@sitecoreai-labs/sitecoreai-cli 0.0.4

package/dist/serialization/sitecore-api/auth.js

@@ -0,0 +1,319 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAccessToken = exports.requestPasswordToken = exports.requestClientCredentialsToken = exports.DEFAULT_SITECORE_API_AUDIENCE = exports.pollDeviceToken = exports.requestDeviceAuthorization = void 0;
+const keychain_1 = require("../../shared/keychain");
+const errors_1 = require("../../shared/errors");
+const DISCOVERY_TIMEOUT_MS = Math.max(0, Number(process.env.SITECOREAI_AUTH_DISCOVERY_TIMEOUT_MS ?? 5000));
+const fetchDiscovery = async (authority) => {
+    const url = `${authority.replace(/\/$/, "")}/.well-known/openid-configuration`;
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), DISCOVERY_TIMEOUT_MS);
+    try {
+        return await fetch(url, { signal: controller.signal });
+    }
+    catch (error) {
+        if (error instanceof Error && error.name === "AbortError") {
+            throw (0, errors_1.createCliError)("Identity discovery timed out.", "NETWORK", {
+                hint: "Check network connectivity or set SITECOREAI_AUTH_DISCOVERY_TIMEOUT_MS.",
+            });
+        }
+        throw (0, errors_1.createCliError)(`Identity discovery failed: ${error instanceof Error ? error.message : String(error)}`, "NETWORK");
+    }
+    finally {
+        clearTimeout(timeout);
+    }
+};
+const getTokenEndpoint = async (authority) => {
+    const response = await fetchDiscovery(authority);
+    if (!response.ok) {
+        throw (0, errors_1.createCliError)(`Failed to discover token endpoint from ${authority}.`, "NETWORK");
+    }
+    const json = (await response.json());
+    if (!json.token_endpoint) {
+        throw (0, errors_1.createCliError)("Token endpoint not found in discovery document.", "NETWORK");
+    }
+    return json.token_endpoint;
+};
+const getDeviceAuthorizationEndpoint = async (authority) => {
+    const response = await fetchDiscovery(authority);
+    if (!response.ok) {
+        throw (0, errors_1.createCliError)(`Failed to discover device authorization endpoint from ${authority}.`, "NETWORK");
+    }
+    const json = (await response.json());
+    if (json.device_authorization_endpoint) {
+        return json.device_authorization_endpoint;
+    }
+    return `${authority.replace(/\/$/, "")}/oauth/device/code`;
+};
+const requestToken = async (authority, params) => {
+    const tokenEndpoint = await getTokenEndpoint(authority);
+    const response = await fetch(tokenEndpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: params.toString(),
+    });
+    if (!response.ok) {
+        const bodyText = await response.text();
+        let detail = bodyText;
+        try {
+            const parsed = JSON.parse(bodyText);
+            detail = parsed.error_description ?? parsed.error ?? parsed.message ?? bodyText;
+        }
+        catch {
+            // keep raw body text
+        }
+        throw (0, errors_1.createCliError)(`Failed to obtain access token (${response.status}): ${detail || "Unknown error"}`, "AUTH_REQUIRED");
+    }
+    const json = (await response.json());
+    if (!json.access_token) {
+        throw (0, errors_1.createCliError)("Access token was not returned by the identity server.", "AUTH_REQUIRED");
+    }
+    return {
+        accessToken: json.access_token,
+        refreshToken: json.refresh_token,
+        expiresIn: json.expires_in,
+        tokenType: json.token_type,
+    };
+};
+const requestDeviceAuthorization = async (environment, scope) => {
+    if (!environment.authority || !environment.clientId) {
+        throw (0, errors_1.createCliError)("Authority and clientId are required for device login.", "AUTH_REQUIRED");
+    }
+    const endpoint = await getDeviceAuthorizationEndpoint(environment.authority);
+    const params = new URLSearchParams({
+        client_id: environment.clientId,
+    });
+    if (environment.audience) {
+        params.set("audience", environment.audience);
+    }
+    if (scope) {
+        params.set("scope", scope);
+    }
+    const response = await fetch(endpoint, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: params.toString(),
+    });
+    if (!response.ok) {
+        const bodyText = await response.text();
