@cruxy/cli 0.1.0

package/dist/tools/file/apply-patch.js

@@ -0,0 +1,195 @@
+import { promises as fs } from "node:fs";
+import path from "node:path";
+import { z } from "zod";
+import { resolveInRoot } from "./paths.js";
+import { countOccurrences } from "./edit-file.js";
+/** How many leading lines of a created file the approval preview shows. */
+const PREVIEW_LINES = 20;
+const HunkSchema = z.object({
+    oldStr: z
+        .string()
+        .min(1)
+        .describe("Exact text to replace; must occur exactly once in the file."),
+    newStr: z.string().describe("Replacement text."),
+});
+const OperationSchema = z.discriminatedUnion("type", [
+    z.object({
+        type: z.literal("update"),
+        path: z
+            .string()
+            .describe("Path to an existing file, relative to the root."),
+        hunks: z
+            .array(HunkSchema)
+            .min(1)
+            .describe("Edits applied in order; each oldStr must match exactly once."),
+    }),
+    z.object({
+        type: z.literal("create"),
+        path: z.string().describe("Path for a new file; must not already exist."),
+        content: z.string().describe("Full UTF-8 contents of the new file."),
+    }),
+    z.object({
+        type: z.literal("delete"),
+        path: z.string().describe("Path to an existing file to delete."),
+    }),
+]);
+const parameters = z.object({
+    operations: z
+        .array(OperationSchema)
+        .min(1)
+        .describe("The file operations to apply, all-or-nothing."),
+});
+/**
+ * Apply a set of file edits across one or more files in a single, atomic,
+ * reviewed operation. The entire patch is validated up front — every path
+ * resolved inside the project, every `update` hunk confirmed to match exactly
+ * once, every `create` confirmed absent and `delete` confirmed present — and if
+ * anything fails, nothing is written. A single approval covers the whole patch.
+ */
+export const applyPatchTool = {
+    name: "apply_patch",
+    description: "Apply multiple edits across one or more files in a single, atomic, reviewed change — preferred over many edit_file calls for multi-file or multi-hunk work. " +
+        "Input is { operations: [...] } where each operation is one of: " +
+        '{ "type":"update", "path", "hunks":[{ "oldStr", "newStr" }] } — replace each oldStr (which must match EXACTLY ONCE in the file, like edit_file; hunks apply in order) with newStr; ' +
+        '{ "type":"create", "path", "content" } — create a new file (must not already exist); ' +
+        '{ "type":"delete", "path" } — delete an existing file. ' +
+        "The whole patch is validated before anything is written: if any operation is invalid, nothing is applied and the failing operation is reported.",
+    parameters,
+    async execute(input, ctx) {
+        const planned = [];
+        const seen = new Set();
+        for (let i = 0; i < input.operations.length; i++) {
+            const op = input.operations[i];
+            let abs;
+            try {
+                abs = await resolveInRoot(ctx, op.path);
+            }
+            catch (err) {
+                return { ok: false, error: opError(i, op, err.message) };
+            }
+            if (seen.has(abs)) {
+                return {
+                    ok: false,
+                    error: opError(i, op, "duplicate path in patch"),
+                };
+            }
+            seen.add(abs);
+            const planResult = await planOp(i, op, abs, ctx);
+            if (!planResult.ok)
+                return planResult;
+            planned.push(planResult.planned);
+        }
+        // One approval for the whole patch — denial writes nothing.
+        const approved = await ctx.approve({
+            kind: "patch",
+            preview: { type: "patch", files: planned.map(toPreview) },
+        });
