@debugbundle/cli 1.4.0 → 1.5.0

package/dist/main.cjs

@@ -14462,6 +14462,113 @@ var coerce = {
 };
 var NEVER = INVALID;
 
+// ../../packages/shared-types/src/tier-capabilities.ts
+var TIER_CAPABILITIES = {
+  free: {
+    remote_probes: false,
+    github_automation: false,
+    slack_integration: false,
+    cloud_improvement_bundles: false,
+    shared_dashboards: false,
+    member_invites: false,
+    included_capacity_units: 1,
+    max_members: 1,
+    ingestion_rate_per_min: 1e3,
+    retrieval_rate_per_min: 100,
+    bundle_retention_days: 7,
+    raw_event_retention_days: 7,
+    // Allowance buckets (account-level pool, not per capacity unit)
+    monthly_bundle_requests: 100,
+    monthly_raw_ingested_events: 750,
+    retained_bundle_cap: 50,
+    monthly_remote_activations: 0,
+    monthly_alert_deliveries: 25,
+    monthly_webhook_deliveries: 100,
+    availability_checks_per_project: 1,
+    availability_check_min_interval_seconds: 300
+  },
+  solo: {
+    remote_probes: true,
+    github_automation: true,
+    slack_integration: false,
+    cloud_improvement_bundles: true,
+    shared_dashboards: false,
+    member_invites: false,
+    included_capacity_units: 3,
+    max_members: 1,
+    ingestion_rate_per_min: 5e3,
+    retrieval_rate_per_min: 300,
+    bundle_retention_days: 30,
+    raw_event_retention_days: 14,
+    // Per-unit allowance (multiply by included and purchased capacity units)
+    monthly_bundle_requests: 250,
+    monthly_raw_ingested_events: 3500,
+    retained_bundle_cap: 150,
+    monthly_remote_activations: 25,
+    monthly_alert_deliveries: 75,
+    monthly_webhook_deliveries: 250,
+    availability_checks_per_project: 5,
+    availability_check_min_interval_seconds: 60
+  },
+  team: {
+    remote_probes: true,
+    github_automation: true,
+    slack_integration: true,
+    cloud_improvement_bundles: true,
+    shared_dashboards: true,
+    member_invites: true,
+    included_capacity_units: 15,
+    max_members: 1e3,
+    ingestion_rate_per_min: 1e4,
+    retrieval_rate_per_min: 500,
+    bundle_retention_days: 90,
+    raw_event_retention_days: 30,
+    // Per-unit allowance (multiply by included and purchased capacity units)
+    monthly_bundle_requests: 1e3,
+    monthly_raw_ingested_events: 1e4,
+    retained_bundle_cap: 400,
+    monthly_remote_activations: 50,
+    monthly_alert_deliveries: 300,
+    monthly_webhook_deliveries: 1e3,
+    availability_checks_per_project: 25,
+    availability_check_min_interval_seconds: 30
+  }
+};
+var SELFHOST_CAPABILITIES = {
+  remote_probes: true,
+  github_automation: true,
+  slack_integration: true,
+  cloud_improvement_bundles: true,
+  shared_dashboards: true,
+  member_invites: true,
+  included_capacity_units: 1e6,
+  max_members: 1e3,
+  ingestion_rate_per_min: 1e6,
+  retrieval_rate_per_min: 1e5,
+  bundle_retention_days: 36500,
+  raw_event_retention_days: 36500,
+  monthly_bundle_requests: 1e9,
+  monthly_raw_ingested_events: 1e9,
+  retained_bundle_cap: 1e6,
+  monthly_remote_activations: 1e6,
+  monthly_alert_deliveries: 1e6,
+  monthly_webhook_deliveries: 1e6,
+  availability_checks_per_project: 1e6,
+  availability_check_min_interval_seconds: 30
+};
+function isSelfHostMode() {
+  return typeof process !== "undefined" && process.env["SELFHOST_MODE"] === "true";
+}
+function getTierCapabilities(plan) {
+  if (isSelfHostMode()) {
+    return SELFHOST_CAPABILITIES;
+  }
+  if (plan !== void 0 && plan in TIER_CAPABILITIES) {
+    return TIER_CAPABILITIES[plan];
+  }
+  return TIER_CAPABILITIES.free;
+}
+
 // ../../packages/shared-types/src/capture-policy.ts
 var EventClassValues = [
   "incident_signal",
@@ -14707,6 +14814,7 @@ function isRouteOnlyExternalProbe(normalizedRoute) {
     "/__debug__/render_panel",
     "/actuator",
     "/autodiscover/autodiscover.json",
+    "/containers/json",
     "/developmentserver/metadatauploader",
     "/cpanel",
     "/favicon.ico",
@@ -17464,6 +17572,16 @@ var DEFAULT_SESSION_LIFETIME_MS = 1e3 * 60 * 60 * 24 * 7;
 var DEFAULT_EMAIL_AUTH_CODE_LIFETIME_MS = 1e3 * 60 * 10;
 var DEFAULT_GITHUB_OAUTH_STATE_LIFETIME_MS = 1e3 * 60 * 10;
 
+// ../../packages/storage/src/availability-check-store-helpers.ts
+var TIER_CAPABILITIES_SQL = {
+  free_limit: getTierCapabilities("free").availability_checks_per_project,
+  solo_limit: getTierCapabilities("solo").availability_checks_per_project,
+  team_limit: getTierCapabilities("team").availability_checks_per_project,
+  free_interval: getTierCapabilities("free").availability_check_min_interval_seconds,
+  solo_interval: getTierCapabilities("solo").availability_check_min_interval_seconds,
+  team_interval: getTierCapabilities("team").availability_check_min_interval_seconds
+};
+
 // ../../packages/storage/src/auth-rate-limiter.ts
 var import_ioredis = __toESM(require_built3(), 1);
 
@@ -17968,8 +18086,131 @@ function classifyEvent(eventType, logLevel, probeActivationId, payload, captureP
 var import_ioredis4 = __toESM(require_built3(), 1);
 var DEFAULT_PROCESSING_TIMEOUT_MS = 5 * 60 * 1e3;
 
-// ../../packages/storage/src/schema-migrations.ts
-var import_node_crypto2 = require("node:crypto");
+// ../../packages/storage/src/availability-check-bootstrap-statements.ts
+var AVAILABILITY_CHECK_BOOTSTRAP_STATEMENTS = [
+  `
+    CREATE TABLE availability_checks (
+      id uuid PRIMARY KEY,
+      project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+      created_by_user_id uuid REFERENCES users(id) ON DELETE SET NULL,
+      name text NOT NULL,
+      url text NOT NULL,
+      method text NOT NULL CHECK (method IN ('GET', 'HEAD')),
+      expected_status_min integer NOT NULL DEFAULT 200 CHECK (expected_status_min BETWEEN 100 AND 599),
+      expected_status_max integer NOT NULL DEFAULT 399 CHECK (expected_status_max BETWEEN 100 AND 599),
+      timeout_ms integer NOT NULL DEFAULT 5000 CHECK (timeout_ms BETWEEN 500 AND 5000),
+      interval_seconds integer NOT NULL CHECK (interval_seconds >= 30),
+      failure_threshold integer NOT NULL DEFAULT 3 CHECK (failure_threshold BETWEEN 1 AND 10),
+      recovery_threshold integer NOT NULL DEFAULT 2 CHECK (recovery_threshold BETWEEN 1 AND 10),
+      environment text NOT NULL DEFAULT 'production',
+      service_name text,
+      enabled boolean NOT NULL DEFAULT true,
+      status text NOT NULL DEFAULT 'unknown' CHECK (status IN ('unknown', 'passing', 'failing')),
+      consecutive_failures integer NOT NULL DEFAULT 0,
+      consecutive_successes integer NOT NULL DEFAULT 0,
+      linked_incident_id uuid REFERENCES incidents(id) ON DELETE SET NULL,
+      last_checked_at timestamptz,
+      next_check_at timestamptz,
+      claimed_at timestamptz,
+      last_result_status text CHECK (
+        last_result_status IS NULL OR last_result_status IN (
+          'success',
+          'http_status_mismatch',
+          'timeout',
+          'dns_error',
+          'tls_error',
+          'connection_error',
+          'redirect_blocked',
+          'security_blocked',
+          'internal_error'
+        )
+      ),
+      last_result_http_status integer,
+      last_result_error_kind text,
+      last_result_error_message text,
+      last_result_duration_ms integer,
+      deleted_at timestamptz,
+      created_at timestamptz NOT NULL DEFAULT now(),
+      updated_at timestamptz NOT NULL DEFAULT now()
+    )
+  `,
+  `
+    CREATE INDEX availability_checks_project_created_idx
+    ON availability_checks (project_id, created_at DESC)
+  `,
+  `
+    CREATE INDEX availability_checks_due_idx
+    ON availability_checks (next_check_at, project_id)
+  `,
+  `
+    CREATE INDEX availability_checks_claimed_idx
+    ON availability_checks (claimed_at)
+  `,
+  `
+    CREATE TABLE availability_check_results (
+      id uuid PRIMARY KEY,
+      check_id uuid NOT NULL REFERENCES availability_checks(id) ON DELETE CASCADE,
+      project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+      started_at timestamptz NOT NULL,
+      completed_at timestamptz NOT NULL,
+      duration_ms integer NOT NULL,
+      status text NOT NULL CHECK (
+        status IN (
+          'success',
+          'http_status_mismatch',
+          'timeout',
+          'dns_error',
+          'tls_error',
+          'connection_error',
+          'redirect_blocked',
+          'security_blocked',
+          'internal_error'
+        )
+      ),
+      http_status integer,
+      error_kind text,
+      error_message text,
+      redirect_count integer NOT NULL DEFAULT 0,
+      checked_url_host text NOT NULL,
+      checked_url_path text NOT NULL,
+      final_url text NOT NULL,
+      created_at timestamptz NOT NULL DEFAULT now()
+    )
+  `,
+  `
+    CREATE INDEX availability_check_results_check_started_idx
+    ON availability_check_results (check_id, started_at DESC)
+  `,
+  `
+    CREATE INDEX availability_check_results_project_started_idx
+    ON availability_check_results (project_id, started_at DESC)
+  `,
+  `
+    CREATE TABLE availability_check_daily_rollups (
+      id uuid PRIMARY KEY,
+      check_id uuid NOT NULL REFERENCES availability_checks(id) ON DELETE CASCADE,
+      project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+      day date NOT NULL,
+      state text NOT NULL CHECK (state IN ('unknown', 'operational', 'degraded', 'down', 'paused')),
+      total_checks integer NOT NULL DEFAULT 0,
+      successful_checks integer NOT NULL DEFAULT 0,
+      failed_checks integer NOT NULL DEFAULT 0,
+      degraded_checks integer NOT NULL DEFAULT 0,
+      avg_duration_ms integer,
+      first_checked_at timestamptz,
+      last_checked_at timestamptz,
+      downtime_seconds integer NOT NULL DEFAULT 0,
+      incident_ids uuid[] NOT NULL DEFAULT '{}'::uuid[],
+      created_at timestamptz NOT NULL DEFAULT now(),
+      updated_at timestamptz NOT NULL DEFAULT now(),
+      UNIQUE (check_id, day)
+    )
+  `,
+  `
+    CREATE INDEX availability_check_daily_rollups_project_day_idx
+    ON availability_check_daily_rollups (project_id, day DESC)
+  `
+];
 