+        let detail = bodyText;
+        try {
+            const parsed = JSON.parse(bodyText);
+            detail = parsed.error_description ?? parsed.error ?? parsed.message ?? bodyText;
+        }
+        catch {
+            // keep raw body text
+        }
+        throw (0, errors_1.createCliError)(`Failed to start device login (${response.status}): ${detail || "Unknown error"}`, "AUTH_REQUIRED");
+    }
+    const json = (await response.json());
+    if (!json.device_code || !json.verification_uri) {
+        throw (0, errors_1.createCliError)("Device authorization response was missing required fields.", "AUTH_REQUIRED");
+    }
+    return {
+        deviceCode: json.device_code,
+        userCode: json.user_code,
+        verificationUri: json.verification_uri,
+        verificationUriComplete: json.verification_uri_complete,
+        expiresIn: json.expires_in ?? 900,
+        interval: json.interval ?? 5,
+        message: json.message,
+    };
+};
+exports.requestDeviceAuthorization = requestDeviceAuthorization;
+const delay = (ms) => new Promise((resolve) => {
+    setTimeout(resolve, ms);
+});
+const pollDeviceToken = async (environment, device) => {
+    if (!environment.authority || !environment.clientId) {
+        throw (0, errors_1.createCliError)("Authority and clientId are required for device login.", "AUTH_REQUIRED");
+    }
+    const tokenEndpoint = await getTokenEndpoint(environment.authority);
+    const deadline = Date.now() + device.expiresIn * 1000;
+    let intervalMs = Math.max(1, device.interval) * 1000;
+    while (Date.now() < deadline) {
+        const params = new URLSearchParams({
+            grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+            device_code: device.deviceCode,
+            client_id: environment.clientId,
+        });
+        if (environment.clientSecret) {
+            params.set("client_secret", environment.clientSecret);
+        }
+        const response = await fetch(tokenEndpoint, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: params.toString(),
+        });
+        const bodyText = await response.text();
+        if (response.ok) {
+            const json = JSON.parse(bodyText);
+            if (!json.access_token) {
+                throw (0, errors_1.createCliError)("Access token was not returned by the identity server.", "AUTH_REQUIRED");
+            }
+            return {
+                accessToken: json.access_token,
+                refreshToken: json.refresh_token,
+                expiresIn: json.expires_in,
+                tokenType: json.token_type,
+            };
+        }
+        let errorCode;
+        let detail = bodyText;
+        try {
+            const parsed = JSON.parse(bodyText);
+            errorCode = parsed.error;
+            detail = parsed.error_description ?? parsed.error ?? parsed.message ?? bodyText;
+        }
+        catch {
+            // keep raw body text
+        }
+        if (errorCode === "authorization_pending") {
+            await delay(intervalMs);
+            continue;
+        }
+        if (errorCode === "slow_down") {
+            intervalMs += 5000;
+            await delay(intervalMs);
+            continue;
+        }
+        if (errorCode === "access_denied") {
+            throw (0, errors_1.createCliError)("Device login was cancelled.", "AUTH_REQUIRED");
+        }
+        if (errorCode === "expired_token") {
+            throw (0, errors_1.createCliError)("Device login expired. Try again.", "AUTH_REQUIRED");
+        }
+        throw (0, errors_1.createCliError)(`Failed to obtain access token (${response.status}): ${detail || "Unknown error"}`, "AUTH_REQUIRED");
+    }
+    throw (0, errors_1.createCliError)("Device login expired. Try again.", "AUTH_REQUIRED");
+};
+exports.pollDeviceToken = pollDeviceToken;
+/**
+ * Default OAuth audience for Sitecore Cloud APIs (Deploy + Authoring +
+ * Sites). When the env profile doesn't pin an explicit `audience`,
+ * Auth0 falls back to whatever default is configured for the M2M
+ * client. Some org-scoped clients are configured with internal-only
+ * audiences they aren't authorized to mint tokens for, so we always
+ * send this audience explicitly on the request.
