npm - @kittl/cli - Versions diffs - 0.0.2 → 0.0.4-alpha.0 - Mend

@kittl/cli 0.0.2 → 0.0.4-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/dist/{chunk-XU2ZHSRY.js → chunk-7LTVG6SC.js} +2 -2
package/dist/{chunk-637YZAKM.js → chunk-FJAYC3KU.js} +2 -2
package/dist/{chunk-TK44DTSK.js → chunk-OY6OB5HM.js} +52 -8
package/dist/chunk-OY6OB5HM.js.map +1 -0
package/dist/{chunk-GJPVFQRF.js → chunk-S4KAOR7F.js} +9 -5
package/dist/chunk-S4KAOR7F.js.map +1 -0
package/dist/commands/app/init.js +43 -16
package/dist/commands/app/init.js.map +1 -1
package/dist/commands/app/release.js +3 -3
package/dist/commands/app/update.js +3 -3
package/dist/commands/app/upload.js +5 -20
package/dist/commands/app/upload.js.map +1 -1
package/dist/commands/auth/login.js +1 -1
package/dist/commands/auth/logout.js +1 -1
package/dist/commands/auth/whoami.js +2 -2
package/dist/commands/whoami.js +2 -2
package/oclif.manifest.json +196 -0
package/package.json +4 -2
package/dist/chunk-GJPVFQRF.js.map +0 -1
package/dist/chunk-TK44DTSK.js.map +0 -1
/package/dist/{chunk-XU2ZHSRY.js.map → chunk-7LTVG6SC.js.map} +0 -0
/package/dist/{chunk-637YZAKM.js.map → chunk-FJAYC3KU.js.map} +0 -0

package/dist/{chunk-XU2ZHSRY.js → chunk-7LTVG6SC.js} RENAMED Viewed

@@ -2,7 +2,7 @@ import {
   API_CONFIG,
   CLI_CONFIG,
   parseJsonObjectFromFile
-} from "./chunk-TK44DTSK.js";
+} from "./chunk-OY6OB5HM.js";
 // src/core/error.ts
 import { isAxiosError } from "axios";
@@ -140,4 +140,4 @@ export {
   readInternalConfig,
   writeInternalConfig
 };
-//# sourceMappingURL=chunk-XU2ZHSRY.js.map
+//# sourceMappingURL=chunk-7LTVG6SC.js.map

package/dist/{chunk-637YZAKM.js → chunk-FJAYC3KU.js} RENAMED Viewed

@@ -1,6 +1,6 @@
 import {
   BaseCommand
-} from "./chunk-TK44DTSK.js";
+} from "./chunk-OY6OB5HM.js";
 // src/commands/auth/whoami.ts
 import { jwtDecode } from "jwt-decode";
@@ -26,4 +26,4 @@ var AuthWhoAmI = class _AuthWhoAmI extends BaseCommand {
 export {
   AuthWhoAmI
 };
-//# sourceMappingURL=chunk-637YZAKM.js.map
+//# sourceMappingURL=chunk-FJAYC3KU.js.map

package/dist/{chunk-TK44DTSK.js → chunk-OY6OB5HM.js} RENAMED Viewed

@@ -1,6 +1,30 @@
-// src/core/utils.ts
-import { readFile } from "node:fs/promises";
+// src/core/files.ts
 import { basename } from "node:path";
+import { lookup } from "mime-types";
+import { glob } from "tinyglobby";
+function getFileNameFromPath(filePath) {
+  const leaf = basename(filePath.trim());
+  if (leaf === "" || leaf === "." || leaf === "..") {
+    return void 0;
+  }
+  return leaf;
+}
+async function listAllFilesUnderDir(rootAbs) {
+  return glob("**/*", {
+    cwd: rootAbs,
+    absolute: true,
+    onlyFiles: true,
+    dot: true,
+    followSymbolicLinks: false
+  });
+}
+function contentTypeForPath(filePath) {
+  const mime = lookup(filePath);
+  return mime === false ? "application/octet-stream" : mime;
+}
+// src/core/utils.ts
+import { mkdir, readFile, stat } from "node:fs/promises";
 function parseJsonObject(jsonText, errorContext) {
   let parsed;
   try {
@@ -19,6 +43,20 @@ async function parseJsonObjectFromFile(filePath) {
   const jsonText = await readFile(filePath, "utf8");
   return parseJsonObject(jsonText, filePath);
 }
+async function ensureDirectory(dirPath) {
+  try {
+    const s = await stat(dirPath);
+    if (!s.isDirectory()) {
+      throw new Error(`${dirPath} exists and is not a directory.`);
+    }
+  } catch (e) {
+    if (e instanceof Error && "code" in e && e.code === "ENOENT") {
+      await mkdir(dirPath, { recursive: true });
+      return;
+    }
+    throw e;
+  }
+}
 var INK_VIEW_UNMOUNT_REASON = Symbol("INK_VIEW_UNMOUNT_REASON");
 function parsePortFromEnv(envKey, defaultPort) {
   const raw = process.env[envKey];
@@ -44,11 +82,10 @@ function isSubmitKey(key) {
 }
 function resolveFileNameFromEnv(envValue, defaultFileName) {
   const raw = envValue?.trim() ?? "";
-  const name = raw === "" ? defaultFileName : basename(raw);
-  if (name === "" || name === "." || name === "..") {
+  if (raw === "") {
     return defaultFileName;
   }
-  return name;
+  return getFileNameFromPath(raw) ?? defaultFileName;
 }
 function chunkArray(items, chunkSize) {
   if (chunkSize < 1) {
@@ -64,7 +101,7 @@ function chunkArray(items, chunkSize) {
 // package.json
 var package_default = {
   name: "@kittl/cli",
-  version: "0.0.1",
+  version: "0.0.4-alpha.0",
   license: "Apache-2.0",
   private: false,
   type: "module",
@@ -83,12 +120,14 @@ var package_default = {
   },
   files: [
     "LICENSE",
+    "oclif.manifest.json",
     "bin/bootstrap.js",
     "bin/run.cmd",
     "bin/run.js",
     "dist"
   ],
   scripts: {
+    prepack: "pnpm run build",
     build: "tsup && oclif manifest",
     "build:watch": 'tsup --watch --onSuccess "oclif manifest"',
     dev: "node ./bin/dev.js",
@@ -101,7 +140,6 @@ var package_default = {
     "@oclif/core": "^4.10.2",
     axios: "^1.13.6",
     "cross-keychain": "^1.1.0",
-    tinyglobby: "^0.2.15",
     ink: "^6.8.0",
     "ink-text-input": "^6.0.0",
     "jwt-decode": "^4.0.0",
@@ -109,12 +147,14 @@ var package_default = {
     open: "^11.0.0",
     "openid-client": "^6.8.2",
     react: "catalog:",
+    tinyglobby: "^0.2.15",
     zod: "catalog:"
   },
   devDependencies: {
     "@types/mime-types": "^3.0.1",
     "@types/node": "^25.5.0",
     "@types/react": "catalog:",
+    "clean-package": "^2.2.0",
     "ink-testing-library": "^4.0.0",
     oclif: "^4.22.96",
     tsup: "catalog:",
@@ -727,7 +767,11 @@ ${envEntries.join("\n") || "(none)"}`);
 };
 export {
+  getFileNameFromPath,
+  listAllFilesUnderDir,
+  contentTypeForPath,
   parseJsonObjectFromFile,
+  ensureDirectory,
   INK_VIEW_UNMOUNT_REASON,
   isSubmitKey,
   chunkArray,
@@ -736,4 +780,4 @@ export {
   authService,
   BaseCommand
 };
-//# sourceMappingURL=chunk-TK44DTSK.js.map
+//# sourceMappingURL=chunk-OY6OB5HM.js.map

package/dist/chunk-OY6OB5HM.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/core/files.ts","../src/core/utils.ts","../package.json","../src/constants.ts","../src/services/auth.service.ts","../src/services/session-vault.service.ts","../src/core/core.command.ts","../src/services/api.service.ts","../src/ui/renderer.ts"],"sourcesContent":["import { basename } from 'node:path';\nimport { lookup } from 'mime-types';\nimport { glob } from 'tinyglobby';\n\n/**\n * Last path segment\n */\nexport function getFileNameFromPath(filePath: string): string | undefined {\n const leaf = basename(filePath.trim());\n if (leaf === '' || leaf === '.' || leaf === '..') {\n return undefined;\n }\n return leaf;\n}\n\n/**\n * All files under `rootAbs` (recursive), absolute paths.\n * Does not traverse symlinked directories.\n */\nexport async function listAllFilesUnderDir(rootAbs: string): Promise<string[]> {\n return glob('**/*', {\n cwd: rootAbs,\n absolute: true,\n onlyFiles: true,\n dot: true,\n followSymbolicLinks: false,\n });\n}\n\n/**\n * Extension-based MIME for a path or basename. Unknown fallback to `application/octet-stream` (S3-safe).\n */\nexport function contentTypeForPath(filePath: string): string {\n const mime = lookup(filePath);\n return mime === false ? 'application/octet-stream' : mime;\n}\n","import { mkdir, readFile, stat } from 'node:fs/promises';\nimport type { Key } from 'ink';\nimport { getFileNameFromPath } from './files';\n\n/**\n * Parses a JSON string into a plain object.\n */\nexport function parseJsonObject(\n jsonText: string,\n errorContext: string,\n): Record<string, unknown> {\n let parsed: unknown;\n try {\n parsed = JSON.parse(jsonText) as unknown;\n } catch {\n throw new Error(`Invalid JSON (${errorContext})`);\n }\n if (parsed === null || typeof parsed !== 'object' || Array.isArray(parsed)) {\n throw new Error(\n `JSON must be an object, not array or null (${errorContext})`,\n );\n }\n return parsed as Record<string, unknown>;\n}\n\n// Reads a file and parses its contents as a JSON object.