@dragonmastery/tamer 0.30.0 → 0.31.1

package/dist/CFApiClient-DhbyyV71.mjs

@@ -1,868 +0,0 @@
-//#region src/core/cloudflareEnv.ts
-/**
-* Wrangler-aligned Cloudflare credentials (same names as `wrangler` CLI).
-* @see https://developers.cloudflare.com/workers/wrangler/system-environment-variables/
-*/
-function cloudflareAccountIdFromEnv() {
-	return process.env.CLOUDFLARE_ACCOUNT_ID;
-}
-function cloudflareApiTokenFromEnv() {
-	return process.env.CLOUDFLARE_API_TOKEN ?? "";
-}
-
-//#endregion
-//#region src/core/api/pipelinesV1PathId.ts
-/**
-* Pipelines v1 path segments (streams, sinks, SQL pipelines) expect **stream_id**
-* / **sink_id** as **exactly 32 lower-case hex characters** (no hyphens). The API
-* returns 400 if the URL contains a hyphenated UUID (36 chars) — see
-* `stream_id: String must contain exactly 32 character(s)`.
-*
-* State and list APIs may return ids with or without hyphens; we normalize to 32-hex
-* for GET/DELETE paths.
-*/
-function pipelinesV1IdForPath(id) {
-	const c = id.trim().toLowerCase().replace(/-/g, "");
-	if (!/^[0-9a-f]{32}$/.test(c)) return id.trim();
-	return c;
-}
-
-//#endregion
-//#region src/core/api/CFApiClient.ts
-const CF_API_BASE = "https://api.cloudflare.com/client/v4";
-/**
-* Renders the Cloudflare API `errors` / `messages` array into a single string
-* (message, error code, documentation URL, JSON pointer) for operator-friendly logs.
-*/
-function describeCloudflareErrorItem(e) {
-	if (e == null) return "null";
-	if (typeof e === "string") return e;
-	if (typeof e !== "object") return String(e);
-	const o = e;
-	const parts = [];
-	if (typeof o.message === "string" && o.message) parts.push(o.message);
-	if (typeof o.code === "number") parts.push(`[code: ${o.code}]`);
-	if (typeof o.code === "string" && o.code) parts.push(`[code: ${o.code}]`);
-	if (typeof o.documentation_url === "string" && o.documentation_url) parts.push(o.documentation_url);
-	const src = o.source;
-	if (src && typeof src === "object" && "pointer" in src) {
-		const p = src.pointer;
-		if (typeof p === "string" && p) parts.push(`(field: ${p})`);
-	}
-	if (Array.isArray(o.error_chain) && o.error_chain.length > 0) parts.push(`[chain: ${o.error_chain.map(describeCloudflareErrorItem).join(" → ")}]`);
-	if (parts.length) return parts.join(" ");
-	try {
-		return JSON.stringify(e);
-	} catch {
-		return String(e);
-	}
-}
-function formatCloudflareErrorBody(errors, messages, fallback) {
-	const errList = formatCloudflareList(errors) || fallback;
-	const msgList = formatCloudflareList(messages);
-	if (msgList) return `${errList} — messages: ${msgList}`;
-	return errList;
-}
-function formatCloudflareList(v) {
-	if (!Array.isArray(v) || v.length === 0) return "";
-	return v.map(describeCloudflareErrorItem).join(" | ");
-}
-var CFApiClient = class {
-	accountId;
-	apiToken;
-	constructor(accountId, apiToken) {
-		this.accountId = accountId;
-		this.apiToken = apiToken ?? cloudflareApiTokenFromEnv();
-		if (!this.apiToken) throw new Error("CLOUDFLARE_API_TOKEN is required");
-	}
-	getAccountId() {
-		return this.accountId;
-	}
-	/** Lightweight account read — validates token + account scope. */
-	async accountRead() {
-		return (await this.request(`/accounts/${this.accountId}`)).result;
-	}
-	/**
-	* Get a single Worker script by name (account-scoped, **not** dispatch).
-	* Returns `undefined` when Cloudflare responds 404 so callers can treat it
-	* as "not deployed" without try/catch on the message.
