@drawcall/market 0.1.4 → 0.1.6

package/src/install.ts

@@ -6,15 +6,23 @@
  * 3. Runs the package manager to install npm deps.
  *
  * NOTE: This module uses Node.js APIs (fs, path, nypm) and is only
- * used by the CLI binary — it is NOT exported from the package index.
+ * used by the CLI binary; it is NOT exported from the package index.
  */
 
 import * as fs from 'fs/promises'
 import * as path from 'path'
+import { unzipSync } from 'fflate'
 import { detectPackageManager, installDependencies } from 'nypm'
 import type { MarketClient } from './client.js'
 import type { ResolveResult } from './resolve.js'
 
+interface PackageJson {
+  name?: string
+  private?: boolean
+  dependencies?: Record<string, string>
+  [key: string]: unknown
+}
+
 export interface InstallOptions {
   /** Project root directory (default: cwd) */
   cwd?: string
@@ -49,25 +57,27 @@ async function downloadAssets(
 
     log(`Downloading ${asset.name}@${asset.version}...`)
 
-    const tree = await client.asset.getVersionTree({ name: asset.name, version: asset.version })
+    const zip = await client.asset.downloadZip({ name: asset.name, version: asset.version })
+    const files = unzipSync(new Uint8Array(await zip.arrayBuffer()))
 
-    for (const file of tree) {
-      const filePath = path.join(destDir, file.path)
+    for (const [relativePath, content] of Object.entries(files) as [string, Uint8Array][]) {
+      const filePath = path.join(destDir, relativePath)
+      if (!isInside(destDir, filePath)) {
+        throw new Error(`Zip contains an unsafe path: ${relativePath}`)
+      }
       await fs.mkdir(path.dirname(filePath), { recursive: true })
-
-      const blob = await client.asset.getRawFile({
-        name: asset.name,
-        version: asset.version,
-        path: file.path,
-      })
-      const content = Buffer.from(await blob.arrayBuffer())
       await fs.writeFile(filePath, content)
     }
 
-    log(`  ${tree.length} files → src/${asset.name}/`)
+    log(`Downloaded ${Object.keys(files).length} files to src/${asset.name}/`)
   }
 }
 
+function isInside(root: string, target: string): boolean {
+  const relative = path.relative(root, target)
+  return relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative))
+}
+
 async function installNpmDeps(
   resolution: ResolveResult,
   cwd: string,
@@ -78,9 +88,9 @@ async function installNpmDeps(
 
   // Read existing package.json
   const pkgPath = path.join(cwd, 'package.json')
-  let pkg: any
+  let pkg: PackageJson
   try {
-    pkg = JSON.parse(await fs.readFile(pkgPath, 'utf-8'))
+    pkg = JSON.parse(await fs.readFile(pkgPath, 'utf-8')) as PackageJson
   } catch {
     pkg = { name: 'my-project', private: true, dependencies: {} }
   }

