@relesio/cli 0.2.6 → 0.3.0

package/dist/commands/auth/login.js

@@ -1,82 +1,405 @@
+import os from "node:os";
 import { Command } from "commander";
 import inquirer from "inquirer";
+import open from "open";
 import ora from "ora";
 import chalk from "chalk";
 import { ConfigManager } from "../../lib/config/manager.js";
 import { RelesioAPIClient } from "../../lib/api/client.js";
+import { USER_AGENT } from "../../lib/version.js";
+/** RFC 8628 §3.5 error codes */
+export const DEVICE_ERROR = {
+    PENDING: "authorization_pending",
+    SLOW_DOWN: "slow_down",
+    DENIED: "access_denied",
+    EXPIRED: "expired_token"
+};
 export const loginCommand = new Command("login")
-    .description("Authenticate with API token")
+    .description("Authenticate with Relesio")
     .option("-t, --token <token>", "API token (or use RELESIO_API_TOKEN env var)")
     .action(async (options) => {
-    let token = options.token || process.env.RELESIO_API_TOKEN;
-    // If no token provided, prompt it
-    if (!token) {
-        const answers = await inquirer.prompt([
-            {
-                type: "password",
-                name: "token",
-                message: "Enter your API token:",
-                mask: "*",
-                validate: (input) => {
-                    if (!input || input.length === 0) {
-                        return "Token is required";
-                    }
-                    return true;
-                }
-            }
-        ]);
-        token = answers.token;
+    const token = options.token || process.env.RELESIO_API_TOKEN;
+    const config = ConfigManager.load();
+    if (token) {
+        await loginWithToken(token, config.apiBaseUrl);
+    }
+    else {
+        await loginWithDeviceFlow(config.apiBaseUrl);
     }
-    // Test token by making API call
+});
+// ---------- Token login (unchanged from original) ----------
+/** Exported for unit testing — not part of the public CLI API. */
+export async function loginWithToken(token, apiBaseUrl) {
     const spinner = ora("Validating token...").start();
     try {
-        const config = ConfigManager.load();
-        if (process.env.DEBUG) {
-            console.error(`\n[DEBUG] Login attempt:`);
-            console.error(`  API Base URL: ${config.apiBaseUrl}`);
-            console.error(`  Token (first 20 chars): ${token.substring(0, 20)}...`);
-        }
-        // Create a temporary client without auth to call /v1/api-token/me
-        const tempClient = new RelesioAPIClient(config.apiBaseUrl);
-        if (process.env.DEBUG) {
-            console.error(`\n[DEBUG] Calling /v1/api-token/me API...`);
-        }
-        // Validate API key and get full user context
+        const tempClient = new RelesioAPIClient(apiBaseUrl);
         const response = await tempClient.get("/v1/api-token/me", {
             headers: { "x-api-key": token },
             raw: true
         });
-        if (process.env.DEBUG) {
-            console.error(`\n[DEBUG] /v1/api-token/me response:`, JSON.stringify(response, null, 2));
-        }
-        // Save token and user info
-        ConfigManager.save({
-            apiToken: token,
-            userId: response.data.userId,
-            userEmail: response.data.email,
-            userName: response.data.name,
-            activeOrganizationId: response.data.activeOrganizationId,
-            activeOrganizationName: response.data.activeOrganizationName,
-            activeOrganizationSlug: response.data.activeOrganizationSlug,
-            // Legacy fields for backward compatibility
-            currentOrgId: response.data.activeOrganizationId,
-            currentOrgName: response.data.activeOrganizationName
-        });
+        const resolvedOrg = await saveAuthAndSelectOrg(token, response.data);
         spinner.succeed("Authentication successful!");
-        console.log(chalk.green("✓"), `Authenticated as ${response.data.email}`);
