@onexapis/cli 1.1.64 → 1.1.65

package/dist/cli.js

@@ -1807,21 +1807,43 @@ function getValidCategories() {
   ];
 }
 var AUTH_DIR = path9__default.default.join(os__default.default.homedir(), ".onexthm");
-var AUTH_FILE = path9__default.default.join(AUTH_DIR, "auth.json");
-function getApiUrl() {
-  return process.env.ONEXTHM_API_URL || "https://platform-dev.onexeos.com";
+var ENV_URLS = {
+  dev: "https://platform-dev.onexeos.com",
+  prod: "https://platform-staging.onexeos.com"
+};
+function getAuthFile(env = "dev") {
+  const newFile = path9__default.default.join(AUTH_DIR, `auth-${env}.json`);
+  if (env === "dev") {
+    const legacyFile = path9__default.default.join(AUTH_DIR, "auth.json");
+    if (fs__default.default.existsSync(legacyFile) && !fs__default.default.existsSync(newFile)) {
+      try {
+        fs__default.default.moveSync(legacyFile, newFile);
+      } catch {
+        try {
+          fs__default.default.copySync(legacyFile, newFile);
+          fs__default.default.removeSync(legacyFile);
+        } catch {
+        }
+      }
+    }
+  }
+  return newFile;
+}
+function getApiUrl(env = "dev") {
+  return process.env.ONEXTHM_API_URL || ENV_URLS[env];
 }
-async function saveAuthTokens(tokens) {
+async function saveAuthTokens(tokens, env = "dev") {
   await fs__default.default.ensureDir(AUTH_DIR);
   const key = getMachineKey();
   const data = JSON.stringify(tokens);
   const encrypted = encrypt(data, key);
-  await fs__default.default.writeFile(AUTH_FILE, encrypted, "utf-8");
+  await fs__default.default.writeFile(getAuthFile(env), encrypted, "utf-8");
 }
-function loadAuthTokens() {
+function loadAuthTokens(env = "dev") {
   try {
-    if (!fs__default.default.existsSync(AUTH_FILE)) return null;
-    const encrypted = fs__default.default.readFileSync(AUTH_FILE, "utf-8");
+    const file = getAuthFile(env);
+    if (!fs__default.default.existsSync(file)) return null;
+    const encrypted = fs__default.default.readFileSync(file, "utf-8");
     const key = getMachineKey();
     const data = decrypt(encrypted, key);
     return JSON.parse(data);
@@ -1829,34 +1851,34 @@ function loadAuthTokens() {
     return null;
   }
 }
-async function clearAuthTokens() {
+async function clearAuthTokens(env = "dev") {
   try {
-    await fs__default.default.remove(AUTH_FILE);
+    await fs__default.default.remove(getAuthFile(env));
   } catch {
   }
 }
 function isTokenExpired(tokens) {
   return Date.now() / 1e3 > tokens.expiresAt - 300;
 }
-async function getValidTokens() {
-  const tokens = loadAuthTokens();
+async function getValidTokens(env = "dev") {
+  const tokens = loadAuthTokens(env);
   if (!tokens) return null;
   if (!isTokenExpired(tokens)) return tokens;
   try {
-    const apiUrl = getApiUrl();
+    const apiUrl = getApiUrl(env);
     const response = await fetch(`${apiUrl}/auth/refresh`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
       body: JSON.stringify({ refresh_token: tokens.refreshToken })
     });
     if (!response.ok) {
-      await clearAuthTokens();
+      await clearAuthTokens(env);
       return null;
     }
     const data = await response.json();
     const body = data.statusCode ? data.body : data;
     if (!body.IdToken) {
-      await clearAuthTokens();
+      await clearAuthTokens(env);
       return null;
     }
     const refreshed = {
@@ -1865,17 +1887,19 @@ async function getValidTokens() {
       idToken: body.IdToken,
       expiresAt: Math.floor(Date.now() / 1e3) + (body.ExpiresIn || 3600)
     };
-    await saveAuthTokens(refreshed);
+    await saveAuthTokens(refreshed, env);
     return refreshed;
   } catch {
-    await clearAuthTokens();
+    await clearAuthTokens(env);
     return null;
   }
 }
-async function authenticatedFetch(url, init) {
-  const tokens = await getValidTokens();
+async function authenticatedFetch(url, init, env = "dev") {
+  const tokens = await getValidTokens(env);
   if (!tokens) {
-    throw new Error("Not logged in. Run: onexthm login");
+    throw new Error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
   }
   const headers = new Headers(init?.headers);
