npm - @iksdev/shard-cli - Versions diffs - 0.1.5 → 0.1.7 - Mend

@iksdev/shard-cli 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/bin/shard.js CHANGED Viewed

@@ -1,791 +1,920 @@
-#!/usr/bin/env node
-/* eslint-disable no-console */
+#!/usr/bin/env node
+/* eslint-disable no-console */
 const fs = require('fs');
 const fsp = require('fs/promises');
 const os = require('os');
 const path = require('path');
+const http = require('http');
+const crypto = require('crypto');
 const { Readable } = require('stream');
 const { pipeline } = require('stream/promises');
-const CONFIG_DIR = path.join(os.homedir(), '.shard-cli');
-const CONFIG_PATH = path.join(CONFIG_DIR, 'config.json');
-const STATE_FILE = '.shard-sync-state.json';
-const DEFAULT_SERVER = 'http://localhost:3000';
-const IGNORED_DIRS = new Set(['.git', 'node_modules']);
-function printHelp() {
-  console.log(`Shard CLI
-Usage:
-  shard login --username <name> --password <pass> [--server <url>]
-  shard whoami [--server <url>]
-  shard sync <folder> [--server <url>] [--dry-run] [--force] [--once] [--interval-ms <n>]
-  shard share <file> [--server <url>] [--limits <n>] [--temps <jours>]
-  shard logout
-  shard config show
-  shard config set-server <url>
-Examples:
-  shard login --server http://localhost:3000 --username admin --password secret
-  shard sync ./MonDossier
-  shard sync ./MonDossier --once
-  shard sync ./MonDossier --dry-run
-  shard share ./MonFichier.mp4 --limits 0 --temps 0
+const CONFIG_DIR = path.join(os.homedir(), '.shard-cli');
+const CONFIG_PATH = path.join(CONFIG_DIR, 'config.json');
+const STATE_FILE = '.shard-sync-state.json';
+const DEFAULT_SERVER = 'https://shard-0ow4.onrender.com';
+const IGNORED_DIRS = new Set(['.git', 'node_modules']);
+function printHelp() {
+  console.log(`Shard CLI
+Usage:
+  shard login --username <name> --password <pass> [--server <url>]
+  shard whoami [--server <url>]
+  shard sync <folder> [--server <url>] [--dry-run] [--force] [--once] [--interval-ms <n>]
+  shard share <file> [--server <url>] [--limits <n>] [--temps <jours>] [--local --public-url <url> --port <n>]
+  shard logout
+  shard config show
+  shard config set-server <url>
+Examples:
+  shard login --server https://shard-0ow4.onrender.com --username admin --password secret
+  shard sync ./MonDossier
+  shard sync ./MonDossier --once
+  shard sync ./MonDossier --dry-run
+  shard share ./MonFichier.mp4 --local --public-url https://xxxx.trycloudflare.com --limits 0 --temps 0
 `);
 }
-function parseArgs(rawArgs) {
-  const args = [...rawArgs];
-  const command = args.shift();
-  const positionals = [];
-  const flags = {};
-  for (let i = 0; i < args.length; i += 1) {
-    const cur = args[i];
-    if (!cur.startsWith('--')) {
-      positionals.push(cur);
-      continue;
-    }
-    const key = cur.slice(2);
-    const next = args[i + 1];
-    if (!next || next.startsWith('--')) {
-      flags[key] = true;
-      continue;
-    }
-    flags[key] = next;
-    i += 1;
+function parseArgs(rawArgs) {
+  const args = [...rawArgs];
+  const command = args.shift();
+  const positionals = [];
+  const flags = {};
+  for (let i = 0; i < args.length; i += 1) {
+    const cur = args[i];
+    if (!cur.startsWith('--')) {
+      positionals.push(cur);
+      continue;
+    }
+    const key = cur.slice(2);
+    const next = args[i + 1];
+    if (!next || next.startsWith('--')) {
+      flags[key] = true;
+      continue;
+    }
+    flags[key] = next;
+    i += 1;
+  }
+  return { command, positionals, flags };
+}
+function normalizeServer(input) {
+  const raw = String(input || '').trim();
+  if (!raw) return DEFAULT_SERVER;
+  return raw.replace(/\/+$/, '');
+}
+async function ensureConfigDir() {
+  await fsp.mkdir(CONFIG_DIR, { recursive: true });
+}
+async function readConfig() {
+  try {
+    const raw = await fsp.readFile(CONFIG_PATH, 'utf8');
+    const parsed = JSON.parse(raw);
+    return {
+      server: normalizeServer(parsed.server || DEFAULT_SERVER),
+      token: parsed.token || ''
+    };
+  } catch {
+    return { server: DEFAULT_SERVER, token: '' };
+  }
+}
+async function writeConfig(config) {
+  await ensureConfigDir();
+  const payload = {
+    server: normalizeServer(config.server || DEFAULT_SERVER),
+    token: config.token || ''
+  };
+  await fsp.writeFile(CONFIG_PATH, JSON.stringify(payload, null, 2), 'utf8');
+}
+function getServer(flags, config) {
+  return normalizeServer(flags.server || process.env.SHARD_SERVER || config.server || DEFAULT_SERVER);
+}
+function getToken(config) {
+  return process.env.SHARD_TOKEN || config.token || '';
+}
+async function httpJson(url, options = {}) {
+  const res = await fetch(url, options);
+  const data = await res.json().catch(() => ({}));
+  if (!res.ok) {
+    const err = new Error(data.message || data.error || `HTTP ${res.status}`);
+    err.status = res.status;
+    err.data = data;
+    throw err;
+  }
+  return data;
+}
+async function login(flags) {
+  const username = flags.username;
+  const password = flags.password;
+  if (!username || !password) {
+    throw new Error('Usage: shard login --username <name> --password <pass> [--server <url>]');
+  }
+  const config = await readConfig();
+  const server = getServer(flags, config);
+  const data = await httpJson(`${server}/api/auth/login`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ username, password })
+  });
+  if (!data.token) {
+    throw new Error('Connexion réussie mais token manquant.');
+  }
+  await writeConfig({ server, token: data.token });
+  console.log(`Connecte a ${server}`);
+  if (data.user?.username) {
+    console.log(`Utilisateur: ${data.user.username}`);
+  }
+}
+async function whoami(flags) {
+  const config = await readConfig();
+  const server = getServer(flags, config);
+  const token = getToken(config);
+  if (!token) {
+    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
+  }
+  const data = await httpJson(`${server}/api/auth/verify`, {
+    method: 'POST',
+    headers: { Authorization: `Bearer ${token}` }
+  });
+  const user = data.user || {};
+  console.log(`Server: ${server}`);
+  console.log(`User: ${user.username || user.userId || 'inconnu'}`);
+  if (user.email) console.log(`Email: ${user.email}`);
+}
+async function logout() {
+  const config = await readConfig();
+  await writeConfig({ ...config, token: '' });
+  console.log('Token supprime.');
+}
+async function showConfig() {
+  const config = await readConfig();
