@devicecloud.dev/dcd 5.0.0-beta.0 → 5.0.0-beta.1

package/dist/services/test-submission.service.js

@@ -1,27 +1,27 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TestSubmissionService = void 0;
-const node_crypto_1 = require("node:crypto");
-const path = require("node:path");
-const methods_1 = require("../methods");
-const paths_1 = require("../utils/paths");
+import { createHash } from 'node:crypto';
+import * as path from 'node:path';
+import { compressFilesFromRelativePath } from '../methods.js';
+import { toPortableRelativePath } from '../utils/paths.js';
 const mimeTypeLookupByExtension = {
     zip: 'application/zip',
 };
 /**
  * Service for building test submission form data
  */
-class TestSubmissionService {
+export class TestSubmissionService {
     /**
-     * Build FormData for test submission
+     * Build the test-submission payload: the compressed flow zip plus every
+     * non-`file` field, each encoded exactly as it is sent today. The same
+     * `fields` feed both the new JSON `submitFlowTest` body and the legacy
+     * multipart `buildFormData`, guaranteeing byte-identical field encoding
+     * across both paths.
      * @param config Test submission configuration
-     * @returns FormData ready to be submitted to the API
+     * @returns The flow zip buffer, its SHA-256, and the string-encoded fields
      */
-    async buildTestFormData(config) {
+    async buildTestPayload(config) {
         const { appBinaryId, flowFile, executionPlan, commonRoot, cliVersion, env = [], metadata = [], googlePlay = false, androidApiLevel, androidDevice, androidNoSnapshot, iOSVersion, iOSDevice, name, runnerType, maestroVersion, deviceLocale, orientation, mitmHost, mitmPath, retry, continueOnFailure = true, report, showCrosshairs, maestroChromeOnboarding, raw, disableAnimations, debug = false, logger, } = config;
         const { allExcludeTags, allIncludeTags, flowMetadata, flowOverrides, flowsToRun: testFileNames, referencedFiles, sequence, workspaceConfig, } = executionPlan;
         const { flows: sequentialFlows = [] } = sequence ?? {};
-        const testFormData = new FormData();
         const envObject = this.parseKeyValuePairs(env);
         const metadataObject = this.parseKeyValuePairs(metadata);
         if (Object.keys(envObject).length > 0) {
@@ -42,7 +42,7 @@ class TestSubmissionService {
             }
         }
         this.logDebug(debug, logger, `[DEBUG] Compressing files from path: ${flowFile}`);
-        const buffer = await (0, methods_1.compressFilesFromRelativePath)(flowFile?.endsWith('.yaml') || flowFile?.endsWith('.yml')
+        const buffer = await compressFilesFromRelativePath(flowFile?.endsWith('.yaml') || flowFile?.endsWith('.yml')
             ? path.dirname(flowFile)
             : flowFile, [
             ...new Set([
@@ -53,19 +53,18 @@ class TestSubmissionService {
         ], commonRoot);
         this.logDebug(debug, logger, `[DEBUG] Compressed file size: ${buffer.length} bytes`);
         // Calculate SHA-256 hash of the flow ZIP
-        const sha = (0, node_crypto_1.createHash)('sha256').update(buffer).digest('hex');
+        const sha = createHash('sha256').update(buffer).digest('hex');
         this.logDebug(debug, logger, `[DEBUG] Flow ZIP SHA-256: ${sha}`);
-        const blob = new Blob([buffer], {
-            type: mimeTypeLookupByExtension.zip,
-        });
-        testFormData.set('file', blob, 'flowFile.zip');
-        testFormData.set('sha', sha);
-        testFormData.set('appBinaryId', appBinaryId);
-        testFormData.set('testFileNames', JSON.stringify(this.normalizePaths(testFileNames, commonRoot)));
-        testFormData.set('flowMetadata', JSON.stringify(this.normalizePathMap(flowMetadata, commonRoot)));
-        testFormData.set('testFileOverrides', JSON.stringify(this.normalizePathMap(flowOverrides, commonRoot)));
-        testFormData.set('sequentialFlows', JSON.stringify(this.normalizePaths(sequentialFlows, commonRoot)));
