@primitivedotdev/cli 0.26.1 → 0.26.3

package/dist/oclif/auth.js

@@ -1,223 +0,0 @@
-import { randomUUID } from "node:crypto";
-import { chmodSync, mkdirSync, readFileSync, renameSync, rmSync, statSync, writeFileSync, } from "node:fs";
-import { join } from "node:path";
-import { DEFAULT_API_BASE_URL_1, DEFAULT_API_BASE_URL_2, } from "@primitivedotdev/sdk/api";
-const CREDENTIALS_FILE = "credentials.json";
-const CREDENTIALS_LOCK_DIR = "credentials.lock";
-const CREDENTIALS_LOCK_STALE_MS = 30 * 60 * 1000;
-const MALFORMED_CREDENTIALS_HINT = "Run `primitive logout` and then `primitive login`.";
-function isRecord(value) {
-    return value !== null && typeof value === "object" && !Array.isArray(value);
-}
-function requireString(value, key) {
-    const raw = value[key];
-    if (typeof raw !== "string" || raw.trim().length === 0) {
-        throw new Error(`Stored Primitive CLI credentials are malformed: ${key} must be a non-empty string. ${MALFORMED_CREDENTIALS_HINT}`);
-    }
-    return raw;
-}
-/**
- * Sentinel returned by parseCredentials when the on-disk credentials
- * were written by a pre-dual-host CLI version (i.e. they have
- * `base_url` instead of `api_base_url_1`). The caller treats this as
- * "no saved credentials" after auto-cleaning the stale file. Defined
- * as a class-tagged error so loadCliCredentials can distinguish it
- * from a genuine malformed-credentials error.
- */
-class StaleCredentialFormatError extends Error {
-    constructor() {
-        super("stale_credential_format");
-        this.name = "StaleCredentialFormatError";
-    }
-}
-function parseCredentials(raw) {
-    if (!isRecord(raw)) {
-        throw new Error(`Stored Primitive CLI credentials are malformed: expected a JSON object. ${MALFORMED_CREDENTIALS_HINT}`);
-    }
-    // Stored credentials from an older CLI version used the field name
-    // `base_url`; the dual-host rename moved this to `api_base_url_1`.
-    // Detect the old shape specifically so loadCliCredentials can wipe
-    // the stale file and emit a clear "you've been logged out" notice
-    // instead of every command hard-failing with a generic "malformed"
-    // error that doesn't surface the actual fix (re-login).
-    if (typeof raw.api_base_url_1 !== "string" &&
-        typeof raw.base_url === "string") {
-        throw new StaleCredentialFormatError();
-    }
-    const orgName = raw.org_name;
-    if (orgName !== null && typeof orgName !== "string") {
-        throw new Error(`Stored Primitive CLI credentials are malformed: org_name must be a string or null. ${MALFORMED_CREDENTIALS_HINT}`);
-    }
-    return {
-        api_key: requireString(raw, "api_key"),
-        key_id: requireString(raw, "key_id"),
-        key_prefix: requireString(raw, "key_prefix"),
-        org_id: requireString(raw, "org_id"),
-        org_name: orgName,
-        api_base_url_1: requireString(raw, "api_base_url_1"),
-        created_at: requireString(raw, "created_at"),
-    };
-}
-export function credentialsPath(configDir) {
-    return join(configDir, CREDENTIALS_FILE);
-}
-function normalize(url, fallback) {
-    const trimmed = url?.trim();
-    if (!trimmed)
-        return fallback;
-    return trimmed.replace(/\/+$/, "");
-}
-export function normalizeApiBaseUrl1(url) {
-    return normalize(url, DEFAULT_API_BASE_URL_1);
-}
-export function normalizeApiBaseUrl2(url) {
-    return normalize(url, DEFAULT_API_BASE_URL_2);
-}
-export function loadCliCredentials(configDir) {
-    const path = credentialsPath(configDir);
-    let contents;
-    try {
-        contents = readFileSync(path, "utf8");
-    }
-    catch (error) {
-        if (error &&
-            typeof error === "object" &&
-            error.code === "ENOENT") {
-            return null;
-        }
-        const detail = error instanceof Error ? error.message : String(error);
-        throw new Error(`Could not read Primitive CLI credentials: ${detail}`);
-    }
-    try {
-        return parseCredentials(JSON.parse(contents));
-    }
-    catch (error) {
-        if (error instanceof StaleCredentialFormatError) {
-            // Saved credentials were written by a pre-dual-host CLI version.
