@layr-labs/ecloud-cli 0.1.0-dev.3 → 0.1.0-rc.2

package/README.md

@@ -314,7 +314,7 @@ const client = createECloudClient({
 });
 
 // Deploy an application
-const result = await client.compute.app.deploy({
+const result = await client.app.deploy({
   image: "myapp:latest",
 });
 
@@ -322,13 +322,13 @@ console.log(`Deployed app ID: ${result.appId}`);
 console.log(`Transaction hash: ${result.tx}`);
 
 // Start an application
-await client.compute.app.start(result.appId);
+await client.app.start(result.appId);
 
 // Stop an application
-await client.compute.app.stop(result.appId);
+await client.app.stop(result.appId);
 
 // Terminate an application
-await client.compute.app.terminate(result.appId);
+await client.app.terminate(result.appId);
 ```
 
 ## Environments

package/VERSION

@@ -1,2 +1,2 @@
-version=0.1.0-dev.3
-commit=f751ea0fecc2e77d93bc962aeb11aa2497b74b73
+version=0.1.0-rc.2
+commit=59c794bb1aebad8f343114aa1f279b7e2136b2e2

package/dist/commands/auth/generate.js

@@ -117,142 +117,6 @@ function displayWarning(lines) {
   console.log("");
 }
 
-// src/telemetry.ts
-import {
-  createTelemetryClient,
-  createAppEnvironment,
-  createMetricsContext,
-  addMetric,
-  addMetricWithDimensions,
-  emitMetrics,
-  getBuildType as getBuildType2
-} from "@layr-labs/ecloud-sdk";
-
-// src/utils/globalConfig.ts
-import * as fs from "fs";
-import * as path from "path";
-import * as os from "os";
-import { load as loadYaml, dump as dumpYaml } from "js-yaml";
-import { getBuildType } from "@layr-labs/ecloud-sdk";
-import * as crypto from "crypto";
-var GLOBAL_CONFIG_FILE = "config.yaml";
-var PROFILE_CACHE_TTL_MS = 24 * 60 * 60 * 1e3;
-function getGlobalConfigDir() {
-  const configHome = process.env.XDG_CONFIG_HOME;
-  let baseDir;
-  if (configHome && path.isAbsolute(configHome)) {
-    baseDir = configHome;
-  } else {
-    baseDir = path.join(os.homedir(), ".config");
-  }
-  const buildType = getBuildType();
-  const buildSuffix = buildType === "dev" ? "-dev" : "";
-  const configDirName = `ecloud${buildSuffix}`;
-  return path.join(baseDir, configDirName);
-}
-function getGlobalConfigPath() {
-  return path.join(getGlobalConfigDir(), GLOBAL_CONFIG_FILE);
-}
-function loadGlobalConfig() {
-  const configPath = getGlobalConfigPath();
-  if (!fs.existsSync(configPath)) {
-    return {
-      first_run: true
-    };
-  }
-  try {
-    const content = fs.readFileSync(configPath, "utf-8");
-    const config = loadYaml(content);
-    return config || { first_run: true };
-  } catch {
-    return {
-      first_run: true
-    };
-  }
-}
-function saveGlobalConfig(config) {
-  const configPath = getGlobalConfigPath();
-  const configDir = path.dirname(configPath);
-  fs.mkdirSync(configDir, { recursive: true, mode: 493 });
-  const content = dumpYaml(config, { lineWidth: -1 });
-  fs.writeFileSync(configPath, content, { mode: 420 });
-}
-function getDefaultEnvironment() {
-  const config = loadGlobalConfig();
-  return config.default_environment;
-}
-function getGlobalTelemetryPreference() {
-  const config = loadGlobalConfig();
-  return config.telemetry_enabled;
-}
-function getOrCreateUserUUID() {
-  const config = loadGlobalConfig();
-  if (config.user_uuid) {
-    return config.user_uuid;
-  }
-  const uuid = generateUUID();
-  config.user_uuid = uuid;
-  config.first_run = false;
-  saveGlobalConfig(config);
-  return uuid;
-}
-function generateUUID() {
-  const bytes = crypto.randomBytes(16);
-  bytes[6] = bytes[6] & 15 | 64;
-  bytes[8] = bytes[8] & 63 | 128;
-  const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, "0"));
-  return hex.slice(0, 4).join("") + hex.slice(4, 6).join("") + "-" + hex.slice(6, 8).join("") + "-" + hex.slice(8, 10).join("") + "-" + hex.slice(10, 12).join("") + "-" + hex.slice(12, 16).join("");
-}
-
-// src/telemetry.ts
-function createCLITelemetryClient() {
-  const userUUID = getOrCreateUserUUID();
-  const environment = createAppEnvironment(userUUID);
-  const telemetryEnabled = getGlobalTelemetryPreference();
-  return createTelemetryClient(environment, "ecloud-cli", {
-    telemetryEnabled: telemetryEnabled === true
-    // Only enabled if explicitly set to true
-  });
-}
-async function withTelemetry(command, action) {
-  const client = createCLITelemetryClient();
-  const metrics = createMetricsContext();
-  metrics.properties["source"] = "ecloud-cli";
-  metrics.properties["command"] = command.id || command.constructor.name;
-  const environment = getDefaultEnvironment() || "sepolia";
-  metrics.properties["environment"] = environment;
-  const buildType = getBuildType2() || "prod";
-  metrics.properties["build_type"] = buildType;
-  const cliVersion = command.config.version;
-  if (cliVersion) {
-    metrics.properties["cli_version"] = cliVersion;
-  }
-  addMetric(metrics, "Count", 1);
-  let actionError;
-  let result;
-  try {
-    result = await action();
-    return result;
-  } catch (err) {
-    actionError = err instanceof Error ? err : new Error(String(err));
-    throw err;
-  } finally {
-    const resultValue = actionError ? "Failure" : "Success";
-    const dimensions = {};
-    if (actionError) {
-      dimensions["error"] = actionError.message;
-    }
-    addMetricWithDimensions(metrics, resultValue, 1, dimensions);
-    const duration = Date.now() - metrics.startTime.getTime();
-    addMetric(metrics, "DurationMilliseconds", duration);
-    try {
-      await emitMetrics(client, metrics);
-      await client.close();
-    } catch {
-    }
-  }
-}
-
 // src/commands/auth/generate.ts
 var AuthGenerate = class _AuthGenerate extends Command {
   static description = "Generate a new private key";
@@ -268,11 +132,10 @@ var AuthGenerate = class _AuthGenerate extends Command {
     })
   };
   async run() {
-    return withTelemetry(this, async () => {
-      const { flags } = await this.parse(_AuthGenerate);
-      this.log("Generating new private key...\n");
-      const { privateKey, address } = generateNewPrivateKey();
-      const content = `
+    const { flags } = await this.parse(_AuthGenerate);
+    this.log("Generating new private key...\n");
+    const { privateKey, address } = generateNewPrivateKey();
+    const content = `
 \u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501
 A new private key was generated for you.
 
@@ -290,53 +153,52 @@ Private key: ${privateKey}
 
 Press 'q' to exit and continue...