+        if (!approved) {
+            return { ok: false, error: "patch denied" };
+        }
+        // Validation passed and the user approved; apply everything. A mid-apply I/O
+        // failure is rare but reported with what already landed.
+        const applied = [];
+        for (const p of planned) {
+            try {
+                if (p.op === "delete") {
+                    await fs.rm(p.abs);
+                }
+                else {
+                    if (p.op === "create") {
+                        await fs.mkdir(path.dirname(p.abs), { recursive: true });
+                    }
+                    await fs.writeFile(p.abs, p.content, "utf8");
+                }
+                applied.push(`${p.op} ${p.rel}`);
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: `patch partially applied then failed at ${p.op} ${p.rel}: ${err.message}. ` +
+                        `Applied before failure: ${applied.join(", ") || "(none)"}`,
+                };
+            }
+        }
+        return { ok: true, output: `applied patch:\n${applied.join("\n")}` };
+    },
+};
+/** Validate one operation against the filesystem and compute its final bytes. */
+async function planOp(i, op, abs, ctx) {
+    const rel = path.relative(ctx.cwd, abs);
+    if (op.type === "create") {
+        if (await exists(abs)) {
+            return { ok: false, error: opError(i, op, "file already exists") };
+        }
+        return {
+            ok: true,
+            planned: { op: "create", abs, rel, content: op.content },
+        };
+    }
+    if (op.type === "delete") {
+        if (!(await exists(abs))) {
+            return { ok: false, error: opError(i, op, "file not found") };
+        }
+        return { ok: true, planned: { op: "delete", abs, rel } };
+    }
+    // update: read, then apply each hunk in order against the running content.
+    let content;
+    try {
+        content = await fs.readFile(abs, "utf8");
+    }
+    catch (err) {
+        if (err.code === "ENOENT") {
+            return { ok: false, error: opError(i, op, "file not found") };
+        }
+        return { ok: false, error: opError(i, op, err.message) };
+    }
+    for (let h = 0; h < op.hunks.length; h++) {
+        const { oldStr, newStr } = op.hunks[h];
+        const matches = countOccurrences(content, oldStr);
+        if (matches === 0) {
+            return {
+                ok: false,
+                error: opError(i, op, `hunk ${h + 1}: oldStr not found`),
+            };
+        }
+        if (matches > 1) {
+            return {
+                ok: false,
+                error: opError(i, op, `hunk ${h + 1}: oldStr not unique (${matches} matches)`),
+            };
+        }
+        // Replace by index so `$` patterns in newStr aren't interpreted.
+        const idx = content.indexOf(oldStr);
+        content =
+            content.slice(0, idx) + newStr + content.slice(idx + oldStr.length);
+    }
+    return {
+        ok: true,
+        planned: { op: "update", abs, rel, content, hunks: op.hunks },
+    };
+}
+/** Shape a planned op into its approval-preview form. */
+function toPreview(p) {
+    if (p.op === "delete")
+        return { op: "delete", path: p.rel };
+    if (p.op === "create") {
+        const allLines = p.content.split("\n");
+        return {
+            op: "create",
+            path: p.rel,
+            lines: allLines.slice(0, PREVIEW_LINES),
+            omittedLines: Math.max(0, allLines.length - PREVIEW_LINES),
+        };
+    }
+    return { op: "update", path: p.rel, hunks: p.hunks };
+}
+/** Human-readable prefix for a failing operation. */
+function opError(i, op, reason) {
+    return `operation ${i + 1} (${op.type} ${op.path}): ${reason}`;
+}
+async function exists(abs) {
+    return fs
+        .access(abs)
+        .then(() => true)
+        .catch(() => false);
+}