+  console.log(JSON.stringify({
+    server: config.server,
+    hasToken: Boolean(config.token)
+  }, null, 2));
+}
+async function setServer(positionals) {
+  const url = positionals[0];
+  if (!url) {
+    throw new Error('Usage: shard config set-server <url>');
+  }
+  const config = await readConfig();
+  await writeConfig({ ...config, server: normalizeServer(url) });
+  console.log(`Server mis a jour: ${normalizeServer(url)}`);
+}
+async function pathExists(targetPath) {
+  try {
+    await fsp.access(targetPath, fs.constants.R_OK);
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function listFilesRecursive(rootDir) {
+  const out = [];
+  async function walk(currentDir) {
+    const entries = await fsp.readdir(currentDir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.name === STATE_FILE) continue;
+      if (entry.isDirectory() && IGNORED_DIRS.has(entry.name)) continue;
+      const abs = path.join(currentDir, entry.name);
+      if (entry.isDirectory()) {
+        await walk(abs);
+        continue;
+      }
+      if (!entry.isFile()) continue;
+      const rel = path.relative(rootDir, abs).split(path.sep).join('/');
+      const stat = await fsp.stat(abs);
+      out.push({
+        absPath: abs,
+        relPath: rel,
+        size: stat.size,
+        mtimeMs: Math.round(stat.mtimeMs)
+      });
+    }
+  }
+  await walk(rootDir);
+  out.sort((a, b) => a.relPath.localeCompare(b.relPath));
+  return out;
+}
+async function readState(rootDir) {
+  const filePath = path.join(rootDir, STATE_FILE);
+  try {
+    const raw = await fsp.readFile(filePath, 'utf8');
+    const parsed = JSON.parse(raw);
+    if (!parsed || typeof parsed !== 'object') return { version: 1, files: {} };
+    return { version: 1, files: parsed.files || {} };
+  } catch {
+    return { version: 1, files: {} };
+  }
+}
+async function writeState(rootDir, state) {
+  const filePath = path.join(rootDir, STATE_FILE);
+  const payload = {
+    version: 1,
+    updatedAt: new Date().toISOString(),
+    files: state.files || {}
+  };
+  await fsp.writeFile(filePath, JSON.stringify(payload, null, 2), 'utf8');
+}
+function guessMime(filePath) {
+  const ext = path.extname(filePath).toLowerCase();
+  const map = {
+    '.txt': 'text/plain',
+    '.md': 'text/markdown',
+    '.json': 'application/json',
+    '.csv': 'text/csv',
+    '.html': 'text/html',
+    '.css': 'text/css',
+    '.js': 'text/javascript',
+    '.ts': 'text/plain',
+    '.jpg': 'image/jpeg',
+    '.jpeg': 'image/jpeg',
+    '.png': 'image/png',
+    '.gif': 'image/gif',
+    '.webp': 'image/webp',
+    '.pdf': 'application/pdf',
+    '.zip': 'application/zip'
+  };
+  return map[ext] || 'application/octet-stream';
+}
+function formatBytes(bytes) {
+  const value = Number(bytes || 0);
+  const units = ['B', 'KB', 'MB', 'GB', 'TB'];
+  let size = value;
+  let idx = 0;
+  while (size >= 1024 && idx < units.length - 1) {
+    size /= 1024;
+    idx += 1;
+  }
+  return `${size.toFixed(idx === 0 ? 0 : 2)} ${units[idx]}`;
+}
+async function uploadOneFile(server, token, file) {
+  const blob = await fs.openAsBlob(file.absPath, { type: guessMime(file.absPath) });
+  const form = new FormData();
+  // On force le nom "relatif" pour garder la notion de dossier dans l'UI/DB.
+  form.append('file', blob, file.relPath);
+  return httpJson(`${server}/api/files/upload`, {
+    method: 'POST',
+    headers: { Authorization: `Bearer ${token}` },
+    body: form
+  });
+}
+async function findRemoteFileByNameAndSize(server, token, fileName, fileSize) {
+  const data = await httpJson(`${server}/api/files?limit=100&offset=0&sort=created_at&order=desc&search=${encodeURIComponent(fileName)}`, {
+    method: 'GET',
+    headers: { Authorization: `Bearer ${token}` }
+  });
+  const rows = Array.isArray(data.files) ? data.files : [];
+  return rows.find((row) => row.original_name === fileName && Number(row.file_size || 0) === Number(fileSize || 0)) || null;
+}
+function parseOptionalPositiveInt(raw, flagName) {
+  if (raw === undefined || raw === null) return undefined;
+  const n = parseInt(String(raw), 10);
+  if (Number.isNaN(n) || n < 0) {
+    throw new Error(`${flagName} doit etre un entier >= 0`);
   }
-  return { command, positionals, flags };
+  return n;
 }
-function normalizeServer(input) {
+function normalizePublicUrl(input) {
   const raw = String(input || '').trim();
-  if (!raw) return DEFAULT_SERVER;
+  if (!raw) return '';
   return raw.replace(/\/+$/, '');
 }
-async function ensureConfigDir() {
-  await fsp.mkdir(CONFIG_DIR, { recursive: true });
-}
+function startLocalSingleFileServer({ filePath, fileName, mimeType, port, accessKey }) {
+  const safeName = encodeURIComponent(fileName);
+  const routePath = `/download/${accessKey}`;
-async function readConfig() {
-  try {
-    const raw = await fsp.readFile(CONFIG_PATH, 'utf8');
-    const parsed = JSON.parse(raw);
-    return {
-      server: normalizeServer(parsed.server || DEFAULT_SERVER),
-      token: parsed.token || ''
-    };
-  } catch {
-    return { server: DEFAULT_SERVER, token: '' };
-  }
-}
-async function writeConfig(config) {
-  await ensureConfigDir();
-  const payload = {
-    server: normalizeServer(config.server || DEFAULT_SERVER),
-    token: config.token || ''
-  };
-  await fsp.writeFile(CONFIG_PATH, JSON.stringify(payload, null, 2), 'utf8');
-}
-function getServer(flags, config) {
-  return normalizeServer(flags.server || process.env.SHARD_SERVER || config.server || DEFAULT_SERVER);
-}
-function getToken(config) {
-  return process.env.SHARD_TOKEN || config.token || '';
-}
+  const server = http.createServer((req, res) => {
+    const requestUrl = new URL(req.url || '/', 'http://127.0.0.1');
-async function httpJson(url, options = {}) {
-  const res = await fetch(url, options);
-  const data = await res.json().catch(() => ({}));
-  if (!res.ok) {
-    const err = new Error(data.message || data.error || `HTTP ${res.status}`);
-    err.status = res.status;
-    err.data = data;
-    throw err;
-  }
-  return data;
-}
-async function login(flags) {
-  const username = flags.username;
-  const password = flags.password;
-  if (!username || !password) {
-    throw new Error('Usage: shard login --username <name> --password <pass> [--server <url>]');
-  }
-  const config = await readConfig();
-  const server = getServer(flags, config);
-  const data = await httpJson(`${server}/api/auth/login`, {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json' },