-	*
-	* @see https://developers.cloudflare.com/api/resources/workers/subresources/scripts/methods/get/
-	*/
-	async workersScriptGet(scriptName) {
-		const url = `${CF_API_BASE}/accounts/${this.accountId}/workers/scripts/${encodeURIComponent(scriptName)}`;
-		const res = await fetch(url, { headers: {
-			Authorization: `Bearer ${this.apiToken}`,
-			"Content-Type": "application/json"
-		} });
-		if (res.status === 404) return void 0;
-		const data = await res.json();
-		if (!res.ok) {
-			const msg = data?.errors?.map((e) => e.message).join("; ") ?? res.statusText;
-			throw new Error(`CF API error (workers script get): ${msg}`);
-		}
-		return data.result;
-	}
-	async request(path, options = {}) {
-		const method = (options.method ?? "GET").toUpperCase();
-		const url = `${CF_API_BASE}${path}`;
-		const res = await fetch(url, {
-			...options,
-			headers: {
-				Authorization: `Bearer ${this.apiToken}`,
-				"Content-Type": "application/json",
-				...options.headers
-			}
-		});
-		let parsed;
-		try {
-			parsed = await res.json();
-		} catch {
-			throw new Error(`CF API error: ${method} \`${path}\` → HTTP ${res.status} (response was not valid JSON)`);
-		}
-		/** Some endpoints (e.g. R2 catalog disable) respond `200` with literal JSON `null`. */
-		const data = parsed !== null && typeof parsed === "object" ? parsed : {};
-		const httpError = !res.ok;
-		const bodySuccessFalse = data.success === false;
-		if (httpError || bodySuccessFalse) {
-			const detail = formatCloudflareErrorBody(data.errors, data.messages, res.statusText || "no error array in body");
-			throw new Error(`CF API error: ${method} \`${path}\` → HTTP ${res.status}. ${detail}`);
-		}
-		return data;
-	}
-	async d1ListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const data = await this.request(`/accounts/${this.accountId}/d1/database?per_page=${perPage}&page=${page}`);
-			all.push(...data.result);
-			const info = data.result_info;
-			if (!info || info.count < perPage) break;
-			page++;
-		}
-		return all;
-	}
-	async r2ListAll() {
-		const all = [];
-		const perPage = 100;
-		let cursor;
-		while (true) {
-			const qs = new URLSearchParams({ per_page: String(perPage) });
-			if (cursor) qs.set("cursor", cursor);
-			const data = await this.request(`/accounts/${this.accountId}/r2/buckets?${qs.toString()}`);
-			const buckets = data.result?.buckets ?? [];
-			all.push(...buckets.map((b) => ({
-				name: b.name ?? "",
-				creation_date: b.creation_date ?? ""
-			})));
-			const next = data.result_info?.cursor;
-			if (!next) break;
-			cursor = next;
-		}
-		return all;
-	}
-	async kvListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const data = await this.request(`/accounts/${this.accountId}/storage/kv/namespaces?per_page=${perPage}&page=${page}`);
-			all.push(...data.result);
-			const info = data.result_info;
-			if (!info || info.count < perPage) break;
-			page++;
-		}
-		return all;
-	}
-	async d1Create(name) {
-		return (await this.request(`/accounts/${this.accountId}/d1/database`, {
-			method: "POST",
-			body: JSON.stringify({ name })
-		})).result;
-	}
-	async r2Create(name, location = "auto") {
-		await this.request(`/accounts/${this.accountId}/r2/buckets`, {
-			method: "POST",
-			body: JSON.stringify({
-				name,
-				location
-			})
-		});
-	}
-	async kvCreate(title) {
-		return (await this.request(`/accounts/${this.accountId}/storage/kv/namespaces`, {
-			method: "POST",
-			body: JSON.stringify({ title })
-		})).result;
-	}
-	async d1Delete(databaseId) {
-		await this.request(`/accounts/${this.accountId}/d1/database/${databaseId}`, { method: "DELETE" });
-	}
-	/**
-	* Run SQL against a D1 database (HTTP API).
-	* @see https://developers.cloudflare.com/d1/build-with-d1/rest-api/
-	*/
-	async d1Query(databaseId, sql, params = []) {
-		return { rows: (await this.request(`/accounts/${this.accountId}/d1/database/${databaseId}/query`, {
-			method: "POST",
-			body: JSON.stringify({
-				sql,
-				params
-			})
-		})).result?.[0]?.results ?? [] };
-	}
-	async r2Delete(bucketName) {
-		await this.request(`/accounts/${this.accountId}/r2/buckets/${bucketName}`, { method: "DELETE" });
-	}
-	/**
-	* Download an object from R2 (HTTP API).