-            // The format is incompatible (base_url vs api_base_url_1) and
-            // cannot be recovered. Clear the file so the caller sees "no
-            // saved credentials" and emit a one-shot notice telling the
-            // user they need to log back in. Idempotent: once the file is
-            // gone, this branch never fires again.
-            try {
-                rmSync(path, { force: true });
-            }
-            catch {
-                // Best-effort cleanup; if the unlink fails (permissions,
-                // racing process), the next CLI invocation will hit this
-                // path again and try once more.
-            }
-            process.stderr.write("You've been logged out: your saved Primitive CLI credentials were created by an older CLI version and are no longer compatible. Run `primitive login` to re-authenticate.\n");
-            return null;
-        }
-        if (error instanceof SyntaxError) {
-            throw new Error("Stored Primitive CLI credentials are not valid JSON. Run `primitive logout` and then `primitive login`.");
-        }
-        throw error;
-    }
-}
-export function saveCliCredentials(configDir, credentials) {
-    mkdirSync(configDir, { mode: 0o700, recursive: true });
-    const path = credentialsPath(configDir);
-    const tempPath = join(configDir, `${CREDENTIALS_FILE}.${process.pid}.${randomUUID()}.tmp`);
-    try {
-        writeFileSync(tempPath, `${JSON.stringify(credentials, null, 2)}\n`, {
-            mode: 0o600,
-        });
-        chmodSync(tempPath, 0o600);
-        renameSync(tempPath, path);
-        chmodSync(path, 0o600);
-    }
-    catch (error) {
-        rmSync(tempPath, { force: true });
-        throw error;
-    }
-}
-export function deleteCliCredentials(configDir) {
-    rmSync(credentialsPath(configDir), { force: true });
-}
-function errorCode(error) {
-    return error && typeof error === "object"
-        ? error.code
-        : undefined;
-}
-function removeStaleCliCredentialsLock(lockPath, staleMs, now) {
-    try {
-        const stats = statSync(lockPath);
-        if (now() - stats.mtimeMs < staleMs)
-            return false;
-    }
-    catch (error) {
-        if (errorCode(error) === "ENOENT")
-            return true;
-        throw error;
-    }
-    rmSync(lockPath, { force: true, recursive: true });
-    return true;
-}
-export function acquireCliCredentialsLock(configDir, options = {}) {
-    mkdirSync(configDir, { mode: 0o700, recursive: true });
-    const lockPath = join(configDir, CREDENTIALS_LOCK_DIR);
-    const now = options.now ?? Date.now;
-    const staleMs = options.staleMs ?? CREDENTIALS_LOCK_STALE_MS;
-    let acquired = false;
-    for (let attempt = 0; attempt < 2; attempt += 1) {
-        try {
-            mkdirSync(lockPath, { mode: 0o700 });
-            acquired = true;
-            break;
-        }
-        catch (error) {
-            if (errorCode(error) !== "EEXIST")
-                throw error;
-            if (removeStaleCliCredentialsLock(lockPath, staleMs, now))
-                continue;
-            throw new Error("Another Primitive CLI credential operation is already in progress. Wait for it to finish, then retry.");
-        }
-    }
-    if (!acquired) {
-        throw new Error("Another Primitive CLI credential operation is already in progress. Wait for it to finish, then retry.");
-    }
-    let released = false;
-    return () => {
-        if (released)
-            return;
-        released = true;
-        rmSync(lockPath, { force: true, recursive: true });
-    };
-}
-export function resolveCliAuth(params) {
-    const apiKey = params.apiKey?.trim();
-    // Host 2 (api_base_url_2) is never stored; either set by env/flag or
-    // falls back to the production default. The login flow only deals
-    // with host 1.
