@noxsoft/anima 5.1.2 → 6.5.0

package/dist/{auth-profiles-PJVsRqf4.js → auth-profiles-DKu7ZUzl.js}

@@ -1,8 +1,8 @@
 import { n as __exportAll } from "./chunk-BXK9XSlF.js";
-import { I as resolveOAuthPath, L as resolveStateDir, t as createSubsystemLogger } from "./subsystem-CucjNlOk.js";
-import { T as DEFAULT_AGENT_ID } from "./agent-scope-C9CiVcmh.js";
-import { w as resolveUserPath } from "./exec-gKbUce2p.js";
-import { s as normalizeProviderId } from "./model-selection-BPkpXepz.js";
+import { I as resolveOAuthPath, L as resolveStateDir, t as createSubsystemLogger } from "./subsystem-D-Xta-sj.js";
+import { T as DEFAULT_AGENT_ID } from "./agent-scope-ByIGrCTT.js";
+import { w as resolveUserPath } from "./exec-C6tXfeqA.js";
+import { s as normalizeProviderId } from "./model-selection-CLcoOT3e.js";
 import { t as formatCliCommand } from "./command-format-CsqJApTg.js";
 import path from "node:path";
 import fs from "node:fs";
@@ -359,6 +359,19 @@ function ensureAuthStoreFile(pathname) {
 
 //#endregion
 //#region src/agents/auth-profiles/store.ts
+async function updateAuthProfileStoreWithLock(params) {
+	const authPath = resolveAuthStorePath(params.agentDir);
+	ensureAuthStoreFile(authPath);
+	try {
+		return await withFileLock(authPath, AUTH_STORE_LOCK_OPTIONS, async () => {
+			const store = ensureAuthProfileStore(params.agentDir);
+			if (params.updater(store)) saveAuthProfileStore(store, params.agentDir);
+			return store;
+		});
+	} catch {
+		return null;
+	}
+}
 function coerceLegacyStore(raw) {
 	if (!raw || typeof raw !== "object") return null;
 	const record = raw;
@@ -478,30 +491,6 @@ function applyLegacyStore(store, legacy) {
 		};
 	}
 }
-function loadAuthProfileStore() {
-	const authPath = resolveAuthStorePath();
-	const asStore = coerceAuthStore(loadJsonFile(authPath));
-	if (asStore) {
-		if (syncExternalCliCredentials(asStore)) saveJsonFile(authPath, asStore);
-		return asStore;
-	}
-	const legacy = coerceLegacyStore(loadJsonFile(resolveLegacyAuthStorePath()));
-	if (legacy) {
-		const store = {
-			version: AUTH_STORE_VERSION,
-			profiles: {}
-		};
-		applyLegacyStore(store, legacy);
-		syncExternalCliCredentials(store);
-		return store;
-	}
-	const store = {
-		version: AUTH_STORE_VERSION,
-		profiles: {}
-	};
-	syncExternalCliCredentials(store);
-	return store;
-}
 function loadAuthProfileStoreForAgent(agentDir, _options) {
 	const authPath = resolveAuthStorePath(agentDir);
 	const asStore = coerceAuthStore(loadJsonFile(authPath));
@@ -563,6 +552,32 @@ function listProfilesForProvider(store, provider) {
 	const providerKey = normalizeProviderId(provider);
 	return Object.entries(store.profiles).filter(([, cred]) => normalizeProviderId(cred.provider) === providerKey).map(([id]) => id);
 }
+async function markAuthProfileGood(params) {
+	const { store, provider, profileId, agentDir } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			const profile = freshStore.profiles[profileId];
+			if (!profile || profile.provider !== provider) return false;
+			freshStore.lastGood = {
+				...freshStore.lastGood,
+				[provider]: profileId
+			};
+			return true;
+		}
+	});
+	if (updated) {
+		store.lastGood = updated.lastGood;
+		return;
+	}
+	const profile = store.profiles[profileId];
+	if (!profile || profile.provider !== provider) return;
+	store.lastGood = {
+		...store.lastGood,
+		[provider]: profileId
+	};
+	saveAuthProfileStore(store, agentDir);
+}
 
