@permission-slip/cli 0.1.0

package/dist/commands/config.js

@@ -0,0 +1,38 @@
+/**
+ * permission-slip config [--server <url>]
+ *
+ * Shows all saved registrations or the registration for a specific server.
+ */
+import { loadRegistrations, findRegistration, CONFIG_DIR, REGISTRATIONS_FILE, PRIVATE_KEY_FILE, PUBLIC_KEY_FILE, } from "../config/store.js";
+import { keyPairExists } from "../auth/keys.js";
+import { output } from "../output.js";
+export function configCommand(program) {
+    program
+        .command("config")
+        .description("Show saved configuration and registrations")
+        .option("--server <url>", "Show registration for a specific server only")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action((opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            const data = {
+                config_dir: CONFIG_DIR,
+                registrations_file: REGISTRATIONS_FILE,
+                key: {
+                    private_key_file: PRIVATE_KEY_FILE,
+                    public_key_file: PUBLIC_KEY_FILE,
+                    exists: keyPairExists(),
+                },
+                registrations: opts.server
+                    ? (findRegistration(opts.server) ? [findRegistration(opts.server)] : [])
+                    : loadRegistrations(),
+            };
+            output(data, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=config.js.map

package/dist/commands/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/commands/config.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,EACV,kBAAkB,EAClB,gBAAgB,EAChB,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAE1D,MAAM,UAAU,aAAa,CAAC,OAAgB;IAC5C,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,4CAA4C,CAAC;SACzD,MAAM,CAAC,gBAAgB,EAAE,8CAA8C,CAAC;SACxE,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,CAAC,IAA2C,EAAE,EAAE;QACtD,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,MAAM,IAAI,GAAG;gBACX,UAAU,EAAE,UAAU;gBACtB,kBAAkB,EAAE,kBAAkB;gBACtC,GAAG,EAAE;oBACH,gBAAgB,EAAE,gBAAgB;oBAClC,eAAe,EAAE,eAAe;oBAChC,MAAM,EAAE,aAAa,EAAE;iBACxB;gBACD,aAAa,EAAE,IAAI,CAAC,MAAM;oBACxB,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACxE,CAAC,CAAC,iBAAiB,EAAE;aACxB,CAAC;YACF,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/connectors.d.ts

@@ -0,0 +1,9 @@
+/**
+ * permission-slip connectors [--server <url>] [--id <connector_id>]
+ *
+ * Lists available connectors (public endpoint, no auth required).
+ * With --id, shows details for a specific connector.
+ */
+import type { Command } from "commander";
+export declare function connectorsCommand(program: Command): void;
+//# sourceMappingURL=connectors.d.ts.map

package/dist/commands/connectors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connectors.d.ts","sourceRoot":"","sources":["../../src/commands/connectors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIzC,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA+BxD"}

package/dist/commands/connectors.js

@@ -0,0 +1,34 @@
+/**
+ * permission-slip connectors [--server <url>] [--id <connector_id>]
+ *
+ * Lists available connectors (public endpoint, no auth required).
+ * With --id, shows details for a specific connector.
+ */
+import { ApiClient } from "../api/client.js";
+import { output } from "../output.js";
+export function connectorsCommand(program) {
+    program
+        .command("connectors")
+        .description("List available connectors (public — no registration required)")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--id <connector_id>", "Get details for a specific connector")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            const client = new ApiClient({
+                serverUrl: opts.server,
+                agentId: 0, // unused for public endpoints
+            });
+            const result = opts.id
+                ? await client.connector(opts.id)
+                : await client.connectors();
+            output(result, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=connectors.js.map

package/dist/commands/connectors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connectors.js","sourceRoot":"","sources":["../../src/commands/connectors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAE1D,MAAM,UAAU,iBAAiB,CAAC,OAAgB;IAChD,OAAO;SACJ,OAAO,CAAC,YAAY,CAAC;SACrB,WAAW,CAAC,+DAA+D,CAAC;SAC5E,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,qBAAqB,EAAE,sCAAsC,CAAC;SACrE,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAId,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;gBAC3B,SAAS,EAAE,IAAI,CAAC,MAAM;gBACtB,OAAO,EAAE,CAAC,EAAE,8BAA8B;aAC3C,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE;gBACpB,CAAC,CAAC,MAAM,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjC,CAAC,CAAC,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC;YAC9B,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/execute.d.ts

