npm - @r4-sdk/cli - Versions diffs - 1.0.0 → 1.0.1 - Mend

@r4-sdk/cli 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -196,7 +196,7 @@ The CLI now keeps profile state under one consistent root:
 ## Dependencies
-Uses the published `@r4-sdk/sdk` package under the hood for API communication. Built with Commander, Chalk, ora, and cli-table3.
+Uses the published `@r4-sdk/node` package under the hood for API communication. Built with Commander, Chalk, ora, and cli-table3.
 ## Development

package/lib/index.js CHANGED Viewed

@@ -303,12 +303,12 @@ function withErrorHandler(fn) {
 }
 // src/lib/config.ts
-import fs2 from "node:fs";
+import fs2 from "fs";
 // src/lib/profile-paths.ts
-import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
+import fs from "fs";
+import os from "os";
+import path from "path";
 function sanitizeProfileName(profileName) {
   const sanitized = profileName.trim().toLowerCase().replace(/[^a-z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
   return sanitized || "default";
@@ -539,7 +539,7 @@ function clearManagedProfileDirectory(profileName) {
 }
 // src/lib/credentials-store.ts
-import fs3 from "node:fs";
+import fs3 from "fs";
 function buildApiKeyFromParts(accessKey, secretKey) {
   if (!accessKey || !secretKey) {
     return void 0;
@@ -604,9 +604,9 @@ function clearProfileCredentials(profileName) {
 }
 // src/lib/private-key.ts
-import crypto from "node:crypto";
-import fs4 from "node:fs";
-import path2 from "node:path";
+import crypto from "crypto";
+import fs4 from "fs";
+import path2 from "path";
 function getDefaultPrivateKeyPath(profileName) {
   return getManagedPrivateKeyPath(profileName);
 }
@@ -1000,13 +1000,13 @@ import chalk3 from "chalk";
 import ora4 from "ora";
 // ../node/lib/index.js
-import { randomUUID } from "node:crypto";
-import path3 from "node:path";
-import crypto2 from "node:crypto";
-import fs5 from "node:fs";
-import path4 from "node:path";
-import fs22 from "node:fs";
-import path22 from "node:path";
+import { randomUUID } from "crypto";
+import path3 from "path";
+import crypto2 from "crypto";
+import fs5 from "fs";
+import path4 from "path";
+import fs22 from "fs";
+import path22 from "path";
 var R4Client = class {
   apiKey;
   baseUrl;
@@ -1037,8 +1037,10 @@ var R4Client = class {
     });
     if (!response.ok) {
       const errorBody = await response.json().catch(() => ({}));
-      const errorMessage = typeof errorBody.error?.message === "string" ? errorBody.error.message : `HTTP ${response.status}: ${response.statusText}`;
-      const errorCode = typeof errorBody.error?.code === "string" ? ` [${errorBody.error.code}]` : "";
+      const nestedError = typeof errorBody.error === "object" && errorBody.error !== null ? errorBody.error : null;
+      const topLevelMessage = Array.isArray(errorBody.message) ? errorBody.message.filter((item) => typeof item === "string").join("; ") : typeof errorBody.message === "string" ? errorBody.message : null;
+      const errorMessage = typeof nestedError?.message === "string" ? nestedError.message : topLevelMessage || (typeof errorBody.error === "string" ? errorBody.error : null) || `HTTP ${response.status}: ${response.statusText}`;
+      const errorCode = typeof nestedError?.code === "string" ? ` [${nestedError.code}]` : "";
       throw new Error(`R4 API Error${errorCode}: ${errorMessage}`);
     }
     if (response.status === 204) {
@@ -1179,7 +1181,8 @@ var R4Client = class {
   }
 };
 var TRANSPARENCY_WITNESS_PAYLOAD_PREFIX = "r4-transparency-witness-v1";
-var DEFAULT_TRANSPARENCY_WITNESS_URL = "https://transparency.r4.dev";
+var DEFAULT_TRANSPARENCY_WITNESS_URL = "https://transparency-prod.r4.dev";
+var DEV_TRANSPARENCY_WITNESS_URL = "https://transparency-dev.r4.dev";
 var TRANSPARENCY_WITNESS_ROOT_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA18JhILFiS/BOWR9laubW
 g2vepQy26BXAlnrscZZVQUzBBaCM4hWobpt3Nh77vxP0gqVAJXP1hVhPPwxGQnOF
@@ -1223,16 +1226,22 @@ function parseHostname(apiBaseUrl) {
     return null;
   }
 }
-var shouldUseDefaultTransparencyWitness = (apiBaseUrl) => {
+var resolveDefaultTransparencyWitnessBaseUrl = (apiBaseUrl) => {
   const hostname = parseHostname(apiBaseUrl);
-  return hostname === "r4.dev" || hostname === "api.r4.dev";
+  if (hostname === "r4.dev" || hostname === "api.r4.dev") {