-    const apiBaseUrl2 = normalizeApiBaseUrl2(params.apiBaseUrl2);
-    if (apiKey) {
-        return {
-            apiKey,
-            apiBaseUrl1: normalizeApiBaseUrl1(params.apiBaseUrl1),
-            apiBaseUrl2,
-            credentials: null,
-            source: "flag-or-env",
-        };
-    }
-    const credentials = loadCliCredentials(params.configDir);
-    if (credentials) {
-        return {
-            apiKey: credentials.api_key,
-            apiBaseUrl1: params.apiBaseUrl1
-                ? normalizeApiBaseUrl1(params.apiBaseUrl1)
-                : credentials.api_base_url_1,
-            apiBaseUrl2,
-            credentials,
-            source: "stored",
-        };
-    }
-    return {
-        apiKey: undefined,
-        apiBaseUrl1: normalizeApiBaseUrl1(params.apiBaseUrl1),
-        apiBaseUrl2,
-        credentials: null,
-        source: "none",
-    };
-}

package/dist/oclif/commands/doctor.js

@@ -1,338 +0,0 @@
-import { existsSync, readFileSync } from "node:fs";
-import { join } from "node:path";
-import { Command, Flags } from "@oclif/core";
-import { getAccount, listDomains, PrimitiveApiClient, } from "@primitivedotdev/sdk/api";
-import { resolveCliAuth } from "../auth.js";
-// `primitive doctor` is a one-command health check the AGX walkthrough
-// kept asking for. Before this command, a user with a misconfigured
-// environment had to triangulate across whoami, list-domains, and raw
-// network probes to figure out which piece was off. The checklist
-// below covers the four things that fail in practice: stale Node, a
-// proxy env we don't pick up, a missing/wrong API key, and an org
-// with no verified domain.
-//
-// Designed as an interactive checklist on stderr (so a piped invocation
-// keeps the structured JSON on stdout). Each check prints its label,
-// runs, and reports OK/WARN/FAIL with a one-line hint when not OK. The
-// command exits 1 if any FAIL check fires; WARN doesn't fail the run.
-const MIN_NODE_MAJOR = 22;
-function renderRow({ label, outcome }) {
-    const tag = outcome.status === "ok"
-        ? "[OK]  "
-        : outcome.status === "warn"
-            ? "[WARN]"
-            : "[FAIL]";
-    return `${tag} ${label}: ${outcome.message}`;
-}
-function checkNode() {
-    const version = process.version; // e.g. "v22.10.2"
-    const majorStr = version.replace(/^v/, "").split(".")[0];
-    const major = majorStr ? Number(majorStr) : Number.NaN;
-    if (!Number.isFinite(major)) {
-        return {
-            status: "warn",
-            message: `unrecognized version string ${version}`,
-            hint: "Ensure node --version reports a semver-shaped value.",
-        };
-    }
-    if (major < MIN_NODE_MAJOR) {
-        return {
-            status: "fail",
-            message: `${version} is below the minimum supported major (${MIN_NODE_MAJOR})`,
-            hint: `Install Node.js ${MIN_NODE_MAJOR} or newer. The CLI relies on Web Fetch APIs that are stable from ${MIN_NODE_MAJOR} on.`,
-        };
-    }
-    return { status: "ok", message: version };
-}
-function checkProxy() {
-    // Surface the four env vars Node's fetch consults when
-    // NODE_USE_ENV_PROXY=1 is set. Don't claim they're broken if absent;
-    // many environments don't need them. Surface NODE_USE_ENV_PROXY
-    // itself because Node 22+ ignores HTTP_PROXY etc. without it: a
-    // surprisingly common gotcha that turns the CLI into ENETUNREACH
-    // from inside containers and corporate networks.
