@selvajs/cli 2.0.0

package/src/commands/doctor.js

@@ -0,0 +1,268 @@
+// `selva doctor` — validate a deployment without starting it.
+//
+// Checks:
+//   • .env exists and has the required keys for the chosen providers
+//   • Secrets are present and look like 32-byte hex
+//   • DATA_PATH writable (when local provider is in use)
+//   • Supabase URL reachable (when supabase provider is in use)
+//   • @selvajs/selva + chosen provider packages installed
+//   • Origin set when behind a reverse proxy looks set
+//
+// Exits 0 (green) or 1 (any red); yellow checks don't fail the run.
+
+import { existsSync, accessSync, constants, statSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+import * as p from '@clack/prompts';
+import pc from 'picocolors';
+import { readEnvFile } from '../env.js';
+import { requireDeploymentDir, resolveDeploymentDir } from '../paths.js';
+
+const HEX_64 = /^[0-9a-f]{64}$/i;
+const PLACEHOLDER = 'replace-this-with-a-random-32-byte-hex-key';
+
+export async function runDoctor() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+
+	p.intro(pc.bgCyan(pc.black(' selva doctor ')));
+
+	const checks = [];
+	const env = readEnvFile(join(dir, '.env'));
+
+	// ── Files ──────────────────────────────────────────────────────────
+	checks.push(checkFile(join(dir, '.env'), '.env present'));
+	checks.push(checkFile(join(dir, 'selva.config.js'), 'selva.config.js present'));
+	checks.push(checkFile(join(dir, 'ecosystem.config.cjs'), 'ecosystem.config.cjs present'));
+
+	// ── Secrets ────────────────────────────────────────────────────────
+	checks.push(checkSecret(env.SELVA_HMAC_KEY, 'SELVA_HMAC_KEY is a 32-byte hex string'));
+	checks.push(checkSecret(env.SELVA_AT_REST_KEY, 'SELVA_AT_REST_KEY is a 32-byte hex string'));
+
+	// ── Provider wiring ────────────────────────────────────────────────
+	// `header` is only valid for the auth slot — data/storage stay
+	// local|supabase. Mirror what selva.config.ts enforces.
+	const providers = {
+		auth: (env.SELVA_AUTH_PROVIDER ?? 'local').toLowerCase(),
+		data: (env.SELVA_DATA_PROVIDER ?? 'local').toLowerCase(),
+		storage: (env.SELVA_STORAGE_PROVIDER ?? 'local').toLowerCase()
+	};
+
+	const validForAuth = new Set(['local', 'supabase', 'header']);
+	const validForData = new Set(['local', 'supabase']);
+
+	if (!validForAuth.has(providers.auth)) {
+		checks.push(red(`SELVA_AUTH_PROVIDER="${providers.auth}" — expected local|supabase|header`));
+	}
+	if (!validForData.has(providers.data)) {
+		checks.push(red(`SELVA_DATA_PROVIDER="${providers.data}" — expected local|supabase`));
+	}
+	if (!validForData.has(providers.storage)) {
+		checks.push(red(`SELVA_STORAGE_PROVIDER="${providers.storage}" — expected local|supabase`));
+	}
+
+	const used = new Set(Object.values(providers));
+
+	if (used.has('local')) {
+		checks.push(checkDataPath(dir, env.DATA_PATH ?? './.selva-data'));
+	}
+
+	if (used.has('supabase')) {
+		checks.push(checkSupabase(env));
+	}
+
+	if (providers.auth === 'header') {
+		checks.push(...checkHeaderAuth(dir, env, providers.data));
+	}
+
+	// ── Tenancy ────────────────────────────────────────────────────────
+	const tenancy = (env.SELVA_TENANCY ?? 'single').toLowerCase();
+	if (tenancy !== 'single' && tenancy !== 'multi') {