\nexport async function parseJsonObjectFromFile(\n filePath: string,\n): Promise<Record<string, unknown>> {\n const jsonText = await readFile(filePath, 'utf8');\n return parseJsonObject(jsonText, filePath);\n}\n\n/**\n * Ensures `dirPath` exists as a directory: creates it (and parents) when\n * missing, or throws if the path exists and is not a directory.\n */\nexport async function ensureDirectory(dirPath: string): Promise<void> {\n try {\n const s = await stat(dirPath);\n if (!s.isDirectory()) {\n throw new Error(`${dirPath} exists and is not a directory.`);\n }\n } catch (e) {\n // Not `isSystemError` from `./error`: this module is imported by `constants.ts`.\n if (\n e instanceof Error &&\n 'code' in e &&\n (e as NodeJS.ErrnoException).code === 'ENOENT'\n ) {\n await mkdir(dirPath, { recursive: true });\n return;\n }\n throw e;\n }\n}\n\n// Silent UI teardown (e.g. Ink unmount). not user-initiated cancel.\nexport const INK_VIEW_UNMOUNT_REASON = Symbol('INK_VIEW_UNMOUNT_REASON');\n\n/**\n * Reads `process.env[envKey]` as a TCP port, or {@link defaultPort} when unset/blank.\n * Must be an integer in 1–65535 when set.\n */\nexport function parsePortFromEnv(envKey: string, defaultPort: number): number {\n const raw = process.env[envKey];\n const n = Number(raw?.trim() || defaultPort);\n if (!Number.isInteger(n) || n < 1 || n > 65_535) {\n throw new Error(\n `${envKey} must be an integer between 1 and 65535 (got ${JSON.stringify(raw)}).`,\n );\n }\n return n;\n}\n\n// Fixed localhost OAuth callback path for Authorization Code + PKCE.\nexport function localhostOAuthRedirectUri(port: number): string {\n return `http://localhost:${port}/callback`;\n}\n\nexport function getKittlEnvEntries(): string[] {\n return Object.entries(process.env)\n .filter(([key]) => key.startsWith('KITTL_'))\n .sort(([a], [b]) => a.localeCompare(b))\n .map(([key, value]) => `${key}=${value ?? ''}`);\n}\n\n// Enter key across terminal variants (`return` + optional `enter`).\nexport function isSubmitKey(key: Key): boolean {\n if (key.return) {\n return true;\n }\n return Boolean((key as Key & { enter?: boolean }).enter);\n}\n\n/**\n * Resolves a file name from an env value via {@link getFileNameFromPath};\n * empty or invalid values fall back to `defaultFileName`.\n */\nexport function resolveFileNameFromEnv(\n envValue: string | undefined,\n defaultFileName: string,\n): string {\n const raw = envValue?.trim() ?? '';\n if (raw === '') {\n return defaultFileName;\n }\n return getFileNameFromPath(raw) ?? defaultFileName;\n}\n\n// Split an array into consecutive slices of at most `chunkSize` items.\nexport function chunkArray<T>(items: T[], chunkSize: number): T[][] {\n if (chunkSize < 1) {\n throw new Error('chunkSize must be at least 1');\n }\n const n = Math.ceil(items.length / chunkSize);\n return Array.from({ length: n }, (_, i) =>\n items.slice(i * chunkSize, i * chunkSize + chunkSize),\n );\n}\n","{\n \"name\": \"@kittl/cli\",\n \"version\": \"0.0.4-alpha.0\",\n \"license\": \"Apache-2.0\",\n \"private\": false,\n \"type\": \"module\",\n \"engines\": {\n \"node\": \">=18\"\n },\n \"bin\": {\n \"kittl\": \"./bin/run.js\",\n \"kittl-dev\": \"./bin/dev.js\"\n },\n \"publishConfig\": {\n \"access\": \"public\",\n \"bin\": {\n \"kittl\": \"./bin/run.js\"\n }\n },\n \"files\": [\n \"LICENSE\",\n \"oclif.manifest.json\",\n \"bin/bootstrap.js\",\n \"bin/run.cmd\",\n \"bin/run.js\",\n \"dist\"\n ],\n \"scripts\": {\n \"prepack\": \"pnpm run build\",\n \"build\": \"tsup && oclif manifest\",\n \"build:watch\": \"tsup --watch --onSuccess \\\"oclif manifest\\\"\",\n \"dev\": \"node ./bin/dev.js\",\n \"dev:watch\": \"node --watch --watch-path=./src --watch-path=./bin ./bin/dev.js\",\n \"typecheck\": \"tsc --noEmit\",\n \"test\": \"vitest run\",\n \"test:watch\": \"vitest\"\n },\n \"dependencies\": {\n \"@oclif/core\": \"^4.10.2\",\n \"axios\": \"^1.13.6\",\n \"cross-keychain\": \"^1.1.0\",\n \"ink\": \"^6.8.0\",\n \"ink-text-input\": \"^6.0.0\",\n \"jwt-decode\": \"^4.0.0\",\n \"mime-types\": \"^3.0.1\",\n \"open\": \"^11.0.0\",\n \"openid-client\": \"^6.8.2\",\n \"react\": \"catalog:\",\n \"tinyglobby\": \"^0.2.15\",\n \"zod\": \"catalog:\"\n },\n \"devDependencies\": {\n \"@types/mime-types\": \"^3.0.1\",\n \"@types/node\": \"^25.5.0\",\n \"@types/react\": \"catalog:\",\n \"clean-package\": \"^2.2.0\",\n \"ink-testing-library\": \"^4.0.0\",\n \"oclif\": \"^4.22.96\",\n \"tsup\": \"catalog:\",\n \"tsx\": \"catalog:\",\n \"typescript\": \"catalog:\",\n \"vitest\": \"^4.1.1\"\n },\n \"oclif\": {\n \"bin\": \"kittl\",\n \"commands\": \"./dist/commands\",\n \"dirname\": \"kittl\",\n \"topicSeparator\": \" \"\n }\n}\n","import pkg from '../package.json' with { type: 'json' };\nimport {\n localhostOAuthRedirectUri,\n parsePortFromEnv,\n resolveFileNameFromEnv,\n} from './core/utils';\n\nconst { version } = pkg;\n\nconst CLI_CONFIG_DIR = '.kittl' as const;\nconst CLI_CONFIG_DEFAULT_FILENAME = 'config.json' as const;\nconst CLI_MANIFEST_DEFAULT_FILENAME = 'manifest.json' as const;\n\nexport const PRODUCTION = {\n issuer: 'https://keycloak.kittl.dev/auth/realms/kittl',\n apiBaseUrl: 'https://api.kittl.com',\n clientId: 'kittl-cli',\n redirectPort: 51771,\n scaffoldViteDevPort: 5173,\n} as const;\n\n// -----------------------------------------------------------------------------\n// CLI configs\n// -----------------------------------------------------------------------------\n\nexport const CLI_CONFIG = {\n configDir: CLI_CONFIG_DIR,\n defaultConfigFileName: CLI_CONFIG_DEFAULT_FILENAME,\n configFileName: resolveFileNameFromEnv(\n process.env.KITTL_CONFIG_FILENAME,\n CLI_CONFIG_DEFAULT_FILENAME,\n ),\n defaultManifestFileName: CLI_MANIFEST_DEFAULT_FILENAME,\n manifestFileName: resolveFileNameFromEnv(\n process.env.KITTL_EXTENSION_MANIFEST_FILENAME,\n CLI_MANIFEST_DEFAULT_FILENAME,\n ),\n scaffoldViteDevPort: parsePortFromEnv(\n 'KITTL_SCAFFOLD_VITE_DEV_PORT',\n PRODUCTION.scaffoldViteDevPort,\n ),\n} as const;\n\n// -----------------------------------------------------------------------------\n// OAuth / OIDC (PKCE login, keychain session)\n// -----------------------------------------------------------------------------\n\nconst authRedirectPort = parsePortFromEnv(\n 'KITTL_REDIRECT_PORT',\n PRODUCTION.redirectPort,\n);\n\nexport const AUTH_CONFIG = {\n issuer: process.env.KITTL_OAUTH_ISSUER_URL ?? PRODUCTION.issuer,\n clientId: process.env.KITTL_OAUTH_CLIENT_ID ?? PRODUCTION.clientId,\n redirectPort: authRedirectPort,\n redirectUri: localhostOAuthRedirectUri(authRedirectPort),\n scope: process.env.KITTL_OAUTH_SCOPE ?? 'openid profile email offline_access',\n // https://www.keycloak.org/docs/latest/server_admin/index.html#_authentication-sessions\n authPrompt: process.env.KITTL_OAUTH_PROMPT || 'login',\n oauthCallbackTimeoutMs: Number(\n process.env.KITTL_OAUTH_CALLBACK_TIMEOUT_MS ?? 120_000,\n ),\n /** Optional 302 after OAuth; if undefined it renders a fallback HTML. */\n oauthSuccessRedirectUrl:\n process.env.KITTL_OAUTH_SUCCESS_REDIRECT_URL || undefined,\n serviceName: 'kittl-cli',\n accountName: 'oauth-session',\n} as const;\n\n// -----------------------------------------------------------------------------\n// HTTP API (Axios base URL for Kittl APIs)\n// -----------------------------------------------------------------------------\n\nexport const API_CONFIG = {\n baseUrl: process.env.KITTL_API_BASE_URL ?? PRODUCTION.apiBaseUrl,\n timeoutMs: 30_000,\n userAgent: `kittl-cli/${version}`,\n} as const;\n","import { createServer } from 'node:http';\nimport { URL } from 'node:url';\nimport open from 'open';\nimport * as oidc from 'openid-client';\nimport { z } from 'zod';\nimport { AUTH_CONFIG } from '../constants';\nimport type { Session } from '../types/session';\nimport { sessionVault } from './session-vault.service';\n\n// Seconds before access token expiry when we proactively refresh.