 // ../../packages/storage/src/storage-bootstrap-statements.ts
 var STORAGE_BOOTSTRAP_STATEMENTS = [
@@ -18138,6 +18379,7 @@ var STORAGE_BOOTSTRAP_STATEMENTS = [
       user_id uuid NOT NULL REFERENCES users(id) ON DELETE CASCADE,
       organization_id uuid NOT NULL REFERENCES organizations(id) ON DELETE CASCADE,
       session_token_hash text UNIQUE NOT NULL,
+      auth_method text CHECK (auth_method IS NULL OR auth_method IN ('email_code', 'github_oauth')),
       created_at timestamptz NOT NULL DEFAULT now(),
       expires_at timestamptz NOT NULL,
       revoked_at timestamptz
@@ -19066,12 +19308,257 @@ var STORAGE_BOOTSTRAP_STATEMENTS = [
   `
 ];
 
+// ../../packages/storage/src/storage-bootstrap-all-statements.ts
+var STORAGE_BOOTSTRAP_STATEMENTS2 = [
+  ...STORAGE_BOOTSTRAP_STATEMENTS,
+  ...AVAILABILITY_CHECK_BOOTSTRAP_STATEMENTS
+];
+
 // ../../packages/storage/src/migrations.ts
-var STORAGE_BOOTSTRAP_SQL = STORAGE_BOOTSTRAP_STATEMENTS.join(";\n\n");
+var STORAGE_BOOTSTRAP_SQL = STORAGE_BOOTSTRAP_STATEMENTS2.join(";\n\n");
 
-// ../../packages/storage/src/schema-migrations.ts
+// ../../packages/storage/src/availability-check-schema-migrations.ts
+var import_node_crypto2 = require("node:crypto");
+function defineAvailabilityCheckStorageSchemaMigration(input2) {
+  return {
+    ...input2,
+    checksum: (0, import_node_crypto2.createHash)("sha256").update(JSON.stringify(input2)).digest("hex")
+  };
+}
+var AVAILABILITY_CHECK_STORAGE_SCHEMA_MIGRATIONS = [
+  defineAvailabilityCheckStorageSchemaMigration({
+    id: "202606150001_add_availability_checks",
+    description: "Add project-scoped availability checks, result history, and daily rollups.",
+    statements: [
+      `
+        CREATE TABLE IF NOT EXISTS availability_checks (
+          id uuid PRIMARY KEY,
+          project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+          created_by_user_id uuid REFERENCES users(id) ON DELETE SET NULL,
+          name text NOT NULL,
+          url text NOT NULL,
+          method text NOT NULL,
+          expected_status_min integer NOT NULL DEFAULT 200,
+          expected_status_max integer NOT NULL DEFAULT 399,
+          timeout_ms integer NOT NULL DEFAULT 5000,
+          interval_seconds integer NOT NULL,
+          failure_threshold integer NOT NULL DEFAULT 3,
+          recovery_threshold integer NOT NULL DEFAULT 2,
+          environment text NOT NULL DEFAULT 'production',
+          service_name text,
+          enabled boolean NOT NULL DEFAULT true,
+          status text NOT NULL DEFAULT 'unknown',
+          consecutive_failures integer NOT NULL DEFAULT 0,
+          consecutive_successes integer NOT NULL DEFAULT 0,
+          linked_incident_id uuid REFERENCES incidents(id) ON DELETE SET NULL,
+          last_checked_at timestamptz,
+          next_check_at timestamptz,
+          claimed_at timestamptz,
+          last_result_status text,
+          last_result_http_status integer,
+          last_result_error_kind text,
+          last_result_error_message text,
+          last_result_duration_ms integer,
+          deleted_at timestamptz,
+          created_at timestamptz NOT NULL DEFAULT now(),
+          updated_at timestamptz NOT NULL DEFAULT now()
+        )
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_method_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_method_check
+        CHECK (method IN ('GET', 'HEAD'))
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_expected_status_min_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_expected_status_min_check
+        CHECK (expected_status_min BETWEEN 100 AND 599)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_expected_status_max_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_expected_status_max_check
+        CHECK (expected_status_max BETWEEN 100 AND 599)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_timeout_ms_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_timeout_ms_check
+        CHECK (timeout_ms BETWEEN 500 AND 5000)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_interval_seconds_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_interval_seconds_check
+        CHECK (interval_seconds >= 30)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_failure_threshold_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_failure_threshold_check
+        CHECK (failure_threshold BETWEEN 1 AND 10)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_recovery_threshold_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_recovery_threshold_check
+        CHECK (recovery_threshold BETWEEN 1 AND 10)
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_status_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_status_check
+        CHECK (status IN ('unknown', 'passing', 'failing'))
+      `,
+      `
+        ALTER TABLE availability_checks
+        DROP CONSTRAINT IF EXISTS availability_checks_last_result_status_check
+      `,
+      `
+        ALTER TABLE availability_checks
+        ADD CONSTRAINT availability_checks_last_result_status_check
+        CHECK (
+          last_result_status IS NULL OR last_result_status IN (
+            'success',
+            'http_status_mismatch',
+            'timeout',
+            'dns_error',
+            'tls_error',
+            'connection_error',
+            'redirect_blocked',
+            'security_blocked',
+            'internal_error'
+          )
+        )
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_checks_project_created_idx
+        ON availability_checks (project_id, created_at DESC)
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_checks_due_idx
+        ON availability_checks (next_check_at, project_id)
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_checks_claimed_idx
+        ON availability_checks (claimed_at)
+      `,
+      `
+        CREATE TABLE IF NOT EXISTS availability_check_results (
+          id uuid PRIMARY KEY,
+          check_id uuid NOT NULL REFERENCES availability_checks(id) ON DELETE CASCADE,
+          project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+          started_at timestamptz NOT NULL,
+          completed_at timestamptz NOT NULL,
+          duration_ms integer NOT NULL,
+          status text NOT NULL,
+          http_status integer,
+          error_kind text,
+          error_message text,
+          redirect_count integer NOT NULL DEFAULT 0,
+          checked_url_host text NOT NULL,
+          checked_url_path text NOT NULL,
+          final_url text NOT NULL,
+          created_at timestamptz NOT NULL DEFAULT now()
+        )
+      `,
+      `
+        ALTER TABLE availability_check_results
+        DROP CONSTRAINT IF EXISTS availability_check_results_status_check
+      `,
+      `
+        ALTER TABLE availability_check_results
+        ADD CONSTRAINT availability_check_results_status_check
+        CHECK (
+          status IN (
+            'success',
+            'http_status_mismatch',
+            'timeout',
+            'dns_error',
+            'tls_error',
+            'connection_error',
+            'redirect_blocked',
+            'security_blocked',
+            'internal_error'
+          )
+        )
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_check_results_check_started_idx
+        ON availability_check_results (check_id, started_at DESC)
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_check_results_project_started_idx
+        ON availability_check_results (project_id, started_at DESC)
+      `,
+      `
+        CREATE TABLE IF NOT EXISTS availability_check_daily_rollups (
+          id uuid PRIMARY KEY,
+          check_id uuid NOT NULL REFERENCES availability_checks(id) ON DELETE CASCADE,
+          project_id uuid NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+          day date NOT NULL,
+          state text NOT NULL,
+          total_checks integer NOT NULL DEFAULT 0,
+          successful_checks integer NOT NULL DEFAULT 0,
+          failed_checks integer NOT NULL DEFAULT 0,
+          degraded_checks integer NOT NULL DEFAULT 0,
+          avg_duration_ms integer,
+          first_checked_at timestamptz,
+          last_checked_at timestamptz,
+          downtime_seconds integer NOT NULL DEFAULT 0,
+          incident_ids uuid[] NOT NULL DEFAULT '{}'::uuid[],
+          created_at timestamptz NOT NULL DEFAULT now(),
+          updated_at timestamptz NOT NULL DEFAULT now(),
+          UNIQUE (check_id, day)
+        )
+      `,
+      `
+        ALTER TABLE availability_check_daily_rollups
+        DROP CONSTRAINT IF EXISTS availability_check_daily_rollups_state_check
+      `,
+      `
+        ALTER TABLE availability_check_daily_rollups
+        ADD CONSTRAINT availability_check_daily_rollups_state_check
+        CHECK (state IN ('unknown', 'operational', 'degraded', 'down', 'paused'))
+      `,
+      `
+        CREATE INDEX IF NOT EXISTS availability_check_daily_rollups_project_day_idx
+        ON availability_check_daily_rollups (project_id, day DESC)
+      `
+    ]
+  })
+];
+
+// ../../packages/storage/src/schema-migrations-catalog.ts
+var import_node_crypto3 = require("node:crypto");
 function computeMigrationChecksum(input2) {
-  return (0, import_node_crypto2.createHash)("sha256").update(JSON.stringify(input2)).digest("hex");
+  return (0, import_node_crypto3.createHash)("sha256").update(JSON.stringify(input2)).digest("hex");
 }
 function defineStorageSchemaMigration(input2) {
   return {
@@ -19900,9 +20387,41 @@ var STORAGE_SCHEMA_MIGRATIONS = [
         ON account_payment_provider_events (provider, provider_event_id)
       `
     ]
+  }),
+  defineStorageSchemaMigration({
+    id: "202606120001_add_session_auth_method",
+    description: "Track the auth method used to create each browser session.",
+    statements: [
+      "ALTER TABLE sessions ADD COLUMN IF NOT EXISTS auth_method text",
+      "ALTER TABLE sessions DROP CONSTRAINT IF EXISTS sessions_auth_method_check",
+      `
+        ALTER TABLE sessions
+        ADD CONSTRAINT sessions_auth_method_check
+        CHECK (auth_method IS NULL OR auth_method IN ('email_code', 'github_oauth'))
+      `
+    ]
+  }),
+  defineStorageSchemaMigration({
+    id: "202606130001_retire_expired_project_invites",
+    description: "Retire already-expired project invites so re-inviting the same email is unblocked.",
+    statements: [
+      `
+        UPDATE project_invites
+        SET canceled_at = expires_at
+        WHERE accepted_at IS NULL
+          AND canceled_at IS NULL
+          AND expires_at <= now()
+      `
+    ]
   })
 ];
 