-	* @see https://developers.cloudflare.com/api/resources/r2/subresources/buckets/subresources/objects/methods/get/
-	*/
-	async r2GetObject(bucketName, objectKey) {
-		const pathEncoded = objectKey.split("/").map((seg) => encodeURIComponent(seg)).join("/");
-		const url = `${CF_API_BASE}/accounts/${this.accountId}/r2/buckets/${encodeURIComponent(bucketName)}/objects/${pathEncoded}`;
-		const res = await fetch(url, { headers: { Authorization: `Bearer ${this.apiToken}` } });
-		if (!res.ok) {
-			let errMsg = res.statusText;
-			try {
-				errMsg = (await res.json())?.errors?.map((e) => e.message).join("; ") ?? errMsg;
-			} catch {}
-			throw new Error(`CF API error (R2 get): ${errMsg}`);
-		}
-		return res.arrayBuffer();
-	}
-	async kvDelete(namespaceId) {
-		await this.request(`/accounts/${this.accountId}/storage/kv/namespaces/${namespaceId}`, { method: "DELETE" });
-	}
-	/**
-	* List every Cloudflare Queue in the account.
-	* @see https://developers.cloudflare.com/api/resources/queues/methods/list/
-	*/
-	async queuesListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const batch = (await this.request(`/accounts/${this.accountId}/queues?per_page=${perPage}&page=${page}`)).result ?? [];
-			all.push(...batch);
-			if (batch.length < perPage) break;
-			page++;
-		}
-		return all;
-	}
-	/**
-	* Create a new Cloudflare Queue.
-	* @see https://developers.cloudflare.com/api/resources/queues/methods/create/
-	*/
-	async queueCreate(queueName) {
-		return (await this.request(`/accounts/${this.accountId}/queues`, {
-			method: "POST",
-			body: JSON.stringify({ queue_name: queueName })
-		})).result;
-	}
-	/**
-	* Delete a Cloudflare Queue by id.
-	* @see https://developers.cloudflare.com/api/resources/queues/methods/delete/
-	*/
-	async queueDelete(queueId) {
-		await this.request(`/accounts/${this.accountId}/queues/${encodeURIComponent(queueId)}`, { method: "DELETE" });
-	}
-	/**
-	* List every Hyperdrive config in the account.
-	* @see https://developers.cloudflare.com/api/resources/hyperdrive/subresources/configs/methods/list/
-	*/
-	async hyperdriveListAll() {
-		return (await this.request(`/accounts/${this.accountId}/hyperdrive/configs`)).result ?? [];
-	}
-	/**
-	* Create a Hyperdrive config.
-	* @see https://developers.cloudflare.com/api/resources/hyperdrive/subresources/configs/methods/create/
-	*/
-	async hyperdriveCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/hyperdrive/configs`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Patch an existing Hyperdrive configuration in place. Cloudflare accepts
-	* partial updates here (true `PATCH`), so callers may send only the
-	* fields that drifted. Origin patches must include the full origin
-	* payload (the password is write-only and never returned, so Tamer
-	* reads it back from the resource config every apply).
-	* @see https://developers.cloudflare.com/api/resources/hyperdrive/subresources/configs/methods/edit/
-	*/
-	async hyperdrivePatch(configId, body) {
-		await this.request(`/accounts/${this.accountId}/hyperdrive/configs/${encodeURIComponent(configId)}`, {
-			method: "PATCH",
-			body: JSON.stringify(body)
-		});
-	}
-	/**
-	* Delete a Hyperdrive config by id.
-	* @see https://developers.cloudflare.com/api/resources/hyperdrive/subresources/configs/methods/delete/
-	*/
-	async hyperdriveDelete(configId) {
-		await this.request(`/accounts/${this.accountId}/hyperdrive/configs/${encodeURIComponent(configId)}`, { method: "DELETE" });
-	}
-	/**
-	* List every Vectorize index in the account (v2 storage subsystem).
-	* @see https://developers.cloudflare.com/api/resources/vectorize/subresources/indexes/methods/list/
-	*/
-	async vectorizeListAll() {
-		return (await this.request(`/accounts/${this.accountId}/vectorize/v2/indexes`)).result ?? [];
-	}
-	/**
-	* Create a Vectorize v2 index. `dimensions` and `metric` are immutable.
-	* @see https://developers.cloudflare.com/api/resources/vectorize/subresources/indexes/methods/create/
-	*/
-	async vectorizeCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/vectorize/v2/indexes`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Delete a Vectorize index by name.