   headers.set("Authorization", `Bearer ${tokens.idToken}`);
@@ -1959,7 +1983,7 @@ async function initCommand(projectName, options = {}) {
   }
   if (!options.yes) {
     try {
-      const apiUrl = getApiUrl();
+      const apiUrl = getApiUrl(options.env ?? "dev");
       const controller = new AbortController();
       const timeout = setTimeout(() => controller.abort(), 3e3);
       const response = await fetch(
@@ -3908,9 +3932,7 @@ function showDownloadFailureHelp(themeId, apiUrl) {
   console.log();
   console.log(chalk4__default.default.white("2. Check API URL configuration:"));
   console.log(chalk4__default.default.gray(`   Current API URL: ${apiUrl}`));
-  console.log(
-    chalk4__default.default.gray("   Override with NEXT_PUBLIC_API_URL or ONEXTHM_API_URL")
-  );
+  console.log(chalk4__default.default.gray("   Override with ONEXTHM_API_URL env var if needed"));
   console.log();
   console.log(chalk4__default.default.white("3. Pin a specific version (CI/production):"));
   console.log(
@@ -3920,15 +3942,17 @@ function showDownloadFailureHelp(themeId, apiUrl) {
 }
 async function downloadCommand(options) {
   logger.header("Download Theme");
+  const env = options.env ?? "dev";
+  const apiUrl = getApiUrl(env);
+  logger.info(`Environment: ${env}  (${apiUrl})`);
   const spinner = ora__default.default("Initializing download...").start();
-  if (options.bucket || options.environment) {
+  if (options.bucket) {
     spinner.stop();
     logger.warning(
-      "--bucket and --environment are deprecated and ignored. Themes are now served via HTTP from the website-api Lambda."
+      "--bucket is deprecated and ignored. Themes are now served via HTTP from the website-api Lambda."
     );
     spinner.start();
   }
-  const apiUrl = getApiUrl();
   try {
     const themeId = options.themeId || process.env.NEXT_PUBLIC_THEME_ID || process.env.THEME_ID;
     const requestedVersion = options.version || process.env.THEME_VERSION || "latest";
@@ -3985,6 +4009,7 @@ async function downloadCommand(options) {
     console.log(
       chalk4__default.default.cyan("   Theme:   ") + chalk4__default.default.white(`${themeId}@${resolvedVersion}`)
     );
+    console.log(chalk4__default.default.cyan("   Env:     ") + chalk4__default.default.white(env));
     console.log(chalk4__default.default.cyan("   Source:  ") + chalk4__default.default.white(apiUrl));
     console.log(chalk4__default.default.cyan("   Output:  ") + chalk4__default.default.white(outputDir));
     console.log(chalk4__default.default.cyan("   Files:   ") + chalk4__default.default.white(entries.length));
@@ -4027,11 +4052,9 @@ async function resolveLatestVersion2(apiUrl, themeId) {
   }
   return latest;
 }
-async function fetchSourceZip(apiUrl, themeId, version2) {
+async function fetchSourceZip(apiUrl, themeId, version2, env) {
   const url = `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}/source?version=${encodeURIComponent(version2)}`;
-  const response = await authenticatedFetch(url, {
-    method: "GET"
-  });
+  const response = await authenticatedFetch(url, { method: "GET" }, env);
   if (!response.ok) {
     if (response.status === 404) {
       throw new Error(
@@ -4040,7 +4063,7 @@ async function fetchSourceZip(apiUrl, themeId, version2) {
     }
     if (response.status === 401 || response.status === 403) {
       throw new Error(
-        `Not authorized to download source for "${themeId}". Run \`onexthm login\` first.`
+        `Not authorized to download source for "${themeId}". Run \`onexthm login --env ${env}\` first.`
       );
     }
     throw new Error(
@@ -4159,14 +4182,19 @@ async function renameTheme(themeDir, oldName, newName) {
 }
 async function cloneCommand(themeName, options) {
   logger.header("Clone Theme Source");
-  if (options.bucket || options.environment) {
+  const env = options.env ?? "dev";
+  const apiUrl = getApiUrl(env);
+  logger.info(`Environment: ${env}  (${apiUrl})`);
+  if (options.bucket) {
     logger.warning(
-      "--bucket and --environment are deprecated and ignored. Source is now fetched via HTTP from the website-api Lambda."
