity]);
+        } else {
+          outputJson(data);
+        }
+      }
+    })
+  );
+}
+function addGetCommand(resourceCmd, config) {
+  const getCmd = resourceCmd.command("get <id>").description(`Get a single ${config.description} by ID`);
+  getCmd.option("--format <format>", "Output format (json, table)", "json");
+  const wrappedHandler = withAuth(async ({ client, opts }) => {
+    const parsedId = opts._entityId;
+    const data = await client.get(`${config.apiBasePath}/${parsedId}`);
+    const format = opts.format;
+    if (format === "table") {
+      const response = data;
+      const item = response[config.singularKey];
+      outputTable(item ? [item] : [], [config.entity]);
+    } else {
+      outputJson(data);
+    }
+  });
+  getCmd.action(function(idArg, ...rest) {
+    const parsedId = parseInt(idArg, 10);
+    if (isNaN(parsedId) || parsedId <= 0) {
+      process.stderr.write(
+        JSON.stringify({ error: "ID must be a positive integer", code: "VALIDATION_ERROR" }) + "\n"
+      );
+      process.exit(4);
+    }
+    this.setOptionValue("_entityId", parsedId);
+    return wrappedHandler.call(this, idArg, ...rest);
+  });
+}
+function addCreateCommand(resourceCmd, config) {
+  const createCmd = resourceCmd.command("create").description(`Create a new ${config.description}`).option("--data <json>", "JSON data (or pipe to stdin)").option("--dry-run", "Show request details without executing", false);
+  createCmd.action(
+    withAuth(async ({ client, opts, auth }) => {
+      const body = await readJsonInput(opts);
+      if (opts.dryRun) {
+        outputDryRun({ method: "POST", path: config.apiBasePath, token: auth.apiToken, subdomain: auth.companySubdomain, body });
+        return;
+      }
+      const data = await client.post(config.apiBasePath, body);
+      outputJson(data);
+    })
+  );
+}
+function addUpdateCommand(resourceCmd, config) {
+  const updateCmd = resourceCmd.command("update <id>").description(`Update a ${config.description}`).option("--data <json>", "JSON data (or pipe to stdin)").option("--dry-run", "Show request details without executing", false);
+  const wrappedHandler = withAuth(async ({ client, opts, auth }) => {
+    const parsedId = opts._entityId;
+    const body = await readJsonInput(opts);
+    if (opts.dryRun) {
+      outputDryRun({ method: "PUT", path: `${config.apiBasePath}/${parsedId}`, token: auth.apiToken, subdomain: auth.companySubdomain, body });
+      return;
+    }
+    const data = await client.put(`${config.apiBasePath}/${parsedId}`, body);
+    outputJson(data);
+  });
+  updateCmd.action(function(idArg, ...rest) {
+    const parsedId = parseInt(idArg, 10);
+    if (isNaN(parsedId) || parsedId <= 0) {
+      process.stderr.write(
+        JSON.stringify({ error: "ID must be a positive integer", code: "VALIDATION_ERROR" }) + "\n"
+      );
+      process.exit(4);
+    }
+    this.setOptionValue("_entityId", parsedId);
+    return wrappedHandler.call(this, idArg, ...rest);
+  });
+}
+function addDeleteCommand(resourceCmd, config) {
+  const deleteCmd = resourceCmd.command("delete <id>").description(`Delete a ${config.description}`).option("--dry-run", "Show request details without executing", false);
+  const wrappedHandler = withAuth(async ({ client, opts, auth }) => {
+    const parsedId = opts._entityId;
+    if (opts.dryRun) {
+      outputDryRun({ method: "DELETE", path: `${config.apiBasePath}/${parsedId}`, token: auth.apiToken, subdomain: auth.companySubdomain });
+      return;
+    }
+    await client.delete(`${config.apiBasePath}/${parsedId}`);
+    outputJson({});
+  });
+  deleteCmd.action(function(idArg, ...rest) {
+    const parsedId = parseInt(idArg, 10);
+    if (isNaN(parsedId) || parsedId <= 0) {
+      process.stderr.write(
+        JSON.stringify({ error: "ID must be a positive integer", code: "VALIDATION_ERROR" }) + "\n"
+      );
+      process.exit(4);
+    }
+    this.setOptionValue("_entityId", parsedId);
+    return wrappedHandler.call(this, idArg, ...rest);
+  });
+}
+function addStatusCommand(resourceCmd, config) {