package/dist/tools/file/edit-file.d.ts

@@ -0,0 +1,14 @@
+import { z } from "zod";
+import type { Tool } from "../types.js";
+/** Count non-overlapping exact occurrences of `needle` in `haystack`. */
+export declare function countOccurrences(haystack: string, needle: string): number;
+/**
+ * Replace one exact, unique occurrence of `old_str` with `new_str` in a file.
+ * The uniqueness requirement is checked before approval so the model can fix an
+ * ambiguous match without burning a prompt; gated on `ctx.approve` before writing.
+ */
+export declare const editFileTool: Tool<z.ZodObject<{
+    path: z.ZodString;
+    old_str: z.ZodString;
+    new_str: z.ZodString;
+}>>;

package/dist/tools/file/edit-file.js

@@ -0,0 +1,81 @@
+import { promises as fs } from "node:fs";
+import { z } from "zod";
+import { resolveInRoot } from "./paths.js";
+/** Count non-overlapping exact occurrences of `needle` in `haystack`. */
+export function countOccurrences(haystack, needle) {
+    let count = 0;
+    let i = haystack.indexOf(needle);
+    while (i !== -1) {
+        count++;
+        i = haystack.indexOf(needle, i + needle.length);
+    }
+    return count;
+}
+/**
+ * Replace one exact, unique occurrence of `old_str` with `new_str` in a file.
+ * The uniqueness requirement is checked before approval so the model can fix an
+ * ambiguous match without burning a prompt; gated on `ctx.approve` before writing.
+ */
+export const editFileTool = {
+    name: "edit_file",
+    description: "Replace an exact, unique string in a file. old_str must match exactly once — include surrounding lines to make it unique. Read the file first.",
+    parameters: z.object({
+        path: z
+            .string()
+            .describe("Path to the file, relative to the project root."),
+        old_str: z
+            .string()
+            .min(1)
+            .describe("Exact text to replace; must occur exactly once in the file."),
+        new_str: z.string().describe("Replacement text."),
+    }),
+    async execute(input, ctx) {
+        let abs;
+        try {
+            abs = await resolveInRoot(ctx, input.path);
+        }
+        catch (err) {
+            return { ok: false, error: err.message };
+        }
+        let content;
+        try {
+            content = await fs.readFile(abs, "utf8");
+        }
+        catch (err) {
+            if (err.code === "ENOENT") {
+                return { ok: false, error: `file not found: ${input.path}` };
+            }
+            return { ok: false, error: err.message };
+        }
+        const matches = countOccurrences(content, input.old_str);
+        if (matches === 0) {
+            return { ok: false, error: `old_str not found in ${input.path}` };
+        }
+        if (matches > 1) {
+            return {
+                ok: false,
+                error: `old_str not unique (${matches} matches); add surrounding context to disambiguate`,
+            };
+        }
+        const approved = await ctx.approve({
+            kind: "edit",
+            path: abs,
+            preview: { type: "edit", oldStr: input.old_str, newStr: input.new_str },
+        });
+        if (!approved) {
+            return { ok: false, error: `edit to ${input.path} denied` };
+        }
+        // Replace the single occurrence by index to avoid `$`-pattern interpretation.
+        const idx = content.indexOf(input.old_str);
+        const updated = content.slice(0, idx) +
+            input.new_str +
+            content.slice(idx + input.old_str.length);
+        try {
+            await fs.writeFile(abs, updated, "utf8");
+            return { ok: true, output: `edited ${input.path}` };
+        }
+        catch (err) {
+            return { ok: false, error: err.message };
+        }
+    },
+};

package/dist/tools/file/glob.d.ts

@@ -0,0 +1,10 @@
+import { z } from "zod";
+import type { Tool } from "../types.js";
+/**
+ * Find files by glob pattern within the project root. Read-only — no approval.
+ * The pattern is constrained to the root (no absolute or `..` patterns) so glob
+ * can't reach outside, consistent with the other file tools.
+ */
+export declare const globTool: Tool<z.ZodObject<{
+    pattern: z.ZodString;
+}>>;

package/dist/tools/file/glob.js

@@ -0,0 +1,52 @@
+import path from "node:path";
+import { glob } from "tinyglobby";
+import { z } from "zod";
+/** Cap on returned paths — beyond this we truncate with a notice. */
+const MAX_RESULTS = 200;
+const DEFAULT_IGNORE = ["**/node_modules/**", "**/.git/**"];
+/**
+ * Find files by glob pattern within the project root. Read-only — no approval.
+ * The pattern is constrained to the root (no absolute or `..` patterns) so glob
+ * can't reach outside, consistent with the other file tools.
+ */
+export const globTool = {
+    name: "glob",
+    description: "Find files by glob pattern (e.g. 'src/**/*.ts') within the project, ignoring node_modules and .git. Returns paths relative to the project root.",
+    parameters: z.object({
+        pattern: z
+            .string()
+            .describe("Glob pattern, relative to the project root (e.g. 'src/**/*.ts')."),
+    }),
+    async execute(input, ctx) {
+        const pattern = input.pattern;
+        if (path.isAbsolute(pattern) || pattern.split(/[/\\]/).includes("..")) {
+            return {
+                ok: false,
+                error: "pattern must be relative to the project root (no '..' or absolute paths)",
+            };
+        }
+        try {
+            const matches = await glob(pattern, {
+                cwd: path.resolve(ctx.cwd),
+                ignore: DEFAULT_IGNORE,
+                onlyFiles: true,
+                dot: false,
+            });
+            matches.sort();
+            if (matches.length === 0) {
+                return { ok: true, output: "(no matches)" };
+            }
+            if (matches.length > MAX_RESULTS) {
+                const shown = matches.slice(0, MAX_RESULTS).join("\n");
+                return {
+                    ok: true,
+                    output: `${shown}\n\n[truncated: showing ${MAX_RESULTS} of ${matches.length} matches]`,
+                };
+            }
+            return { ok: true, output: matches.join("\n") };
+        }
+        catch (err) {
+            return { ok: false, error: err.message };
+        }
+    },
+};