+      "--bucket is deprecated and ignored. Source is now fetched via HTTP from the website-api Lambda."
     );
   }
-  const tokens = await getValidTokens();
+  const tokens = await getValidTokens(env);
   if (!tokens) {
-    logger.error("Not logged in. Run: onexthm login");
+    logger.error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
     process.exit(1);
   }
   let newName = options.name;
@@ -4175,7 +4203,6 @@ async function cloneCommand(themeName, options) {
   }
   const spinner = ora__default.default("Initializing clone...").start();
   try {
-    const apiUrl = getApiUrl();
     const outputDir = options.output || path9__default.default.resolve(process.cwd(), newName);
     if (await fs__default.default.pathExists(outputDir)) {
       spinner.fail(chalk4__default.default.red(`Directory already exists: ${outputDir}`));
@@ -4195,7 +4222,7 @@ async function cloneCommand(themeName, options) {
     spinner.start(`Downloading source.zip for ${themeName}@${version2}...`);
     let zipBuffer;
     try {
-      zipBuffer = await fetchSourceZip(apiUrl, themeName, version2);
+      zipBuffer = await fetchSourceZip(apiUrl, themeName, version2, env);
     } catch (error) {
       spinner.fail(chalk4__default.default.red(error.message));
       console.log();
@@ -4229,7 +4256,7 @@ async function cloneCommand(themeName, options) {
         [
           "# API Configuration (enables real data in preview)",
           "# Get your Company ID from the OneX dashboard",
-          "NEXT_PUBLIC_API_URL=https://platform-dev.onexeos.com",
+          `NEXT_PUBLIC_API_URL=${apiUrl}`,
           "NEXT_PUBLIC_COMPANY_ID=",
           ""
         ].join("\n")
@@ -4282,6 +4309,7 @@ async function cloneCommand(themeName, options) {
     console.log(
       chalk4__default.default.cyan("   Source:   ") + chalk4__default.default.gray(`${themeName}@${version2}`)
     );
+    console.log(chalk4__default.default.cyan("   Env:      ") + chalk4__default.default.white(env));
     console.log(chalk4__default.default.cyan("   Theme:    ") + chalk4__default.default.white(newName));
     console.log(chalk4__default.default.cyan("   Location: ") + chalk4__default.default.white(outputDir));
     console.log(chalk4__default.default.cyan("   Files:    ") + chalk4__default.default.white(entries.length));
@@ -4558,9 +4586,13 @@ async function configCommand() {
 
 // src/commands/login.ts
 init_logger();
-async function loginCommand() {
+async function loginCommand(options = {}) {
+  const env = options.env ?? "dev";
+  const apiUrl = getApiUrl(env);
   logger.header("OneX Theme Developer Login");
-  const existing = loadAuthTokens();
+  logger.info(`Environment: ${env}  (${apiUrl})`);
+  logger.newLine();
+  const existing = loadAuthTokens(env);
   if (existing) {
     logger.info(`Already logged in as: ${existing.user.email}`);
     const { relogin } = await inquirer__default.default.prompt([
@@ -4589,7 +4621,6 @@ async function loginCommand() {
   ]);
   logger.startSpinner("Logging in...");
   try {
-    const apiUrl = getApiUrl();
     const response = await fetch(`${apiUrl}/auth/login`, {
       method: "POST",
       headers: { "Content-Type": "application/json" },
@@ -4624,15 +4655,18 @@ async function loginCommand() {
         userId: claims.sub
       }
     };
-    await saveAuthTokens(tokens);
+    await saveAuthTokens(tokens, env);
     logger.stopSpinner(true, "Logged in!");
     logger.newLine();
-    logger.info(`  Email:   ${tokens.user.email}`);