+  const statusCmd = resourceCmd.command("status <id>").description(`Update status of a ${config.description}`).requiredOption("--status <status>", "New status value").option("--dry-run", "Show request details without executing", false);
+  const wrappedHandler = withAuth(async ({ client, opts, auth }) => {
+    const parsedId = opts._entityId;
+    const status = opts.status;
+    if (opts.dryRun) {
+      outputDryRun({ method: "PATCH", path: `${config.apiBasePath}/${parsedId}`, token: auth.apiToken, subdomain: auth.companySubdomain, body: { status } });
+      return;
+    }
+    const data = await client.patch(`${config.apiBasePath}/${parsedId}`, { status });
+    outputJson(data);
+  });
+  statusCmd.action(function(idArg, ...rest) {
+    const parsedId = parseInt(idArg, 10);
+    if (isNaN(parsedId) || parsedId <= 0) {
+      process.stderr.write(
+        JSON.stringify({ error: "ID must be a positive integer", code: "VALIDATION_ERROR" }) + "\n"
+      );
+      process.exit(4);
+    }
+    this.setOptionValue("_entityId", parsedId);
+    return wrappedHandler.call(this, idArg, ...rest);
+  });
+}
+function registerEntityCommands(program2) {
+  for (const config of allEntityConfigs) {
+    if (!config.cliGroup) continue;
+    const groupName = config.cliGroup;
+    const resourceName = RESOURCE_NAME_MAP[config.entity];
+    if (!resourceName) continue;
+    let groupCmd = program2.commands.find((c) => c.name() === groupName);
+    if (!groupCmd) {
+      groupCmd = program2.command(groupName).description(GROUP_DESCRIPTIONS[groupName] || groupName);
+    }
+    const resourceCmd = groupCmd.command(resourceName).description(`Manage ${pluralize(config.description)}`);
+    if (config.operations.includes("list")) {
+      addListCommand(resourceCmd, config);
+    }
+    if (config.operations.includes("get")) {
+      addGetCommand(resourceCmd, config);
+    }
+    if (config.operations.includes("create")) {
+      addCreateCommand(resourceCmd, config);
+    }
+    if (config.operations.includes("update")) {
+      addUpdateCommand(resourceCmd, config);
+    }
+    if (config.operations.includes("delete")) {
+      addDeleteCommand(resourceCmd, config);
+    }
+    if (config.hasStatusUpdate) {
+      addStatusCommand(resourceCmd, config);
+    }
+  }
+}
+
+// packages/cli/src/commands/custom/reference-data.ts
+var REFERENCE_TYPES = [
+  {
+    type: "tax_codes",
+    commandName: "tax-codes",
+    description: "List tax codes (tax rate definitions)"
+  },
+  {
+    type: "currencies",
+    commandName: "currencies",
+    description: "List activated currencies"
+  },
+  {
+    type: "payment_methods",
+    commandName: "payment-methods",
+    description: "List payment methods"
+  },
+  {
+    type: "terms",
+    commandName: "terms",
+    description: "List payment terms"
+  },
+  {
+    type: "accounts",
+    commandName: "accounts",
+    description: "List accounts from chart of accounts (quick lookup)"
+  },
+  {
+    type: "price_levels",
+    commandName: "price-levels",
+    description: "List price levels"
+  },
+  {
+    type: "countries",
+    commandName: "countries",
+    description: "List countries"
+  },
+  {
+    type: "classification_code_list",
+    commandName: "classification-codes",
+    description: "List product classification codes (Malaysia LHDN e-Invoice)"
+  },
+  {
+    type: "numberings",
+    commandName: "numberings",
+    description: "List document numbering schemes"
+  },
+  {
+    type: "state_list",
+    commandName: "states",
+    description: "List geographic states/provinces"
+  }
+];
+function registerReferenceDataCommands(program2) {
+  const refDataCmd = program2.command("ref-data").description("Reference data lookups (tax codes, currencies, terms, etc.)");
+  for (const { type, commandName, description } of REFERENCE_TYPES) {
+    refDataCmd.command(commandName).description(description).option("--format <format>", "Output format (json, table)", "json").action(
+      withAuth(async ({ client, opts }) => {
+        const result = await client.post("/v2/lists", {
+          lists: [type],
+          params: []
+        });