-        testFormData.set('env', JSON.stringify(envObject));
+        // String-encoded fields, in the same order and with the same encoding as
+        // the legacy multipart FormData. Reused verbatim by both submission paths.
+        const fields = {};
+        fields.sha = sha;
+        fields.appBinaryId = appBinaryId;
+        fields.testFileNames = JSON.stringify(this.normalizePaths(testFileNames, commonRoot));
+        fields.flowMetadata = JSON.stringify(this.normalizePathMap(flowMetadata, commonRoot));
+        fields.testFileOverrides = JSON.stringify(this.normalizePathMap(flowOverrides, commonRoot));
+        fields.sequentialFlows = JSON.stringify(this.normalizePaths(sequentialFlows, commonRoot));
+        fields.env = JSON.stringify(envObject);
         // Note: googlePlay is now included in configPayload below instead of as a separate field
         // to work around a FormData parsing issue in the API
         const targetPlatform = iOSDevice || iOSVersion ? 'ios' : 'android';
@@ -92,13 +91,13 @@ class TestSubmissionService {
             disableAnimations: effectiveDisableAnimations,
             version: cliVersion,
         };
-        testFormData.set('config', JSON.stringify(configPayload));
+        fields.config = JSON.stringify(configPayload);
         if (Object.keys(metadataObject).length > 0) {
             const metadataPayload = { userMetadata: metadataObject };
-            testFormData.set('metadata', JSON.stringify(metadataPayload));
+            fields.metadata = JSON.stringify(metadataPayload);
             this.logDebug(debug, logger, `[DEBUG] Sending metadata to API: ${JSON.stringify(metadataPayload)}`);
         }
-        this.setOptionalFields(testFormData, {
+        this.setOptionalFields(fields, {
             androidApiLevel,
             androidDevice,
             iOSDevice,
@@ -107,9 +106,28 @@ class TestSubmissionService {
             runnerType,
         });
         if (workspaceConfig) {
-            testFormData.set('workspaceConfig', JSON.stringify(workspaceConfig));
+            fields.workspaceConfig = JSON.stringify(workspaceConfig);
+        }
+        return { buffer, fields, sha };
+    }
+    /**
+     * Wraps the payload fields and flow zip into multipart FormData for the
+     * legacy `POST /uploads/flow` fallback. `file` is set first to preserve the
+     * exact part ordering the old code produced.
+     * @param fields String-encoded fields from {@link buildTestPayload}
+     * @param buffer The compressed flow zip
+     * @returns FormData ready to be submitted to the multipart API
+     */
+    buildFormData(fields, buffer) {
+        const formData = new FormData();
+        const blob = new Blob([buffer], {
+            type: mimeTypeLookupByExtension.zip,
+        });
+        formData.set('file', blob, 'flowFile.zip');
+        for (const [key, value] of Object.entries(fields)) {
+            formData.set(key, value);
         }
-        return testFormData;
+        return formData;
     }
     logDebug(debug, logger, message) {
         if (debug && logger) {
@@ -117,7 +135,7 @@ class TestSubmissionService {
         }
     }
     normalizeFilePath(filePath, commonRoot) {
-        return (0, paths_1.toPortableRelativePath)(filePath, commonRoot);
+        return toPortableRelativePath(filePath, commonRoot);
     }
     normalizePathMap(map, commonRoot) {
         return Object.fromEntries(Object.entries(map).map(([key, value]) => [
@@ -137,12 +155,11 @@ class TestSubmissionService {
             return acc;
         }, {});
     }
-    setOptionalFields(formData, fields) {
+    setOptionalFields(target, fields) {
         for (const [key, value] of Object.entries(fields)) {
             if (value) {
-                formData.set(key, value.toString());
+                target[key] = value.toString();
             }
         }
     }
 }
-exports.TestSubmissionService = TestSubmissionService;