package/src/output.ts

@@ -0,0 +1,76 @@
+import type { AssetSearchResult } from './contract.js'
+
+export function assetVersionRef(name: string, version?: string): string {
+  return version ? `${name}@${version}` : name
+}
+
+export function assetApproval(approved: boolean): 'approved' | 'unapproved' {
+  return approved ? 'approved' : 'unapproved'
+}
+
+export function searchSummary(input: {
+  query: string
+  type: string
+  includeUnapproved: boolean
+  count: number
+  total: number
+}): string {
+  const approval = input.includeUnapproved ? 'approved+unapproved' : 'approved'
+  const scope = `query="${input.query}" type=${input.type} approval=${approval}`
+  if (input.count === 0) {
+    return `No results: ${scope}`
+  }
+  return `Results: ${input.count}/${input.total} ${scope}`
+}
+
+export function assetSearchResultLine(
+  item: AssetSearchResult,
+  opts: { verbose?: boolean } = {},
+): string {
+  const description = item.description
+    ? ` | ${compact(item.description, opts.verbose ? 160 : 80)}`
+    : ''
+  return `- ${assetVersionRef(item.name, item.latestVersion)} | ${item.type} | ${assetApproval(
+    item.approved,
+  )}${description}`
+}
+
+export function installResult(assetVersions: Array<{ name: string; version: string }>): string {
+  const label = assetVersions.length === 1 ? 'asset' : 'assets'
+  return `Installed ${assetVersions.length} ${label}: ${assetVersions
+    .map((asset) => assetVersionRef(asset.name, asset.version))
+    .join(', ')}`
+}
+
+export function generatedInstallResult(name: string, version: string): string {
+  return `Generated and installed ${assetVersionRef(name, version)}`
+}
+
+export function uploadResult(name: string, version: string): string {
+  return `Uploaded ${assetVersionRef(name, version)}`
+}
+
+export function unchangedUploadResult(name: string, version: string): string {
+  return `No upload needed: ${assetVersionRef(name, version)} is unchanged`
+}
+
+export function previewResult(name: string, version: string, out: string): string {
+  return `Saved preview for ${assetVersionRef(name, version)}: ${out}`
+}
+
+export function loginResult(email: string, configPath: string): string {
+  return `Logged in as ${email} (config: ${configPath})`
+}
+
+export function logoutResult(configPath?: string): string {
+  return configPath ? `Logged out (removed ${configPath})` : 'Already logged out'
+}
+
+export function errorResult(message: string): string {
+  return `Error: ${message}`
+}
+
+export function compact(value: string, max = 96): string {
+  const normalized = value.replace(/\s+/g, ' ').trim()
+  return normalized.length > max ? normalized.slice(0, max - 3) + '...' : normalized
+}

package/src/resolve.ts

@@ -10,7 +10,7 @@
 
 import * as semver from 'semver'
 import type { MarketClient } from './client.js'
-import type { AssetWithVersionsAndTags } from './contract.js'
+import type { AssetSearchResult } from './contract.js'
 
 export interface ResolvedAsset {
   name: string
@@ -41,71 +41,51 @@ export async function resolve(
   requests: AssetRequest[],
   opts: { includeUnapproved?: boolean } = {},
 ): Promise<ResolveResult> {
-  // constraints[assetName] = list of { range, from } constraints
-  const constraints: Map<string, { range: string; from: string }[]> = new Map()
-  // resolved[assetName] = ResolvedAsset
-  const resolved: Map<string, ResolvedAsset> = new Map()
-  // cache of fetched metadata
-  const metaCache: Map<string, AssetWithVersionsAndTags> = new Map()
-
-  // Seed constraints from the requested assets
-  for (const req of requests) {
-    addConstraint(constraints, req.name, req.range, '<root>')
+  const constraints = new Map<string, { range: string; from: string }[]>()
+  const resolved = new Map<string, ResolvedAsset>()
+  const metaCache = new Map<string, AssetSearchResult>()
+
+  for (const request of requests) {
+    addConstraint(constraints, request.name, request.range, '<root>')
   }
 
-  // Iteratively resolve until stable
   let unresolved = getUnresolved(constraints, resolved)
   while (unresolved.length > 0) {
     for (const assetName of unresolved) {
-      const meta = await fetchMeta(client, metaCache, assetName)
+      const meta = await fetchMeta(client, metaCache, assetName, opts.includeUnapproved ?? false)
       if (!meta) {
         throw new ResolutionError(`Asset "${assetName}" not found.`)
       }
 
-      // Filter to approved versions (unless --unapproved)
-      const candidates = meta.versions.filter((v) => opts.includeUnapproved || v.approved)
-
-      if (candidates.length === 0) {
+      if (!opts.includeUnapproved && !meta.approved) {
         throw new ResolutionError(
           `Asset "${assetName}" has no ${opts.includeUnapproved ? '' : 'approved '}versions.`,
         )
       }
 