+        const format = opts.format;
+        if (format === "table") {
+          const response = result;
+          const items = response[type] || [];
+          outputTable(items);
+        } else {
+          outputJson(result);
+        }
+      })
+    );
+  }
+}
+
+// packages/cli/src/commands/custom/search-accounts.ts
+function registerSearchAccountsCommand(program2) {
+  let accountingCmd = program2.commands.find((c) => c.name() === "accounting");
+  if (!accountingCmd) {
+    accountingCmd = program2.command("accounting").description("Chart of accounts and journal entries");
+  }
+  accountingCmd.command("search-accounts").description("Search and filter accounts from the chart of accounts").option("--search <text>", "Search by name, code, or description").option("--category <cat>", "Filter by category (assets, liabilities, equity, income, expenses)").option("--is-archived", "Include archived accounts", false).option("--sort-by <field>", "Sort by field (code, name, balance)").option("--sort-dir <dir>", "Sort direction (asc, desc)").option("--page <n>", "Page number").option("--limit <n>", "Items per page").option("--format <format>", "Output format (json, table)", "json").action(
+    withAuth(async ({ client, opts }) => {
+      const params = {};
+      if (opts.search != null) params.search = opts.search;
+      if (opts.category != null) params.category = opts.category;
+      if (opts.isArchived) params.is_archived = "true";
+      if (opts.sortBy != null) params.sort_by = opts.sortBy;
+      if (opts.sortDir != null) params.sort_dir = opts.sortDir;
+      if (opts.page != null) params.page = Number(opts.page);
+      if (opts.limit != null) params.page_size = Number(opts.limit);
+      const result = await client.get("/accounts", params);
+      const format = opts.format;
+      if (format === "table") {
+        const response = result;
+        const items = response["accounts"] || [];
+        outputTable(items, ["account"]);
+      } else {
+        outputJson(result);
+      }
+    })
+  );
+}
+
+// packages/cli/src/commands/custom/archive.ts
+var ARCHIVE_CONFIGS = [
+  { group: "contacts", resource: "contacts", apiPath: "/contacts", description: "contact" },
+  { group: "products", resource: "products", apiPath: "/products", description: "product" },
+  { group: "products", resource: "bundles", apiPath: "/products/bundles", description: "product bundle" },
+  { group: "accounting", resource: "accounts", apiPath: "/accounts", description: "account" },
+  { group: "control-panel", resource: "locations", apiPath: "/location", description: "location" }
+];
+function parseId(idArg) {
+  const parsed = parseInt(idArg, 10);
+  if (isNaN(parsed) || parsed <= 0) {
+    outputError(
+      { error: "ID must be a positive integer", code: "VALIDATION_ERROR" },
+      ExitCode.VALIDATION
+    );
+  }
+  return parsed;
+}
+function registerArchiveCommands(program2) {
+  for (const config of ARCHIVE_CONFIGS) {
+    const groupCmd = program2.commands.find((c) => c.name() === config.group);
+    if (!groupCmd) continue;
+    const resourceCmd = groupCmd.commands.find((c) => c.name() === config.resource);
+    if (!resourceCmd) continue;
+    const archiveHandler = withAuth(async ({ client, opts, auth }) => {
+      const id2 = opts._entityId;
+      if (opts.dryRun) {
+        outputDryRun({ method: "PATCH", path: `${config.apiPath}/${id2}`, token: auth.apiToken, subdomain: auth.companySubdomain, body: { is_archived: true } });
+        return;
+      }
+      const data = await client.patch(`${config.apiPath}/${id2}`, { is_archived: true });
+      outputJson(data);
+    });
+    resourceCmd.command("archive <id>").description(`Archive a ${config.description}`).option("--dry-run", "Show request details without executing", false).action(function(idArg, ...rest) {
+      const id2 = parseId(idArg);
+      this.setOptionValue("_entityId", id2);
+      return archiveHandler.call(this, idArg, ...rest);
+    });
+    const unarchiveHandler = withAuth(async ({ client, opts, auth }) => {
+      const id2 = opts._entityId;
