@parity/product-deploy 0.8.3 → 0.9.0-rc.0

package/README.md

@@ -1,6 +1,6 @@
 # bulletin-deploy
 
-CLI tool for deploying web apps to the [Polkadot Bulletin Chain](https://github.com/paritytech/polkadot-bulletin-chain) via [DotNS](https://github.com/paritytech/dotns).
+CLI tool for deploying web apps to the [Polkadot Bulletin Chain](https://github.com/paritytech/polkadot-bulletin-chain) via DotNS, Polkadot's on-chain naming system.
 
 ## Install
 
@@ -49,8 +49,14 @@ bulletin-deploy ships with built-in environment presets (RPC endpoints, contract
 
 ## Telemetry
 
-Anonymous deploy telemetry is sent to Sentry by default. Set `BULLETIN_DEPLOY_UPDATE_CHECK=0` to disable the version check. The DSN is baked into the published package; source builds are silent.
+Deploy telemetry (Sentry) is **off by default**. It activates only if you explicitly opt in with `BULLETIN_DEPLOY_TELEMETRY=1`, or when the CLI detects it is running in Parity's own CI. Set `BULLETIN_DEPLOY_TELEMETRY=0` to force it off in any context. The Sentry DSN baked into the package is a public project identifier, not a secret — it grants no access to collected data.
+
+Separately from telemetry, the CLI checks the npm registry for the minimum supported version. Set `BULLETIN_DEPLOY_UPDATE_CHECK=0` to disable that check.
 
 ## Contributing
 
-See [docs-internal/](docs-internal/) for design notes and investigation logs (internal; not published to npm).
+Issues and pull requests are welcome on the GitHub repository. Releases are cut by the maintainers. (Parity-internal design notes and investigation logs live in `docs-internal/`, which is not published to npm.)
+
+## License
+
+[GPL-3.0-or-later](LICENSE). Versions up to and including 0.8.3 were published under Apache-2.0; the license changed to GPL-3.0-or-later ahead of the project being open-sourced.

package/assets/environments.json

@@ -99,7 +99,6 @@
       "e2eEligible": true,
       "backend": "https://identity-backend-next.parity-testnet.parity.io",
       "ipfs": "https://paseo-bulletin-next-ipfs.polkadot.io",
-      "docsUrl": "https://sre.teleport.parity.io/environments/paseo-next/",
       "autoAccountMapping": true,
       "nativeToEthRatio": 100000000,
       "registerStorageDeposit": 2000000000000,

package/dist/auth/index.d.ts

@@ -1,7 +1,6 @@
-export { A as AuthClient, a as AuthConfig, C as ConnectResult, L as LoginHandle, b as LoginStatus, c as LogoutHandle, d as LogoutStatus, S as SessionAddresses, e as SessionHandle, f as createAuthClient } from '../auth-DkRZBK-T.js';
+export { A as AllocatableResource, a as AllocationOutcome, b as AllocationSummary, c as AuthClient, d as AuthConfig, C as ConnectResult, D as DEFAULT_RESOURCES, L as LoginHandle, e as LoginStatus, f as LogoutHandle, g as LogoutStatus, S as SessionAddresses, h as SessionHandle, i as createAuthClient, r as requestResourceAllocation, s as summarizeOutcomes } from '../auth-C-Pel0AT.js';
 export { renderQrCode } from '@parity/product-sdk-terminal';
-export { R as ResolvedSigner, S as SignerNotAvailableError, r as resolveSigner } from '../signer-CriGqahj.js';
-export { A as AllocatableResource, a as AllocationOutcome, b as AllocationSummary, D as DEFAULT_RESOURCES, r as requestResourceAllocation, s as summarizeOutcomes } from '../allocations-B65Is4Md.js';
+export { R as ResolvedSigner, S as SignerNotAvailableError, r as resolveSigner } from '../signer-vR6KKC7V.js';
 export { renderLoginStatus, renderLogoutStatus } from './vendor/ui/index.js';
 import 'polkadot-api';
 import '@parity/product-sdk-tx';

package/dist/auth/index.js

@@ -6,7 +6,7 @@ import {
   requestResourceAllocation,
   resolveSigner,
   summarizeOutcomes
-} from "../chunk-2OZVKA3D.js";
+} from "../chunk-DHY2ZXVZ.js";
 import {
   renderLoginStatus,
   renderLogoutStatus,