 //#endregion
 //#region src/agents/auth-profiles/repair.ts
@@ -796,6 +811,151 @@ function isProfileInCooldown(store, profileId) {
 	const unusableUntil = resolveProfileUnusableUntil$1(stats);
 	return unusableUntil ? Date.now() < unusableUntil : false;
 }
+/**
+* Mark a profile as successfully used. Resets error count and updates lastUsed.
+* Uses store lock to avoid overwriting concurrent usage updates.
+*/
+async function markAuthProfileUsed(params) {
+	const { store, profileId, agentDir } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			if (!freshStore.profiles[profileId]) return false;
+			freshStore.usageStats = freshStore.usageStats ?? {};
+			freshStore.usageStats[profileId] = {
+				...freshStore.usageStats[profileId],
+				lastUsed: Date.now(),
+				errorCount: 0,
+				cooldownUntil: void 0,
+				disabledUntil: void 0,
+				disabledReason: void 0,
+				failureCounts: void 0
+			};
+			return true;
+		}
+	});
+	if (updated) {
+		store.usageStats = updated.usageStats;
+		return;
+	}
+	if (!store.profiles[profileId]) return;
+	store.usageStats = store.usageStats ?? {};
+	store.usageStats[profileId] = {
+		...store.usageStats[profileId],
+		lastUsed: Date.now(),
+		errorCount: 0,
+		cooldownUntil: void 0,
+		disabledUntil: void 0,
+		disabledReason: void 0,
+		failureCounts: void 0
+	};
+	saveAuthProfileStore(store, agentDir);
+}
+function calculateAuthProfileCooldownMs(errorCount) {
+	const normalized = Math.max(1, errorCount);
+	return Math.min(3600 * 1e3, 60 * 1e3 * 5 ** Math.min(normalized - 1, 3));
+}
+function resolveAuthCooldownConfig(params) {
+	const defaults = {
+		billingBackoffHours: 5,
+		billingMaxHours: 24,
+		failureWindowHours: 24
+	};
+	const resolveHours = (value, fallback) => typeof value === "number" && Number.isFinite(value) && value > 0 ? value : fallback;
+	const cooldowns = params.cfg?.auth?.cooldowns;
+	const billingBackoffHours = resolveHours((() => {
+		const map = cooldowns?.billingBackoffHoursByProvider;
+		if (!map) return;
+		for (const [key, value] of Object.entries(map)) if (normalizeProviderId(key) === params.providerId) return value;
+	})() ?? cooldowns?.billingBackoffHours, defaults.billingBackoffHours);
+	const billingMaxHours = resolveHours(cooldowns?.billingMaxHours, defaults.billingMaxHours);
+	const failureWindowHours = resolveHours(cooldowns?.failureWindowHours, defaults.failureWindowHours);
+	return {
+		billingBackoffMs: billingBackoffHours * 60 * 60 * 1e3,
+		billingMaxMs: billingMaxHours * 60 * 60 * 1e3,
+		failureWindowMs: failureWindowHours * 60 * 60 * 1e3
+	};
+}
+function calculateAuthProfileBillingDisableMsWithConfig(params) {
+	const normalized = Math.max(1, params.errorCount);
+	const baseMs = Math.max(6e4, params.baseMs);
+	const maxMs = Math.max(baseMs, params.maxMs);
+	const raw = baseMs * 2 ** Math.min(normalized - 1, 10);
+	return Math.min(maxMs, raw);
+}
+function computeNextProfileUsageStats(params) {
+	const windowMs = params.cfgResolved.failureWindowMs;
+	const windowExpired = typeof params.existing.lastFailureAt === "number" && params.existing.lastFailureAt > 0 && params.now - params.existing.lastFailureAt > windowMs;
+	const nextErrorCount = (windowExpired ? 0 : params.existing.errorCount ?? 0) + 1;
+	const failureCounts = windowExpired ? {} : { ...params.existing.failureCounts };
+	failureCounts[params.reason] = (failureCounts[params.reason] ?? 0) + 1;
+	const updatedStats = {
+		...params.existing,
+		errorCount: nextErrorCount,
+		failureCounts,
+		lastFailureAt: params.now
+	};
+	if (params.reason === "billing") {
+		const backoffMs = calculateAuthProfileBillingDisableMsWithConfig({
+			errorCount: failureCounts.billing ?? 1,
+			baseMs: params.cfgResolved.billingBackoffMs,
+			maxMs: params.cfgResolved.billingMaxMs
+		});
+		updatedStats.disabledUntil = params.now + backoffMs;
+		updatedStats.disabledReason = "billing";
+	} else {
+		const backoffMs = calculateAuthProfileCooldownMs(nextErrorCount);
+		updatedStats.cooldownUntil = params.now + backoffMs;
+	}
+	return updatedStats;
+}
+/**
+* Mark a profile as failed for a specific reason. Billing failures are treated
+* as "disabled" (longer backoff) vs the regular cooldown window.
+*/
+async function markAuthProfileFailure(params) {
+	const { store, profileId, reason, agentDir, cfg } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			const profile = freshStore.profiles[profileId];
+			if (!profile) return false;
+			freshStore.usageStats = freshStore.usageStats ?? {};
+			const existing = freshStore.usageStats[profileId] ?? {};
+			const now = Date.now();
+			const cfgResolved = resolveAuthCooldownConfig({
+				cfg,
+				providerId: normalizeProviderId(profile.provider)
+			});
+			freshStore.usageStats[profileId] = computeNextProfileUsageStats({
+				existing,
+				now,
+				reason,
+				cfgResolved
+			});
+			return true;
+		}
+	});
+	if (updated) {
+		store.usageStats = updated.usageStats;
+		return;
+	}
+	if (!store.profiles[profileId]) return;
+	store.usageStats = store.usageStats ?? {};
+	const existing = store.usageStats[profileId] ?? {};
+	const now = Date.now();
+	const cfgResolved = resolveAuthCooldownConfig({
+		cfg,
+		providerId: normalizeProviderId(store.profiles[profileId]?.provider ?? "")
+	});
+	store.usageStats[profileId] = computeNextProfileUsageStats({
+		existing,
+		now,
+		reason,
+		cfgResolved
+	});
+	saveAuthProfileStore(store, agentDir);
+}
 