-    const vars = [
-        "NODE_USE_ENV_PROXY",
-        "HTTPS_PROXY",
-        "HTTP_PROXY",
-        "NO_PROXY",
-    ];
-    const present = vars
-        .map((name) => {
-        const value = process.env[name];
-        return value && value.length > 0 ? `${name}=${value}` : null;
-    })
-        .filter((entry) => entry !== null);
-    if (present.length === 0) {
-        return { status: "ok", message: "no proxy env vars set" };
-    }
-    // Identify which specific proxy host var(s) are set so the warning
-    // names what the shell actually has, not a hardcoded string. Order
-    // is reporting-only; if both are set, both surface in the message.
-    const proxyHostVars = ["HTTPS_PROXY", "HTTP_PROXY"].filter((name) => (process.env[name] ?? "").length > 0);
-    const proxyEnabled = process.env.NODE_USE_ENV_PROXY === "1";
-    if (proxyHostVars.length > 0 && !proxyEnabled) {
-        return {
-            status: "warn",
-            message: `${present.join(", ")} (${proxyHostVars.join(" / ")} set, NODE_USE_ENV_PROXY not)`,
-            hint: "Node 22+ ignores HTTP(S)_PROXY by default. Re-run with NODE_USE_ENV_PROXY=1 if API calls fail with ENETUNREACH or ECONNREFUSED.",
-        };
-    }
-    return { status: "ok", message: present.join(", ") };
-}
-function checkApiKey(opts) {
-    if (opts.apiKey?.startsWith("prim_")) {
-        return { status: "ok", message: "provided via flag/env (prim_ prefix)" };
-    }
-    if (opts.apiKey) {
-        return {
-            status: "warn",
-            message: "provided but does not start with prim_",
-            hint: "Verify the key is a Primitive API key, not a value from another service.",
-        };
-    }
-    const credsPath = join(opts.configDir, "credentials.json");
-    if (existsSync(credsPath)) {
-        let parsed = null;
-        let parseError = null;
-        try {
-            parsed = JSON.parse(readFileSync(credsPath, "utf8"));
-        }
-        catch (error) {
-            parseError = error instanceof Error ? error.message : String(error);
-        }
-        if (parsed?.api_key) {
-            return { status: "ok", message: `loaded from ${credsPath}` };
-        }
-        if (parsed) {
-            // File parsed but had no usable api_key. Different cause than a
-            // malformed file; surface the distinction so the user knows
-            // whether to re-run login or to inspect the file by hand.
-            return {
-                status: "fail",
-                message: `${credsPath} exists but contains no api_key`,
-                hint: "Run `primitive logout` to clear it, then `primitive login` to recreate.",
-            };
-        }
-        return {
-            status: "fail",
-            message: `${credsPath} exists but is unreadable or malformed${parseError ? ` (${parseError})` : ""}`,
-            hint: "Run `primitive logout` to clear it, then `primitive login` to recreate.",
-        };
-    }
-    return {
-        status: "fail",
-        message: "no API key found",
-        hint: "Run `primitive login`, pass --api-key explicitly, or export PRIMITIVE_API_KEY=prim_...",
-    };
-}
-async function checkAccount(opts) {
-    try {
-        const client = new PrimitiveApiClient({
-            apiKey: opts.apiKey,
-            apiBaseUrl1: opts.apiBaseUrl1,
-            apiBaseUrl2: opts.apiBaseUrl2,
-        });
-        const result = await getAccount({
-            client: client.client,
-            responseStyle: "fields",
-        });
-        // Capture once to avoid TS over-narrowing across the truthy +
-        // typeof checks; result.error can resolve to never on the third
-        // access when the generated union types collapse.