-      // Collect all constraints for this asset
       const assetConstraints = constraints.get(assetName) ?? []
-
-      // Find the best (highest) version that satisfies ALL constraints
-      const candidateVersions = candidates.map((c) => c.version)
-      const satisfying = candidateVersions.filter((v) =>
-        assetConstraints.every((c) => semver.satisfies(v, c.range)),
-      )
-
-      if (satisfying.length === 0) {
+      if (!assetConstraints.every((c) => semver.satisfies(meta.latestVersion, c.range))) {
         const constraintDesc = assetConstraints
           .map((c) => `  ${c.range} (from ${c.from})`)
           .join('\n')
         throw new ResolutionError(
           `No version of "${assetName}" satisfies all constraints:\n${constraintDesc}\n` +
-            `Available${opts.includeUnapproved ? '' : ' approved'}: ${candidateVersions.join(', ')}`,
+            `Available${opts.includeUnapproved ? '' : ' approved'}: ${meta.latestVersion}`,
         )
       }
 
-      const best = semver.maxSatisfying(satisfying, '*')!
-      const versionMeta = candidates.find((c) => c.version === best)!
-
-      const npmDeps: Record<string, string> = JSON.parse(versionMeta.npmDependencies)
-      const assetDeps: Record<string, string> = JSON.parse(versionMeta.assetDependencies)
+      const npmDeps: Record<string, string> = JSON.parse(meta.npmDependencies)
+      const assetDeps: Record<string, string> = JSON.parse(meta.assetDependencies)
 
       resolved.set(assetName, {
         name: assetName,
-        version: best,
+        version: meta.latestVersion,
         npmDependencies: npmDeps,
         assetDependencies: assetDeps,
       })
 
-      // Add transitive asset dependency constraints
       for (const [depName, depRange] of Object.entries(assetDeps)) {
-        addConstraint(constraints, depName, depRange, `${assetName}@${best}`)
+        addConstraint(constraints, depName, depRange, `${assetName}@${meta.latestVersion}`)
       }
     }
 
@@ -155,11 +135,15 @@ function getUnresolved(
 
 async function fetchMeta(
   client: MarketClient['asset'],
-  cache: Map<string, AssetWithVersionsAndTags>,
+  cache: Map<string, AssetSearchResult>,
   name: string,
-): Promise<AssetWithVersionsAndTags | null> {
+  includeUnapproved: boolean,
+): Promise<AssetSearchResult | null> {
   if (cache.has(name)) return cache.get(name)!
-  const meta = await client.getByName({ name })
+  const meta = await client.exact({
+    name,
+    includeUnapproved,
+  })
   if (meta) cache.set(name, meta)
   return meta
 }

package/src/schemas.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod'
 
-export const ASSET_TYPES = ['generic', 'model', 'hdri', 'material', 'music'] as const
+export const ASSET_TYPES = ['model'] as const
 export type AssetType = (typeof ASSET_TYPES)[number]
 
 export const assetTypeSchema = z.enum(ASSET_TYPES)
@@ -28,8 +28,29 @@ export const npmDependenciesSchema = z.record(z.string(), z.string()).default({}
 
 export const assetDependenciesSchema = z.record(z.string(), z.string()).default({})
 
-export const uploadGenericSchema = z.object({
+export const updateProfileSchema = z.object({
+  name: z.string().min(1).max(100).optional(),
+  image: z.string().url().optional(),
+})
+
+export const listAssetsSchema = z.object({
+  page: z.number().int().min(1).default(1),
+  limit: z.number().int().min(1).max(100).default(20),
+  type: assetTypeSchema.optional(),
+  query: z.string().max(200).optional(),
+  includeUnapproved: z.boolean().default(false),
+  sort: z.enum(['newest', 'alphabetical', 'relevance']).default('newest'),
+})
+
+export const exactAssetSchema = z.object({
   name: assetNameSchema,
+  type: assetTypeSchema.optional(),
+  includeUnapproved: z.boolean().default(false),
+})
+
+export const uploadZipSchema = z.object({
+  name: assetNameSchema,
+  type: assetTypeSchema,
   version: semverSchema,
   description: z.string().max(1000).optional(),
   npmDependencies: npmDependenciesSchema,
@@ -37,34 +58,12 @@ export const uploadGenericSchema = z.object({
   tags: z.array(z.string()).default([]),
 })
 