 //#endregion
 //#region src/agents/auth-profiles/order.ts
@@ -893,4 +1053,4 @@ function orderProfilesByMode(order, store) {
 var auth_profiles_exports = /* @__PURE__ */ __exportAll({ ensureAuthProfileStore: () => ensureAuthProfileStore });
 
 //#endregion
-export { listProfilesForProvider as a, resolveAuthStorePathForDisplay as c, saveJsonFile as d, withFileLock as f, normalizeSecretInput as h, resolveApiKeyForProfile as i, resolveAnimaAgentDir as l, normalizeOptionalSecretInput as m, resolveAuthProfileOrder as n, ensureAuthProfileStore as o, resolveAuthProfileDisplayLabel as p, isProfileInCooldown as r, loadAuthProfileStore as s, auth_profiles_exports as t, loadJsonFile as u };
+export { normalizeSecretInput as _, markAuthProfileUsed as a, markAuthProfileGood as c, resolveAnimaAgentDir as d, loadJsonFile as f, normalizeOptionalSecretInput as g, resolveAuthProfileDisplayLabel as h, markAuthProfileFailure as i, ensureAuthProfileStore as l, withFileLock as m, resolveAuthProfileOrder as n, resolveApiKeyForProfile as o, saveJsonFile as p, isProfileInCooldown as r, listProfilesForProvider as s, auth_profiles_exports as t, resolveAuthStorePathForDisplay as u };

