@dreamboard-games/cli 0.1.30-alpha.0 → 0.1.30-alpha.10

package/dist/index.js

@@ -3,6 +3,7 @@ import {
   CONFIG_FLAG_ARGS,
   IS_PUBLISHED_BUILD,
   LOCAL_REGISTRY_URL,
+  PUBLISHED_ENVIRONMENT,
   REDUCER_TESTING_TYPES_WRAPPER_CONTENT,
   STALE_CONTRACT_ARTIFACT_CODE,
   STALE_CONTRACT_ARTIFACT_EXIT_CODE,
@@ -12,13 +13,14 @@ import {
   collectLocalFiles,
   computeManifestHash,
   configureClient,
-  createGameRevisionSdk,
+  createGameRevision,
   createPkcePair,
-  createProjectSessionSdk,
+  createProjectSession,
+  createProjectSourceBlobUploadSession,
   createSessionFromScenario,
   didLocalMaintainerSnapshotChange,
-  ensureProjectDevCompileSdk,
-  ensureProjectSdk,
+  ensureProject,
+  ensureProjectDevCompile,
   exchangeClerkOAuthCode,
   external_exports,
   findProjectCompiledResultsForRevision,
@@ -28,37 +30,34 @@ import {
   getApiVersion,
   getAuthTokenExpiry,
   getCliErrorExitCode,
+  getCurrentAuthUser,
   getLocalDiff,
   getProjectAuthoringState,
-  getProjectBySlugSdk,
+  getProjectBySlug,
   getProjectCompileState,
   getProjectCompiledResultSdk,
   getProjectLocalMaintainerRegistry,
   getProjectPendingAuthoringSync,
-  getProjectRevisionSourcesSdk,
-  getProjectSourcesSdk,
+  getProjectRevisionSources,
+  getProjectSources,
   getSessionEventBatch,
   getSessionSnapshot,
   importTypeScriptModule,
   isAllowedGamePath,
-  isAuthoritativeGeneratedPath,
   isDreamboardApiError,
+  isDynamicGeneratedPath,
   isDynamicSeedPath,
   isLibraryPath,
   isLocalMaintainerRegistryEnabled,
-  isPerPlayer,
   isReducerNativeTestingWorkspace,
   isStaleContractArtifactError,
   isStaleContractArtifactMessage,
   loadManifest,
   loadProjectConfig,
-  loadRemoteProjectIdentity,
   loadRule,
-  mapUpsertBlobContentsByContentHash,
   materializeManifest,
-  materializeManifestTable,
-  materializeSourceChangeOperations,
   normalizeSlug,
+  parseAuthCommandArgs,
   parseCloneCommandArgs,
   parseCompileCommandArgs,
   parseConfigCommandArgs,
@@ -70,10 +69,11 @@ import {
   parsePlayerCountFlags,
   parsePositiveInt,
   parsePullCommandArgs,
+  parseQueryCommandArgs,
   parseStatusCommandArgs,
   parseSyncCommandArgs,
-  perPlayerSchema,
   projectIdFromSessionGameSource,
+  queryWorkshopRulebook,
   queueProjectRevisionCompileSdk,
   refreshResolvedAuthSession,
   removeExtraneousFiles,
@@ -87,13 +87,13 @@ import {
   setLatestCompileAttempt,
   shortHash,
   submitGameplayAuthorityAction,
+  titleFromSlug,
   toApiProblem,
   toDreamboardApiError,
   updateProjectAuthoringState,
   updateProjectLocalMaintainerRegistry,
   updateProjectState,
-  uploadInitialProjectionSdk,
-  uploadProjectSourceBlobsSdk,
+  uploadInitialProjection,
   valueOrUndefined,
   waitForCompiledResultJobSdk,
   writeManifest,
@@ -101,18 +101,18 @@ import {
   writeSnapshot,
   writeSnapshotFromFiles,
   writeSourceFiles
-} from "./chunk-3XNJT3RK.js";
+} from "./chunk-P5TITCD3.js";
 import {
   DEFAULT_LOGIN_TIMEOUT_MS,
   DEFAULT_WEB_BASE_URL,
   MANIFEST_FILE,
   MANIFEST_TYPECHECK_CONFIG_FILE,
-  PROJECT_CONFIG_FILE,
   PROJECT_DIR_NAME,
   RULE_FILE,
   clearCredentials,
   ensureDir,
   exists,
+  getActiveCredentialBackendName,
   getGlobalAuthPath,
   getGlobalConfigPath,
   getStoredSession,
@@ -125,10 +125,12 @@ import {
   setCredentials,
   writeJsonFile,
   writeTextFile
-} from "./chunk-TSJVWTJO.js";
-import "./chunk-7FOO4AJI.js";
+} from "./chunk-GXM7RRZJ.js";
 import "./chunk-2H7UOFLK.js";
 
+// src/commands/auth.ts
+import crypto2 from "crypto";
+
 // ../../node_modules/.pnpm/citty@0.2.2/node_modules/citty/dist/_chunks/libs/scule.mjs
 var NUMBER_CHAR_RE = /\d/;
 var STR_SPLITTERS = [
@@ -1656,49 +1658,902 @@ ${indent}`);
       const _err = new Error("Trace: " + logObj.message);
       line += this.formatStack(_err.stack || "", _err.message);
     }
-    return isBadge ? "\n" + line + "\n" : line;
+    return isBadge ? "\n" + line + "\n" : line;
+  }
+};
+function characterFormat(str) {
+  return str.replace(/`([^`]+)`/gm, (_2, m) => colors.cyan(m)).replace(/\s+_([^_]+)_\s+/gm, (_2, m) => ` ${colors.underline(m)} `);
+}
+function getColor2(color = "white") {
+  return colors[color] || colors.white;
+}
+function getBgColor(color = "bgWhite") {
+  return colors[`bg${color[0].toUpperCase()}${color.slice(1)}`] || colors.bgWhite;
+}
+function createConsola2(options = {}) {
+  let level = _getDefaultLogLevel();
+  if (process.env.CONSOLA_LEVEL) {
+    level = Number.parseInt(process.env.CONSOLA_LEVEL) ?? level;
+  }
+  const consola2 = createConsola({
+    level,
+    defaults: { level },
+    stdout: process.stdout,
+    stderr: process.stderr,
+    prompt: (...args) => import("./prompt-GMZABCJC.js").then((m) => m.prompt(...args)),
+    reporters: options.reporters || [
+      options.fancy ?? !(T || R) ? new FancyReporter() : new BasicReporter()
+    ],
+    ...options
+  });
+  return consola2;
+}
+function _getDefaultLogLevel() {
+  if (g) {
+    return LogLevels.debug;
+  }
+  if (R) {
+    return LogLevels.warn;
+  }
+  return LogLevels.info;
+}
+var consola = createConsola2();
+
+// src/auth/auth-server.ts
+import {
+  createServer
+} from "http";
+import { spawn } from "child_process";
+var DEFAULT_OAUTH_CALLBACK_PORT = 49371;
+async function startOAuthCallbackServer(state, timeoutMs) {
+  let resolveCode;
+  let rejectCode;
+  const waitForCode = new Promise((resolve, reject) => {
+    resolveCode = resolve;
+    rejectCode = reject;
+  });
+  const portCandidate = resolveOAuthCallbackPort();
+  const server = createServer(
+    async (request, response) => {
+      try {
+        const requestUrl = new URL(request.url ?? "/", "http://127.0.0.1");
+        if (request.method === "GET" && requestUrl.pathname === "/oauth/callback") {
+          const receivedState = requestUrl.searchParams.get("state");
+          const code = requestUrl.searchParams.get("code");
+          const error = requestUrl.searchParams.get("error");
+          if (error) {
+            throw new Error(`Clerk OAuth returned ${error}.`);
+          }
+          if (!code || receivedState !== state) {
+            writeCorsResponse(request, response, 400, "Invalid OAuth callback");
+            return;
+          }
+          resolveCode({ code });
+          response.once("finish", () => server.close());
+          writeHtmlResponse(
+            response,
+            200,
+            "Dreamboard CLI login complete. You can return to your terminal."