-export const uploadTypedSchema = z.object({
+export const downloadZipSchema = z.object({
   name: assetNameSchema,
   version: semverSchema,
-  description: z.string().max(1000).optional(),
-  tags: z.array(z.string()).default([]),
-})
-
-export const uploadMaterialSchema = uploadTypedSchema.extend({
-  properties: z.object({
-    color: z.string().default('#ffffff'),
-    roughness: z.number().min(0).max(1).default(0.5),
-    metalness: z.number().min(0).max(1).default(0),
-    normalScale: z.number().min(0).max(2).default(1),
-    emissive: z.string().default('#000000'),
-    emissiveIntensity: z.number().min(0).max(10).default(0),
-  }),
-})
-
-export const updateProfileSchema = z.object({
-  name: z.string().min(1).max(100).optional(),
-  image: z.string().url().optional(),
 })
 
-export const listAssetsSchema = z.object({
-  page: z.number().int().min(1).default(1),
-  limit: z.number().int().min(1).max(100).default(20),
+export const generateAssetSchema = z.object({
+  description: z.string().min(3).max(1000),
   type: assetTypeSchema.optional(),
-  tag: z.string().optional(),
-  search: z.string().max(200).optional(),
-  sort: z.enum(['newest', 'alphabetical', 'relevance']).default('newest'),
 })

package/tsconfig.json

@@ -2,7 +2,8 @@
   "extends": "../../tsconfig.base.json",
   "compilerOptions": {
     "outDir": "dist",
-    "rootDir": "src"
+    "rootDir": "src",
+    "types": ["node"]
   },
   "include": ["src"]
 }

package/dist/commands/login.d.ts

@@ -1,10 +0,0 @@
-export interface LoginOptions {
-    baseUrl: string;
-    timeoutMs?: number;
-}
-/**
- * Spins up a localhost HTTP server, opens the browser to {baseUrl}/cli-auth,
- * waits for the web app to redirect back with the key, saves it to config.
- */
-export declare function login(opts: LoginOptions): Promise<void>;
-//# sourceMappingURL=login.d.ts.map

package/dist/commands/login.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAQA,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;GAGG;AACH,wBAAsB,KAAK,CAAC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAiC7D"}

package/dist/commands/login.js

@@ -1,92 +0,0 @@
-import * as http from 'http';
-import chalk from 'chalk';
-import open from 'open';
-import ora from 'ora';
-import { createMarketClient } from '../client.js';
-import { saveConfig, getConfigPath } from '../config.js';
-/**
- * Spins up a localhost HTTP server, opens the browser to {baseUrl}/cli-auth,
- * waits for the web app to redirect back with the key, saves it to config.
- */
-export async function login(opts) {
-    const timeoutMs = opts.timeoutMs ?? 120_000;
-    const state = crypto.randomUUID();
-    const { port, waitForKey, close } = await startCallbackServer(state, timeoutMs);
-    const authUrl = new URL('/cli-auth', opts.baseUrl);
-    authUrl.searchParams.set('state', state);
-    authUrl.searchParams.set('callback', `http://127.0.0.1:${port}/callback`);
-    console.log(chalk.dim(`If your browser doesn't open, visit:\n  ${authUrl.toString()}`));
-    await open(authUrl.toString()).catch(() => { });
-    const spinner = ora('Waiting for browser approval…').start();
-    try {
-        const key = await waitForKey;
-        spinner.text = 'Verifying key…';
-        const verifyClient = createMarketClient({ baseUrl: opts.baseUrl, apiKey: key });
-        const profile = await verifyClient.user.getProfile();
-        if (!profile) {
-            throw new Error('Key was not accepted by the server.');
-        }
-        await saveConfig({ apiKey: key, baseUrl: opts.baseUrl });
-        spinner.succeed(`Logged in as ${chalk.cyan(profile.email)}`);
-        console.log(chalk.dim(`  Key saved to ${getConfigPath()}`));
-    }
-    catch (err) {
-        spinner.fail(err instanceof Error ? err.message : String(err));
-        throw err;
-    }
-    finally {
-        close();
-    }
-}
-async function startCallbackServer(expectedState, timeoutMs) {
-    let resolveKey;
-    let rejectKey;
-    const waitForKey = new Promise((resolve, reject) => {
-        resolveKey = resolve;
-        rejectKey = reject;
-    });
-    const server = http.createServer((req, res) => {
-        if (!req.url) {
-            res.writeHead(400).end();
-            return;
-        }
-        const url = new URL(req.url, 'http://localhost');
-        if (url.pathname !== '/callback') {
-            res.writeHead(404).end();
-            return;
-        }
-        const receivedState = url.searchParams.get('state');
-        const receivedKey = url.searchParams.get('key');
-        if (receivedState !== expectedState) {
-            res.writeHead(400, { 'Content-Type': 'text/html' });
-            res.end('<h1>Invalid state</h1><p>You can close this window.</p>');
-            rejectKey(new Error('Invalid state parameter from callback.'));
-            return;
-        }
-        if (!receivedKey) {
-            res.writeHead(400, { 'Content-Type': 'text/html' });
-            res.end('<h1>Missing key</h1><p>You can close this window.</p>');
-            rejectKey(new Error('Callback did not include a key.'));
-            return;
-        }
-        res.writeHead(200, { 'Content-Type': 'text/html' });
-        res.end('<h1>Logged in!</h1><p>You can close this window.</p>');
-        resolveKey(receivedKey);
-    });
-    await new Promise((resolve, reject) => {
-        server.once('error', reject);
-        server.listen(0, '127.0.0.1', () => resolve());
-    });
-    const address = server.address();
-    if (!address)
-        throw new Error('Failed to bind local callback server.');
-    const timer = setTimeout(() => {
-        rejectKey(new Error(`Timed out after ${timeoutMs / 1000}s waiting for browser approval.`));
-    }, timeoutMs);
-    const close = () => {
-        clearTimeout(timer);
-        server.close();
-    };
-    return { port: address.port, waitForKey, close };
-}
-//# sourceMappingURL=login.js.map