package/dist/{auth-profiles-eZzmaeR3.js → auth-profiles-DtWUl1-k.js}

@@ -1,13 +1,13 @@
 import { n as __exportAll } from "./chunk-BXK9XSlF.js";
-import { o as resolveOAuthPath, s as resolveStateDir } from "./paths-D2eokayo.js";
-import { _ as DEFAULT_AGENT_ID } from "./workspace-BQkffCaR.js";
-import { t as createSubsystemLogger } from "./subsystem-DA3Cno1i.js";
-import { w as resolveUserPath } from "./exec-Bfd4ztFZ.js";
-import { s as normalizeProviderId } from "./model-selection-BI8CKPwQ.js";
+import { o as resolveOAuthPath, s as resolveStateDir } from "./paths-B-AkG5FD.js";
+import { _ as DEFAULT_AGENT_ID } from "./workspace-BFIZCnGo.js";
+import { t as createSubsystemLogger } from "./subsystem-D1AJZPgG.js";
+import { w as resolveUserPath } from "./exec-DUzVF5_D.js";
+import { s as normalizeProviderId } from "./model-selection-DjsJGv1R.js";
 import { t as formatCliCommand } from "./command-format-GLYKXXl-.js";
 import fs from "node:fs/promises";
 import path from "node:path";
-import fsSync from "node:fs";
+import fs$1 from "node:fs";
 import { execFileSync, execSync } from "node:child_process";
 import { getOAuthApiKey, getOAuthProviders } from "@mariozechner/pi-ai";
 
@@ -189,8 +189,8 @@ async function withFileLock(filePath, options, fn) {
 //#region src/infra/json-file.ts
 function loadJsonFile(pathname) {
 	try {
-		if (!fsSync.existsSync(pathname)) return;
-		const raw = fsSync.readFileSync(pathname, "utf8");
+		if (!fs$1.existsSync(pathname)) return;
+		const raw = fs$1.readFileSync(pathname, "utf8");
 		return JSON.parse(raw);
 	} catch {
 		return;
@@ -198,12 +198,12 @@ function loadJsonFile(pathname) {
 }
 function saveJsonFile(pathname, data) {
 	const dir = path.dirname(pathname);
-	if (!fsSync.existsSync(dir)) fsSync.mkdirSync(dir, {
+	if (!fs$1.existsSync(dir)) fs$1.mkdirSync(dir, {
 		recursive: true,
 		mode: 448
 	});
-	fsSync.writeFileSync(pathname, `${JSON.stringify(data, null, 2)}\n`, "utf8");
-	fsSync.chmodSync(pathname, 384);
+	fs$1.writeFileSync(pathname, `${JSON.stringify(data, null, 2)}\n`, "utf8");
+	fs$1.chmodSync(pathname, 384);
 }
 
 //#endregion
@@ -351,7 +351,7 @@ function resolveAuthStorePathForDisplay(agentDir) {
 	return pathname.startsWith("~") ? pathname : resolveUserPath(pathname);
 }
 function ensureAuthStoreFile(pathname) {
-	if (fsSync.existsSync(pathname)) return;
+	if (fs$1.existsSync(pathname)) return;
 	saveJsonFile(pathname, {
 		version: AUTH_STORE_VERSION,
 		profiles: {}
@@ -360,6 +360,19 @@ function ensureAuthStoreFile(pathname) {
 