-    body: JSON.stringify({ username, password })
-  });
-  if (!data.token) {
-    throw new Error('Connexion réussie mais token manquant.');
-  }
-  await writeConfig({ server, token: data.token });
-  console.log(`Connecte a ${server}`);
-  if (data.user?.username) {
-    console.log(`Utilisateur: ${data.user.username}`);
-  }
-}
-async function whoami(flags) {
-  const config = await readConfig();
-  const server = getServer(flags, config);
-  const token = getToken(config);
-  if (!token) {
-    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
-  }
-  const data = await httpJson(`${server}/api/auth/verify`, {
-    method: 'POST',
-    headers: { Authorization: `Bearer ${token}` }
-  });
-  const user = data.user || {};
-  console.log(`Server: ${server}`);
-  console.log(`User: ${user.username || user.userId || 'inconnu'}`);
-  if (user.email) console.log(`Email: ${user.email}`);
-}
-async function logout() {
-  const config = await readConfig();
-  await writeConfig({ ...config, token: '' });
-  console.log('Token supprime.');
-}
-async function showConfig() {
-  const config = await readConfig();
-  console.log(JSON.stringify({
-    server: config.server,
-    hasToken: Boolean(config.token)
-  }, null, 2));
-}
-async function setServer(positionals) {
-  const url = positionals[0];
-  if (!url) {
-    throw new Error('Usage: shard config set-server <url>');
-  }
-  const config = await readConfig();
-  await writeConfig({ ...config, server: normalizeServer(url) });
-  console.log(`Server mis a jour: ${normalizeServer(url)}`);
-}
-async function pathExists(targetPath) {
-  try {
-    await fsp.access(targetPath, fs.constants.R_OK);
-    return true;
-  } catch {
-    return false;
-  }
-}
-async function listFilesRecursive(rootDir) {
-  const out = [];
-  async function walk(currentDir) {
-    const entries = await fsp.readdir(currentDir, { withFileTypes: true });
-    for (const entry of entries) {
-      if (entry.name === STATE_FILE) continue;
-      if (entry.isDirectory() && IGNORED_DIRS.has(entry.name)) continue;
-      const abs = path.join(currentDir, entry.name);
-      if (entry.isDirectory()) {
-        await walk(abs);
-        continue;
-      }
-      if (!entry.isFile()) continue;
-      const rel = path.relative(rootDir, abs).split(path.sep).join('/');
-      const stat = await fsp.stat(abs);
-      out.push({
-        absPath: abs,
-        relPath: rel,
-        size: stat.size,
-        mtimeMs: Math.round(stat.mtimeMs)
-      });
+    if (requestUrl.pathname === '/health') {
+      res.statusCode = 200;
+      res.setHeader('Content-Type', 'application/json');
+      res.end(JSON.stringify({ ok: true, mode: 'local-share', file: fileName }));
+      return;
     }
-  }
-  await walk(rootDir);
-  out.sort((a, b) => a.relPath.localeCompare(b.relPath));
-  return out;
-}
-async function readState(rootDir) {
-  const filePath = path.join(rootDir, STATE_FILE);
-  try {
-    const raw = await fsp.readFile(filePath, 'utf8');
-    const parsed = JSON.parse(raw);
-    if (!parsed || typeof parsed !== 'object') return { version: 1, files: {} };
-    return { version: 1, files: parsed.files || {} };
-  } catch {
-    return { version: 1, files: {} };
-  }
-}
-async function writeState(rootDir, state) {
-  const filePath = path.join(rootDir, STATE_FILE);
-  const payload = {
-    version: 1,
-    updatedAt: new Date().toISOString(),
-    files: state.files || {}
-  };
-  await fsp.writeFile(filePath, JSON.stringify(payload, null, 2), 'utf8');
-}
-function guessMime(filePath) {
-  const ext = path.extname(filePath).toLowerCase();
-  const map = {
-    '.txt': 'text/plain',
-    '.md': 'text/markdown',
-    '.json': 'application/json',
-    '.csv': 'text/csv',
-    '.html': 'text/html',
-    '.css': 'text/css',
-    '.js': 'text/javascript',
-    '.ts': 'text/plain',
-    '.jpg': 'image/jpeg',
-    '.jpeg': 'image/jpeg',
-    '.png': 'image/png',
-    '.gif': 'image/gif',
-    '.webp': 'image/webp',
-    '.pdf': 'application/pdf',
-    '.zip': 'application/zip'
-  };
-  return map[ext] || 'application/octet-stream';
-}
-function formatBytes(bytes) {
-  const value = Number(bytes || 0);
-  const units = ['B', 'KB', 'MB', 'GB', 'TB'];
-  let size = value;
-  let idx = 0;
-  while (size >= 1024 && idx < units.length - 1) {
-    size /= 1024;
-    idx += 1;
-  }
-  return `${size.toFixed(idx === 0 ? 0 : 2)} ${units[idx]}`;
-}
-async function uploadOneFile(server, token, file) {
-  const blob = await fs.openAsBlob(file.absPath, { type: guessMime(file.absPath) });
-  const form = new FormData();
-  // On force le nom "relatif" pour garder la notion de dossier dans l'UI/DB.
-  form.append('file', blob, file.relPath);
+    if (requestUrl.pathname !== routePath) {
+      res.statusCode = 404;
+      res.setHeader('Content-Type', 'application/json');
+      res.end(JSON.stringify({ error: 'Not found' }));
+      return;
+    }
-  return httpJson(`${server}/api/files/upload`, {
-    method: 'POST',
-    headers: { Authorization: `Bearer ${token}` },
-    body: form
+    const stream = fs.createReadStream(filePath);
+    res.statusCode = 200;
+    res.setHeader('Content-Type', mimeType || 'application/octet-stream');
+    res.setHeader('Content-Disposition', `attachment; filename*=UTF-8''${safeName}`);
+    stream.on('error', () => {
+      if (!res.headersSent) {
+        res.statusCode = 500;
+        res.end('Read error');
+      } else {
+        res.destroy();
+      }
+    });
+    stream.pipe(res);
   });
-}
-async function findRemoteFileByNameAndSize(server, token, fileName, fileSize) {
-  const data = await httpJson(`${server}/api/files?limit=100&offset=0&sort=created_at&order=desc&search=${encodeURIComponent(fileName)}`, {
-    method: 'GET',
-    headers: { Authorization: `Bearer ${token}` }
+  return new Promise((resolve, reject) => {
+    server.once('error', reject);
+    server.listen(port, '0.0.0.0', () => {
+      server.removeListener('error', reject);
+      resolve({ server, routePath });
+    });
   });
-  const rows = Array.isArray(data.files) ? data.files : [];
-  return rows.find((row) => row.original_name === fileName && Number(row.file_size || 0) === Number(fileSize || 0)) || null;
-}
-function parseOptionalPositiveInt(raw, flagName) {
-  if (raw === undefined || raw === null) return undefined;
-  const n = parseInt(String(raw), 10);
-  if (Number.isNaN(n) || n < 0) {