package/dist/commands/login.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAE5B,OAAO,KAAK,MAAM,OAAO,CAAA;AACzB,OAAO,IAAI,MAAM,MAAM,CAAA;AACvB,OAAO,GAAG,MAAM,KAAK,CAAA;AACrB,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAA;AACjD,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAOxD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CAAC,IAAkB;IAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,OAAO,CAAA;IAC3C,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;IAEjC,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,MAAM,mBAAmB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;IAE/E,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAAA;IAClD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IACxC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,oBAAoB,IAAI,WAAW,CAAC,CAAA;IAEzE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,2CAA2C,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAA;IACvF,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IAE9C,MAAM,OAAO,GAAG,GAAG,CAAC,+BAA+B,CAAC,CAAC,KAAK,EAAE,CAAA;IAC5D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,CAAA;QAE5B,OAAO,CAAC,IAAI,GAAG,gBAAgB,CAAA;QAC/B,MAAM,YAAY,GAAG,kBAAkB,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC/E,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,CAAA;QACpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;QACxD,CAAC;QAED,MAAM,UAAU,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAA;QACxD,OAAO,CAAC,OAAO,CAAC,gBAAgB,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,kBAAkB,aAAa,EAAE,EAAE,CAAC,CAAC,CAAA;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9D,MAAM,GAAG,CAAA;IACX,CAAC;YAAS,CAAC;QACT,KAAK,EAAE,CAAA;IACT,CAAC;AACH,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,aAAqB,EACrB,SAAiB;IAEjB,IAAI,UAAgC,CAAA;IACpC,IAAI,SAA8B,CAAA;IAClC,MAAM,UAAU,GAAG,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACzD,UAAU,GAAG,OAAO,CAAA;QACpB,SAAS,GAAG,MAAM,CAAA;IACpB,CAAC,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAC5C,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;YACxB,OAAM;QACR,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAA;QAChD,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACjC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;YACxB,OAAM;QACR,CAAC;QACD,MAAM,aAAa,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACnD,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAE/C,IAAI,aAAa,KAAK,aAAa,EAAE,CAAC;YACpC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAA;YACnD,GAAG,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAA;YAClE,SAAS,CAAC,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC,CAAA;YAC9D,OAAM;QACR,CAAC;QACD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAA;YACnD,GAAG,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAA;YAChE,SAAS,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAA;YACvD,OAAM;QACR,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAA;QACnD,GAAG,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAA;QAC/D,UAAU,CAAC,WAAW,CAAC,CAAA;IACzB,CAAC,CAAC,CAAA;IAEF,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC5B,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;IAChD,CAAC,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAwB,CAAA;IACtD,IAAI,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;IAEtE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;QAC5B,SAAS,CAAC,IAAI,KAAK,CAAC,mBAAmB,SAAS,GAAG,IAAI,iCAAiC,CAAC,CAAC,CAAA;IAC5F,CAAC,EAAE,SAAS,CAAC,CAAA;IAEb,MAAM,KAAK,GAAG,GAAG,EAAE;QACjB,YAAY,CAAC,KAAK,CAAC,CAAA;QACnB,MAAM,CAAC,KAAK,EAAE,CAAA;IAChB,CAAC,CAAA;IAED,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAA;AAClD,CAAC"}