 `;
-      const displayed = await showPrivateKey(content);
-      if (!displayed) {
-        this.log("Key generation cancelled.");
-        return;
-      }
-      let shouldStore = flags.store;
-      if (!shouldStore && displayed) {
-        shouldStore = await confirm({
-          message: "Store this key in your OS keyring?",
-          default: true
+    const displayed = await showPrivateKey(content);
+    if (!displayed) {
+      this.log("Key generation cancelled.");
+      return;
+    }
+    let shouldStore = flags.store;
+    if (!shouldStore && displayed) {
+      shouldStore = await confirm({
+        message: "Store this key in your OS keyring?",
+        default: true
+      });
+    }
+    if (shouldStore) {
+      const exists = await keyExists();
+      if (exists) {
+        displayWarning([
+          `WARNING: A private key for ecloud already exists!`,
+          "If you continue, the existing key will be PERMANENTLY REPLACED.",
+          "This cannot be undone!",
+          "",
+          "The previous key will be lost forever if you haven't backed it up."
+        ]);
+        const confirmReplace = await confirm({
+          message: `Replace existing key for ecloud?`,
+          default: false
         });
-      }
-      if (shouldStore) {
-        const exists = await keyExists();
-        if (exists) {
-          displayWarning([
-            `WARNING: A private key for ecloud already exists!`,
-            "If you continue, the existing key will be PERMANENTLY REPLACED.",
-            "This cannot be undone!",
-            "",
-            "The previous key will be lost forever if you haven't backed it up."
-          ]);
-          const confirmReplace = await confirm({
-            message: `Replace existing key for ecloud?`,
-            default: false
-          });
-          if (!confirmReplace) {
-            this.log(
-              "\nKey not stored. If you did not save your new key when it was displayed, it is now lost and cannot be recovered."
-            );
-            return;
-          }
+        if (!confirmReplace) {
+          this.log(
+            "\nKey not stored. If you did not save your new key when it was displayed, it is now lost and cannot be recovered."
+          );
+          return;
         }
-        try {
-          await storePrivateKey(privateKey);
-          this.log(`
+      }
+      try {
+        await storePrivateKey(privateKey);
+        this.log(`
 \u2713 Private key stored in OS keyring`);
-          this.log(`\u2713 Address: ${address}`);
-          this.log("\nYou can now use ecloud commands without --private-key flag.");
-        } catch (err) {
-          this.error(`Failed to store key: ${err.message}`);
-        }
-      } else {
-        this.log("\nKey not stored in keyring.");
-        this.log("Remember to save the key shown above in a secure location.");
+        this.log(`\u2713 Address: ${address}`);
+        this.log("\nYou can now use ecloud commands without --private-key flag.");
+      } catch (err) {
+        this.error(`Failed to store key: ${err.message}`);
       }
-    });
+    } else {
+      this.log("\nKey not stored in keyring.");
+      this.log("Remember to save the key shown above in a secure location.");
+    }
   }
 };
 export {

package/dist/commands/auth/generate.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/commands/auth/generate.ts","../../../src/utils/security.ts","../../../src/telemetry.ts","../../../src/utils/globalConfig.ts"],"sourcesContent":["/**\n * Auth Generate Command\n *\n * Generate a new private key and optionally store it in OS keyring\n */\n\nimport { Command, Flags } from \"@oclif/core\";\nimport { confirm } from \"@inquirer/prompts\";\nimport { generateNewPrivateKey, storePrivateKey, keyExists } from \"@layr-labs/ecloud-sdk\";\nimport { showPrivateKey, displayWarning } from \"../../utils/security\";\nimport { withTelemetry } from \"../../telemetry\";\n\nexport default class AuthGenerate extends Command {\n  static description = \"Generate a new private key\";\n\n  static aliases = [\"auth:gen\", \"auth:new\"];\n\n  static examples = [\n    \"<%= config.bin %> <%= command.id %>\",\n    \"<%= config.bin %> <%= command.id %> --store\",\n  ];\n\n  static flags = {\n    store: Flags.boolean({\n      description: \"Automatically store in OS keyring\",\n      default: false,\n    }),\n  };\n\n  async run(): Promise<void> {\n    return withTelemetry(this, async () => {\n      const { flags } = await this.parse(AuthGenerate);\n\n      // Generate new key\n      this.log(\"Generating new private key...\\n\");\n      const { privateKey, address } = generateNewPrivateKey();\n\n      // Display key securely\n      const content = `\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nA new private key was generated for you.\n\nIMPORTANT: You MUST backup this key now.\n           It will never be shown again.\n\nAddress:     ${address}\nPrivate key: ${privateKey}\n\n⚠️  SECURITY WARNING:\n   • Anyone with this key can control your account\n   • Never share it or commit it to version control\n   • Store it in a secure password manager\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nPress 'q' to exit and continue...\n`;\n\n      const displayed = await showPrivateKey(content);\n\n      if (!displayed) {\n        this.log(\"Key generation cancelled.\");\n        return;\n      }\n\n      // Ask about storing\n      let shouldStore = flags.store;\n\n      if (!shouldStore && displayed) {\n        shouldStore = await confirm({\n          message: \"Store this key in your OS keyring?\",\n          default: true,\n        });\n      }\n\n      if (shouldStore) {\n        // Check if key already exists\n        const exists = await keyExists();\n\n        if (exists) {\n          displayWarning([\n            `WARNING: A private key for ecloud already exists!