@@ -0,0 +1,17 @@
+/**
+ * permission-slip execute --token <token> [--action <id>] [--params '{}'] [--server <url>]
+ *   or
+ * permission-slip execute --configuration <id> [--params '{}'] [--server <url>]
+ *
+ * Executes an approved action using either:
+ *  - A one-off execution token (obtained after the user approves a request)
+ *  - A standing approval configuration (--configuration)
+ *
+ * NOTE: The /approvals/{id}/verify endpoint (which trades an approval ID for
+ * a token) is currently "Planned" server-side. Until it is implemented, agents
+ * must obtain the token out-of-band (the user shares it after approving on the
+ * dashboard) and pass it directly with --token.
+ */
+import type { Command } from "commander";
+export declare function executeCommand(program: Command): void;
+//# sourceMappingURL=execute.d.ts.map

package/dist/commands/execute.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"execute.d.ts","sourceRoot":"","sources":["../../src/commands/execute.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAKzC,wBAAgB,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAuDrD"}

package/dist/commands/execute.js

@@ -0,0 +1,58 @@
+/**
+ * permission-slip execute --token <token> [--action <id>] [--params '{}'] [--server <url>]
+ *   or
+ * permission-slip execute --configuration <id> [--params '{}'] [--server <url>]
+ *
+ * Executes an approved action using either:
+ *  - A one-off execution token (obtained after the user approves a request)
+ *  - A standing approval configuration (--configuration)
+ *
+ * NOTE: The /approvals/{id}/verify endpoint (which trades an approval ID for
+ * a token) is currently "Planned" server-side. Until it is implemented, agents
+ * must obtain the token out-of-band (the user shares it after approving on the
+ * dashboard) and pass it directly with --token.
+ */
+import { ApiClient } from "../api/client.js";
+import { resolveAgentId } from "./status.js";
+import { output } from "../output.js";
+export function executeCommand(program) {
+    program
+        .command("execute")
+        .description("Execute an approved action")
+        .option("--token <token>", "Execution token (shared by the user after approving on the dashboard)")
+        .option("--configuration <id>", "Standing approval configuration ID")
+        .option("--action <action_id>", "Action type (required with --token)")
+        .option("--params <json>", "Action parameters as JSON string", "{}")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--agent-id <id>", "Agent ID (auto-detected from saved registration)")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            if (!opts.token && !opts.configuration) {
+                throw new Error("Provide either --token <token> (one-off approval) or --configuration <id> (standing approval).");
+            }
+            if (opts.token && !opts.action) {
+                throw new Error("--action <action_id> is required when using --token.");
+            }
+            let params;
+            try {
+                params = JSON.parse(opts.params);
+            }
+            catch {
+                throw new Error(`--params must be valid JSON. Got: ${opts.params}`);
+            }
+            const agentId = resolveAgentId(opts.server, opts.agentId);
+            const client = new ApiClient({ serverUrl: opts.server, agentId });
+            const result = opts.token
+                ? await client.execute({ token: opts.token }, opts.action, params)
+                : await client.execute({ configuration_id: opts.configuration }, undefined, params);
+            output(result, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=execute.js.map

package/dist/commands/execute.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"execute.js","sourceRoot":"","sources":["../../src/commands/execute.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAE1D,MAAM,UAAU,cAAc,CAAC,OAAgB;IAC7C,OAAO;SACJ,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,4BAA4B,CAAC;SACzC,MAAM,CAAC,iBAAiB,EAAE,uEAAuE,CAAC;SAClG,MAAM,CAAC,sBAAsB,EAAE,oCAAoC,CAAC;SACpE,MAAM,CAAC,sBAAsB,EAAE,qCAAqC,CAAC;SACrE,MAAM,CAAC,iBAAiB,EAAE,kCAAkC,EAAE,IAAI,CAAC;SACnE,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,iBAAiB,EAAE,kDAAkD,CAAC;SAC7E,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAQd,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvC,MAAM,IAAI,KAAK,CACb,gGAAgG,CACjG,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YAED,IAAI,MAAe,CAAC;YACpB,IAAI,CAAC;gBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YAElE,MAAM,MAAM,GAAY,IAAI,CAAC,KAAK;gBAChC,CAAC,CAAC,MAAM,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC;gBAClE,CAAC,CAAC,MAAM,MAAM,CAAC,OAAO,CAAC,EAAE,gBAAgB,EAAE,IAAI,CAAC,aAAc,EAAE,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YAEvF,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/register.d.ts