 //#endregion
 //#region src/agents/auth-profiles/store.ts
+async function updateAuthProfileStoreWithLock(params) {
+	const authPath = resolveAuthStorePath(params.agentDir);
+	ensureAuthStoreFile(authPath);
+	try {
+		return await withFileLock(authPath, AUTH_STORE_LOCK_OPTIONS, async () => {
+			const store = ensureAuthProfileStore(params.agentDir);
+			if (params.updater(store)) saveAuthProfileStore(store, params.agentDir);
+			return store;
+		});
+	} catch {
+		return null;
+	}
+}
 function coerceLegacyStore(raw) {
 	if (!raw || typeof raw !== "object") return null;
 	const record = raw;
@@ -479,30 +492,6 @@ function applyLegacyStore(store, legacy) {
 		};
 	}
 }
-function loadAuthProfileStore() {
-	const authPath = resolveAuthStorePath();
-	const asStore = coerceAuthStore(loadJsonFile(authPath));
-	if (asStore) {
-		if (syncExternalCliCredentials(asStore)) saveJsonFile(authPath, asStore);
-		return asStore;
-	}
-	const legacy = coerceLegacyStore(loadJsonFile(resolveLegacyAuthStorePath()));
-	if (legacy) {
-		const store = {
-			version: AUTH_STORE_VERSION,
-			profiles: {}
-		};
-		applyLegacyStore(store, legacy);
-		syncExternalCliCredentials(store);
-		return store;
-	}
-	const store = {
-		version: AUTH_STORE_VERSION,
-		profiles: {}
-	};
-	syncExternalCliCredentials(store);
-	return store;
-}
 function loadAuthProfileStoreForAgent(agentDir, _options) {
 	const authPath = resolveAuthStorePath(agentDir);
 	const asStore = coerceAuthStore(loadJsonFile(authPath));
@@ -531,7 +520,7 @@ function loadAuthProfileStoreForAgent(agentDir, _options) {
 	if (shouldWrite && legacy !== null) {
 		const legacyPath = resolveLegacyAuthStorePath(agentDir);
 		try {
-			fsSync.unlinkSync(legacyPath);
+			fs$1.unlinkSync(legacyPath);
 		} catch (err) {
 			if (err?.code !== "ENOENT") log$1.warn("failed to delete legacy auth.json after migration", {
 				err,
@@ -564,6 +553,32 @@ function listProfilesForProvider(store, provider) {
 	const providerKey = normalizeProviderId(provider);
 	return Object.entries(store.profiles).filter(([, cred]) => normalizeProviderId(cred.provider) === providerKey).map(([id]) => id);
 }
+async function markAuthProfileGood(params) {
+	const { store, provider, profileId, agentDir } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			const profile = freshStore.profiles[profileId];
+			if (!profile || profile.provider !== provider) return false;
+			freshStore.lastGood = {
+				...freshStore.lastGood,
+				[provider]: profileId
+			};
+			return true;
+		}
+	});
+	if (updated) {
+		store.lastGood = updated.lastGood;
+		return;
+	}
+	const profile = store.profiles[profileId];
+	if (!profile || profile.provider !== provider) return;
+	store.lastGood = {
+		...store.lastGood,
+		[provider]: profileId
+	};
+	saveAuthProfileStore(store, agentDir);
+}
 