-	* @see https://developers.cloudflare.com/api/resources/vectorize/subresources/indexes/methods/delete/
-	*/
-	async vectorizeDelete(indexName) {
-		await this.request(`/accounts/${this.accountId}/vectorize/v2/indexes/${encodeURIComponent(indexName)}`, { method: "DELETE" });
-	}
-	/**
-	* List every AI Gateway in the account.
-	* @see https://developers.cloudflare.com/api/resources/ai_gateway/methods/list/
-	*/
-	async aiGatewayListAll() {
-		return (await this.request(`/accounts/${this.accountId}/ai-gateway/gateways?per_page=100`)).result ?? [];
-	}
-	/**
-	* Create an AI Gateway. The gateway `id` is user-supplied and acts as both
-	* primary key and routing slug under `https://gateway.ai.cloudflare.com/`.
-	* @see https://developers.cloudflare.com/api/resources/ai_gateway/methods/create/
-	*/
-	async aiGatewayCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/ai-gateway/gateways`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Update an existing AI Gateway in place. The Cloudflare API uses `PUT`
-	* (not PATCH) and is full-replace on the listed fields, so callers must
-	* supply the complete desired state — Tamer's `apply` reads the recorded
-	* state row and merges declared overrides before calling this.
-	* @see https://developers.cloudflare.com/api/resources/ai_gateway/methods/update/
-	*/
-	async aiGatewayUpdate(gatewayId, body) {
-		await this.request(`/accounts/${this.accountId}/ai-gateway/gateways/${encodeURIComponent(gatewayId)}`, {
-			method: "PUT",
-			body: JSON.stringify(body)
-		});
-	}
-	/**
-	* Delete an AI Gateway by id.
-	* @see https://developers.cloudflare.com/api/resources/ai_gateway/methods/delete/
-	*/
-	async aiGatewayDelete(gatewayId) {
-		await this.request(`/accounts/${this.accountId}/ai-gateway/gateways/${encodeURIComponent(gatewayId)}`, { method: "DELETE" });
-	}
-	/**
-	* List every Pipeline in the account (paginated, 100/page). Uses the V1
-	* SQL pipelines endpoint; the deprecated `/accounts/{id}/pipelines`
-	* (HTTP/binding sources) is not used.
-	* @see https://developers.cloudflare.com/api/resources/pipelines/methods/list_v1/
-	*/
-	async pipelineListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const batch = (await this.request(`/accounts/${this.accountId}/pipelines/v1/pipelines?per_page=${perPage}&page=${page}`)).result ?? [];
-			all.push(...batch);
-			if (batch.length < perPage) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* Create a Pipeline. Server assigns the `id`; `name` is user-supplied
-	* and uniquely identifies the pipeline within the account.
-	* @see https://developers.cloudflare.com/api/resources/pipelines/methods/create_v1/
-	*/
-	async pipelineCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/pipelines/v1/pipelines`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Delete a Pipeline by server-assigned id.
-	* @see https://developers.cloudflare.com/api/resources/pipelines/methods/delete_v1/
-	*/
-	async pipelineDelete(pipelineId) {
-		const pathId = pipelinesV1IdForPath(pipelineId);
-		await this.request(`/accounts/${this.accountId}/pipelines/v1/pipelines/${encodeURIComponent(pathId)}`, { method: "DELETE" });
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/streams/methods/list/
-	*/
-	async pipelinesV1StreamListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const batch = (await this.request(`/accounts/${this.accountId}/pipelines/v1/streams?per_page=${perPage}&page=${page}`)).result ?? [];
-			all.push(...batch);
-			if (batch.length < perPage) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/streams/methods/create/
-	*/
-	async pipelinesV1StreamCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/pipelines/v1/streams`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Path id: 32 lower-case hex chars (no hyphens). The dashboard issues a
-	* plain `DELETE` with no query string; pass `{ force: true }` only if the API
-	* docs require it for your case.
-	*
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/streams/methods/delete/
-	*/
-	async pipelinesV1StreamDelete(streamId, query) {
-		const pathId = pipelinesV1IdForPath(streamId);
-		const qs = new URLSearchParams();
-		if (query?.force) qs.set("force", "true");
-		const tail = qs.toString() ? `?${qs.toString()}` : "";
-		await this.request(`/accounts/${this.accountId}/pipelines/v1/streams/${encodeURIComponent(pathId)}${tail}`, { method: "DELETE" });
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/sinks/methods/list/
-	*/
-	async pipelinesV1SinkListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 100;
-		while (true) {
-			const batch = (await this.request(`/accounts/${this.accountId}/pipelines/v1/sinks?per_page=${perPage}&page=${page}`)).result ?? [];
-			all.push(...batch);
-			if (batch.length < perPage) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* R2 Data Catalog sink `config` includes `table_name` and `namespace` as
-	* Cloudflare has registered them (may differ from the name sent at create).