@@ -0,0 +1,14 @@
+/**
+ * permission-slip register --invite-code <code> [--server <url>] [--name <name>]
+ *
+ * Generates (or reuses) an Ed25519 key pair, then registers with the server
+ * using the provided invite code. Saves the result to
+ * ~/.permission-slip/registrations.json.
+ *
+ * After registration the server requires a verification step — the user will
+ * see a confirmation code on their dashboard and must relay it to the agent
+ * (via `permission-slip verify --code <code>`).
+ */
+import type { Command } from "commander";
+export declare function registerCommand(program: Command): void;
+//# sourceMappingURL=register.d.ts.map

package/dist/commands/register.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.d.ts","sourceRoot":"","sources":["../../src/commands/register.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAQzC,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAuEtD"}

package/dist/commands/register.js

@@ -0,0 +1,65 @@
+/**
+ * permission-slip register --invite-code <code> [--server <url>] [--name <name>]
+ *
+ * Generates (or reuses) an Ed25519 key pair, then registers with the server
+ * using the provided invite code. Saves the result to
+ * ~/.permission-slip/registrations.json.
+ *
+ * After registration the server requires a verification step — the user will
+ * see a confirmation code on their dashboard and must relay it to the agent
+ * (via `permission-slip verify --code <code>`).
+ */
+import { generateKeyPair, keyPairExists, displayPath } from "../auth/keys.js";
+import { ApiClient } from "../api/client.js";
+import { REGISTRATION_AGENT_ID } from "../auth/signing.js";
+import { saveRegistration } from "../config/store.js";
+import { output } from "../output.js";
+import { shellQuote } from "../util/shell.js";
+export function registerCommand(program) {
+    program
+        .command("register")
+        .description("Generate keys and register with a Permission Slip server")
+        .requiredOption("--invite-code <code>", "Invite code from the dashboard")
+        .option("--server <url>", "Permission Slip server URL (default: https://app.permissionslip.dev)", "https://app.permissionslip.dev")
+        .option("--name <name>", "Agent name shown in the dashboard", "Agent")
+        .option("--version <version>", "Agent version metadata", "1.0.0")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            // Key generation
+            const hadKey = keyPairExists();
+            const kp = generateKeyPair(false);
+            if (!hadKey && outputOpts.pretty) {
+                console.error(`Generated new Ed25519 key pair at ${displayPath(kp.privateKeyFile)}`);
+            }
+            else if (hadKey && outputOpts.pretty) {
+                console.error(`Reusing existing key pair at ${displayPath(kp.privateKeyFile)}`);
+            }
+            // Register
+            const client = new ApiClient({
+                serverUrl: opts.server,
+                agentId: REGISTRATION_AGENT_ID,
+            });
+            const result = await client.register(opts.inviteCode, kp.publicKey, opts.name, opts.version);
+            // Save a partial registration (will be completed after verify)
+            saveRegistration({
+                server: opts.server,
+                agent_id: result.agent_id,
+                registered_at: new Date().toISOString(),
+            });
+            output({
+                agent_id: result.agent_id,
+                expires_at: result.expires_at,
+                verification_required: result.verification_required,
+                key_file: displayPath(kp.privateKeyFile),
+                next_step: `Run: permission-slip verify --code <confirmation_code> --server ${shellQuote(opts.server)}`,
+            }, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=register.js.map