\nconst ACCESS_TOKEN_REFRESH_BUFFER_SEC = 60;\n\nconst OAUTH2_TOKEN_ERROR_INVALID_GRANT = 'invalid_grant';\n\nexport type LoginOptions = {\n signal?: AbortSignal;\n};\n\nexport type CallbackResult = {\n callbackUrl: URL;\n};\n\nconst authConfigSchema = z.object({\n issuer: z.url(),\n clientId: z.string().min(1),\n redirectUri: z.url(),\n redirectPort: z.number().int().min(1).max(65_535),\n scope: z.string().min(1),\n authPrompt: z.string().min(1),\n oauthCallbackTimeoutMs: z.number().int().min(5_000).max(3_600_000),\n oauthSuccessRedirectUrl: z.url().optional(),\n});\n\nexport class LoginCancelledError extends Error {\n public constructor() {\n super('Login cancelled.');\n this.name = 'LoginCancelledError';\n }\n}\n\nexport class AuthService {\n private readonly config = authConfigSchema.parse(AUTH_CONFIG);\n\n // concurrent refresh attempts are merged into a single promise\n private refreshSessionPromise: Promise<Session | null> | null = null;\n\n /**\n * raw vault read.\n */\n public async getStoredSession(): Promise<Session | null> {\n return sessionVault.getSession();\n }\n\n /**\n * ensures token freshness (by silently refresh if needed)\n */\n public async getSession(): Promise<Session | null> {\n await this.getAccessToken();\n return this.getStoredSession();\n }\n\n /**\n * Returns a usable access token, silently refreshing when `expiresAt` is within {@link ACCESS_TOKEN_REFRESH_BUFFER_SEC}\n * seconds (or in the past). based on Session.expiresAt.\n */\n public async getAccessToken(): Promise<string | undefined> {\n const session = await this.getStoredSession();\n if (!session?.accessToken) return undefined;\n\n if (!this.shouldRefreshAccessToken(session)) {\n return session.accessToken;\n }\n\n if (!session.refreshToken) {\n await sessionVault.clear();\n return undefined;\n }\n\n const refreshed = await this.refreshSession();\n return refreshed?.accessToken;\n }\n\n /**\n * Refresh tokens via the OIDC token endpoint. On hard failure (e.g. `invalid_grant`), clears the vault.\n */\n public async refreshSession(): Promise<Session | null> {\n if (this.refreshSessionPromise) {\n return this.refreshSessionPromise;\n }\n this.refreshSessionPromise = this.performRefreshSession().finally(() => {\n this.refreshSessionPromise = null;\n });\n return this.refreshSessionPromise;\n }\n\n private shouldRefreshAccessToken(session: Session): boolean {\n if (session.expiresAt === undefined) return false;\n const now = Math.floor(Date.now() / 1000);\n return session.expiresAt <= now + ACCESS_TOKEN_REFRESH_BUFFER_SEC;\n }\n\n private async performRefreshSession(): Promise<Session | null> {\n const session = await this.getStoredSession();\n if (!session?.refreshToken) {\n await sessionVault.clear();\n return null;\n }\n\n try {\n const oidcConfig = await this.discoverOidcConfiguration();\n\n const tokenSet = await oidc.refreshTokenGrant(\n oidcConfig,\n session.refreshToken,\n { scope: this.config.scope },\n undefined,\n );\n\n const newSession = this.mapTokenSetToSession(tokenSet, session);\n\n await sessionVault.saveSession(newSession);\n return newSession;\n } catch (error) {\n if (\n error instanceof oidc.ResponseBodyError &&\n error.error === OAUTH2_TOKEN_ERROR_INVALID_GRANT\n ) {\n await sessionVault.clear();\n return null;\n }\n return null;\n }\n }\n\n private async discoverOidcConfiguration(): Promise<oidc.Configuration> {\n const issuerUrl = new URL(this.config.issuer);\n return oidc.discovery(\n issuerUrl,\n this.config.clientId,\n undefined,\n undefined,\n {\n ...(issuerUrl.protocol === 'http:'\n ? { execute: [oidc.allowInsecureRequests] as const }\n : {}),\n } as Parameters<typeof oidc.discovery>[4],\n );\n }\n\n public async login(options?: LoginOptions): Promise<Session> {\n const { signal } = options ?? {};\n\n const oidcConfig = await this.discoverOidcConfiguration();\n signal?.throwIfAborted();\n\n const codeVerifier = oidc.randomPKCECodeVerifier();\n const codeChallenge = await oidc.calculatePKCECodeChallenge(codeVerifier);\n const state = oidc.randomState();\n const nonce = oidc.randomNonce();\n\n const authorizationUrl = oidc.buildAuthorizationUrl(oidcConfig, {\n redirect_uri: this.config.redirectUri,\n response_type: 'code',\n scope: this.config.scope,\n code_challenge: codeChallenge,\n code_challenge_method: 'S256',\n state,\n nonce,\n prompt: this.config.authPrompt,\n });\n\n signal?.throwIfAborted();\n await this.openBrowser(authorizationUrl.toString());\n\n const callback = await this.waitForCallback(signal);\n\n const tokenSet = await oidc.authorizationCodeGrant(\n oidcConfig,\n callback.callbackUrl,\n {\n pkceCodeVerifier: codeVerifier,\n expectedState: state,\n expectedNonce: nonce,\n },\n );\n\n const session = this.mapTokenSetToSession(tokenSet);\n\n await sessionVault.saveSession(session);\n return session;\n }\n\n public async logout(): Promise<void> {\n await sessionVault.clear();\n }\n\n /**\n * Starts a short-lived `http` server on the host/port from the configured `redirectUri` so the IdP can\n * redirect the browser to `…/callback?code=…&state=…` (Authorization Code + PKCE). The first matching request\n * stops the server and resolves with that URL for the token exchange (`authorizationCodeGrant`).\n *\n * - **Success response:** HTTP 302 to {@link AUTH_CONFIG.oauthSuccessRedirectUrl} when set; otherwise a minimal inline HTML page.\n */\n private async waitForCallback(signal?: AbortSignal): Promise<CallbackResult> {\n const redirectUrl = new URL(this.config.redirectUri);\n const hostname = redirectUrl.hostname;\n const port = Number(redirectUrl.port);\n const pathname = redirectUrl.pathname;\n\n const timeoutSignal = AbortSignal.timeout(\n this.config.oauthCallbackTimeoutMs,\n );\n const combinedSignal =\n signal !== undefined\n ? AbortSignal.any([signal, timeoutSignal])\n : timeoutSignal;\n\n return new Promise((resolve, reject) => {\n let closed = false;\n\n const server = createServer((req, res) => {\n try {\n const requestUrl = new URL(req.url ?? '', this.config.redirectUri);\n if (requestUrl.pathname !== pathname) {\n res.statusCode = 404;\n res.end('Not Found');\n return;\n }\n\n const callbackUrl = new URL(this.config.redirectUri);\n callbackUrl.search = requestUrl.search;\n\n const brandUrl = this.config.oauthSuccessRedirectUrl;\n if (brandUrl) {\n res.writeHead(302, { Location: brandUrl });\n res.end();\n } else {\n res.statusCode = 200;\n res.setHeader('content-type', 'text/html; charset=utf-8');\n res.end(\n '<!doctype html><html><body><h2>Authentication complete.</h2><p>You can close this tab and return to the terminal.</p></body></html>',\n );\n }\n\n closeServer((closeErr?: Error) => {\n if (closeErr) {\n reject(closeErr);\n return;\n }\n resolve({ callbackUrl });\n });\n } catch (error) {\n closeServer(() => reject(error));\n }\n });\n\n const closeServer = (onClosed: (closeErr?: Error) => void): void => {\n if (closed) return;\n closed = true;\n combinedSignal.removeEventListener('abort', onCombinedAbort);\n if (!server.listening) {\n onClosed();\n return;\n }\n server.closeAllConnections();\n server.close((closeErr) => {\n onClosed(closeErr ?? undefined);\n });\n };\n\n function onCombinedAbort(): void {\n closeServer((closeErr?: Error) => {\n if (closeErr) {\n reject(closeErr);\n return;\n }\n if (signal?.aborted) {\n reject(signal.reason ?? new LoginCancelledError());\n return;\n }\n if (timeoutSignal.aborted) {\n reject(new Error('Login timed out. Please try again.'));\n return;\n }\n reject(new LoginCancelledError());\n });\n }\n\n server.on('error', (error: NodeJS.ErrnoException) => {\n closeServer(() => {\n if (error.code === 'EADDRINUSE') {\n const inUsePort =\n (error as NodeJS.ErrnoException & { port?: number }).port ?? port;\n reject(\n new Error(\n `Port ${String(inUsePort)} is already in use. Close the other app using it or set KITTL_REDIRECT_PORT to a free port, then try again.`,\n ),\n );\n return;\n }\n reject(error);\n });\n });\n\n // 1. Abort before any listen: avoids a half-started server; early exit skips `listen` entirely.