-    throw new Error(`${flagName} doit etre un entier >= 0`);
-  }
-  return n;
 }
 async function shareFile(positionals, flags) {
   const target = positionals[0];
   if (!target) {
-    throw new Error('Usage: shard share <file> [--server <url>] [--limits <n>] [--temps <jours>]');
-  }
-  const absPath = path.resolve(process.cwd(), target);
-  if (!(await pathExists(absPath))) {
-    throw new Error(`Fichier introuvable: ${absPath}`);
-  }
-  const st = await fsp.stat(absPath);
-  if (!st.isFile()) {
-    throw new Error(`Ce n'est pas un fichier: ${absPath}`);
-  }
+    throw new Error('Usage: shard share <file> [--server <url>] [--limits <n>] [--temps <jours>] [--local --public-url <url> --port <n>]');
+  }
+  const absPath = path.resolve(process.cwd(), target);
+  if (!(await pathExists(absPath))) {
+    throw new Error(`Fichier introuvable: ${absPath}`);
+  }
+  const st = await fsp.stat(absPath);
+  if (!st.isFile()) {
+    throw new Error(`Ce n'est pas un fichier: ${absPath}`);
+  }
   const limits = parseOptionalPositiveInt(flags.limits, '--limits');
   const temps = parseOptionalPositiveInt(flags.temps, '--temps');
-  const config = await readConfig();
-  const server = getServer(flags, config);
-  const token = getToken(config);
-  if (!token) {
-    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
-  }
+  const localMode = Boolean(flags.local);
+  const config = await readConfig();
+  const server = getServer(flags, config);
+  const token = getToken(config);
+  if (!token) {
+    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
+  }
   await httpJson(`${server}/api/auth/verify`, {
     method: 'POST',
     headers: { Authorization: `Bearer ${token}` }
   });
   const fileName = path.basename(absPath);
-  let remote = await findRemoteFileByNameAndSize(server, token, fileName, st.size);
-  let fileId = remote?.id || null;
-  if (!fileId) {
-    console.log(`Upload necessaire: ${fileName} (${formatBytes(st.size)})`);
-    const uploaded = await uploadOneFile(server, token, {
-      absPath,
-      relPath: fileName,
-      size: st.size,
-      mtimeMs: Math.round(st.mtimeMs)
-    });
-    fileId = uploaded?.file?.id;
-    if (!fileId) {
-      throw new Error('Upload reussi mais ID fichier manquant');
-    }
-  }
-  const payload = { fileId };
-  if (limits !== undefined && limits > 0) payload.maxDownloads = limits;
-  if (temps !== undefined && temps > 0) payload.expiresInDays = temps;
-  const created = await httpJson(`${server}/api/share/create`, {
-    method: 'POST',
-    headers: {
-      Authorization: `Bearer ${token}`,
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify(payload)
-  });
-  const share = created?.share || {};
-  console.log(`Partage cree pour: ${fileName}`);
-  if (share.url) console.log(`URL: ${share.url}`);
-  if (share.token) console.log(`Token: ${share.token}`);
-  console.log(`Limite downloads: ${limits && limits > 0 ? limits : 'illimitee'}`);
-  console.log(`Expiration: ${temps && temps > 0 ? `${temps} jour(s)` : 'aucune'}`);
-}
-function fileListToMap(files) {
-  const map = new Map();
-  for (const file of files) {
-    map.set(file.relPath, file);
-  }
-  return map;
-}
-function makeFingerprint(file) {
-  return `${file.size}:${file.mtimeMs}`;
-}
-function normalizeRemoteRelPath(name) {
-  return String(name || '').replace(/\\/g, '/');
-}
-async function fetchAllRemoteFiles(server, token) {
-  const out = [];
-  const limit = 100;
-  let offset = 0;
-  while (true) {
-    const data = await httpJson(`${server}/api/files?limit=${limit}&offset=${offset}&sort=created_at&order=asc`, {
-      method: 'GET',
-      headers: { Authorization: `Bearer ${token}` }
-    });
-    const rows = Array.isArray(data.files) ? data.files : [];
-    for (const row of rows) {
-      out.push({
-        id: row.id,
-        relPath: normalizeRemoteRelPath(row.original_name),
-        size: Number(row.file_size || 0)
-      });
+  if (localMode) {
+    const publicUrl = normalizePublicUrl(flags['public-url'] || process.env.SHARD_PUBLIC_URL);
+    if (!publicUrl) {
+      throw new Error('Mode local: --public-url est requis (ou SHARD_PUBLIC_URL)');
     }
-    if (!data.pagination?.hasMore) break;
-    offset += limit;
-  }
-  return out;
-}
-async function downloadRemoteFile(server, token, remoteFile, destPath) {
-  const res = await fetch(`${server}/api/files/${remoteFile.id}/download`, {
-    method: 'GET',
-    headers: { Authorization: `Bearer ${token}` }
-  });
-  if (!res.ok) {
-    let detail = `HTTP ${res.status}`;
+    let publicUrlParsed;
     try {
-      const data = await res.json();
-      detail = data.message || data.error || detail;
+      publicUrlParsed = new URL(publicUrl);
     } catch {
-      // ignore JSON parse failures
+      throw new Error(`--public-url invalide: ${publicUrl}`);
     }
-    throw new Error(detail);
-  }
-  if (!res.body) {
-    throw new Error('Reponse de telechargement vide');
-  }
-  await fsp.mkdir(path.dirname(destPath), { recursive: true });
-  const tempPath = `${destPath}.part`;
-  const writable = fs.createWriteStream(tempPath);
-  await pipeline(Readable.fromWeb(res.body), writable);
-  await fsp.rename(tempPath, destPath);
-}
-async function pullMissingRemoteFiles(server, token, rootDir, state, localFiles, remoteFiles, dryRun) {
-  const localMap = fileListToMap(localFiles);
-  const missingRemote = remoteFiles.filter((rf) => !localMap.has(rf.relPath));
-  if (missingRemote.length === 0) return { downloaded: 0, errors: 0 };
-  console.log(`A telecharger: ${missingRemote.length}`);
-  if (dryRun) {
-    for (const rf of missingRemote.slice(0, 50)) console.log(`- ${rf.relPath} (remote)`); // eslint-disable-line no-console
-    if (missingRemote.length > 50) console.log(`... +${missingRemote.length - 50} autres`);
-    return { downloaded: 0, errors: 0 };
-  }
-  let downloaded = 0;
-  let errors = 0;
-  for (let i = 0; i < missingRemote.length; i += 1) {
-    const rf = missingRemote[i];
-    const label = `[DOWN ${i + 1}/${missingRemote.length}]`;
-    try {
-      const absPath = path.join(rootDir, ...rf.relPath.split('/'));
-      console.log(`${label} GET ${rf.relPath} (${formatBytes(rf.size)})`);
-      await downloadRemoteFile(server, token, rf, absPath);
-      const st = await fsp.stat(absPath);
-      state.files[rf.relPath] = {
-        size: st.size,
-        mtimeMs: Math.round(st.mtimeMs),
-        uploadedAt: new Date().toISOString(),