+		checks.push(red(`SELVA_TENANCY="${tenancy}" — expected single|multi`));
+	} else {
+		checks.push(green(`SELVA_TENANCY=${tenancy}`));
+	}
+
+	// ── Installed packages ─────────────────────────────────────────────
+	checks.push(checkPackage(dir, '@selvajs/selva'));
+	if (used.has('local')) checks.push(checkPackage(dir, '@selvajs/local-provider'));
+	if (used.has('supabase')) checks.push(checkPackage(dir, '@selvajs/supabase-provider'));
+	if (used.has('header')) checks.push(checkPackage(dir, '@selvajs/header-auth-provider'));
+
+	// ── Origin (best-effort) ───────────────────────────────────────────
+	if (env.ORIGIN) {
+		try {
+			new URL(env.ORIGIN);
+			checks.push(green(`ORIGIN=${env.ORIGIN}`));
+		} catch {
+			checks.push(red(`ORIGIN="${env.ORIGIN}" is not a valid URL`));
+		}
+	} else {
+		checks.push(yellow('ORIGIN unset — required behind a reverse proxy'));
+	}
+
+	// ── Render ─────────────────────────────────────────────────────────
+	let failures = 0;
+	for (const c of await Promise.all(checks)) {
+		console.log('  ' + c.line);
+		if (c.severity === 'red') failures += 1;
+	}
+
+	if (failures === 0) {
+		p.outro(pc.green('All checks passed.'));
+	} else {
+		p.outro(pc.red(`${failures} check${failures === 1 ? '' : 's'} failed.`));
+		process.exit(1);
+	}
+}
+
+function green(text) {
+	return { severity: 'green', line: `${pc.green('✓')} ${text}` };
+}
+function yellow(text) {
+	return { severity: 'yellow', line: `${pc.yellow('!')} ${text}` };
+}
+function red(text) {
+	return { severity: 'red', line: `${pc.red('✗')} ${text}` };
+}
+
+function checkFile(path, label) {
+	return existsSync(path) ? green(label) : red(`${label} (missing: ${path})`);
+}
+
+function checkSecret(value, label) {
+	if (!value) return red(`${label} — unset`);
+	if (value === PLACEHOLDER) return red(`${label} — still the placeholder`);
+	if (!HEX_64.test(value)) return red(`${label} — not 64 hex chars`);
+	return green(label);
+}
+
+function checkDataPath(dir, dataPath) {
+	const absolute = resolve(dir, dataPath);
+	try {
+		if (existsSync(absolute)) {
+			const stat = statSync(absolute);
+			if (!stat.isDirectory()) {
+				return red(`DATA_PATH=${dataPath} exists but isn't a directory`);
+			}
+			accessSync(absolute, constants.W_OK);
+			return green(`DATA_PATH=${dataPath} (writable)`);
+		}
+		// Parent must be writable so the runtime can create the directory.
+		const parent = resolve(absolute, '..');
+		if (!existsSync(parent)) {
+			return yellow(`DATA_PATH=${dataPath} doesn't exist yet (parent missing: ${parent})`);
+		}
+		accessSync(parent, constants.W_OK);
+		return yellow(`DATA_PATH=${dataPath} doesn't exist yet — will be created on first run`);
+	} catch {
+		return red(`DATA_PATH=${dataPath} not writable`);
+	}
+}
+
+async function checkSupabase(env) {
+	if (!env.SUPABASE_URL) return red('SUPABASE_URL unset');
+	if (!env.SUPABASE_ANON_KEY) return red('SUPABASE_ANON_KEY unset');
+	if (!env.SUPABASE_SERVICE_ROLE_KEY) return red('SUPABASE_SERVICE_ROLE_KEY unset');
+
+	try {
+		new URL(env.SUPABASE_URL);
+	} catch {
+		return red(`SUPABASE_URL="${env.SUPABASE_URL}" is not a valid URL`);
+	}
+
+	// Ping the Supabase health endpoint. Soft-fail to yellow on network
+	// errors — operators may be offline at install time.