package/dist/auth/vendor/index.d.ts

@@ -1,8 +1,7 @@
-export { A as AuthClient, a as AuthConfig, C as ConnectResult, L as LoginHandle, b as LoginStatus, c as LogoutHandle, d as LogoutStatus, S as SessionAddresses, e as SessionHandle, f as createAuthClient } from '../../auth-DkRZBK-T.js';
+export { A as AllocatableResource, a as AllocationOutcome, b as AllocationSummary, c as AuthClient, d as AuthConfig, C as ConnectResult, D as DEFAULT_RESOURCES, L as LoginHandle, e as LoginStatus, f as LogoutHandle, g as LogoutStatus, O as OnExistingAllowancePolicy, R as ResourceTag, S as SessionAddresses, h as SessionHandle, i as createAuthClient, r as requestResourceAllocation, s as summarizeOutcomes } from '../../auth-C-Pel0AT.js';
 import { UserSession } from '@parity/product-sdk-terminal';
 import { PolkadotSigner } from 'polkadot-api';
-export { R as ResolvedSigner, S as SignerNotAvailableError, a as SignerOptions, b as SignerSource, p as parseDevAccountName, r as resolveSigner } from '../../signer-CriGqahj.js';
-export { A as AllocatableResource, a as AllocationOutcome, b as AllocationSummary, D as DEFAULT_RESOURCES, O as OnExistingAllowancePolicy, R as ResourceTag, r as requestResourceAllocation, s as summarizeOutcomes } from '../../allocations-B65Is4Md.js';
+export { R as ResolvedSigner, S as SignerNotAvailableError, a as SignerOptions, b as SignerSource, p as parseDevAccountName, r as resolveSigner } from '../../signer-vR6KKC7V.js';
 import '@parity/product-sdk-tx';
 
 interface ProductAccountRef {

package/dist/auth/vendor/index.js

@@ -10,7 +10,7 @@ import {
   resolveSigner,
   sessionRootPublicKey,
   summarizeOutcomes
-} from "../../chunk-2OZVKA3D.js";
+} from "../../chunk-DHY2ZXVZ.js";
 import "../../chunk-ZOC4GITL.js";
 export {
   DEFAULT_RESOURCES,

package/dist/auth/vendor/ui/index.d.ts

@@ -1,7 +1,6 @@
 export { renderQrCode } from '@parity/product-sdk-terminal';
-import { b as LoginStatus, d as LogoutStatus } from '../../../auth-DkRZBK-T.js';
+import { e as LoginStatus, g as LogoutStatus } from '../../../auth-C-Pel0AT.js';
 import 'polkadot-api';
-import '../../../allocations-B65Is4Md.js';
 