package/dist/tools/file/grep-files.d.ts

@@ -0,0 +1,32 @@
+import { z } from "zod";
+import type { Tool } from "../types.js";
+declare const parameters: z.ZodObject<{
+    pattern: z.ZodString;
+    path: z.ZodOptional<z.ZodString>;
+    glob: z.ZodOptional<z.ZodString>;
+    ignoreCase: z.ZodOptional<z.ZodBoolean>;
+    maxResults: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    pattern: string;
+    path?: string | undefined;
+    glob?: string | undefined;
+    ignoreCase?: boolean | undefined;
+    maxResults?: number | undefined;
+}, {
+    pattern: string;
+    path?: string | undefined;
+    glob?: string | undefined;
+    ignoreCase?: boolean | undefined;
+    maxResults?: number | undefined;
+}>;
+/**
+ * Search file *contents* for a regex within the project root. Read-only — no
+ * approval — so the model should prefer this over shelling out to grep/rg via
+ * run_command (which is platform-dependent and routes through the approval gate).
+ *
+ * Files are enumerated with the same glob mechanism as the `glob` tool (so
+ * node_modules and .git are always ignored), binary files are skipped, and the
+ * search is bounded by the project-root path boundary shared by every file tool.
+ */
+export declare const grepFilesTool: Tool<typeof parameters>;
+export {};

package/dist/tools/file/grep-files.js

@@ -0,0 +1,113 @@
+import { promises as fs } from "node:fs";
+import path from "node:path";
+import { glob } from "tinyglobby";
+import { z } from "zod";
+import { resolveInRoot } from "./paths.js";
+/** Default cap on returned match lines; beyond it we report the overflow. */
+const DEFAULT_MAX_RESULTS = 100;
+/** Trim point for a single matched line so long lines don't flood the output. */
+const MAX_LINE_LENGTH = 200;
+/** Bytes sniffed for a NUL to decide a file is binary and skip it. */
+const BINARY_SNIFF_BYTES = 8 * 1024;
+const DEFAULT_IGNORE = ["**/node_modules/**", "**/.git/**"];
+const parameters = z.object({
+    pattern: z
+        .string()
+        .describe("A JavaScript regular expression to test each line against."),
+    path: z
+        .string()
+        .optional()
+        .describe("Optional sub-directory (relative to the project root) to scope the search to. Defaults to the project root."),
+    glob: z
+        .string()
+        .optional()
+        .describe("Optional glob to restrict which files are searched (e.g. '*.ts' or 'src/**/*.ts'). Defaults to all files."),
+    ignoreCase: z
+        .boolean()
+        .optional()
+        .describe("Match case-insensitively when true."),
+    maxResults: z
+        .number()
+        .int()
+        .positive()
+        .optional()
+        .describe(`Maximum number of matching lines to return (default ${DEFAULT_MAX_RESULTS}).`),
+});
+/**
+ * Search file *contents* for a regex within the project root. Read-only — no
+ * approval — so the model should prefer this over shelling out to grep/rg via
+ * run_command (which is platform-dependent and routes through the approval gate).
+ *
+ * Files are enumerated with the same glob mechanism as the `glob` tool (so
+ * node_modules and .git are always ignored), binary files are skipped, and the
+ * search is bounded by the project-root path boundary shared by every file tool.
+ */
+export const grepFilesTool = {
+    name: "grep_files",
+    description: "Search file CONTENTS for a regular expression within the project (vs `glob`, which matches file NAMES). Returns matches as 'path:line: text', ignoring node_modules and .git. Read-only and requires no approval — prefer it over shelling out to grep/rg/find via run_command.",
+    parameters,
+    async execute(input, ctx) {
+        // Compile the regex up front; an invalid pattern is a clean failure, not a throw.
+        let regex;
+        try {
+            regex = new RegExp(input.pattern, input.ignoreCase ? "i" : "");
+        }
+        catch (err) {
+            return { ok: false, error: `invalid regex: ${err.message}` };
+        }
+        const root = path.resolve(ctx.cwd);
+        let scope;
+        try {
+            scope = input.path ? await resolveInRoot(ctx, input.path) : root;
+        }
+        catch (err) {
+            return { ok: false, error: err.message };
+        }
+        const maxResults = input.maxResults ?? DEFAULT_MAX_RESULTS;
+        try {
+            const files = await glob(input.glob ?? "**/*", {
+                cwd: scope,
+                ignore: DEFAULT_IGNORE,
+                onlyFiles: true,
+                dot: false,
+            });
+            files.sort();
+            const lines = [];
+            let total = 0; // total matches found, including those past the cap
+            for (const rel of files) {
+                const abs = path.join(scope, rel);
+                const buf = await fs.readFile(abs);
+                if (buf.subarray(0, BINARY_SNIFF_BYTES).includes(0))
+                    continue; // binary
+                const display = path.relative(root, abs);
+                const fileLines = buf.toString("utf8").split("\n");
+                for (let i = 0; i < fileLines.length; i++) {
+                    if (!regex.test(fileLines[i]))
+                        continue;
+                    total++;
+                    if (lines.length < maxResults) {
+                        let text = fileLines[i].trim();
+                        if (text.length > MAX_LINE_LENGTH) {
+                            text = `${text.slice(0, MAX_LINE_LENGTH)}…`;
+                        }
+                        lines.push(`${display}:${i + 1}: ${text}`);
+                    }
+                }
+            }
+            if (total === 0) {
+                return { ok: true, output: "(no matches)" };
+            }
+            const omitted = total - lines.length;
+            const body = lines.join("\n");
+            return {
+                ok: true,
+                output: omitted > 0
+                    ? `${body}\n\n[${omitted} more match${omitted === 1 ? "" : "es"} omitted]`
+                    : body,
+            };
+        }
+        catch (err) {
+            return { ok: false, error: err.message };
+        }
+    },
+};