+	try {
+		const controller = new AbortController();
+		const timer = setTimeout(() => controller.abort(), 4000);
+		const res = await fetch(env.SUPABASE_URL + '/auth/v1/health', {
+			signal: controller.signal
+		});
+		clearTimeout(timer);
+		if (res.ok) return green(`SUPABASE_URL reachable (${res.status})`);
+		return yellow(`SUPABASE_URL responded ${res.status} — check project status`);
+	} catch (err) {
+		return yellow(`SUPABASE_URL unreachable (${err.message ?? err}) — skipping`);
+	}
+}
+
+function checkPackage(dir, name) {
+	const path = join(dir, 'node_modules', ...name.split('/'), 'package.json');
+	if (!existsSync(path)) return red(`${name} not installed (run npm install)`);
+	return green(`${name} installed`);
+}
+
+// Header-auth-specific sanity checks. None of these catch the truly dangerous
+// misconfigurations (header spoofing, missing proxy auth) — those are
+// runtime invariants we can't verify from here. We DO check the things we can:
+// allowlist file presence, HOST binding, ORIGIN, and logout URL.
+function checkHeaderAuth(dir, env, dataProvider) {
+	const out = [];
+
+	// 1. Where does header-allowlist.json live?
+	const allowlistDir = env.HEADER_AUTH_DATA_DIR ?? env.DATA_PATH;
+	if (!allowlistDir) {
+		out.push(red('HEADER_AUTH_DATA_DIR (or DATA_PATH) unset — provider will fail to start'));
+	} else {
+		const allowlistPath = resolve(dir, allowlistDir, 'header-allowlist.json');
+		if (existsSync(allowlistPath)) {
+			out.push(green(`header-allowlist.json present (${allowlistDir}/header-allowlist.json)`));
+		} else {
+			// The provider creates it lazily, but a fresh deployment with no
+			// allowlisted UPNs locks everyone out — surface this so the
+			// operator knows to bootstrap.
+			out.push(
+				yellow(
+					`header-allowlist.json not found at ${allowlistDir}/ — no users will be allowed in until one is added`
+				)
+			);
+		}
+	}
+
+	// 2. HOST binding. Loopback is strongly recommended for header-auth.
+	const host = env.HOST ?? '0.0.0.0';
+	if (host === '127.0.0.1' || host === 'localhost') {
+		out.push(green(`HOST=${host} (loopback-only)`));
+	} else {
+		out.push(
+			yellow(
+				`HOST=${host} — header-auth deployments should bind to 127.0.0.1 unless ` +
+					`network isolation is enforced elsewhere (firewall, Docker network).`
+			)
+		);
+	}
+
+	// 3. ORIGIN — header-auth implies a reverse proxy, so ORIGIN is required.
+	if (!env.ORIGIN) {
+		out.push(red('ORIGIN unset — required for header-auth (always behind a proxy)'));
+	}
+
+	// 4. If data provider isn't local, the allowlist file is the ONLY local
+	// state — make sure the operator picked an explicit dir, not the
+	// fall-through DATA_PATH which may not be set.
+	if (dataProvider !== 'local' && !env.HEADER_AUTH_DATA_DIR) {
+		out.push(
+			red(
+				'HEADER_AUTH_DATA_DIR must be set when data provider is not local ' +
+					'(no DATA_PATH to fall back to)'
+			)
+		);
+	}
+
+	// 5. Bootstrap admin email. Without it, the first proxy-authenticated
+	// visitor's UPN is rejected (not in allowlist) and the operator has to
+	// hand-write JSON to claim admin. With it, the first matching visit is
+	// auto-allowlisted and granted instance_admin in one step.
+	if (!env.BOOTSTRAP_INSTANCE_ADMIN_EMAIL) {
+		out.push(
+			red(
+				'BOOTSTRAP_INSTANCE_ADMIN_EMAIL unset — header-auth has no /setup form, ' +
+					'so without this you cannot claim admin on first visit.'
+			)
+		);
+	} else {
+		out.push(green(`BOOTSTRAP_INSTANCE_ADMIN_EMAIL=${env.BOOTSTRAP_INSTANCE_ADMIN_EMAIL}`));
+	}
+
+	return out;
+}

package/src/commands/init.js

@@ -0,0 +1,76 @@
+// `selva init` — reconfigure an existing deployment.
+//
+// Differences from `create`:
+//   • Reads current .env values; uses them as prompt defaults.
+//   • Never regenerates SELVA_HMAC_KEY / SELVA_AT_REST_KEY if they're set.
+//     Rotating those invalidates sessions and at-rest encryption — that's
+//     `selva keys rotate`'s job, not init's.