 /**
  * Pure formatters that map the `LoginStatus` / `LogoutStatus` streams to

package/dist/auth-C-Pel0AT.d.ts

@@ -0,0 +1,235 @@
+import { UserSession, TerminalAdapter } from '@parity/product-sdk-terminal';
+import { PolkadotSigner } from 'polkadot-api';
+
+/**
+ * RFC-0010 resource allocation — thin wrapper over product-sdk-terminal's
+ * host-runner facet. Lifted from playground-cli `src/utils/allowances/host.ts`
+ * (issue #411).
+ *
+ * `@parity/product-sdk-terminal/host` exports `requestResourceAllocation(session,
+ * adapter, resources, options?)` which handles:
+ *   - sending the AP request to the paired mobile wallet
+ *   - the `onExisting` policy (default auto-picks "Ignore" unless all requested
+ *     resources are already slot-table cached, then "Increase")
+ *   - caching granted key material to disk as `{appId}_AllowanceKeys.json`
+ *     (the same file our storage-signer reads — verified compat-stable in PR #855)
+ *
+ * Wire format (SCALE-derived, mirrors host-papp's
+ * `dist/sso/sessionManager/scale/resourceAllocation.d.ts`):
+ *   request  → { callingProductId, resources: AllocatableResource[], onExisting }
+ *   response → AllocationOutcome[] (one per resource, in order)
+ *
+ * The mobile app handles `hostRequestResourceAllocation` in
+ * `AllowanceHostCalls.kt` and routes the user through an approval UI.
+ */
+
+/**
+ * Structural mirror of host-papp's `ApAllocatableResource` codec type. We
+ * declare it locally because host-papp's package root doesn't re-export the
+ * codec types yet — when it does (and product-sdk-terminal threads them
+ * through) this can be replaced with a direct import.
+ *
+ *   StatementStoreAllowance — write to the SSS (host_chat, allowance ring).
+ *   BulletInAllowance       — write to Bulletin (TransactionStorage.store).
+ *   SmartContractAllowance  — PGAS sponsoring for Revive contract calls.
+ *                             The `value` is the derivation index of the
+ *                             product account (0 for the default account).
+ *   AutoSigning             — surrender the product-account signing key to
+ *                             the host so it can sign on the user's behalf
+ *                             without per-call prompts. Not used today.
+ *
+ * NOTE: host-api v0.8 renamed this variant to 'BulletinAllowance', but the
+ * SSO resource-allocation codec (host-papp, which this path reaches via
+ * product-sdk-terminal) retains the old 'BulletInAllowance' spelling as of
+ * host-papp 0.8.5 / terminal 0.3.1. Ours must match the SSO codec — the
+ * _SDK_COMPAT_PIN below fails the build if the SDK's spelling ever changes.
+ */
+type AllocatableResource = {
+    tag: "StatementStoreAllowance";
+    value: undefined;
+} | {
+    tag: "BulletInAllowance";
+    value: undefined;
+} | {
+    tag: "SmartContractAllowance";
+    value: number;
+} | {
+    tag: "AutoSigning";
+    value: undefined;
+};
+/**
+ * Outcome of one allocation. We don't read the inner `Allocated` payload
+ * (allowance slot keys, derivation secrets) — the host stores them and uses
+ * them transparently on subsequent calls. We just need the tag to know
+ * whether the allocation succeeded.
+ */
+type AllocationOutcome = {
+    tag: "Allocated";
+    value: unknown;
+} | {
+    tag: "Rejected";
+    value: undefined;
+} | {
+    tag: "NotAvailable";
+    value: undefined;
+};
+/** Tag-only view, handy for downstream code that doesn't care about payloads. */
+type ResourceTag = AllocatableResource["tag"];
+type OnExistingAllowancePolicy = "Ignore" | "Increase";
+/**
+ * Default mobile-granted resource set for a CLI product account: write access
+ * to the statement store + Bulletin, plus PGAS sponsoring for the default
+ * (index 0) product account.
+ */
+declare const DEFAULT_RESOURCES: AllocatableResource[];
+/**
+ * Send a `host_request_resource_allocation` request over the user's active
+ * session. The host (mobile wallet) prompts the user to approve and returns
+ * one outcome per requested resource in order. Granted key material is cached
+ * to disk by the terminal facet (`{appId}_AllowanceKeys.json`) so subsequent
+ * calls (and the storage-signer reader) find it without a second wallet prompt.
+ *
+ * Throws on transport-level failures (Statement Store unreachable, encryption
+ * error, etc.). Per-resource refusals are reported as `Rejected`/`NotAvailable`
+ * outcomes — callers inspect the array to decide whether to proceed.
+ *
+ * `onExisting` is pinned to "Ignore": return existing cached keys if any, else
+ * allocate a new slot. Auto-pick would give "Increase" when all slot-table
+ * resources are already cached, which re-prompts the user unnecessarily.
+ */
+declare function requestResourceAllocation(session: UserSession, adapter: TerminalAdapter, resources?: AllocatableResource[], onExisting?: OnExistingAllowancePolicy): Promise<AllocationOutcome[]>;
+interface AllocationSummary {
+    granted: AllocatableResource[];
+    rejected: AllocatableResource[];
+    unavailable: AllocatableResource[];
+}
+/**
+ * Bucket allocation outcomes by tag. Order-sensitive: `outcomes[i]` maps to
+ * `resources[i]`. Outcomes without a matching resource are silently dropped.