\n combinedSignal.addEventListener('abort', onCombinedAbort, { once: true });\n if (combinedSignal.aborted) {\n onCombinedAbort();\n return;\n }\n\n server.listen(port, hostname);\n });\n }\n\n private async openBrowser(url: string): Promise<void> {\n await open(url);\n }\n\n private mapTokenSetToSession(\n tokenSet: oidc.TokenEndpointResponse,\n currentSession?: Session,\n ): Session {\n return {\n accessToken: tokenSet.access_token,\n refreshToken: tokenSet.refresh_token ?? currentSession?.refreshToken,\n idToken: tokenSet.id_token ?? currentSession?.idToken,\n tokenType: tokenSet.token_type ?? currentSession?.tokenType,\n expiresAt: tokenSet.expires_in\n ? Math.floor(Date.now() / 1000) + tokenSet.expires_in\n : undefined,\n };\n }\n}\n\nexport const authService = new AuthService();\n","import { deletePassword, getPassword, setPassword } from 'cross-keychain';\nimport { AUTH_CONFIG } from '../constants';\nimport type { Session } from '../types/session';\n\nconst SESSION_META_VERSION = 2 as const;\n\n// suffix for split v2 accounts: `{AUTH_CONFIG.accountName}.{suffix}`.\nconst SESSION_V2_KEY_SUFFIX = {\n meta: 'meta',\n access: 'access',\n refresh: 'refresh',\n id: 'id',\n} as const;\n\ntype SessionMetaV2 = {\n v: typeof SESSION_META_VERSION;\n tokenType?: string;\n expiresAt?: number;\n};\n\n/**\n * Persists OIDC session (tokens) in the OS credential store (e.g. Keychain).\n */\nexport class SessionVault {\n private readonly keychainService = this.buildKeychainServiceName();\n private readonly keychainAccount = AUTH_CONFIG.accountName;\n\n private buildKeychainServiceName(): string {\n try {\n const issuerUrl = new URL(AUTH_CONFIG.issuer);\n const issuerKey = this.sanitizeKeychainSegment(\n `${issuerUrl.hostname}${issuerUrl.port ? `-${issuerUrl.port}` : ''}`,\n );\n return `${AUTH_CONFIG.serviceName}-${issuerKey}`;\n } catch {\n // Keep previous behavior when issuer is not a valid URL.\n return AUTH_CONFIG.serviceName;\n }\n }\n\n private sanitizeKeychainSegment(value: string): string {\n return value.replace(/[^a-zA-Z0-9._@-]/g, '-');\n }\n\n private account(suffix: string): string {\n return `${this.keychainAccount}.${suffix}`;\n }\n\n public async getSession(): Promise<Session | null> {\n const metaRaw = await getPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.meta),\n );\n\n let meta: SessionMetaV2 | null = null;\n if (metaRaw) {\n try {\n const parsed = JSON.parse(metaRaw) as SessionMetaV2;\n if (parsed.v === SESSION_META_VERSION) {\n meta = parsed;\n }\n } catch {\n meta = null;\n }\n }\n // if meta is present, read based on v2\n if (meta) {\n const accessRaw = await getPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.access),\n );\n // fallback, if not defined, to legacy monolithic read\n const accessToken = accessRaw?.trim();\n if (accessToken) {\n const refreshRaw = await getPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.refresh),\n );\n const idRaw = await getPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.id),\n );\n\n return {\n accessToken,\n refreshToken: refreshRaw ?? undefined,\n idToken: idRaw ?? undefined,\n tokenType: meta.tokenType,\n expiresAt: meta.expiresAt,\n };\n }\n }\n // read based on legacy monolithic\n const raw = await getPassword(this.keychainService, this.keychainAccount);\n if (!raw) return null;\n\n try {\n return JSON.parse(raw) as Session;\n } catch {\n return null;\n }\n }\n\n public async saveSession(session: Session): Promise<void> {\n const meta: SessionMetaV2 = {\n v: SESSION_META_VERSION,\n tokenType: session.tokenType,\n expiresAt: session.expiresAt,\n };\n\n const accessToken = session.accessToken.trim();\n await setPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.access),\n accessToken,\n );\n await this.setOrDeleteTokenAccount(\n SESSION_V2_KEY_SUFFIX.refresh,\n session.refreshToken,\n );\n await this.setOrDeleteTokenAccount(\n SESSION_V2_KEY_SUFFIX.id,\n session.idToken,\n );\n await setPassword(\n this.keychainService,\n this.account(SESSION_V2_KEY_SUFFIX.meta),\n JSON.stringify(meta),\n );\n\n await this.deleteLegacyMonolithicIfPresent();\n }\n\n // when auth omits an optional token, remove any previously stored value as well\n private async setOrDeleteTokenAccount(\n suffix:\n | typeof SESSION_V2_KEY_SUFFIX.refresh\n | typeof SESSION_V2_KEY_SUFFIX.id,\n token: string | undefined,\n ): Promise<void> {\n const acc = this.account(suffix);\n const trimmed = token?.trim();\n if (trimmed) {\n await setPassword(this.keychainService, acc, trimmed);\n return;\n }\n const existing = await getPassword(this.keychainService, acc);\n if (existing) {\n await deletePassword(this.keychainService, acc);\n }\n }\n\n // older releases stored the whole session JSON under {@link keychainAccount} only\n private async deleteLegacyMonolithicIfPresent(): Promise<void> {\n const legacy = await getPassword(\n this.keychainService,\n this.keychainAccount,\n );\n if (!legacy) return;\n try {\n await deletePassword(this.keychainService, this.keychainAccount);\n } catch {\n // ignore, best effort cleanup\n }\n }\n\n public async clear(): Promise<void> {\n const accounts = [\n ...Object.values(SESSION_V2_KEY_SUFFIX).map((suffix) =>\n this.account(suffix),\n ),\n this.keychainAccount,\n ];\n for (const account of accounts) {\n const existing = await getPassword(this.keychainService, account);\n if (existing) {\n try {\n await deletePassword(this.keychainService, account);\n } catch {\n // ignore\n }\n }\n }\n }\n}\n\nexport const sessionVault = new SessionVault();\n","import { Command } from '@oclif/core';\nimport type { AxiosInstance } from 'axios';\nimport type { FC } from 'react';\nimport { API_CONFIG } from '../constants';\nimport { kittlApiService } from '../services/api.service';\nimport { authService } from '../services/auth.service';\nimport type { Session } from '../types/session';\nimport { runInteractiveView, type ViewWithDone } from '../ui/renderer';\nimport { getKittlEnvEntries } from './utils';\n\nexport abstract class BaseCommand extends Command {\n protected session: Session | null = null;\n\n public override async init(): Promise<void> {\n await super.init();\n this.session = await authService.getSession();\n kittlApiService.setAccessTokenProvider(async () =>\n authService.getAccessToken(),\n );\n\n const envEntries = getKittlEnvEntries();\n this.debug(`API base URL: ${API_CONFIG.baseUrl}`);\n this.debug(`KITTL_* variables:\\n${envEntries.join('\\n') || '(none)'}`);\n }\n\n protected getKittlApiClient(): AxiosInstance {\n return kittlApiService.getClient();\n }\n\n /**\n * Ensures a valid access token (+ refreshes when the accessToken is near expiry).\n */\n protected async ensureAuthenticated(): Promise<Session> {\n const session = await authService.getSession();\n if (!session?.accessToken) {\n this.error(\n `Session expired. Run \\`${this.config.bin} auth login\\` first.`,\n { exit: 2 },\n );\n }\n\n this.session = session;\n return session;\n }\n\n /**\n * Run an Ink view that reports a result via `onDone`, then unmount and return.\n * PRO TIP: use `this.log` / `this.error` after this resolves, not inside the view!! for final line stays on stdout.\n */\n protected async renderView<R>(View: FC<ViewWithDone<R>>): Promise<R>;\n protected async renderView<R, P extends object>(\n View: FC<P & ViewWithDone<R>>,\n props: P,\n ): Promise<R>;\n protected async renderView<R, P extends object>(\n View: FC<P & ViewWithDone<R>>,\n ...args: Partial<P> extends P ? [props?: P] : [props: P]\n ): Promise<R> {\n return runInteractiveView<R, P>(View, ...args);\n }\n}\n","import axios, {\n type AxiosError,\n AxiosHeaders,\n type AxiosInstance,\n type InternalAxiosRequestConfig,\n} from 'axios';\nimport { API_CONFIG } from '../constants';\nimport { authService } from './auth.service';\n\ntype AccessTokenProvider = () => Promise<string | undefined>;\ntype RetriableRequestConfig = InternalAxiosRequestConfig & {\n _retry?: boolean;\n};\n\nexport class KittlApiService {\n private readonly client: AxiosInstance;\n private accessTokenProvider?: AccessTokenProvider;\n\n public constructor() {\n this.client = axios.create({\n baseURL: API_CONFIG.baseUrl,\n timeout: API_CONFIG.timeoutMs,\n headers: {\n 'User-Agent': API_CONFIG.userAgent,\n },\n });\n\n this.client.interceptors.request.use(\n async (config: RetriableRequestConfig) => {\n if (config.skipAuth) {\n return config;\n }\n const token = await this.accessTokenProvider?.