+// ../../packages/storage/src/schema-migrations.ts
+var STORAGE_SCHEMA_MIGRATIONS2 = [
+  ...STORAGE_SCHEMA_MIGRATIONS,
+  ...AVAILABILITY_CHECK_STORAGE_SCHEMA_MIGRATIONS
+];
+
 // src/local-retrieval-store.ts
 var CONNECTION_FILE_PATH2 = ".debugbundle/local/connection.json";
 var STATE_FILE_PATH = ".debugbundle/local/state.json";
@@ -23886,12 +24405,12 @@ async function doctorCommand(input2, dependencies = {}) {
 }
 
 // src/ingest-command.ts
-var import_node_crypto5 = require("node:crypto");
+var import_node_crypto6 = require("node:crypto");
 var import_promises11 = require("node:fs/promises");
 var import_node_path12 = require("node:path");
 
 // ../../packages/log-parser/src/project-id.ts
-var import_node_crypto3 = require("node:crypto");
+var import_node_crypto4 = require("node:crypto");
 var INGEST_SDK = {
   name: "debugbundle-ingest",
   version: "0.1.0"
@@ -23901,7 +24420,7 @@ function slugify(value) {
   return normalized.length > 0 ? normalized : "application";
 }
 function buildDeterministicUuid(parts) {
-  const digest = (0, import_node_crypto3.createHash)("sha256").update(parts.join("\0")).digest();
+  const digest = (0, import_node_crypto4.createHash)("sha256").update(parts.join("\0")).digest();
   const bytes = Uint8Array.from(digest.subarray(0, 16));
   bytes[6] = (bytes[6] ?? 0) & 15 | 80;
   bytes[8] = (bytes[8] ?? 0) & 63 | 128;
@@ -24206,7 +24725,7 @@ function parseLogFile(content, input2) {
 }
 
 // src/process-command.ts
-var import_node_crypto4 = require("node:crypto");
+var import_node_crypto5 = require("node:crypto");
 var import_promises10 = require("node:fs/promises");
 var import_node_path11 = require("node:path");
 
@@ -25380,7 +25899,7 @@ function mergeAggregateGroup(aggregates) {
   });
 }
 function hashIdentifier(parts, prefix, length) {
-  const digest = (0, import_node_crypto4.createHash)("sha256").update(parts.join("\0")).digest("hex");
+  const digest = (0, import_node_crypto5.createHash)("sha256").update(parts.join("\0")).digest("hex");
   return `${prefix}_${digest.slice(0, length)}`;
 }
 function deriveIncidentId(projectId, serviceName, environment, incidentFingerprint) {
@@ -25414,7 +25933,7 @@ function stableJson3(value) {
   return `{${keys.map((key) => `${JSON.stringify(key)}:${stableJson3(record[key])}`).join(",")}}`;
 }
 function buildRequestAnomalyFingerprint(input2) {
-  return (0, import_node_crypto4.createHash)("sha256").update(
+  return (0, import_node_crypto5.createHash)("sha256").update(
     stableJson3({
       kind: "request_status_anomaly",
       project_id: input2.projectId,
@@ -26048,7 +26567,7 @@ function buildEventFileName(events, filePath) {
     const candidate = Date.parse(event.occurred_at);
     return Number.isFinite(candidate) && candidate > latest ? candidate : latest;
   }, 0);
-  const digest = (0, import_node_crypto5.createHash)("sha256").update([filePath, ...events.map((event) => event.event_id)].join("\0")).digest("hex").slice(0, 8);
+  const digest = (0, import_node_crypto6.createHash)("sha256").update([filePath, ...events.map((event) => event.event_id)].join("\0")).digest("hex").slice(0, 8);
   return `${lastOccurredAt}-${digest}-${slugify2(events[0]?.service.name ?? (0, import_node_path12.basename)(filePath))}.events.json`;
 }
 function formatHumanOutput(summary) {
@@ -28596,7 +29115,7 @@ async function listServicesWithAuthCommand(input2, dependencies) {
 }
 
 // src/verify-command.ts
-var import_node_crypto6 = require("node:crypto");
+var import_node_crypto7 = require("node:crypto");
 var import_promises15 = require("node:fs/promises");
 var import_node_path17 = require("node:path");
 function resolveOverallStatus2(checks) {
@@ -28741,7 +29260,7 @@ function cloudVerificationRunId(now) {
   return now.toISOString().replace(/[-:.TZ]/g, "").slice(0, 14);
 }
 function defaultCloudVerificationSuffix() {
-  return (0, import_node_crypto6.randomUUID)().replace(/-/g, "").slice(0, 12);
+  return (0, import_node_crypto7.randomUUID)().replace(/-/g, "").slice(0, 12);
 }
 function normalizeCloudVerificationSuffix(suffix) {
   const normalized = suffix.toLowerCase().replace(/[^a-z0-9]/g, "").slice(0, 12);
@@ -29633,6 +30152,14 @@ var CLI_USAGE_LINES = [
   "  debugbundle probe activate <project-id> --label-pattern <pattern> [--service <name>] [--environment <name>] [--ttl-seconds <n>] [--trigger-ttl-seconds <n>] [--auth-file <path>] [--json]",
   "  debugbundle probe list <project-id> [--auth-file <path>] [--json]",
   "  debugbundle probe deactivate <project-id> <activation-id> [--auth-file <path>] [--json]",
+  "  debugbundle health checks list --project-id <id> [--limit <n>] [--auth-file <path>] [--json]",
+  "  debugbundle health checks get <check-id> --project-id <id> [--auth-file <path>] [--json]",
+  "  debugbundle health checks create --project-id <id> --name <name> --url <url> --interval-seconds <n> [--method <GET|HEAD>] [--expected-status-min <code>] [--expected-status-max <code>] [--timeout-ms <n>] [--failure-threshold <n>] [--recovery-threshold <n>] [--environment <name>] [--service <name|null>] [--enabled <true|false>] [--auth-file <path>] [--json]",
+  "  debugbundle health checks update <check-id> --project-id <id> [--name <name>] [--url <url>] [--method <GET|HEAD>] [--expected-status-min <code>] [--expected-status-max <code>] [--timeout-ms <n>] [--interval-seconds <n>] [--failure-threshold <n>] [--recovery-threshold <n>] [--environment <name>] [--service <name|null>] [--enabled <true|false>] [--auth-file <path>] [--json]",
+  "  debugbundle health checks delete <check-id> --project-id <id> [--auth-file <path>] [--json]",
+  "  debugbundle health checks test --project-id <id> --url <url> [--method <GET|HEAD>] [--expected-status-min <code>] [--expected-status-max <code>] [--timeout-ms <n>] [--auth-file <path>] [--json]",
+  "  debugbundle health checks results <check-id> --project-id <id> [--limit <n>] [--auth-file <path>] [--json]",
+  "  debugbundle health checks daily-rollups <check-id> --project-id <id> [--limit <n>] [--auth-file <path>] [--json]",
   "  debugbundle project members list --project-id <id> [--auth-file <path>] [--json]",
   "  debugbundle project members invites --project-id <id> [--auth-file <path>] [--json]",
   "  debugbundle project members invite --project-id <id> --email <email> --role <admin|member> [--auth-file <path>] [--json]",
@@ -32521,58 +33048,25 @@ async function handleTokenCommand(parsedArgv, dependencies) {
   throw new CliInputError("Unknown token command.");
 }
 