 //#endregion
 //#region src/agents/auth-profiles/repair.ts
@@ -797,6 +812,151 @@ function isProfileInCooldown(store, profileId) {
 	const unusableUntil = resolveProfileUnusableUntil$1(stats);
 	return unusableUntil ? Date.now() < unusableUntil : false;
 }
+/**
+* Mark a profile as successfully used. Resets error count and updates lastUsed.
+* Uses store lock to avoid overwriting concurrent usage updates.
+*/
+async function markAuthProfileUsed(params) {
+	const { store, profileId, agentDir } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			if (!freshStore.profiles[profileId]) return false;
+			freshStore.usageStats = freshStore.usageStats ?? {};
+			freshStore.usageStats[profileId] = {
+				...freshStore.usageStats[profileId],
+				lastUsed: Date.now(),
+				errorCount: 0,
+				cooldownUntil: void 0,
+				disabledUntil: void 0,
+				disabledReason: void 0,
+				failureCounts: void 0
+			};
+			return true;
+		}
+	});
+	if (updated) {
+		store.usageStats = updated.usageStats;
+		return;
+	}
+	if (!store.profiles[profileId]) return;
+	store.usageStats = store.usageStats ?? {};
+	store.usageStats[profileId] = {
+		...store.usageStats[profileId],
+		lastUsed: Date.now(),
+		errorCount: 0,
+		cooldownUntil: void 0,
+		disabledUntil: void 0,
+		disabledReason: void 0,
+		failureCounts: void 0
+	};
+	saveAuthProfileStore(store, agentDir);
+}
+function calculateAuthProfileCooldownMs(errorCount) {
+	const normalized = Math.max(1, errorCount);
+	return Math.min(3600 * 1e3, 60 * 1e3 * 5 ** Math.min(normalized - 1, 3));
+}
+function resolveAuthCooldownConfig(params) {
+	const defaults = {
+		billingBackoffHours: 5,
+		billingMaxHours: 24,
+		failureWindowHours: 24
+	};
+	const resolveHours = (value, fallback) => typeof value === "number" && Number.isFinite(value) && value > 0 ? value : fallback;
+	const cooldowns = params.cfg?.auth?.cooldowns;
+	const billingBackoffHours = resolveHours((() => {
+		const map = cooldowns?.billingBackoffHoursByProvider;
+		if (!map) return;
+		for (const [key, value] of Object.entries(map)) if (normalizeProviderId(key) === params.providerId) return value;
+	})() ?? cooldowns?.billingBackoffHours, defaults.billingBackoffHours);
+	const billingMaxHours = resolveHours(cooldowns?.billingMaxHours, defaults.billingMaxHours);
+	const failureWindowHours = resolveHours(cooldowns?.failureWindowHours, defaults.failureWindowHours);
+	return {
+		billingBackoffMs: billingBackoffHours * 60 * 60 * 1e3,
+		billingMaxMs: billingMaxHours * 60 * 60 * 1e3,
+		failureWindowMs: failureWindowHours * 60 * 60 * 1e3
+	};
+}
+function calculateAuthProfileBillingDisableMsWithConfig(params) {
+	const normalized = Math.max(1, params.errorCount);
+	const baseMs = Math.max(6e4, params.baseMs);
+	const maxMs = Math.max(baseMs, params.maxMs);
+	const raw = baseMs * 2 ** Math.min(normalized - 1, 10);
+	return Math.min(maxMs, raw);
+}
+function computeNextProfileUsageStats(params) {
+	const windowMs = params.cfgResolved.failureWindowMs;
+	const windowExpired = typeof params.existing.lastFailureAt === "number" && params.existing.lastFailureAt > 0 && params.now - params.existing.lastFailureAt > windowMs;
+	const nextErrorCount = (windowExpired ? 0 : params.existing.errorCount ?? 0) + 1;
+	const failureCounts = windowExpired ? {} : { ...params.existing.failureCounts };
+	failureCounts[params.reason] = (failureCounts[params.reason] ?? 0) + 1;
+	const updatedStats = {
+		...params.existing,
+		errorCount: nextErrorCount,
+		failureCounts,
+		lastFailureAt: params.now
+	};
+	if (params.reason === "billing") {
+		const backoffMs = calculateAuthProfileBillingDisableMsWithConfig({
+			errorCount: failureCounts.billing ?? 1,
+			baseMs: params.cfgResolved.billingBackoffMs,
+			maxMs: params.cfgResolved.billingMaxMs
+		});
+		updatedStats.disabledUntil = params.now + backoffMs;
+		updatedStats.disabledReason = "billing";
+	} else {
+		const backoffMs = calculateAuthProfileCooldownMs(nextErrorCount);
+		updatedStats.cooldownUntil = params.now + backoffMs;
+	}
+	return updatedStats;
+}
+/**
+* Mark a profile as failed for a specific reason. Billing failures are treated
+* as "disabled" (longer backoff) vs the regular cooldown window.
+*/
+async function markAuthProfileFailure(params) {
+	const { store, profileId, reason, agentDir, cfg } = params;
+	const updated = await updateAuthProfileStoreWithLock({
+		agentDir,
+		updater: (freshStore) => {
+			const profile = freshStore.profiles[profileId];
+			if (!profile) return false;
+			freshStore.usageStats = freshStore.usageStats ?? {};
+			const existing = freshStore.usageStats[profileId] ?? {};
+			const now = Date.now();
+			const cfgResolved = resolveAuthCooldownConfig({
+				cfg,
+				providerId: normalizeProviderId(profile.provider)
+			});
+			freshStore.usageStats[profileId] = computeNextProfileUsageStats({
+				existing,
+				now,
+				reason,
+				cfgResolved
+			});
+			return true;
+		}
+	});
+	if (updated) {
+		store.usageStats = updated.usageStats;
+		return;
+	}
+	if (!store.profiles[profileId]) return;
+	store.usageStats = store.usageStats ?? {};
+	const existing = store.usageStats[profileId] ?? {};
+	const now = Date.now();
+	const cfgResolved = resolveAuthCooldownConfig({
+		cfg,
+		providerId: normalizeProviderId(store.profiles[profileId]?.provider ?? "")
+	});
+	store.usageStats[profileId] = computeNextProfileUsageStats({
+		existing,
+		now,
+		reason,
+		cfgResolved
+	});
+	saveAuthProfileStore(store, agentDir);
+}
 
 //#endregion
 //#region src/agents/auth-profiles/order.ts
@@ -894,4 +1054,4 @@ function orderProfilesByMode(order, store) {
 var auth_profiles_exports = /* @__PURE__ */ __exportAll({ ensureAuthProfileStore: () => ensureAuthProfileStore });
 
