@nocoo/otter 1.0.0

package/dist/utils/redact.js

@@ -0,0 +1,317 @@
+/**
+ * Credential redaction utilities.
+ *
+ * Strips sensitive values from file content before including
+ * them in snapshots. Works on both structured (JSON) and
+ * line-oriented (ini-like) config formats.
+ */
+const REDACTED = "[REDACTED]";
+// ---------------------------------------------------------------------------
+// JSON env-block redaction (for settings.json, etc.)
+// ---------------------------------------------------------------------------
+/** Keys whose values should always be redacted in JSON objects */
+const SENSITIVE_KEY_PATTERNS = [
+    /token/i,
+    /secret/i,
+    /api.?key/i,
+    /password/i,
+    /credential/i,
+    /auth/i,
+];
+function isSensitiveKey(key) {
+    return SENSITIVE_KEY_PATTERNS.some((p) => p.test(key));
+}
+/**
+ * Deep-walk a parsed JSON value and redact any string values
+ * whose keys match sensitive patterns.
+ *
+ * Returns [redactedValue, didRedact] tuple.
+ */
+function redactObject(obj) {
+    if (obj === null || obj === undefined)
+        return [obj, false];
+    if (typeof obj !== "object")
+        return [obj, false];
+    if (Array.isArray(obj)) {
+        let anyRedacted = false;
+        const mapped = obj.map((item) => {
+            const [val, redacted] = redactObject(item);
+            if (redacted)
+                anyRedacted = true;
+            return val;
+        });
+        return [mapped, anyRedacted];
+    }
+    let anyRedacted = false;
+    const result = {};
+    for (const [key, value] of Object.entries(obj)) {
+        if (typeof value === "string" && isSensitiveKey(key)) {
+            result[key] = REDACTED;
+            anyRedacted = true;
+        }
+        else if (typeof value === "object" && value !== null) {
+            const [val, redacted] = redactObject(value);
+            result[key] = val;
+            if (redacted)
+                anyRedacted = true;
+        }
+        else {
+            result[key] = value;
+        }
+    }
+    return [result, anyRedacted];
+}
+/**
+ * Redact sensitive values in a JSON string.
+ * Returns the original string if no redaction was needed or parsing fails.
+ */
+export function redactJsonSecrets(jsonContent) {
+    try {
+        const parsed = JSON.parse(jsonContent);
+        const [redacted, didRedact] = redactObject(parsed);
+        if (!didRedact)
+            return jsonContent;
+        // Re-serialize with 2-space indent
+        return JSON.stringify(redacted, null, 2);
+    }
+    catch {
+        // If not valid JSON, return as-is
+        return jsonContent;
+    }
+}
+// ---------------------------------------------------------------------------
+// Line-oriented redaction (for .npmrc, .gitconfig, etc.)
+// ---------------------------------------------------------------------------
+/** Patterns that match credential lines in ini-style config files */
+const LINE_REDACTION_PATTERNS = [
+    // .npmrc: //registry.npmjs.org/:_authToken=xxx
+    /^(\s*\/\/[^:]+\/:_authToken\s*=\s*).+$/,
+    // .npmrc: _auth=xxx
+    /^(\s*_auth\s*=\s*).+$/,
+    // .gitconfig: helper = store / credential block values
+    /^(\s*helper\s*=\s*store).*$/,
+    // Generic key=value where key contains token/secret/password/key
+    /^(\s*(?:.*(?:token|secret|password|api.?key|credential|auth)\w*)\s*=\s*).+$/i,
+];
+// ---------------------------------------------------------------------------
+// Shell script redaction (for .zshrc, .bashrc, .profile, etc.)
+// ---------------------------------------------------------------------------
+/**
+ * Patterns that match sensitive variable assignments in shell scripts.
+ * Captures the prefix (everything before the secret value) so we can
+ * replace just the value portion with [REDACTED].
+ */
+const SHELL_REDACTION_PATTERNS = [
+    // export KEY="value" or export KEY='value' or export KEY=value
+    // where KEY contains: TOKEN, SECRET, KEY, PASSWORD, CREDENTIAL, AUTH
+    /^(\s*export\s+\w*(?:TOKEN|SECRET|KEY|PASSWORD|CREDENTIAL|AUTH)\w*=).*$/i,
+    // Plain assignment (no export): KEY="value"
+    /^(\s*\w*(?:TOKEN|SECRET|KEY|PASSWORD|CREDENTIAL|AUTH)\w*=).*$/i,
+];
+/** Shell config filenames that should receive shell-script redaction */
+const SHELL_CONFIG_NAMES = new Set([
+    ".zshrc",
+    ".zprofile",
+    ".zshenv",
+    ".zlogin",
+    ".bashrc",
+    ".bash_profile",
+    ".profile",
+    ".tmux.conf",
+    ".wgetrc",
+    ".curlrc",
+]);
+/**
+ * Redact sensitive lines in ini-style / line-oriented config files.