-        remoteId: rf.id
-      };
-      downloaded += 1;
-      console.log(`${label} OK ${rf.relPath}`);
-    } catch (error) {
-      errors += 1;
-      console.error(`${label} FAIL ${rf.relPath} -> ${error.message}`);
+    if (!['http:', 'https:'].includes(publicUrlParsed.protocol)) {
+      throw new Error('--public-url doit etre en http(s)');
     }
-  }
-  return { downloaded, errors };
-}
-function seedStateFromRemote(state, localFiles, remoteFiles) {
-  const remoteByPath = new Map(remoteFiles.map((rf) => [rf.relPath, rf]));
-  for (const lf of localFiles) {
-    if (state.files[lf.relPath]) continue;
-    const remote = remoteByPath.get(lf.relPath);
-    if (!remote) continue;
-    if (Number(remote.size) !== Number(lf.size)) continue;
-    state.files[lf.relPath] = {
-      size: lf.size,
-      mtimeMs: lf.mtimeMs,
-      uploadedAt: new Date().toISOString(),
-      remoteId: remote.id
-    };
-  }
-}
-async function deleteRemoteFile(server, token, remoteId) {
-  return httpJson(`${server}/api/files/${remoteId}`, {
-    method: 'DELETE',
-    headers: { Authorization: `Bearer ${token}` }
-  });
-}
-async function renameRemoteFile(server, token, remoteId, newName) {
-  return httpJson(`${server}/api/files/${remoteId}/rename`, {
-    method: 'PATCH',
-    headers: {
-      Authorization: `Bearer ${token}`,
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify({ newName })
-  });
-}
-function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}
-async function mirrorRealtime(server, token, rootDir, state, intervalMs) {
-  console.log(`Mode temps reel actif (${intervalMs} ms). Ctrl+C pour quitter.`);
-  let stopped = false;
-  const onStop = () => { stopped = true; };
-  process.on('SIGINT', onStop);
-  process.on('SIGTERM', onStop);
-  let previousFiles = await listFilesRecursive(rootDir);
-  let previousMap = fileListToMap(previousFiles);
-  while (!stopped) {
-    await sleep(intervalMs);
-    if (stopped) break;
-    let currentFiles;
+    const port = Math.max(parseInt(flags.port || process.env.SHARD_LOCAL_PORT || '8787', 10) || 8787, 1);
+    const accessKey = crypto.randomBytes(18).toString('base64url');
+    const mimeType = guessMime(absPath);
+    let localServer = null;
     try {
-      currentFiles = await listFilesRecursive(rootDir);
-    } catch (error) {
-      console.error(`Watcher error: ${error.message}`);
-      continue;
-    }
-    const currentMap = fileListToMap(currentFiles);
-    const prevKeys = new Set(previousMap.keys());
-    const currKeys = new Set(currentMap.keys());
-    const removed = [...prevKeys].filter((k) => !currKeys.has(k)).map((k) => previousMap.get(k));
-    const added = [...currKeys].filter((k) => !prevKeys.has(k)).map((k) => currentMap.get(k));
-    const changed = [...currKeys]
-      .filter((k) => prevKeys.has(k))
-      .map((k) => ({ prev: previousMap.get(k), cur: currentMap.get(k) }))
-      .filter((p) => p.prev.size !== p.cur.size || p.prev.mtimeMs !== p.cur.mtimeMs)
-      .map((p) => p.cur);
-    // Detecter les renames simples (meme taille + mtime) pour appeler PATCH rename.
-    const addedByFinger = new Map();
-    for (const a of added) {
-      const key = makeFingerprint(a);
-      if (!addedByFinger.has(key)) addedByFinger.set(key, []);
-      addedByFinger.get(key).push(a);
-    }
-    const renamedPairs = [];
-    const trulyRemoved = [];
-    for (const r of removed) {
-      const matches = addedByFinger.get(makeFingerprint(r)) || [];
-      const remoteId = state.files[r.relPath]?.remoteId || null;
-      if (remoteId && matches.length > 0) {
-        const to = matches.shift();
-        renamedPairs.push({ from: r, to, remoteId });
-      } else {
-        trulyRemoved.push(r);
-      }
-    }
-    const renamedTargets = new Set(renamedPairs.map((p) => p.to.relPath));
-    const trulyAdded = added.filter((a) => !renamedTargets.has(a.relPath));
-    for (const pair of renamedPairs) {
-      try {
-        await renameRemoteFile(server, token, pair.remoteId, pair.to.relPath);
-        delete state.files[pair.from.relPath];
-        state.files[pair.to.relPath] = {
-          size: pair.to.size,
-          mtimeMs: pair.to.mtimeMs,
-          uploadedAt: new Date().toISOString(),
-          remoteId: pair.remoteId
-        };
-        console.log(`[WATCH] RENAME ${pair.from.relPath} -> ${pair.to.relPath}`);
-      } catch (error) {
-        console.error(`[WATCH] RENAME FAIL ${pair.from.relPath} -> ${pair.to.relPath}: ${error.message}`);
-      }
-    }
-    for (const file of trulyRemoved) {
-      const remoteId = state.files[file.relPath]?.remoteId || null;
-      if (!remoteId) {
-        delete state.files[file.relPath];
-        continue;
-      }
-      try {
-        await deleteRemoteFile(server, token, remoteId);
-        delete state.files[file.relPath];
-        console.log(`[WATCH] DELETE ${file.relPath}`);
-      } catch (error) {
-        console.error(`[WATCH] DELETE FAIL ${file.relPath}: ${error.message}`);
-      }
-    }
-    const uploads = [...trulyAdded, ...changed];
-    for (const file of uploads) {
-      try {
-        const result = await uploadOneFile(server, token, file);
-        state.files[file.relPath] = {
-          size: file.size,
-          mtimeMs: file.mtimeMs,
-          uploadedAt: new Date().toISOString(),
-          remoteId: result?.file?.id || state.files[file.relPath]?.remoteId || null
-        };
-        console.log(`[WATCH] UPLOAD ${file.relPath} (${formatBytes(file.size)})`);
-      } catch (error) {
-        console.error(`[WATCH] UPLOAD FAIL ${file.relPath}: ${error.message}`);
-      }
-    }
-    await writeState(rootDir, state);
-    previousFiles = currentFiles;
-    previousMap = currentMap;
-  }
-  process.off('SIGINT', onStop);
-  process.off('SIGTERM', onStop);
-}
-async function syncFolder(positionals, flags) {
-  const target = positionals[0];
-  if (!target) {
-    throw new Error('Usage: shard sync <folder> [--server <url>] [--dry-run] [--force] [--once] [--interval-ms <n>]');
-  }
-  const rootDir = path.resolve(process.cwd(), target);
-  if (!(await pathExists(rootDir))) {
-    throw new Error(`Dossier introuvable: ${rootDir}`);
-  }
-  const stat = await fsp.stat(rootDir);
-  if (!stat.isDirectory()) {
-    throw new Error(`Ce n'est pas un dossier: ${rootDir}`);
-  }
-  const config = await readConfig();
-  const server = getServer(flags, config);
-  const token = getToken(config);
-  if (!token) {