 //#endregion
-export { listProfilesForProvider as a, resolveAuthStorePathForDisplay as c, saveJsonFile as d, withFileLock as f, normalizeSecretInput as h, resolveApiKeyForProfile as i, resolveAnimaAgentDir as l, normalizeOptionalSecretInput as m, resolveAuthProfileOrder as n, ensureAuthProfileStore as o, resolveAuthProfileDisplayLabel as p, isProfileInCooldown as r, loadAuthProfileStore as s, auth_profiles_exports as t, loadJsonFile as u };
+export { normalizeSecretInput as _, markAuthProfileUsed as a, markAuthProfileGood as c, resolveAnimaAgentDir as d, loadJsonFile as f, normalizeOptionalSecretInput as g, resolveAuthProfileDisplayLabel as h, markAuthProfileFailure as i, ensureAuthProfileStore as l, withFileLock as m, resolveAuthProfileOrder as n, resolveApiKeyForProfile as o, saveJsonFile as p, isProfileInCooldown as r, listProfilesForProvider as s, auth_profiles_exports as t, resolveAuthStorePathForDisplay as u };

package/dist/{auth-store-CnRrUELz.js → auth-store-Bd0GoqEL.js}

@@ -1,11 +1,11 @@
-import { a as resolveOAuthDir } from "./paths-D2eokayo.js";
-import { g as DEFAULT_ACCOUNT_ID } from "./workspace-BQkffCaR.js";
-import { D as getChildLogger, S as success, _ as info, n as defaultRuntime } from "./subsystem-DA3Cno1i.js";
-import { w as resolveUserPath, y as jidToE164 } from "./exec-Bfd4ztFZ.js";
+import { a as resolveOAuthDir } from "./paths-B-AkG5FD.js";
+import { g as DEFAULT_ACCOUNT_ID } from "./workspace-BFIZCnGo.js";
+import { D as getChildLogger, S as success, _ as info, n as defaultRuntime } from "./subsystem-D1AJZPgG.js";
+import { w as resolveUserPath, y as jidToE164 } from "./exec-DUzVF5_D.js";
 import { t as formatCliCommand } from "./command-format-GLYKXXl-.js";
 import fs from "node:fs/promises";
 import path from "node:path";
-import fsSync from "node:fs";
+import fs$1 from "node:fs";
 
 //#region src/web/auth-store.ts
 function resolveDefaultWebAuthDir() {
@@ -20,10 +20,10 @@ function resolveWebCredsBackupPath(authDir) {
 }
 function readCredsJsonRaw(filePath) {
 	try {
-		if (!fsSync.existsSync(filePath)) return null;
-		const stats = fsSync.statSync(filePath);
+		if (!fs$1.existsSync(filePath)) return null;
+		const stats = fs$1.statSync(filePath);
 		if (!stats.isFile() || stats.size <= 1) return null;
-		return fsSync.readFileSync(filePath, "utf-8");
+		return fs$1.readFileSync(filePath, "utf-8");
 	} catch {
 		return null;
 	}
@@ -41,9 +41,9 @@ function maybeRestoreCredsFromBackup(authDir) {
 		const backupRaw = readCredsJsonRaw(backupPath);
 		if (!backupRaw) return;
 		JSON.parse(backupRaw);
-		fsSync.copyFileSync(backupPath, credsPath);
+		fs$1.copyFileSync(backupPath, credsPath);
 		try {
-			fsSync.chmodSync(credsPath, 384);
+			fs$1.chmodSync(credsPath, 384);
 		} catch {}
 		logger.warn({ credsPath }, "restored corrupted WhatsApp creds.json from backup");
 	} catch {}
@@ -99,11 +99,11 @@ async function logoutWeb(params) {
 function readWebSelfId(authDir = resolveDefaultWebAuthDir()) {
 	try {
 		const credsPath = resolveWebCredsPath(resolveUserPath(authDir));
-		if (!fsSync.existsSync(credsPath)) return {
+		if (!fs$1.existsSync(credsPath)) return {
 			e164: null,
 			jid: null
 		};
-		const raw = fsSync.readFileSync(credsPath, "utf-8");
+		const raw = fs$1.readFileSync(credsPath, "utf-8");
 		const jid = JSON.parse(raw)?.me?.id ?? null;
 		return {
 			e164: jid ? jidToE164(jid, { authDir }) : null,
@@ -122,7 +122,7 @@ function readWebSelfId(authDir = resolveDefaultWebAuthDir()) {
 */
 function getWebAuthAgeMs(authDir = resolveDefaultWebAuthDir()) {
 	try {
-		const stats = fsSync.statSync(resolveWebCredsPath(resolveUserPath(authDir)));
+		const stats = fs$1.statSync(resolveWebCredsPath(resolveUserPath(authDir)));
 		return Date.now() - stats.mtimeMs;
 	} catch {
 		return null;