`,\n            \"If you continue, the existing key will be PERMANENTLY REPLACED.\",\n            \"This cannot be undone!\",\n            \"\",\n            \"The previous key will be lost forever if you haven't backed it up.\",\n          ]);\n\n          const confirmReplace = await confirm({\n            message: `Replace existing key for ecloud?`,\n            default: false,\n          });\n\n          if (!confirmReplace) {\n            this.log(\n              \"\\nKey not stored. If you did not save your new key when it was displayed, it is now lost and cannot be recovered.\",\n            );\n            return;\n          }\n        }\n\n        // Store the key\n        try {\n          await storePrivateKey(privateKey);\n          this.log(`\\n✓ Private key stored in OS keyring`);\n          this.log(`✓ Address: ${address}`);\n          this.log(\"\\nYou can now use ecloud commands without --private-key flag.\");\n        } catch (err: any) {\n          this.error(`Failed to store key: ${err.message}`);\n        }\n      } else {\n        this.log(\"\\nKey not stored in keyring.\");\n        this.log(\"Remember to save the key shown above in a secure location.\");\n      }\n    });\n  }\n}\n","/**\n * Security utilities for CLI\n *\n * Functions for securely displaying and handling sensitive content\n * like private keys.\n */\n\nimport { spawn, execSync } from \"child_process\";\nimport { platform } from \"os\";\nimport { select, password } from \"@inquirer/prompts\";\n\n/**\n * Display sensitive content using system pager (less/more)\n * Returns true if content was displayed, false if user aborted\n */\nexport async function showPrivateKey(content: string): Promise<boolean> {\n  // Try to use system pager\n  const pager = detectPager();\n\n  if (pager) {\n    try {\n      await runPager(pager, content);\n      return true;\n    } catch (err) {\n      console.error(`Failed to run pager: ${err}`);\n      // Fall through to fallback\n    }\n  }\n\n  // No pager available - give user a choice\n  console.log(\"\\nNo pager (less/more) found on PATH.\");\n  console.log(\"For security, avoid printing private keys to the terminal.\");\n  console.log(\"\");\n\n  const choice = await select({\n    message: \"Choose an option:\",\n    choices: [\n      { name: \"Abort (recommended)\", value: \"abort\" },\n      { name: \"Print and clear screen\", value: \"print\" },\n    ],\n  });\n\n  if (choice === \"print\") {\n    console.log(content);\n    console.log(\"\");\n    console.log(\"Press Enter after you have securely saved the key.\");\n    console.log(\"The screen will be cleared...\");\n\n    // Wait for Enter\n    await password({\n      message: \"\",\n      mask: \"\",\n    });\n\n    clearTerminal();\n    return true;\n  }\n\n  return false; // User aborted\n}\n\n/**\n * Detect system pager (less or more)\n */\nfunction detectPager(): string | null {\n  // Check PAGER env var first\n  if (process.env.PAGER) {\n    const pagerEnv = process.env.PAGER.trim();\n    // Only allow simple command names without arguments or special characters\n    if (/^[a-zA-Z0-9_-]+$/.test(pagerEnv)) {\n      return pagerEnv;\n    }\n  }\n\n  // Try common pagers\n  const pagers = [\"less\", \"more\"];\n\n  for (const pagerCmd of pagers) {\n    if (commandExists(pagerCmd)) {\n      return pagerCmd;\n    }\n  }\n\n  return null;\n}\n\n/**\n * Run pager with content\n */\nfunction runPager(pager: string, content: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    const child = spawn(pager, [], {\n      stdio: [\"pipe\", \"inherit\", \"inherit\"],\n    });\n\n    child.on(\"error\", reject);\n    child.on(\"exit\", (code) => {\n      if (code === 0) {\n        resolve();\n      } else {\n        reject(new Error(`Pager exited with code ${code}`));\n      }\n    });\n\n    try {\n      const written = child.stdin!.write(content);\n      if (!written) {\n        child.stdin!.once(\"drain\", () => {\n          try {\n            child.stdin!.end();\n          } catch (err) {\n            reject(err);\n          }\n        });\n      } else {\n        child.stdin!.end();\n      }\n    } catch (err) {\n      reject(err);\n    }\n  });\n}\n\n/**\n * Check if command exists\n */\nfunction commandExists(command: string): boolean {\n  try {\n    const cmd = platform() === \"win32\" ? `where ${command}` : `which ${command}`;\n    execSync(cmd, { stdio: \"ignore\" });\n    return true;\n  } catch {\n    return false;\n  }\n}\n\n/**\n * Clear terminal screen\n */\nexport function clearTerminal(): void {\n  if (platform() === \"win32\") {\n    process.stdout.write(\"\\x1Bc\");\n  } else {\n    process.stdout.write(\"\\x1B[2J\\x1B[3J\\x1B[H\");\n  }\n}\n\n/**\n * Get hidden input (password-style)\n */\nexport async function getHiddenInput(message: string): Promise<string> {\n  return await password({\n    message,\n    mask: \"*\",\n  });\n}\n\n/**\n * Display multi-line warning for destructive operations\n */\nexport function displayWarning(lines: string[]): void {\n  const width = lines.length > 0 ? Math.max(...lines.map((l) => l.length)) + 4 : 4;\n  const border = \"⚠\".repeat(width);\n\n  console.log(\"\");\n  console.log(border);\n  for (const line of lines) {\n    console.log(`⚠  ${line}`);\n  }\n  console.log(border);\n  console.log(\"\");\n}\n","/**\n * Telemetry utilities for CLI commands\n *\n * Provides helpers to wrap command execution with telemetry tracking\n */\n\nimport {\n  createTelemetryClient,\n  createAppEnvironment,\n  createMetricsContext,\n  addMetric,\n  addMetricWithDimensions,\n  emitMetrics,\n  type TelemetryClient,\n  getBuildType,\n} from \"@layr-labs/ecloud-sdk\";\nimport { Command } from \"@oclif/core\";\nimport {\n  getDefaultEnvironment,\n  getOrCreateUserUUID,\n  getGlobalTelemetryPreference,\n} from \"./utils/globalConfig\";\n\n/**\n * Create a telemetry client for CLI usage\n */\nexport function createCLITelemetryClient(): TelemetryClient {\n  // Get user UUID from CLI's globalConfig (handles I/O)\n  const userUUID = getOrCreateUserUUID();\n  const environment = createAppEnvironment(userUUID);\n\n  // Get telemetry preference from CLI's globalConfig\n  const telemetryEnabled = getGlobalTelemetryPreference();\n\n  return createTelemetryClient(environment, \"ecloud-cli\", {\n    telemetryEnabled: telemetryEnabled === true, // Only enabled if explicitly set to true\n  });\n}\n\n/**\n * Wrap a command execution with telemetry\n *\n * @param command - The CLI command instance\n * @param action - The command action to execute\n * @returns The result of the action\n */\nexport async function withTelemetry<T>(command: Command, action: () => Promise<T>): Promise<T> {\n  const client = createCLITelemetryClient();\n  const metrics = createMetricsContext();\n\n  // Set source to identify CLI usage\n  metrics.properties[\"source\"] = \"ecloud-cli\";\n\n  // Set command name in properties\n  metrics.properties[\"command\"] = command.id || command.constructor.name;\n\n  // Set environment in properties\n  const environment = getDefaultEnvironment() || \"sepolia\";\n  metrics.properties[\"environment\"] = environment;\n\n  // Set buildType in properties\n  const buildType = getBuildType() || \"prod\";\n  metrics.properties[\"build_type\"] = buildType;\n\n  // Set CLI version if available\n  const cliVersion = command.config.version;\n  if (cliVersion) {\n    metrics.properties[\"cli_version\"] = cliVersion;\n  }\n\n  // Add initial count metric\n  addMetric(metrics, \"Count\", 1);\n\n  let actionError: Error | undefined;\n  let result: T;\n\n  try {\n    result = await action();\n    return result;\n  } catch (err) {\n    actionError = err instanceof Error ? err : new Error(String(err));\n    throw err;\n  } finally {\n    // Add result metric\n    const resultValue = actionError ? \"Failure\" : \"Success\";\n    const dimensions: Record<string, string> = {};\n    if (actionError) {\n      dimensions[\"error\"] = actionError.message;\n    }\n    addMetricWithDimensions(metrics, resultValue, 1, dimensions);\n\n    // Add duration metric\n    const duration = Date.now() - metrics.startTime.getTime();\n    addMetric(metrics, \"DurationMilliseconds\", duration);\n\n    // Emit all metrics\n    try {\n      await emitMetrics(client, metrics);\n      await client.close();\n    } catch {\n      // Silently ignore telemetry errors\n    }\n  }\n}\n","/**\n * Global configuration management\n *\n * Stores user-level configuration that persists across all CLI usage.\n * - $XDG_CONFIG_HOME/ecloud[BuildSuffix]/config.yaml (if XDG_CONFIG_HOME is set)\n * - Or ~/.config/ecloud[BuildSuffix]/config.yaml (fallback)\n *\n * Where BuildSuffix is:\n * - \"\" (empty) for production builds\n * - \"-dev\" for development builds\n */\n\nimport * as fs from \"fs\";\nimport * as path from \"path\";\nimport * as os from \"os\";\nimport { load as loadYaml, dump as dumpYaml } from \"js-yaml\";\nimport { getBuildType } from \"@layr-labs/ecloud-sdk\";\nimport * as crypto from \"crypto\";\nconst GLOBAL_CONFIG_FILE = \"config.yaml\";\n\nexport interface ProfileCacheEntry {\n  updated_at: number; // Unix timestamp in milliseconds\n  profiles: { [appId: string]: string }; // appId -> profile name\n}\n\nexport interface GlobalConfig {\n  first_run?: boolean;\n  telemetry_enabled?: boolean;\n  user_uuid?: string;\n  default_environment?: string;\n  last_version_check?: number;\n  last_known_version?: string;\n  profile_cache?: {\n    [environment: string]: ProfileCacheEntry;\n  };\n}\n\n// Profile cache TTL: 24 hours in milliseconds\nconst PROFILE_CACHE_TTL_MS = 24 * 60 * 60 * 1000;\n\n/**\n * Get the XDG-compliant directory where global ecloud config should be stored\n */\nfunction getGlobalConfigDir(): string {\n  // First check XDG_CONFIG_HOME\n  const configHome = process.env.XDG_CONFIG_HOME;\n\n  let baseDir: string;\n  if (configHome && path.isAbsolute(configHome)) {\n    baseDir = configHome;\n  } else {\n    // Fall back to ~/.config\n    baseDir = path.join(os.homedir(), \".config\");\n  }\n\n  // Use environment-specific config directory\n  const buildType = getBuildType();\n  const buildSuffix = buildType === \"dev\" ? \"-dev\" : \"\";\n  const configDirName = `ecloud${buildSuffix}`;\n\n  return path.join(baseDir, configDirName);\n}\n\n/**\n * Get the full path to the global config file\n */\nfunction getGlobalConfigPath(): string {\n  return path.join(getGlobalConfigDir(), GLOBAL_CONFIG_FILE);\n}\n\n/**\n * Load global configuration, creating defaults if needed\n */\nexport function loadGlobalConfig(): GlobalConfig {\n  const configPath = getGlobalConfigPath();\n\n  // If file doesn't exist, return defaults for first run\n  if (!fs.existsSync(configPath)) {\n    return {\n      first_run: true,\n    };\n  }\n\n  try {\n    const content = fs.readFileSync(configPath, \"utf-8\");\n    const config = loadYaml(content) as GlobalConfig;\n    return config || { first_run: true };\n  } catch {\n    // If parsing fails, return defaults\n    return {\n      first_run: true,\n    };\n  }\n}\n\n/**\n * Save global configuration to disk\n */\nexport function saveGlobalConfig(config: GlobalConfig): void {\n  const configPath = getGlobalConfigPath();\n\n  // Ensure directory exists\n  const configDir = path.dirname(configPath);\n  fs.mkdirSync(configDir, { recursive: true, mode: 0o755 });\n\n  // Write config file\n  const content = dumpYaml(config, { lineWidth: -1 });\n  fs.writeFileSync(configPath, content, { mode: 