-	*
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/sinks/methods/get/
-	*/
-	async pipelinesV1SinkGet(sinkId) {
-		const pathId = pipelinesV1IdForPath(sinkId);
-		return (await this.request(`/accounts/${this.accountId}/pipelines/v1/sinks/${encodeURIComponent(pathId)}`)).result;
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/sinks/methods/create/
-	*/
-	async pipelinesV1SinkCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/pipelines/v1/sinks`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Path id: 32 lower-case hex chars (no hyphens). Optional `{ force: true }`
-	* matches `?force=true` when the product requires it (e.g. some sink types).
-	*
-	* @see https://developers.cloudflare.com/api/resources/pipelines/subresources/sinks/methods/delete/
-	*/
-	async pipelinesV1SinkDelete(sinkId, query) {
-		const pathId = pipelinesV1IdForPath(sinkId);
-		const qs = new URLSearchParams();
-		if (query?.force) qs.set("force", "true");
-		const tail = qs.toString() ? `?${qs.toString()}` : "";
-		await this.request(`/accounts/${this.accountId}/pipelines/v1/sinks/${encodeURIComponent(pathId)}${tail}`, { method: "DELETE" });
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/r2_data_catalog/methods/list/
-	*/
-	async r2DataCatalogList() {
-		return { warehouses: (await this.request(`/accounts/${this.accountId}/r2-catalog`)).result?.warehouses ?? [] };
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/r2_data_catalog/methods/enable/
-	*/
-	async r2DataCatalogEnable(bucketName) {
-		await this.request(`/accounts/${this.accountId}/r2-catalog/${encodeURIComponent(bucketName)}/enable`, { method: "POST" });
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/r2_data_catalog/methods/update/
-	* (Store catalog credentials)
-	*/
-	async r2DataCatalogStoreCredential(bucketName, token) {
-		await this.request(`/accounts/${this.accountId}/r2-catalog/${encodeURIComponent(bucketName)}/credential`, {
-			method: "POST",
-			body: JSON.stringify({ token })
-		});
-	}
-	/**
-	* Deactivates the R2 Data Catalog for a bucket (metadata files remain in R2
-	* until the bucket is emptied or objects are removed). Next `apply` will
-	* re-enable the catalog as part of `pipelinesAuto` when needed.
-	*
-	* @see https://developers.cloudflare.com/api/resources/r2_data_catalog/methods/disable/
-	*/
-	async r2DataCatalogDisable(bucketName) {
-		await this.request(`/accounts/${this.accountId}/r2-catalog/${encodeURIComponent(bucketName)}/disable`, { method: "POST" });
-	}
-	/**
-	* List every Workflow registered on the account (paginated, 100/page).
-	* Cloudflare returns the configured class + script binding plus
-	* aggregate instance counts; we only consume the registration metadata.
-	* @see https://developers.cloudflare.com/api/resources/workflows/methods/list/
-	*/
-	async workflowListAll() {
-		const all = [];
-		let page = 1;
-		while (true) {
-			const data = await this.request(`/accounts/${this.accountId}/workflows?page=${page}&per_page=100`);
-			const batch = data.result ?? [];
-			all.push(...batch);
-			const totalPages = data.result_info?.total_pages ?? 1;
-			if (page >= totalPages || batch.length === 0) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* Create or update a Workflow registration. Cloudflare's `PUT` is upsert:
-	* if `workflow_name` exists it patches `class_name` / `script_name` /
-	* `limits`, otherwise it creates a new one. The bound class must already
-	* be deployed in `script_name`'s code (PUT against an unknown class
-	* succeeds at registration time but fails at first instance create).
-	* @see https://developers.cloudflare.com/api/resources/workflows/methods/update/
-	*/
-	async workflowUpsert(name, body) {
-		return (await this.request(`/accounts/${this.accountId}/workflows/${encodeURIComponent(name)}`, {
-			method: "PUT",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Delete a Workflow registration by name. Per Cloudflare's docs this only
-	* removes the workflow itself — the worker that hosts the class is
-	* untouched and existing in-flight instances continue to run.