+    return DEFAULT_TRANSPARENCY_WITNESS_URL;
+  }
+  if (hostname === "dev.r4.dev") {
+    return DEV_TRANSPARENCY_WITNESS_URL;
+  }
+  return null;
 };
 var resolveTransparencyWitnessBaseUrl = (params) => {
   const configuredBaseUrl = params.configuredBaseUrl?.trim();
   if (configuredBaseUrl) {
     return configuredBaseUrl;
   }
-  return shouldUseDefaultTransparencyWitness(params.apiBaseUrl) ? DEFAULT_TRANSPARENCY_WITNESS_URL : null;
+  return resolveDefaultTransparencyWitnessBaseUrl(params.apiBaseUrl);
 };
 var RSA_OAEP_CONFIG = {
   padding: crypto2.constants.RSA_PKCS1_OAEP_PADDING,
@@ -1521,7 +1530,13 @@ function verifyUserKeyDirectoryTransparencyProof(params) {
     return false;
   }
   if (params.currentEntry.version === params.previousHead.version) {
-    return params.currentEntry.entryHash === params.previousHead.hash && params.proof.entries.length === 0;
+    if (params.currentEntry.entryHash !== params.previousHead.hash) {
+      return false;
+    }
+    if (params.proof.entries.length === 0) {
+      return true;
+    }
+    return params.proof.entries.length === 1 && params.proof.entries[0]?.entryHash === params.currentEntry.entryHash && params.proof.entries[0]?.version === params.currentEntry.version;
   }
   if (params.proof.entries.length === 0) {
     return false;
@@ -1727,12 +1742,14 @@ function getPinStorageKey(orgId, orgUserId) {
   return `${orgId}:${orgUserId}`;
 }
 function getAgentPinStorageKey(orgId, agentId) {
+  void orgId;
   return `agent:${agentId}`;
 }
 function getDirectoryPinStorageKey(orgId) {
   return `org:${orgId}`;
 }
 function getAgentTransparencyPinStorageKey(orgId, agentId) {
+  void orgId;
   return `agent-head:${agentId}`;
 }
 async function fetchWitnessArtifact(witnessBaseUrl, pathName) {
@@ -2656,7 +2673,7 @@ var R4 = class _R4 {
     return 0;
   }
 };
-var src_default = R4;
+var index_default = R4;
 // src/lib/doctor.ts
 function getAgentIdFromRegistration(registration) {
@@ -2932,7 +2949,7 @@ async function runDoctorChecks(connection) {
     return report;
   }
   try {
-    const r4 = await src_default.create({
+    const r4 = await index_default.create({
       apiKey: connection.apiKey,
       baseUrl: connection.baseUrl,
       dev: connection.dev,
@@ -3048,8 +3065,8 @@ function doctorCommand(commandName = "doctor", description = "Verify CLI auth, r
 }
 // src/lib/credentials-file.ts
-import fs6 from "node:fs";
-import path5 from "node:path";
+import fs6 from "fs";
+import path5 from "path";
 function normalizeFieldName(fieldName) {
   return fieldName.trim().toLowerCase().replace(/[^a-z0-9]+/g, "");
 }
@@ -3380,8 +3397,8 @@ function cacheProfileIdentity(profileName, identity) {
 }
 // src/lib/prompt.ts
-import readline from "node:readline";
-import { Writable } from "node:stream";
+import readline from "readline";
+import { Writable } from "stream";
 var MutableOutput = class extends Writable {
   muted = false;
   _write(chunk, _encoding, callback) {
@@ -3860,7 +3877,7 @@ function logoutCommand() {
 import { Command as Command11 } from "commander";
 // src/lib/public-auth-client.ts
-import crypto3 from "node:crypto";
+import crypto3 from "crypto";
 var PublicAuthClient = class {
   baseUrl;
   constructor(baseUrl) {
@@ -4273,8 +4290,8 @@ import { Command as Command16 } from "commander";
 import ora10 from "ora";
 // src/lib/json-input.ts
-import fs7 from "node:fs";
-import path6 from "node:path";
+import fs7 from "fs";
+import path6 from "path";
 function parseJsonInput(params) {
   const bodyFlagName = params.bodyFlagName ?? "--body";
   const bodyFileFlagName = params.bodyFileFlagName ?? "--body-file";
@@ -4385,7 +4402,7 @@ function registerBudgetCommands(program2) {
 // src/commands/configure.ts
 import { Command as Command18 } from "commander";
-import fs8 from "node:fs";
+import fs8 from "fs";
 async function promptRuntimeTarget(existingProfile) {
   const defaultTarget = existingProfile.baseUrl ? "custom" : existingProfile.dev ? "dev" : "prod";
   const runtimeTarget = await promptChoice(
@@ -5035,7 +5052,7 @@ function createItemCommand() {
 // src/commands/vault/list.ts
 import { Command as Command32 } from "commander";
 import ora21 from "ora";
-import R42 from "@r4-sdk/sdk";
+import R42 from "@r4-sdk/node";
 function listCommand5() {
