@pugi/cli 0.1.0-beta.5 → 0.1.0-beta.50

package/dist/core/cost/tracker.js

@@ -0,0 +1,221 @@
+/**
+ * Persisted per-session cost tracker — L19 sprint (2026-05-27).
+ *
+ * Mission: every Anvil-mediated LLM call goes through `recordCall`, which
+ * aggregates per-model token + USD totals and atomically persists them
+ * to `.pugi/cost.json` so the operator can read `/cost` across REPL
+ * restarts and reconcile a 14-min session that crossed a process boundary.
+ *
+ * Why a fresh module instead of bolting onto `core/repl/session.ts`?
+ *
+ *   - `session.ts` accumulates in-memory state for the live TUI status
+ *     row, which is by-design ephemeral and cleared on REPL boot. The
+ *     operator's "what did I spend across the project?" question needs
+ *     a durable surface that survives a process restart.
+ *   - L19 also has to read `--all-sessions` (last 30 days). The natural
+ *     store for that is a per-workspace history of session aggregates,
+ *     which is easy with the JSON file pattern below and would be
+ *     awkward stitched into the REPL reducer.
+ *
+ * On-disk shape (single JSON file, atomic tmp+rename writes):
+ *
+ *   {
+ *     "version": 1,
+ *     "current": { sessionId, startedAt, models: { <slug>: ModelEntry } },
+ *     "history": [
+ *       { sessionId, startedAt, endedAt, models: { ... } }
+ *     ]
+ *   }
+ *
+ * History rotation: when `recordCall` is invoked with a sessionId
+ * different from `current.sessionId`, the existing `current` row is
+ * stamped with `endedAt = now()` and pushed onto `history`, then a new
+ * `current` row is initialised. History is capped at 90 entries (the L19
+ * `--all-sessions` window is 30 days; 90 gives a generous buffer for
+ * operators on >1 session/day cadence without unbounded growth).
+ *
+ * The tracker is workspace-scoped — every workspace has its own
+ * `.pugi/cost.json`. This matches the existing `.pugi/events.jsonl` /
+ * `.pugi/index.json` pattern and means a multi-repo operator's costs
+ * are billed against the repo they were incurred in.
+ */
+import { existsSync, mkdirSync, readFileSync, renameSync, writeFileSync, unlinkSync } from 'node:fs';
+import { dirname, resolve } from 'node:path';
+import { estimateUsd } from './rate-card.js';
+/** On-disk schema version. Bump if the file shape changes. */
+export const COST_FILE_SCHEMA_VERSION = 1;
+/** Maximum number of historical sessions persisted in `.pugi/cost.json`. */
+export const COST_HISTORY_CAP = 90;
+export function createCostTracker(opts) {
+    const filePath = resolve(opts.workspaceRoot, '.pugi/cost.json');
+    const now = opts.now ?? Date.now;
+    let state = readOrInit(filePath);
+    function ensureCurrent(sessionId) {
+        if (state.current && state.current.sessionId === sessionId) {
+            return state.current;
+        }
+        // Session rotation: stamp the previous current with endedAt and push
+        // onto history. Idempotent — calling rotate twice with the same
+        // session id is a no-op.