-        if (response.data.activeOrganizationId) {
-            console.log(chalk.green("✓"), `Active organization: ${response.data.activeOrganizationName} (${response.data.activeOrganizationSlug})`);
+        printSuccessMessage(response.data, resolvedOrg);
+    }
+    catch (error) {
+        spinner.fail("Authentication failed");
+        throw error;
+    }
+}
+// ---------- Device flow (RFC 8628) ----------
+/** Exported for unit testing — not part of the public CLI API. */
+export async function loginWithDeviceFlow(apiBaseUrl) {
+    // Step 1 — request device code
+    const spinner = ora("Requesting device code...").start();
+    let deviceCodeData;
+    try {
+        const res = await fetchWithTimeout(`${apiBaseUrl}/api/auth/device/code`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "User-Agent": USER_AGENT
+            },
+            body: JSON.stringify({ client_id: "relesio-cli" })
+        });
+        if (!res.ok) {
+            const body = await res.text();
+            throw new Error(`Failed to request device code (${res.status}): ${body}`);
         }
-        else {
-            console.log(chalk.yellow("⚠"), "No active organization set. Use 'relesio organizations set <org-id>' to set one.");
+        deviceCodeData = (await res.json());
+    }
+    catch (error) {
+        spinner.fail("Failed to initiate device flow");
+        throw error;
+    }
+    spinner.stop();
+    const { device_code, user_code, interval } = deviceCodeData;
+    const pollingIntervalMs = Math.max(interval ?? 5, 1) * 1000;
+    // Prefer server-provided verification URLs (RFC 8628), with a safe fallback
+    // for local/non-standard environments.
+    const frontendBase = deriveFrontendUrl(apiBaseUrl);
+    const displayUri = deviceCodeData.verification_uri || `${frontendBase}/device`;
+    const browserUri = deviceCodeData.verification_uri_complete
+        ? deviceCodeData.verification_uri_complete
+        : buildVerificationUri(displayUri, user_code);
+    // Step 2 — display instructions
+    console.log();
+    console.log(chalk.bold("  Browser authentication"));
+    console.log();
+    console.log(`  ${chalk.dim("First copy your one-time code:")} ${chalk.bold.white(user_code)}`);
+    console.log();
+    console.log(`  ${chalk.dim("Then open:")} ${chalk.cyan(displayUri)}`);
+    console.log();
+    // Step 3 — prompt to open browser (gh-style: user controls when browser opens)
+    await promptToOpenBrowser(browserUri, displayUri);
+    // Step 4 — poll for token (RFC 8628 §3.5)
+    const pollSpinner = ora("Waiting for browser approval...").start();
+    let accessToken;
+    let currentInterval = pollingIntervalMs;
+    // Client-side guard: stop polling slightly after the device code's expiresIn window.
+    // Floor at 60 s to protect against a malformed server response of 0.
+    const expiresIn = Math.max(deviceCodeData.expires_in ?? 1800, 60);
+    const deadline = Date.now() + (expiresIn + 30) * 1000;
+    // Skip the initial sleep so the first poll fires immediately — the user may
+    // have already approved by the time the browser opens.
+    let isFirstPoll = true;
+    try {
+        while (true) {
+            if (Date.now() > deadline) {
+                throw new Error("Device code expired (local timeout). Please run 'relesio auth login' again.");
+            }
+            if (!isFirstPoll) {
+                await sleep(currentInterval);
+            }
+            isFirstPoll = false;
+            let tokenRes;
+            try {
+                tokenRes = await fetchWithTimeout(`${apiBaseUrl}/api/auth/device/token`, {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/json",
+                        "User-Agent": USER_AGENT
+                    },
+                    body: JSON.stringify({
+                        grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+                        device_code,
+                        client_id: "relesio-cli"