+      if (opts.dryRun) {
+        outputDryRun({ method: "PATCH", path: `${config.apiPath}/${id2}`, token: auth.apiToken, subdomain: auth.companySubdomain, body: { is_archived: false } });
+        return;
+      }
+      const data = await client.patch(`${config.apiPath}/${id2}`, { is_archived: false });
+      outputJson(data);
+    });
+    resourceCmd.command("unarchive <id>").description(`Unarchive a ${config.description}`).option("--dry-run", "Show request details without executing", false).action(function(idArg, ...rest) {
+      const id2 = parseId(idArg);
+      this.setOptionValue("_entityId", id2);
+      return unarchiveHandler.call(this, idArg, ...rest);
+    });
+  }
+}
+
+// packages/cli/src/commands/custom/location-write.ts
+function parseId2(idArg) {
+  const parsed = parseInt(idArg, 10);
+  if (isNaN(parsed) || parsed <= 0) {
+    outputError(
+      { error: "ID must be a positive integer", code: "VALIDATION_ERROR" },
+      ExitCode.VALIDATION
+    );
+  }
+  return parsed;
+}
+function registerLocationWriteCommands(program2) {
+  const groupCmd = program2.commands.find((c) => c.name() === "control-panel");
+  if (!groupCmd) return;
+  const resourceCmd = groupCmd.commands.find((c) => c.name() === "locations");
+  if (!resourceCmd) return;
+  const getHandler = withAuth(async ({ client, opts }) => {
+    const id2 = opts._entityId;
+    const data = await client.get(`/location/${id2}`);
+    const format = opts.format;
+    if (format === "table") {
+      const response = data;
+      const item = response["location"];
+      outputTable(item ? [item] : [], ["location"]);
+    } else {
+      outputJson(data);
+    }
+  });
+  resourceCmd.command("get <id>").description("Get a single location by ID").option("--format <format>", "Output format (json, table)", "json").action(function(idArg, ...rest) {
+    const id2 = parseId2(idArg);
+    this.setOptionValue("_entityId", id2);
+    return getHandler.call(this, idArg, ...rest);
+  });
+  const updateHandler = withAuth(async ({ client, opts, auth }) => {
+    const id2 = opts._entityId;
+    const body = await readJsonInput(opts);
+    if (opts.dryRun) {
+      outputDryRun({ method: "PUT", path: `/location/${id2}`, token: auth.apiToken, subdomain: auth.companySubdomain, body });
+      return;
+    }
+    const data = await client.put(`/location/${id2}`, body);
+    outputJson(data);
+  });
+  resourceCmd.command("update <id>").description("Update a location").option("--data <json>", "JSON data (or pipe to stdin)").option("--dry-run", "Show request details without executing", false).action(function(idArg, ...rest) {
+    const id2 = parseId2(idArg);
+    this.setOptionValue("_entityId", id2);
+    return updateHandler.call(this, idArg, ...rest);
+  });
+  const deleteHandler = withAuth(async ({ client, opts, auth }) => {
+    const id2 = opts._entityId;
+    if (opts.dryRun) {
+      outputDryRun({ method: "DELETE", path: `/location/${id2}`, token: auth.apiToken, subdomain: auth.companySubdomain });
+      return;
+    }
+    await client.delete(`/location/${id2}`);
+    outputJson({});
+  });
+  resourceCmd.command("delete <id>").description("Delete a location").option("--dry-run", "Show request details without executing", false).action(function(idArg, ...rest) {
+    const id2 = parseId2(idArg);
+    this.setOptionValue("_entityId", id2);
+    return deleteHandler.call(this, idArg, ...rest);
+  });
+}
+
+// packages/cli/src/commands/custom/journal-entry.ts
+function parseId3(idArg) {
+  const parsed = parseInt(idArg, 10);
+  if (isNaN(parsed) || parsed <= 0) {
+    outputError(
+      { error: "ID must be a positive integer", code: "VALIDATION_ERROR" },
+      ExitCode.VALIDATION
+    );
+  }
+  return parsed;
+}
+function registerJournalEntryCommands(program2) {
+  const groupCmd = program2.commands.find((c) => c.name() === "accounting");
+  if (!groupCmd) return;
+  const resourceCmd = groupCmd.commands.find((c) => c.name() === "journal-entries");
+  if (!resourceCmd) return;