+ */
+declare function summarizeOutcomes(outcomes: AllocationOutcome[], resources: AllocatableResource[]): AllocationSummary;
+
+/**
+ * Per-product configuration injected into `createAuthClient`. Lifting the
+ * sign-in glue out of playground-cli (issue #411) means the env-specific
+ * constants playground hard-coded in its `config.ts` (DAPP_ID, product id,
+ * metadata URL, People-chain endpoints) become consumer-supplied so the same
+ * package serves `playground` and `dot` (and future products) unchanged.
+ */
+interface AuthConfig {
+    /** The dApp identity string. Scopes the on-disk session namespace
+     *  (`~/.polkadot-apps/${dappId}_*`) and the SSO pairing — each product
+     *  gets its own, independently-revocable session. */
+    dappId: string;
+    /** Product id used to derive the product account (`/product/{productId}/{index}`). */
+    productId: string;
+    /** Derivation index of the product account (0 = default). */
+    derivationIndex: number;
+    /** Wallet-facing app name shown on the Sign-In screen (sent inline at pairing). */
+    hostName: string;
+    /** Host app version sent inline at pairing. */
+    hostVersion: string;
+    /** People-parachain RPC endpoints the terminal adapter connects to. */
+    peopleEndpoints: string[];
+}
+
+/**
+ * The three addresses we surface from a paired session.
+ *
+ * - `rootAddress` — SS58 of `session.rootAccountId`, the `rootUserAccountId`
+ *   the mobile app sent over the SSO handshake (bare-mnemonic sr25519 root on
+ *   current mobile builds). Keyed by `Resources.Consumers` on the People
+ *   parachain, so it's the right input for `lookupUsername`.
+ * - `productAddress` — SS58 of the product account derived via
+ *   `product/{productId}/{index}` from `rootAccountId`. This is what actually
+ *   signs on-chain transactions from the CLI.
+ * - `productH160` — the same product pubkey as a 20-byte EVM address (Revive /
+ *   contracts view). Derived from the SAME pubkey as `productAddress`.
+ */
+interface SessionAddresses {
+    rootAddress: string;
+    productAddress: string;
+    productH160: `0x${string}`;
+}
+type ConnectResult = {
+    kind: "existing";
+    address: string;
+    addresses: SessionAddresses;
+} | {
+    kind: "qr";
+    qrCode: string;
+    login: LoginHandle;
+};
+type LoginStatus = {
+    step: "waiting";
+} | {
+    step: "paired";
+} | {
+    step: "pending";
+    stage: string;
+} | {
+    step: "success";
+    address: string;
+    addresses: SessionAddresses;
+} | {
+    step: "error";
+    message: string;
+};
+interface LoginHandle {
+    adapter: TerminalAdapter;
+    /** The authenticate() promise — already running since connect(). */
+    authPromise: ReturnType<TerminalAdapter["sso"]["authenticate"]>;
+}
+/**
+ * A session signer bundle — the signer plus an explicit `destroy()` that tears
+ * down the long-lived adapter the signer depends on. Callers MUST invoke
+ * `destroy()` once done — the WebSocket keeps the event loop alive.
+ *
+ * `adapter` is exposed so callers that need to send a host request (e.g.
+ * `requestResourceAllocation`) can pass it without creating a second WebSocket.
+ */
+interface SessionHandle {
+    address: string;
+    addresses: SessionAddresses;
+    signer: PolkadotSigner;
+    userSession: UserSession;
+    adapter: TerminalAdapter;
+    destroy(): void;
+}
+type LogoutStatus = {
+    step: "disconnecting";
+    address: string;
+} | {
+    step: "success";
+    address: string;
+} | {
+    step: "partial";
+    address: string;
+    reason: string;
+} | {
+    step: "error";
+    message: string;
+};
+interface LogoutHandle {
+    adapter: TerminalAdapter;
+    address: string;
+    session: UserSession;
+}
+/** The product-bound auth surface returned by `createAuthClient`. */
+interface AuthClient {
+    connect(): Promise<ConnectResult>;
+    waitForLogin(handle: LoginHandle, onStatus: (status: LoginStatus) => void): Promise<SessionHandle | null>;
+    getSessionSigner(): Promise<SessionHandle | null>;
+    findSession(): Promise<LogoutHandle | null>;
+    waitForLogout(handle: LogoutHandle, onStatus: (status: LogoutStatus) => void): Promise<void>;
+    requestAllocation(session: UserSession, adapter: TerminalAdapter, resources?: AllocatableResource[], onExisting?: OnExistingAllowancePolicy): Promise<AllocationOutcome[]>;
+    clearLocalAppStorage(dir?: string): Promise<void>;
+}
+/**
+ * Build an auth client bound to a product's `AuthConfig`. All adapter creation,
+ * address derivation, and session-storage scoping read from `config`, so the
+ * same code serves any product.
+ */
+declare function createAuthClient(config: AuthConfig): AuthClient;
+
+export { type AllocatableResource as A, type ConnectResult as C, DEFAULT_RESOURCES as D, type LoginHandle as L, type OnExistingAllowancePolicy as O, type ResourceTag as R, type SessionAddresses as S, type AllocationOutcome as a, type AllocationSummary as b, type AuthClient as c, type AuthConfig as d, type LoginStatus as e, type LogoutHandle as f, type LogoutStatus as g, type SessionHandle as h, createAuthClient as i, requestResourceAllocation as r, summarizeOutcomes as s };