package/dist/tools/file/index.d.ts

@@ -0,0 +1,7 @@
+export * from "./paths.js";
+export * from "./read-file.js";
+export * from "./write-file.js";
+export * from "./edit-file.js";
+export * from "./apply-patch.js";
+export * from "./glob.js";
+export * from "./grep-files.js";

package/dist/tools/file/index.js

@@ -0,0 +1,7 @@
+export * from "./paths.js";
+export * from "./read-file.js";
+export * from "./write-file.js";
+export * from "./edit-file.js";
+export * from "./apply-patch.js";
+export * from "./glob.js";
+export * from "./grep-files.js";

package/dist/tools/file/paths.d.ts

@@ -0,0 +1,24 @@
+import type { ToolContext } from "../types.js";
+/**
+ * Thrown when a tool argument resolves to a path outside the project root —
+ * whether via `../` traversal, an absolute path, or a symlink pointing outward.
+ * Tools catch this and surface it as `{ ok:false }` rather than letting it throw.
+ */
+export declare class PathEscapeError extends Error {
+    constructor(message: string);
+}
+/**
+ * Resolve a tool-supplied path against the project root (`ctx.cwd`) and prove it
+ * stays inside — the single security boundary every file tool funnels through.
+ *
+ * Two layers: (1) a lexical check that the resolved absolute path is within root
+ * (rejects `../` and absolute-outside before touching the FS); (2) a symlink
+ * check that the real target — or, for a new path, its nearest existing parent —
+ * resolves inside the *real* root. The root is realpath'd too, so this is correct
+ * even when the root itself sits under a symlink (e.g. macOS `/var → /private/var`).
+ *
+ * @returns the resolved absolute path (lexical, not realpath'd — so callers
+ *   operate on the intended location).
+ * @throws {PathEscapeError} if the path escapes the root.
+ */
+export declare function resolveInRoot(ctx: ToolContext, p: string): Promise<string>;