+        if (state.current) {
+            const ended = {
+                ...state.current,
+                endedAt: new Date(now()).toISOString(),
+            };
+            state.history = [ended, ...state.history].slice(0, COST_HISTORY_CAP);
+        }
+        state.current = {
+            sessionId,
+            startedAt: new Date(now()).toISOString(),
+            models: {},
+        };
+        return state.current;
+    }
+    function persist() {
+        try {
+            mkdirSync(dirname(filePath), { recursive: true });
+        }
+        catch {
+            // best-effort directory create; the write below surfaces the real
+            // error if the parent is genuinely unwritable
+        }
+        const tmp = `${filePath}.tmp`;
+        writeFileSync(tmp, JSON.stringify(state, null, 2), 'utf8');
+        renameSync(tmp, filePath);
+    }
+    return {
+        recordCall(input) {
+            const sessionId = opts.sessionIdProvider();
+            if (!sessionId)
+                return;
+            const current = ensureCurrent(sessionId);
+            const slug = typeof input.model === 'string' && input.model.length > 0 ? input.model : 'unknown';
+            const safeIn = Number.isFinite(input.inputTokens) && input.inputTokens > 0 ? input.inputTokens : 0;
+            const safeOut = Number.isFinite(input.outputTokens) && input.outputTokens > 0 ? input.outputTokens : 0;
+            const existing = current.models[slug] ?? { input: 0, output: 0, callCount: 0 };
+            current.models[slug] = {
+                input: existing.input + safeIn,
+                output: existing.output + safeOut,
+                callCount: existing.callCount + 1,
+            };
+            persist();
+        },
+        current() {
+            return state.current;
+        },
+        history() {
+            return state.history;
+        },
+        aggregateWithin(withinDays) {
+            const cutoffMs = now() - withinDays * 24 * 60 * 60 * 1000;
+            const aggregate = {
+                sessionId: 'aggregate',
+                startedAt: new Date(cutoffMs).toISOString(),
+                endedAt: new Date(now()).toISOString(),
+                models: {},
+            };
+            const rows = [];
+            if (state.current)
+                rows.push(state.current);
+            for (const row of state.history) {
+                const stamp = Date.parse(row.startedAt);
+                if (Number.isFinite(stamp) && stamp >= cutoffMs)
+                    rows.push(row);
+            }
+            for (const row of rows) {
+                for (const [slug, entry] of Object.entries(row.models)) {
+                    const existing = aggregate.models[slug] ?? { input: 0, output: 0, callCount: 0 };
+                    aggregate.models[slug] = {
+                        input: existing.input + entry.input,
+                        output: existing.output + entry.output,
+                        callCount: existing.callCount + entry.callCount,
+                    };
+                }
+            }
+            return aggregate;
+        },
+        resetCurrent() {
+            const wiped = state.current;
+            state.current = null;
+            persist();
+            return wiped;
+        },
+        flush() {
+            persist();
+        },
+    };
+}
+/**
+ * Compute the per-session USD total from a `SessionAggregate`. Pure —
+ * uses the rate card to bind a price to every model entry. Open-weight
+ * models contribute $0 (their entries always have $0/$0 rate).
+ */
+export function totalUsd(aggregate) {
+    let total = 0;
+    for (const [slug, entry] of Object.entries(aggregate.models)) {
+        total += estimateUsd(slug, entry.input, entry.output);
+    }
+    return total;
+}
+/**
+ * Compute total input + output token sums across all models in an
+ * aggregate. Used by the CLI table footer.
+ */
+export function totalTokens(aggregate) {
+    let input = 0;
+    let output = 0;
+    for (const entry of Object.values(aggregate.models)) {
+        input += entry.input;
+        output += entry.output;
+    }
+    return { input, output };
+}
+/**
+ * Read the persisted file (or initialise an empty one). Tolerates a
+ * corrupted file by returning a fresh empty state — losing one
+ * session's history is preferable to throwing from the boot path of
+ * every `pugi cost` invocation.
+ */
+function readOrInit(filePath) {
+    if (!existsSync(filePath)) {
+        return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
+    }
+    try {
+        const raw = readFileSync(filePath, 'utf8');
+        const parsed = JSON.parse(raw);
+        if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+            return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
+        }
+        const obj = parsed;
+        return {
+            version: typeof obj.version === 'number' ? obj.version : COST_FILE_SCHEMA_VERSION,
+            current: isAggregate(obj.current) ? obj.current : null,
+            history: Array.isArray(obj.history) ? obj.history.filter(isAggregate) : [],
+        };
+    }
+    catch {
+        return { version: COST_FILE_SCHEMA_VERSION, current: null, history: [] };
+    }
+}
+function isAggregate(v) {
+    if (!v || typeof v !== 'object' || Array.isArray(v))
+        return false;
+    const obj = v;
+    if (typeof obj.sessionId !== 'string' || typeof obj.startedAt !== 'string')
+        return false;
+    if (!obj.models || typeof obj.models !== 'object')
+        return false;
+    return true;
+}
+/**
+ * Test helper — wipe the `.pugi/cost.json` file. Not exported through the
+ * public CostTracker surface because production code must never call
+ * this; an operator-facing reset goes through `resetCurrent()` which
+ * preserves history.