package/dist/services/version.service.d.ts

@@ -1,4 +1,4 @@
-import { CompatibilityData } from '../utils/compatibility';
+import { CompatibilityData } from '../utils/compatibility.js';
 /**
  * Service for handling version validation and checking
  */

package/dist/services/version.service.js

@@ -1,12 +1,9 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.VersionService = void 0;
 const DEFAULT_MANIFEST_URL = 'https://get.devicecloud.dev/latest.json';
 const MANIFEST_TIMEOUT_MS = 3000;
 /**
  * Service for handling version validation and checking
  */
-class VersionService {
+export class VersionService {
     /**
      * Fetch the latest published CLI version from the release manifest.
      * Works for both npm- and binary-installed users (no `npm` shell-out).
@@ -95,4 +92,3 @@ class VersionService {
         return resolvedVersion;
     }
 }
-exports.VersionService = VersionService;

package/dist/types/domain/auth.types.d.ts

@@ -1,3 +1,4 @@
+import type { DcdEnvName } from '../../config/environments.js';
 /**
  * Auth context threaded through gateways and services. Callers build this once
  * (via resolveAuth) and the gateway spreads .headers into every fetch.
@@ -5,6 +6,13 @@
 export interface AuthContext {
     headers: Record<string, string>;
     mode: 'apiKey' | 'bearer';
+    /**
+     * Supabase JWT — present when mode === 'bearer'. Lets realtime subscriptions
+     * authenticate the socket (RLS) without re-reading the session from disk.
+     */
+    accessToken?: string;
+    /** Environment the session belongs to — present when mode === 'bearer'. */
+    env?: DcdEnvName;
     /** Present when mode === 'bearer'. */
     orgId?: string;
     /** Present when mode === 'bearer'. */

package/dist/types/domain/auth.types.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/types/domain/device.types.js

@@ -1,11 +1,8 @@
-"use strict";
 /**
  * Device type definitions - should be kept in sync with API
  * @see /Users/riglar/repos/dcd/api/src/common/types/device.types.ts
  */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.EAndroidApiLevels = exports.EiOSVersions = exports.EAndroidDevices = exports.EiOSDevices = void 0;
-var EiOSDevices;
+export var EiOSDevices;
 (function (EiOSDevices) {
     EiOSDevices["ipad-pro-6th-gen"] = "ipad-pro-6th-gen";
     EiOSDevices["iphone-14"] = "iphone-14";
@@ -16,23 +13,23 @@ var EiOSDevices;
     EiOSDevices["iphone-16-plus"] = "iphone-16-plus";
     EiOSDevices["iphone-16-pro"] = "iphone-16-pro";
     EiOSDevices["iphone-16-pro-max"] = "iphone-16-pro-max";
-})(EiOSDevices || (exports.EiOSDevices = EiOSDevices = {}));
-var EAndroidDevices;
+})(EiOSDevices || (EiOSDevices = {}));
+export var EAndroidDevices;
 (function (EAndroidDevices) {
     EAndroidDevices["generic-tablet"] = "generic-tablet";
     EAndroidDevices["pixel-6"] = "pixel-6";
     EAndroidDevices["pixel-6-pro"] = "pixel-6-pro";
     EAndroidDevices["pixel-7"] = "pixel-7";
     EAndroidDevices["pixel-7-pro"] = "pixel-7-pro";
-})(EAndroidDevices || (exports.EAndroidDevices = EAndroidDevices = {}));
-var EiOSVersions;
+})(EAndroidDevices || (EAndroidDevices = {}));
+export var EiOSVersions;
 (function (EiOSVersions) {
     EiOSVersions["eighteen"] = "18";
     EiOSVersions["seventeen"] = "17";
     EiOSVersions["sixteen"] = "16";
     EiOSVersions["twentySix"] = "26";
-})(EiOSVersions || (exports.EiOSVersions = EiOSVersions = {}));
-var EAndroidApiLevels;
+})(EiOSVersions || (EiOSVersions = {}));
+export var EAndroidApiLevels;
 (function (EAndroidApiLevels) {
     EAndroidApiLevels["thirty"] = "30";
     EAndroidApiLevels["thirtyFive"] = "35";
@@ -42,4 +39,4 @@ var EAndroidApiLevels;
     EAndroidApiLevels["thirtyThree"] = "33";
     EAndroidApiLevels["thirtyTwo"] = "32";
     EAndroidApiLevels["twentyNine"] = "29";
-})(EAndroidApiLevels || (exports.EAndroidApiLevels = EAndroidApiLevels = {}));
+})(EAndroidApiLevels || (EAndroidApiLevels = {}));

package/dist/types/domain/live.types.js

@@ -1,4 +1,3 @@
-"use strict";
 // Hand-defined: the swagger spec has no /live routes, so openapi-typescript
 // cannot generate these in schema.types.ts.
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/types/generated/schema.types.js