-        const apiError = result.error;
-        if (apiError) {
-            const errorBody = typeof apiError === "object" && apiError !== null
-                ? JSON.stringify(apiError).slice(0, 300)
-                : String(apiError).slice(0, 300);
-            return {
-                outcome: {
-                    status: "fail",
-                    message: `API rejected the key (${errorBody})`,
-                    hint: "Run `primitive whoami` for the full error envelope. If the key was rotated, regenerate it in the dashboard.",
-                },
-                account: null,
-            };
-        }
-        const envelope = result.data;
-        const account = envelope?.data ?? null;
-        if (!account) {
-            return {
-                outcome: {
-                    status: "fail",
-                    message: "/account returned an empty body",
-                },
-                account: null,
-            };
-        }
-        return {
-            outcome: {
-                status: "ok",
-                message: `${account.email} (plan: ${account.plan}, id: ${account.id})`,
-            },
-            account,
-        };
-    }
-    catch (error) {
-        const code = error instanceof Error &&
-            error.cause &&
-            typeof error.cause === "object" &&
-            typeof error.cause.code === "string"
-            ? error.cause.code
-            : undefined;
-        const message = error instanceof Error ? error.message : String(error);
-        const hint = code === "ENETUNREACH" ||
-            code === "ECONNREFUSED" ||
-            code === "ETIMEDOUT" ||
-            code === "EAI_AGAIN"
-            ? "Network unreachable. If you're behind a proxy, re-run with NODE_USE_ENV_PROXY=1 and HTTPS_PROXY set. If you're in a container, check that egress to *.primitive.dev is allowed."
-            : 'Inspect the error above. `curl https://www.primitive.dev/api/v1/account -H "Authorization: Bearer $PRIMITIVE_API_KEY"` is the fastest way to bisect CLI vs network.';
-        return {
-            outcome: {
-                status: "fail",
-                message: code ? `${message} (${code})` : message,
-                hint,
-            },
-            account: null,
-        };
-    }
-}
-async function checkDomains(opts) {
-    try {
-        const client = new PrimitiveApiClient({
-            apiKey: opts.apiKey,
-            apiBaseUrl1: opts.apiBaseUrl1,
-            apiBaseUrl2: opts.apiBaseUrl2,
-        });
-        const result = await listDomains({
-            client: client.client,
-            responseStyle: "fields",
-        });
-        if (result.error) {
-            return {
-                status: "warn",
-                message: "could not list domains",
-                hint: "Run `primitive domains:list-domains` for the full error envelope.",
-            };
-        }
-        const envelope = result.data;
-        const rows = envelope?.data ?? [];
-        const active = rows.filter((row) => row.is_active === true);
-        if (active.length === 0 && rows.length === 0) {
-            return {
-                status: "warn",
-                message: "no domains on this account yet",
-                hint: "A managed `*.primitive.email` subdomain is auto-issued on signup. If this is empty, complete onboarding or check the dashboard.",
-            };
-        }
-        if (active.length === 0) {
-            return {
-                status: "warn",
-                message: `${rows.length} domain(s), none active`,
-                hint: "Run `primitive domains:verify-domain --id <id>` for any domain you intend to send / receive on.",
-            };
-        }
-        return {
-            status: "ok",
-            message: `${active.length} active domain(s): ${active.map((row) => row.domain).join(", ")}`,
-        };
-    }
-    catch (error) {
-        return {
-            status: "warn",
-            message: `listDomains threw: ${error instanceof Error ? error.message : String(error)}`,
-        };
-    }
-}
-class DoctorCommand extends Command {
-    static description = `Run a one-shot environment health check: Node version, proxy env, API key resolution, /account reachability, and verified-domain status. Fails fast on anything that would block other commands and prints actionable hints for each warning or failure.`;