-    if (tokens.user.name) logger.info(`  Name:    ${tokens.user.name}`);
+    logger.info(`  Environment: ${env}`);
+    logger.info(`  Email:       ${tokens.user.email}`);
+    if (tokens.user.name) logger.info(`  Name:        ${tokens.user.name}`);
     if (tokens.user.companyId)
-      logger.info(`  Company: ${tokens.user.companyId}`);
+      logger.info(`  Company:     ${tokens.user.companyId}`);
     logger.newLine();
-    logger.success("Token stored securely in ~/.onexthm/auth.json (encrypted)");
+    logger.success(
+      `Token stored securely in ~/.onexthm/auth-${env}.json (encrypted)`
+    );
   } catch (error) {
     logger.stopSpinner(false, "Login failed");
     logger.error(error instanceof Error ? error.message : "Connection failed");
@@ -4642,32 +4676,37 @@ async function loginCommand() {
 
 // src/commands/logout.ts
 init_logger();
-async function logoutCommand() {
-  const tokens = loadAuthTokens();
+async function logoutCommand(options = {}) {
+  const env = options.env ?? "dev";
+  const tokens = loadAuthTokens(env);
   if (!tokens) {
-    logger.info("Not logged in.");
+    logger.info(`Not logged in to ${env} environment.`);
     return;
   }
-  await clearAuthTokens();
-  logger.success(`Logged out (was: ${tokens.user.email})`);
+  await clearAuthTokens(env);
+  logger.success(`Logged out of ${env} (was: ${tokens.user.email})`);
 }
 
 // src/commands/whoami.ts
 init_logger();
-async function whoamiCommand() {
-  const tokens = loadAuthTokens();
+async function whoamiCommand(options = {}) {
+  const env = options.env ?? "dev";
+  const tokens = loadAuthTokens(env);
   if (!tokens) {
-    logger.error("Not logged in. Run: onexthm login");
+    logger.error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
     process.exit(1);
   }
   const expired = isTokenExpired(tokens);
   logger.header("OneX Theme Developer");
-  logger.info(`  Email:    ${tokens.user.email}`);
-  if (tokens.user.name) logger.info(`  Name:     ${tokens.user.name}`);
+  logger.info(`  Environment: ${env}  (${getApiUrl(env)})`);
+  logger.info(`  Email:       ${tokens.user.email}`);
+  if (tokens.user.name) logger.info(`  Name:        ${tokens.user.name}`);
   if (tokens.user.companyId)
-    logger.info(`  Company:  ${tokens.user.companyId}`);
+    logger.info(`  Company:     ${tokens.user.companyId}`);
   logger.info(
-    `  Status:   ${expired ? "\u26A0 Token expired (will auto-refresh)" : "\u2713 Active"}`
+    `  Status:      ${expired ? "\u26A0 Token expired (will auto-refresh)" : "\u2713 Active"}`
   );
 }
 
@@ -4762,10 +4801,15 @@ function buildAssetMap(entries) {
 
 // src/commands/publish.ts
 async function publishCommand(options) {
+  const env = options.env ?? "dev";
   logger.header("OneX Theme Publish");
-  const tokens = await getValidTokens();
+  logger.info(`Environment: ${env}  (${getApiUrl(env)})`);
+  logger.newLine();
+  const tokens = await getValidTokens(env);
   if (!tokens) {
-    logger.error("Not logged in. Run: onexthm login");
+    logger.error(
+      `Not logged in to ${env} environment. Run: onexthm login --env ${env}`
+    );
     process.exit(1);
   }
   logger.info(`Logged in as: ${tokens.user.email}`);
@@ -4816,7 +4860,7 @@ async function publishCommand(options) {
   logger.info(`Theme: ${themeId}`);
   logger.info(`Version: ${version2}`);
   logger.newLine();
-  const apiUrl = getApiUrl();
+  const apiUrl = getApiUrl(env);
   logger.startSpinner("Registering theme...");
   try {
     const regResponse = await authenticatedFetch(