();\n if (token) {\n this.setAuthorizationHeader(config, token);\n }\n return config;\n },\n );\n\n this.client.interceptors.response.use(\n (response) => response,\n async (error: AxiosError) => {\n const originalRequest = error.config as\n | RetriableRequestConfig\n | undefined;\n // Retry only first-time 401 responses with a valid original request.\n if (\n error.response?.status !== 401 ||\n !originalRequest ||\n originalRequest.skipAuth ||\n originalRequest._retry\n ) {\n throw error;\n }\n\n // Mark as retried to avoid infinite retry loops.\n originalRequest._retry = true;\n // Force-refresh the token before replaying the request.\n const refreshedSession = await authService.refreshSession();\n const refreshedToken = refreshedSession?.accessToken;\n if (!refreshedToken) {\n throw error;\n }\n\n // Re-run the original request with updated Authorization header.\n this.setAuthorizationHeader(originalRequest, refreshedToken);\n return this.client.request(originalRequest);\n },\n );\n }\n\n public setAccessTokenProvider(provider: AccessTokenProvider): void {\n this.accessTokenProvider = provider;\n }\n\n public getClient(): AxiosInstance {\n return this.client;\n }\n\n private setAuthorizationHeader(\n config: InternalAxiosRequestConfig,\n token: string,\n ): void {\n const headers = AxiosHeaders.from(config.headers);\n headers.set('Authorization', `Bearer ${token}`);\n config.headers = headers;\n }\n}\n\nexport const kittlApiService = new KittlApiService();\n","import { render } from 'ink';\nimport React, { type FC } from 'react';\n\n/**\n * Standard shape for a view that reports a result.\n */\nexport type ViewWithDone<R> = { onDone: (result: R) => void };\n\n/**\n * The entrypoint that touches Ink's render process.\n */\nexport async function runInteractiveView<R, P extends object>(\n View: FC<P & ViewWithDone<R>>,\n ...args: Partial<P> extends P ? [props?: P] : [props: P]\n): Promise<R> {\n const props = args[0];\n\n return new Promise<R>((resolve, reject) => {\n const app = render(\n React.createElement(View, {\n ...(props ?? ({} as P)),\n onDone: (result: R) => {\n void (async () => {\n app.unmount();\n await app.waitUntilExit();\n resolve(result);\n })().catch(reject);\n },\n } as P & ViewWithDone<R>),\n );\n });\n}\n"],"mappings":";AAAA,SAAS,gBAAgB;AACzB,SAAS,cAAc;AACvB,SAAS,YAAY;AAKd,SAAS,oBAAoB,UAAsC;AACxE,QAAM,OAAO,SAAS,SAAS,KAAK,CAAC;AACrC,MAAI,SAAS,MAAM,SAAS,OAAO,SAAS,MAAM;AAChD,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAMA,eAAsB,qBAAqB,SAAoC;AAC7E,SAAO,KAAK,QAAQ;AAAA,IAClB,KAAK;AAAA,IACL,UAAU;AAAA,IACV,WAAW;AAAA,IACX,KAAK;AAAA,IACL,qBAAqB;AAAA,EACvB,CAAC;AACH;AAKO,SAAS,mBAAmB,UAA0B;AAC3D,QAAM,OAAO,OAAO,QAAQ;AAC5B,SAAO,SAAS,QAAQ,6BAA6B;AACvD;;;ACnCA,SAAS,OAAO,UAAU,YAAY;AAO/B,SAAS,gBACd,UACA,cACyB;AACzB,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,QAAQ;AAAA,EAC9B,QAAQ;AACN,UAAM,IAAI,MAAM,iBAAiB,YAAY,GAAG;AAAA,EAClD;AACA,MAAI,WAAW,QAAQ,OAAO,WAAW,YAAY,MAAM,QAAQ,MAAM,GAAG;AAC1E,UAAM,IAAI;AAAA,MACR,8CAA8C,YAAY;AAAA,IAC5D;AAAA,EACF;AACA,SAAO;AACT;AAGA,eAAsB,wBACpB,UACkC;AAClC,QAAM,WAAW,MAAM,SAAS,UAAU,MAAM;AAChD,SAAO,gBAAgB,UAAU,QAAQ;AAC3C;AAMA,eAAsB,gBAAgB,SAAgC;AACpE,MAAI;AACF,UAAM,IAAI,MAAM,KAAK,OAAO;AAC5B,QAAI,CAAC,EAAE,YAAY,GAAG;AACpB,YAAM,IAAI,MAAM,GAAG,OAAO,iCAAiC;AAAA,IAC7D;AAAA,EACF,SAAS,GAAG;AAEV,QACE,aAAa,SACb,UAAU,KACT,EAA4B,SAAS,UACtC;AACA,YAAM,MAAM,SAAS,EAAE,WAAW,KAAK,CAAC;AACxC;AAAA,IACF;AACA,UAAM;AAAA,EACR;AACF;AAGO,IAAM,0BAA0B,OAAO,yBAAyB;AAMhE,SAAS,iBAAiB,QAAgB,aAA6B;AAC5E,QAAM,MAAM,QAAQ,IAAI,MAAM;AAC9B,QAAM,IAAI,OAAO,KAAK,KAAK,KAAK,WAAW;AAC3C,MAAI,CAAC,OAAO,UAAU,CAAC,KAAK,IAAI,KAAK,IAAI,OAAQ;AAC/C,UAAM,IAAI;AAAA,MACR,GAAG,MAAM,gDAAgD,KAAK,UAAU,GAAG,CAAC;AAAA,IAC9E;AAAA,EACF;AACA,SAAO;AACT;AAGO,SAAS,0BAA0B,MAAsB;AAC9D,SAAO,oBAAoB,IAAI;AACjC;AAEO,SAAS,qBAA+B;AAC7C,SAAO,OAAO,QAAQ,QAAQ,GAAG,EAC9B,OAAO,CAAC,CAAC,GAAG,MAAM,IAAI,WAAW,QAAQ,CAAC,EAC1C,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,EACrC,IAAI,CAAC,CAAC,KAAK,KAAK,MAAM,GAAG,GAAG,IAAI,SAAS,EAAE,EAAE;AAClD;AAGO,SAAS,YAAY,KAAmB;AAC7C,MAAI,IAAI,QAAQ;AACd,WAAO;AAAA,EACT;AACA,SAAO,QAAS,IAAkC,KAAK;AACzD;AAMO,SAAS,uBACd,UACA,iBACQ;AACR,QAAM,MAAM,UAAU,KAAK,KAAK;AAChC,MAAI,QAAQ,IAAI;AACd,WAAO;AAAA,EACT;AACA,SAAO,oBAAoB,GAAG,KAAK;AACrC;AAGO,SAAS,WAAc,OAAY,WAA0B;AAClE,MAAI,YAAY,GAAG;AACjB,UAAM,IAAI,MAAM,8BAA8B;AAAA,EAChD;AACA,QAAM,IAAI,KAAK,KAAK,MAAM,SAAS,SAAS;AAC5C,SAAO,MAAM;AAAA,IAAK,EAAE,QAAQ,EAAE;AAAA,IAAG,CAAC,GAAG,MACnC,MAAM,MAAM,IAAI,WAAW,IAAI,YAAY,SAAS;AAAA,EACtD;AACF;;;ACvHA;AAAA,EACE,MAAQ;AAAA,EACR,SAAW;AAAA,EACX,SAAW;AAAA,EACX,SAAW;AAAA,EACX,MAAQ;AAAA,EACR,SAAW;AAAA,IACT,MAAQ;AAAA,EACV;AAAA,EACA,KAAO;AAAA,IACL,OAAS;AAAA,IACT,aAAa;AAAA,EACf;AAAA,EACA,eAAiB;AAAA,IACf,QAAU;AAAA,IACV,KAAO;AAAA,MACL,OAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,OAAS;AAAA,IACP;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAAA,EACA,SAAW;AAAA,IACT,SAAW;AAAA,IACX,OAAS;AAAA,IACT,eAAe;AAAA,IACf,KAAO;AAAA,IACP,aAAa;AAAA,IACb,WAAa;AAAA,IACb,MAAQ;AAAA,IACR,cAAc;AAAA,EAChB;AAAA,EACA,cAAgB;AAAA,IACd,eAAe;AAAA,IACf,OAAS;AAAA,IACT,kBAAkB;AAAA,IAClB,KAAO;AAAA,IACP,kBAAkB;AAAA,IAClB,cAAc;AAAA,IACd,cAAc;AAAA,IACd,MAAQ;AAAA,IACR,iBAAiB;AAAA,IACjB,OAAS;AAAA,IACT,YAAc;AAAA,IACd,KAAO;AAAA,EACT;AAAA,EACA,iBAAmB;AAAA,IACjB,qBAAqB;AAAA,IACrB,eAAe;AAAA,IACf,gBAAgB;AAAA,IAChB,iBAAiB;AAAA,IACjB,uBAAuB;AAAA,IACvB,OAAS;AAAA,IACT,MAAQ;AAAA,IACR,KAAO;AAAA,IACP,YAAc;AAAA,IACd,QAAU;AAAA,EACZ;AAAA,EACA,OAAS;AAAA,IACP,KAAO;AAAA,IACP,UAAY;AAAA,IACZ,SAAW;AAAA,IACX,gBAAkB;AAAA,EACpB;AACF;;;AC9DA,IAAM,EAAE,QAAQ,IAAI;AAEpB,IAAM,iBAAiB;AACvB,IAAM,8BAA8B;AACpC,IAAM,gCAAgC;AAE/B,IAAM,aAAa;AAAA,EACxB,QAAQ;AAAA,EACR,YAAY;AAAA,EACZ,UAAU;AAAA,EACV,cAAc;AAAA,EACd,qBAAqB;AACvB;AAMO,IAAM,aAAa;AAAA,EACxB,WAAW;AAAA,EACX,uBAAuB;AAAA,EACvB,gBAAgB;AAAA,IACd,QAAQ,IAAI;AAAA,IACZ;AAAA,EACF;AAAA,EACA,yBAAyB;AAAA,EACzB,kBAAkB;AAAA,IAChB,QAAQ,IAAI;AAAA,IACZ;AAAA,EACF;AAAA,EACA,qBAAqB;AAAA,IACnB;AAAA,IACA,WAAW;AAAA,EACb;AACF;AAMA,IAAM,mBAAmB;AAAA,EACvB;AAAA,EACA,WAAW;AACb;AAEO,IAAM,cAAc;AAAA,EACzB,QAAQ,QAAQ,IAAI,0BAA0B,WAAW;AAAA,EACzD,UAAU,QAAQ,IAAI,yBAAyB,WAAW;AAAA,EAC1D,cAAc;AAAA,EACd,aAAa,0BAA0B,gBAAgB;AAAA,EACvD,OAAO,QAAQ,IAAI,qBAAqB;AAAA;AAAA,EAExC,YAAY,QAAQ,IAAI,sBAAsB;AAAA,EAC9C,wBAAwB;AAAA,IACtB,QAAQ,IAAI,mCAAmC;AAAA,EACjD;AAAA;AAAA,EAEA,yBACE,QAAQ,IAAI,oCAAoC;AAAA,EAClD,aAAa;AAAA,EACb,aAAa;AACf;AAMO,IAAM,aAAa;AAAA,EACxB,SAAS,QAAQ,IAAI,sBAAsB,WAAW;AAAA,EACtD,WAAW;AAAA,EACX,WAAW,aAAa,OAAO;AACjC;;;AC9EA,SAAS,oBAAoB;AAC7B,SAAS,OAAAA,YAAW;AACpB,OAAO,UAAU;AACjB,YAAY,UAAU;AACtB,SAAS,SAAS;;;ACJlB,SAAS,gBAAgB,aAAa,mBAAmB;AAIzD,IAAM,uBAAuB;AAG7B,IAAM,wBAAwB;AAAA,EAC5B,MAAM;AAAA,EACN,QAAQ;AAAA,EACR,SAAS;AAAA,EACT,IAAI;AACN;AAWO,IAAM,eAAN,MAAmB;AAAA,EACP,kBAAkB,KAAK,yBAAyB;AAAA,EAChD,kBAAkB,YAAY;AAAA,EAEvC,2BAAmC;AACzC,QAAI;AACF,YAAM,YAAY,IAAI,IAAI,YAAY,MAAM;AAC5C,YAAM,YAAY,KAAK;AAAA,QACrB,GAAG,UAAU,QAAQ,GAAG,UAAU,OAAO,IAAI,UAAU,IAAI,KAAK,EAAE;AAAA,MACpE;AACA,aAAO,GAAG,YAAY,WAAW,IAAI,SAAS;AAAA,IAChD,QAAQ;AAEN,aAAO,YAAY;AAAA,IACrB;AAAA,EACF;AAAA,EAEQ,wBAAwB,OAAuB;AACrD,WAAO,MAAM,QAAQ,qBAAqB,GAAG;AAAA,EAC/C;AAAA,EAEQ,QAAQ,QAAwB;AACtC,WAAO,GAAG,KAAK,eAAe,IAAI,MAAM;AAAA,EAC1C;AAAA,EAEA,MAAa,aAAsC;AACjD,UAAM,UAAU,MAAM;AAAA,MACpB,KAAK;AAAA,MACL,KAAK,QAAQ,sBAAsB,IAAI;AAAA,IACzC;AAEA,QAAI,OAA6B;AACjC,QAAI,SAAS;AACX,UAAI;AACF,cAAM,SAAS,KAAK,MAAM,OAAO;AACjC,YAAI,OAAO,MAAM,sBAAsB;AACrC,iBAAO;AAAA,QACT;AAAA,MACF,QAAQ;AACN,eAAO;AAAA,MACT;AAAA,IACF;AAEA,QAAI,MAAM;AACR,YAAM,YAAY,MAAM;AAAA,QACtB,KAAK;AAAA,QACL,KAAK,QAAQ,sBAAsB,MAAM;AAAA,MAC3C;AAEA,YAAM,cAAc,WAAW,KAAK;AACpC,UAAI,aAAa;AACf,cAAM,aAAa,MAAM;AAAA,UACvB,KAAK;AAAA,UACL,KAAK,QAAQ,sBAAsB,OAAO;AAAA,QAC5C;AACA,cAAM,QAAQ,MAAM;AAAA,UAClB,KAAK;AAAA,UACL,KAAK,QAAQ,sBAAsB,EAAE;AAAA,QACvC;AAEA,eAAO;AAAA,UACL;AAAA,UACA,cAAc,cAAc;AAAA,UAC5B,SAAS,SAAS;AAAA,UAClB,WAAW,KAAK;AAAA,UAChB,WAAW,KAAK;AAAA,QAClB;AAAA,MACF;AAAA,IACF;AAEA,UAAM,MAAM,MAAM,YAAY,KAAK,iBAAiB,KAAK,eAAe;AACxE,QAAI,CAAC;AAAK,aAAO;AAEjB,QAAI;AACF,aAAO,KAAK,MAAM,GAAG;AAAA,IACvB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAa,YAAY,SAAiC;AACxD,UAAM,OAAsB;AAAA,MAC1B,GAAG;AAAA,MACH,WAAW,QAAQ;AAAA,MACnB,WAAW,QAAQ;AAAA,IACrB;AAEA,UAAM,cAAc,QAAQ,YAAY,KAAK;AAC7C,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,KAAK,QAAQ,sBAAsB,MAAM;AAAA,MACzC;AAAA,IACF;AACA,UAAM,KAAK;AAAA,MACT,sBAAsB;AAAA,MACtB,QAAQ;AAAA,IACV;AACA,UAAM,KAAK;AAAA,MACT,sBAAsB;AAAA,MACtB,QAAQ;AAAA,IACV;AACA,UAAM;AAAA,MACJ,KAAK;AAAA,MACL,KAAK,QAAQ,sBAAsB,IAAI;AAAA,MACvC,KAAK,UAAU,IAAI;AAAA,IACrB;AAEA,UAAM,KAAK,gCAAgC;AAAA,EAC7C;AAAA;AAAA,EAGA,MAAc,wBACZ,QAGA,OACe;AACf,UAAM,MAAM,KAAK,QAAQ,MAAM;AAC/B,UAAM,UAAU,OAAO,KAAK;AAC5B,QAAI,SAAS;AACX,YAAM,YAAY,KAAK,iBAAiB,KAAK,OAAO;AACpD;AAAA,IACF;AACA,UAAM,WAAW,MAAM,YAAY,KAAK,iBAAiB,GAAG;AAC5D,QAAI,UAAU;AACZ,YAAM,eAAe,KAAK,iBAAiB,GAAG;AAAA,IAChD;AAAA,EACF;AAAA;AAAA,EAGA,MAAc,kCAAiD;AAC7D,UAAM,SAAS,MAAM;AAAA,MACnB,KAAK;AAAA,MACL,KAAK;AAAA,IACP;AACA,QAAI,CAAC;AAAQ;AACb,QAAI;AACF,YAAM,eAAe,KAAK,iBAAiB,KAAK,eAAe;AAAA,IACjE,QAAQ;AAAA,IAER;AAAA,EACF;AAAA,EAEA,MAAa,QAAuB;AAClC,UAAM,WAAW;AAAA,MACf,GAAG,OAAO,OAAO,qBAAqB,EAAE;AAAA,QAAI,CAAC,WAC3C,KAAK,QAAQ,MAAM;AAAA,MACrB;AAAA,MACA,KAAK;AAAA,IACP;AACA,eAAW,WAAW,UAAU;AAC9B,YAAM,WAAW,MAAM,YAAY,KAAK,iBAAiB,OAAO;AAChE,UAAI,UAAU;AACZ,YAAI;AACF,gBAAM,eAAe,KAAK,iBAAiB,OAAO;AAAA,QACpD,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAEO,IAAM,eAAe,IAAI,aAAa;;;ADhL7C,IAAM,kCAAkC;AAExC,IAAM,mCAAmC;AAUzC,IAAM,mBAAmB,EAAE,OAAO;AAAA,EAChC,QAAQ,EAAE,IAAI;AAAA,EACd,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,aAAa,EAAE,IAAI;AAAA,EACnB,cAAc,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,KAAM;AAAA,EAChD,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACvB,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC5B,wBAAwB,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAK,EAAE,IAAI,IAAS;AAAA,EACjE,yBAAyB,EAAE,IAAI,EAAE,SAAS;AAC5C,CAAC;AAEM,IAAM,sBAAN,cAAkC,MAAM;AAAA,EACtC,cAAc;AACnB,UAAM,kBAAkB;AACxB,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,cAAN,MAAkB;AAAA,EACN,SAAS,iBAAiB,MAAM,WAAW;AAAA;AAAA,EAGpD,wBAAwD;AAAA;AAAA;AAAA;AAAA,EAKhE,MAAa,mBAA4C;AACvD,WAAO,aAAa,WAAW;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,aAAsC;AACjD,UAAM,KAAK,eAAe;AAC1B,WAAO,KAAK,iBAAiB;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAa,iBAA8C;AACzD,UAAM,UAAU,MAAM,KAAK,iBAAiB;AAC5C,QAAI,CAAC,SAAS;AAAa,aAAO;AAElC,QAAI,CAAC,KAAK,yBAAyB,OAAO,GAAG;AAC3C,aAAO,QAAQ;AAAA,IACjB;AAEA,QAAI,CAAC,QAAQ,cAAc;AACzB,YAAM,aAAa,MAAM;AACzB,aAAO;AAAA,IACT;AAEA,UAAM,YAAY,MAAM,KAAK,eAAe;AAC5C,WAAO,WAAW;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA,EAKA,MAAa,iBAA0C;AACrD,QAAI,KAAK,uBAAuB;AAC9B,aAAO,KAAK;AAAA,IACd;AACA,SAAK,wBAAwB,KAAK,sBAAsB,EAAE,QAAQ,MAAM;AACtE,WAAK,wBAAwB;AAAA,IAC/B,CAAC;AACD,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,yBAAyB,SAA2B;AAC1D,QAAI,QAAQ,cAAc;AAAW,aAAO;AAC5C,UAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,WAAO,QAAQ,aAAa,MAAM;AAAA,EACpC;AAAA,EAEA,MAAc,wBAAiD;AAC7D,UAAM,UAAU,MAAM,KAAK,iBAAiB;AAC5C,QAAI,CAAC,SAAS,cAAc;AAC1B,YAAM,aAAa,MAAM;AACzB,aAAO;AAAA,IACT;AAEA,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,0BAA0B;AAExD,YAAM,WAAW,MAAW;AAAA,QAC1B;AAAA,QACA,QAAQ;AAAA,QACR,EAAE,OAAO,KAAK,OAAO,MAAM;AAAA,QAC3B;AAAA,MACF;AAEA,YAAM,aAAa,KAAK,qBAAqB,UAAU,OAAO;AAE9D,YAAM,aAAa,YAAY,UAAU;AACzC,aAAO;AAAA,IACT,SAAS,OAAO;AACd,UACE,iBAAsB,0BACtB,MAAM,UAAU,kCAChB;AACA,cAAM,aAAa,MAAM;AACzB,eAAO;AAAA,MACT;AACA,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,4BAAyD;AACrE,UAAM,YAAY,IAAIC,KAAI,KAAK,OAAO,MAAM;AAC5C,WAAY;AAAA,MACV;AAAA,MACA,KAAK,OAAO;AAAA,MACZ;AAAA,MACA;AAAA,MACA;AAAA,QACE,GAAI,UAAU,aAAa,UACvB,EAAE,SAAS,CAAM,0BAAqB,EAAW,IACjD,CAAC;AAAA,MACP;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,MAAM,SAA0C;AAC3D,UAAM,EAAE,OAAO,IAAI,WAAW,CAAC;AAE/B,UAAM,aAAa,MAAM,KAAK,0BAA0B;AACxD,YAAQ,eAAe;AAEvB,UAAM,eAAoB,4BAAuB;AACjD,UAAM,gBAAgB,MAAW,gCAA2B,YAAY;AACxE,UAAM,QAAa,iBAAY;AAC/B,UAAM,QAAa,iBAAY;AAE/B,UAAM,mBAAwB,2BAAsB,YAAY;AAAA,MAC9D,cAAc,KAAK,OAAO;AAAA,MAC1B,eAAe;AAAA,MACf,OAAO,KAAK,OAAO;AAAA,MACnB,gBAAgB;AAAA,MAChB,uBAAuB;AAAA,MACvB;AAAA,MACA;AAAA,MACA,QAAQ,KAAK,OAAO;AAAA,IACtB,CAAC;AAED,YAAQ,eAAe;AACvB,UAAM,KAAK,YAAY,iBAAiB,SAAS,CAAC;AAElD,UAAM,WAAW,MAAM,KAAK,gBAAgB,MAAM;AAElD,UAAM,WAAW,MAAW;AAAA,MAC1B;AAAA,MACA,SAAS;AAAA,MACT;AAAA,QACE,kBAAkB;AAAA,QAClB,eAAe;AAAA,QACf,eAAe;AAAA,MACjB;AAAA,IACF;AAEA,UAAM,UAAU,KAAK,qBAAqB,QAAQ;AAElD,UAAM,aAAa,YAAY,OAAO;AACtC,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,SAAwB;AACnC,UAAM,aAAa,MAAM;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAc,gBAAgB,QAA+C;AAC3E,UAAM,cAAc,IAAIA,KAAI,KAAK,OAAO,WAAW;AACnD,UAAM,WAAW,YAAY;AAC7B,UAAM,OAAO,OAAO,YAAY,IAAI;AACpC,UAAM,WAAW,YAAY;AAE7B,UAAM,gBAAgB,YAAY;AAAA,MAChC,KAAK,OAAO;AAAA,IACd;AACA,UAAM,iBACJ,WAAW,SACP,YAAY,IAAI,CAAC,QAAQ,aAAa,CAAC,IACvC;AAEN,WAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAI,SAAS;AAEb,YAAM,SAAS,aAAa,CAAC,KAAK,QAAQ;AACxC,YAAI;AACF,gBAAM,aAAa,IAAIA,KAAI,IAAI,OAAO,IAAI,KAAK,OAAO,WAAW;AACjE,cAAI,WAAW,aAAa,UAAU;AACpC,gBAAI,aAAa;AACjB,gBAAI,IAAI,WAAW;AACnB;AAAA,UACF;AAEA,gBAAM,cAAc,IAAIA,KAAI,KAAK,OAAO,WAAW;AACnD,sBAAY,SAAS,WAAW;AAEhC,gBAAM,WAAW,KAAK,OAAO;AAC7B,cAAI,UAAU;AACZ,gBAAI,UAAU,KAAK,EAAE,UAAU,SAAS,CAAC;AACzC,gBAAI,IAAI;AAAA,UACV,OAAO;AACL,gBAAI,aAAa;AACjB,gBAAI,UAAU,gBAAgB,0BAA0B;AACxD,gBAAI;AAAA,cACF;AAAA,YACF;AAAA,UACF;AAEA,sBAAY,CAAC,aAAqB;AAChC,gBAAI,UAAU;AACZ,qBAAO,QAAQ;AACf;AAAA,YACF;AACA,oBAAQ,EAAE,YAAY,CAAC;AAAA,UACzB,CAAC;AAAA,QACH,SAAS,OAAO;AACd,sBAAY,MAAM,OAAO,KAAK,CAAC;AAAA,QACjC;AAAA,MACF,CAAC;AAED,YAAM,cAAc,CAAC,aAA+C;AAClE,YAAI;AAAQ;AACZ,iBAAS;AACT,uBAAe,oBAAoB,SAAS,eAAe;AAC3D,YAAI,CAAC,OAAO,WAAW;AACrB,mBAAS;AACT;AAAA,QACF;AACA,eAAO,oBAAoB;AAC3B,eAAO,MAAM,CAAC,aAAa;AACzB,mBAAS,YAAY,MAAS;AAAA,QAChC,CAAC;AAAA,MACH;AAEA,eAAS,kBAAwB;AAC/B,oBAAY,CAAC,aAAqB;AAChC,cAAI,UAAU;AACZ,mBAAO,QAAQ;AACf;AAAA,UACF;AACA,cAAI,QAAQ,SAAS;AACnB,mBAAO,OAAO,UAAU,IAAI,oBAAoB,CAAC;AACjD;AAAA,UACF;AACA,cAAI,cAAc,SAAS;AACzB,mBAAO,IAAI,MAAM,oCAAoC,CAAC;AACtD;AAAA,UACF;AACA,iBAAO,IAAI,oBAAoB,CAAC;AAAA,QAClC,CAAC;AAAA,MACH;AAEA,aAAO,GAAG,SAAS,CAAC,UAAiC;AACnD,oBAAY,MAAM;AAChB,cAAI,MAAM,SAAS,cAAc;AAC/B,kBAAM,YACH,MAAoD,QAAQ;AAC/D;AAAA,cACE,IAAI;AAAA,gBACF,QAAQ,OAAO,SAAS,CAAC;AAAA,cAC3B;AAAA,YACF;AACA;AAAA,UACF;AACA,iBAAO,KAAK;AAAA,QACd,CAAC;AAAA,MACH,CAAC;AAGD,qBAAe,iBAAiB,SAAS,iBAAiB,EAAE,MAAM,KAAK,CAAC;AACxE,UAAI,eAAe,SAAS;AAC1B,wBAAgB;AAChB;AAAA,MACF;AAEA,aAAO,OAAO,MAAM,QAAQ;AAAA,IAC9B,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,YAAY,KAA4B;AACpD,UAAM,KAAK,GAAG;AAAA,EAChB;AAAA,EAEQ,qBACN,UACA,gBACS;AACT,WAAO;AAAA,MACL,aAAa,SAAS;AAAA,MACtB,cAAc,SAAS,iBAAiB,gBAAgB;AAAA,MACxD,SAAS,SAAS,YAAY,gBAAgB;AAAA,MAC9C,WAAW,SAAS,cAAc,gBAAgB;AAAA,MAClD,WAAW,SAAS,aAChB,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,IAAI,SAAS,aACzC;AAAA,IACN;AAAA,EACF;AACF;AAEO,IAAM,cAAc,IAAI,YAAY;;;AE/U3C,SAAS,eAAe;;;ACAxB,OAAO;AAAA,EAEL;AAAA,OAGK;AASA,IAAM,kBAAN,MAAsB;AAAA,EACV;AAAA,EACT;AAAA,EAED,cAAc;AACnB,SAAK,SAAS,MAAM,OAAO;AAAA,MACzB,SAAS,WAAW;AAAA,MACpB,SAAS,WAAW;AAAA,MACpB,SAAS;AAAA,QACP,cAAc,WAAW;AAAA,MAC3B;AAAA,IACF,CAAC;AAED,SAAK,OAAO,aAAa,QAAQ;AAAA,MAC/B,OAAO,WAAmC;AACxC,YAAI,OAAO,UAAU;AACnB,iBAAO;AAAA,QACT;AACA,cAAM,QAAQ,MAAM,KAAK,sBAAsB;AAC/C,YAAI,OAAO;AACT,eAAK,uBAAuB,QAAQ,KAAK;AAAA,QAC3C;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAEA,SAAK,OAAO,aAAa,SAAS;AAAA,MAChC,CAAC,aAAa;AAAA,MACd,OAAO,UAAsB;AAC3B,cAAM,kBAAkB,MAAM;AAI9B,YACE,MAAM,UAAU,WAAW,OAC3B,CAAC,mBACD,gBAAgB,YAChB,gBAAgB,QAChB;AACA,gBAAM;AAAA,QACR;AAGA,wBAAgB,SAAS;AAEzB,cAAM,mBAAmB,MAAM,YAAY,eAAe;AAC1D,cAAM,iBAAiB,kBAAkB;AACzC,YAAI,CAAC,gBAAgB;AACnB,gBAAM;AAAA,QACR;AAGA,aAAK,uBAAuB,iBAAiB,cAAc;AAC3D,eAAO,KAAK,OAAO,QAAQ,eAAe;AAAA,MAC5C;AAAA,IACF;AAAA,EACF;AAAA,EAEO,uBAAuB,UAAqC;AACjE,SAAK,sBAAsB;AAAA,EAC7B;AAAA,EAEO,YAA2B;AAChC,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,uBACN,QACA,OACM;AACN,UAAM,UAAU,aAAa,KAAK,OAAO,OAAO;AAChD,YAAQ,IAAI,iBAAiB,UAAU,KAAK,EAAE;AAC9C,WAAO,UAAU;AAAA,EACnB;AACF;AAEO,IAAM,kBAAkB,IAAI,gBAAgB;;;AC1FnD,SAAS,cAAc;AACvB,OAAO,WAAwB;AAU/B,eAAsB,mBACpB,SACG,MACS;AACZ,QAAM,QAAQ,KAAK,CAAC;AAEpB,SAAO,IAAI,QAAW,CAAC,SAAS,WAAW;AACzC,UAAM,MAAM;AAAA,MACV,MAAM,cAAc,MAAM;AAAA,QACxB,GAAI,SAAU,CAAC;AAAA,QACf,QAAQ,CAAC,WAAc;AACrB,gBAAM,YAAY;AAChB,gBAAI,QAAQ;AACZ,kBAAM,IAAI,cAAc;AACxB,oBAAQ,MAAM;AAAA,UAChB,GAAG,EAAE,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAwB;AAAA,IAC1B;AAAA,EACF,CAAC;AACH;;;AFrBO,IAAe,cAAf,cAAmC,QAAQ;AAAA,EACtC,UAA0B;AAAA,EAEpC,MAAsB,OAAsB;AAC1C,UAAM,MAAM,KAAK;AACjB,SAAK,UAAU,MAAM,YAAY,WAAW;AAC5C,oBAAgB;AAAA,MAAuB,YACrC,YAAY,eAAe;AAAA,IAC7B;AAEA,UAAM,aAAa,mBAAmB;AACtC,SAAK,MAAM,iBAAiB,WAAW,OAAO,EAAE;AAChD,SAAK,MAAM;AAAA,EAAuB,WAAW,KAAK,IAAI,KAAK,QAAQ,EAAE;AAAA,EACvE;AAAA,EAEU,oBAAmC;AAC3C,WAAO,gBAAgB,UAAU;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAgB,sBAAwC;AACtD,UAAM,UAAU,MAAM,YAAY,WAAW;AAC7C,QAAI,CAAC,SAAS,aAAa;AACzB,WAAK;AAAA,QACH,0BAA0B,KAAK,OAAO,GAAG;AAAA,QACzC,EAAE,MAAM,EAAE;AAAA,MACZ;AAAA,IACF;AAEA,SAAK,UAAU;AACf,WAAO;AAAA,EACT;AAAA,EAWA,MAAgB,WACd,SACG,MACS;AACZ,WAAO,mBAAyB,MAAM,GAAG,IAAI;AAAA,EAC/C;AACF;","names":["URL","URL"]}