+                    })
+                });
+            }
+            catch (fetchError) {
+                if (Date.now() > deadline) {
+                    throw fetchError;
+                }
+                pollSpinner.text =
+                    "Waiting for browser approval... (network issue, retrying)";
+                continue;
+            }
+            if (tokenRes.ok) {
+                const data = (await tokenRes.json());
+                if (!data.access_token) {
+                    throw new Error("Device authorization response missing access token");
+                }
+                accessToken = data.access_token;
+                break;
+            }
+            // Non-2xx — parse RFC 8628 error codes
+            const rawBody = await tokenRes.text();
+            let errorBody;
+            try {
+                errorBody = JSON.parse(rawBody);
+            }
+            catch {
+                throw new Error(`Unexpected token error (${tokenRes.status}): ${rawBody}`);
+            }
+            const errorCode = errorBody.error;
+            if (errorCode === DEVICE_ERROR.PENDING) {
+                // Normal — user hasn't approved yet
+                continue;
+            }
+            if (errorCode === DEVICE_ERROR.SLOW_DOWN) {
+                // Must add 5 seconds to the polling interval (RFC 8628 §3.5)
+                currentInterval += 5000;
+                pollSpinner.text = `Waiting for browser approval... (slowing down, next check in ${currentInterval / 1000}s)`;
+                continue;
+            }
+            if (errorCode === DEVICE_ERROR.DENIED) {
+                pollSpinner.fail("Device request denied.");
+                console.log(chalk.red("✖"), "The device request was denied in the browser.");
+                process.exit(1);
+            }
+            if (errorCode === DEVICE_ERROR.EXPIRED) {
+                pollSpinner.fail("Device code expired.");
+                console.log(chalk.red("✖"), "The device code expired. Please run 'relesio auth login' again.");
+                process.exit(1);
+            }
+            // Unexpected error
+            throw new Error(errorBody.error_description ??
+                errorBody.error ??
+                `Unexpected token error (${tokenRes.status})`);
         }
-        if (response.data.organizations.length > 1) {
-            console.log(chalk.blue("ℹ"), `You belong to ${response.data.organizations.length} organizations. Use --org flag to override context.`);
+    }
+    catch (error) {
+        pollSpinner.fail("Authentication failed during device flow");
+        throw error;
+    }
+    pollSpinner.succeed("Browser approved!");
+    // Step 5 — exchange access_token for a named rls_* API key
+    const keyName = `CLI - ${os.hostname()} - ${new Date().toISOString().slice(0, 10)}`;
+    const keySpinner = ora("Creating API key...").start();
+    let apiKey;
+    try {
+        const keyRes = await fetchWithTimeout(`${apiBaseUrl}/api/auth/api-key/create`, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "User-Agent": USER_AGENT,
+                Authorization: `Bearer ${accessToken}`
+            },
+            body: JSON.stringify({ name: keyName })
+        });
+        if (!keyRes.ok) {
+            const body = await keyRes.text();
+            keySpinner.fail("API key creation failed.");
+            console.log(chalk.red("✖"), "Device authorization succeeded but API key creation failed.");
+            console.log(chalk.dim(`  Server response (${keyRes.status}): ${body}`));
+            console.log(chalk.dim("  Please run 'relesio auth login' again."));
+            process.exit(1);
         }
-        console.log(chalk.dim("\nTip: Use 'relesio auth status' to view your authentication details"));
+        const keyData = (await keyRes.json());
+        apiKey = keyData.key;
     }
     catch (error) {