+ */
+export function _danger_wipeCostFile_forTests(workspaceRoot) {
+    const filePath = resolve(workspaceRoot, '.pugi/cost.json');
+    if (existsSync(filePath))
+        unlinkSync(filePath);
+}
+//# sourceMappingURL=tracker.js.map

package/dist/core/denial-tracking/index.js

@@ -0,0 +1,8 @@
+/**
+ * Public re-exports for the denial-tracking surface. Engine adapter
+ * code imports from here so we can move internals around (e.g. split
+ * the diagnostics probe into a sibling file) without churning every
+ * call site.
+ */
+export { DenialTrackingState, buildDenialContext, canonicalArgHash, DENIAL_TRACKING_MAX_ENTRIES, DENIAL_REMINDER_THRESHOLD, DENIAL_ARGS_SUMMARY_BYTES, } from './state.js';
+//# sourceMappingURL=index.js.map

package/dist/core/denial-tracking/state.js

@@ -0,0 +1,264 @@
+/**
+ * α7 L11 (2026-05-27) — DenialTrackingState surface (Claude Code parity).
+ *
+ * Per the openclaude / anarchic-CC leak research (`gap-analysis-3-repos`
+ * §5.2): Claude Code's `QueryEngine.ts` maintains a per-session
+ * `DenialTrackingState` that records every tool-dispatch denial.
+ * Subsequent turns receive a compact reminder so the model does not
+ * loop on the same refused operation, the operator can audit pressure
+ * points via `/permissions denials` / `/doctor`, and hooks can react
+ * to recurring patterns.
+ *
+ * Pugi pre-L11 surfaced denials only as a one-line sentinel inside the
+ * tool error (`HOOK_BLOCKED:`, `PLAN_MODE_REFUSED:`, `STALE_READ:`).
+ * The model saw each refusal in isolation; no aggregate, no count, no
+ * "do not retry" context across turns. This module closes that gap.
+ *
+ * Design contract:
+ *
+ *   - Per-session in-memory state. The engine adapter creates one
+ *     instance at session open and threads it through `buildExecutor`
+ *     + `runEngineLoop`. No disk persistence — denial history is a
+ *     turn-scoped signal, not a forensic log (the audit ledger at
+ *     `.pugi/events.jsonl` already carries every refused dispatch).
+ *
+ *   - Pure: no I/O, no logging. Inputs are passed by caller, output
+ *     is in-memory only. The diagnostics probe + system-reminder
+ *     splice are pure functions over the snapshot.
+ *
+ *   - Canonical argHash: sha256 of `canonicalize(args)`. Same call
+ *     to same tool with same args = same key. Reordering JSON object
+ *     keys does NOT change the hash (we sort keys recursively before
+ *     stringification). This makes "repeated denial" detection
+ *     deterministic across model retries.
+ *
+ *   - Bounded: the map caps at 256 entries per session. Once full,
+ *     `recordDenial` evicts the oldest entry (lowest `lastDeniedAt`).
+ *     A session with > 256 distinct denials is already pathological;
+ *     the cap is defensive insurance against pathological loops
+ *     blowing memory.
+ *
+ *   - Reminder threshold: the reminder splice only injects when at
+ *     least one record has `count >= 2`. One-off denials are normal
+ *     (the operator is shaping the session); repeated denials = the
+ *     model is failing to learn from the refusal and we should
+ *     reinforce it.
+ */
+import { createHash } from 'node:crypto';
+/** Bound on the per-session map. See module header. */
+export const DENIAL_TRACKING_MAX_ENTRIES = 256;
+/** Threshold above which `buildDenialContext` injects a system reminder. */
+export const DENIAL_REMINDER_THRESHOLD = 2;
+/** Per-denial-args summary cap surfaced to the model. */
+export const DENIAL_ARGS_SUMMARY_BYTES = 240;
+/**
+ * Per-session denial tracker. Instances are mutable but threaded
+ * through `buildExecutor` so every dispatcher in the loop sees the
+ * same view.
+ */
+export class DenialTrackingState {
+    /** Insertion-ordered map. Eviction walks oldest `lastDeniedAt`. */
+    records = new Map();
+    /**
+     * Wall clock. Defaults to `Date.now`. Injected so tests can drive
+     * deterministic timestamps.