-// src/capture-policy-commands.ts
-var CapturePolicyApiError = class extends Error {
+// src/health-check-commands.ts
+var HealthCheckApiError = class extends Error {
   status;
-  constructor(status, message) {
-    super(message);
-    this.name = "CapturePolicyApiError";
+  code;
+  constructor(status, code) {
+    super(`health_check_api_error: ${status}:${code}`);
+    this.name = "HealthCheckApiError";
     this.status = status;
+    this.code = code;
   }
 };
-function toApiError3(status, body, fallback) {
+function toApiError3(status, body) {
   if (typeof body === "object" && body !== null && "error" in body && typeof body.error === "string") {
-    return new CapturePolicyApiError(status, body.error);
+    return new HealthCheckApiError(status, body.error);
   }
-  return new CapturePolicyApiError(status, fallback);
-}
-function createCapturePolicyApi(httpClient) {
-  return {
-    async getCapturePolicy(input2) {
-      const response = await httpClient.request({
-        method: "GET",
-        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/capture-policy`,
-        bearerToken: input2.bearerToken
-      });
-      if (response.status !== 200) {
-        throw toApiError3(response.status, response.body, "Failed to get capture policy.");
-      }
-      const parsed = CapturePolicyResponseSchema.safeParse(response.body);
-      if (!parsed.success) {
-        throw new CapturePolicyApiError(500, "Invalid capture policy response.");
-      }
-      return parsed.data;
-    },
-    async updateCapturePolicy(input2) {
-      const response = await httpClient.request({
-        method: "PATCH",
-        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/capture-policy`,
-        bearerToken: input2.bearerToken,
-        body: input2.update
-      });
-      if (response.status !== 200) {
-        throw toApiError3(response.status, response.body, "Failed to update capture policy.");
-      }
-      const parsed = CapturePolicyResponseSchema.safeParse(response.body);
-      if (!parsed.success) {
-        throw new CapturePolicyApiError(500, "Invalid capture policy response.");
-      }
-      return parsed.data;
-    }
-  };
+  return new HealthCheckApiError(status, "unknown_error");
 }
 function mapErrorToExitCode11(error) {
-  if (!(error instanceof CapturePolicyApiError)) {
+  if (!(error instanceof HealthCheckApiError)) {
     return 1;
   }
   if (error.status === 401) {
@@ -32584,31 +33078,816 @@ function mapErrorToExitCode11(error) {
   if (error.status === 400) {
     return 4;
   }
+  if (error.status === 403 || error.status === 409) {
+    return 5;
+  }
+  if (error.status === 429) {
+    return 6;
+  }
   return 1;
 }
-function statusesEqual(left, right) {
-  if (left.length !== right.length) {
-    return false;
+function buildCreateRequestBody(input2) {
+  const body = {
+    name: input2.name,
+    url: input2.url,
+    method: input2.method,
+    expected_status_min: input2.expectedStatusMin,
+    expected_status_max: input2.expectedStatusMax,
+    timeout_ms: input2.timeoutMs,
+    interval_seconds: input2.intervalSeconds,
+    failure_threshold: input2.failureThreshold,
+    recovery_threshold: input2.recoveryThreshold,
+    enabled: input2.enabled
+  };
+  if (input2.environment !== void 0) {
+    body["environment"] = input2.environment;
   }
-  return left.every((value, index) => value === right[index]);
-}
-function formatStatusList(statuses) {
-  return statuses.length === 0 ? "none" : statuses.join(", ");
-}
-function formatClientErrorPathRules(response) {
-  const rawOverride = response.overrides.immediate_client_error_path_rules ?? null;
-  const rules = rawOverride ?? response.policy.immediate_client_error_path_rules ?? [];
-  if (rules.length === 0) {
-    return rawOverride === null ? "preset default (none)" : "none (explicit)";
+  if (input2.serviceName !== void 0) {
+    body["service_name"] = input2.serviceName;
   }
-  const formatted = rules.map((rule) => {
-    const methods = rule.methods.length === 0 ? "" : `@${rule.methods.join(",")}`;
-    return `${rule.status_code}=${rule.path_pattern}${methods}`;
-  });
-  return `${rawOverride === null ? "preset default" : "custom"} (${formatted.join("; ")})`;
+  return body;
 }
-function formatClientErrorIncidents(response) {
-  const rawOverride = response.overrides.immediate_client_error_statuses;
+function buildUpdateRequestBody(input2) {
+  const body = {};
+  if (input2.name !== void 0) {
+    body["name"] = input2.name;
+  }
+  if (input2.url !== void 0) {
+    body["url"] = input2.url;
+  }
+  if (input2.method !== void 0) {
+    body["method"] = input2.method;
+  }
+  if (input2.expectedStatusMin !== void 0) {
+    body["expected_status_min"] = input2.expectedStatusMin;
+  }
+  if (input2.expectedStatusMax !== void 0) {
+    body["expected_status_max"] = input2.expectedStatusMax;
+  }
+  if (input2.timeoutMs !== void 0) {
+    body["timeout_ms"] = input2.timeoutMs;
+  }
+  if (input2.intervalSeconds !== void 0) {
+    body["interval_seconds"] = input2.intervalSeconds;
+  }
+  if (input2.failureThreshold !== void 0) {
+    body["failure_threshold"] = input2.failureThreshold;
+  }
+  if (input2.recoveryThreshold !== void 0) {
+    body["recovery_threshold"] = input2.recoveryThreshold;
+  }
+  if (input2.environment !== void 0) {
+    body["environment"] = input2.environment;
+  }
+  if (input2.serviceName !== void 0) {
+    body["service_name"] = input2.serviceName;
+  }
+  if (input2.enabled !== void 0) {
+    body["enabled"] = input2.enabled;
+  }
+  return body;
+}
+function createHealthCheckApi(httpClient) {
+  return {
+    async listHealthChecks(input2) {
+      const limit = input2.limit ?? 100;
+      const response = await httpClient.request({
+        method: "GET",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks?limit=${encodeURIComponent(String(limit))}`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async getHealthCheck(input2) {
+      const response = await httpClient.request({
+        method: "GET",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/${encodeURIComponent(input2.checkId)}`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async createHealthCheck(input2) {
+      const response = await httpClient.request({
+        method: "POST",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks`,
+        bearerToken: input2.bearerToken,
+        body: buildCreateRequestBody(input2)
+      });
+      if (response.status !== 201) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async updateHealthCheck(input2) {
+      const response = await httpClient.request({
+        method: "PATCH",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/${encodeURIComponent(input2.checkId)}`,
+        bearerToken: input2.bearerToken,
+        body: buildUpdateRequestBody(input2)
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async deleteHealthCheck(input2) {
+      const response = await httpClient.request({
+        method: "DELETE",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/${encodeURIComponent(input2.checkId)}`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async testHealthCheck(input2) {
+      const response = await httpClient.request({
+        method: "POST",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/test`,
+        bearerToken: input2.bearerToken,
+        body: {
+          url: input2.url,
+          method: input2.method,
+          expected_status_min: input2.expectedStatusMin,
+          expected_status_max: input2.expectedStatusMax,
+          timeout_ms: input2.timeoutMs
+        }
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async listHealthCheckResults(input2) {
+      const limit = input2.limit ?? 20;
+      const response = await httpClient.request({
+        method: "GET",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/${encodeURIComponent(input2.checkId)}/results?limit=${encodeURIComponent(String(limit))}`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    },
+    async listHealthCheckDailyRollups(input2) {
+      const limit = input2.limit ?? 30;
+      const response = await httpClient.request({
+        method: "GET",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/availability-checks/${encodeURIComponent(input2.checkId)}/daily-rollups?limit=${encodeURIComponent(String(limit))}`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError3(response.status, response.body);
+      }
+      return response.body;
+    }
+  };
+}
+function formatServiceAndEnvironment(check) {
+  return `${check.service_name ?? "availability"}/${check.environment}`;
+}
+function formatNullable(value) {
+  return value === null ? "-" : String(value);
+}
+function formatCheckSummary(check) {
+  const lastResult = check.last_result_status === null ? "no checks yet" : `${check.last_result_status}${check.last_result_http_status === null ? "" : ` ${check.last_result_http_status}`}`;
+  return [
+    `${check.check_id} ${check.name} [${check.status}]`,
+    `${check.method} ${check.url}`,
+    `interval=${check.interval_seconds}s timeout=${check.timeout_ms}ms expected=${check.expected_status_min}-${check.expected_status_max}`,
+    `service=${formatServiceAndEnvironment(check)} enabled=${check.enabled ? "true" : "false"} last=${lastResult}`
+  ].join("\n");
+}
+function formatCheckResultSummary(result) {
+  return [
+    `${result.started_at} ${result.status}`,
+    `http=${formatNullable(result.http_status)} duration=${result.duration_ms}ms redirects=${result.redirect_count}`,
+    `host=${result.checked_url_host} final=${result.final_url}`
+  ].join(" ");
+}
+function formatCheckDailyRollupSummary(rollup) {
+  return [
+    `${rollup.day} ${rollup.state}`,
+    `checks=${rollup.total_checks}`,
+    `success=${rollup.successful_checks}`,
+    `failed=${rollup.failed_checks}`,
+    `degraded=${rollup.degraded_checks}`,
+    `avg=${formatNullable(rollup.avg_duration_ms)}ms`,
+    `downtime=${rollup.downtime_seconds}s`
+  ].join(" ");
+}
+function formatTestResult(result) {
+  return [
+    `Test result: ${result.result.status}`,
+    `http=${formatNullable(result.result.http_status)}`,
+    `duration=${result.result.duration_ms}ms`,
+    `host=${result.result.checked_url_host}`,
+    `final=${result.result.final_url}`
+  ].join(" ");
+}
+async function listHealthChecksCommand(input2, api) {
+  try {
+    const result = await api.listHealthChecks({
+      bearerToken: input2.bearerToken,
+      projectId: input2.projectId,
+      ...input2.limit === void 0 ? {} : { limit: input2.limit }
+    });
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    if (result.checks.length === 0) {
+      return {
+        exitCode: 0,
+        output: `No health checks.
+Plan limits: ${result.limits.max_checks_per_project} checks, minimum interval ${result.limits.min_interval_seconds}s.`
+      };
+    }
+    return {
+      exitCode: 0,
+      output: result.checks.map(formatCheckSummary).join("\n\n")
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function getHealthCheckCommand(input2, api) {
+  try {
+    const result = await api.getHealthCheck({
+      bearerToken: input2.bearerToken,
+      projectId: input2.projectId,
+      checkId: input2.checkId
+    });
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    return {
+      exitCode: 0,
+      output: `${formatCheckSummary(result.check)}
+limits=${result.limits.max_checks_per_project} min_interval=${result.limits.min_interval_seconds}s`
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function createHealthCheckCommand(input2, api) {
+  try {
+    const result = await api.createHealthCheck(input2);
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    return {
+      exitCode: 0,
+      output: `Health check created: ${result.check.check_id} (${result.check.name})`
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function updateHealthCheckCommand(input2, api) {
+  try {
+    const result = await api.updateHealthCheck(input2);
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    return {
+      exitCode: 0,
+      output: `Health check updated: ${result.check.check_id} (${result.check.name})`
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function deleteHealthCheckCommand(input2, api) {
+  try {
+    const result = await api.deleteHealthCheck({
+      bearerToken: input2.bearerToken,
+      projectId: input2.projectId,
+      checkId: input2.checkId
+    });
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    return {
+      exitCode: 0,
+      output: result.deleted ? "Health check deleted." : "Health check was already deleted."
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function testHealthCheckCommand(input2, api) {
+  try {
+    const result = await api.testHealthCheck(input2);
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    return {
+      exitCode: 0,
+      output: formatTestResult(result)
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function listHealthCheckResultsCommand(input2, api) {
+  try {
+    const result = await api.listHealthCheckResults({
+      bearerToken: input2.bearerToken,
+      projectId: input2.projectId,
+      checkId: input2.checkId,
+      ...input2.limit === void 0 ? {} : { limit: input2.limit }
+    });
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    if (result.results.length === 0) {
+      return { exitCode: 0, output: "No health check results." };
+    }
+    return {
+      exitCode: 0,
+      output: result.results.map(formatCheckResultSummary).join("\n")
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function listHealthCheckDailyRollupsCommand(input2, api) {
+  try {
+    const result = await api.listHealthCheckDailyRollups({
+      bearerToken: input2.bearerToken,
+      projectId: input2.projectId,
+      checkId: input2.checkId,
+      ...input2.limit === void 0 ? {} : { limit: input2.limit }
+    });
+    if (input2.json) {
+      return { exitCode: 0, output: JSON.stringify(result) };
+    }
+    if (result.rollups.length === 0) {
+      return { exitCode: 0, output: "No health check daily rollups." };
+    }
+    return {
+      exitCode: 0,
+      output: result.rollups.map(formatCheckDailyRollupSummary).join("\n")
+    };
+  } catch (error) {
+    return { exitCode: mapErrorToExitCode11(error), output: error instanceof Error ? error.message : String(error) };
+  }
+}
+async function createAuthenticatedHealthCheckApi(input2, dependencies) {
+  const readAuth = dependencies?.readAuthState ?? readCliAuthState;
+  const authStateInput = {};
+  if (input2.authFilePath !== void 0) {
+    authStateInput.authFilePath = input2.authFilePath;
+  }
+  const authState = await readAuth(authStateInput);
+  const createHttpClient = dependencies?.createHttpClient ?? ((clientInput) => createCliHttpClient(clientInput));
+  const httpClient = createHttpClient({ baseUrl: authState.base_url });
+  const createApi = dependencies?.createApi ?? createHealthCheckApi;
+  return { authState, api: createApi(httpClient) };
+}
+async function listHealthChecksWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => listHealthChecksCommand(
+      {
+        bearerToken: authState.bearer_token,
+        projectId: input2.projectId,
+        ...input2.limit === void 0 ? {} : { limit: input2.limit },
+        ...input2.json === void 0 ? {} : { json: input2.json }
+      },
+      { listHealthChecks: (requestInput) => api.listHealthChecks(requestInput) }
+    )
+  });
+}
+async function getHealthCheckWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => getHealthCheckCommand(
+      {
+        bearerToken: authState.bearer_token,
+        projectId: input2.projectId,
+        checkId: input2.checkId,
+        ...input2.json === void 0 ? {} : { json: input2.json }
+      },
+      { getHealthCheck: (requestInput) => api.getHealthCheck(requestInput) }
+    )
+  });
+}
+async function createHealthCheckWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => {
+      const commandInput = {
+        ...input2,
+        bearerToken: authState.bearer_token
+      };
+      return createHealthCheckCommand(commandInput, {
+        createHealthCheck: (requestInput) => api.createHealthCheck(requestInput)
+      });
+    }
+  });
+}
+async function updateHealthCheckWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => {
+      const commandInput = {
+        ...input2,
+        bearerToken: authState.bearer_token
+      };
+      return updateHealthCheckCommand(commandInput, {
+        updateHealthCheck: (requestInput) => api.updateHealthCheck(requestInput)
+      });
+    }
+  });
+}
+async function deleteHealthCheckWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => deleteHealthCheckCommand(
+      {
+        bearerToken: authState.bearer_token,
+        projectId: input2.projectId,
+        checkId: input2.checkId,
+        ...input2.json === void 0 ? {} : { json: input2.json }
+      },
+      { deleteHealthCheck: (requestInput) => api.deleteHealthCheck(requestInput) }
+    )
+  });
+}
+async function testHealthCheckWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => {
+      const commandInput = {
+        ...input2,
+        bearerToken: authState.bearer_token
+      };
+      return testHealthCheckCommand(commandInput, {
+        testHealthCheck: (requestInput) => api.testHealthCheck(requestInput)
+      });
+    }
+  });
+}
+async function listHealthCheckResultsWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => listHealthCheckResultsCommand(
+      {
+        bearerToken: authState.bearer_token,
+        projectId: input2.projectId,
+        checkId: input2.checkId,
+        ...input2.limit === void 0 ? {} : { limit: input2.limit },
+        ...input2.json === void 0 ? {} : { json: input2.json }
+      },
+      { listHealthCheckResults: (requestInput) => api.listHealthCheckResults(requestInput) }
+    )
+  });
+}
+async function listHealthCheckDailyRollupsWithAuthCommand(input2, dependencies) {
+  return runAuthenticatedCliCommand(input2, {
+    createApi: createAuthenticatedHealthCheckApi,
+    dependencies,
+    runCommand: (authState, api) => listHealthCheckDailyRollupsCommand(
+      {
+        bearerToken: authState.bearer_token,
+        projectId: input2.projectId,
+        checkId: input2.checkId,
+        ...input2.limit === void 0 ? {} : { limit: input2.limit },
+        ...input2.json === void 0 ? {} : { json: input2.json }
+      },
+      { listHealthCheckDailyRollups: (requestInput) => api.listHealthCheckDailyRollups(requestInput) }
+    )
+  });
+}
+
+// src/management-health-command-handlers.ts
+function readOptionalServiceName(parsedArgv) {
+  const service = readStringOption(parsedArgv, "service");
+  if (service === void 0) {
+    return void 0;
+  }
+  return service === "null" ? null : service;
+}
+function readRequiredProjectId(parsedArgv) {
+  const projectId = readStringOption(parsedArgv, "project-id");
+  if (projectId === void 0) {
+    throw new CliInputError("Missing required option --project-id.");
+  }
+  return projectId;
+}
+function readRequiredUrl(parsedArgv) {
+  const url = readStringOption(parsedArgv, "url");
+  if (url === void 0) {
+    throw new CliInputError("Missing required option --url.");
+  }
+  return url;
+}
+function readRequiredName(parsedArgv) {
+  const name = readStringOption(parsedArgv, "name");
+  if (name === void 0) {
+    throw new CliInputError("Missing required option --name.");
+  }
+  return name;
+}
+async function handleHealthCommand(parsedArgv, dependencies) {
+  const resource = requirePositional(parsedArgv, 1, "resource");
+  if (resource !== "checks") {
+    throw new CliInputError("Unknown health command.");
+  }
+  const action = requirePositional(parsedArgv, 2, "action");
+  if (action === "list") {
+    expectNoUnknownOptions(parsedArgv, ["auth-file", "json", "project-id", "limit"]);
+    ensureNoExtraPositionals(parsedArgv, 3);
+    const limit = readLimitOption(parsedArgv);
+    return await (dependencies.listHealthChecksCommand ?? listHealthChecksWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        ...limit === void 0 ? {} : { limit }
+      })
+    );
+  }
+  if (action === "get") {
+    expectNoUnknownOptions(parsedArgv, ["auth-file", "json", "project-id"]);
+    ensureNoExtraPositionals(parsedArgv, 4);
+    return await (dependencies.getHealthCheckCommand ?? getHealthCheckWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        checkId: requirePositional(parsedArgv, 3, "check-id")
+      })
+    );
+  }
+  if (action === "create") {
+    expectNoUnknownOptions(parsedArgv, [
+      "auth-file",
+      "json",
+      "project-id",
+      "name",
+      "url",
+      "method",
+      "expected-status-min",
+      "expected-status-max",
+      "timeout-ms",
+      "interval-seconds",
+      "failure-threshold",
+      "recovery-threshold",
+      "environment",
+      "service",
+      "enabled"
+    ]);
+    ensureNoExtraPositionals(parsedArgv, 3);
+    const intervalSeconds = readIntegerOption(parsedArgv, "interval-seconds");
+    if (intervalSeconds === void 0) {
+      throw new CliInputError("Missing required option --interval-seconds.");
+    }
+    const method = readStringOption(parsedArgv, "method") ?? "GET";
+    if (method !== "GET" && method !== "HEAD") {
+      throw new CliInputError("Invalid value for --method.");
+    }
+    const enabled = readBooleanStringOption(parsedArgv, "enabled") ?? true;
+    const environment = readStringOption(parsedArgv, "environment");
+    const serviceName = readOptionalServiceName(parsedArgv);
+    return await (dependencies.createHealthCheckCommand ?? createHealthCheckWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        name: readRequiredName(parsedArgv),
+        url: readRequiredUrl(parsedArgv),
+        method,
+        expectedStatusMin: readIntegerOption(parsedArgv, "expected-status-min") ?? 200,
+        expectedStatusMax: readIntegerOption(parsedArgv, "expected-status-max") ?? 399,
+        timeoutMs: readIntegerOption(parsedArgv, "timeout-ms") ?? 5e3,
+        intervalSeconds,
+        failureThreshold: readIntegerOption(parsedArgv, "failure-threshold") ?? 3,
+        recoveryThreshold: readIntegerOption(parsedArgv, "recovery-threshold") ?? 2,
+        ...environment === void 0 ? {} : { environment },
+        ...serviceName === void 0 ? {} : { serviceName },
+        enabled
+      })
+    );
+  }
+  if (action === "update") {
+    expectNoUnknownOptions(parsedArgv, [
+      "auth-file",
+      "json",
+      "project-id",
+      "name",
+      "url",
+      "method",
+      "expected-status-min",
+      "expected-status-max",
+      "timeout-ms",
+      "interval-seconds",
+      "failure-threshold",
+      "recovery-threshold",
+      "environment",
+      "service",
+      "enabled"
+    ]);
+    ensureNoExtraPositionals(parsedArgv, 4);
+    const method = readStringOption(parsedArgv, "method");
+    if (method !== void 0 && method !== "GET" && method !== "HEAD") {
+      throw new CliInputError("Invalid value for --method.");
+    }
+    const input2 = appendCommonAuthOptions(parsedArgv, {
+      projectId: readRequiredProjectId(parsedArgv),
+      checkId: requirePositional(parsedArgv, 3, "check-id")
+    });
+    const name = readStringOption(parsedArgv, "name");
+    const url = readStringOption(parsedArgv, "url");
+    const expectedStatusMin = readIntegerOption(parsedArgv, "expected-status-min");
+    const expectedStatusMax = readIntegerOption(parsedArgv, "expected-status-max");
+    const timeoutMs = readIntegerOption(parsedArgv, "timeout-ms");
+    const intervalSeconds = readIntegerOption(parsedArgv, "interval-seconds");
+    const failureThreshold = readIntegerOption(parsedArgv, "failure-threshold");
+    const recoveryThreshold = readIntegerOption(parsedArgv, "recovery-threshold");
+    const environment = readStringOption(parsedArgv, "environment");
+    const serviceName = readOptionalServiceName(parsedArgv);
+    const enabled = readBooleanStringOption(parsedArgv, "enabled");
+    if (name !== void 0) input2.name = name;
+    if (url !== void 0) input2.url = url;
+    if (method !== void 0) input2.method = method;
+    if (expectedStatusMin !== void 0) input2.expectedStatusMin = expectedStatusMin;
+    if (expectedStatusMax !== void 0) input2.expectedStatusMax = expectedStatusMax;
+    if (timeoutMs !== void 0) input2.timeoutMs = timeoutMs;
+    if (intervalSeconds !== void 0) input2.intervalSeconds = intervalSeconds;
+    if (failureThreshold !== void 0) input2.failureThreshold = failureThreshold;
+    if (recoveryThreshold !== void 0) input2.recoveryThreshold = recoveryThreshold;
+    if (environment !== void 0) input2.environment = environment;
+    if (serviceName !== void 0) input2.serviceName = serviceName;
+    if (enabled !== void 0) input2.enabled = enabled;
+    const hasChanges = name !== void 0 || url !== void 0 || method !== void 0 || expectedStatusMin !== void 0 || expectedStatusMax !== void 0 || timeoutMs !== void 0 || intervalSeconds !== void 0 || failureThreshold !== void 0 || recoveryThreshold !== void 0 || environment !== void 0 || serviceName !== void 0 || enabled !== void 0;
+    if (!hasChanges) {
+      throw new CliInputError("At least one health-check field must be provided.");
+    }
+    return await (dependencies.updateHealthCheckCommand ?? updateHealthCheckWithAuthCommand)(input2);
+  }
+  if (action === "delete") {
+    expectNoUnknownOptions(parsedArgv, ["auth-file", "json", "project-id"]);
+    ensureNoExtraPositionals(parsedArgv, 4);
+    return await (dependencies.deleteHealthCheckCommand ?? deleteHealthCheckWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        checkId: requirePositional(parsedArgv, 3, "check-id")
+      })
+    );
+  }
+  if (action === "test") {
+    expectNoUnknownOptions(parsedArgv, [
+      "auth-file",
+      "json",
+      "project-id",
+      "url",
+      "method",
+      "expected-status-min",
+      "expected-status-max",
+      "timeout-ms"
+    ]);
+    ensureNoExtraPositionals(parsedArgv, 3);
+    const method = readStringOption(parsedArgv, "method") ?? "GET";
+    if (method !== "GET" && method !== "HEAD") {
+      throw new CliInputError("Invalid value for --method.");
+    }
+    return await (dependencies.testHealthCheckCommand ?? testHealthCheckWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        url: readRequiredUrl(parsedArgv),
+        method,
+        expectedStatusMin: readIntegerOption(parsedArgv, "expected-status-min") ?? 200,
+        expectedStatusMax: readIntegerOption(parsedArgv, "expected-status-max") ?? 399,
+        timeoutMs: readIntegerOption(parsedArgv, "timeout-ms") ?? 5e3
+      })
+    );
+  }
+  if (action === "results") {
+    expectNoUnknownOptions(parsedArgv, ["auth-file", "json", "project-id", "limit"]);
+    ensureNoExtraPositionals(parsedArgv, 4);
+    const limit = readLimitOption(parsedArgv);
+    return await (dependencies.listHealthCheckResultsCommand ?? listHealthCheckResultsWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        checkId: requirePositional(parsedArgv, 3, "check-id"),
+        ...limit === void 0 ? {} : { limit }
+      })
+    );
+  }
+  if (action === "daily-rollups") {
+    expectNoUnknownOptions(parsedArgv, ["auth-file", "json", "project-id", "limit"]);
+    ensureNoExtraPositionals(parsedArgv, 4);
+    const limit = readLimitOption(parsedArgv);
+    return await (dependencies.listHealthCheckDailyRollupsCommand ?? listHealthCheckDailyRollupsWithAuthCommand)(
+      appendCommonAuthOptions(parsedArgv, {
+        projectId: readRequiredProjectId(parsedArgv),
+        checkId: requirePositional(parsedArgv, 3, "check-id"),
+        ...limit === void 0 ? {} : { limit }
+      })
+    );
+  }
+  throw new CliInputError("Unknown health checks command.");
+}
+
+// src/capture-policy-commands.ts
+var CapturePolicyApiError = class extends Error {
+  status;
+  constructor(status, message) {
+    super(message);
+    this.name = "CapturePolicyApiError";
+    this.status = status;
+  }
+};
+function toApiError4(status, body, fallback) {
+  if (typeof body === "object" && body !== null && "error" in body && typeof body.error === "string") {
+    return new CapturePolicyApiError(status, body.error);
+  }
+  return new CapturePolicyApiError(status, fallback);
+}
+function createCapturePolicyApi(httpClient) {
+  return {
+    async getCapturePolicy(input2) {
+      const response = await httpClient.request({
+        method: "GET",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/capture-policy`,
+        bearerToken: input2.bearerToken
+      });
+      if (response.status !== 200) {
+        throw toApiError4(response.status, response.body, "Failed to get capture policy.");
+      }
+      const parsed = CapturePolicyResponseSchema.safeParse(response.body);
+      if (!parsed.success) {
+        throw new CapturePolicyApiError(500, "Invalid capture policy response.");
+      }
+      return parsed.data;
+    },
+    async updateCapturePolicy(input2) {
+      const response = await httpClient.request({
+        method: "PATCH",
+        path: `/v1/projects/${encodeURIComponent(input2.projectId)}/capture-policy`,
+        bearerToken: input2.bearerToken,
+        body: input2.update
+      });
+      if (response.status !== 200) {
+        throw toApiError4(response.status, response.body, "Failed to update capture policy.");
+      }
+      const parsed = CapturePolicyResponseSchema.safeParse(response.body);
+      if (!parsed.success) {
+        throw new CapturePolicyApiError(500, "Invalid capture policy response.");
+      }
+      return parsed.data;
+    }
+  };
+}
+function mapErrorToExitCode12(error) {
+  if (!(error instanceof CapturePolicyApiError)) {
+    return 1;
+  }
+  if (error.status === 401) {
+    return 2;
+  }
+  if (error.status === 404) {
+    return 3;
+  }
+  if (error.status === 400) {
+    return 4;
+  }
+  return 1;
+}
+function statusesEqual(left, right) {
+  if (left.length !== right.length) {
+    return false;
+  }
+  return left.every((value, index) => value === right[index]);
+}
+function formatStatusList(statuses) {
+  return statuses.length === 0 ? "none" : statuses.join(", ");
+}
+function formatClientErrorPathRules(response) {
+  const rawOverride = response.overrides.immediate_client_error_path_rules ?? null;
+  const rules = rawOverride ?? response.policy.immediate_client_error_path_rules ?? [];
+  if (rules.length === 0) {
+    return rawOverride === null ? "preset default (none)" : "none (explicit)";
+  }
+  const formatted = rules.map((rule) => {
+    const methods = rule.methods.length === 0 ? "" : `@${rule.methods.join(",")}`;
+    return `${rule.status_code}=${rule.path_pattern}${methods}`;
+  });
+  return `${rawOverride === null ? "preset default" : "custom"} (${formatted.join("; ")})`;
+}
+function formatClientErrorIncidents(response) {
+  const rawOverride = response.overrides.immediate_client_error_statuses;
   if (rawOverride === null) {
     return `preset default (${formatStatusList(response.policy.immediate_client_error_statuses)})`;
   }
@@ -32644,7 +33923,7 @@ async function getCapturePolicyCommand(input2, api) {
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode11(error),
+      exitCode: mapErrorToExitCode12(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -32670,7 +33949,7 @@ ${formatPolicy(response)}`
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode11(error),
+      exitCode: mapErrorToExitCode12(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -32743,7 +34022,7 @@ var CaptureRuleApiError = class extends Error {
     this.status = status;
   }
 };
-function toApiError4(status, body, fallback) {
+function toApiError5(status, body, fallback) {
   if (typeof body === "object" && body !== null && "error" in body && typeof body.error === "string") {
     return new CaptureRuleApiError(status, body.error);
   }
@@ -32758,7 +34037,7 @@ function createCaptureRuleApi(httpClient) {
         bearerToken: input2.bearerToken
       });
       if (response.status !== 200) {
-        throw toApiError4(response.status, response.body, "Failed to list capture rules.");
+        throw toApiError5(response.status, response.body, "Failed to list capture rules.");
       }
       const parsed = CaptureRulesResponseSchema.safeParse(response.body);
       if (!parsed.success) {
@@ -32774,7 +34053,7 @@ function createCaptureRuleApi(httpClient) {
         body: input2.create
       });
       if (response.status !== 201) {
-        throw toApiError4(response.status, response.body, "Failed to create capture rule.");
+        throw toApiError5(response.status, response.body, "Failed to create capture rule.");
       }
       const parsed = CaptureRuleResponseSchema.safeParse(response.body);
       if (!parsed.success) {
@@ -32789,7 +34068,7 @@ function createCaptureRuleApi(httpClient) {
         bearerToken: input2.bearerToken
       });
       if (response.status !== 200) {
-        throw toApiError4(response.status, response.body, "Failed to suggest capture rules.");
+        throw toApiError5(response.status, response.body, "Failed to suggest capture rules.");
       }
       const parsed = CaptureRuleSuggestionsResponseSchema.safeParse(response.body);
       if (!parsed.success) {
@@ -32805,7 +34084,7 @@ function createCaptureRuleApi(httpClient) {
         body: input2.create
       });
       if (response.status !== 201) {
-        throw toApiError4(response.status, response.body, "Failed to create capture rule from suggestion.");
+        throw toApiError5(response.status, response.body, "Failed to create capture rule from suggestion.");
       }
       const parsed = CaptureRuleResponseSchema.safeParse(response.body);
       if (!parsed.success) {
@@ -32821,7 +34100,7 @@ function createCaptureRuleApi(httpClient) {
         body: input2.update
       });
       if (response.status !== 200) {
-        throw toApiError4(response.status, response.body, "Failed to update capture rule.");
+        throw toApiError5(response.status, response.body, "Failed to update capture rule.");
       }
       const parsed = CaptureRuleResponseSchema.safeParse(response.body);
       if (!parsed.success) {
@@ -32836,7 +34115,7 @@ function createCaptureRuleApi(httpClient) {
         bearerToken: input2.bearerToken
       });
       if (response.status !== 200) {
-        throw toApiError4(response.status, response.body, "Failed to delete capture rule.");
+        throw toApiError5(response.status, response.body, "Failed to delete capture rule.");
       }
       if (typeof response.body !== "object" || response.body === null || !("success" in response.body) || response.body.success !== true) {
         throw new CaptureRuleApiError(500, "Invalid capture rule delete response.");
@@ -32845,7 +34124,7 @@ function createCaptureRuleApi(httpClient) {
     }
   };
 }
-function mapErrorToExitCode12(error) {
+function mapErrorToExitCode13(error) {
   if (!(error instanceof CaptureRuleApiError)) {
     return 1;
   }
@@ -32969,7 +34248,7 @@ async function listCaptureRulesCommand(input2, api) {
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -32995,7 +34274,7 @@ ${formatRule(response.rule)}`
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -33012,7 +34291,7 @@ async function suggestCaptureRulesFromIncidentCommand(input2, api) {
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -33038,7 +34317,7 @@ ${formatRule(response.rule)}`
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -33065,7 +34344,7 @@ ${formatRule(response.rule)}`
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -33083,7 +34362,7 @@ async function deleteCaptureRuleCommand(input2, api) {
     };
   } catch (error) {
     return {
-      exitCode: mapErrorToExitCode12(error),
+      exitCode: mapErrorToExitCode13(error),
       output: error instanceof Error ? error.message : String(error)
     };
   }
@@ -33210,7 +34489,7 @@ var ProbeApiError = class extends Error {
     this.code = code;
   }
 };
-function toApiError5(status, body) {
+function toApiError6(status, body) {
   if (typeof body === "object" && body !== null && "error" in body && typeof body.error === "string") {
     return new ProbeApiError(status, body.error);
   }
@@ -33241,7 +34520,7 @@ function createProbeApi(httpClient) {
         body
       });
       if (response.status !== 201) {
-        throw toApiError5(response.status, response.body);
+        throw toApiError6(response.status, response.body);
       }
       return response.body;
     },
@@ -33252,7 +34531,7 @@ function createProbeApi(httpClient) {
         bearerToken: input2.bearerToken
       });
       if (response.status !== 200) {
-        throw toApiError5(response.status, response.body);
+        throw toApiError6(response.status, response.body);
       }
       return response.body;
     },
@@ -33264,13 +34543,13 @@ function createProbeApi(httpClient) {
         body: { activation_id: input2.activationId }
       });
       if (response.status !== 200) {
-        throw toApiError5(response.status, response.body);
+        throw toApiError6(response.status, response.body);
       }
       return response.body;
     }
   };
 }
-function mapErrorToExitCode13(error) {
+function mapErrorToExitCode14(error) {
   if (!(error instanceof ProbeApiError)) {
     return 1;
   }
@@ -33323,7 +34602,7 @@ async function activateProbeCommand(input2, api) {
 Trigger token: ${result.trigger_token}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode13(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listActiveProbesCommand(input2, api) {
@@ -33343,7 +34622,7 @@ async function listActiveProbesCommand(input2, api) {
       output: result.activations.map((a) => `${a.activation_id} ${a.label_pattern} (${a.service}/${a.environment}) expires ${a.expires_at}`).join("\n")
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode13(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function deactivateProbeCommand(input2, api) {
@@ -33361,7 +34640,7 @@ async function deactivateProbeCommand(input2, api) {
       output: result.deactivated ? "Probe deactivated." : "Probe was already inactive."
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode13(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function createAuthenticatedProbeApi(input2, dependencies) {
@@ -33796,7 +35075,7 @@ function handleMemberCommand(parsedArgv, dependencies) {
 }
 