package/dist/commands/register.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"register.js","sourceRoot":"","sources":["../../src/commands/register.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9E,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C,MAAM,UAAU,eAAe,CAAC,OAAgB;IAC9C,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,0DAA0D,CAAC;SACvE,cAAc,CAAC,sBAAsB,EAAE,gCAAgC,CAAC;SACxE,MAAM,CACL,gBAAgB,EAChB,sEAAsE,EACtE,gCAAgC,CACjC;SACA,MAAM,CAAC,eAAe,EAAE,mCAAmC,EAAE,OAAO,CAAC;SACrE,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,EAAE,OAAO,CAAC;SAChE,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAMd,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,iBAAiB;YACjB,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,EAAE,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;YAElC,IAAI,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;gBACjC,OAAO,CAAC,KAAK,CACX,qCAAqC,WAAW,CAAC,EAAE,CAAC,cAAc,CAAC,EAAE,CACtE,CAAC;YACJ,CAAC;iBAAM,IAAI,MAAM,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;gBACvC,OAAO,CAAC,KAAK,CACX,gCAAgC,WAAW,CAAC,EAAE,CAAC,cAAc,CAAC,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,WAAW;YACX,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;gBAC3B,SAAS,EAAE,IAAI,CAAC,MAAM;gBACtB,OAAO,EAAE,qBAAqB;aAC/B,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAClC,IAAI,CAAC,UAAU,EACf,EAAE,CAAC,SAAS,EACZ,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,CACb,CAAC;YAEF,+DAA+D;YAC/D,gBAAgB,CAAC;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACxC,CAAC,CAAC;YAEH,MAAM,CACJ;gBACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;gBACnD,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC,cAAc,CAAC;gBACxC,SAAS,EAAE,mEAAmE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;aACxG,EACD,UAAU,CACX,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/request.d.ts

@@ -0,0 +1,9 @@
+/**
+ * permission-slip request --action <action_id> [--params '{}'] [--server <url>]
+ *
+ * Requests one-off approval for an action. Returns the approval ID and URL.
+ * The user must approve on the dashboard and share a confirmation code.
+ */
+import type { Command } from "commander";
+export declare function requestCommand(program: Command): void;
+//# sourceMappingURL=request.d.ts.map

package/dist/commands/request.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request.d.ts","sourceRoot":"","sources":["../../src/commands/request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMzC,wBAAgB,cAAc,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA6DrD"}

package/dist/commands/request.js

@@ -0,0 +1,54 @@
+/**
+ * permission-slip request --action <action_id> [--params '{}'] [--server <url>]
+ *
+ * Requests one-off approval for an action. Returns the approval ID and URL.
+ * The user must approve on the dashboard and share a confirmation code.
+ */
+import { ApiClient } from "../api/client.js";
+import { resolveAgentId } from "./status.js";
+import { output } from "../output.js";
+import { shellQuote } from "../util/shell.js";
+export function requestCommand(program) {
+    program
+        .command("request")
+        .description("Request approval for an action")
+        .requiredOption("--action <action_id>", "Action type (e.g. email.send)")
+        .option("--params <json>", "Action parameters as JSON string", "{}")
+        .option("--description <text>", "Human-readable description of the action")
+        .option("--risk-level <level>", "Risk level: low, medium, high")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--agent-id <id>", "Agent ID (auto-detected from saved registration)")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            let params;
+            try {
+                params = JSON.parse(opts.params);
+            }
+            catch {
+                throw new Error(`--params must be valid JSON. Got: ${opts.params}`);
+            }
+            const agentId = resolveAgentId(opts.server, opts.agentId);
+            const client = new ApiClient({ serverUrl: opts.server, agentId });
+            const context = opts.description || opts.riskLevel
+                ? {
+                    description: opts.description,
+                    risk_level: opts.riskLevel,
+                }
+                : undefined;
+            const result = await client.requestApproval(opts.action, params, context);
+            output({
+                ...result,
+                next_step: "Wait for the user to approve on the dashboard. Once they share the execution token with you, run: " +
+                    `permission-slip execute --token <token> --action ${shellQuote(opts.action)} --params ${shellQuote(opts.params)}` +
+                    (opts.server !== "https://app.permissionslip.dev" ? ` --server ${shellQuote(opts.server)}` : ""),
+            }, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=request.js.map

package/dist/commands/request.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request.js","sourceRoot":"","sources":["../../src/commands/request.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C,MAAM,UAAU,cAAc,CAAC,OAAgB;IAC7C,OAAO;SACJ,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,gCAAgC,CAAC;SAC7C,cAAc,CAAC,sBAAsB,EAAE,+BAA+B,CAAC;SACvE,MAAM,CAAC,iBAAiB,EAAE,kCAAkC,EAAE,IAAI,CAAC;SACnE,MAAM,CAAC,sBAAsB,EAAE,0CAA0C,CAAC;SAC1E,MAAM,CAAC,sBAAsB,EAAE,+BAA+B,CAAC;SAC/D,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,iBAAiB,EAAE,kDAAkD,CAAC;SAC7E,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAQd,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,IAAI,MAAe,CAAC;YACpB,IAAI,CAAC;gBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CAAC,qCAAqC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YAElE,MAAM,OAAO,GACX,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,SAAS;gBAChC,CAAC,CAAC;oBACE,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,UAAU,EAAE,IAAI,CAAC,SAAS;iBAC3B;gBACH,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;YAE1E,MAAM,CACJ;gBACE,GAAG,MAAM;gBACT,SAAS,EACP,oGAAoG;oBACpG,oDAAoD,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;oBACjH,CAAC,IAAI,CAAC,MAAM,KAAK,gCAAgC,CAAC,CAAC,CAAC,aAAa,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACnG,EACD,UAAU,CACX,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/status.d.ts