+     */
+    clock;
+    constructor(options = {}) {
+        this.clock = options.clock ?? Date.now;
+    }
+    /**
+     * Record a denial. Increments the count when the (tool, args) pair
+     * has been denied before; otherwise inserts a new record. The reason
+     * is always overwritten with the latest value so the system reminder
+     * surfaces the most-recent context.
+     */
+    recordDenial(toolName, args, reason) {
+        const argHash = canonicalArgHash(args);
+        const key = `${toolName}:${argHash}`;
+        const now = new Date(this.clock());
+        const existing = this.records.get(key);
+        if (existing) {
+            existing.count += 1;
+            existing.lastDeniedAt = now;
+            existing.lastReason = truncateReason(reason);
+            // Re-insert so the iteration order tracks lastDeniedAt (LRU-ish).
+            this.records.delete(key);
+            this.records.set(key, existing);
+            return existing;
+        }
+        if (this.records.size >= DENIAL_TRACKING_MAX_ENTRIES) {
+            // Evict the oldest entry (insertion order = LRU after our delete
+            // + set pattern above). Map iteration order is insertion order
+            // in JS; the first key is the LRU one.
+            const oldestKey = this.records.keys().next().value;
+            if (oldestKey !== undefined) {
+                this.records.delete(oldestKey);
+            }
+        }
+        const record = {
+            key,
+            toolName,
+            argsSummary: summariseArgs(args),
+            firstDeniedAt: now,
+            lastDeniedAt: now,
+            count: 1,
+            lastReason: truncateReason(reason),
+        };
+        this.records.set(key, record);
+        return record;
+    }
+    /**
+     * Snapshot of every recorded denial. Returned in insertion order
+     * (LRU-ish: most-recently-touched at the tail). The caller MUST
+     * treat the array as read-only — mutating it does not affect state.
+     */
+    getDenialHistory() {
+        return Array.from(this.records.values()).map((r) => ({ ...r }));
+    }
+    /** Lookup the record for a specific (tool, args) pair, or undefined. */
+    getPatternFor(toolName, args) {
+        const argHash = canonicalArgHash(args);
+        const key = `${toolName}:${argHash}`;
+        const record = this.records.get(key);
+        return record ? { ...record } : undefined;
+    }
+    /**
+     * Aggregate counts — handy for `/doctor`, `/permissions denials`,
+     * and the system-reminder threshold check.
+     */
+    summary() {
+        let totalDenials = 0;
+        let repeatedPatterns = 0;
+        for (const record of this.records.values()) {
+            totalDenials += record.count;
+            if (record.count >= DENIAL_REMINDER_THRESHOLD)
+                repeatedPatterns += 1;
+        }
+        return {
+            totalDenials,
+            uniquePatterns: this.records.size,
+            repeatedPatterns,
+        };
+    }
+    /** Drop every recorded denial. Called on session end. */
+    clear() {
+        this.records.clear();
+    }
+    /** Number of distinct (tool, args) pairs currently tracked. */
+    size() {
+        return this.records.size;
+    }
+}
+/**
+ * Build the operator-facing system-reminder block. Returns an empty
+ * string when no record meets the threshold — the caller short-circuits
+ * the splice in that case.
+ *
+ * Rendered shape:
+ *
+ *   <denial-context>
+ *     - Tool `bash` denied 3 times in this session.
+ *       Last reason: HOOK_BLOCKED: PreToolUse refused (exit=1).
+ *       Args: {"command":"rm -rf node_modules"}
+ *       Do not retry without operator intervention.
+ *     - Tool `edit` denied 2 times in this session.
+ *       Last reason: STALE_READ: file changed since last read.
+ *       Args: {"path":"src/index.ts","oldString":"..."}
+ *       Do not retry without operator intervention.
+ *   </denial-context>
+ *
+ * Determinism: same snapshot always produces the same block. We sort
+ * entries by `count` descending then `lastDeniedAt` descending so the
+ * most-pressing patterns surface first.