0o644 });\n}\n\n/**\n * Get the user's preferred deployment environment\n */\nexport function getDefaultEnvironment(): string | undefined {\n  const config = loadGlobalConfig();\n  return config.default_environment;\n}\n\n/**\n * Set the user's preferred deployment environment\n */\nexport function setDefaultEnvironment(environment: string): void {\n  const config = loadGlobalConfig();\n  config.default_environment = environment;\n  config.first_run = false; // No longer first run after setting environment\n  saveGlobalConfig(config);\n}\n\n/**\n * Check if this is the user's first time running the CLI\n */\nexport function isFirstRun(): boolean {\n  const config = loadGlobalConfig();\n  return config.first_run === true;\n}\n\n/**\n * Mark that the first run has been completed\n */\nexport function markFirstRunComplete(): void {\n  const config = loadGlobalConfig();\n  config.first_run = false;\n  saveGlobalConfig(config);\n}\n\n/**\n * Get the global telemetry preference\n */\nexport function getGlobalTelemetryPreference(): boolean | undefined {\n  const config = loadGlobalConfig();\n  return config.telemetry_enabled;\n}\n\n/**\n * Set the global telemetry preference\n */\nexport function setGlobalTelemetryPreference(enabled: boolean): void {\n  const config = loadGlobalConfig();\n  config.telemetry_enabled = enabled;\n  config.first_run = false; // No longer first run after setting preference\n  saveGlobalConfig(config);\n}\n\n// ==================== Profile Cache Functions ====================\n\n/**\n * Get cached profile names for an environment\n * Returns null if cache is missing or expired (older than 24 hours)\n */\nexport function getProfileCache(environment: string): Record<string, string> | null {\n  const config = loadGlobalConfig();\n  const cacheEntry = config.profile_cache?.[environment];\n\n  if (!cacheEntry) {\n    return null;\n  }\n\n  // Check if cache is expired\n  const now = Date.now();\n  if (now - cacheEntry.updated_at > PROFILE_CACHE_TTL_MS) {\n    return null;\n  }\n\n  return cacheEntry.profiles;\n}\n\n/**\n * Set cached profile names for an environment\n */\nexport function setProfileCache(environment: string, profiles: Record<string, string>): void {\n  const config = loadGlobalConfig();\n\n  if (!config.profile_cache) {\n    config.profile_cache = {};\n  }\n\n  config.profile_cache[environment] = {\n    updated_at: Date.now(),\n    profiles,\n  };\n\n  saveGlobalConfig(config);\n}\n\n/**\n * Invalidate profile cache for a specific environment or all environments\n */\nexport function invalidateProfileCache(environment?: string): void {\n  const config = loadGlobalConfig();\n\n  if (!config.profile_cache) {\n    return;\n  }\n\n  if (environment) {\n    // Invalidate specific environment\n    delete config.profile_cache[environment];\n  } else {\n    // Invalidate all environments\n    config.profile_cache = {};\n  }\n\n  saveGlobalConfig(config);\n}\n\n/**\n * Update a single profile name in the cache\n * This is useful after deploy or profile set to update just one entry\n */\nexport function updateProfileCacheEntry(\n  environment: string,\n  appId: string,\n  profileName: string,\n): void {\n  const config = loadGlobalConfig();\n\n  if (!config.profile_cache) {\n    config.profile_cache = {};\n  }\n\n  if (!config.profile_cache[environment]) {\n    config.profile_cache[environment] = {\n      updated_at: Date.now(),\n      profiles: {},\n    };\n  }\n\n  // Normalize appId to lowercase for consistent lookups\n  const normalizedAppId = appId.toLowerCase();\n  config.profile_cache[environment].profiles[normalizedAppId] = profileName;\n  config.profile_cache[environment].updated_at = Date.now();\n\n  saveGlobalConfig(config);\n}\n\n/**\n * Get the user UUID from global config, or generate a new one if it doesn't exist\n */\nexport function getOrCreateUserUUID(): string {\n  const config = loadGlobalConfig();\n  if (config.user_uuid) {\n    return config.user_uuid;\n  }\n\n  // Generate a new UUID (v4)\n  const uuid = generateUUID();\n\n  // Save it to config\n  config.user_uuid = uuid;\n  config.first_run = false;\n  saveGlobalConfig(config);\n\n  return uuid;\n}\n\n/**\n * Generate a UUID v4\n */\nfunction generateUUID(): string {\n  // UUID v4 format: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx\n  // Use cryptographically secure random values.\n  const bytes = crypto.randomBytes(16);\n  // Per RFC 4122 section 4.4, set bits for version and `clock_seq_hi_and_reserved`\n  bytes[6] = (bytes[6] & 0x0f) | 0x40; // Version 4\n  bytes[8] = (bytes[8] & 0x3f) | 0x80; // Variant 10\n  const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, \"0\"));\n  return (\n    hex.slice(0, 4).join(\"\") +\n    hex.slice(4, 6).join(\"\") +\n    \"-\" +\n    hex.slice(6, 8).join(\"\") +\n    \"-\" +\n    hex.slice(8, 10).join(\"\") +\n    \"-\" +\n    hex.slice(10, 12).join(\"\") +\n    \"-\" +\n    hex.slice(12, 16).join(\"\")\n  );\n}\n\n/**\n * Save user UUID to global config (preserves existing UUID if present)\n */\nexport function saveUserUUID(userUUID: string): void {\n  const config = loadGlobalConfig();\n  // Only update if not already set\n  if (!config.user_uuid) {\n    config.user_uuid = userUUID;\n    saveGlobalConfig(config);\n  }\n}\n"],"mappings":";;;AAMA,SAAS,SAAS,aAAa;AAC/B,SAAS,eAAe;AACxB,SAAS,uBAAuB,iBAAiB,iBAAiB;;;ACDlE,SAAS,OAAO,gBAAgB;AAChC,SAAS,gBAAgB;AACzB,SAAS,QAAQ,gBAAgB;AAMjC,eAAsB,eAAe,SAAmC;AAEtE,QAAM,QAAQ,YAAY;AAE1B,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,OAAO,OAAO;AAC7B,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,cAAQ,MAAM,wBAAwB,GAAG,EAAE;AAAA,IAE7C;AAAA,EACF;AAGA,UAAQ,IAAI,uCAAuC;AACnD,UAAQ,IAAI,4DAA4D;AACxE,UAAQ,IAAI,EAAE;AAEd,QAAM,SAAS,MAAM,OAAO;AAAA,IAC1B,SAAS;AAAA,IACT,SAAS;AAAA,MACP,EAAE,MAAM,uBAAuB,OAAO,QAAQ;AAAA,MAC9C,EAAE,MAAM,0BAA0B,OAAO,QAAQ;AAAA,IACnD;AAAA,EACF,CAAC;AAED,MAAI,WAAW,SAAS;AACtB,YAAQ,IAAI,OAAO;AACnB,YAAQ,IAAI,EAAE;AACd,YAAQ,IAAI,oDAAoD;AAChE,YAAQ,IAAI,+BAA+B;AAG3C,UAAM,SAAS;AAAA,MACb,SAAS;AAAA,MACT,MAAM;AAAA,IACR,CAAC;AAED,kBAAc;AACd,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAKA,SAAS,cAA6B;AAEpC,MAAI,QAAQ,IAAI,OAAO;AACrB,UAAM,WAAW,QAAQ,IAAI,MAAM,KAAK;AAExC,QAAI,mBAAmB,KAAK,QAAQ,GAAG;AACrC,aAAO;AAAA,IACT;AAAA,EACF;AAGA,QAAM,SAAS,CAAC,QAAQ,MAAM;AAE9B,aAAW,YAAY,QAAQ;AAC7B,QAAI,cAAc,QAAQ,GAAG;AAC3B,aAAO;AAAA,IACT;AAAA,EACF;AAEA,SAAO;AACT;AAKA,SAAS,SAAS,OAAe,SAAgC;AAC/D,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,QAAQ,MAAM,OAAO,CAAC,GAAG;AAAA,MAC7B,OAAO,CAAC,QAAQ,WAAW,SAAS;AAAA,IACtC,CAAC;AAED,UAAM,GAAG,SAAS,MAAM;AACxB,UAAM,GAAG,QAAQ,CAAC,SAAS;AACzB,UAAI,SAAS,GAAG;AACd,gBAAQ;AAAA,MACV,OAAO;AACL,eAAO,IAAI,MAAM,0BAA0B,IAAI,EAAE,CAAC;AAAA,MACpD;AAAA,IACF,CAAC;AAED,QAAI;AACF,YAAM,UAAU,MAAM,MAAO,MAAM,OAAO;AAC1C,UAAI,CAAC,SAAS;AACZ,cAAM,MAAO,KAAK,SAAS,MAAM;AAC/B,cAAI;AACF,kBAAM,MAAO,IAAI;AAAA,UACnB,SAAS,KAAK;AACZ,mBAAO,GAAG;AAAA,UACZ;AAAA,QACF,CAAC;AAAA,MACH,OAAO;AACL,cAAM,MAAO,IAAI;AAAA,MACnB;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,GAAG;AAAA,IACZ;AAAA,EACF,CAAC;AACH;AAKA,SAAS,cAAc,SAA0B;AAC/C,MAAI;AACF,UAAM,MAAM,SAAS,MAAM,UAAU,SAAS,OAAO,KAAK,SAAS,OAAO;AAC1E,aAAS,KAAK,EAAE,OAAO,SAAS,CAAC;AACjC,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKO,SAAS,gBAAsB;AACpC,MAAI,SAAS,MAAM,SAAS;AAC1B,YAAQ,OAAO,MAAM,OAAO;AAAA,EAC9B,OAAO;AACL,YAAQ,OAAO,MAAM,sBAAsB;AAAA,EAC7C;AACF;AAeO,SAAS,eAAe,OAAuB;AACpD,QAAM,QAAQ,MAAM,SAAS,IAAI,KAAK,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,IAAI;AAC/E,QAAM,SAAS,SAAI,OAAO,KAAK;AAE/B,UAAQ,IAAI,EAAE;AACd,UAAQ,IAAI,MAAM;AAClB,aAAW,QAAQ,OAAO;AACxB,YAAQ,IAAI,WAAM,IAAI,EAAE;AAAA,EAC1B;AACA,UAAQ,IAAI,MAAM;AAClB,UAAQ,IAAI,EAAE;AAChB;;;ACrKA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA,gBAAAA;AAAA,OACK;;;ACHP,YAAY,QAAQ;AACpB,YAAY,UAAU;AACtB,YAAY,QAAQ;AACpB,SAAS,QAAQ,UAAU,QAAQ,gBAAgB;AACnD,SAAS,oBAAoB;AAC7B,YAAY,YAAY;AACxB,IAAM,qBAAqB;AAoB3B,IAAM,uBAAuB,KAAK,KAAK,KAAK;AAK5C,SAAS,qBAA6B;AAEpC,QAAM,aAAa,QAAQ,IAAI;AAE/B,MAAI;AACJ,MAAI,cAAmB,gBAAW,UAAU,GAAG;AAC7C,cAAU;AAAA,EACZ,OAAO;AAEL,cAAe,UAAQ,WAAQ,GAAG,SAAS;AAAA,EAC7C;AAGA,QAAM,YAAY,aAAa;AAC/B,QAAM,cAAc,cAAc,QAAQ,SAAS;AACnD,QAAM,gBAAgB,SAAS,WAAW;AAE1C,SAAY,UAAK,SAAS,aAAa;AACzC;AAKA,SAAS,sBAA8B;AACrC,SAAY,UAAK,mBAAmB,GAAG,kBAAkB;AAC3D;AAKO,SAAS,mBAAiC;AAC/C,QAAM,aAAa,oBAAoB;AAGvC,MAAI,CAAI,cAAW,UAAU,GAAG;AAC9B,WAAO;AAAA,MACL,WAAW;AAAA,IACb;AAAA,EACF;AAEA,MAAI;AACF,UAAM,UAAa,gBAAa,YAAY,OAAO;AACnD,UAAM,SAAS,SAAS,OAAO;AAC/B,WAAO,UAAU,EAAE,WAAW,KAAK;AAAA,EACrC,QAAQ;AAEN,WAAO;AAAA,MACL,WAAW;AAAA,IACb;AAAA,EACF;AACF;AAKO,SAAS,iBAAiB,QAA4B;AAC3D,QAAM,aAAa,oBAAoB;AAGvC,QAAM,YAAiB,aAAQ,UAAU;AACzC,EAAG,aAAU,WAAW,EAAE,WAAW,MAAM,MAAM,IAAM,CAAC;AAGxD,QAAM,UAAU,SAAS,QAAQ,EAAE,WAAW,GAAG,CAAC;AAClD,EAAG,iBAAc,YAAY,SAAS,EAAE,MAAM,IAAM,CAAC;AACvD;AAKO,SAAS,wBAA4C;AAC1D,QAAM,SAAS,iBAAiB;AAChC,SAAO,OAAO;AAChB;AAgCO,SAAS,+BAAoD;AAClE,QAAM,SAAS,iBAAiB;AAChC,SAAO,OAAO;AAChB;AA2GO,SAAS,sBAA8B;AAC5C,QAAM,SAAS,iBAAiB;AAChC,MAAI,OAAO,WAAW;AACpB,WAAO,OAAO;AAAA,EAChB;AAGA,QAAM,OAAO,aAAa;AAG1B,SAAO,YAAY;AACnB,SAAO,YAAY;AACnB,mBAAiB,MAAM;AAEvB,SAAO;AACT;AAKA,SAAS,eAAuB;AAG9B,QAAM,QAAe,mBAAY,EAAE;AAEnC,QAAM,CAAC,IAAK,MAAM,CAAC,IAAI,KAAQ;AAC/B,QAAM,CAAC,IAAK,MAAM,CAAC,IAAI,KAAQ;AAC/B,QAAM,MAAM,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC;AACpE,SACE,IAAI,MAAM,GAAG,CAAC,EAAE,KAAK,EAAE,IACvB,IAAI,MAAM,GAAG,CAAC,EAAE,KAAK,EAAE,IACvB,MACA,IAAI,MAAM,GAAG,CAAC,EAAE,KAAK,EAAE,IACvB,MACA,IAAI,MAAM,GAAG,EAAE,EAAE,KAAK,EAAE,IACxB,MACA,IAAI,MAAM,IAAI,EAAE,EAAE,KAAK,EAAE,IACzB,MACA,IAAI,MAAM,IAAI,EAAE,EAAE,KAAK,EAAE;AAE7B;;;ADhRO,SAAS,2BAA4C;AAE1D,QAAM,WAAW,oBAAoB;AACrC,QAAM,cAAc,qBAAqB,QAAQ;AAGjD,QAAM,mBAAmB,6BAA6B;AAEtD,SAAO,sBAAsB,aAAa,cAAc;AAAA,IACtD,kBAAkB,qBAAqB;AAAA;AAAA,EACzC,CAAC;AACH;AASA,eAAsB,cAAiB,SAAkB,QAAsC;AAC7F,QAAM,SAAS,yBAAyB;AACxC,QAAM,UAAU,qBAAqB;AAGrC,UAAQ,WAAW,QAAQ,IAAI;AAG/B,UAAQ,WAAW,SAAS,IAAI,QAAQ,MAAM,QAAQ,YAAY;AAGlE,QAAM,cAAc,sBAAsB,KAAK;AAC/C,UAAQ,WAAW,aAAa,IAAI;AAGpC,QAAM,YAAYC,cAAa,KAAK;AACpC,UAAQ,WAAW,YAAY,IAAI;AAGnC,QAAM,aAAa,QAAQ,OAAO;AAClC,MAAI,YAAY;AACd,YAAQ,WAAW,aAAa,IAAI;AAAA,EACtC;AAGA,YAAU,SAAS,SAAS,CAAC;AAE7B,MAAI;AACJ,MAAI;AAEJ,MAAI;AACF,aAAS,MAAM,OAAO;AACtB,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,kBAAc,eAAe,QAAQ,MAAM,IAAI,MAAM,OAAO,GAAG,CAAC;AAChE,UAAM;AAAA,EACR,UAAE;AAEA,UAAM,cAAc,cAAc,YAAY;AAC9C,UAAM,aAAqC,CAAC;AAC5C,QAAI,aAAa;AACf,iBAAW,OAAO,IAAI,YAAY;AAAA,IACpC;AACA,4BAAwB,SAAS,aAAa,GAAG,UAAU;AAG3D,UAAM,WAAW,KAAK,IAAI,IAAI,QAAQ,UAAU,QAAQ;AACxD,cAAU,SAAS,wBAAwB,QAAQ;AAGnD,QAAI;AACF,YAAM,YAAY,QAAQ,OAAO;AACjC,YAAM,OAAO,MAAM;AAAA,IACrB,QAAQ;AAAA,IAER;AAAA,EACF;AACF;;;AF3FA,IAAqB,eAArB,MAAqB,sBAAqB,QAAQ;AAAA,EAChD,OAAO,cAAc;AAAA,EAErB,OAAO,UAAU,CAAC,YAAY,UAAU;AAAA,EAExC,OAAO,WAAW;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AAAA,EAEA,OAAO,QAAQ;AAAA,IACb,OAAO,MAAM,QAAQ;AAAA,MACnB,aAAa;AAAA,MACb,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,MAAqB;AACzB,WAAO,cAAc,MAAM,YAAY;AACrC,YAAM,EAAE,MAAM,IAAI,MAAM,KAAK,MAAM,aAAY;AAG/C,WAAK,IAAI,iCAAiC;AAC1C,YAAM,EAAE,YAAY,QAAQ,IAAI,sBAAsB;AAGtD,YAAM,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,eAOP,OAAO;AAAA,eACP,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAWnB,YAAM,YAAY,MAAM,eAAe,OAAO;AAE9C,UAAI,CAAC,WAAW;AACd,aAAK,IAAI,2BAA2B;AACpC;AAAA,MACF;AAGA,UAAI,cAAc,MAAM;AAExB,UAAI,CAAC,eAAe,WAAW;AAC7B,sBAAc,MAAM,QAAQ;AAAA,UAC1B,SAAS;AAAA,UACT,SAAS;AAAA,QACX,CAAC;AAAA,MACH;AAEA,UAAI,aAAa;AAEf,cAAM,SAAS,MAAM,UAAU;AAE/B,YAAI,QAAQ;AACV,yBAAe;AAAA,YACb;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,UACF,CAAC;AAED,gBAAM,iBAAiB,MAAM,QAAQ;AAAA,YACnC,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAED,cAAI,CAAC,gBAAgB;AACnB,iBAAK;AAAA,cACH;AAAA,YACF;AACA;AAAA,UACF;AAAA,QACF;AAGA,YAAI;AACF,gBAAM,gBAAgB,UAAU;AAChC,eAAK,IAAI;AAAA,wCAAsC;AAC/C,eAAK,IAAI,mBAAc,OAAO,EAAE;AAChC,eAAK,IAAI,+DAA+D;AAAA,QAC1E,SAAS,KAAU;AACjB,eAAK,MAAM,wBAAwB,IAAI,OAAO,EAAE;AAAA,QAClD;AAAA,MACF,OAAO;AACL,aAAK,IAAI,8BAA8B;AACvC,aAAK,IAAI,4DAA4D;AAAA,MACvE;AAAA,IACF,CAAC;AAAA,EACH;AACF;","names":["getBuildType","getBuildType"]}