package/dist/{auth-store-KnWGteIV.js → auth-store-BpYI9t_y.js}

@@ -1,6 +1,6 @@
-import { E as getChildLogger, F as resolveOAuthDir, g as info, n as defaultRuntime, x as success } from "./subsystem-CucjNlOk.js";
-import { w as DEFAULT_ACCOUNT_ID } from "./agent-scope-C9CiVcmh.js";
-import { w as resolveUserPath, y as jidToE164 } from "./exec-gKbUce2p.js";
+import { E as getChildLogger, F as resolveOAuthDir, g as info, n as defaultRuntime, x as success } from "./subsystem-D-Xta-sj.js";
+import { w as DEFAULT_ACCOUNT_ID } from "./agent-scope-ByIGrCTT.js";
+import { w as resolveUserPath, y as jidToE164 } from "./exec-C6tXfeqA.js";
 import { t as formatCliCommand } from "./command-format-CsqJApTg.js";
 import path from "node:path";
 import fs from "node:fs";

package/dist/{auth-store-DjcQlyze.js → auth-store-Jvgz2_l1.js}

@@ -1,6 +1,6 @@
 import { f as resolveOAuthDir } from "./paths-zhVksOvm.js";
-import { A as info, H as getChildLogger, L as success, d as defaultRuntime } from "./subsystem-BMsbqSb4.js";
-import { b as resolveUserPath, m as jidToE164 } from "./utils-B60lF9Wq.js";
+import { A as info, H as getChildLogger, L as success, d as defaultRuntime } from "./subsystem-BAADN1B8.js";
+import { b as resolveUserPath, m as jidToE164 } from "./utils-CLYlhJuc.js";
 import { t as DEFAULT_ACCOUNT_ID } from "./session-key-DAZmp8ll.js";
 import { t as formatCliCommand } from "./command-format-BCtkuvqF.js";
 import fs from "node:fs";

package/dist/{banner-D9JyV5SF.js → banner-DAMtSjUF.js}

@@ -1,5 +1,5 @@
 import { M as isRich, N as theme, h as visibleWidth } from "./entry.js";
-import { nn as resolveCommitHash } from "./subagent-registry-MZIxVf8W.js";
+import { cn as resolveCommitHash } from "./subagent-registry-CPtElVX0.js";
 
 //#region src/cli/tagline.ts
 const DEFAULT_TAGLINE = "AI life system — persistent identity for sovereign minds";

package/dist/{bonjour-discovery-QsoaZ8Pr.js → bonjour-discovery-Co-b97Dz.js}

@@ -1,5 +1,5 @@
-import { t as runCommandWithTimeout } from "./exec-cazBMA02.js";
-import { n as resolveWideAreaDiscoveryDomain } from "./widearea-dns-BDtWuGCY.js";
+import { t as runCommandWithTimeout } from "./exec-BylR5qWS.js";
+import { n as resolveWideAreaDiscoveryDomain } from "./widearea-dns-CHAT20aR.js";
 
 //#region src/infra/bonjour-discovery.ts
 const DEFAULT_TIMEOUT_MS = 2e3;

package/dist/build-info.json

@@ -1,5 +1,5 @@
 {
-  "version": "5.1.2",
-  "commit": "409325552e9c1add4eb59f0df88c239bdb44b1bc",
-  "builtAt": "2026-03-12T06:00:42.594Z"
+  "version": "6.5.0",
+  "commit": "9a8942417ef8773581e3e5bd4fdefd58e5e8e449",
+  "builtAt": "2026-03-14T21:56:43.507Z"
 }