+ */
+export function buildDenialContext(state) {
+    const records = state.getDenialHistory()
+        .filter((r) => r.count >= DENIAL_REMINDER_THRESHOLD)
+        .sort((a, b) => {
+        if (b.count !== a.count)
+            return b.count - a.count;
+        return b.lastDeniedAt.getTime() - a.lastDeniedAt.getTime();
+    });
+    if (records.length === 0)
+        return '';
+    const lines = ['<denial-context>'];
+    for (const record of records) {
+        lines.push(`  - Tool \`${record.toolName}\` denied ${record.count} times in this session.`);
+        lines.push(`    Last reason: ${record.lastReason}`);
+        lines.push(`    Args: ${record.argsSummary}`);
+        lines.push('    Do not retry without operator intervention.');
+    }
+    lines.push('</denial-context>');
+    return lines.join('\n');
+}
+/**
+ * Canonical sha256 of the args. Object keys are sorted recursively
+ * before stringification so `{a:1,b:2}` and `{b:2,a:1}` hash to the
+ * same value. Undefined values + functions are stripped (JSON.stringify
+ * already does this); circular refs throw — the caller is expected to
+ * pass plain JSON objects (every Pugi tool argument set is a JSON
+ * object by contract).
+ *
+ * Returns the full 64-char hex digest. The denial key prepends the
+ * tool name (`<tool>:<hash>`) so a hash collision across tools cannot
+ * confuse the matcher.
+ */
+export function canonicalArgHash(args) {
+    const canonical = canonicalize(args);
+    const hash = createHash('sha256');
+    hash.update(canonical);
+    return hash.digest('hex');
+}
+function canonicalize(value) {
+    if (value === null)
+        return 'null';
+    if (value === undefined)
+        return 'null';
+    const t = typeof value;
+    if (t === 'string')
+        return JSON.stringify(value);
+    if (t === 'number' || t === 'boolean')
+        return JSON.stringify(value);
+    if (t === 'bigint')
+        return JSON.stringify(value.toString());
+    if (Array.isArray(value)) {
+        return `[${value.map((entry) => canonicalize(entry)).join(',')}]`;
+    }
+    if (t === 'object') {
+        const obj = value;
+        const keys = Object.keys(obj).sort();
+        const parts = keys.map((k) => `${JSON.stringify(k)}:${canonicalize(obj[k])}`);
+        return `{${parts.join(',')}}`;
+    }
+    // Functions / symbols — neither should reach here for tool args.
+    // Stringify defensively so the hash is stable.
+    return JSON.stringify(String(value));
+}
+/**
+ * Short, operator-readable preview of the args object. Cap so a
+ * 32 KB write payload does not blow up the reminder block. Falls back
+ * к `[non-JSON args]` when stringification fails (e.g. a circular ref
+ * snuck through — unlikely for tool args by contract).
+ */
+function summariseArgs(args) {
+    let stringified;
+    try {
+        stringified = JSON.stringify(args);
+    }
+    catch {
+        return '[non-JSON args]';
+    }
+    if (stringified === undefined)
+        return '{}';
+    if (stringified.length <= DENIAL_ARGS_SUMMARY_BYTES)
+        return stringified;
+    return `${stringified.slice(0, DENIAL_ARGS_SUMMARY_BYTES)}…`;
+}
+/** Cap reason at a sane length so a hook script's stdout cannot flood the reminder. */
+function truncateReason(reason, cap = 240) {
+    if (reason.length <= cap)
+        return reason;
+    return `${reason.slice(0, cap)}…`;
+}
+//# sourceMappingURL=state.js.map

package/dist/core/diagnostics/probe-runner.js

@@ -0,0 +1,93 @@
+/**
+ * Probe runner — orchestrates a set of diagnostic probes in parallel
+ * with per-probe fail-isolation + a global wall-clock budget.
+ *
+ * Design contract:
+ *
+ *   - Probes are independent: one probe's throw or timeout NEVER stops
+ *     the others. The runner wraps each call in a try/catch + a
+ *     `Promise.race` against a timeout sentinel.
+ *
+ *   - Order preservation: the returned `probes[]` array preserves the
+ *     input order so the table renderer always lists rows in the same
+ *     sequence (operators rely on muscle memory: "auth is the first
+ *     row, api is the second").
+ *
+ *   - No I/O ownership: the runner owns ZERO file or network calls.
+ *     Every external dependency is injected via the probe function
+ *     itself. This keeps the test surface minimal and verifies the
+ *     fail-isolation contract without spinning real subprocesses.
+ *
+ *   - Crashes attributed to the probe: a probe that throws maps to a
+ *     synthetic `error` ProbeResult with the probe name + the error
+ *     message. A probe that exceeds the timeout becomes a synthetic
+ *     `warn` (timing out is asymmetric — the host is reachable but
+ *     slow).