package/dist/internal-contract.d.ts

@@ -1,19 +0,0 @@
-import { z } from 'zod';
-export declare const internalContract: {
-    buildUpload: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
-        key: z.ZodString;
-        content: z.ZodString;
-        contentType: z.ZodString;
-    }, z.core.$strip>, z.ZodObject<{
-        ok: z.ZodBoolean;
-    }, z.core.$strip>, Record<never, never>, Record<never, never>>;
-    buildComplete: import("@orpc/contract").ContractProcedureBuilderWithInputOutput<z.ZodObject<{
-        assetName: z.ZodString;
-        version: z.ZodString;
-        buildOutputKey: z.ZodString;
-    }, z.core.$strip>, z.ZodObject<{
-        ok: z.ZodBoolean;
-    }, z.core.$strip>, Record<never, never>, Record<never, never>>;
-};
-export type InternalContract = typeof internalContract;
-//# sourceMappingURL=internal-contract.d.ts.map

package/dist/internal-contract.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"internal-contract.d.ts","sourceRoot":"","sources":["../src/internal-contract.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;CAoB5B,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG,OAAO,gBAAgB,CAAA"}

package/dist/internal-contract.js

@@ -1,19 +0,0 @@
-import { oc } from '@orpc/contract';
-import { z } from 'zod';
-export const internalContract = {
-    buildUpload: oc
-        .input(z.object({
-        key: z.string(),
-        content: z.string(), // base64-encoded
-        contentType: z.string(),
-    }))
-        .output(z.object({ ok: z.boolean() })),
-    buildComplete: oc
-        .input(z.object({
-        assetName: z.string(),
-        version: z.string(),
-        buildOutputKey: z.string(),
-    }))
-        .output(z.object({ ok: z.boolean() })),
-};
-//# sourceMappingURL=internal-contract.js.map

package/dist/internal-contract.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"internal-contract.js","sourceRoot":"","sources":["../src/internal-contract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AACnC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,WAAW,EAAE,EAAE;SACZ,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;QACf,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,iBAAiB;QACtC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;KACxB,CAAC,CACH;SACA,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAExC,aAAa,EAAE,EAAE;SACd,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;QACrB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE;KAC3B,CAAC,CACH;SACA,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;CACzC,CAAA"}