-    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
-  }
-  await httpJson(`${server}/api/auth/verify`, {
-    method: 'POST',
-    headers: { Authorization: `Bearer ${token}` }
-  });
-  const state = await readState(rootDir);
-  const force = Boolean(flags.force);
-  const dryRun = Boolean(flags['dry-run']);
-  const once = Boolean(flags.once);
-  const intervalMs = Math.max(parseInt(flags['interval-ms'] || '2000', 10) || 2000, 500);
-  const remoteFiles = await fetchAllRemoteFiles(server, token);
-  const initialLocalFiles = await listFilesRecursive(rootDir);
-  await pullMissingRemoteFiles(server, token, rootDir, state, initialLocalFiles, remoteFiles, dryRun);
-  const files = await listFilesRecursive(rootDir);
-  seedStateFromRemote(state, files, remoteFiles);
-  const changed = files.filter((f) => {
-    if (force) return true;
-    const prev = state.files[f.relPath];
-    if (!prev) return true;
-    return !(prev.size === f.size && prev.mtimeMs === f.mtimeMs);
-  });
-  const unchanged = files.length - changed.length;
-  console.log(`Server: ${server}`);
-  console.log(`Dossier: ${rootDir}`);
-  console.log(`Total: ${files.length} fichier(s)`);
-  console.log(`Distants: ${remoteFiles.length}`);
-  console.log(`A uploader: ${changed.length}`);
-  console.log(`Inchanges: ${unchanged}`);
-  if (dryRun) {
-    for (const f of changed.slice(0, 50)) console.log(`- ${f.relPath}`);
-    if (changed.length > 50) console.log(`... +${changed.length - 50} autres`);
-    return;
-  }
-  let success = 0;
-  let failed = 0;
+      localServer = await startLocalSingleFileServer({
+        filePath: absPath,
+        fileName,
+        mimeType,
+        port,
+        accessKey
+      });
-  for (let i = 0; i < changed.length; i += 1) {
-    const file = changed[i];
-    const label = `[${i + 1}/${changed.length}]`;
-    try {
-      const startedAt = Date.now();
-      console.log(`${label} UPLOAD ${file.relPath} (${formatBytes(file.size)})`);
-      const result = await uploadOneFile(server, token, file);
-      const tookSeconds = ((Date.now() - startedAt) / 1000).toFixed(1);
-      success += 1;
-      state.files[file.relPath] = {
-        size: file.size,
-        mtimeMs: file.mtimeMs,
-        uploadedAt: new Date().toISOString(),
-        remoteId: result?.file?.id || null
+      const directDownloadUrl = `${publicUrl}${localServer.routePath}`;
+      const payload = {
+        fileName,
+        fileSize: st.size,
+        mimeType,
+        downloadUrl: directDownloadUrl
       };
-      console.log(`${label} OK ${file.relPath} (${tookSeconds}s)`);
-    } catch (error) {
-      failed += 1;
-      console.error(`${label} FAIL ${file.relPath} -> ${error.message}`);
-    }
-  }
-  for (const relPath of Object.keys(state.files)) {
-    const stillThere = files.some((f) => f.relPath === relPath);
-    if (!stillThere) delete state.files[relPath];
-  }
-  await writeState(rootDir, state);
-  console.log(`Termine. Uploades: ${success}, erreurs: ${failed}`);
-  if (failed > 0) process.exitCode = 2;
-  if (!once && !dryRun) {
-    await mirrorRealtime(server, token, rootDir, state, intervalMs);
-  }
-}
-async function main() {
-  const { command, positionals, flags } = parseArgs(process.argv.slice(2));
-  if (!command || command === 'help' || command === '--help' || command === '-h') {
-    printHelp();
-    return;
-  }
-  if (command === 'login') {
-    await login(flags);
-    return;
-  }
-  if (command === 'whoami') {
-    await whoami(flags);
-    return;
-  }
-  if (command === 'logout') {
-    await logout();
-    return;
-  }
-  if (command === 'sync') {
-    await syncFolder(positionals, flags);
-    return;
-  }
-  if (command === 'share') {
-    await shareFile(positionals, flags);
-    return;
-  }
+      if (limits !== undefined && limits > 0) payload.maxDownloads = limits;
+      if (temps !== undefined && temps > 0) payload.expiresInDays = temps;
+      const created = await httpJson(`${server}/api/share/create-local`, {
+        method: 'POST',
+        headers: {
+          Authorization: `Bearer ${token}`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify(payload)
+      });
-  if (command === 'config') {
-    const sub = positionals[0];
-    if (sub === 'show') {
-      await showConfig();
-      return;
-    }
-    if (sub === 'set-server') {
-      await setServer(positionals.slice(1));
+      const share = created?.share || {};
+      console.log(`Partage local cree pour: ${fileName}`);
+      if (share.url) console.log(`URL Shard: ${share.url}`);
+      console.log(`URL agent locale: ${directDownloadUrl}`);
+      if (share.token) console.log(`Token: ${share.token}`);
+      console.log(`Agent local en ecoute sur: http://0.0.0.0:${port}${localServer.routePath}`);
+      console.log(`Limite downloads: ${limits && limits > 0 ? limits : 'illimitee'}`);
+      console.log(`Expiration: ${temps && temps > 0 ? `${temps} jour(s)` : 'aucune'}`);
+      console.log('Laisse cette commande ouverte tant que le partage doit fonctionner.');
+      const stopSignals = ['SIGINT', 'SIGTERM'];
+      await new Promise((resolve) => {
+        const stop = () => {
+          for (const sig of stopSignals) process.off(sig, stop);
+          localServer.server.close(() => resolve());
+        };
+        for (const sig of stopSignals) process.on(sig, stop);
+      });
       return;
+    } catch (error) {
+      if (localServer && localServer.server) {
+        await new Promise((resolve) => localServer.server.close(() => resolve()));
+      }
+      throw error;
     }
-    throw new Error('Usage: shard config show | shard config set-server <url>');
   }
-  throw new Error(`Commande inconnue: ${command}`);
-}
-main().catch((error) => {
-  console.error(`Erreur: ${error.message}`);
-  process.exitCode = 1;
-});
+  let remote = await findRemoteFileByNameAndSize(server, token, fileName, st.size);
+  let fileId = remote?.id || null;
+  if (!fileId) {
+    console.log(`Upload necessaire: ${fileName} (${formatBytes(st.size)})`);
+    const uploaded = await uploadOneFile(server, token, {
+      absPath,
+      relPath: fileName,
+      size: st.size,
+      mtimeMs: Math.round(st.mtimeMs)
+    });
+    fileId = uploaded?.file?.id;
+    if (!fileId) {
+      throw new Error('Upload reussi mais ID fichier manquant');
+    }
+  }
+  const payload = { fileId };
+  if (limits !== undefined && limits > 0) payload.maxDownloads = limits;