+//   • Doesn't touch package.json or run npm install.
+
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import * as p from '@clack/prompts';
+import pc from 'picocolors';
+import { collectConfig } from '../prompts.js';
+import { readEnvFile, writeEnvFile } from '../env.js';
+import { generateKey } from '../secrets.js';
+import { requireDeploymentDir, resolveDeploymentDir } from '../paths.js';
+
+export async function runInit() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+
+	const envPath = join(dir, '.env');
+	const current = readEnvFile(envPath);
+	const values = await collectConfig({ defaults: current, mode: 'init' });
+
+	// Preserve secrets. The only safe time to generate them is at install
+	// time (no sessions to invalidate, no encrypted data to lose). If the
+	// existing .env doesn't have them — which can happen if a previous
+	// scaffold bailed mid-flight — generate now and warn.
+	if (
+		current.SELVA_HMAC_KEY &&
+		current.SELVA_HMAC_KEY !== 'replace-this-with-a-random-32-byte-hex-key'
+	) {
+		values.SELVA_HMAC_KEY = current.SELVA_HMAC_KEY;
+	} else {
+		values.SELVA_HMAC_KEY = generateKey();
+		p.log.warn('SELVA_HMAC_KEY was missing — generated a fresh one.');
+	}
+
+	if (
+		current.SELVA_AT_REST_KEY &&
+		current.SELVA_AT_REST_KEY !== 'replace-this-with-a-random-32-byte-hex-key'
+	) {
+		values.SELVA_AT_REST_KEY = current.SELVA_AT_REST_KEY;
+	} else {
+		values.SELVA_AT_REST_KEY = generateKey();
+		p.log.warn('SELVA_AT_REST_KEY was missing — generated a fresh one.');
+	}
+
+	// Use whatever .env.example shipped with the installed runtime as the
+	// canonical template. Falls back to the current .env if the runtime
+	// templates aren't present (shouldn't happen post-install).
+	const templatePath = join(
+		dir,
+		'node_modules',
+		'@selvajs',
+		'selva',
+		'templates',
+		'.env.example'
+	);
+	const template = existsSync(templatePath)
+		? readFileSync(templatePath, 'utf8')
+		: existsSync(envPath)
+			? readFileSync(envPath, 'utf8')
+			: '';
+
+	writeEnvFile(envPath, template, values);
+
+	p.outro(
+		[
+			pc.green('Updated ' + pc.cyan(envPath)),
+			pc.dim('Restart with: ') + pc.cyan('selva restart')
+		].join('\n')
+	);
+}

package/src/commands/keys.js

@@ -0,0 +1,93 @@
+// `selva keys rotate <hmac|at-rest>` — generate a fresh secret and write it
+// back to .env. Refuses without an explicit confirm; what gets invalidated is
+// not subtle.
+//
+//   hmac     — SELVA_HMAC_KEY (HMAC-SHA256). Rotating logs every user out
+//              (cookie sessions stop verifying) and breaks any share-link /
+//              invite tokens that fell back to it (only relevant when
+//              SHARE_LINK_SECRET / INVITE_TOKEN_SECRET are unset — those have
+//              their own rotation cycle).
+//
+//   at-rest  — SELVA_AT_REST_KEY (AES-256-GCM). The encrypted Rhino.Compute
+//              API key in compute.config.json becomes undecryptable. The
+//              operator has to re-enter the key at /admin/compute.