 // src/alert-commands.ts
-function mapErrorToExitCode14(error) {
+function mapErrorToExitCode15(error) {
   if (!(error instanceof AlertApiError)) {
     return 1;
   }
@@ -33834,7 +35113,7 @@ async function listAlertsCommand(input2, api) {
       output: input2.json ? JSON.stringify({ alerts }) : formatAlertTable(alerts)
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listAlertsWithAuthCommand(input2, dependencies) {
@@ -33885,7 +35164,7 @@ async function createAlertCommand(input2, api) {
       output: input2.json ? JSON.stringify({ alert }) : `Alert created: ${alert.alert_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function createAlertWithAuthCommand(input2, dependencies) {
@@ -33955,7 +35234,7 @@ async function updateAlertCommand(input2, api) {
       output: input2.json ? JSON.stringify({ alert }) : `Alert updated: ${alert.alert_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function updateAlertWithAuthCommand(input2, dependencies) {
@@ -34010,7 +35289,7 @@ async function deleteAlertCommand(input2, api) {
       output: input2.json ? JSON.stringify({ alert }) : `Alert deleted: ${alert.alert_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode14(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function deleteAlertWithAuthCommand(input2, dependencies) {
@@ -34034,7 +35313,7 @@ async function deleteAlertWithAuthCommand(input2, dependencies) {
 }
 