-        spinner.fail("Authentication failed");
+        keySpinner.fail("API key creation failed.");
+        console.log(chalk.red("✖"), "Device authorization succeeded but API key creation failed.");
+        console.log(chalk.dim(`  Error: ${String(error)}`));
+        console.log(chalk.dim("  Please run 'relesio auth login' again."));
+        process.exit(1);
+    }
+    // access_token is no longer needed — discard it
+    keySpinner.succeed("API key created");
+    // Step 6 — validate key and load user/org context (identical to --token path from here)
+    const validateSpinner = ora("Loading account info...").start();
+    try {
+        const tempClient = new RelesioAPIClient(apiBaseUrl);
+        const response = await tempClient.get("/v1/api-token/me", {
+            headers: { "x-api-key": apiKey },
+            raw: true
+        });
+        const resolvedOrg = await saveAuthAndSelectOrg(apiKey, response.data);
+        validateSpinner.succeed("Authentication successful!");
+        printSuccessMessage(response.data, resolvedOrg);
+    }
+    catch (error) {
+        validateSpinner.fail("Failed to load account info");
         throw error;
     }
-});
+}
+/**
+ * Org-selection logic applied after both device flow and --token login.
+ * Implements the logic from Technical Notes §9.
+ *
+ * Returns the resolved org values so the caller can display them without a
+ * second disk read. Exported for unit testing — not part of the public CLI API.
+ */
+export async function saveAuthAndSelectOrg(apiToken, data) {
+    let activeOrganizationId = data.activeOrganizationId;
+    let activeOrganizationName = data.activeOrganizationName;
+    let activeOrganizationSlug = data.activeOrganizationSlug;
+    if (!activeOrganizationId) {
+        if (data.organizations.length === 1) {
+            // Auto-select the only org
+            const org = data.organizations[0];
+            activeOrganizationId = org.id;
+            activeOrganizationName = org.name;
+            activeOrganizationSlug = org.slug;
+        }
+        else if (data.organizations.length > 1) {
+            // Prompt user to pick one
+            const { selectedOrgId } = await inquirer.prompt([
+                {
+                    type: "list",
+                    name: "selectedOrgId",
+                    message: "Select your active organization:",
+                    choices: data.organizations.map((org) => ({
+                        name: `${org.name} (${org.slug}) — ${org.role}`,
+                        value: org.id
+                    }))
+                }
+            ]);
+            const selected = data.organizations.find((o) => o.id === selectedOrgId);
+            if (selected) {
+                activeOrganizationId = selected.id;
+                activeOrganizationName = selected.name;
+                activeOrganizationSlug = selected.slug;
+            }
+        }
+        // If zero orgs: fall through — warning printed in printSuccessMessage
+    }
+    ConfigManager.save({
+        apiToken,
+        userId: data.userId,
+        userEmail: data.email,
+        userName: data.name,
+        activeOrganizationId,
+        activeOrganizationName,
+        activeOrganizationSlug,
+        // Legacy fields for backward compatibility
+        currentOrgId: activeOrganizationId,
+        currentOrgName: activeOrganizationName
+    });
+    return {
+        activeOrganizationId,
+        activeOrganizationName,
+        activeOrganizationSlug
+    };
+}
+function printSuccessMessage(data, resolvedOrg) {
+    console.log(chalk.green("✓"), `Authenticated as ${data.email}`);
+    if (resolvedOrg.activeOrganizationId) {
+        console.log(chalk.green("✓"), `Active organization: ${resolvedOrg.activeOrganizationName} (${resolvedOrg.activeOrganizationSlug})`);
+    }
+    else if (data.organizations.length === 0) {