+  if (temps !== undefined && temps > 0) payload.expiresInDays = temps;
+  const created = await httpJson(`${server}/api/share/create`, {
+    method: 'POST',
+    headers: {
+      Authorization: `Bearer ${token}`,
+      'Content-Type': 'application/json'
+    },
+    body: JSON.stringify(payload)
+  });
+  const share = created?.share || {};
+  console.log(`Partage cree pour: ${fileName}`);
+  if (share.url) console.log(`URL: ${share.url}`);
+  if (share.token) console.log(`Token: ${share.token}`);
+  console.log(`Limite downloads: ${limits && limits > 0 ? limits : 'illimitee'}`);
+  console.log(`Expiration: ${temps && temps > 0 ? `${temps} jour(s)` : 'aucune'}`);
+}
+function fileListToMap(files) {
+  const map = new Map();
+  for (const file of files) {
+    map.set(file.relPath, file);
+  }
+  return map;
+}
+function makeFingerprint(file) {
+  return `${file.size}:${file.mtimeMs}`;
+}
+function normalizeRemoteRelPath(name) {
+  return String(name || '').replace(/\\/g, '/');
+}
+async function fetchAllRemoteFiles(server, token) {
+  const out = [];
+  const limit = 100;
+  let offset = 0;
+  while (true) {
+    const data = await httpJson(`${server}/api/files?limit=${limit}&offset=${offset}&sort=created_at&order=asc`, {
+      method: 'GET',
+      headers: { Authorization: `Bearer ${token}` }
+    });
+    const rows = Array.isArray(data.files) ? data.files : [];
+    for (const row of rows) {
+      out.push({
+        id: row.id,
+        relPath: normalizeRemoteRelPath(row.original_name),
+        size: Number(row.file_size || 0)
+      });
+    }
+    if (!data.pagination?.hasMore) break;
+    offset += limit;
+  }
+  return out;
+}
+async function downloadRemoteFile(server, token, remoteFile, destPath) {
+  const res = await fetch(`${server}/api/files/${remoteFile.id}/download`, {
+    method: 'GET',
+    headers: { Authorization: `Bearer ${token}` }
+  });
+  if (!res.ok) {
+    let detail = `HTTP ${res.status}`;
+    try {
+      const data = await res.json();
+      detail = data.message || data.error || detail;
+    } catch {
+      // ignore JSON parse failures
+    }
+    throw new Error(detail);
+  }
+  if (!res.body) {
+    throw new Error('Reponse de telechargement vide');
+  }
+  await fsp.mkdir(path.dirname(destPath), { recursive: true });
+  const tempPath = `${destPath}.part`;
+  const writable = fs.createWriteStream(tempPath);
+  await pipeline(Readable.fromWeb(res.body), writable);
+  await fsp.rename(tempPath, destPath);
+}
+async function pullMissingRemoteFiles(server, token, rootDir, state, localFiles, remoteFiles, dryRun) {
+  const localMap = fileListToMap(localFiles);
+  const missingRemote = remoteFiles.filter((rf) => !localMap.has(rf.relPath));
+  if (missingRemote.length === 0) return { downloaded: 0, errors: 0 };
+  console.log(`A telecharger: ${missingRemote.length}`);
+  if (dryRun) {
+    for (const rf of missingRemote.slice(0, 50)) console.log(`- ${rf.relPath} (remote)`); // eslint-disable-line no-console
+    if (missingRemote.length > 50) console.log(`... +${missingRemote.length - 50} autres`);
+    return { downloaded: 0, errors: 0 };
+  }
+  let downloaded = 0;
+  let errors = 0;
+  for (let i = 0; i < missingRemote.length; i += 1) {
+    const rf = missingRemote[i];
+    const label = `[DOWN ${i + 1}/${missingRemote.length}]`;
+    try {
+      const absPath = path.join(rootDir, ...rf.relPath.split('/'));
+      console.log(`${label} GET ${rf.relPath} (${formatBytes(rf.size)})`);
+      await downloadRemoteFile(server, token, rf, absPath);
+      const st = await fsp.stat(absPath);
+      state.files[rf.relPath] = {
+        size: st.size,
+        mtimeMs: Math.round(st.mtimeMs),
+        uploadedAt: new Date().toISOString(),
+        remoteId: rf.id
+      };
+      downloaded += 1;
+      console.log(`${label} OK ${rf.relPath}`);
+    } catch (error) {
+      errors += 1;
+      console.error(`${label} FAIL ${rf.relPath} -> ${error.message}`);
+    }
+  }
+  return { downloaded, errors };
+}
+function seedStateFromRemote(state, localFiles, remoteFiles) {
+  const remoteByPath = new Map(remoteFiles.map((rf) => [rf.relPath, rf]));
+  for (const lf of localFiles) {
+    if (state.files[lf.relPath]) continue;
+    const remote = remoteByPath.get(lf.relPath);
+    if (!remote) continue;
+    if (Number(remote.size) !== Number(lf.size)) continue;
+    state.files[lf.relPath] = {
+      size: lf.size,
+      mtimeMs: lf.mtimeMs,
+      uploadedAt: new Date().toISOString(),
+      remoteId: remote.id
+    };
+  }
+}
+async function deleteRemoteFile(server, token, remoteId) {
+  return httpJson(`${server}/api/files/${remoteId}`, {
+    method: 'DELETE',
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+async function renameRemoteFile(server, token, remoteId, newName) {
+  return httpJson(`${server}/api/files/${remoteId}/rename`, {
+    method: 'PATCH',
+    headers: {
+      Authorization: `Bearer ${token}`,
+      'Content-Type': 'application/json'
+    },
+    body: JSON.stringify({ newName })
+  });
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function mirrorRealtime(server, token, rootDir, state, intervalMs) {
+  console.log(`Mode temps reel actif (${intervalMs} ms). Ctrl+C pour quitter.`);
+  let stopped = false;
+  const onStop = () => { stopped = true; };
+  process.on('SIGINT', onStop);
+  process.on('SIGTERM', onStop);
+  let previousFiles = await listFilesRecursive(rootDir);
+  let previousMap = fileListToMap(previousFiles);
+  while (!stopped) {
+    await sleep(intervalMs);
+    if (stopped) break;
+    let currentFiles;
+    try {
+      currentFiles = await listFilesRecursive(rootDir);
+    } catch (error) {
+      console.error(`Watcher error: ${error.message}`);
+      continue;
+    }
+    const currentMap = fileListToMap(currentFiles);
+    const prevKeys = new Set(previousMap.keys());
+    const currKeys = new Set(currentMap.keys());
+    const removed = [...prevKeys].filter((k) => !currKeys.has(k)).map((k) => previousMap.get(k));
+    const added = [...currKeys].filter((k) => !prevKeys.has(k)).map((k) => currentMap.get(k));
+    const changed = [...currKeys]
+      .filter((k) => prevKeys.has(k))
+      .map((k) => ({ prev: previousMap.get(k), cur: currentMap.get(k) }))
+      .filter((p) => p.prev.size !== p.cur.size || p.prev.mtimeMs !== p.cur.mtimeMs)
+      .map((p) => p.cur);
+    // Detecter les renames simples (meme taille + mtime) pour appeler PATCH rename.