+          );
+          return;
+        }
+        writeHtmlResponse(
+          response,
+          200,
+          "Dreamboard CLI OAuth callback server"
+        );
+      } catch (error) {
+        rejectCode(
+          error instanceof Error ? error : new Error("Failed to handle OAuth callback.")
+        );
+        writeHtmlResponse(response, 500, "Dreamboard CLI login failed.");
+      }
+    }
+  );
+  try {
+    await new Promise((resolve, reject) => {
+      server.once("error", reject);
+      server.listen(portCandidate, "127.0.0.1", () => {
+        server.off("error", reject);
+        resolve();
+      });
+    });
+  } catch (error) {
+    const portError = error instanceof Error ? error : new Error("Failed to start OAuth callback server");
+    const configuredByEnv = Boolean(
+      process.env.DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT
+    );
+    const message = configuredByEnv ? `Failed to start OAuth callback server on configured port ${portCandidate}.` : `Failed to start OAuth callback server on port ${portCandidate}. Register this loopback redirect URI with Clerk and keep the port available, or set DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT.`;
+    const wrapped = new Error(`${message} ${portError.message}`);
+    server.close();
+    rejectCode(wrapped);
+    throw wrapped;
+  }
+  if (!server.listening) {
+    const error = new Error("Failed to start OAuth callback server.");
+    rejectCode(error);
+    throw error;
+  }
+  const timer = setTimeout(() => {
+    rejectCode(new Error("Login timed out."));
+    server?.close();
+  }, timeoutMs);
+  waitForCode.finally(() => clearTimeout(timer));
+  const port = portCandidateFromServer(server);
+  return {
+    port,
+    redirectUri: `http://127.0.0.1:${port}/oauth/callback`,
+    waitForCode,
+    close: () => server?.close()
+  };
+}
+function resolveOAuthCallbackPort() {
+  const rawPort = process.env.DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT?.trim();
+  if (!rawPort) {
+    return DEFAULT_OAUTH_CALLBACK_PORT;
+  }
+  const port = Number(rawPort);
+  if (!Number.isInteger(port) || port < 1 || port > 65535) {
+    throw new Error(
+      `Invalid DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT '${rawPort}'. Expected a TCP port from 1 to 65535.`
+    );
+  }
+  return port;
+}
+function portCandidateFromServer(server) {
+  const address = server.address();
+  if (!address || typeof address === "string") {
+    throw new Error("Auth callback server did not expose a bound port.");
+  }
+  return address.port;
+}
+function writeCorsResponse(request, response, statusCode, body) {
+  const origin = request.headers.origin ?? "*";
+  response.writeHead(statusCode, {
+    "Access-Control-Allow-Origin": origin,
+    "Access-Control-Allow-Methods": "POST, OPTIONS",
+    "Access-Control-Allow-Headers": "Content-Type",
+    "Content-Type": "text/plain; charset=utf-8"
+  });
+  response.end(body);
+}
+function writeHtmlResponse(response, statusCode, body) {
+  response.writeHead(statusCode, {
+    "Content-Type": "text/html; charset=utf-8"
+  });
+  response.end(
+    `<!doctype html><meta charset="utf-8"><title>Dreamboard CLI</title><p>${escapeHtml(body)}</p>`
+  );
+}
+function escapeHtml(value) {
+  return value.replace(/[&<>"']/g, (char) => {
+    switch (char) {
+      case "&":
+        return "&amp;";
+      case "<":
+        return "&lt;";
+      case ">":
+        return "&gt;";
+      case '"':
+        return "&quot;";
+      default:
+        return "&#39;";
+    }
+  });
+}
+function openBrowser(url) {
+  const platform2 = process.platform;
+  let command;
+  if (platform2 === "darwin") {
+    command = ["open", url];
+  } else if (platform2 === "win32") {
+    command = ["cmd", "/c", "start", "", url];
+  } else {
+    command = ["xdg-open", url];
+  }
+  const [commandName, ...commandArgs] = command;
+  const child = spawn(commandName, commandArgs, {
+    stdio: "ignore",
+    detached: true
+  });
+  child.unref();
+}
+
+// src/commands/auth.ts
+async function loginWithBrowser(config, quiet) {
+  const state = crypto2.randomUUID();
+  const pkce = createPkcePair();
+  const server = await startOAuthCallbackServer(
+    state,
+    DEFAULT_LOGIN_TIMEOUT_MS
+  );
+  const loginUrl = buildClerkAuthorizationUrl({
+    config: {
+      issuer: config.clerkOAuthIssuer,
+      clientId: config.clerkOAuthClientId,
+      tokenUrl: config.clerkOAuthTokenUrl,
+      scope: config.clerkOAuthScope
+    },
+    redirectUri: server.redirectUri,
+    state,
+    codeChallenge: pkce.challenge
+  }).toString();
+  if (!quiet) {
+    consola.info("Opening browser for login...");
+    consola.info(`If the browser does not open, visit: ${loginUrl}`);
+  }
+  openBrowser(loginUrl);
+  if (!quiet) {
+    consola.start("Waiting for login to complete...");
+  }
+  try {
+    const { code } = await server.waitForCode;
+    const tokenResponse = await exchangeClerkOAuthCode({
+      config: {
+        issuer: config.clerkOAuthIssuer,
+        clientId: config.clerkOAuthClientId,
+        tokenUrl: config.clerkOAuthTokenUrl
+      },
+      code,
+      redirectUri: server.redirectUri,
+      codeVerifier: pkce.verifier
+    });
+    return {
+      token: tokenResponse.accessToken,
+      refreshToken: tokenResponse.refreshToken,
+      expiresAt: tokenResponse.expiresAt,
+      tokenUrl: tokenResponse.tokenUrl
+    };
+  } finally {
+    server.close();
+  }
+}
+var auth_default = defineCommand({
+  meta: { name: "auth", description: "Manage stored Dreamboard sessions" },
+  args: {
+    action: {
+      type: "positional",
+      description: IS_PUBLISHED_BUILD ? "Action: clear | login" : "Action: set | clear | login | env | status",
+      required: true
+    },
+    ...IS_PUBLISHED_BUILD ? {} : {
+      tokenValue: {
+        type: "positional",
+        description: "Token value (for set) or environment name (for env)",
+        required: false
+      },
+      token: {
+        type: "string",
+        description: "Auth token (alternative)"
+      },
+      jwt: {
+        type: "boolean",
+        description: "Print auth token JSON to stdout"
+      },
+      env: {
+        type: "string",
+        description: "Environment: local | staging | prod"
+      }
+    }
+  },
+  async run({ args }) {
+    const parsedArgs = parseAuthCommandArgs(args);
+    const action = parsedArgs.action;
+    const globalConfig = await loadGlobalConfig();
+    if (IS_PUBLISHED_BUILD && action !== "login" && action !== "clear") {
+      throw new Error(
+        "The published Dreamboard CLI only supports browser login and logout. Use `dreamboard login` or `dreamboard logout`."