@@ -4833,7 +4877,8 @@ async function publishCommand(options) {
           tags: pkg.keywords || [],
           thumbnail_url: pkg.onex?.thumbnail || ""
         })
-      }
+      },
+      env
     );
     const regData = await regResponse.json();
     const regBody = regData.statusCode ? regData.body : regData;
@@ -4855,7 +4900,8 @@ async function publishCommand(options) {
   try {
     const checkResponse = await authenticatedFetch(
       `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}/versions/${encodeURIComponent(version2)}/exists`,
-      { method: "GET" }
+      { method: "GET" },
+      env
     );
     const checkData = await checkResponse.json();
     const checkBody = checkData.statusCode ? checkData.body : checkData;
@@ -4920,7 +4966,7 @@ Or use the --bump flag:
     logger.startSpinner(`Uploading ${videoAssets.length} video(s)...`);
     try {
       for (const video of videoAssets) {
-        const url = await uploadVideoMultipart(apiUrl, themeId, video);
+        const url = await uploadVideoMultipart(apiUrl, themeId, video, env);
         videoUrls[video.originalPath] = url;
       }
       logger.stopSpinner(true, `Uploaded ${videoAssets.length} video(s)`);
@@ -4962,7 +5008,8 @@ Or use the --bump flag:
             content_type: a.contentType
           }))
         })
-      }
+      },
+      env
     );
     const pubData = await pubResponse.json();
     const pubBody = pubData.statusCode ? pubData.body : pubData;
@@ -4988,6 +5035,12 @@ Or use the --bump flag:
   }
   if (assetUploads.length > 0) {
     logger.startSpinner(`Uploading ${assetUploads.length} asset(s) to S3...`);
+    if (assetUploads[0]) {
+      logger.log(
+        `  [debug] sample presigned PUT URL: ${assetUploads[0].upload_url}`
+      );
+      logger.log(`  [debug] sample s3_key: ${assetUploads[0].s3_key}`);
+    }
     const CONCURRENCY = 8;
     const byHashedPath = new Map(regularAssets.map((a) => [a.hashedPath, a]));
     const queue = [...assetUploads];
@@ -5014,6 +5067,13 @@ Or use the --bump flag:
             body: buf
           });
           if (!res.ok) {
+            if (failed === 0) {
+              const errBody = await res.text().catch(() => "(unreadable)");
+              logger.log(`  [debug] PUT ${item.upload_url}`);
+              logger.log(
+                `  [debug] response ${res.status} ${res.statusText}: ${errBody.slice(0, 500)}`
+              );
+            }
             throw new Error(`HTTP ${res.status}`);
           }
           uploaded++;
@@ -5098,7 +5158,8 @@ Or use the --bump flag:
   try {
     const confirmResponse = await authenticatedFetch(
       `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}/versions/${encodeURIComponent(version2)}/confirm`,
-      { method: "POST" }
+      { method: "POST" },
+      env
     );
     const confirmData = await confirmResponse.json();
     const confirmBody = confirmData.statusCode ? confirmData.body : confirmData;
@@ -5144,9 +5205,9 @@ Or use the --bump flag:
   }
   logger.newLine();
   logger.success(`\u2713 Theme "${themeId}" v${version2} published!`);
-  await uploadThumbnail(apiUrl, themeId, themePath, distDir);
+  await uploadThumbnail(apiUrl, themeId, themePath, distDir, env);
 }
-async function uploadThumbnail(apiUrl, themeId, themePath, distDir) {
+async function uploadThumbnail(apiUrl, themeId, themePath, distDir, env = "dev") {
   const THUMBNAIL_CANDIDATES = [
     { file: "thumbnail.png", mime: "image/png" },
     { file: "thumbnail.jpg", mime: "image/jpeg" },