+{"version":3,"sources":["../../../src/commands/auth/generate.ts","../../../src/utils/security.ts"],"sourcesContent":["/**\n * Auth Generate Command\n *\n * Generate a new private key and optionally store it in OS keyring\n */\n\nimport { Command, Flags } from \"@oclif/core\";\nimport { confirm } from \"@inquirer/prompts\";\nimport { generateNewPrivateKey, storePrivateKey, keyExists } from \"@layr-labs/ecloud-sdk\";\nimport { showPrivateKey, displayWarning } from \"../../utils/security\";\n\nexport default class AuthGenerate extends Command {\n  static description = \"Generate a new private key\";\n\n  static aliases = [\"auth:gen\", \"auth:new\"];\n\n  static examples = [\n    \"<%= config.bin %> <%= command.id %>\",\n    \"<%= config.bin %> <%= command.id %> --store\",\n  ];\n\n  static flags = {\n    store: Flags.boolean({\n      description: \"Automatically store in OS keyring\",\n      default: false,\n    }),\n  };\n\n  async run(): Promise<void> {\n    const { flags } = await this.parse(AuthGenerate);\n\n    // Generate new key\n    this.log(\"Generating new private key...\\n\");\n    const { privateKey, address } = generateNewPrivateKey();\n\n    // Display key securely\n    const content = `\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nA new private key was generated for you.\n\nIMPORTANT: You MUST backup this key now.\n           It will never be shown again.\n\nAddress:     ${address}\nPrivate key: ${privateKey}\n\n⚠️  SECURITY WARNING:\n   • Anyone with this key can control your account\n   • Never share it or commit it to version control\n   • Store it in a secure password manager\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\nPress 'q' to exit and continue...\n`;\n\n    const displayed = await showPrivateKey(content);\n\n    if (!displayed) {\n      this.log(\"Key generation cancelled.\");\n      return;\n    }\n\n    // Ask about storing\n    let shouldStore = flags.store;\n\n    if (!shouldStore && displayed) {\n      shouldStore = await confirm({\n        message: \"Store this key in your OS keyring?\",\n        default: true,\n      });\n    }\n\n    if (shouldStore) {\n      // Check if key already exists\n      const exists = await keyExists();\n\n      if (exists) {\n        displayWarning([\n          `WARNING: A private key for ecloud already exists!`,\n          \"If you continue, the existing key will be PERMANENTLY REPLACED.\",\n          \"This cannot be undone!\",\n          \"\",\n          \"The previous key will be lost forever if you haven't backed it up.\",\n        ]);\n\n        const confirmReplace = await confirm({\n          message: `Replace existing key for ecloud?`,\n          default: false,\n        });\n\n        if (!confirmReplace) {\n          this.log(\n            \"\\nKey not stored. If you did not save your new key when it was displayed, it is now lost and cannot be recovered.\",\n          );\n          return;\n        }\n      }\n\n      // Store the key\n      try {\n        await storePrivateKey(privateKey);\n        this.log(`\\n✓ Private key stored in OS keyring`);\n        this.log(`✓ Address: ${address}`);\n        this.log(\"\\nYou can now use ecloud commands without --private-key flag.\");\n      } catch (err: any) {\n        this.error(`Failed to store key: ${err.message}`);\n      }\n    } else {\n      this.log(\"\\nKey not stored in keyring.\");\n      this.log(\"Remember to save the key shown above in a secure location.\");\n    }\n  }\n}\n","/**\n * Security utilities for CLI\n *\n * Functions for securely displaying and handling sensitive content\n * like private keys.\n */\n\nimport { spawn, execSync } from \"child_process\";\nimport { platform } from \"os\";\nimport { select, password } from \"@inquirer/prompts\";\n\n/**\n * Display sensitive content using system pager (less/more)\n * Returns true if content was displayed, false if user aborted\n */\nexport async function showPrivateKey(content: string): Promise<boolean> {\n  // Try to use system pager\n  const pager = detectPager();\n\n  if (pager) {\n    try {\n      await runPager(pager, content);\n      return true;\n    } catch (err) {\n      console.error(`Failed to run pager: ${err}`);\n      // Fall through to fallback\n    }\n  }\n\n  // No pager available - give user a choice\n  console.log(\"\\nNo pager (less/more) found on PATH.\");\n  console.log(\"For security, avoid printing private keys to the terminal.\");\n  console.log(\"\");\n\n  const choice = await select({\n    message: \"Choose an option:\",\n    choices: [\n      { name: \"Abort (recommended)\", value: \"abort\" },\n      { name: \"Print and clear screen\", value: \"print\" },\n    ],\n  });\n\n  if (choice === \"print\") {\n    console.log(content);\n    console.log(\"\");\n    console.log(\"Press Enter after you have securely saved the key.\");\n    console.log(\"The screen will be cleared...