package/dist/auth-config.d.ts

@@ -1,21 +1,24 @@
-import { a as AuthConfig, A as AuthClient } from './auth-DkRZBK-T.js';
+import { d as AuthConfig, c as AuthClient } from './auth-C-Pel0AT.js';
 import { EnvironmentsDoc } from './environments.js';
 import '@parity/product-sdk-terminal';
 import 'polkadot-api';
-import './allocations-B65Is4Md.js';
 
 /** dApp identity that scopes the SSO session namespace on disk. Currently reuses
- *  playground's identity for dev; swap to e.g. "dot-deploy" when dot has its own
- *  hosted metadata document. */
+ *  playground's identity for dev; swap to e.g. "dot-deploy" when the package is renamed. */
 declare const DOT_DAPP_ID = "dot-cli";
 /** Product id used for product-account derivation (`/product/{productId}/{index}`).
  *  Reuses playground's product id so dev sessions are shared. */
 declare const DOT_PRODUCT_ID = "playground.dot";
 /** Derivation index (0 = default product account). */
 declare const DOT_DERIVATION_INDEX = 0;
-/** Metadata document URL the mobile wallet fetches at pairing to display the app name/icon.
- *  Reuses playground's hosted gist for dev — swap once dot has its own hosted doc. */
-declare const DOT_TERMINAL_METADATA_URL = "https://gist.githubusercontent.com/ReinhardHatko/1967dd3f4afe78683cc0ba14d6ec8744/raw/c1625eb7ed7671b7e09a3fa2a25998dde33c70b8/metadata.json";
+/** Wallet-facing app name shown on the Sign-In screen; #850 flips this at the package rename. */
+declare const DOT_HOST_NAME = "bulletin-deploy";
+/**
+ * Shown when a persisted session file exists but the V2 codec cannot decode it —
+ * typically a v0.7 SCALE blob that is structurally incompatible with the V2 wire format.
+ * The adapter silently returns [] in this case; we surface the cause and recovery steps.
+ */
+declare const STALE_SESSION_MESSAGE: string;
 /**
  * Returns true if there is a persisted SSO session file on disk.
  * Does NOT load the SSO stack — uses only node fs/os/path.
@@ -30,10 +33,29 @@ declare function hasPersistedSession(): boolean;
  * its endpoint for `envId` is absent.
  */
 declare function buildAuthConfig(doc: EnvironmentsDoc, envId: string): AuthConfig;
+/**
+ * Resolve the Bulletin chain WS endpoint(s) for an environment from the
+ * environments doc. Mirrors buildAuthConfig's people-chain resolution.
+ *
+ * Login needs this because src/deploy.ts only reassigns its module-level
+ * BULLETIN_ENDPOINTS (initialized to DEFAULT_BULLETIN_RPC = the paseo-next
+ * chain) to the selected env's endpoint inside the deploy flow. The login path
+ * never runs that, so without resolving here it would poll the default chain
+ * instead of the selected env's (e.g. paseo-next-v2 on paseo-bulletin-next-rpc)
+ * and never observe an authorization that lives on the selected chain.
+ *
+ * Returns null if the bulletin chain or its endpoint for envId is absent.
+ */
+declare function resolveBulletinEndpoints(doc: EnvironmentsDoc, envId: string): string[] | null;
+/**
+ * Return the People chain WSS endpoints for the given environment.
+ * Used by the SSS allowance preflight check — no SSO deps loaded.
+ */
+declare function getPeopleChainEndpoints(envId: string): Promise<string[]>;
 /**
  * Lazily create an auth client for the given environment. Imports the facade
  * only when called so the SSO deps don't load in headless/mnemonic paths.
  */
 declare function getAuthClient(envId: string): Promise<AuthClient>;
 