+    const addedByFinger = new Map();
+    for (const a of added) {
+      const key = makeFingerprint(a);
+      if (!addedByFinger.has(key)) addedByFinger.set(key, []);
+      addedByFinger.get(key).push(a);
+    }
+    const renamedPairs = [];
+    const trulyRemoved = [];
+    for (const r of removed) {
+      const matches = addedByFinger.get(makeFingerprint(r)) || [];
+      const remoteId = state.files[r.relPath]?.remoteId || null;
+      if (remoteId && matches.length > 0) {
+        const to = matches.shift();
+        renamedPairs.push({ from: r, to, remoteId });
+      } else {
+        trulyRemoved.push(r);
+      }
+    }
+    const renamedTargets = new Set(renamedPairs.map((p) => p.to.relPath));
+    const trulyAdded = added.filter((a) => !renamedTargets.has(a.relPath));
+    for (const pair of renamedPairs) {
+      try {
+        await renameRemoteFile(server, token, pair.remoteId, pair.to.relPath);
+        delete state.files[pair.from.relPath];
+        state.files[pair.to.relPath] = {
+          size: pair.to.size,
+          mtimeMs: pair.to.mtimeMs,
+          uploadedAt: new Date().toISOString(),
+          remoteId: pair.remoteId
+        };
+        console.log(`[WATCH] RENAME ${pair.from.relPath} -> ${pair.to.relPath}`);
+      } catch (error) {
+        console.error(`[WATCH] RENAME FAIL ${pair.from.relPath} -> ${pair.to.relPath}: ${error.message}`);
+      }
+    }
+    for (const file of trulyRemoved) {
+      const remoteId = state.files[file.relPath]?.remoteId || null;
+      if (!remoteId) {
+        delete state.files[file.relPath];
+        continue;
+      }
+      try {
+        await deleteRemoteFile(server, token, remoteId);
+        delete state.files[file.relPath];
+        console.log(`[WATCH] DELETE ${file.relPath}`);
+      } catch (error) {
+        console.error(`[WATCH] DELETE FAIL ${file.relPath}: ${error.message}`);
+      }
+    }
+    const uploads = [...trulyAdded, ...changed];
+    for (const file of uploads) {
+      try {
+        const result = await uploadOneFile(server, token, file);
+        state.files[file.relPath] = {
+          size: file.size,
+          mtimeMs: file.mtimeMs,
+          uploadedAt: new Date().toISOString(),
+          remoteId: result?.file?.id || state.files[file.relPath]?.remoteId || null
+        };
+        console.log(`[WATCH] UPLOAD ${file.relPath} (${formatBytes(file.size)})`);
+      } catch (error) {
+        console.error(`[WATCH] UPLOAD FAIL ${file.relPath}: ${error.message}`);
+      }
+    }
+    await writeState(rootDir, state);
+    previousFiles = currentFiles;
+    previousMap = currentMap;
+  }
+  process.off('SIGINT', onStop);
+  process.off('SIGTERM', onStop);
+}
+async function syncFolder(positionals, flags) {
+  const target = positionals[0];
+  if (!target) {
+    throw new Error('Usage: shard sync <folder> [--server <url>] [--dry-run] [--force] [--once] [--interval-ms <n>]');
+  }
+  const rootDir = path.resolve(process.cwd(), target);
+  if (!(await pathExists(rootDir))) {
+    throw new Error(`Dossier introuvable: ${rootDir}`);
+  }
+  const stat = await fsp.stat(rootDir);
+  if (!stat.isDirectory()) {
+    throw new Error(`Ce n'est pas un dossier: ${rootDir}`);
+  }
+  const config = await readConfig();
+  const server = getServer(flags, config);
+  const token = getToken(config);
+  if (!token) {
+    throw new Error('Non connecte. Lance: shard login --username ... --password ...');
+  }
+  await httpJson(`${server}/api/auth/verify`, {
+    method: 'POST',
+    headers: { Authorization: `Bearer ${token}` }
+  });
+  const state = await readState(rootDir);
+  const force = Boolean(flags.force);
+  const dryRun = Boolean(flags['dry-run']);
+  const once = Boolean(flags.once);
+  const intervalMs = Math.max(parseInt(flags['interval-ms'] || '2000', 10) || 2000, 500);
+  const remoteFiles = await fetchAllRemoteFiles(server, token);
+  const initialLocalFiles = await listFilesRecursive(rootDir);
+  await pullMissingRemoteFiles(server, token, rootDir, state, initialLocalFiles, remoteFiles, dryRun);
+  const files = await listFilesRecursive(rootDir);
+  seedStateFromRemote(state, files, remoteFiles);
+  const changed = files.filter((f) => {
+    if (force) return true;
+    const prev = state.files[f.relPath];
+    if (!prev) return true;
+    return !(prev.size === f.size && prev.mtimeMs === f.mtimeMs);
+  });
+  const unchanged = files.length - changed.length;
+  console.log(`Server: ${server}`);
+  console.log(`Dossier: ${rootDir}`);
+  console.log(`Total: ${files.length} fichier(s)`);
+  console.log(`Distants: ${remoteFiles.length}`);
+  console.log(`A uploader: ${changed.length}`);
+  console.log(`Inchanges: ${unchanged}`);
+  if (dryRun) {
+    for (const f of changed.slice(0, 50)) console.log(`- ${f.relPath}`);
+    if (changed.length > 50) console.log(`... +${changed.length - 50} autres`);
+    return;
+  }
+  let success = 0;
+  let failed = 0;
+  for (let i = 0; i < changed.length; i += 1) {
+    const file = changed[i];
+    const label = `[${i + 1}/${changed.length}]`;
+    try {
+      const startedAt = Date.now();
+      console.log(`${label} UPLOAD ${file.relPath} (${formatBytes(file.size)})`);
+      const result = await uploadOneFile(server, token, file);
+      const tookSeconds = ((Date.now() - startedAt) / 1000).toFixed(1);
+      success += 1;
+      state.files[file.relPath] = {
+        size: file.size,
+        mtimeMs: file.mtimeMs,
+        uploadedAt: new Date().toISOString(),
+        remoteId: result?.file?.id || null
+      };
+      console.log(`${label} OK ${file.relPath} (${tookSeconds}s)`);
+    } catch (error) {
+      failed += 1;
+      console.error(`${label} FAIL ${file.relPath} -> ${error.message}`);
+    }
+  }
+  for (const relPath of Object.keys(state.files)) {
+    const stillThere = files.some((f) => f.relPath === relPath);
+    if (!stillThere) delete state.files[relPath];
+  }
+  await writeState(rootDir, state);
+  console.log(`Termine. Uploades: ${success}, erreurs: ${failed}`);
+  if (failed > 0) process.exitCode = 2;
+  if (!once && !dryRun) {
+    await mirrorRealtime(server, token, rootDir, state, intervalMs);
+  }
+}
+async function main() {
+  const { command, positionals, flags } = parseArgs(process.argv.slice(2));
+  if (!command || command === 'help' || command === '--help' || command === '-h') {
+    printHelp();
+    return;
+  }
+  if (command === 'login') {
+    await login(flags);
+    return;
+  }
+  if (command === 'whoami') {
+    await whoami(flags);
+    return;
+  }
+  if (command === 'logout') {
+    await logout();
+    return;
+  }
+  if (command === 'sync') {
+    await syncFolder(positionals, flags);
+    return;
+  }
+  if (command === 'share') {
+    await shareFile(positionals, flags);
+    return;
+  }
+  if (command === 'config') {
+    const sub = positionals[0];
+    if (sub === 'show') {
+      await showConfig();
+      return;
+    }
+    if (sub === 'set-server') {
+      await setServer(positionals.slice(1));
+      return;
+    }
+    throw new Error('Usage: shard config show | shard config set-server <url>');
+  }
+  throw new Error(`Commande inconnue: ${command}`);
+}
+main().catch((error) => {
+  console.error(`Erreur: ${error.message}`);
+  process.exitCode = 1;
+});