@@ -1,3 +1,2 @@
-"use strict";
 /* eslint-disable prettier/prettier */
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/types/index.d.ts

@@ -2,5 +2,5 @@
  * Centralized type exports.
  * Types are organized by domain in subdirectories.
  */
-export * from './domain/device.types';
-export * from './generated/schema.types';
+export * from './domain/device.types.js';
+export * from './generated/schema.types.js';

package/dist/types/index.js

@@ -1,24 +1,8 @@
-"use strict";
 /**
  * Centralized type exports.
  * Types are organized by domain in subdirectories.
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
 // Domain-specific types
-__exportStar(require("./domain/device.types"), exports);
+export * from './domain/device.types.js';
 // Generated types from OpenAPI schema
-__exportStar(require("./generated/schema.types"), exports);
+export * from './generated/schema.types.js';

package/dist/types.js

@@ -1,2 +1 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
+export {};

package/dist/utils/auth.d.ts

@@ -1,4 +1,4 @@
-import type { AuthContext } from '../types/domain/auth.types';
+import type { AuthContext } from '../types/domain/auth.types.js';
 export interface ResolveAuthOptions {
     apiKeyFlag: string | undefined;
     /** When true, bypass stored session entirely (for `dcd login` itself). */

package/dist/utils/auth.js

@@ -1,6 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.resolveAuth = resolveAuth;
 /**
  * Resolves which credential a command should use and returns the fetch headers
  * to send. Precedence: --api-key flag > DEVICE_CLOUD_API_KEY env > stored
@@ -10,19 +7,19 @@ exports.resolveAuth = resolveAuth;
  * use the returned AuthContext for the duration of the command — one resolve
  * per invocation, not per request.
  */
-const node_fs_1 = require("node:fs");
-const environments_1 = require("../config/environments");
-const cli_auth_gateway_1 = require("../gateways/cli-auth-gateway");
-const telemetry_service_1 = require("../services/telemetry.service");
-const cli_1 = require("./cli");
-const config_store_1 = require("./config-store");
+import { closeSync, openSync, rmSync, statSync } from 'node:fs';
+import { ENVIRONMENTS } from '../config/environments.js';
+import { CliAuthGateway } from '../gateways/cli-auth-gateway.js';
+import { telemetry } from '../services/telemetry.service.js';
+import { CliError } from './cli.js';
+import { getConfigPath, readConfig, writeConfig, } from './config-store.js';
 const REFRESH_SKEW_SECONDS = 60;
 // Refresh lock tuning: a refresh is a single HTTP round-trip, so anything
 // holding the lock longer than this is presumed dead.
 const LOCK_STALE_MS = 10_000;
 const LOCK_WAIT_MS = 10_000;
 const LOCK_POLL_MS = 250;
-async function resolveAuth(opts) {
+export async function resolveAuth(opts) {
     if (!opts.sessionOnly) {
         const flag = opts.apiKeyFlag?.trim();
         if (flag) {
@@ -30,7 +27,7 @@ async function resolveAuth(opts) {
                 mode: 'apiKey',
                 headers: { 'x-app-api-key': flag },
             };
-            telemetry_service_1.telemetry.configure({ auth });
+            telemetry.configure({ auth });
             return auth;
         }
         const env = process.env.DEVICE_CLOUD_API_KEY?.trim();
@@ -39,14 +36,14 @@ async function resolveAuth(opts) {
                 mode: 'apiKey',
                 headers: { 'x-app-api-key': env },
             };
-            telemetry_service_1.telemetry.configure({ auth });
+            telemetry.configure({ auth });
             return auth;
         }
     }
     if (opts.skipSession) {
         throw missingCredentialsError();
     }
-    let config = (0, config_store_1.readConfig)();
+    let config = readConfig();
     if (!config?.session) {
         throw missingCredentialsError();
     }
@@ -56,10 +53,12 @@ async function resolveAuth(opts) {
         ({ config, session } = await refreshSessionWithLock(config));
     }
     if (!config.current_org_id) {
-        throw new cli_1.CliError('No active organization set. Run `dcd switch-org <slug>` to pick one.');
+        throw new CliError('No active organization set. Run `dcd switch-org <slug>` to pick one.');
     }
     const auth = {