-	* @see https://developers.cloudflare.com/api/resources/workflows/methods/delete/
-	*/
-	async workflowDelete(name) {
-		await this.request(`/accounts/${this.accountId}/workflows/${encodeURIComponent(name)}`, { method: "DELETE" });
-	}
-	/**
-	* List every Secrets Store store on the account (paginated, 100/page).
-	* Stores are account-scoped containers; their internal secret entries
-	* are listed via {@link secretsStoreSecretListAll}.
-	* @see https://developers.cloudflare.com/api/resources/secrets_store/subresources/stores/methods/list/
-	*/
-	async secretsStoreListAll() {
-		const all = [];
-		let page = 1;
-		while (true) {
-			const data = await this.request(`/accounts/${this.accountId}/secrets_store/stores?page=${page}&per_page=100`);
-			const batch = data.result ?? [];
-			all.push(...batch);
-			const totalPages = data.result_info?.total_pages ?? 1;
-			if (page >= totalPages || batch.length === 0) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* Create a new Secrets Store. Per the API a store name uniquely identifies
-	* the container within an account but is **not** itself a primary key —
-	* the assigned `id` is. Tamer enforces uniqueness via the derived
-	* `sec-{logical}-t-{tenantId}-{env}` name and short-circuits to the
-	* existing id when it finds a match in `secretsStoreListAll`.
-	* @see https://developers.cloudflare.com/api/resources/secrets_store/subresources/stores/methods/create/
-	*/
-	async secretsStoreCreate(name) {
-		return (await this.request(`/accounts/${this.accountId}/secrets_store/stores`, {
-			method: "POST",
-			body: JSON.stringify({ name })
-		})).result;
-	}
-	/**
-	* Delete a Secrets Store by id. Cloudflare cascades the deletion to all
-	* secrets inside the store, so callers should ensure no live worker is
-	* still binding into this store before invoking.
-	* @see https://developers.cloudflare.com/api/resources/secrets_store/subresources/stores/methods/delete/
-	*/
-	async secretsStoreDelete(storeId) {
-		await this.request(`/accounts/${this.accountId}/secrets_store/stores/${encodeURIComponent(storeId)}`, { method: "DELETE" });
-	}
-	async dispatchNamespaceListAll() {
-		return (await this.request(`/accounts/${this.accountId}/workers/dispatch/namespaces`)).result ?? [];
-	}
-	async dispatchNamespaceCreate(namespaceName) {
-		await this.request(`/accounts/${this.accountId}/workers/dispatch/namespaces`, {
-			method: "POST",
-			body: JSON.stringify({ name: namespaceName })
-		});
-	}
-	async dispatchNamespaceDelete(namespaceName) {
-		await this.request(`/accounts/${this.accountId}/workers/dispatch/namespaces/${encodeURIComponent(namespaceName)}`, { method: "DELETE" });
-	}
-	/**
-	* Upload a user Worker module to a Workers for Platforms dispatch namespace (multipart).
-	* @see https://developers.cloudflare.com/api/operations/namespace-worker-script-upload-worker-module
-	*/
-	async dispatchNamespaceScriptPut(dispatchNamespace, scriptName, formData) {
-		const url = `${CF_API_BASE}/accounts/${this.accountId}/workers/dispatch/namespaces/${encodeURIComponent(dispatchNamespace)}/scripts/${encodeURIComponent(scriptName)}`;
-		const res = await fetch(url, {
-			method: "PUT",
-			headers: { Authorization: `Bearer ${this.apiToken}` },
-			body: formData
-		});
-		const data = await res.json();
-		if (!res.ok) {
-			const errMsg = data?.errors?.map((e) => e.message).join("; ") ?? res.statusText;
-			throw new Error(`CF API error: ${errMsg}`);
-		}
-	}
-	/**
-	* List every script inside a dispatch namespace.
-	* @see https://developers.cloudflare.com/api/resources/workers_for_platforms/subresources/dispatch/subresources/namespaces/subresources/scripts/methods/list/
-	*/
-	async dispatchNamespaceScriptList(dispatchNamespace) {
-		return (await this.request(`/accounts/${this.accountId}/workers/dispatch/namespaces/${encodeURIComponent(dispatchNamespace)}/scripts`)).result ?? [];
-	}
-	/**
-	* Remove a script from a Workers for Platforms dispatch namespace.