+
+import { readFileSync, existsSync } from 'node:fs';
+import { join } from 'node:path';
+import * as p from '@clack/prompts';
+import pc from 'picocolors';
+import { readEnvFile, writeEnvFile } from '../env.js';
+import { generateKey } from '../secrets.js';
+import { requireDeploymentDir, resolveDeploymentDir } from '../paths.js';
+
+const TARGETS = {
+	hmac: {
+		envVar: 'SELVA_HMAC_KEY',
+		warning: [
+			'This will:',
+			pc.red('  • log every signed-in user out (existing session cookies stop verifying)'),
+			pc.red('  • invalidate share-link and invite tokens that fell back to this key'),
+			pc.dim('    (only relevant when SHARE_LINK_SECRET / INVITE_TOKEN_SECRET are unset)')
+		].join('\n')
+	},
+	'at-rest': {
+		envVar: 'SELVA_AT_REST_KEY',
+		warning: [
+			'This will:',
+			pc.red('  • make the encrypted Rhino.Compute API key undecryptable'),
+			pc.red('  • require re-entering the API key at /admin/compute'),
+			pc.dim('    (other data is plaintext on disk — only the compute API key is encrypted)')
+		].join('\n')
+	}
+};
+
+export async function runKeysRotate(argv) {
+	const target = argv[0];
+	if (!target || !(target in TARGETS)) {
+		console.error(`Usage: selva keys rotate <hmac|at-rest>`);
+		process.exit(1);
+	}
+
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+
+	const { envVar, warning } = TARGETS[target];
+	const envPath = join(dir, '.env');
+	const current = readEnvFile(envPath);
+
+	p.intro(pc.bgYellow(pc.black(` rotate ${envVar} `)));
+	p.note(warning, 'Blast radius');
+
+	const confirmed = await p.confirm({
+		message: `Rotate ${envVar}?`,
+		initialValue: false
+	});
+	if (p.isCancel(confirmed) || !confirmed) {
+		p.cancel('Cancelled.');
+		return;
+	}
+
+	const fresh = generateKey();
+	current[envVar] = fresh;
+
+	const templatePath = join(
+		dir,
+		'node_modules',
+		'@selvajs',
+		'selva',
+		'templates',
+		'.env.example'
+	);
+	const template = existsSync(templatePath)
+		? readFileSync(templatePath, 'utf8')
+		: readFileSync(envPath, 'utf8');
+
+	writeEnvFile(envPath, template, current);
+
+	p.outro(
+		[
+			pc.green(`${envVar} rotated.`),
+			pc.dim('Restart the app to apply: ') + pc.cyan('selva restart')
+		].join('\n')
+	);
+}

package/src/commands/pm2.js

@@ -0,0 +1,172 @@
+// Thin wrappers around PM2 commands. The point isn't to abstract pm2 —
+// it's to hide footguns the docs already warn about:
+//
+//   • `pm2 restart` without --update-env silently keeps the old env, even
+//     after the operator edited .env. We always pass --update-env.
+//
+//   • The PM2 binary may live in node_modules/.bin (project-local install)
+//     or globally. We resolve to the local one first so a fresh deployment
+//     works without `npm i -g pm2`.
+
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { spawnSync, execSync } from 'node:child_process';
+import * as p from '@clack/prompts';
+import pc from 'picocolors';
+import { requireDeploymentDir, resolveDeploymentDir } from '../paths.js';
+
+const APP_NAME = 'selva-compute';
+
+function pm2Bin(dir) {
+	const local = join(dir, 'node_modules', '.bin', process.platform === 'win32' ? 'pm2.cmd' : 'pm2');
+	if (existsSync(local)) return local;
+	return 'pm2'; // fall back to PATH
+}
+
+function runPm2(dir, args, { inherit = true } = {}) {
+	const bin = pm2Bin(dir);
+	const result = spawnSync(bin, args, {
+		cwd: dir,
+		stdio: inherit ? 'inherit' : 'pipe',
+		shell: process.platform === 'win32' // allow .cmd shim resolution
+	});
+	if (result.error) {
+		throw new Error(
+			`Failed to invoke pm2 (${bin}): ${result.error.message}. ` +
+				`Install pm2 with \`npm install pm2\` in this directory.`
+		);
+	}
+	return result.status ?? 0;
+}
+
+export async function runStart() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+	const exit = runPm2(dir, ['start', 'ecosystem.config.cjs']);
+	process.exit(exit);
+}
+
+export async function runStop() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+	const exit = runPm2(dir, ['stop', APP_NAME]);
+	process.exit(exit);
+}
+
+export async function runRestart() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+	// --update-env is the whole point of this wrapper — without it, edits to
+	// .env have no effect on the running process.