@@ -0,0 +1,9 @@
+/**
+ * permission-slip status [--server <url>]
+ *
+ * Shows the current registration state for the agent on the given server.
+ */
+import type { Command } from "commander";
+export declare function statusCommand(program: Command): void;
+export declare function resolveAgentId(server: string, agentIdFlag?: string): number;
+//# sourceMappingURL=status.d.ts.map

package/dist/commands/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAKzC,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA2BpD;AAED,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,CAc3E"}

package/dist/commands/status.js

@@ -0,0 +1,44 @@
+/**
+ * permission-slip status [--server <url>]
+ *
+ * Shows the current registration state for the agent on the given server.
+ */
+import { ApiClient } from "../api/client.js";
+import { findRegistration } from "../config/store.js";
+import { output } from "../output.js";
+export function statusCommand(program) {
+    program
+        .command("status")
+        .description("Show current registration state")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--agent-id <id>", "Agent ID (auto-detected from saved registration)")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            const agentId = resolveAgentId(opts.server, opts.agentId);
+            const client = new ApiClient({ serverUrl: opts.server, agentId });
+            const result = await client.status();
+            output(result, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+export function resolveAgentId(server, agentIdFlag) {
+    if (agentIdFlag) {
+        const id = parseInt(agentIdFlag, 10);
+        if (isNaN(id))
+            throw new Error(`Invalid agent ID: ${agentIdFlag}`);
+        return id;
+    }
+    const reg = findRegistration(server);
+    if (!reg) {
+        throw new Error(`No registration found for ${server}. ` +
+            "Run 'permission-slip register --invite-code <code>' first.");
+    }
+    return reg.agent_id;
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAE1D,MAAM,UAAU,aAAa,CAAC,OAAgB;IAC5C,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,iCAAiC,CAAC;SAC9C,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,iBAAiB,EAAE,kDAAkD,CAAC;SAC7E,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAId,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YAClE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;YACrC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,MAAc,EAAE,WAAoB;IACjE,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,EAAE,GAAG,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QACrC,IAAI,KAAK,CAAC,EAAE,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,WAAW,EAAE,CAAC,CAAC;QACnE,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,6BAA6B,MAAM,IAAI;YACvC,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC;AACtB,CAAC"}

package/dist/commands/verify.d.ts

@@ -0,0 +1,9 @@
+/**
+ * permission-slip verify --code <confirmation_code> [--server <url>]
+ *
+ * Completes the registration flow by submitting the confirmation code
+ * that the user sees on their dashboard after reviewing the pending agent.
+ */
+import type { Command } from "commander";
+export declare function verifyCommand(program: Command): void;
+//# sourceMappingURL=verify.d.ts.map

package/dist/commands/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/commands/verify.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMzC,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAgEpD"}

package/dist/commands/verify.js

@@ -0,0 +1,61 @@
+/**
+ * permission-slip verify --code <confirmation_code> [--server <url>]
+ *
+ * Completes the registration flow by submitting the confirmation code
+ * that the user sees on their dashboard after reviewing the pending agent.
+ */
+import { ApiClient } from "../api/client.js";
+import { findRegistration, saveRegistration } from "../config/store.js";
+import { output } from "../output.js";
+import { shellQuote } from "../util/shell.js";
+export function verifyCommand(program) {
+    program
+        .command("verify")
+        .description("Complete registration with the confirmation code from the dashboard")
+        .requiredOption("--code <confirmation_code>", "Confirmation code from the dashboard")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--agent-id <id>", "Agent ID (auto-detected from saved registration)")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            let agentId;
+            if (opts.agentId) {
+                agentId = parseInt(opts.agentId, 10);
+                if (isNaN(agentId)) {
+                    throw new Error(`Invalid agent ID: ${opts.agentId}`);
+                }
+            }
+            else {
+                const reg = findRegistration(opts.server);
+                if (!reg) {
+                    throw new Error(`No registration found for ${opts.server}. ` +
+                        "Run 'permission-slip register --invite-code <code>' first, " +
+                        "or pass --agent-id explicitly.");
+                }
+                agentId = reg.agent_id;
+            }
+            const client = new ApiClient({ serverUrl: opts.server, agentId });
+            const result = await client.verify(agentId, opts.code);
+            // Update the registration with the confirmed timestamp
+            saveRegistration({
+                server: opts.server,
+                agent_id: agentId,
+                registered_at: result.registered_at,
+            });
+            output({
+                status: result.status,
+                agent_id: agentId,
+                registered_at: result.registered_at,
+                next_step: opts.server === "https://app.permissionslip.dev"
+                    ? "Run: permission-slip capabilities"
+                    : `Run: permission-slip capabilities --server ${shellQuote(opts.server)}`,
+            }, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=verify.js.map