+      );
+    }
+    if (action === "env") {
+      if (IS_PUBLISHED_BUILD) {
+        throw new Error(
+          "The published Dreamboard CLI is production-only and does not support switching environments."
+        );
+      }
+      const environment = parsedArgs.tokenValue ?? parsedArgs.env;
+      if (!environment) {
+        throw new Error("Usage: dreamboard auth env <local|staging|prod>");
+      }
+      if (!["local", "staging", "prod"].includes(environment)) {
+        throw new Error(
+          `Invalid environment '${environment}'. Valid options: local, staging, prod`
+        );
+      }
+      await saveGlobalConfig({
+        ...globalConfig,
+        environment
+      });
+      consola.success(`Environment set to '${environment}'.`);
+      return;
+    }
+    if (action === "set") {
+      if (IS_PUBLISHED_BUILD) {
+        throw new Error(
+          "Direct JWT injection is not supported in the published Dreamboard CLI. Use `dreamboard login` so the CLI can store a refreshable session."
+        );
+      }
+      const token = parsedArgs.tokenValue ?? parsedArgs.token ?? "";
+      if (!token) throw new Error("Usage: dreamboard auth set <token>");
+      await setAccessOnlySession(token);
+      consola.success(`Auth token saved to ${getGlobalAuthPath()}.`);
+      return;
+    }
+    if (action === "clear") {
+      await clearCredentials();
+      consola.success(
+        `Stored Dreamboard session cleared from ${getGlobalAuthPath()}.`
+      );
+      return;
+    }
+    if (action === "login") {
+      const shouldPrintJwt = !IS_PUBLISHED_BUILD && parsedArgs.jwt === true;
+      const environment = IS_PUBLISHED_BUILD ? PUBLISHED_ENVIRONMENT : parsedArgs.env || globalConfig.environment || "staging";
+      const storedSession = await getStoredSession();
+      let accessToken = storedSession?.accessToken;
+      let refreshToken = storedSession?.refreshToken;
+      let tokenExpiresAt = storedSession?.tokenExpiresAt;
+      let clerkOAuthTokenUrl = storedSession?.clerkOAuthTokenUrl;
+      let didRefreshStoredSession = false;
+      let didUseBrowserLogin = false;
+      const resolvedConfig = resolveConfig(
+        globalConfig,
+        { env: environment },
+        void 0,
+        storedSession
+      );
+      if (accessToken && refreshToken) {
+        try {
+          const refreshed = await refreshResolvedAuthSession(resolvedConfig);
+          accessToken = refreshed?.accessToken ?? accessToken;
+          refreshToken = refreshed?.refreshToken ?? refreshToken;
+          tokenExpiresAt = refreshed?.tokenExpiresAt ?? tokenExpiresAt;
+          clerkOAuthTokenUrl = refreshed?.clerkOAuthTokenUrl ?? clerkOAuthTokenUrl;
+          didRefreshStoredSession = Boolean(refreshed);
+        } catch (error) {
+          consola.warn(
+            error instanceof Error ? error.message : "Stored Dreamboard CLI session refresh failed."
+          );
+          accessToken = void 0;
+          refreshToken = void 0;
+        }
+      }
+      if (!accessToken) {
+        const browserLogin = await loginWithBrowser(
+          resolvedConfig,
+          shouldPrintJwt
+        );
+        accessToken = browserLogin.token;
+        refreshToken = browserLogin.refreshToken;
+        tokenExpiresAt = browserLogin.expiresAt;
+        clerkOAuthTokenUrl = browserLogin.tokenUrl;
+        didUseBrowserLogin = true;
+      }
+      if (!accessToken) {
+        throw new Error("Login completed but no access token was returned.");
+      }
+      await saveGlobalConfig({
+        ...globalConfig,
+        environment
+      });
+      if (refreshToken) {
+        await setCredentials({
+          accessToken,
+          refreshToken,
+          tokenExpiresAt,
+          clerkOAuthIssuer: resolvedConfig.clerkOAuthIssuer,
+          clerkOAuthClientId: resolvedConfig.clerkOAuthClientId,
+          clerkOAuthTokenUrl,
+          environment
+        });
+      } else {
+        await setAccessOnlySession(accessToken);
+      }
+      if (shouldPrintJwt) {
+        process.stdout.write(
+          `${JSON.stringify(
+            {
+              token: accessToken,
+              refreshToken: refreshToken ?? null,
+              environment
+            },
+            null,
+            2
+          )}
+`
+        );
+        return;
+      }
+      if (didUseBrowserLogin) {
+        consola.success(
+          `Browser login successful. Session saved to ${getGlobalAuthPath()}`
+        );
+      } else if (storedSession?.accessToken && didRefreshStoredSession) {
+        consola.success(
+          `Stored auth session refreshed and saved to ${getGlobalAuthPath()}`
+        );
+      } else if (storedSession?.accessToken) {
+        consola.success(
+          `Stored auth token found. Session data remains in ${getGlobalAuthPath()}`
+        );
+      }
+      return;
+    }
+    if (action === "status") {
+      const storedSession = await getStoredSession();
+      const resolvedConfig = resolveConfig(
+        globalConfig,
+        { env: parsedArgs.env },
+        void 0,
+        storedSession
+      );
+      const environment = parsedArgs.env || globalConfig.environment || "staging";
+      const authTokenExpiry = getAuthTokenExpiry(resolvedConfig.authToken);
+      const backendName = await getActiveCredentialBackendName();
+      consola.log(`Environment: ${environment}`);
+      consola.log(`Auth token source: ${resolvedConfig.authTokenSource}`);
+      consola.log(`Refresh token source: ${resolvedConfig.refreshTokenSource}`);
+      consola.log(
+        `Credential backend: ${backendName}${backendName === "keychain" ? " (OS keychain via @napi-rs/keyring)" : ` (${getGlobalAuthPath()})`}`
+      );
+      const preference = globalConfig.credentialBackend;
+      if (preference) {
+        consola.log(`Credential backend preference (config): ${preference}`);
+      } else {
+        consola.log(
+          'Credential backend preference (config): file (default; set `"credentialBackend": "keychain"` in config.json to opt in)'
+        );
+      }
+      if (process.env.DREAMBOARD_CREDENTIAL_BACKEND) {
+        consola.log(
+          `Backend override: DREAMBOARD_CREDENTIAL_BACKEND=${process.env.DREAMBOARD_CREDENTIAL_BACKEND}`
+        );
+      }
+      consola.log(`Config path: ${getGlobalConfigPath()}`);
+      if (!resolvedConfig.authToken) {
+        consola.warn("No Dreamboard session found.");
+        return;
+      }
+      if (authTokenExpiry) {
+        const isExpired = authTokenExpiry.getTime() <= Date.now();
+        consola.log(
+          `Access token expires at: ${authTokenExpiry.toISOString()} (${isExpired ? "expired" : "active"})`
+        );
+        if (isExpired) {
+          if (!resolvedConfig.refreshToken) {
+            consola.warn(
+              "Access token is expired and no refresh token is available. Run `dreamboard login` to authenticate again."