         mode: 'bearer',
+        accessToken: session.access_token,
+        env: config.env,
         orgId: config.current_org_id,
         userEmail: session.user_email,
         headers: {
@@ -67,7 +66,7 @@ async function resolveAuth(opts) {
             'x-dcd-org': config.current_org_id,
         },
     };
-    telemetry_service_1.telemetry.configure({ auth, apiUrl: config.api_url });
+    telemetry.configure({ auth, apiUrl: config.api_url });
     return auth;
 }
 /**
@@ -76,27 +75,27 @@ async function resolveAuth(opts) {
  * Supabase refresh token — token rotation would revoke the session family.
  */
 async function refreshSessionWithLock(initial) {
-    const lockPath = `${(0, config_store_1.getConfigPath)()}.lock`;
+    const lockPath = `${getConfigPath()}.lock`;
     await acquireRefreshLock(lockPath);
     try {
         // Re-read: another process may have refreshed while we waited.
-        const current = (0, config_store_1.readConfig)() ?? initial;
+        const current = readConfig() ?? initial;
         const session = current.session ?? initial.session;
         const now = Math.floor(Date.now() / 1000);
         if (session.expires_at > now + REFRESH_SKEW_SECONDS) {
             return { config: current, session };
         }
-        const { anonKey } = environments_1.ENVIRONMENTS[current.env].supabase;
-        const refreshed = await cli_auth_gateway_1.CliAuthGateway.refresh(current.supabase_url, anonKey, session);
+        const { anonKey } = ENVIRONMENTS[current.env].supabase;
+        const refreshed = await CliAuthGateway.refresh(current.supabase_url, anonKey, session);
         // Re-read again and merge only `session` so a concurrent `switch-org`
         // write (org fields) isn't reverted by our pre-refresh snapshot.
-        const merged = { ...((0, config_store_1.readConfig)() ?? current), session: refreshed };
-        (0, config_store_1.writeConfig)(merged);
+        const merged = { ...(readConfig() ?? current), session: refreshed };
+        writeConfig(merged);
         return { config: merged, session: refreshed };
     }
     finally {
         try {
-            (0, node_fs_1.rmSync)(lockPath, { force: true });
+            rmSync(lockPath, { force: true });
         }
         catch { /* best effort */ }
     }
@@ -105,7 +104,7 @@ async function acquireRefreshLock(lockPath) {
     const deadline = Date.now() + LOCK_WAIT_MS;
     for (;;) {
         try {
-            (0, node_fs_1.closeSync)((0, node_fs_1.openSync)(lockPath, 'wx'));
+            closeSync(openSync(lockPath, 'wx'));
             return;
         }
         catch {
@@ -113,19 +112,19 @@ async function acquireRefreshLock(lockPath) {
                 // Don't hang the command forever: steal the lock if possible and
                 // proceed regardless — worst case we race like the pre-lock code did.
                 try {
-                    (0, node_fs_1.rmSync)(lockPath, { force: true });
+                    rmSync(lockPath, { force: true });
                 }
                 catch { /* best effort */ }
                 try {
-                    (0, node_fs_1.closeSync)((0, node_fs_1.openSync)(lockPath, 'wx'));
+                    closeSync(openSync(lockPath, 'wx'));
                 }
                 catch { /* best effort */ }
                 return;
             }
             try {
-                if (Date.now() - (0, node_fs_1.statSync)(lockPath).mtimeMs > LOCK_STALE_MS) {
+                if (Date.now() - statSync(lockPath).mtimeMs > LOCK_STALE_MS) {
                     // Holder presumed dead — take over.
-                    (0, node_fs_1.rmSync)(lockPath, { force: true });
+                    rmSync(lockPath, { force: true });
                     continue;
                 }
             }
@@ -138,5 +137,5 @@ async function acquireRefreshLock(lockPath) {
     }
 }
 function missingCredentialsError() {
-    return new cli_1.CliError('Not authenticated. Provide an API key via --api-key or the DEVICE_CLOUD_API_KEY environment variable, or run `dcd login`.');
+    return new CliError('Not authenticated. Provide an API key via --api-key or the DEVICE_CLOUD_API_KEY environment variable, or run `dcd login`.');
 }