@@ -5181,9 +5242,19 @@ async function uploadThumbnail(apiUrl, themeId, themePath, distDir) {
     }
   }
   logger.startSpinner("Uploading thumbnail...");
+  const imageUploadUrl = `${apiUrl}/media/images/upload`;
+  const imageRequestBody = {
+    prefix: `themes/${themeId}`,
+    image: imageBase64 ? `${imageBase64.slice(0, 60)}... [${Math.round(imageBase64.length * 3 / 4 / 1024)} KB]` : null,
+    name: "thumbnail.png"
+  };
+  logger.log(`  \u2192 POST ${imageUploadUrl}`);
+  logger.log(
+    `  \u2192 body: ${JSON.stringify({ ...imageRequestBody, image: imageBase64 ? `<base64 ${mimeType} truncated>` : null })}`
+  );
   try {
     const uploadRes = await authenticatedFetch(
-      `${apiUrl}/media/images/upload`,
+      imageUploadUrl,
       {
         method: "POST",
         body: JSON.stringify({
@@ -5191,30 +5262,56 @@ async function uploadThumbnail(apiUrl, themeId, themePath, distDir) {
           image: imageBase64,
           name: "thumbnail.png"
         })
-      }
+      },
+      env
     );
-    const uploadData = await uploadRes.json();
+    logger.log(`  \u2190 HTTP ${uploadRes.status} ${uploadRes.statusText}`);
+    const uploadRawText = await uploadRes.text();
+    logger.log(`  \u2190 raw response: ${uploadRawText.slice(0, 500)}`);
+    let uploadData;
+    try {
+      uploadData = JSON.parse(uploadRawText);
+    } catch {
+      throw new Error(
+        `Image upload returned non-JSON (HTTP ${uploadRes.status}): ${uploadRawText.slice(0, 200)}`
+      );
+    }
     const uploadBody = uploadData.statusCode ? uploadData.body : uploadData;
     if (!uploadRes.ok || !uploadBody.url) {
-      throw new Error(uploadBody.error || "Upload failed");
+      throw new Error(
+        `Image upload failed \u2014 HTTP ${uploadRes.status}: ${uploadBody.error || uploadBody.message || JSON.stringify(uploadBody).slice(0, 300)}`
+      );
     }
+    const patchUrl = `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}`;
+    logger.log(`  \u2192 PATCH ${patchUrl}`);
     const patchRes = await authenticatedFetch(
-      `${apiUrl}/website-api/themes/${encodeURIComponent(themeId)}`,
+      patchUrl,
       {
         method: "PATCH",
         body: JSON.stringify({ thumbnail_url: uploadBody.url })
-      }
+      },
+      env
     );
+    logger.log(`  \u2190 HTTP ${patchRes.status} ${patchRes.statusText}`);
     if (!patchRes.ok) {
-      const patchData = await patchRes.json();
-      const patchBody = patchData.statusCode ? patchData.body : patchData;
-      throw new Error(patchBody.error || "Failed to set thumbnail");
+      const patchRawText = await patchRes.text();
+      logger.log(`  \u2190 raw response: ${patchRawText.slice(0, 500)}`);
+      let patchBody = {};
+      try {
+        patchBody = JSON.parse(patchRawText);
+      } catch {
+      }
+      patchBody = patchBody.statusCode ? patchBody.body : patchBody;
+      throw new Error(
+        `Thumbnail patch failed \u2014 HTTP ${patchRes.status}: ${patchBody.error || patchBody.message || patchRawText.slice(0, 200)}`
+      );
     }
     logger.stopSpinner(true, "Thumbnail set");
   } catch (err) {
-    logger.stopSpinner(false, "Thumbnail upload skipped");
+    logger.stopSpinner(false, "Thumbnail upload failed");
+    logger.error(err instanceof Error ? err.message : String(err));
     logger.info(
-      `Theme published successfully. Thumbnail can be updated later.`
+      "Theme published successfully. Thumbnail can be updated later."