 // src/slack-commands.ts
-function mapErrorToExitCode15(error) {
+function mapErrorToExitCode16(error) {
   if (!(error instanceof SlackApiError)) {
     return 1;
   }
@@ -34070,7 +35349,7 @@ async function listSlackDestinationsCommand(input2, api) {
       output: input2.json ? JSON.stringify({ destinations }) : formatSlackDestinationTable(destinations)
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listSlackDestinationsWithAuthCommand(input2, dependencies) {
@@ -34099,7 +35378,7 @@ async function getSlackConnectUrlCommand(input2, api) {
       output: input2.json ? JSON.stringify({ install_url: installUrl }) : installUrl
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function getSlackConnectUrlWithAuthCommand(input2, dependencies) {
@@ -34129,7 +35408,7 @@ async function testSlackDestinationCommand(input2, api) {
       output: input2.json ? JSON.stringify({ delivery }) : `Slack test message delivered for destination: ${input2.destinationId}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function testSlackDestinationWithAuthCommand(input2, dependencies) {
@@ -34159,7 +35438,7 @@ async function deleteSlackDestinationCommand(input2, api) {
       output: input2.json ? JSON.stringify({ destination: deleted }) : `Slack destination deleted: ${deleted.slack_destination_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode15(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function deleteSlackDestinationWithAuthCommand(input2, dependencies) {
@@ -34179,7 +35458,7 @@ async function deleteSlackDestinationWithAuthCommand(input2, dependencies) {
 }
 