+            );
+            return;
+          }
+          const refreshed = await refreshResolvedAuthSession(resolvedConfig);
+          if (!refreshed?.accessToken) {
+            consola.warn(
+              "Access token is expired and refresh did not return a new session."
+            );
+            return;
+          }
+          const refreshedExpiry = getAuthTokenExpiry(refreshed.accessToken);
+          consola.success("Access token was expired and has been refreshed.");
+          if (refreshedExpiry) {
+            consola.log(
+              `Refreshed access token expires at: ${refreshedExpiry.toISOString()}`
+            );
+          }
+          return;
+        }
+      } else {
+        consola.log("Access token expiry: unavailable");
+      }
+      consola.success("Dreamboard session is active.");
+      return;
+    }
+    throw new Error(
+      IS_PUBLISHED_BUILD ? "Usage:\n  dreamboard auth clear\n  dreamboard auth login" : "Usage:\n  dreamboard auth clear\n  dreamboard auth login [--env <local|staging|prod>] [--jwt]\n  dreamboard auth set <token>\n  dreamboard auth env <local|staging|prod>\n  dreamboard auth status [--env <local|staging|prod>]"
+    );
+  }
+});
+
+// src/commands/query.ts
+var query_default = defineCommand({
+  meta: {
+    name: "query",
+    description: "Query rulebook text by title"
+  },
+  args: {
+    title: {
+      type: "positional",
+      description: "Board game title to search in the rulebook library",
+      required: true
+    },
+    ...CONFIG_FLAG_ARGS
+  },
+  async run({ args }) {
+    const parsedArgs = parseQueryCommandArgs(args);
+    const [globalConfig, storedSession] = await Promise.all([
+      loadGlobalConfig(),
+      getStoredSession()
+    ]);
+    const config = resolveConfig(
+      globalConfig,
+      parsedArgs,
+      void 0,
+      storedSession
+    );
+    requireAuth(config);
+    await configureClient(config);
+    const { data, error, response } = await queryWorkshopRulebook({
+      query: {
+        title: parsedArgs.title
+      }
+    });
+    if (!data) {
+      throw toDreamboardApiError(
+        error,
+        response,
+        `Failed to query rulebook for '${parsedArgs.title}'`
+      );
+    }
+    console.log(data.ruleText);
+  }
+});
+
+// src/commands/clone.ts
+import path5 from "path";
+
+// src/services/api/project-api.ts
+async function loadRemoteProjectIdentity() {
+  const [versionResponse, userResponse] = await Promise.all([
+    getApiVersion(),
+    getCurrentAuthUser()
+  ]);
+  if (versionResponse.error || !versionResponse.data) {
+    throw toDreamboardApiError(
+      versionResponse.error,
+      versionResponse.response,
+      "Failed to resolve backend deployment identity"
+    );
+  }
+  if (userResponse.error || !userResponse.data) {
+    throw toDreamboardApiError(
+      userResponse.error,
+      userResponse.response,
+      "Failed to resolve authenticated owner scope"
+    );
+  }
+  const deploymentId = versionResponse.data.deploymentId;
+  const ownerScopeId = userResponse.data.ownerScopeId;
+  return {
+    deploymentId,
+    ownerScopeId,
+    bindingKey: `${deploymentId}:${ownerScopeId}`
+  };
+}
+async function ensureProjectSdk(options) {
+  const { data, error, response } = await ensureProject({
+    path: { projectId: options.projectId },
+    body: {
+      slug: options.slug,
+      name: titleFromSlug(options.slug),
+      description: options.description ?? `Dreamboard workspace for ${options.slug}.`,
+      ...options.updateAlias ? { updateAlias: true } : {}
+    }
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(error, response, "Failed to ensure project");
+  }
+  return data;
+}
+async function getProjectBySlugSdk(slug) {
+  const { data, error, response } = await getProjectBySlug({
+    path: { slug }
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(
+      error,
+      response,
+      `Project '${slug}' not found`
+    );
+  }
+  return data;
+}
+async function createGameRevisionSdk(options) {
+  const { data, error, response } = await createGameRevision({
+    path: { projectId: options.projectId },
+    body: options.request
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(
+      error,
+      response,
+      "Failed to create game revision"
+    );
+  }
+  return data;
+}
+async function getProjectSourcesSdk(projectId) {
+  const { data, error, response } = await getProjectSources({
+    path: { projectId }
+  });
+  if (response?.status === 404) {
+    return null;
+  }
+  if (error || !data) {
+    throw toDreamboardApiError(
+      error,
+      response,
+      "Failed to fetch project sources"
+    );
+  }
+  return data;
+}
+async function getProjectRevisionSourcesSdk(options) {
+  const { data, error, response } = await getProjectRevisionSources({
+    path: {
+      projectId: options.projectId,
+      revisionDigest: options.revisionDigest
+    }
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(
+      error,
+      response,
+      "Failed to fetch project revision sources"
+    );
+  }
+  return data;
+}
+async function ensureProjectDevCompileSdk(options) {
+  const { data, error, response } = await ensureProjectDevCompile({
+    path: { projectId: options.projectId },
+    body: options.request
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(error, response, "Failed to ensure dev compile");
+  }
+  return data;
+}
+async function createProjectSessionSdk(options) {
+  const { data, error, response } = await createProjectSession({
+    path: { projectId: options.projectId },
+    body: options.request
+  });
+  if (error || !data) {
+    throw toDreamboardApiError(error, response, "Failed to create session");
+  }
+  return data;
+}
+
+// src/services/api/preview-api.ts
+async function uploadInitialProjectionSdk(gameId, projectionJson) {
+  const { error, response } = await uploadInitialProjection({
+    path: { gameId },
+    body: { projectionJson }
+  });
+  if (error) {
+    throw toDreamboardApiError(
+      error,
+      response,
+      "Failed to upload initial preview projection"
+    );
+  }
+}
+
+// ../../packages/api-client/dist/source-revisions.js
+var textEncoder = new TextEncoder();
+var SOURCE_BLOB_UPLOAD_SESSION_BATCH_SIZE = 20;
+function bytesToHex(bytes) {
+  return Array.from(bytes, (byte) => byte.toString(16).padStart(2, "0")).join("");
+}
+async function sha256Hex(bytes) {
+  const normalizedBytes = new Uint8Array(bytes.byteLength);