+	const exit = runPm2(dir, ['restart', APP_NAME, '--update-env']);
+	process.exit(exit);
+}
+
+export async function runLogs(argv) {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+	const exit = runPm2(dir, ['logs', APP_NAME, ...argv]);
+	process.exit(exit);
+}
+
+export async function runUpdate() {
+	const dir = resolveDeploymentDir();
+	requireDeploymentDir(dir);
+
+	p.intro(pc.bgCyan(pc.black(' selva update ')));
+
+	const before = readRuntimeVersion(dir);
+	p.log.info(`Current @selvajs/selva: ${before ?? 'unknown'}`);
+
+	// All @selvajs/* packages move in lockstep so provider-only fixes and CLI
+	// fixes get picked up even when the runtime version hasn't moved. The
+	// admin-center button runs the same list — keep them in sync if you edit.
+	const packages = [
+		'@selvajs/cli',
+		'@selvajs/selva',
+		'@selvajs/platform',
+		'@selvajs/local-provider',
+		'@selvajs/supabase-provider',
+		'@selvajs/header-auth-provider'
+	];
+
+	const confirmed = await p.confirm({
+		message: 'Refresh all @selvajs/* packages and restart the app?',
+		initialValue: true
+	});
+	if (p.isCancel(confirmed) || !confirmed) {
+		p.cancel('Cancelled.');
+		return;
+	}
+
+	// Stop the running process BEFORE npm rewrites node_modules/@selvajs/selva/build/.
+	// SvelteKit's node adapter lazy-imports chunks from build/server/chunks/ on every
+	// request; if we let npm replace them while the old process is still serving
+	// traffic, in-flight requests hit ERR_MODULE_NOT_FOUND for chunks whose hash
+	// just changed. Brief downtime (~1-2s longer than restart-in-place) but no
+	// chunk-mismatch errors.
+	const stopStatus = runPm2(dir, ['stop', APP_NAME], { inherit: false });
+	if (stopStatus !== 0) {
+		p.log.warn('pm2 stop did not succeed — selva-compute may not be running. Continuing.');
+	}
+
+	const s = p.spinner();
+	s.start(`npm update ${packages.join(' ')}`);
+	try {
+		// --prefer-online forces npm to revalidate cached packuments against
+		// the registry before using them. Without this, npm's 5+ minute
+		// packument cache silently re-installs the same version even when a
+		// newer one was published in the meantime. See docs/Hotfix-CLI-Runtime.md
+		// "The stale-packument-cache trap".
+		execSync(`npm update --save --prefer-online ${packages.join(' ')}`, {
+			cwd: dir,
+			stdio: 'pipe'
+		});
+		s.stop('npm update finished');
+	} catch (err) {
+		s.stop('npm update failed');
+		// Bring the old process back up so the operator isn't left with downtime.
+		runPm2(dir, ['start', APP_NAME, '--update-env'], { inherit: false });
+		throw err;
+	}
+
+	const after = readRuntimeVersion(dir);
+	p.log.info(`New @selvajs/selva:     ${after ?? 'unknown'}`);
+
+	// Surface no-op updates explicitly. --prefer-online closes most cache
+	// holes, but a freshly-published version can take a minute or two to
+	// propagate through npm's CDN — operators who run update too quickly
+	// after publish still see "Current = New". Tell them how to retry.
+	if (before && after && before === after) {
+		p.log.warn(
+			[
+				'No packages were updated — already on the latest version your npm cache knows about.',
+				'If you expected a newer version (e.g. one was just published), your cache may be stale:',
+				'',
+				'  npm cache clean --force',
+				'  rm -rf node_modules package-lock.json',
+				'  npm install --prefer-online',
+				'  npm run restart'
+			].join('\n')
+		);
+	}
+
+	// Start the new build under PM2.
+	const status = runPm2(dir, ['start', APP_NAME, '--update-env'], { inherit: false });
+	if (status === 0) {
+		p.outro(pc.green('Started ' + APP_NAME));
+	} else {
+		p.outro(pc.yellow(`Start failed — investigate with \`pm2 logs ${APP_NAME}\`.`));
+	}
+}
+
+function readRuntimeVersion(dir) {
+	try {
+		const pkg = JSON.parse(
+			readFileSync(join(dir, 'node_modules', '@selvajs', 'selva', 'package.json'), 'utf8')
+		);
+		return pkg.version;
+	} catch {
+		return undefined;
+	}
+}