-export { DOT_DAPP_ID, DOT_DERIVATION_INDEX, DOT_PRODUCT_ID, DOT_TERMINAL_METADATA_URL, buildAuthConfig, getAuthClient, hasPersistedSession };
+export { DOT_DAPP_ID, DOT_DERIVATION_INDEX, DOT_HOST_NAME, DOT_PRODUCT_ID, STALE_SESSION_MESSAGE, buildAuthConfig, getAuthClient, getPeopleChainEndpoints, hasPersistedSession, resolveBulletinEndpoints };

package/dist/auth-config.js

@@ -1,20 +1,28 @@
 import {
   DOT_DAPP_ID,
   DOT_DERIVATION_INDEX,
+  DOT_HOST_NAME,
   DOT_PRODUCT_ID,
-  DOT_TERMINAL_METADATA_URL,
+  STALE_SESSION_MESSAGE,
   buildAuthConfig,
   getAuthClient,
-  hasPersistedSession
-} from "./chunk-YUSHBZBX.js";
-import "./chunk-5K3RI5C2.js";
+  getPeopleChainEndpoints,
+  hasPersistedSession,
+  resolveBulletinEndpoints
+} from "./chunk-H4LWILH4.js";
+import "./chunk-LCKLYFAZ.js";
+import "./chunk-2SR5D4CP.js";
+import "./chunk-GL3U7K2B.js";
 import "./chunk-ZOC4GITL.js";
 export {
   DOT_DAPP_ID,
   DOT_DERIVATION_INDEX,
+  DOT_HOST_NAME,
   DOT_PRODUCT_ID,
-  DOT_TERMINAL_METADATA_URL,
+  STALE_SESSION_MESSAGE,
   buildAuthConfig,
   getAuthClient,
-  hasPersistedSession
+  getPeopleChainEndpoints,
+  hasPersistedSession,
+  resolveBulletinEndpoints
 };

package/dist/bug-report.js

@@ -9,10 +9,10 @@ import {
   offerBugReport,
   scrubSecrets,
   setDeployContext
-} from "./chunk-LRRQP7DH.js";
-import "./chunk-HK3B5MKA.js";
-import "./chunk-WF2XKCEZ.js";
-import "./chunk-XM5MFMMX.js";
+} from "./chunk-O2NWQLYB.js";
+import "./chunk-6NW5M3F5.js";
+import "./chunk-LCKLYFAZ.js";
+import "./chunk-2SR5D4CP.js";
 export {
   buildCliFlagsSummary,
   buildLabels,