package/dist/{chunk-GJPVFQRF.js → chunk-S4KAOR7F.js} RENAMED Viewed

@@ -1,9 +1,9 @@
 import {
   formatZodErrorSummary
-} from "./chunk-XU2ZHSRY.js";
+} from "./chunk-7LTVG6SC.js";
 import {
   parseJsonObjectFromFile
-} from "./chunk-TK44DTSK.js";
+} from "./chunk-OY6OB5HM.js";
 // src/services/extensions.service.ts
 import { z as z2 } from "zod";
@@ -29,6 +29,7 @@ var oauthProviderSchema = z.object({
   customFieldMappings: z.record(z.string(), z.unknown()).optional()
 }).strict();
 var extensionManifestSchema = z.object({
+  $schema: z.string().min(1).optional(),
   //needs sign-off on each release.
   displayName: z.string().min(1),
   icon: z.string().min(1),
@@ -44,7 +45,10 @@ var extensionManifestSchema = z.object({
     embed: z.object({
       mainAppPanel: z.object({
         path: z.string().min(1)
-      }).strict()
+      }).strict(),
+      scriptRunner: z.object({
+        path: z.string().min(1)
+      }).strict().optional()
     }).strict(),
     appDevelopment: z.object({
       local: z.object({
@@ -71,7 +75,7 @@ async function createExtensionDraftVersion(client, extensionId, manifestFilePath
       `Invalid manifest.json (${manifestFilePath}): ${formatZodErrorSummary(manifestParsed.error)}`
     );
   }
-  const manifest = manifestParsed.data;
+  const { $schema: _schema, ...manifest } = manifestParsed.data;
   const path = `/extensions/${extensionId}/versions`;
   const { data } = await client.post(path, { manifest });
   const parsed = createExtensionVersionResponseSchema.parse(data);
@@ -95,4 +99,4 @@ export {
   createExtensionDraftVersion,
   markExtensionDraftReadyForReview
 };
-//# sourceMappingURL=chunk-GJPVFQRF.js.map
+//# sourceMappingURL=chunk-S4KAOR7F.js.map

package/dist/chunk-S4KAOR7F.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/services/extensions.service.ts","../src/core/schemas/extension-manifest.ts"],"sourcesContent":["import type { AxiosInstance } from 'axios';\nimport { z } from 'zod';\nimport { formatZodErrorSummary } from '../core/error';\nimport { extensionManifestSchema } from '../core/schemas/extension-manifest';\nimport { parseJsonObjectFromFile } from '../core/utils';\n\nconst createExtensionVersionResponseSchema = z.object({\n success: z.literal(true),\n result: z.object({\n extensionVersionId: z.string(),\n }),\n});\n\n/**\n * POST /extensions/{extensionId}/versions : reads `manifestFilePath`, validates\n * manifest JSON, then POSTs `{ manifest }` to create or update the draft version.\n */\nexport async function createExtensionDraftVersion(\n client: AxiosInstance,\n extensionId: string,\n manifestFilePath: string,\n): Promise<string> {\n const rawObject = await parseJsonObjectFromFile(manifestFilePath);\n const manifestParsed = extensionManifestSchema.safeParse(rawObject);\n if (!manifestParsed.success) {\n throw new Error(\n `Invalid manifest.json (${manifestFilePath}): ${formatZodErrorSummary(manifestParsed.error)}`,\n );\n }\n const { $schema: _schema, ...manifest } = manifestParsed.data;\n const path = `/extensions/${extensionId}/versions`;\n const { data } = await client.post(path, { manifest });\n const parsed = createExtensionVersionResponseSchema.parse(data);\n return parsed.result.extensionVersionId;\n}\n\nconst readyForReviewResponseSchema = z.object({\n success: z.literal(true),\n result: z.object({\n extensionVersionId: z.string(),\n status: z.literal('READY_FOR_REVIEW'),\n }),\n});\n\nexport type ExtensionReadyForReviewResult = z.infer<\n typeof readyForReviewResponseSchema\n>['result'];\n\n/**\n * POST /extensions/{extensionId}/versions/review/ready : moves the current draft\n * version to READY_FOR_REVIEW.\n */\nexport async function markExtensionDraftReadyForReview(\n client: AxiosInstance,\n extensionId: string,\n): Promise<ExtensionReadyForReviewResult> {\n const path = `/extensions/${extensionId}/versions/review/ready`;\n const { data } = await client.post(path, {});\n const parsed = readyForReviewResponseSchema.parse(data);\n return parsed.result;\n}\n","import { z } from 'zod';\n\n/**\n * Shape of `manifest.json`.\n * Keep in sync with def in @kittl/mono://src/controllers/extensions.controller/schemas.ts.\n */\nconst extensionScopeSchema = z.enum([\n 'design:state:read',\n 'design:state:write',\n 'uploads:create',\n 'fonts:create',\n 'uploads:global:read',\n 'ai:credit:spend',\n 'workspace:state:read',\n 'workspace:state:write',\n]);\n\n/**\n * Provider-specific OAuth configuration.\n */\nconst oauthProviderSchema = z\n .object({\n authorizationUrl: z.string().min(1),\n clientId: z.string().min(1),\n scope: z.string().min(1).optional(),\n accessType: z.string().min(1).optional(),\n tokenUrl: z.string().min(1),\n customFieldMappings: z.record(z.string(), z.unknown()).optional(),\n })\n .strict();\n\n/**\n * Full extension manifest schema used by the CLI when validating draft uploads.\n */\nexport const extensionManifestSchema = z\n .object({\n $schema: z.string().min(1).optional(),\n //needs sign-off on each release.\n displayName: z.string().min(1),\n icon: z.string().min(1),\n tagline: z.string().min(1),\n installPage: z\n .object({\n description: z.string().min(1),\n coverImage: z.string().min(1),\n termsAndConditionsLink: z.string().min(1),\n privacyPolicyLink: z.string().min(1),\n })\n .strict(),\n config: z\n .object({\n scopes: z.array(extensionScopeSchema),\n embed: z\n .object({\n mainAppPanel: z\n .object({\n path: z.string().min(1),\n })\n .strict(),\n scriptRunner: z\n .object({\n path: z.string().min(1),\n })\n .strict()\n .optional(),\n })\n .strict(),\n appDevelopment: z\n .object({\n local: z\n .object({\n requireHTTPS: z.boolean().optional(),\n port: z.number().int().min(1).max(65535).optional(),\n })\n .strict(),\n })\n .strict()\n .optional(),\n oauthProviders: z.record(z.string(), oauthProviderSchema).optional(),\n })\n .strict(),\n })\n .strict();\n\nexport type ExtensionManifest = z.infer<typeof extensionManifestSchema>;\n"],"mappings":";;;;;;;;AACA,SAAS,KAAAA,UAAS;;;ACDlB,SAAS,SAAS;AAMlB,IAAM,uBAAuB,EAAE,KAAK;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAKD,IAAM,sBAAsB,EACzB,OAAO;AAAA,EACN,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAClC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EAClC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACvC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,qBAAqB,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC,EAAE,SAAS;AAClE,CAAC,EACA,OAAO;AAKH,IAAM,0BAA0B,EACpC,OAAO;AAAA,EACN,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA;AAAA,EAEpC,aAAa,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC7B,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACtB,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACzB,aAAa,EACV,OAAO;AAAA,IACN,aAAa,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,IAC7B,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,IAC5B,wBAAwB,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,IACxC,mBAAmB,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EACrC,CAAC,EACA,OAAO;AAAA,EACV,QAAQ,EACL,OAAO;AAAA,IACN,QAAQ,EAAE,MAAM,oBAAoB;AAAA,IACpC,OAAO,EACJ,OAAO;AAAA,MACN,cAAc,EACX,OAAO;AAAA,QACN,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