-	* @see https://developers.cloudflare.com/api/resources/workers_for_platforms/subresources/dispatch/subresources/namespaces/subresources/scripts/methods/delete/
-	*/
-	async dispatchNamespaceScriptDelete(dispatchNamespace, scriptName, options) {
-		const q = options?.force ? "?force=true" : "";
-		const url = `${CF_API_BASE}/accounts/${this.accountId}/workers/dispatch/namespaces/${encodeURIComponent(dispatchNamespace)}/scripts/${encodeURIComponent(scriptName)}${q}`;
-		const res = await fetch(url, {
-			method: "DELETE",
-			headers: { Authorization: `Bearer ${this.apiToken}` }
-		});
-		if (!res.ok) {
-			let errMsg = res.statusText;
-			try {
-				errMsg = (await res.json())?.errors?.map((e) => e.message).join("; ") ?? errMsg;
-			} catch {}
-			throw new Error(`CF API error: ${errMsg}`);
-		}
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/workers/subresources/routes/methods/list/
-	*/
-	async zoneWorkerRoutesList(zoneId) {
-		return (await this.request(`/zones/${zoneId}/workers/routes`)).result ?? [];
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/workers/subresources/routes/methods/create/
-	*/
-	async zoneWorkerRouteCreate(zoneId, body) {
-		return (await this.request(`/zones/${zoneId}/workers/routes`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/workers/subresources/routes/methods/delete/
-	*/
-	async zoneWorkerRouteDelete(zoneId, routeId) {
-		await this.request(`/zones/${zoneId}/workers/routes/${encodeURIComponent(routeId)}`, { method: "DELETE" });
-	}
-	/**
-	* List every DNS record on a zone (paginated, 100/page). Returns the
-	* subset of fields Tamer cares about — the full Cloudflare object also
-	* carries `meta`, `proxiable`, `created_on`, `modified_on`, etc., none of
-	* which we persist in state.
-	*
-	* @see https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/list/
-	*/
-	async zoneDnsRecordListAll(zoneId) {
-		const all = [];
-		let page = 1;
-		while (true) {
-			const data = await this.request(`/zones/${zoneId}/dns_records?page=${page}&per_page=100`);
-			const batch = data.result ?? [];
-			all.push(...batch);
-			const totalPages = data.result_info?.total_pages ?? 1;
-			if (page >= totalPages || batch.length === 0) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* Create a DNS record on a zone. The Cloudflare API rejects duplicate
-	* `(type, name, content)` triples for record types where that combination
-	* is meaningful (CNAME, A, AAAA), so callers should pre-check via
-	* {@link zoneDnsRecordListAll}.
-	*
-	* @see https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/create/
-	*/
-	async zoneDnsRecordCreate(zoneId, body) {
-		return (await this.request(`/zones/${zoneId}/dns_records`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Patch a DNS record in place. Cloudflare's PATCH endpoint accepts any
-	* subset of mutable fields (`content`, `ttl`, `proxied`, `priority`,
-	* `comment`) but rejects `type` changes — Tamer falls back to
-	* delete-and-recreate when the type drifts.
-	*
-	* @see https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/edit/
-	*/
-	async zoneDnsRecordPatch(zoneId, recordId, body) {
-		await this.request(`/zones/${zoneId}/dns_records/${encodeURIComponent(recordId)}`, {
-			method: "PATCH",
-			body: JSON.stringify(body)
-		});
-	}
-	/**
-	* @see https://developers.cloudflare.com/api/resources/dns/subresources/records/methods/delete/
-	*/
-	async zoneDnsRecordDelete(zoneId, recordId) {
-		await this.request(`/zones/${zoneId}/dns_records/${encodeURIComponent(recordId)}`, { method: "DELETE" });
-	}
-	/**
-	* Look up zones by exact name.
-	*
-	* Account-scoped tokens with `Zone Read` see every zone under the account.
-	* Returns an array because Cloudflare allows the same name across accounts;
-	* the caller normally takes `[0]`.
-	*
-	* @see https://developers.cloudflare.com/api/operations/zones-get
-	*/
-	async zonesListByName(name) {
-		const qs = new URLSearchParams({
-			name,
-			"account.id": this.accountId,
-			per_page: "50"
-		});
-		return (await this.request(`/zones?${qs.toString()}`)).result ?? [];
-	}
-	/**
-	* List account-scoped Logpush jobs (includes `workers_trace_events`).