package/dist/{chunk-XM5MFMMX.js → chunk-2SR5D4CP.js}

@@ -6,7 +6,7 @@ import * as path from "path";
 // package.json
 var package_default = {
   name: "@parity/product-deploy",
-  version: "0.8.3",
+  version: "0.9.0-rc.0",
   private: false,
   repository: {
     type: "git",
@@ -49,15 +49,17 @@ var package_default = {
     "tools/release-retry-wrapper.mjs"
   ],
   scripts: {
-    build: "tsup src/index.ts src/deploy.ts src/dotns.ts src/pool.ts src/telemetry.ts src/memory-report.ts src/merkle.ts src/gh-pages-mirror.ts src/version-check.ts src/bug-report.ts src/run-state.ts src/environments.ts src/errors.ts src/manifest.ts src/chunk-probe.ts src/manifest-embed.ts src/manifest-fetch.ts src/manifest-roundtrip.ts src/incremental-stats.ts src/chunker.ts src/personhood/encoding.ts src/personhood/hashing.ts src/personhood/constants.ts src/personhood/member-key.ts src/personhood/people-client.ts src/personhood/proof-validity.ts src/personhood/reprove.ts src/personhood/bind-personal-id.ts src/personhood/claim-pgas.ts src/personhood/bind-paid-alias.ts src/personhood/bootstrap.ts src/personhood/chain-prereqs.ts src/manifest/types.ts src/manifest/schema.ts src/manifest/byte-budget.ts src/manifest/config-load.ts src/manifest/publish.ts src/auth/index.ts src/auth/vendor/index.ts src/auth/vendor/ui/index.ts src/auth-config.ts src/commands/login.ts src/commands/logout.ts src/commands/whoami.ts src/storage-signer.ts --format esm --dts --clean --target node22",
+    build: "tsup src/index.ts src/deploy.ts src/dotns.ts src/pool.ts src/telemetry.ts src/memory-report.ts src/merkle.ts src/gh-pages-mirror.ts src/version-check.ts src/bug-report.ts src/run-state.ts src/environments.ts src/errors.ts src/manifest.ts src/chunk-probe.ts src/manifest-embed.ts src/manifest-fetch.ts src/manifest-roundtrip.ts src/incremental-stats.ts src/chunker.ts src/personhood/encoding.ts src/personhood/hashing.ts src/personhood/constants.ts src/personhood/member-key.ts src/personhood/people-client.ts src/personhood/proof-validity.ts src/personhood/reprove.ts src/personhood/bind-personal-id.ts src/personhood/claim-pgas.ts src/personhood/bind-paid-alias.ts src/personhood/bootstrap.ts src/personhood/chain-prereqs.ts src/manifest/types.ts src/manifest/schema.ts src/manifest/byte-budget.ts src/manifest/config-load.ts src/manifest/publish.ts src/auth/index.ts src/auth/vendor/index.ts src/auth/vendor/ui/index.ts src/auth-config.ts src/commands/login.ts src/commands/logout.ts src/commands/whoami.ts src/storage-signer.ts src/spinner.ts src/sss-allowance.ts --format esm --dts --clean --target node22",
     "refresh-environments": "node scripts/refresh-environments.mjs",
+    postinstall: "patch-package",
     prepare: "npm run build",
-    test: "npm run build && node --test test/test.js test/cli-help.test.js test/helpers/e2e-helpers.test.js test/environments.test.js test/refresh-environments.test.js test/chunk-sharing-report.test.js test/product-manifest.test.js test/cache-savings-totals.test.js test/error-pattern-signature.test.js test/exit-codes.test.js test/probe-env-health.test.js test/e2e-chain-calls.test.js test/auth-config.test.js test/whoami.test.js test/login.test.js test/logout.test.js test/auth-resolve.test.js",
+    test: "npm run build && node --test test/test.js test/cli-help.test.js test/helpers/e2e-helpers.test.js test/environments.test.js test/refresh-environments.test.js test/chunk-sharing-report.test.js test/product-manifest.test.js test/cache-savings-totals.test.js test/error-pattern-signature.test.js test/exit-codes.test.js test/probe-env-health.test.js test/e2e-chain-calls.test.js test/auth-config.test.js test/whoami.test.js test/login.test.js test/logout.test.js test/auth-resolve.test.js test/storage-signer.test.js test/spinner.test.js test/sss-allowance.test.js && npm run test:vendor",
     "test:e2e": "npm run build && node --test test/e2e.test.js",
     "test:e2e:smoke": "bash scripts/e2e-pass.sh smoke",
     "test:e2e:pr": "bash scripts/e2e-pass.sh pr",
     "test:e2e:nightly": "bash scripts/e2e-pass.sh nightly",
-    benchmark: "npm run build && node benchmark.js"
+    benchmark: "npm run build && node benchmark.js",
+    "test:vendor": "vitest run src/auth/vendor"
   },
   dependencies: {
     "@ipld/car": "^5.4.3",
@@ -65,7 +67,7 @@ var package_default = {
     "@noble/hashes": "^1.7.2",
     "@parity/product-sdk-address": "^0.1.1",
     "@parity/product-sdk-keys": "^0.3.0",
-    "@parity/product-sdk-terminal": "^0.2.1",
+    "@parity/product-sdk-terminal": "^0.3.1",
     "@parity/product-sdk-tx": "^0.2.4",
     "@polkadot-api/metadata-builders": "^0.14.2",
     "@polkadot-api/substrate-bindings": "^0.20.2",
@@ -80,28 +82,30 @@ var package_default = {
     multiformats: "^13.4.1",
     "polkadot-api": "^2.1.3",
     verifiablejs: "1.3.0-beta.4",
-    viem: "^2.30.5"
+    viem: "^2.30.5",
+    ws: "^8.20.1"
   },
   devDependencies: {
     "@types/node": "^22.0.0",
+    "@types/ws": "^8.18.1",
+    "patch-package": "^8.0.1",
     tsup: "^8.5.0",
     typescript: "^5.9.3",
-    vitest: "^3.0.0",
-    ws: "^8.20.1"
+    vitest: "^4.1.0"
   },
   overrides: {
     "@polkadot-api/json-rpc-provider": "^0.2.0",
-    "@novasamatech/host-api": "0.7.9-4",
-    "@novasamatech/host-papp": "0.7.9-4",
-    "@novasamatech/product-sdk": "0.7.9-4",
-    "@novasamatech/scale": "0.7.9-4",
-    "@novasamatech/statement-store": "0.7.9-4",
-    "@novasamatech/storage-adapter": "0.7.9-4"
+    "@novasamatech/host-api": "0.8.6",
+    "@novasamatech/host-papp": "0.8.6",
+    "@novasamatech/scale": "0.8.6",
+    "@novasamatech/statement-store": "0.8.6",
+    "@novasamatech/storage-adapter": "0.8.6"
   },
   minimumVersion: "0.5.6",
   engines: {
     node: ">=22"
-  }
+  },
+  license: "GPL-3.0-or-later"
 };
 