\");\n\n    // Wait for Enter\n    await password({\n      message: \"\",\n      mask: \"\",\n    });\n\n    clearTerminal();\n    return true;\n  }\n\n  return false; // User aborted\n}\n\n/**\n * Detect system pager (less or more)\n */\nfunction detectPager(): string | null {\n  // Check PAGER env var first\n  if (process.env.PAGER) {\n    const pagerEnv = process.env.PAGER.trim();\n    // Only allow simple command names without arguments or special characters\n    if (/^[a-zA-Z0-9_-]+$/.test(pagerEnv)) {\n      return pagerEnv;\n    }\n  }\n\n  // Try common pagers\n  const pagers = [\"less\", \"more\"];\n\n  for (const pagerCmd of pagers) {\n    if (commandExists(pagerCmd)) {\n      return pagerCmd;\n    }\n  }\n\n  return null;\n}\n\n/**\n * Run pager with content\n */\nfunction runPager(pager: string, content: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    const child = spawn(pager, [], {\n      stdio: [\"pipe\", \"inherit\", \"inherit\"],\n    });\n\n    child.on(\"error\", reject);\n    child.on(\"exit\", (code) => {\n      if (code === 0) {\n        resolve();\n      } else {\n        reject(new Error(`Pager exited with code ${code}`));\n      }\n    });\n\n    try {\n      const written = child.stdin!.write(content);\n      if (!written) {\n        child.stdin!.once(\"drain\", () => {\n          try {\n            child.stdin!.end();\n          } catch (err) {\n            reject(err);\n          }\n        });\n      } else {\n        child.stdin!.end();\n      }\n    } catch (err) {\n      reject(err);\n    }\n  });\n}\n\n/**\n * Check if command exists\n */\nfunction commandExists(command: string): boolean {\n  try {\n    const cmd = platform() === \"win32\" ? `where ${command}` : `which ${command}`;\n    execSync(cmd, { stdio: \"ignore\" });\n    return true;\n  } catch {\n    return false;\n  }\n}\n\n/**\n * Clear terminal screen\n */\nexport function clearTerminal(): void {\n  if (platform() === \"win32\") {\n    process.stdout.write(\"\\x1Bc\");\n  } else {\n    process.stdout.write(\"\\x1B[2J\\x1B[3J\\x1B[H\");\n  }\n}\n\n/**\n * Get hidden input (password-style)\n */\nexport async function getHiddenInput(message: string): Promise<string> {\n  return await password({\n    message,\n    mask: \"*\",\n  });\n}\n\n/**\n * Display multi-line warning for destructive operations\n */\nexport function displayWarning(lines: string[]): void {\n  const width = lines.length > 0 ? Math.max(...lines.map((l) => l.length)) + 4 : 4;\n  const border = \"⚠\".repeat(width);\n\n  console.log(\"\");\n  console.log(border);\n  for (const line of lines) {\n    console.log(`⚠  ${line}`);\n  }\n  console.log(border);\n  console.log(\"\");\n}\n"],"mappings":";;;AAMA,SAAS,SAAS,aAAa;AAC/B,SAAS,eAAe;AACxB,SAAS,uBAAuB,iBAAiB,iBAAiB;;;ACDlE,SAAS,OAAO,gBAAgB;AAChC,SAAS,gBAAgB;AACzB,SAAS,QAAQ,gBAAgB;AAMjC,eAAsB,eAAe,SAAmC;AAEtE,QAAM,QAAQ,YAAY;AAE1B,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,OAAO,OAAO;AAC7B,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,cAAQ,MAAM,wBAAwB,GAAG,EAAE;AAAA,IAE7C;AAAA,EACF;AAGA,UAAQ,IAAI,uCAAuC;AACnD,UAAQ,IAAI,4DAA4D;AACxE,UAAQ,IAAI,EAAE;AAEd,QAAM,SAAS,MAAM,OAAO;AAAA,IAC1B,SAAS;AAAA,IACT,SAAS;AAAA,MACP,EAAE,MAAM,uBAAuB,OAAO,QAAQ;AAAA,MAC9C,EAAE,MAAM,0BAA0B,OAAO,QAAQ;AAAA,IACnD;AAAA,EACF,CAAC;AAED,MAAI,WAAW,SAAS;AACtB,YAAQ,IAAI,OAAO;AACnB,YAAQ,IAAI,EAAE;AACd,YAAQ,IAAI,oDAAoD;AAChE,YAAQ,IAAI,+BAA+B;AAG3C,UAAM,SAAS;AAAA,MACb,SAAS;AAAA,MACT,MAAM;AAAA,IACR,CAAC;AAED,kBAAc;AACd,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAKA,SAAS,cAA6B;AAEpC,MAAI,QAAQ,IAAI,OAAO;AACrB,UAAM,WAAW,QAAQ,IAAI,MAAM,KAAK;AAExC,QAAI,mBAAmB,KAAK,QAAQ,GAAG;AACrC,aAAO;AAAA,IACT;AAAA,EACF;AAGA,QAAM,SAAS,CAAC,QAAQ,MAAM;AAE9B,aAAW,YAAY,QAAQ;AAC7B,QAAI,cAAc,QAAQ,GAAG;AAC3B,aAAO;AAAA,IACT;AAAA,EACF;AAEA,SAAO;AACT;AAKA,SAAS,SAAS,OAAe,SAAgC;AAC/D,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,QAAQ,MAAM,OAAO,CAAC,GAAG;AAAA,MAC7B,OAAO,CAAC,QAAQ,WAAW,SAAS;AAAA,IACtC,CAAC;AAED,UAAM,GAAG,SAAS,MAAM;AACxB,UAAM,GAAG,QAAQ,CAAC,SAAS;AACzB,UAAI,SAAS,GAAG;AACd,gBAAQ;AAAA,MACV,OAAO;AACL,eAAO,IAAI,MAAM,0BAA0B,IAAI,EAAE,CAAC;AAAA,MACpD;AAAA,IACF,CAAC;AAED,QAAI;AACF,YAAM,UAAU,MAAM,MAAO,MAAM,OAAO;AAC1C,UAAI,CAAC,SAAS;AACZ,cAAM,MAAO,KAAK,SAAS,MAAM;AAC/B,cAAI;AACF,kBAAM,MAAO,IAAI;AAAA,UACnB,SAAS,KAAK;AACZ,mBAAO,GAAG;AAAA,UACZ;AAAA,QACF,CAAC;AAAA,MACH,OAAO;AACL,cAAM,MAAO,IAAI;AAAA,MACnB;AAAA,IACF,SAAS,KAAK;AACZ,aAAO,GAAG;AAAA,IACZ;AAAA,EACF,CAAC;AACH;AAKA,SAAS,cAAc,SAA0B;AAC/C,MAAI;AACF,UAAM,MAAM,SAAS,MAAM,UAAU,SAAS,OAAO,KAAK,SAAS,OAAO;AAC1E,aAAS,KAAK,EAAE,OAAO,SAAS,CAAC;AACjC,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKO,SAAS,gBAAsB;AACpC,MAAI,SAAS,MAAM,SAAS;AAC1B,YAAQ,OAAO,MAAM,OAAO;AAAA,EAC9B,OAAO;AACL,YAAQ,OAAO,MAAM,sBAAsB;AAAA,EAC7C;AACF;AAeO,SAAS,eAAe,OAAuB;AACpD,QAAM,QAAQ,MAAM,SAAS,IAAI,KAAK,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,IAAI;AAC/E,QAAM,SAAS,SAAI,OAAO,KAAK;AAE/B,UAAQ,IAAI,EAAE;AACd,UAAQ,IAAI,MAAM;AAClB,aAAW,QAAQ,OAAO;AACxB,YAAQ,IAAI,WAAM,IAAI,EAAE;AAAA,EAC1B;AACA,UAAQ,IAAI,MAAM;AAClB,UAAQ,IAAI,EAAE;AAChB;;;ADhKA,IAAqB,eAArB,MAAqB,sBAAqB,QAAQ;AAAA,EAChD,OAAO,cAAc;AAAA,EAErB,OAAO,UAAU,CAAC,YAAY,UAAU;AAAA,EAExC,OAAO,WAAW;AAAA,IAChB;AAAA,IACA;AAAA,EACF;AAAA,EAEA,OAAO,QAAQ;AAAA,IACb,OAAO,MAAM,QAAQ;AAAA,MACnB,aAAa;AAAA,MACb,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,MAAqB;AACzB,UAAM,EAAE,MAAM,IAAI,MAAM,KAAK,MAAM,aAAY;AAG/C,SAAK,IAAI,iCAAiC;AAC1C,UAAM,EAAE,YAAY,QAAQ,IAAI,sBAAsB;AAGtD,UAAM,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,eAOL,OAAO;AAAA,eACP,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAWrB,UAAM,YAAY,MAAM,eAAe,OAAO;AAE9C,QAAI,CAAC,WAAW;AACd,WAAK,IAAI,2BAA2B;AACpC;AAAA,IACF;AAGA,QAAI,cAAc,MAAM;AAExB,QAAI,CAAC,eAAe,WAAW;AAC7B,oBAAc,MAAM,QAAQ;AAAA,QAC1B,SAAS;AAAA,QACT,SAAS;AAAA,MACX,CAAC;AAAA,IACH;AAEA,QAAI,aAAa;AAEf,YAAM,SAAS,MAAM,UAAU;AAE/B,UAAI,QAAQ;AACV,uBAAe;AAAA,UACb;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF,CAAC;AAED,cAAM,iBAAiB,MAAM,QAAQ;AAAA,UACnC,SAAS;AAAA,UACT,SAAS;AAAA,QACX,CAAC;AAED,YAAI,CAAC,gBAAgB;AACnB,eAAK;AAAA,YACH;AAAA,UACF;AACA;AAAA,QACF;AAAA,MACF;AAGA,UAAI;AACF,cAAM,gBAAgB,UAAU;AAChC,aAAK,IAAI;AAAA,wCAAsC;AAC/C,aAAK,IAAI,mBAAc,OAAO,EAAE;AAChC,aAAK,IAAI,+DAA+D;AAAA,MAC1E,SAAS,KAAU;AACjB,aAAK,MAAM,wBAAwB,IAAI,OAAO,EAAE;AAAA,MAClD;AAAA,IACF,OAAO;AACL,WAAK,IAAI,8BAA8B;AACvC,WAAK,IAAI,4DAA4D;AAAA,IACvE;AAAA,EACF;AACF;","names":[]}