+  normalizedBytes.set(bytes);
+  const digest = await crypto.subtle.digest("SHA-256", normalizedBytes.buffer);
+  return bytesToHex(new Uint8Array(digest));
+}
+function getUtf8ByteSize(content) {
+  return textEncoder.encode(content).byteLength;
+}
+async function computeSourceContentHash(content) {
+  return sha256Hex(textEncoder.encode(content));
+}
+async function describeSourceBlob(content) {
+  return {
+    contentHash: await computeSourceContentHash(content),
+    byteSize: getUtf8ByteSize(content)
+  };
+}
+async function materializeSourceChangeOperations(changes) {
+  const blobsByHash = /* @__PURE__ */ new Map();
+  const materialized = await Promise.all(Array.from(changes, async (change) => {
+    if (change.kind === "delete") {
+      return change;
+    }
+    const blob = await describeSourceBlob(change.content);
+    const existing = blobsByHash.get(blob.contentHash);
+    if (!existing) {
+      blobsByHash.set(blob.contentHash, blob);
+    }
+    return {
+      kind: "upsert",
+      path: change.path,
+      contentHash: blob.contentHash,
+      byteSize: blob.byteSize
+    };
+  }));
+  return {
+    blobs: Array.from(blobsByHash.values()).sort((left, right) => left.contentHash.localeCompare(right.contentHash)),
+    changes: materialized
+  };
+}
+function mapUpsertBlobContentsByContentHash(localChanges, materializedChanges) {
+  const uploadBlobs = /* @__PURE__ */ new Map();
+  const length = Math.min(localChanges.length, materializedChanges.length);
+  for (let index = 0; index < length; index += 1) {
+    const localChange = localChanges[index];
+    const materializedChange = materializedChanges[index];
+    if (localChange?.kind !== "upsert" || materializedChange?.kind !== "upsert") {
+      continue;
+    }
+    uploadBlobs.set(materializedChange.contentHash, {
+      contentHash: materializedChange.contentHash,
+      byteSize: materializedChange.byteSize,
+      content: localChange.content
+    });
+  }
+  return uploadBlobs;
+}
+var SourceBlobUploadError = class extends Error {
+  constructor(status, details) {
+    const suffix = details.trim().length > 0 ? `: ${details.trim()}` : "";
+    super(`Failed to upload source blob (HTTP ${status}${suffix})`);
+    this.name = "SourceBlobUploadError";
+    this.status = status;
+    this.details = details;
+  }
+};
+function isDuplicateDirectUploadError(error) {
+  if (!(error instanceof SourceBlobUploadError)) {
+    return false;
+  }
+  if (error.status === 409) {
+    return true;
+  }
+  const normalizedDetails = error.details.toLowerCase();
+  return normalizedDetails.includes("duplicate") || normalizedDetails.includes("already exists") || normalizedDetails.includes("resource already exists");
+}
+async function uploadSourceBlob(uploadTarget, content) {
+  const response = await fetch(uploadTarget.url, {
+    method: uploadTarget.method,
+    headers: uploadTarget.headers,
+    body: textEncoder.encode(content)
+  });
+  if (response.ok) {
+    return;
+  }
+  const details = await response.text().catch(() => "");
+  throw new SourceBlobUploadError(response.status, details);
+}
+var SourceBlobSessionRequestError = class extends Error {
+  constructor(message, apiError, response) {
+    super(message);
+    this.name = "SourceBlobSessionRequestError";
+    this.apiError = apiError;
+    this.response = response;
+  }
+};
+function assertSourceBlobUploadSession(data, response) {
+  if (!data || typeof data !== "object" || !Array.isArray(data.uploads)) {
+    throw new SourceBlobSessionRequestError("Source blob upload session response did not include an uploads array", data, response);
+  }
+}
+async function confirmSourceBlobAlreadyExists(options) {
+  const { requestUploadSession, blob } = options;
+  const { data, error, response } = await requestUploadSession([
+    {
+      contentHash: blob.contentHash,
+      byteSize: blob.byteSize
+    }
+  ]);
+  if (error || !data) {
+    throw new SourceBlobSessionRequestError("Failed to create source blob upload session", error, response);
+  }
+  assertSourceBlobUploadSession(data, response);
+  return data.uploads[0]?.status === "exists";
+}
+async function uploadSourceBlobs(options) {
+  const { blobs, requestUploadSession } = options;
+  const uniqueBlobs = /* @__PURE__ */ new Map();
+  for (const blob of blobs) {
+    const existing = uniqueBlobs.get(blob.contentHash);
+    if (!existing) {
+      uniqueBlobs.set(blob.contentHash, blob);
+      continue;
+    }
+    if (existing.byteSize !== blob.byteSize) {
+      throw new Error(`Source blob ${blob.contentHash} has conflicting byte sizes.`);
+    }
+  }
+  if (uniqueBlobs.size === 0) {
+    return;
+  }
+  for (const uploadBatch of chunkSourceBlobs(Array.from(uniqueBlobs.values()), SOURCE_BLOB_UPLOAD_SESSION_BATCH_SIZE)) {
+    const { data, error, response } = await requestUploadSession(uploadBatch.map(({ contentHash, byteSize }) => ({
+      contentHash,
+      byteSize
+    })));
+    if (error || !data) {
+      throw new SourceBlobSessionRequestError("Failed to create source blob upload session", error, response);
+    }
+    assertSourceBlobUploadSession(data, response);
+    for (const upload of data.uploads) {
+      if (upload.status !== "upload_required") {
+        continue;
+      }
+      const blob = uniqueBlobs.get(upload.contentHash);
+      if (!blob) {
+        throw new Error(`Upload session referenced unknown source blob ${upload.contentHash}.`);
+      }
+      if (!upload.uploadTarget) {
+        throw new Error(`Upload target missing for source blob ${upload.contentHash}.`);
+      }
+      try {
+        await uploadSourceBlob(upload.uploadTarget, blob.content);
+        if (!await confirmSourceBlobAlreadyExists({ requestUploadSession, blob })) {
+          throw new Error(`Source blob ${blob.contentHash} was uploaded but not registered.`);
+        }
+      } catch (error2) {
+        if (isDuplicateDirectUploadError(error2) && await confirmSourceBlobAlreadyExists({ requestUploadSession, blob })) {
+          continue;
+        }
+        throw error2;
+      }
+    }
   }
-};
-function characterFormat(str) {
-  return str.replace(/`([^`]+)`/gm, (_2, m) => colors.cyan(m)).replace(/\s+_([^_]+)_\s+/gm, (_2, m) => ` ${colors.underline(m)} `);
-}
-function getColor2(color = "white") {
-  return colors[color] || colors.white;
-}
-function getBgColor(color = "bgWhite") {
-  return colors[`bg${color[0].toUpperCase()}${color.slice(1)}`] || colors.bgWhite;