-	* @see https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/methods/list/
-	*/
-	async logpushAccountJobsList() {
-		return (await this.request(`/accounts/${this.accountId}/logpush/jobs`)).result ?? [];
-	}
-	/**
-	* Fetch one account-scoped Logpush job (includes `destination_conf`).
-	* @see https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/methods/get/
-	*/
-	async logpushAccountJobGet(jobId) {
-		const data = await this.request(`/accounts/${this.accountId}/logpush/jobs/${jobId}`);
-		if (!data.result?.id) throw new Error(`Logpush job GET ${jobId}: missing result (job may not exist on this account)`);
-		return data.result;
-	}
-	/**
-	* Create an account Logpush job. Caller supplies `destination_conf` and dataset.
-	* @see https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/methods/create/
-	*/
-	async logpushAccountJobCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/logpush/jobs`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Update mutable Logpush job fields in place.
-	* @see https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/methods/update/
-	*/
-	async logpushAccountJobUpdate(jobId, body) {
-		await this.request(`/accounts/${this.accountId}/logpush/jobs/${jobId}`, {
-			method: "PUT",
-			body: JSON.stringify(body)
-		});
-	}
-	/**
-	* Delete a Logpush job by numeric id.
-	* @see https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/methods/delete/
-	*/
-	async logpushAccountJobDelete(jobId) {
-		await this.request(`/accounts/${this.accountId}/logpush/jobs/${jobId}`, { method: "DELETE" });
-	}
-	/**
-	* List all permission groups for account-owned API tokens (paginated).
-	* @see https://developers.cloudflare.com/api/resources/accounts/subresources/tokens/subresources/permission_groups/methods/list/
-	*/
-	async accountTokenPermissionGroupsListAll() {
-		const all = [];
-		const seen = /* @__PURE__ */ new Set();
-		let page = 1;
-		const perPage = 100;
-		/** Failsafe: pagination must always terminate even if the API omits `total_count` or repeats pages. */
-		const maxPage = 500;
-		while (true) {
-			if (page > maxPage) throw new Error(`Account token permission groups: exceeded ${maxPage} pages (partial count ${all.length}) — refusing to paginate further (check Cloudflare API or file a bug)`);
-			const data = await this.request(`/accounts/${this.accountId}/tokens/permission_groups?per_page=${perPage}&page=${page}`);
-			const batch = data.result ?? [];
-			if (batch.length === 0) break;
-			const newRows = batch.filter((g) => g.id && !seen.has(g.id));
-			for (const g of newRows) seen.add(g.id);
-			if (newRows.length === 0) break;
-			all.push(...newRows);
-			if (batch.length < perPage) break;
-			const total = data.result_info?.total_count;
-			if (typeof total === "number" && all.length >= total) break;
-			page++;
-		}
-		return all;
-	}
-	/**
-	* List all account-owned API tokens (paginated).
-	* @see https://developers.cloudflare.com/api/resources/accounts/subresources/tokens/methods/list/
-	*/
-	async accountTokenListAll() {
-		const all = [];
-		let page = 1;
-		const perPage = 50;
-		const maxPage = 500;
-		while (page <= maxPage) {
-			const data = await this.request(`/accounts/${this.accountId}/tokens?per_page=${perPage}&page=${page}`);
-			const batch = data.result ?? [];
-			all.push(...batch);
-			const total = data.result_info?.total_count;
-			if (typeof total === "number" && all.length >= total) break;
-			if (batch.length < perPage) break;
-			page += 1;
-		}
-		return all;
-	}
-	/**
-	* Create an account-owned API token. `result.value` is only returned on create.
-	* @see https://developers.cloudflare.com/api/resources/accounts/subresources/tokens/methods/create/
-	*/
-	async accountTokenCreate(body) {
-		return (await this.request(`/accounts/${this.accountId}/tokens`, {
-			method: "POST",
-			body: JSON.stringify(body)
-		})).result;
-	}
-	/**
-	* Delete (revoke) an account-owned API token.
-	* @see https://developers.cloudflare.com/api/resources/accounts/subresources/tokens/methods/delete/
-	*/
-	async accountTokenDelete(tokenId) {
-		await this.request(`/accounts/${this.accountId}/tokens/${encodeURIComponent(tokenId)}`, { method: "DELETE" });
-	}
-};
-
-//#endregion
-export { cloudflareAccountIdFromEnv as n, cloudflareApiTokenFromEnv as r, CFApiClient as t };
-//# sourceMappingURL=CFApiClient-DhbyyV71.mjs.map