+ * Each matching line has its value portion replaced with [REDACTED].
+ */
+export function redactLineSecrets(content) {
+    return content
+        .split("\n")
+        .map((line) => {
+        for (const pattern of LINE_REDACTION_PATTERNS) {
+            const match = line.match(pattern);
+            if (match) {
+                return `${match[1]}${REDACTED}`;
+            }
+        }
+        return line;
+    })
+        .join("\n");
+}
+/**
+ * Redact sensitive variable assignments in shell scripts.
+ * Catches patterns like:
+ *   export MY_API_KEY="sk-..."
+ *   GITHUB_TOKEN=ghp_xxx
+ *   export Z_AI_API_KEY="..."
+ */
+export function redactShellSecrets(content) {
+    return content
+        .split("\n")
+        .map((line) => {
+        // Skip comments
+        const trimmed = line.trimStart();
+        if (trimmed.startsWith("#"))
+            return line;
+        for (const pattern of SHELL_REDACTION_PATTERNS) {
+            const match = line.match(pattern);
+            if (match) {
+                return `${match[1]}${REDACTED}`;
+            }
+        }
+        return line;
+    })
+        .join("\n");
+}
+// ---------------------------------------------------------------------------
+// Value-pattern redaction (for history.jsonl and other freeform content)
+// ---------------------------------------------------------------------------
+/**
+ * Patterns that match credential-like values embedded in freeform text.
+ * These catch secrets that users may have pasted into CLI prompts.
+ * Each pattern replaces the matched portion with [REDACTED].
+ */
+const VALUE_CREDENTIAL_PATTERNS = [
+    // JWT tokens (three base64 segments separated by dots)
+    /eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/g,
+    // Bearer / token auth headers
+    /(?:Bearer|Token)\s+[A-Za-z0-9_\-.~+/]{20,}/gi,
+    // AWS access keys (AKIA...)
+    /AKIA[0-9A-Z]{16}/g,
+    // GitHub tokens (ghp_, gho_, ghu_, ghs_, ghr_)
+    /gh[pousr]_[A-Za-z0-9_]{36,}/g,
+    // Anthropic API keys
+    /sk-ant-[A-Za-z0-9_-]{20,}/g,
+    // OpenAI API keys
+    /sk-(?:proj-)?[A-Za-z0-9]{20,}/g,
+    // Slack tokens (xoxb-, xoxp-, xoxs-, xoxa-)
+    /xox[bpsa]-[A-Za-z0-9-]{20,}/g,
+    // Generic long hex secrets (e.g. 40+ hex chars, common for API keys/tokens)
+    /(?:(?:token|key|secret|password|auth|credential|cookie)\s*[=:]\s*)['"]*([A-Za-z0-9_\-+/.]{32,})['"]*$/gim,
+    // Cookie session values (session=xxx, sid=xxx, _session_id=xxx)
+    /(?:session|sid|_session_id|connect\.sid)\s*=\s*[A-Za-z0-9%_\-+/.]{16,}/gi,
+    // npm tokens
+    /npm_[A-Za-z0-9]{36,}/g,
+    // Private key content (if someone pasted it)
+    /-----BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY-----[\s\S]*?-----END\s+(?:RSA\s+)?PRIVATE\s+KEY-----/g,
+];
+/**
+ * Scan a string value and replace any credential-like patterns with [REDACTED].
+ * Returns [redactedString, didRedact].
+ */
+function redactValuePatterns(value) {
+    let result = value;
+    let didRedact = false;
+    for (const pattern of VALUE_CREDENTIAL_PATTERNS) {
+        // Reset lastIndex for global regexes
+        pattern.lastIndex = 0;
+        if (pattern.test(result)) {
+            didRedact = true;
+            pattern.lastIndex = 0;
+            result = result.replace(pattern, REDACTED);
+        }
+    }
+    return [result, didRedact];
+}
+/**
+ * Deep-walk a parsed value and apply value-pattern redaction to all strings.
+ * Unlike redactObject (key-based), this inspects the VALUE content itself.