 }
-function createConsola2(options = {}) {
-  let level = _getDefaultLogLevel();
-  if (process.env.CONSOLA_LEVEL) {
-    level = Number.parseInt(process.env.CONSOLA_LEVEL) ?? level;
-  }
-  const consola2 = createConsola({
-    level,
-    defaults: { level },
-    stdout: process.stdout,
-    stderr: process.stderr,
-    prompt: (...args) => import("./prompt-GMZABCJC.js").then((m) => m.prompt(...args)),
-    reporters: options.reporters || [
-      options.fancy ?? !(T || R) ? new FancyReporter() : new BasicReporter()
-    ],
-    ...options
+function chunkSourceBlobs(blobs, batchSize) {
+  const chunks = [];
+  for (let index = 0; index < blobs.length; index += batchSize) {
+    chunks.push(blobs.slice(index, index + batchSize));
+  }
+  return chunks;
+}
+async function uploadProjectSourceBlobs(options) {
+  const { projectId, blobs } = options;
+  return uploadSourceBlobs({
+    blobs,
+    requestUploadSession: (uploadBlobs) => createProjectSourceBlobUploadSession({
+      path: { projectId },
+      body: { blobs: uploadBlobs }
+    })
   });
-  return consola2;
 }
-function _getDefaultLogLevel() {
-  if (g) {
-    return LogLevels.debug;
+
+// src/services/api/source-revisions-api.ts
+var SOURCE_BLOB_UPLOAD_BATCH_SIZE = 20;
+async function uploadProjectSourceBlobsSdk(projectId, blobs) {
+  try {
+    for (const batch of chunkSourceBlobs2(blobs)) {
+      await uploadProjectSourceBlobs({ projectId, blobs: batch });
+    }
+  } catch (error) {
+    if (error instanceof SourceBlobSessionRequestError) {
+      throw toDreamboardApiError(
+        error.apiError,
+        error.response,
+        error.message
+      );
+    }
+    throw error;
   }
-  if (R) {
-    return LogLevels.warn;
+}
+function chunkSourceBlobs2(blobs) {
+  const chunks = [];
+  for (let index = 0; index < blobs.length; index += SOURCE_BLOB_UPLOAD_BATCH_SIZE) {
+    chunks.push(blobs.slice(index, index + SOURCE_BLOB_UPLOAD_BATCH_SIZE));
   }
-  return LogLevels.info;
+  return chunks;
 }
-var consola = createConsola2();
-
-// src/commands/clone.ts
-import path5 from "path";
 
 // src/services/project/static-scaffold.ts
 import { existsSync, readFileSync } from "fs";
@@ -2208,24 +3063,12 @@ async function getDynamicStaticEntries(projectRoot, mode, options = {}) {
   }
   return entries;
 }
-async function readProjectLocalMaintainerRegistry(projectRoot) {
-  const projectConfigPath = path.join(
-    projectRoot,
-    PROJECT_DIR_NAME,
-    PROJECT_CONFIG_FILE
-  );
-  if (!await exists(projectConfigPath)) {
-    return null;
-  }
-  const projectConfig = await loadProjectConfig(projectRoot);
-  return projectConfig.localMaintainerRegistry ?? null;
-}
 async function getExpectedStaticEntries(projectRoot) {
   const entries = [
-    ...await getStaticAssetEntries(),
-    ...await getDynamicStaticEntries(projectRoot, "update", {
-      localMaintainerRegistry: await readProjectLocalMaintainerRegistry(projectRoot)
-    })
+    ...(await getStaticAssetEntries()).filter(
+      (entry) => entry.targetPath !== ".npmrc"
+    ),
+    ...await getDynamicStaticEntries(projectRoot, "update")
   ];
   entries.sort(
     (left, right) => left.targetPath.localeCompare(right.targetPath)
@@ -2406,8 +3249,8 @@ import { unlink as unlink2 } from "fs/promises";
 import path3 from "path";
 
 // src/services/project/workspace-dependencies.ts
-import crypto from "crypto";
-import { spawn } from "child_process";
+import crypto3 from "crypto";
+import { spawn as spawn2 } from "child_process";
 import "events";
 import { existsSync as existsSync2 } from "fs";
 import { mkdir, lstat, readFile as readFile2, rm as rm2, writeFile } from "fs/promises";
@@ -2666,7 +3509,7 @@ async function readRepoPackageManager() {
   return hasExactPnpmVersion(packageManager) ? packageManager : DEFAULT_PACKAGE_MANAGER;
 }
 function fingerprintContent(parts) {
-  return crypto.createHash("sha256").update(parts.join("\n---\n")).digest("hex");
+  return crypto3.createHash("sha256").update(parts.join("\n---\n")).digest("hex");
 }
 function resolvePnpmInstallInvocation(installArgs) {
   const corepackPath = path2.join(path2.dirname(process.execPath), "corepack");
@@ -2684,7 +3527,7 @@ async function runPackageManagerCommand(projectRoot, command) {
 }
 async function runLockfileCommand(projectRoot, command) {
   await new Promise((resolve, reject) => {
-    const child = spawn(command.binary, command.args, {
+    const child = spawn2(command.binary, command.args, {
       cwd: projectRoot,
       env: process.env,
       stdio: ["ignore", "pipe", "pipe"]
@@ -3003,7 +3846,7 @@ function buildRemoteAlignedSnapshotFiles(options) {
 }
 
 // src/services/project/local-maintainer-registry.ts
-import { spawn as spawn2 } from "child_process";
+import { spawn as spawn3 } from "child_process";
 import { existsSync as existsSync3, readFileSync as readFileSync2 } from "fs";
 import path4 from "path";
 import { fileURLToPath as fileURLToPath3 } from "url";
@@ -3122,7 +3965,7 @@ function parseJsonPayload(output) {
 async function runLocalMaintainerScript(args) {
   const invocation = getScriptInvocation();
   return new Promise((resolve, reject) => {
-    const child = spawn2(invocation.command, [...invocation.args, ...args], {
+    const child = spawn3(invocation.command, [...invocation.args, ...args], {
       cwd: invocation.cwd,
       stdio: ["ignore", "pipe", "pipe"],
       env: process.env
@@ -3333,6 +4176,10 @@ async function buildSourceDependencyProfile(options) {
 }
 async function assertCompilerPortableDependencies(options) {
   const packageJson = await readProjectPackageJson(options.projectRoot);
+  const legacyProblems = collectLegacyDreamboardSpecifiers(packageJson);
+  if (legacyProblems.length > 0) {
+    throwLegacyDreamboardPackageError(legacyProblems);
+  }
   const problems = collectUnportableDreamboardSpecifiers(packageJson);
   if (problems.length > 0) {
     const details = problems.map(
@@ -3342,7 +4189,7 @@ async function assertCompilerPortableDependencies(options) {
       [
         "Compiler-bound workspaces must install Dreamboard packages from a registry.",
         `Found unportable Dreamboard dependency specifier(s): ${details}.`,
-        "Run `dreamboard sync` from a workspace that uses registry-pinned @dreamboard/* and dreamboard versions before compiling."
+        "Run `dreamboard sync` from a workspace that uses registry-pinned @dreamboard-games/* and dreamboard versions before compiling."