+  resourceCmd.command("create").description("Create a new journal entry").option("--data <json>", "JSON data (or pipe to stdin)").option("--dry-run", "Show request details without executing", false).action(
+    withAuth(async ({ client, opts, auth }) => {
+      const body = await readJsonInput(opts);
+      if (body.journal_items && Array.isArray(body.journal_items)) {
+        const validation = validateDoubleEntry(body.journal_items);
+        if (!validation.valid) {
+          outputError(
+            { error: validation.error, code: "VALIDATION_ERROR" },
+            ExitCode.VALIDATION
+          );
+        }
+      }
+      if (opts.dryRun) {
+        outputDryRun({ method: "POST", path: "/journal_entries", token: auth.apiToken, subdomain: auth.companySubdomain, body });
+        return;
+      }
+      const data = await client.post("/journal_entries", body);
+      outputJson(data);
+    })
+  );
+  const updateHandler = withAuth(async ({ client, opts, auth }) => {
+    const id2 = opts._entityId;
+    const body = await readJsonInput(opts);
+    if (body.journal_items && Array.isArray(body.journal_items)) {
+      const validation = validateDoubleEntry(body.journal_items);
+      if (!validation.valid) {
+        outputError(
+          { error: validation.error, code: "VALIDATION_ERROR" },
+          ExitCode.VALIDATION
+        );
+      }
+    }
+    if (opts.dryRun) {
+      outputDryRun({ method: "PUT", path: `/journal_entries/${id2}`, token: auth.apiToken, subdomain: auth.companySubdomain, body });
+      return;
+    }
+    const data = await client.put(`/journal_entries/${id2}`, body);
+    outputJson(data);
+  });
+  resourceCmd.command("update <id>").description("Update a journal entry").option("--data <json>", "JSON data (or pipe to stdin)").option("--dry-run", "Show request details without executing", false).action(function(idArg, ...rest) {
+    const id2 = parseId3(idArg);
+    this.setOptionValue("_entityId", id2);
+    return updateHandler.call(this, idArg, ...rest);
+  });
+}
+
+// packages/cli/src/commands/custom/file-upload.ts
+import { basename as basename2 } from "node:path";
+import { access } from "node:fs/promises";
+function registerFileUploadCommand(program2) {
+  let groupCmd = program2.commands.find((c) => c.name() === "files");
+  if (!groupCmd) {
+    groupCmd = program2.command("files").description("File uploads and attachments");
+  }
+  const wrappedHandler = withAuth(async ({ client, opts, auth }) => {
+    const filePath = opts._filePath;
+    try {
+      await access(filePath);
+    } catch {
+      outputError(
+        { error: "File not found: " + filePath, code: "VALIDATION_ERROR" },
+        ExitCode.VALIDATION
+      );
+    }
+    if (opts.dryRun) {
+      outputDryRun({ method: "POST", path: "/files", token: auth.apiToken, subdomain: auth.companySubdomain, body: { file: basename2(filePath) } });
+      return;
+    }
+    const data = await client.postMultipart("/files", filePath);
+    outputJson(data);
+  });
+  groupCmd.command("upload <path>").description("Upload a file to Bukku").option("--dry-run", "Show request details without executing", false).action(function(pathArg, ...rest) {
+    this.setOptionValue("_filePath", pathArg);
+    return wrappedHandler.call(this, pathArg, ...rest);
+  });
+}
+
+// packages/cli/src/index.ts
+var __filename = fileURLToPath(import.meta.url);
+var __dirname = dirname(__filename);
+var pkg = JSON.parse(
+  readFileSync(join2(__dirname, "..", "package.json"), "utf-8")
+);
+var program = new Command2();
+program.name("bukku").version(pkg.version).description("Bukku accounting CLI");
+program.option("--api-token <token>", "API token").option("--company-subdomain <subdomain>", "Company subdomain");
+registerEntityCommands(program);
+registerReferenceDataCommands(program);
+registerSearchAccountsCommand(program);
+registerArchiveCommands(program);
+registerLocationWriteCommands(program);
+registerJournalEntryCommands(program);
+registerFileUploadCommand(program);
+program.addCommand(configCommand);
+program.parseAsync(process.argv).catch((err) => {
+  console.error(err instanceof Error ? err.message : String(err));
+  process.exit(1);
+});