+ */
+function redactDeepValues(obj) {
+    if (obj === null || obj === undefined)
+        return [obj, false];
+    if (typeof obj === "string") {
+        return redactValuePatterns(obj);
+    }
+    if (Array.isArray(obj)) {
+        let anyRedacted = false;
+        const mapped = obj.map((item) => {
+            const [val, redacted] = redactDeepValues(item);
+            if (redacted)
+                anyRedacted = true;
+            return val;
+        });
+        return [mapped, anyRedacted];
+    }
+    if (typeof obj === "object") {
+        let anyRedacted = false;
+        const result = {};
+        for (const [key, value] of Object.entries(obj)) {
+            const [val, redacted] = redactDeepValues(value);
+            result[key] = val;
+            if (redacted)
+                anyRedacted = true;
+        }
+        return [result, anyRedacted];
+    }
+    return [obj, false];
+}
+/**
+ * Redact credential-like values in JSONL content (one JSON object per line).
+ * Applies both key-based (sensitive key names) and value-based (credential
+ * patterns like JWTs, API keys, bearer tokens) redaction.
+ */
+export function redactJsonlSecrets(content) {
+    return content
+        .split("\n")
+        .map((line) => {
+        const trimmed = line.trim();
+        if (!trimmed)
+            return line;
+        try {
+            const parsed = JSON.parse(trimmed);
+            // Apply key-based redaction first
+            const [keyRedacted] = redactObject(parsed);
+            // Then apply value-pattern redaction
+            const [valueRedacted, didRedact] = redactDeepValues(keyRedacted);
+            // Also check if key-based redaction changed anything
+            const keyChanged = JSON.stringify(keyRedacted) !== JSON.stringify(parsed);
+            if (!didRedact && !keyChanged)
+                return line;
+            return JSON.stringify(valueRedacted);
+        }
+        catch {
+            // Not valid JSON line — apply value-pattern redaction as plain text
+            const [result, didRedact] = redactValuePatterns(trimmed);
+            return didRedact ? result : line;
+        }
+    })
+        .join("\n");
+}
+// ---------------------------------------------------------------------------
+// Public API: auto-detect format and redact
+// ---------------------------------------------------------------------------
+/**
+ * Redact credentials from file content.
+ * Auto-detects format based on file path extension or filename.
+ *
+ * @param content  Raw file content
+ * @param filePath File path (used to determine format)
+ * @returns Content with sensitive values replaced by [REDACTED]
+ */
+export function redactSecrets(content, filePath) {
+    const lower = filePath.toLowerCase();
+    if (lower.endsWith(".json")) {
+        return redactJsonSecrets(content);
+    }
+    // JSONL files (e.g. history.jsonl): value-pattern + key-based redaction
+    if (lower.endsWith(".jsonl")) {
+        return redactJsonlSecrets(content);
+    }
+    // Line-oriented configs: .npmrc, .gitconfig, .env, etc.
+    if (lower.endsWith(".npmrc") ||
+        lower.endsWith(".gitconfig") ||
+        lower.endsWith(".env") ||
+        lower.endsWith(".env.local") ||
+        lower.endsWith(".netrc")) {
+        return redactLineSecrets(content);
+    }
+    // Shell config files: .zshrc, .bashrc, .profile, etc.
+    const fileName = lower.split("/").pop() ?? "";
+    if (SHELL_CONFIG_NAMES.has(fileName)) {
+        return redactShellSecrets(content);
+    }
+    return content;
+}
+//# sourceMappingURL=redact.js.map

package/dist/utils/redact.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redact.js","sourceRoot":"","sources":["../../src/utils/redact.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,QAAQ,GAAG,YAAY,CAAC;AAE9B,8EAA8E;AAC9E,qDAAqD;AACrD,8EAA8E;AAE9E,kEAAkE;AAClE,MAAM,sBAAsB,GAAG;IAC7B,QAAQ;IACR,SAAS;IACT,WAAW;IACX,WAAW;IACX,aAAa;IACb,OAAO;CACR,CAAC;AAEF,SAAS,cAAc,CAAC,GAAW;IACjC,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AACzD,CAAC;AAED;;;;;GAKG;AACH,SAAS,YAAY,CAAC,GAAY;IAChC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC3D,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAEjD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,QAAQ;gBAAE,WAAW,GAAG,IAAI,CAAC;YACjC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,WAAW,GAAG,KAAK,CAAC;IACxB,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;QAC1E,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;YACrD,MAAM,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;YACvB,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;aAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACvD,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;YAClB,IAAI,QAAQ;gBAAE,WAAW,GAAG,IAAI,CAAC;QACnC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACtB,CAAC;IACH