       ].join(" ")
     );
   }
@@ -3358,6 +4205,11 @@ async function assertCompilerPortableDependencies(options) {
   return profile;
 }
 async function assertReleaseEnvironmentPortableDependencies(options) {
+  const packageJson = await readProjectPackageJson(options.projectRoot);
+  const legacyProblems = collectLegacyDreamboardSpecifiers(packageJson);
+  if (legacyProblems.length > 0) {
+    throwLegacyDreamboardPackageError(legacyProblems);
+  }
   const profile = await buildSourceDependencyProfile(options);
   if (!isReleaseEnvironment(options.environment)) {
     return profile;
@@ -3391,7 +4243,7 @@ function collectDreamboardPackageSpecifiers(packageJson) {
     const dependencies = packageJson[field];
     if (!dependencies) continue;
     for (const [packageName, specifier] of Object.entries(dependencies)) {
-      if (isDreamboardPackage(packageName)) {
+      if (isPortableDreamboardPackage(packageName)) {
         packages[packageName] = specifier;
       }
     }
@@ -3399,7 +4251,7 @@ function collectDreamboardPackageSpecifiers(packageJson) {
   const overrides = packageJson.pnpm?.overrides;
   if (overrides) {
     for (const [packageName, specifier] of Object.entries(overrides)) {
-      if (isDreamboardPackage(packageName) && typeof specifier === "string" && packages[packageName] === void 0) {
+      if (isPortableDreamboardPackage(packageName) && typeof specifier === "string" && packages[packageName] === void 0) {
         packages[packageName] = specifier;
       }
     }
@@ -3412,7 +4264,7 @@ function collectUnportableDreamboardSpecifiers(packageJson) {
     const dependencies = packageJson[field];
     if (!dependencies) continue;
     for (const [packageName, specifier] of Object.entries(dependencies)) {
-      if (isDreamboardPackage(packageName) && UNPORTABLE_SPECIFIER_PATTERN.test(specifier)) {
+      if (isPortableDreamboardPackage(packageName) && UNPORTABLE_SPECIFIER_PATTERN.test(specifier)) {
         problems.push({ location: field, packageName, specifier });
       }
     }
@@ -3420,7 +4272,7 @@ function collectUnportableDreamboardSpecifiers(packageJson) {
   const overrides = packageJson.pnpm?.overrides;
   if (overrides) {
     for (const [packageName, specifier] of Object.entries(overrides)) {
-      if (isDreamboardPackage(packageName) && typeof specifier === "string" && UNPORTABLE_SPECIFIER_PATTERN.test(specifier)) {
+      if (isPortableDreamboardPackage(packageName) && typeof specifier === "string" && UNPORTABLE_SPECIFIER_PATTERN.test(specifier)) {
         problems.push({
           location: "pnpm.overrides",
           packageName,
@@ -3431,8 +4283,42 @@ function collectUnportableDreamboardSpecifiers(packageJson) {
   }
   return problems;
 }
-function isDreamboardPackage(packageName) {
-  return packageName === "dreamboard" || packageName.startsWith("@dreamboard/") || packageName.startsWith("@dreamboard-games/");
+function collectLegacyDreamboardSpecifiers(packageJson) {
+  const problems = [];
+  for (const field of DEPENDENCY_FIELDS) {
+    const dependencies = packageJson[field];
+    if (!dependencies) continue;
+    for (const packageName of Object.keys(dependencies)) {
+      if (isLegacyDreamboardPackage(packageName)) {
+        problems.push({ location: field, packageName });
+      }
+    }
+  }
+  const overrides = packageJson.pnpm?.overrides;
+  if (overrides) {
+    for (const packageName of Object.keys(overrides)) {
+      if (isLegacyDreamboardPackage(packageName)) {
+        problems.push({ location: "pnpm.overrides", packageName });
+      }
+    }
+  }
+  return problems;
+}
+function throwLegacyDreamboardPackageError(problems) {
+  const details = problems.map((problem) => `${problem.location} ${problem.packageName}`).join("; ");
+  throw new Error(
+    [
+      "Legacy @dreamboard/* package dependencies are no longer supported in compiler-bound workspaces.",
+      `Found ${details}.`,
+      "Repin to the public @dreamboard-games/* packages and rerun the command."
+    ].join(" ")
+  );
+}
+function isPortableDreamboardPackage(packageName) {
+  return packageName === "dreamboard" || packageName.startsWith("@dreamboard-games/");
+}
+function isLegacyDreamboardPackage(packageName) {
+  return packageName.startsWith("@dreamboard/");
 }
 function isReleaseEnvironment(environment) {
   return environment === "staging" || environment === "prod";
@@ -3458,7 +4344,7 @@ async function readDreamboardRegistryFromNpmrc(projectRoot) {
 }
 
 // src/services/project/local-typecheck.ts
-import { spawn as spawn3 } from "child_process";
+import { spawn as spawn4 } from "child_process";
 import { lstat as lstat2 } from "fs/promises";
 import { createRequire } from "module";
 import path7 from "path";
@@ -3512,7 +4398,7 @@ async function resolveTypecheckRunner(projectRoot) {
     };
   }
   const globalTscAvailable = await new Promise((resolve) => {
-    const child = spawn3("tsc", ["--version"], {
+    const child = spawn4("tsc", ["--version"], {
       env: process.env,
       stdio: "ignore"
     });
@@ -3533,7 +4419,7 @@ async function resolveTypecheckRunner(projectRoot) {
 }
 async function runTypecheckProject(runner, projectRoot, projectPath) {
   return new Promise((resolve, reject) => {
-    const child = spawn3(
+    const child = spawn4(
       runner.command,
       [...runner.argsPrefix, "--noEmit", "-p", projectPath],
       {
@@ -4052,166 +4938,6 @@ async function resolvePlayerCount(projectRoot, flags) {
   return Math.max(1, Math.floor(minPlayers));
 }
 
-// src/auth/auth-server.ts
-import {
-  createServer
-} from "http";
-import { spawn as spawn4 } from "child_process";
-var DEFAULT_OAUTH_CALLBACK_PORT = 49371;
-async function startOAuthCallbackServer(state, timeoutMs) {
-  let resolveCode;
-  let rejectCode;
-  const waitForCode = new Promise((resolve, reject) => {
-    resolveCode = resolve;
-    rejectCode = reject;
-  });
-  const portCandidate = resolveOAuthCallbackPort();
-  const server = createServer(
-    async (request, response) => {
-      try {
-        const requestUrl = new URL(request.url ?? "/", "http://127.0.0.1");
-        if (request.method === "GET" && requestUrl.pathname === "/oauth/callback") {
-          const receivedState = requestUrl.searchParams.get("state");
-          const code = requestUrl.searchParams.get("code");
-          const error = requestUrl.searchParams.get("error");
-          if (error) {
-            throw new Error(`Clerk OAuth returned ${error}.`);
-          }
-          if (!code || receivedState !== state) {
-            writeCorsResponse(request, response, 400, "Invalid OAuth callback");
-            return;
-          }
-          resolveCode({ code });
-          response.once("finish", () => server.close());
-          writeHtmlResponse(
-            response,
-            200,
-            "Dreamboard CLI login complete. You can return to your terminal."
-          );
-          return;
-        }
-        writeHtmlResponse(
-          response,
-          200,
-          "Dreamboard CLI OAuth callback server"
-        );
-      } catch (error) {
-        rejectCode(
-          error instanceof Error ? error : new Error("Failed to handle OAuth callback.")