+ *
+ *   - The aggregate `DoctorReport` shape comes straight from
+ *     `types.ts` so the doctor command + the Ink table renderer both
+ *     consume the same struct without any glue layer.
+ */
+import { computeOverall, countProbes, } from './types.js';
+/**
+ * Run a set of probes in parallel and produce a structured report.
+ * Never throws — every failure mode maps to a structured ProbeResult.
+ */
+export async function runProbes(probes, options = {}) {
+    const now = options.now ?? Date.now;
+    const defaultTimeoutMs = options.defaultTimeoutMs ?? 5_000;
+    const startedAt = now();
+    // Each probe is wrapped in a fail-isolation envelope.
+    const results = await Promise.all(probes.map(async (entry) => runOne(entry, defaultTimeoutMs)));
+    const overall = computeOverall(results);
+    const counts = countProbes(results);
+    const durationMs = now() - startedAt;
+    return {
+        probes: results,
+        overall,
+        counts,
+        durationMs,
+    };
+}
+async function runOne(entry, defaultTimeoutMs) {
+    const budget = entry.timeoutMs ?? defaultTimeoutMs;
+    try {
+        return await raceWithTimeout(entry, budget);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (error instanceof ProbeTimeoutError) {
+            return {
+                name: entry.name,
+                status: 'warn',
+                detail: `Probe timed out after ${budget}ms`,
+                remediation: 'Re-run later; the host or registry may be slow',
+            };
+        }
+        return {
+            name: entry.name,
+            status: 'error',
+            detail: `Probe crashed: ${message}`,
+        };
+    }
+}
+class ProbeTimeoutError extends Error {
+    constructor(name, budgetMs) {
+        super(`Probe ${name} exceeded ${budgetMs}ms`);
+        this.name = 'ProbeTimeoutError';
+    }
+}
+async function raceWithTimeout(entry, budgetMs) {
+    let timer;
+    const timeoutPromise = new Promise((_, reject) => {
+        timer = setTimeout(() => reject(new ProbeTimeoutError(entry.name, budgetMs)), budgetMs);
+    });
+    try {
+        return await Promise.race([entry.run(), timeoutPromise]);
+    }
+    finally {
+        if (timer !== undefined)
+            clearTimeout(timer);
+    }
+}
+//# sourceMappingURL=probe-runner.js.map

package/dist/core/diagnostics/probes/api.js

@@ -0,0 +1,46 @@
+/**
+ * API probe — verifies `api.pugi.io` (or the active apiUrl) is
+ * reachable WITHOUT requiring a valid auth token. The auth probe
+ * covers the credentialed path; this probe answers the orthogonal
+ * "is the network broken" question so the operator can disambiguate
+ * "I'm offline" from "my token is bad" without reading two probe
+ * details together.
+ *
+ * Success criteria: any HTTP response (including 401 unauthenticated)
+ * proves the host is reachable. A thrown fetch (DNS / TCP / TLS
+ * failure) is the only true failure mode.
+ */
+export async function probeApi(ctx, deps) {
+    const apiUrl = deps.resolveApiUrl(ctx.env);
+    const startedAt = deps.now();
+    try {
+        const response = await deps.fetchImpl(`${stripTrailingSlash(apiUrl)}/api/pugi/health`, {
+            method: 'GET',
+        });
+        const latencyMs = deps.now() - startedAt;
+        // Any HTTP response confirms the host is reachable. The auth probe
+        // is responsible for verdicting the 401 / 200 split — here we just
+        // confirm we can talk to the server.
+        return {
+            name: 'API',
+            status: 'ok',
+            detail: `${apiUrl} reachable (${response.status})`,
+            latencyMs,
+        };
+    }
+    catch (error) {
+        const latencyMs = deps.now() - startedAt;
+        const message = error instanceof Error ? error.message : String(error);
+        return {
+            name: 'API',
+            status: 'error',
+            detail: `Cannot reach ${apiUrl}`,
+            latencyMs,
+            remediation: `Check network or override with PUGI_API_URL: ${message}`,
+        };
+    }
+}
+function stripTrailingSlash(url) {
+    return url.endsWith('/') ? url.slice(0, -1) : url;
+}
+//# sourceMappingURL=api.js.map