,MACxB,CAAC,EACA,OAAO;AAAA,MACV,cAAc,EACX,OAAO;AAAA,QACN,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,MACxB,CAAC,EACA,OAAO,EACP,SAAS;AAAA,IACd,CAAC,EACA,OAAO;AAAA,IACV,gBAAgB,EACb,OAAO;AAAA,MACN,OAAO,EACJ,OAAO;AAAA,QACN,cAAc,EAAE,QAAQ,EAAE,SAAS;AAAA,QACnC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,EAAE,SAAS;AAAA,MACpD,CAAC,EACA,OAAO;AAAA,IACZ,CAAC,EACA,OAAO,EACP,SAAS;AAAA,IACZ,gBAAgB,EAAE,OAAO,EAAE,OAAO,GAAG,mBAAmB,EAAE,SAAS;AAAA,EACrE,CAAC,EACA,OAAO;AACZ,CAAC,EACA,OAAO;;;AD5EV,IAAM,uCAAuCC,GAAE,OAAO;AAAA,EACpD,SAASA,GAAE,QAAQ,IAAI;AAAA,EACvB,QAAQA,GAAE,OAAO;AAAA,IACf,oBAAoBA,GAAE,OAAO;AAAA,EAC/B,CAAC;AACH,CAAC;AAMD,eAAsB,4BACpB,QACA,aACA,kBACiB;AACjB,QAAM,YAAY,MAAM,wBAAwB,gBAAgB;AAChE,QAAM,iBAAiB,wBAAwB,UAAU,SAAS;AAClE,MAAI,CAAC,eAAe,SAAS;AAC3B,UAAM,IAAI;AAAA,MACR,0BAA0B,gBAAgB,MAAM,sBAAsB,eAAe,KAAK,CAAC;AAAA,IAC7F;AAAA,EACF;AACA,QAAM,EAAE,SAAS,SAAS,GAAG,SAAS,IAAI,eAAe;AACzD,QAAM,OAAO,eAAe,WAAW;AACvC,QAAM,EAAE,KAAK,IAAI,MAAM,OAAO,KAAK,MAAM,EAAE,SAAS,CAAC;AACrD,QAAM,SAAS,qCAAqC,MAAM,IAAI;AAC9D,SAAO,OAAO,OAAO;AACvB;AAEA,IAAM,+BAA+BA,GAAE,OAAO;AAAA,EAC5C,SAASA,GAAE,QAAQ,IAAI;AAAA,EACvB,QAAQA,GAAE,OAAO;AAAA,IACf,oBAAoBA,GAAE,OAAO;AAAA,IAC7B,QAAQA,GAAE,QAAQ,kBAAkB;AAAA,EACtC,CAAC;AACH,CAAC;AAUD,eAAsB,iCACpB,QACA,aACwC;AACxC,QAAM,OAAO,eAAe,WAAW;AACvC,QAAM,EAAE,KAAK,IAAI,MAAM,OAAO,KAAK,MAAM,CAAC,CAAC;AAC3C,QAAM,SAAS,6BAA6B,MAAM,IAAI;AACtD,SAAO,OAAO;AAChB;","names":["z","z"]}

package/dist/commands/app/init.js CHANGED Viewed

@@ -1,13 +1,13 @@
 import {
   createExtensionDraftVersion
-} from "../../chunk-GJPVFQRF.js";
+} from "../../chunk-S4KAOR7F.js";
 import {
   formatHttpClientError,
   internalConfigExists,
   internalConfigPath,
   isSystemError,
   writeInternalConfig
-} from "../../chunk-XU2ZHSRY.js";
+} from "../../chunk-7LTVG6SC.js";
 import {
   useTerminalWidth
 } from "../../chunk-EKU4DKQK.js";
@@ -20,11 +20,14 @@ import {
 import {
   BaseCommand,
   CLI_CONFIG,
+  ensureDirectory,
+  getFileNameFromPath,
   isSubmitKey
-} from "../../chunk-TK44DTSK.js";
+} from "../../chunk-OY6OB5HM.js";
 // src/commands/app/init.ts
-import { join as join2 } from "node:path";
+import { join as join2, relative, resolve } from "node:path";
+import { Args } from "@oclif/core";
 // src/core/scaffolder.ts
 import { access, mkdir, writeFile } from "node:fs/promises";
@@ -34,6 +37,7 @@ import { join } from "node:path";
 var DEFAULT_TERMS_URL = "https://example.com/terms";
 var DEFAULT_PRIVACY_URL = "https://example.com/privacy";
 var DEFAULT_MAIN_APP_PANEL_PATH = "index.html";
+var EXTENSION_MANIFEST_JSON_SCHEMA_URL = "https://api.kittl.com/extensions/manifest/schema.json";
 function packageNameFromExtensionName(name) {
   const slug = name.trim().toLowerCase().replace(/\s+/g, "-").replace(/[^a-z0-9-]/g, "");
   return slug.length > 0 ? slug : "kittl-extension";
@@ -41,6 +45,7 @@ function packageNameFromExtensionName(name) {
 function initialExtensionManifest(displayName) {
   const value = displayName.trim() || "Unnamed extension";
   return {
+    $schema: EXTENSION_MANIFEST_JSON_SCHEMA_URL,
     displayName: value,
     icon: "icon.svg",
     tagline: `${value} for Kittl.`,
@@ -123,7 +128,7 @@ function indexHtmlTemplate(displayName) {
     <div id="app">
       <h1>Hello Kittl!</h1>
       <p>Welcome to your new extension: ${displayName}</p>
-      <button id="doSomething">Do some magic!</button>
+      <button id="doSomething" type="button">Do some magic!</button>
     </div>
     <script type="module" src="/src/index.ts"></script>
   </body>
@@ -384,11 +389,12 @@ import { jsx as jsx2, jsxs as jsxs2 } from "react/jsx-runtime";
 function TextInputView({
   label,
   placeholder,
+  initialValue,
   requireNonEmpty = true,
   onDone
 }) {
   const width = useTerminalWidth();
-  const [value, setValue] = useState2("");
+  const [value, setValue] = useState2(() => initialValue?.trim() ?? "");
   const [error, setError] = useState2(null);
   const finish = useCallback2(
     (result) => {
@@ -461,6 +467,7 @@ function AppInitStepShell({
 function AppInitWizardView({
   organizations,
   client,
+  extensionNameSuggestion,
   onDone
 }) {
   const width = useTerminalWidth();
@@ -597,6 +604,7 @@ function AppInitWizardView({
             {
               label: "Extension name:",
               placeholder: "e.g. WASM-powered toaster",
+              initialValue: extensionNameSuggestion,
               onDone: handleExtName
             },
             "wizard-ext-name"
@@ -608,14 +616,26 @@ function AppInitWizardView({
 // src/commands/app/init.ts
 var AppInit = class _AppInit extends BaseCommand {
-  static description = "Initialize a Kittl app in this directory";
+  static description = "Initialize a Kittl app in the current directory or a new folder";
+  static args = {
+    path: Args.string({
+      description: "Directory for the app (created if it does not exist)",
+      default: ".",
+      required: false
+    })
+  };
   async run() {
-    await this.parse(_AppInit);
+    const { args } = await this.parse(_AppInit);
     await this.ensureAuthenticated();
-    const cwd = process.cwd();
-    if (await internalConfigExists(cwd)) {
+    const targetDir = resolve(process.cwd(), args.path);
+    try {
+      await ensureDirectory(targetDir);
+    } catch (e) {
+      this.error(e instanceof Error ? e.message : String(e), { exit: 2 });
+    }
+    if (await internalConfigExists(targetDir)) {
       this.error(
-        `Kittl config already exists at ${internalConfigPath(cwd)}. Remove it or run from another directory.`,
+        `Kittl config already exists at ${internalConfigPath(targetDir)}. Remove it or choose a different directory.`,
         { exit: 2 }
       );
     }
@@ -626,21 +646,23 @@ var AppInit = class _AppInit extends BaseCommand {
     } catch (e) {
       this.error(formatHttpClientError(e), { exit: 2 });
     }
+    const extensionNameSuggestion = args.path === "." ? void 0 : getFileNameFromPath(targetDir);
     const wizardResult = await this.renderView(AppInitWizardView, {
       organizations,
-      client
+      client,
+      extensionNameSuggestion
     });
     if (wizardResult.kind === "cancelled") {
       this.exit(130);
     }
     const { data } = wizardResult;
-    const path = await writeInternalConfig(cwd, {
+    const configFilePath = await writeInternalConfig(targetDir, {
       developerOrganizationId: data.developerOrganizationId,
       extensionId: data.extensionId
     });
     let starterScaffoldWritten = false;
     try {
-      const { skipped, existingPackageJson, createdManifestOnly } = await scaffoldExtension(cwd, data.extensionName);
+      const { skipped, existingPackageJson, createdManifestOnly } = await scaffoldExtension(targetDir, data.extensionName);
       starterScaffoldWritten = !existingPackageJson;
       if (existingPackageJson) {
         if (createdManifestOnly) {
@@ -664,7 +686,7 @@ var AppInit = class _AppInit extends BaseCommand {
       await createExtensionDraftVersion(
         client,
         data.extensionId,
-        join2(cwd, CLI_CONFIG.manifestFileName)
+        join2(targetDir, CLI_CONFIG.manifestFileName)
       );
     } catch (e) {
       this.error(formatHttpClientError(e), { exit: 2 });
@@ -675,11 +697,16 @@ var AppInit = class _AppInit extends BaseCommand {
       this.log(`Developer organization: "${data.developerOrganizationName}".`);
     }
     this.log(`Created app: "${data.extensionName}".`);
-    this.debug(`Generated config file at ${path}`);
+    this.debug(`Generated config file at ${configFilePath}`);
     this.log("");
     this.log(`Success! Extension "${data.extensionName}" is ready.`);
     this.log("Next steps:");
     let step = 1;
+    const isCurrentDir = resolve(process.cwd()) === targetDir;
+    const displayPath = relative(process.cwd(), targetDir);
+    if (!isCurrentDir) {
+      this.log(`  ${step++}. cd ${JSON.stringify(displayPath)}`);
+    }
     if (starterScaffoldWritten) {
       this.log(`  ${step++}. npm install`);
       this.log(`  ${step++}. npm run dev`);