 // src/webhook-commands.ts
-function mapErrorToExitCode16(error) {
+function mapErrorToExitCode17(error) {
   if (!(error instanceof WebhookApiError)) {
     return 1;
   }
@@ -34224,7 +35503,7 @@ async function listWebhooksCommand(input2, api) {
       output: input2.json ? JSON.stringify({ webhooks }) : formatWebhookTable(webhooks)
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listWebhooksWithAuthCommand(input2, dependencies) {
@@ -34272,7 +35551,7 @@ async function createWebhookCommand(input2, api) {
 Signing secret: ${webhook.signing_secret}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function createWebhookWithAuthCommand(input2, dependencies) {
@@ -34326,7 +35605,7 @@ async function updateWebhookCommand(input2, api) {
       output: input2.json ? JSON.stringify({ webhook }) : `Webhook updated: ${webhook.webhook_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function updateWebhookWithAuthCommand(input2, dependencies) {
@@ -34372,7 +35651,7 @@ async function deleteWebhookCommand(input2, api) {
       output: input2.json ? JSON.stringify({ webhook }) : `Webhook deleted: ${webhook.webhook_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function deleteWebhookWithAuthCommand(input2, dependencies) {
@@ -34410,7 +35689,7 @@ async function testWebhookCommand(input2, api) {
       output: input2.json ? JSON.stringify({ delivery }) : `Webhook test queued: ${delivery.delivery_id} | ${delivery.event_type} | attempts=${delivery.attempt_count}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function testWebhookWithAuthCommand(input2, dependencies) {
@@ -34451,7 +35730,7 @@ async function listWebhookDeliveriesCommand(input2, api) {
       output: input2.json ? JSON.stringify({ deliveries }) : formatWebhookDeliveriesTable(deliveries)
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listWebhookDeliveriesWithAuthCommand(input2, dependencies) {
@@ -34489,7 +35768,7 @@ async function retryWebhookDeliveryCommand(input2, api) {
       output: input2.json ? JSON.stringify(result) : `Delivery retried: ${result.delivery_id} | ${result.event_type}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode16(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function retryWebhookDeliveryWithAuthCommand(input2, dependencies) {
@@ -34514,7 +35793,7 @@ async function retryWebhookDeliveryWithAuthCommand(input2, dependencies) {
 }
 