-    static summary = "Check the local environment and live API for common problems";
-    static examples = [
-        "<%= config.bin %> doctor",
-        "<%= config.bin %> doctor --api-key prim_...",
-    ];
-    static flags = {
-        "api-key": Flags.string({
-            description: "Primitive API key (defaults to PRIMITIVE_API_KEY or saved `primitive login` credentials)",
-            env: "PRIMITIVE_API_KEY",
-        }),
-        "api-base-url-1": Flags.string({
-            description: "Override the primary API base URL. Internal testing only; not documented to customers.",
-            env: "PRIMITIVE_API_BASE_URL_1",
-            hidden: true,
-        }),
-        "api-base-url-2": Flags.string({
-            description: "Override the attachments-supporting send host base URL. Internal testing only; not documented to customers.",
-            env: "PRIMITIVE_API_BASE_URL_2",
-            hidden: true,
-        }),
-    };
-    async run() {
-        const { flags } = await this.parse(DoctorCommand);
-        const rows = [];
-        rows.push({ label: "Node version", outcome: checkNode() });
-        rows.push({ label: "Proxy env", outcome: checkProxy() });
-        const apiKeyCheck = checkApiKey({
-            apiKey: flags["api-key"],
-            configDir: this.config.configDir,
-        });
-        rows.push({ label: "API key", outcome: apiKeyCheck });
-        // Only run the live checks if we have a key to authenticate with.
-        // Reporting the network-failure case without a key would just
-        // confuse the user; the missing-key row above already covers it.
-        if (apiKeyCheck.status !== "fail") {
-            const auth = resolveCliAuth({
-                apiKey: flags["api-key"],
-                apiBaseUrl1: flags["api-base-url-1"],
-                apiBaseUrl2: flags["api-base-url-2"],
-                configDir: this.config.configDir,
-            });
-            // resolveCliAuth's apiKey is typed as string | undefined; we
-            // narrowed the failure case via apiKeyCheck above, so the
-            // undefined branch shouldn't fire in practice. Skip the live
-            // checks defensively rather than passing "" to the API.
-            if (auth.apiKey !== undefined) {
-                const accountCheck = await checkAccount({
-                    apiKey: auth.apiKey,
-                    apiBaseUrl1: auth.apiBaseUrl1,
-                    apiBaseUrl2: auth.apiBaseUrl2,
-                });
-                rows.push({ label: "API auth", outcome: accountCheck.outcome });
-                if (accountCheck.outcome.status === "ok") {
-                    const domainsOutcome = await checkDomains({
-                        apiKey: auth.apiKey,
-                        apiBaseUrl1: auth.apiBaseUrl1,
-                        apiBaseUrl2: auth.apiBaseUrl2,
-                    });
-                    rows.push({ label: "Domains", outcome: domainsOutcome });
-                }
-            }
-        }
-        for (const row of rows) {
-            process.stderr.write(`${renderRow(row)}\n`);
-            if ("hint" in row.outcome && row.outcome.hint) {
-                process.stderr.write(`       hint: ${row.outcome.hint}\n`);
-            }
-        }
-        // Structured stdout for piping. Keep stderr human-readable;
-        // stdout JSON is what `primitive doctor | jq` consumers parse.
-        const summary = {
-            ok: rows.every((row) => row.outcome.status === "ok"),
-            checks: rows.map(({ label, outcome }) => ({
-                label,
-                status: outcome.status,
-                message: outcome.message,
-                ...("hint" in outcome && outcome.hint ? { hint: outcome.hint } : {}),
-            })),
-        };
-        this.log(JSON.stringify(summary, null, 2));
-        if (rows.some((row) => row.outcome.status === "fail")) {
-            process.exitCode = 1;
-        }
-    }
-}
-export default DoctorCommand;
-// Exported for unit testing. The pure helpers (formatters and the
-// proxy / node-version checks) get isolated coverage so the oclif
-// run() lifecycle doesn't have to be stood up for every case.
-export { checkApiKey, checkNode, checkProxy, renderRow };