package/dist/utils/ci.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Best-effort detection of non-interactive / CI environments. Used to suppress
+ * interactive niceties (e.g. the `dcd login` nudge) that only make sense for a
+ * human at a terminal. Dependency-free on purpose — these are the env vars the
+ * major providers set, plus a TTY check for piped/redirected output.
+ */
+/**
+ * Returns true when running under CI or otherwise non-interactively (no TTY on
+ * stdout, e.g. output piped to a file). A truthy value for any known CI env var
+ * counts — providers set `CI=true`, but a bare presence check is the safe net.
+ */
+export declare function isCI(): boolean;

package/dist/utils/ci.js

@@ -0,0 +1,39 @@
+/**
+ * Best-effort detection of non-interactive / CI environments. Used to suppress
+ * interactive niceties (e.g. the `dcd login` nudge) that only make sense for a
+ * human at a terminal. Dependency-free on purpose — these are the env vars the
+ * major providers set, plus a TTY check for piped/redirected output.
+ */
+// Generic + per-provider markers. `CI` is set by virtually every provider;
+// the rest cover platforms that historically didn't set it.
+const CI_ENV_VARS = [
+    'CI',
+    'CONTINUOUS_INTEGRATION',
+    'BUILD_NUMBER',
+    'GITHUB_ACTIONS',
+    'GITLAB_CI',
+    'CIRCLECI',
+    'TRAVIS',
+    'BUILDKITE',
+    'DRONE',
+    'TEAMCITY_VERSION',
+    'TF_BUILD', // Azure Pipelines
+    'JENKINS_URL',
+    'BITBUCKET_BUILD_NUMBER',
+    'APPVEYOR',
+    'CODEBUILD_BUILD_ID',
+];
+/**
+ * Returns true when running under CI or otherwise non-interactively (no TTY on
+ * stdout, e.g. output piped to a file). A truthy value for any known CI env var
+ * counts — providers set `CI=true`, but a bare presence check is the safe net.
+ */
+export function isCI() {
+    for (const name of CI_ENV_VARS) {
+        const value = process.env[name];
+        if (value !== undefined && value !== '' && value !== 'false' && value !== '0') {
+            return true;
+        }
+    }
+    return !process.stdout.isTTY;
+}