-        );
-        writeHtmlResponse(response, 500, "Dreamboard CLI login failed.");
-      }
-    }
-  );
-  try {
-    await new Promise((resolve, reject) => {
-      server.once("error", reject);
-      server.listen(portCandidate, "127.0.0.1", () => {
-        server.off("error", reject);
-        resolve();
-      });
-    });
-  } catch (error) {
-    const portError = error instanceof Error ? error : new Error("Failed to start OAuth callback server");
-    const configuredByEnv = Boolean(
-      process.env.DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT
-    );
-    const message = configuredByEnv ? `Failed to start OAuth callback server on configured port ${portCandidate}.` : `Failed to start OAuth callback server on port ${portCandidate}. Register this loopback redirect URI with Clerk and keep the port available, or set DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT.`;
-    const wrapped = new Error(`${message} ${portError.message}`);
-    server.close();
-    rejectCode(wrapped);
-    throw wrapped;
-  }
-  if (!server.listening) {
-    const error = new Error("Failed to start OAuth callback server.");
-    rejectCode(error);
-    throw error;
-  }
-  const timer = setTimeout(() => {
-    rejectCode(new Error("Login timed out."));
-    server?.close();
-  }, timeoutMs);
-  waitForCode.finally(() => clearTimeout(timer));
-  const port = portCandidateFromServer(server);
-  return {
-    port,
-    redirectUri: `http://127.0.0.1:${port}/oauth/callback`,
-    waitForCode,
-    close: () => server?.close()
-  };
-}
-function resolveOAuthCallbackPort() {
-  const rawPort = process.env.DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT?.trim();
-  if (!rawPort) {
-    return DEFAULT_OAUTH_CALLBACK_PORT;
-  }
-  const port = Number(rawPort);
-  if (!Number.isInteger(port) || port < 1 || port > 65535) {
-    throw new Error(
-      `Invalid DREAMBOARD_CLERK_OAUTH_REDIRECT_PORT '${rawPort}'. Expected a TCP port from 1 to 65535.`
-    );
-  }
-  return port;
-}
-function portCandidateFromServer(server) {
-  const address = server.address();
-  if (!address || typeof address === "string") {
-    throw new Error("Auth callback server did not expose a bound port.");
-  }
-  return address.port;
-}
-function writeCorsResponse(request, response, statusCode, body) {
-  const origin = request.headers.origin ?? "*";
-  response.writeHead(statusCode, {
-    "Access-Control-Allow-Origin": origin,
-    "Access-Control-Allow-Methods": "POST, OPTIONS",
-    "Access-Control-Allow-Headers": "Content-Type",
-    "Content-Type": "text/plain; charset=utf-8"
-  });
-  response.end(body);
-}
-function writeHtmlResponse(response, statusCode, body) {
-  response.writeHead(statusCode, {
-    "Content-Type": "text/html; charset=utf-8"
-  });
-  response.end(
-    `<!doctype html><meta charset="utf-8"><title>Dreamboard CLI</title><p>${escapeHtml(body)}</p>`
-  );
-}
-function escapeHtml(value) {
-  return value.replace(/[&<>"']/g, (char) => {
-    switch (char) {
-      case "&":
-        return "&amp;";
-      case "<":
-        return "&lt;";
-      case ">":
-        return "&gt;";
-      case '"':
-        return "&quot;";
-      default:
-        return "&#39;";
-    }
-  });
-}
-function openBrowser(url) {
-  const platform2 = process.platform;
-  let command;
-  if (platform2 === "darwin") {
-    command = ["open", url];
-  } else if (platform2 === "win32") {
-    command = ["cmd", "/c", "start", "", url];
-  } else {
-    command = ["xdg-open", url];
-  }
-  const [commandName, ...commandArgs] = command;
-  const child = spawn4(commandName, commandArgs, {
-    stdio: "ignore",
-    detached: true
-  });
-  child.unref();
-}
-
 // src/dev-host/start-dev-server.ts
 import { rmSync } from "fs";
 import { createRequire as createRequire3 } from "module";
@@ -5329,6 +6055,9 @@ async function assertReducerContractPreflight(projectRoot) {
 
 // src/services/project/reducer-bundle-preflight.ts
 import path13 from "path";
+import { isPerPlayer, perPlayerSchema } from "@dreamboard-games/sdk/reducer";
+import "@dreamboard-games/sdk/reducer-contract";
+import { materializeManifestTable } from "@dreamboard-games/sdk/codegen";
 globalThis.__DREAMBOARD_AUTHORING_WARNINGS__ = true;
 var REDUCER_BUNDLE_ENTRY_PATH = path13.join("app", "index.ts");
 var PREFLIGHT_RNG_SEED = 1337;
@@ -5574,7 +6303,7 @@ function isSourceRevisionPath(filePath) {
   return filePath !== RULE_FILE && isAllowedGamePath(filePath);
 }
 function shouldAlwaysUpsertSourcePath(filePath) {
-  return filePath === ".npmrc" || isAuthoritativeGeneratedPath(filePath);
+  return filePath === ".npmrc" || isDynamicGeneratedPath(filePath);
 }
 
 // src/commands/dev.ts
@@ -6149,12 +6878,12 @@ async function readWorkspacePackageJson(projectRoot) {
     return {
       dependencies: Object.fromEntries(
         Object.entries(parsed.dependencies ?? {}).filter(
-          ([name]) => name.startsWith("@dreamboard/")
+          ([name]) => isDreamboardPublicPackage(name)
         )
       ),
       devDependencies: Object.fromEntries(
         Object.entries(parsed.devDependencies ?? {}).filter(
-          ([name]) => name.startsWith("@dreamboard/")
+          ([name]) => isDreamboardPublicPackage(name)
         )
       )
     };
@@ -6162,6 +6891,9 @@ async function readWorkspacePackageJson(projectRoot) {
     return null;
   }
 }
+function isDreamboardPublicPackage(packageName) {
+  return packageName === "dreamboard" || packageName.startsWith("@dreamboard-games/");
+}
 function stableJson(value) {
   if (value === null || typeof value !== "object") {
     return JSON.stringify(value);
@@ -7291,7 +8023,7 @@ async function assertKnownPlayerId(sessionId, playerId) {
 }
 
 // src/commands/login.ts
-import crypto2 from "crypto";
+import crypto4 from "crypto";
 var login_default = defineCommand({
   meta: {
     name: "login",
@@ -7317,7 +8049,7 @@ var login_default = defineCommand({
       void 0,
       storedSession
     );
-    const state = crypto2.randomUUID();
+    const state = crypto4.randomUUID();
     const pkce = createPkcePair();
     const server = await startOAuthCallbackServer(
       state,
@@ -8468,6 +9200,6 @@ function runDreamboardCli(internalSubCommands = {}) {
   void runMain(main).catch(handleFatalError);
 }
 
-// src/index.published.ts
-runDreamboardCli();
+// src/index.ts
+runDreamboardCli({ query: query_default, auth: auth_default });
 //# sourceMappingURL=index.js.map