package/dist/commands/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/commands/verify.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACxE,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C,MAAM,UAAU,aAAa,CAAC,OAAgB;IAC5C,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,qEAAqE,CAAC;SAClF,cAAc,CAAC,4BAA4B,EAAE,sCAAsC,CAAC;SACpF,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,iBAAiB,EAAE,kDAAkD,CAAC;SAC7E,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAKd,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,IAAI,OAAe,CAAC;YACpB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,qBAAqB,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,MAAM,IAAI,KAAK,CACb,6BAA6B,IAAI,CAAC,MAAM,IAAI;wBAC5C,6DAA6D;wBAC7D,gCAAgC,CACjC,CAAC;gBACJ,CAAC;gBACD,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC;YACzB,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;YAClE,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAEvD,uDAAuD;YACvD,gBAAgB,CAAC;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,OAAO;gBACjB,aAAa,EAAE,MAAM,CAAC,aAAa;aACpC,CAAC,CAAC;YAEH,MAAM,CACJ;gBACE,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,OAAO;gBACjB,aAAa,EAAE,MAAM,CAAC,aAAa;gBACnC,SAAS,EAAE,IAAI,CAAC,MAAM,KAAK,gCAAgC;oBACzD,CAAC,CAAC,mCAAmC;oBACrC,CAAC,CAAC,8CAA8C,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;aAC5E,EACD,UAAU,CACX,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/whoami.d.ts

@@ -0,0 +1,8 @@
+/**
+ * permission-slip whoami [--server <url>]
+ *
+ * Shows agent identity: local registration info and live status from the server.
+ */
+import type { Command } from "commander";
+export declare function whoamiCommand(program: Command): void;
+//# sourceMappingURL=whoami.d.ts.map

package/dist/commands/whoami.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"whoami.d.ts","sourceRoot":"","sources":["../../src/commands/whoami.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMzC,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAgEpD"}

package/dist/commands/whoami.js

@@ -0,0 +1,65 @@
+/**
+ * permission-slip whoami [--server <url>]
+ *
+ * Shows agent identity: local registration info and live status from the server.
+ */
+import { ApiClient } from "../api/client.js";
+import { loadRegistrations, findRegistration } from "../config/store.js";
+import { keyPairExists, readPublicKey } from "../auth/keys.js";
+import { output } from "../output.js";
+export function whoamiCommand(program) {
+    program
+        .command("whoami")
+        .description("Show agent identity and registration info")
+        .option("--server <url>", "Permission Slip server URL", "https://app.permissionslip.dev")
+        .option("--agent-id <id>", "Agent ID (auto-detected from saved registration)")
+        .option("--pretty", "Pretty-printed JSON (default is compact JSON)")
+        .action(async (opts) => {
+        const outputOpts = { pretty: opts.pretty ?? false };
+        try {
+            const hasKey = keyPairExists();
+            let publicKey = null;
+            if (hasKey) {
+                try {
+                    publicKey = readPublicKey();
+                }
+                catch {
+                    // ignore
+                }
+            }
+            const registrations = loadRegistrations();
+            const reg = findRegistration(opts.server);
+            let agentId;
+            if (opts.agentId) {
+                agentId = parseInt(opts.agentId, 10);
+            }
+            else if (reg) {
+                agentId = reg.agent_id;
+            }
+            let liveStatus = null;
+            if (agentId !== undefined) {
+                try {
+                    const client = new ApiClient({ serverUrl: opts.server, agentId });
+                    liveStatus = await client.status();
+                }
+                catch {
+                    liveStatus = null;
+                }
+            }
+            output({
+                key: { exists: hasKey, public_key: publicKey },
+                registrations,
+                current_server: {
+                    server: opts.server,
+                    registration: reg ?? null,
+                    live_status: liveStatus,
+                },
+            }, outputOpts);
+        }
+        catch (err) {
+            output({ error: err instanceof Error ? err.message : String(err) }, outputOpts);
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=whoami.js.map