     );
   }
 }
@@ -5278,25 +5375,40 @@ async function findFreePort(start) {
     srv.on("error", () => resolve(findFreePort(start + 1)));
   });
 }
-async function uploadVideoMultipart(apiUrl, themeId, video) {
+async function uploadVideoMultipart(apiUrl, themeId, video, env = "dev") {
   const fileName = path9__default.default.basename(video.originalPath);
+  const videoInitUrl = `${apiUrl}/media/videos/multipart/init`;
+  const videoInitBody = {
+    file_name: fileName,
+    content_type: video.contentType,
+    file_size: video.size,
+    prefix: `themes/${themeId}/assets`
+  };
+  logger.log(`  \u2192 POST ${videoInitUrl}`);
+  logger.log(`  \u2192 body: ${JSON.stringify(videoInitBody)}`);
   const initRes = await authenticatedFetch(
-    `${apiUrl}/media/videos/multipart/init`,
+    videoInitUrl,
     {
       method: "POST",
-      body: JSON.stringify({
-        file_name: fileName,
-        content_type: video.contentType,
-        file_size: video.size,
-        prefix: `themes/${themeId}/assets`
-      })
-    }
+      body: JSON.stringify(videoInitBody)
+    },
+    env
   );
-  const initData = await initRes.json();
+  logger.log(`  \u2190 HTTP ${initRes.status} ${initRes.statusText}`);
+  const initRawText = await initRes.text();
+  logger.log(`  \u2190 raw response: ${initRawText.slice(0, 500)}`);
+  let initData;
+  try {
+    initData = JSON.parse(initRawText);
+  } catch {
+    throw new Error(
+      `Video init returned non-JSON (HTTP ${initRes.status}): ${initRawText.slice(0, 200)}`
+    );
+  }
   const initBody = initData.statusCode ? initData.body : initData;
   if (!initRes.ok || !initBody.upload_id) {
     throw new Error(
-      `Init multipart failed for ${fileName}: ${initBody.error || initRes.status}`
+      `Init multipart failed for ${fileName} \u2014 HTTP ${initRes.status}: ${initBody.error || initBody.message || JSON.stringify(initBody).slice(0, 300)}`
     );
   }
   const { upload_id, file_key, chunk_size, chunk_urls } = initBody;
@@ -5331,25 +5443,47 @@ async function uploadVideoMultipart(apiUrl, themeId, video) {
     )
   );
   parts.sort((a, b) => a.part_number - b.part_number);
+  const videoCompleteUrl = `${apiUrl}/media/videos/multipart/complete`;
+  logger.log(`  \u2192 POST ${videoCompleteUrl}`);
+  logger.log(
+    `  \u2192 body: ${JSON.stringify({ upload_id, file_key, parts: `[${parts.length} parts]` })}`
+  );
   const completeRes = await authenticatedFetch(
-    `${apiUrl}/media/videos/multipart/complete`,
+    videoCompleteUrl,
     {
       method: "POST",
       body: JSON.stringify({ upload_id, file_key, parts })
-    }
+    },
+    env
   );
-  const completeData = await completeRes.json();
+  logger.log(`  \u2190 HTTP ${completeRes.status} ${completeRes.statusText}`);
+  const completeRawText = await completeRes.text();
+  logger.log(`  \u2190 raw response: ${completeRawText.slice(0, 500)}`);
+  let completeData;
+  try {
+    completeData = JSON.parse(completeRawText);
+  } catch {
+    throw new Error(
+      `Video complete returned non-JSON (HTTP ${completeRes.status}): ${completeRawText.slice(0, 200)}`
+    );
+  }
   const completeBody = completeData.statusCode ? completeData.body : completeData;
   if (!completeRes.ok || !completeBody.url) {
     try {
-      await authenticatedFetch(`${apiUrl}/media/videos/multipart/abort`, {
-        method: "POST",
-        body: JSON.stringify({ upload_id, file_key })
-      });
+      const abortUrl = `${apiUrl}/media/videos/multipart/abort`;
+      logger.log(`  \u2192 POST ${abortUrl} (cleanup)`);
+      await authenticatedFetch(
+        abortUrl,
+        {
+          method: "POST",
+          body: JSON.stringify({ upload_id, file_key })
+        },
+        env
+      );
     } catch {
     }
     throw new Error(
-      `Complete multipart failed for ${fileName}: ${completeBody.error || completeRes.status}`
+      `Complete multipart failed for ${fileName} \u2014 HTTP ${completeRes.status}: ${completeBody.error || completeBody.message || JSON.stringify(completeBody).slice(0, 300)}`