+        console.log(chalk.yellow("⚠"), "No organization found. Use 'relesio organizations set <id>' once you join one.");
+    }
+    console.log(chalk.dim("\nTip: Use 'relesio auth status' to view your authentication details"));
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+const BROWSER_PROMPT_TIMEOUT_MS = 60_000;
+/**
+ * Prompts the user to press Enter before opening the browser (gh auth login style).
+ * In non-interactive environments (CI, pipes, tests) the prompt is skipped and
+ * the URL is printed for manual use — no browser is opened automatically.
+ * Times out after 60 s and falls back to printing the URL.
+ */
+async function promptToOpenBrowser(browserUri, displayUri) {
+    if (!process.stdin.isTTY) {
+        // Non-interactive: just print the URL, don't open or block
+        console.log(chalk.dim(`  Open manually: ${displayUri}`));
+        console.log();
+        return;
+    }
+    await new Promise((resolve) => {
+        process.stdout.write(`  ${chalk.dim("Press")} ${chalk.bold("Enter")} ${chalk.dim("to open the browser, or")} ${chalk.bold("q")} ${chalk.dim("+ Enter to skip...")}`);
+        const cleanup = (openBrowser) => {
+            clearTimeout(timer);
+            process.stdin.removeListener("data", onData);
+            process.stdin.setRawMode?.(false);
+            process.stdin.pause();
+            console.log();
+            if (openBrowser) {
+                open(browserUri).catch(() => {
+                    console.log(chalk.yellow("⚠"), "Could not open browser automatically.");
+                    console.log(chalk.dim(`  Open manually: ${displayUri}`));
+                });
+            }
+            else {
+                console.log(chalk.dim(`  Open manually: ${displayUri}`));
+            }
+            resolve();
+        };
+        const timer = setTimeout(() => {
+            console.log();
+            console.log(chalk.yellow("⚠"), "Timed out waiting for input.");
+            cleanup(false);
+        }, BROWSER_PROMPT_TIMEOUT_MS);
+        const onData = (chunk) => {
+            const input = chunk.toString().trim().toLowerCase();
+            cleanup(input !== "q");
+        };
+        process.stdin.resume();
+        process.stdin.setRawMode?.(true);
+        process.stdin.once("data", onData);
+    });
+    console.log();
+}
+function buildVerificationUri(displayUri, userCode) {
+    try {
+        const url = new URL(displayUri);
+        url.searchParams.set("user_code", userCode);
+        return url.toString();
+    }
+    catch {
+        return `${displayUri}?user_code=${encodeURIComponent(userCode)}`;
+    }
+}
+function fetchWithTimeout(url, init, timeoutMs = 15_000) {
+    const controller = new AbortController();
+    const id = setTimeout(() => controller.abort(), timeoutMs);
+    return fetch(url, { ...init, signal: controller.signal }).finally(() => clearTimeout(id));
+}
+/**
+ * Maps an API base URL to its corresponding dashboard (frontend) URL.
+ *
+ * Used by the device flow to derive the correct dashboard domain from
+ * RELESIO_API_URL, independent of what FRONTEND_URL the API server is
+ * configured with.
+ *
+ * Exported for unit testing — not part of the public CLI API.
+ */
+export function deriveFrontendUrl(apiBaseUrl) {
+    const envOverride = process.env.FRONTEND_URL;
+    if (envOverride) {
+        try {
+            new URL(envOverride);
+            return envOverride.replace(/\/$/, "");
+        }
+        catch {
+            /* fall through */
+        }
+    }
+    try {
+        const { hostname, protocol } = new URL(apiBaseUrl);
+        if (hostname === "api.relesio.com")
+            return "https://relesio.com";
+        if (hostname === "api-stage.relesio.com")
+            return "https://stage.relesio.com";
+        if (hostname === "localhost" || hostname === "127.0.0.1")
+            return `${protocol}//localhost:3000`;
+        return apiBaseUrl;
+    }
+    catch {
+        return apiBaseUrl;
+    }
+}