package/dist/utils/cli.js

@@ -1,12 +1,3 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.logger = exports.CliError = void 0;
-exports.getCliVersion = getCliVersion;
-exports.getInstallMethod = getInstallMethod;
-exports.getUpgradeCommand = getUpgradeCommand;
-exports.validateEnum = validateEnum;
-exports.coerceArray = coerceArray;
-exports.parseIntFlag = parseIntFlag;
 /**
  * Shared helpers for command files.
  * - Version lookup from package.json
@@ -15,13 +6,14 @@ exports.parseIntFlag = parseIntFlag;
  * - A minimal Logger mirroring the oclif Command log/warn/error shape so call
  *   sites ported from oclif keep working.
  */
-const telemetry_service_1 = require("../services/telemetry.service");
-const styling_1 = require("./styling");
-// Resolve version at runtime — avoids pulling package.json into the tsbuildinfo rootDir.
-function getCliVersion() {
+import { readFileSync } from 'node:fs';
+import { telemetry } from '../services/telemetry.service.js';
+import { symbols } from './styling.js';
+// Resolve version at runtime — read the file rather than importing it, so
+// package.json never gets pulled into the tsc program / dist rootDir.
+export function getCliVersion() {
     try {
-        // eslint-disable-next-line @typescript-eslint/no-var-requires
-        const pkg = require('../../package.json');
+        const pkg = JSON.parse(readFileSync(new URL('../../package.json', import.meta.url), 'utf8'));
         return pkg.version;
     }
     catch {
@@ -30,17 +22,17 @@ function getCliVersion() {
 }
 // The Bun runtime sets process.versions.bun; bun-compiled standalone binaries
 // inherit this. Node-run installs (npm/pnpm/npx/tsx) don't expose it.
-function getInstallMethod() {
+export function getInstallMethod() {
     return typeof process.versions.bun === 'string'
         ? 'binary'
         : 'npm';
 }
-function getUpgradeCommand() {
+export function getUpgradeCommand() {
     return getInstallMethod() === 'binary'
         ? 'dcd upgrade'
         : 'npm install -g @devicecloud.dev/dcd@latest';
 }
-class CliError extends Error {
+export class CliError extends Error {
     exitCode;
     constructor(message, exitCode = 1) {
         super(message);
@@ -48,15 +40,14 @@ class CliError extends Error {
         this.name = 'CliError';
     }
 }
-exports.CliError = CliError;
-exports.logger = {
+export const logger = {
     log(message) {
         // eslint-disable-next-line no-console
         console.log(message);
     },
     warn(message) {
         // eslint-disable-next-line no-console
-        console.warn(styling_1.symbols.warning + ' ' + message);
+        console.warn(symbols.warning + ' ' + message);
     },
     error(message, opts = {}) {
         const text = message instanceof Error ? message.message : message;
@@ -70,14 +61,14 @@ exports.logger = {
             // The literal "Error:" prefix is important for tests and for grep-friendly
             // CI logs — it survives color stripping and matches /error/i assertions.
             // eslint-disable-next-line no-console
-            console.error(styling_1.symbols.error + ' Error: ' + text);
+            console.error(symbols.error + ' Error: ' + text);
         }
         // process.exit bypasses beforeExit, so async fetch in telemetry.flush()
         // would be killed mid-flight. flushSync uses curl to ship synchronously
         // before we exit; it's a no-op if telemetry never reached configure().
         const exitCode = opts.exit ?? 1;
-        telemetry_service_1.telemetry.recordCommandFailure({ error: message, exitCode });
-        telemetry_service_1.telemetry.flushSync();
+        telemetry.recordCommandFailure({ error: message, exitCode });
+        telemetry.flushSync();
         process.exit(exitCode);
     },
     exit(code = 0) {
@@ -88,7 +79,7 @@ exports.logger = {
  * Validate that a string flag value is one of the allowed options.
  * Returns the value untouched on success; throws CliError otherwise.
  */
-function validateEnum(value, allowed, flagName) {
+export function validateEnum(value, allowed, flagName) {
     if (value === undefined || value === null || value === '')
         return undefined;
     if (!allowed.includes(value)) {
@@ -102,7 +93,7 @@ function validateEnum(value, allowed, flagName) {
  * Used for repeatable flags like --include-tags, --env, --metadata where citty
  * surfaces a string (single use) or string[] (repeated).
  */
-function coerceArray(value, split = true) {
+export function coerceArray(value, split = true) {
     if (value === undefined)
         return [];
     const arr = Array.isArray(value) ? value : [value];
@@ -114,7 +105,7 @@ function coerceArray(value, split = true) {
  * Parse an integer flag. Returns undefined if the value is undefined/empty.
  * Throws CliError if the value is not a valid integer.
  */
-function parseIntFlag(value, flagName) {
+export function parseIntFlag(value, flagName) {
     if (value === undefined || value === null || value === '')
         return undefined;
     // All integer flags (limit/offset/retry) are non-negative; also rejects

package/dist/utils/compatibility.d.ts

@@ -1,4 +1,4 @@
-import type { AuthContext } from '../types/domain/auth.types';
+import type { AuthContext } from '../types/domain/auth.types.js';
 export interface CompatibilityData {
     android: Record<string, string[]>;
     androidPlay: Record<string, string[]>;