 // src/weekly-report-commands.ts
-function mapErrorToExitCode17(error) {
+function mapErrorToExitCode18(error) {
   if (!(error instanceof WeeklyReportApiError)) {
     return 1;
   }
@@ -34549,7 +35828,7 @@ async function listWeeklyReportChannelsCommand(input2, api) {
       output: input2.json ? JSON.stringify({ channels }) : formatWeeklyReportChannelTable(channels)
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode18(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function listWeeklyReportChannelsWithAuthCommand(input2, dependencies) {
@@ -34582,7 +35861,7 @@ async function createWeeklyReportChannelCommand(input2, api) {
       output: input2.json ? JSON.stringify({ channel }) : `Weekly report channel created: ${channel.channel_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode18(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function createWeeklyReportChannelWithAuthCommand(input2, dependencies) {
@@ -34617,7 +35896,7 @@ async function updateWeeklyReportChannelCommand(input2, api) {
       output: input2.json ? JSON.stringify({ channel }) : `Weekly report channel updated: ${channel.channel_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode18(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function updateWeeklyReportChannelWithAuthCommand(input2, dependencies) {
@@ -34648,7 +35927,7 @@ async function deleteWeeklyReportChannelCommand(input2, api) {
       output: input2.json ? JSON.stringify({ channel: deleted }) : `Weekly report channel deleted: ${deleted.channel_id}`
     };
   } catch (error) {
-    return { exitCode: mapErrorToExitCode17(error), output: error instanceof Error ? error.message : String(error) };
+    return { exitCode: mapErrorToExitCode18(error), output: error instanceof Error ? error.message : String(error) };
   }
 }
 async function deleteWeeklyReportChannelWithAuthCommand(input2, dependencies) {
@@ -35258,7 +36537,7 @@ async function handleCaptureRuleCommand2(parsedArgv, dependencies) {
 // package.json
 var package_default = {
   name: "@debugbundle/cli",
-  version: "1.4.0",
+  version: "1.5.0",
   private: false,
   description: "Command-line interface for DebugBundle",
   license: "AGPL-3.0-only",
@@ -35736,6 +37015,9 @@ ${formatUsage()}`
     if (command === "probe") {
       return await handleProbeCommand(parsedArgv, dependencies);
     }
+    if (command === "health") {
+      return await handleHealthCommand(parsedArgv, dependencies);
+    }
     if (command === "member") {
       return await handleMemberCommand(parsedArgv, dependencies);
     }