package/dist/commands/environments/create.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const createEnvironmentCommand: Command;

package/dist/commands/environments/create.js

@@ -0,0 +1,53 @@
+import { Command } from "commander";
+import ora from "ora";
+import { RelesioAPIClient } from "../../lib/api/client.js";
+import { ConfigManager } from "../../lib/config/manager.js";
+import { createEnvironment } from "../../lib/api/environments.js";
+import { handleError } from "../../lib/errors/handler.js";
+export const createEnvironmentCommand = new Command("create")
+    .description("Create a new environment")
+    .requiredOption("--name <name>", "Environment name")
+    .requiredOption("--slug <slug>", "Environment slug (lowercase alphanumeric and hyphens)")
+    .option("--production", "Mark as a production environment", false)
+    .option("--json", "Output as JSON")
+    .action(async (options, command) => {
+    const spinner = ora("Creating environment...").start();
+    try {
+        const config = ConfigManager.load();
+        if (!config.apiToken) {
+            spinner.fail("Not authenticated. Run 'relesio auth login' first.");
+            process.exit(1);
+        }
+        const orgId = command.parent?.opts().org || config.activeOrganizationId;
+        if (!orgId) {
+            spinner.fail("No organization context. Use --org flag, set RELESIO_ORG_ID, or run 'relesio organizations set <org-id>'");
+            process.exit(1);
+        }
+        const slugPattern = /^[a-z0-9-]+$/;
+        if (!slugPattern.test(options.slug)) {
+            spinner.fail("Invalid slug. Must be lowercase alphanumeric characters and hyphens only.");
+            process.exit(1);
+        }
+        const client = new RelesioAPIClient(config.apiBaseUrl, config.apiToken);
+        const environment = await createEnvironment(client, {
+            name: options.name,
+            slug: options.slug,
+            isProduction: options.production
+        });
+        spinner.stop();
+        if (options.json) {
+            console.log(JSON.stringify({ environment }, null, 2));
+            return;
+        }
+        console.log(`\n✅ Environment created successfully!\n`);
+        console.log(`  ID:         ${environment.id}`);
+        console.log(`  Name:       ${environment.name}`);
+        console.log(`  Slug:       ${environment.slug}`);
+        console.log(`  Type:       ${environment.isProduction ? "Production" : "Staging"}`);
+        console.log(`  Created:    ${new Date(environment.createdAt).toLocaleString()}`);
+    }
+    catch (error) {
+        spinner.fail("Failed to create environment");
+        handleError(error);
+    }
+});

package/dist/commands/environments/get.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const getEnvironmentCommand: Command;

package/dist/commands/environments/get.js

@@ -0,0 +1,65 @@
+import { Command } from "commander";
+import ora from "ora";
+import { RelesioAPIClient } from "../../lib/api/client.js";
+import { ConfigManager } from "../../lib/config/manager.js";
+import { getEnvironment } from "../../lib/api/environments.js";
+import { formatTable } from "../../lib/output/table.js";
+import { handleError } from "../../lib/errors/handler.js";
+export const getEnvironmentCommand = new Command("get")
+    .description("Get environment details with deployment history")
+    .argument("<environmentId>", "Environment ID (UUID)")
+    .option("--history-limit <number>", "Number of recent deployments to show", "10")
+    .option("--json", "Output as JSON")
+    .action(async (environmentId, options, command) => {
+    const spinner = ora("Loading environment...").start();
+    try {
+        const config = ConfigManager.load();
+        if (!config.apiToken) {
+            spinner.fail("Not authenticated. Run 'relesio auth login' first.");
+            process.exit(1);
+        }
+        const orgId = command.parent?.opts().org || config.activeOrganizationId;
+        if (!orgId) {
+            spinner.fail("No organization context. Use --org flag, set RELESIO_ORG_ID, or run 'relesio organizations set <org-id>'");
+            process.exit(1);
+        }
+        const client = new RelesioAPIClient(config.apiBaseUrl, config.apiToken);
+        const details = await getEnvironment(client, environmentId, {
+            limit: Number(options.historyLimit)
+        });
+        spinner.stop();
+        if (options.json) {
+            console.log(JSON.stringify(details, null, 2));
+            return;
+        }
+        const { environment, recentDeployments } = details;
+        console.log(`\n🌍 Environment: ${environment.name}\n`);
+        console.log(`  ID:       ${environment.id}`);
+        console.log(`  Slug:     ${environment.slug}`);
+        console.log(`  Type:     ${environment.isProduction ? "Production" : "Staging"}`);
+        console.log(`  Created:  ${new Date(environment.createdAt).toLocaleString()}`);
+        console.log(`  Updated:  ${new Date(environment.updatedAt).toLocaleString()}`);
+        if (recentDeployments.length === 0) {
+            console.log("\n  No deployments yet.");
+            return;
+        }
+        console.log(`\n📦 Recent Deployments (${recentDeployments.length}):\n`);
+        console.log(formatTable([
+            "Version",
+            "Deployed At",
+            "Deployed By",
+            "Branch",
+            "Git SHA"
+        ], recentDeployments.map((d) => [
+            d.version,
+            new Date(d.deployedAt).toLocaleString(),
+            d.deployedBy,
+            d.gitBranch ?? "—",
+            d.gitSha ? d.gitSha.substring(0, 7) : "—"
+        ])));
+    }
+    catch (error) {
+        spinner.fail("Failed to get environment");
+        handleError(error);
+    }
+});