,CAAC;IACD,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,WAAmB;IACnD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACvC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,SAAS;YAAE,OAAO,WAAW,CAAC;QACnC,mCAAmC;QACnC,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,kCAAkC;QAClC,OAAO,WAAW,CAAC;IACrB,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,yDAAyD;AACzD,8EAA8E;AAE9E,qEAAqE;AACrE,MAAM,uBAAuB,GAAG;IAC9B,+CAA+C;IAC/C,wCAAwC;IACxC,oBAAoB;IACpB,uBAAuB;IACvB,uDAAuD;IACvD,6BAA6B;IAC7B,iEAAiE;IACjE,8EAA8E;CAC/E,CAAC;AAEF,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,wBAAwB,GAAG;IAC/B,+DAA+D;IAC/D,qEAAqE;IACrE,yEAAyE;IACzE,4CAA4C;IAC5C,gEAAgE;CACjE,CAAC;AAEF,wEAAwE;AACxE,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,QAAQ;IACR,WAAW;IACX,SAAS;IACT,SAAS;IACT,SAAS;IACT,eAAe;IACf,UAAU;IACV,YAAY;IACZ,SAAS;IACT,SAAS;CACV,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,OAAO,OAAO;SACX,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;YAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,EAAE,CAAC;YAClC,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,OAAO,OAAO;SACX,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,gBAAgB;QAChB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QACjC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QAEzC,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,EAAE,CAAC;YAClC,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,yEAAyE;AACzE,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,yBAAyB,GAAa;IAC1C,uDAAuD;IACvD,mEAAmE;IACnE,8BAA8B;IAC9B,8CAA8C;IAC9C,4BAA4B;IAC5B,mBAAmB;IACnB,+CAA+C;IAC/C,8BAA8B;IAC9B,qBAAqB;IACrB,4BAA4B;IAC5B,kBAAkB;IAClB,gCAAgC;IAChC,4CAA4C;IAC5C,8BAA8B;IAC9B,4EAA4E;IAC5E,0GAA0G;IAC1G,gEAAgE;IAChE,0EAA0E;IAC1E,aAAa;IACb,uBAAuB;IACvB,6CAA6C;IAC7C,6FAA6F;CAC9F,CAAC;AAEF;;;GAGG;AACH,SAAS,mBAAmB,CAAC,KAAa;IACxC,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;QAChD,qCAAqC;QACrC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,SAAS,GAAG,IAAI,CAAC;YACjB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,GAAY;IACpC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE3D,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;YAC/C,IAAI,QAAQ;gBAAE,WAAW,GAAG,IAAI,CAAC;YACjC,OAAO,GAAG,CAAC;QACb,CAAC,CAAC,CAAC;QACH,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CACvC,GAA8B,CAC/B,EAAE,CAAC;YACF,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAChD,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;YAClB,IAAI,QAAQ;gBAAE,WAAW,GAAG,IAAI,CAAC;QACnC,CAAC;QACD,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC/B,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AACtB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,OAAO,OAAO;SACX,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAEnC,kCAAkC;YAClC,MAAM,CAAC,WAAW,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YAC3C,qCAAqC;YACrC,MAAM,CAAC,aAAa,EAAE,SAAS,CAAC,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YAEjE,qDAAqD;YACrD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE1E,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU;gBAAE,OAAO,IAAI,CAAC;YAC3C,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC;YACP,oEAAoE;YACpE,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;YACzD,OAAO,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QACnC,CAAC;IACH,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,4CAA4C;AAC5C,8EAA8E;AAE9E;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe,EAAE,QAAgB;IAC7D,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAErC,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,wEAAwE;IACxE,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,wDAAwD;IACxD,IACE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxB,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC5B,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACtB,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC5B,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EACxB,CAAC;QACD,OAAO,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,sDAAsD;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;IAC9C,IAAI,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "@nocoo/otter",
+  "version": "1.0.0",
+  "description": "Backup and restore your Mac development environment configuration",
+  "type": "module",
+  "bin": {
+    "otter": "dist/bin.js"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  },
+  "files": [
+    "dist"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nocoo/otter.git",
+    "directory": "packages/cli"
+  },
+  "keywords": [
+    "macos",
+    "backup",
+    "dotfiles",
+    "developer-tools",
+    "cli"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.1004.0",
+    "citty": "^0.1.0",
+    "consola": "^3.4.0",
+    "picocolors": "^1.1.0"
+  },
+  "devDependencies": {
+    "@otter/core": "workspace:*",
+    "@types/node": "^25.3.4"
+  }
+}