     );
   }
   return completeBody.url;
@@ -5612,7 +5746,11 @@ program.command("init").description("Create a new OneX theme project").argument(
   "-t, --template <template>",
   "Template to use (default, minimal)",
   "default"
-).option("--no-install", "Skip installing dependencies").option("--git", "Initialize git repository").option("-y, --yes", "Skip prompts and use defaults").action(initCommand);
+).option("--no-install", "Skip installing dependencies").option("--git", "Initialize git repository").option("-y, --yes", "Skip prompts and use defaults").option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).action(initCommand);
 program.command("create:section").alias("cs").description("Create a new section").argument("<name>", "Name of the section (e.g., hero, features)").option("-t, --theme <theme>", "Theme to create section in").option(
   "-c, --category <category>",
   "Section category (headers, content, footers)"
@@ -5639,16 +5777,36 @@ program.command("download").description("Download a published theme via the webs
   "-v, --version <version>",
   "Theme version (default: latest)",
   "latest"
-).option("-b, --bucket <name>", "[deprecated] ignored").option("-e, --environment <env>", "[deprecated] ignored").option("-o, --output <dir>", "Output directory", "./active-theme").action(downloadCommand);
+).option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).option("-b, --bucket <name>", "[deprecated] ignored").option("-o, --output <dir>", "Output directory", "./active-theme").action(downloadCommand);
 program.command("clone").description("Clone theme source code via the website-api").argument("<theme-name>", "Theme to clone").option(
   "-v, --version <version>",
   "Theme version (default: latest)",
   "latest"
-).option("-n, --name <name>", "New theme name (skips interactive prompt)").option("-o, --output <dir>", "Output directory").option("-b, --bucket <name>", "[deprecated] ignored").option("-e, --environment <env>", "[deprecated] ignored").option("--no-install", "Skip running pnpm install after clone").action(cloneCommand);
+).option("-n, --name <name>", "New theme name (skips interactive prompt)").option("-o, --output <dir>", "Output directory").option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).option("-b, --bucket <name>", "[deprecated] ignored").option("--no-install", "Skip running pnpm install after clone").action(cloneCommand);
 program.command("config").description("Configure OneX CLI credentials (AWS, API keys)").action(configCommand);
-program.command("login").description("Login to OneX platform").action(loginCommand);
-program.command("logout").description("Logout from OneX platform").action(logoutCommand);
-program.command("whoami").description("Show current logged-in developer").action(whoamiCommand);
+program.command("login").description("Login to OneX platform").option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).action(loginCommand);
+program.command("logout").description("Logout from OneX platform").option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).action(logoutCommand);
+program.command("whoami").description("Show current logged-in developer").option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
+).action(whoamiCommand);
 var mcpCmd = program.command("mcp").description("Manage MCP server registration and AI-context files");
 mcpCmd.command("setup").description(
   "Install .mcp.json + CLAUDE.md + AGENTS.md + .cursorrules into the current theme"
@@ -5660,6 +5818,10 @@ mcpCmd.command("doctor").description("Diagnose MCP setup in the current theme di
 program.command("publish").description("Build, scan, and publish theme to marketplace (requires login)").option("-t, --theme <path>", "Theme directory path").option(
   "--bump <type>",
   "Auto-bump version before publish (patch|minor|major)"
+).option(
+  "--env <env>",
+  "Target environment: dev or prod (default: dev)",
+  "dev"
 ).action(publishCommand);
 program.configureOutput({
   writeErr: (str) => process.stderr.write(chalk4__default.default.red(str))