package/dist/commands/whoami.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"whoami.js","sourceRoot":"","sources":["../../src/commands/whoami.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACzE,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAE1D,MAAM,UAAU,aAAa,CAAC,OAAgB;IAC5C,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,2CAA2C,CAAC;SACxD,MAAM,CACL,gBAAgB,EAChB,4BAA4B,EAC5B,gCAAgC,CACjC;SACA,MAAM,CAAC,iBAAiB,EAAE,kDAAkD,CAAC;SAC7E,MAAM,CAAC,UAAU,EAAE,+CAA+C,CAAC;SACnE,MAAM,CAAC,KAAK,EAAE,IAId,EAAE,EAAE;QACH,MAAM,UAAU,GAAkB,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QACnE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,IAAI,MAAM,EAAE,CAAC;gBACX,IAAI,CAAC;oBACH,SAAS,GAAG,aAAa,EAAE,CAAC;gBAC9B,CAAC;gBAAC,MAAM,CAAC;oBACP,SAAS;gBACX,CAAC;YACH,CAAC;YAED,MAAM,aAAa,GAAG,iBAAiB,EAAE,CAAC;YAC1C,MAAM,GAAG,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,OAA2B,CAAC;YAChC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,GAAG,EAAE,CAAC;gBACf,OAAO,GAAG,GAAG,CAAC,QAAQ,CAAC;YACzB,CAAC;YAED,IAAI,UAAU,GAAY,IAAI,CAAC;YAC/B,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;gBAC1B,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;oBAClE,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;gBACrC,CAAC;gBAAC,MAAM,CAAC;oBACP,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;YACH,CAAC;YAED,MAAM,CACJ;gBACE,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE;gBAC9C,aAAa;gBACb,cAAc,EAAE;oBACd,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,YAAY,EAAE,GAAG,IAAI,IAAI;oBACzB,WAAW,EAAE,UAAU;iBACxB;aACF,EACD,UAAU,CACX,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/config/store.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Manages ~/.permission-slip/ — config directory and registrations file.
+ *
+ * Registrations are stored as:
+ *   ~/.permission-slip/registrations.json
+ *
+ * Key files are stored as:
+ *   ~/.ssh/permission_slip_agent        (private key, OpenSSH format)
+ *   ~/.ssh/permission_slip_agent.pub    (public key)
+ */
+export interface Registration {
+    server: string;
+    agent_id: number;
+    registered_at: string;
+}
+export declare const CONFIG_DIR: string;
+export declare const REGISTRATIONS_FILE: string;
+export declare const SSH_DIR: string;
+export declare const PRIVATE_KEY_FILE: string;
+export declare const PUBLIC_KEY_FILE: string;
+export declare function ensureConfigDir(): void;
+export declare function loadRegistrations(): Registration[];
+export declare function saveRegistration(reg: Registration): void;
+/**
+ * Find a registration for the given server. If multiple registrations exist
+ * for the same server (different agent IDs), returns the most recently
+ * registered one.
+ */
+export declare function findRegistration(server: string): Registration | undefined;
+//# sourceMappingURL=store.d.ts.map

package/dist/config/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/config/store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;CACvB;AAOD,eAAO,MAAM,UAAU,QAEsB,CAAC;AAC9C,eAAO,MAAM,kBAAkB,QAA8C,CAAC;AAC9E,eAAO,MAAM,OAAO,QACmD,CAAC;AACxE,eAAO,MAAM,gBAAgB,QAEgB,CAAC;AAC9C,eAAO,MAAM,eAAe,QAEqB,CAAC;AAElD,wBAAgB,eAAe,IAAI,IAAI,CAItC;AAED,wBAAgB,iBAAiB,IAAI,YAAY,EAAE,CAWlD;AAED,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,YAAY,GAAG,IAAI,CAmBxD;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS,CASzE"}