 // src/run-state.ts

package/dist/{chunk-HK3B5MKA.js → chunk-6NW5M3F5.js}

@@ -1,12 +1,11 @@
 import {
   VERSION
-} from "./chunk-WF2XKCEZ.js";
+} from "./chunk-LCKLYFAZ.js";
 
 // src/version-check.ts
 import { execSync, execFileSync } from "child_process";
 import { createInterface } from "readline";
 var REGISTRY_URL = "https://registry.npmjs.org/bulletin-deploy/latest";
-var KILL_SWITCH_URL = "https://raw.githubusercontent.com/paritytech/triangle-deploy/main/min-version.json";
 var FETCH_TIMEOUT = 3e3;
 function checkNodeVersion(enginesNode, currentVersion) {
   const match = enginesNode.match(/(\d+)/);
@@ -58,26 +57,18 @@ async function fetchJson(url) {
   }
 }
 async function fetchVersionInfo() {
-  const [registry, killSwitch] = await Promise.all([
-    fetchJson(REGISTRY_URL),
-    fetchJson(KILL_SWITCH_URL)
-  ]);
-  if (!registry && !killSwitch) return null;
+  const registry = await fetchJson(REGISTRY_URL);
+  if (!registry) return null;
   return {
-    latest: registry?.version ?? VERSION,
-    minimumFromRegistry: registry?.minimumVersion ?? null,
-    minimumFromKillSwitch: killSwitch?.minimumVersion ?? null,
-    killSwitchMessage: killSwitch?.message ?? null
+    latest: registry.version ?? VERSION,
+    minimumFromRegistry: registry.minimumVersion ?? null
   };
 }
 function handlePreflightVersionCheck(info) {
   if (!info) return "ok";
-  const effectiveMinimum = [info.minimumFromRegistry, info.minimumFromKillSwitch].filter(Boolean).sort((a, b) => compareSemver(b, a))[0] ?? null;
-  if (effectiveMinimum && compareSemver(VERSION, effectiveMinimum) < 0) {
+  if (info.minimumFromRegistry && compareSemver(VERSION, info.minimumFromRegistry) < 0) {
     console.error(`
-   bulletin-deploy ${VERSION} is no longer supported (minimum: ${effectiveMinimum}).`);
-    const ks = info.killSwitchMessage;
-    if (ks) console.error(`   Reason: ${ks}`);
+   bulletin-deploy ${VERSION} is no longer supported (minimum: ${info.minimumFromRegistry}).`);
     console.error(`   Please update: npm install -g bulletin-deploy@latest
 `);
     return "abort";
@@ -165,9 +156,8 @@ function classifyErrorArea(msg) {
   return null;
 }
 function assessVersion(currentVersion, info, internal) {
-  const effectiveMinimum = [info.minimumFromRegistry, info.minimumFromKillSwitch].filter(Boolean).sort((a, b) => compareSemver(b, a))[0] ?? null;
-  if (effectiveMinimum && compareSemver(currentVersion, effectiveMinimum) < 0) {
-    return { action: "forced_update", currentVersion, minimumVersion: effectiveMinimum, message: info.killSwitchMessage };
+  if (info.minimumFromRegistry && compareSemver(currentVersion, info.minimumFromRegistry) < 0) {
+    return { action: "forced_update", currentVersion, minimumVersion: info.minimumFromRegistry };
   }
   if (compareSemver(currentVersion, info.latest) < 0) {
     return { action: "suggest_update", currentVersion, latestVersion: info.latest, internal };
@@ -190,7 +180,6 @@ async function handleFailedDeploy(error) {
     case "forced_update":
       console.error(`
    bulletin-deploy ${verdict.currentVersion} is no longer supported (minimum: ${verdict.minimumVersion}).`);
-      if (verdict.message) console.error(`   Reason: ${verdict.message}`);
       console.error(`   Please update: npm install -g bulletin-deploy@latest
 `);
       break;