   return new Command32("list").description("List all locally decrypted environment variables").action(
     withErrorHandler(async (_opts, cmd) => {
@@ -5068,7 +5085,7 @@ import { Command as Command34 } from "commander";
 // src/commands/vault/items.ts
 import { Command as Command33 } from "commander";
 import ora22 from "ora";
-import R43 from "@r4-sdk/sdk";
+import R43 from "@r4-sdk/node";
 function deriveItems(env) {
   const keys = Object.keys(env).sort();
   return keys.map((key) => ({
@@ -5215,7 +5232,7 @@ function listVaultsCommand() {
 // src/commands/vault/get.ts
 import { Command as Command36 } from "commander";
 import ora24 from "ora";
-import R44 from "@r4-sdk/sdk";
+import R44 from "@r4-sdk/node";
 function getCommand2() {
   return new Command36("get").description("Get a specific locally decrypted environment variable value").argument("<key>", "Environment variable key (SCREAMING_SNAKE_CASE)").action(
     withErrorHandler(
@@ -5245,7 +5262,7 @@ function getCommand2() {
 // src/commands/vault/search.ts
 import { Command as Command37 } from "commander";
 import ora25 from "ora";
-import R45 from "@r4-sdk/sdk";
+import R45 from "@r4-sdk/node";
 function searchCommand() {
   return new Command37("search").description("Search vault items by name").argument("<query>", "Search query (case-insensitive match against key names)").action(
     withErrorHandler(
@@ -5418,7 +5435,7 @@ function getCommand3() {
 // src/commands/project/create.ts
 import { Command as Command41 } from "commander";
-import readline2 from "node:readline";
+import readline2 from "readline";
 import ora29 from "ora";
 function prompt(question) {
   const rl = readline2.createInterface({ input: process.stdin, output: process.stdout });
@@ -5499,9 +5516,9 @@ function registerProjectCommands(program2) {
 }
 // src/commands/run/index.ts
-import { spawn } from "node:child_process";
+import { spawn } from "child_process";
 import ora31 from "ora";
-import R46 from "@r4-sdk/sdk";
+import R46 from "@r4-sdk/node";
 function registerRunCommand(program2) {
   program2.command("run").description("Run a command with vault secrets injected as environment variables").argument("<command...>", "Command and arguments to execute").option("--prefix <prefix>", "Add prefix to all injected env var names").action(
     withErrorHandler(
@@ -5586,7 +5603,7 @@ function registerSecurityGroupCommands(program2) {
 // src/index.ts
 var program = new Command44();
-program.name("r4").description("R4 CLI \u2014 manage vaults, projects, and secrets from the terminal").version("1.0.0").option("--api-key <key>", "API key (overrides R4_API_KEY env var and config file)").option("--profile <name>", "CLI profile name (overrides R4_PROFILE and the saved current profile)").option("--project-id <id>", "Optional project ID filter (overrides R4_PROJECT_ID env var and config file)").option("--dev", "Use https://dev.r4.dev unless an explicit base URL override is set").option("--base-url <url>", "API base URL (default: https://r4.dev)").option("--private-key-path <path>", "Path to the agent private key PEM (overrides R4_PRIVATE_KEY_PATH env var and config file)").option("--trust-store-path <path>", "Path to the local signer trust-store JSON (overrides R4_TRUST_STORE_PATH env var and config file)").option("--json", "Output as JSON for scripting and piping", false);
+program.name("r4").description("R4 CLI \u2014 manage vaults, projects, and secrets from the terminal").version("1.0.1").option("--api-key <key>", "API key (overrides R4_API_KEY env var and config file)").option("--profile <name>", "CLI profile name (overrides R4_PROFILE and the saved current profile)").option("--project-id <id>", "Optional project ID filter (overrides R4_PROJECT_ID env var and config file)").option("--dev", "Use https://dev.r4.dev unless an explicit base URL override is set").option("--base-url <url>", "API base URL (default: https://r4.dev)").option("--private-key-path <path>", "Path to the agent private key PEM (overrides R4_PRIVATE_KEY_PATH env var and config file)").option("--trust-store-path <path>", "Path to the local signer trust-store JSON (overrides R4_TRUST_STORE_PATH env var and config file)").option("--json", "Output as JSON for scripting and piping", false);
 registerAgentCommands(program);
 registerAuthCommands(program);
 registerBillingCommands(program);