package/dist/commands/environments/index.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const environmentsCommand: Command;

package/dist/commands/environments/index.js

@@ -0,0 +1,12 @@
+import { Command } from "commander";
+import { listEnvironmentsCommand } from "./list.js";
+import { createEnvironmentCommand } from "./create.js";
+import { getEnvironmentCommand } from "./get.js";
+import { updateEnvironmentCommand } from "./update.js";
+export const environmentsCommand = new Command("environments")
+    .alias("env")
+    .description("Manage environments")
+    .addCommand(listEnvironmentsCommand)
+    .addCommand(createEnvironmentCommand)
+    .addCommand(getEnvironmentCommand)
+    .addCommand(updateEnvironmentCommand);

package/dist/commands/environments/list.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const listEnvironmentsCommand: Command;

package/dist/commands/environments/list.js

@@ -0,0 +1,54 @@
+import { Command } from "commander";
+import ora from "ora";
+import { RelesioAPIClient } from "../../lib/api/client.js";
+import { ConfigManager } from "../../lib/config/manager.js";
+import { listEnvironments } from "../../lib/api/environments.js";
+import { formatTable } from "../../lib/output/table.js";
+import { handleError } from "../../lib/errors/handler.js";
+export const listEnvironmentsCommand = new Command("list")
+    .description("List all environments in your organization")
+    .option("--limit <number>", "Number of environments to return", "20")
+    .option("--offset <number>", "Offset for pagination", "0")
+    .option("--json", "Output as JSON")
+    .action(async (options, command) => {
+    const spinner = ora("Loading environments...").start();
+    try {
+        const config = ConfigManager.load();
+        if (!config.apiToken) {
+            spinner.fail("Not authenticated. Run 'relesio auth login' first.");
+            process.exit(1);
+        }
+        const orgId = command.parent?.opts().org || config.activeOrganizationId;
+        if (!orgId) {
+            spinner.fail("No organization context. Use --org flag, set RELESIO_ORG_ID, or run 'relesio organizations set <org-id>'");
+            process.exit(1);
+        }
+        const client = new RelesioAPIClient(config.apiBaseUrl, config.apiToken);
+        const { environments, count } = await listEnvironments(client, {
+            limit: Number(options.limit),
+            offset: Number(options.offset)
+        });
+        spinner.stop();
+        if (options.json) {
+            console.log(JSON.stringify({ environments, count }, null, 2));
+            return;
+        }
+        if (environments.length === 0) {
+            console.log("\n✨ No environments yet. Create one with:");
+            console.log("   relesio environments create --name Production --slug production --production");
+            return;
+        }
+        console.log(`\n🌍 Environments (${count}):\n`);
+        console.log(formatTable(["Name", "Slug", "Type", "Current Version", "Created"], environments.map((e) => [
+            e.name,
+            e.slug,
+            e.isProduction ? "Production" : "Staging",
+            e.currentDeployment?.version ?? "—",
+            new Date(e.createdAt).toLocaleDateString()
+        ])));
+    }
+    catch (error) {
+        spinner.fail("Failed to list environments");
+        handleError(error);
+    }
+});

package/dist/commands/environments/update.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const updateEnvironmentCommand: Command;