package/dist/tools/file/paths.js

@@ -0,0 +1,65 @@
+import { promises as fs } from "node:fs";
+import path from "node:path";
+/**
+ * Thrown when a tool argument resolves to a path outside the project root —
+ * whether via `../` traversal, an absolute path, or a symlink pointing outward.
+ * Tools catch this and surface it as `{ ok:false }` rather than letting it throw.
+ */
+export class PathEscapeError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "PathEscapeError";
+    }
+}
+/** Is `target` the root itself or a descendant of it? */
+function isInside(root, target) {
+    return target === root || target.startsWith(root + path.sep);
+}
+/**
+ * realpath `p`, or — if it doesn't exist yet — the realpath of its nearest
+ * existing ancestor directory. Lets us validate a not-yet-created path by the
+ * directory it would be created in (catching outward symlinked parents).
+ */
+async function realpathOfNearestExisting(p) {
+    let cur = p;
+    for (;;) {
+        try {
+            return await fs.realpath(cur);
+        }
+        catch (err) {
+            if (err.code !== "ENOENT")
+                throw err;
+            const parent = path.dirname(cur);
+            if (parent === cur)
+                return cur; // reached the filesystem root
+            cur = parent;
+        }
+    }
+}
+/**
+ * Resolve a tool-supplied path against the project root (`ctx.cwd`) and prove it
+ * stays inside — the single security boundary every file tool funnels through.
+ *
+ * Two layers: (1) a lexical check that the resolved absolute path is within root
+ * (rejects `../` and absolute-outside before touching the FS); (2) a symlink
+ * check that the real target — or, for a new path, its nearest existing parent —
+ * resolves inside the *real* root. The root is realpath'd too, so this is correct
+ * even when the root itself sits under a symlink (e.g. macOS `/var → /private/var`).
+ *
+ * @returns the resolved absolute path (lexical, not realpath'd — so callers
+ *   operate on the intended location).
+ * @throws {PathEscapeError} if the path escapes the root.
+ */
+export async function resolveInRoot(ctx, p) {
+    const root = path.resolve(ctx.cwd);
+    const resolved = path.resolve(root, p);
+    if (!isInside(root, resolved)) {
+        throw new PathEscapeError(`path "${p}" resolves outside the project root`);
+    }
+    const realRoot = await fs.realpath(root);
+    const realTarget = await realpathOfNearestExisting(resolved);
+    if (!isInside(realRoot, realTarget)) {
+        throw new PathEscapeError(`path "${p}" resolves outside the project root (via a symlink)`);
+    }
+    return resolved;
+}

package/dist/tools/file/read-file.d.ts

@@ -0,0 +1,8 @@
+import { z } from "zod";
+import type { Tool } from "../types.js";
+/**
+ * Read a UTF-8 text file from within the project root. Read-only — no approval.
+ */
+export declare const readFileTool: Tool<z.ZodObject<{
+    path: z.ZodString;
+}>>;

package/dist/tools/file/read-file.js

@@ -0,0 +1,52 @@
+import { promises as fs } from "node:fs";
+import { z } from "zod";
+import { resolveInRoot } from "./paths.js";
+/** Files larger than this are truncated rather than dumped in full. */
+const MAX_BYTES = 256 * 1024;
+/**
+ * Read a UTF-8 text file from within the project root. Read-only — no approval.
+ */
+export const readFileTool = {
+    name: "read_file",
+    description: "Read a UTF-8 text file within the project and return its contents. Read a file before editing it.",
+    parameters: z.object({
+        path: z
+            .string()
+            .describe("Path to the file, relative to the project root."),
+    }),
+    async execute(input, ctx) {
+        try {
+            const abs = await resolveInRoot(ctx, input.path);
+            const stat = await fs.stat(abs);
+            if (stat.isDirectory()) {
+                return {
+                    ok: false,
+                    error: `"${input.path}" is a directory, not a file`,
+                };
+            }
+            if (stat.size > MAX_BYTES) {
+                const fh = await fs.open(abs, "r");
+                try {
+                    const buf = Buffer.alloc(MAX_BYTES);
+                    const { bytesRead } = await fh.read(buf, 0, MAX_BYTES, 0);
+                    const head = buf.subarray(0, bytesRead).toString("utf8");
+                    return {
+                        ok: true,
+                        output: `${head}\n\n[truncated: first ${MAX_BYTES} bytes of ${stat.size}]`,
+                    };
+                }
+                finally {
+                    await fh.close();
+                }
+            }
+            const content = await fs.readFile(abs, "utf8");
+            return { ok: true, output: content };
+        }
+        catch (err) {
+            if (err.code === "ENOENT") {
+                return { ok: false, error: `file not found: ${input.path}` };
+            }
+            return { ok: false, error: err.message };
+        }
+    },
+};