package/src/commands/login.ts

@@ -1,113 +0,0 @@
-import * as http from 'http'
-import type { AddressInfo } from 'net'
-import chalk from 'chalk'
-import open from 'open'
-import ora from 'ora'
-import { createMarketClient } from '../client.js'
-import { saveConfig, getConfigPath } from '../config.js'
-
-export interface LoginOptions {
-  baseUrl: string
-  timeoutMs?: number
-}
-
-/**
- * Spins up a localhost HTTP server, opens the browser to {baseUrl}/cli-auth,
- * waits for the web app to redirect back with the key, saves it to config.
- */
-export async function login(opts: LoginOptions): Promise<void> {
-  const timeoutMs = opts.timeoutMs ?? 120_000
-  const state = crypto.randomUUID()
-
-  const { port, waitForKey, close } = await startCallbackServer(state, timeoutMs)
-
-  const authUrl = new URL('/cli-auth', opts.baseUrl)
-  authUrl.searchParams.set('state', state)
-  authUrl.searchParams.set('callback', `http://127.0.0.1:${port}/callback`)
-
-  console.log(chalk.dim(`If your browser doesn't open, visit:\n  ${authUrl.toString()}`))
-  await open(authUrl.toString()).catch(() => {})
-
-  const spinner = ora('Waiting for browser approval…').start()
-  try {
-    const key = await waitForKey
-
-    spinner.text = 'Verifying key…'
-    const verifyClient = createMarketClient({ baseUrl: opts.baseUrl, apiKey: key })
-    const profile = await verifyClient.user.getProfile()
-    if (!profile) {
-      throw new Error('Key was not accepted by the server.')
-    }
-
-    await saveConfig({ apiKey: key, baseUrl: opts.baseUrl })
-    spinner.succeed(`Logged in as ${chalk.cyan(profile.email)}`)
-    console.log(chalk.dim(`  Key saved to ${getConfigPath()}`))
-  } catch (err) {
-    spinner.fail(err instanceof Error ? err.message : String(err))
-    throw err
-  } finally {
-    close()
-  }
-}
-
-async function startCallbackServer(
-  expectedState: string,
-  timeoutMs: number,
-): Promise<{ port: number; waitForKey: Promise<string>; close: () => void }> {
-  let resolveKey!: (k: string) => void
-  let rejectKey!: (e: Error) => void
-  const waitForKey = new Promise<string>((resolve, reject) => {
-    resolveKey = resolve
-    rejectKey = reject
-  })
-
-  const server = http.createServer((req, res) => {
-    if (!req.url) {
-      res.writeHead(400).end()
-      return
-    }
-    const url = new URL(req.url, 'http://localhost')
-    if (url.pathname !== '/callback') {
-      res.writeHead(404).end()
-      return
-    }
-    const receivedState = url.searchParams.get('state')
-    const receivedKey = url.searchParams.get('key')
-
-    if (receivedState !== expectedState) {
-      res.writeHead(400, { 'Content-Type': 'text/html' })
-      res.end('<h1>Invalid state</h1><p>You can close this window.</p>')
-      rejectKey(new Error('Invalid state parameter from callback.'))
-      return
-    }
-    if (!receivedKey) {
-      res.writeHead(400, { 'Content-Type': 'text/html' })
-      res.end('<h1>Missing key</h1><p>You can close this window.</p>')
-      rejectKey(new Error('Callback did not include a key.'))
-      return
-    }
-
-    res.writeHead(200, { 'Content-Type': 'text/html' })
-    res.end('<h1>Logged in!</h1><p>You can close this window.</p>')
-    resolveKey(receivedKey)
-  })
-
-  await new Promise<void>((resolve, reject) => {
-    server.once('error', reject)
-    server.listen(0, '127.0.0.1', () => resolve())
-  })
-
-  const address = server.address() as AddressInfo | null
-  if (!address) throw new Error('Failed to bind local callback server.')
-
-  const timer = setTimeout(() => {
-    rejectKey(new Error(`Timed out after ${timeoutMs / 1000}s waiting for browser approval.`))
-  }, timeoutMs)
-
-  const close = () => {
-    clearTimeout(timer)
-    server.close()
-  }
-
-  return { port: address.port, waitForKey, close }
-}

package/src/internal-contract.ts

@@ -1,26 +0,0 @@
-import { oc } from '@orpc/contract'
-import { z } from 'zod'
-
-export const internalContract = {
-  buildUpload: oc
-    .input(
-      z.object({
-        key: z.string(),
-        content: z.string(), // base64-encoded
-        contentType: z.string(),
-      }),
-    )
-    .output(z.object({ ok: z.boolean() })),
-
-  buildComplete: oc
-    .input(
-      z.object({
-        assetName: z.string(),
-        version: z.string(),
-        buildOutputKey: z.string(),
-      }),
-    )
-    .output(z.object({ ok: z.boolean() })),
-}
-
-export type InternalContract = typeof internalContract