+ */
+exports.DEFAULT_SITECORE_API_AUDIENCE = "https://api.sitecorecloud.io";
+const requestClientCredentialsToken = async (environment, scope) => {
+    if (!environment.authority || !environment.clientId || !environment.clientSecret) {
+        throw (0, errors_1.createCliError)("Authority, clientId, and clientSecret are required for client credentials.", "AUTH_REQUIRED");
+    }
+    const params = new URLSearchParams({
+        grant_type: "client_credentials",
+        client_id: environment.clientId,
+        client_secret: environment.clientSecret,
+        audience: environment.audience ?? exports.DEFAULT_SITECORE_API_AUDIENCE,
+    });
+    if (scope) {
+        params.set("scope", scope);
+    }
+    return requestToken(environment.authority, params);
+};
+exports.requestClientCredentialsToken = requestClientCredentialsToken;
+const requestPasswordToken = async (environment, username, password, scope) => {
+    if (!environment.authority || !environment.clientId) {
+        throw (0, errors_1.createCliError)("Authority and clientId are required for username/password login.", "AUTH_REQUIRED");
+    }
+    const params = new URLSearchParams({
+        grant_type: "password",
+        client_id: environment.clientId,
+        username,
+        password,
+    });
+    if (environment.clientSecret) {
+        params.set("client_secret", environment.clientSecret);
+    }
+    if (environment.audience) {
+        params.set("audience", environment.audience);
+    }
+    if (scope) {
+        params.set("scope", scope);
+    }
+    return requestToken(environment.authority, params);
+};
+exports.requestPasswordToken = requestPasswordToken;
+const requestRefreshToken = async (environment) => {
+    if (!environment.authority || !environment.refreshToken) {
+        return undefined;
+    }
+    const params = new URLSearchParams({
+        grant_type: "refresh_token",
+        refresh_token: environment.refreshToken,
+    });
+    if (environment.refreshTokenParameters) {
+        for (const [key, value] of Object.entries(environment.refreshTokenParameters)) {
+            params.set(key, String(value));
+        }
+    }
+    if (!params.has("client_id") && environment.clientId) {
+        params.set("client_id", environment.clientId);
+    }
+    if (environment.clientSecret) {
+        params.set("client_secret", environment.clientSecret);
+    }
+    if (environment.audience && !params.has("audience")) {
+        params.set("audience", environment.audience);
+    }
+    return requestToken(environment.authority, params);
+};
+const getAccessToken = async (environment) => {
+    const envName = environment.name;
+    const shouldCache = environment.cacheAuthenticationToken !== false && Boolean(envName);
+    const cached = shouldCache && envName ? await (0, keychain_1.getCmTokens)(envName) : undefined;
+    if (cached?.accessToken) {
+        return cached.accessToken;
+    }
+    if (cached?.refreshToken) {
+        const refreshed = await requestRefreshToken({
+            ...environment,
+            refreshToken: cached.refreshToken,
+            refreshTokenParameters: cached.refreshTokenParameters,
+        });
+        if (refreshed?.accessToken) {
+            if (shouldCache && envName) {
+                await (0, keychain_1.setCmTokens)(envName, {
+                    accessToken: refreshed.accessToken,
+                    refreshToken: refreshed.refreshToken ?? cached.refreshToken,
+                    refreshTokenParameters: cached.refreshTokenParameters,
+                    expiresIn: refreshed.expiresIn,
+                    lastUpdated: new Date().toISOString(),
+                });
+            }
+            return refreshed.accessToken;
+        }
+    }
+    if (environment.accessToken) {
+        return environment.accessToken;
+    }
+    const refreshed = await requestRefreshToken(environment);
+    if (refreshed?.accessToken) {
+        if (shouldCache && envName) {
+            await (0, keychain_1.setCmTokens)(envName, {
+                accessToken: refreshed.accessToken,
+                refreshToken: refreshed.refreshToken ?? environment.refreshToken,
+                refreshTokenParameters: environment.refreshTokenParameters,
+                expiresIn: refreshed.expiresIn,
+                lastUpdated: new Date().toISOString(),
+            });
+        }
+        return refreshed.accessToken;
+    }
+    if (environment.useClientCredentials) {
+        const token = await (0, exports.requestClientCredentialsToken)(environment);
+        if (shouldCache && envName) {
+            await (0, keychain_1.setCmTokens)(envName, {
+                accessToken: token.accessToken,
+                refreshToken: token.refreshToken,
+                refreshTokenParameters: environment.refreshTokenParameters,
+                expiresIn: token.expiresIn,
+                lastUpdated: new Date().toISOString(),
+            });
+        }
+        return token.accessToken;
+    }
+    return undefined;
+};
+exports.getAccessToken = getAccessToken;

package/dist/serialization/sitecore-api/graphql.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Management GraphQL transport for serialization commands.
+ *
+ * Thin wrapper over `src/shared/graphql.ts` — supplies the Management
+ * service path and label. Parallels `src/recipe/api/graphql.ts` which
+ * targets the Authoring endpoint.
+ */
+import type { EnvironmentConfiguration } from "../../config";
+import { type GraphQLRequestOptions } from "../../shared/graphql";
+export type { GraphQLRequestOptions };
+export declare const runGraphQL: <T>(environment: EnvironmentConfiguration, query: string, variables?: Record<string, unknown>, options?: GraphQLRequestOptions) => Promise<T>;
+//# sourceMappingURL=graphql.d.ts.map

package/dist/serialization/sitecore-api/graphql.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"graphql.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/graphql.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACzD,OAAO,EAAsB,KAAK,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AAKlF,YAAY,EAAE,qBAAqB,EAAE,CAAC;AAEtC,eAAO,MAAM,UAAU,GAAI,CAAC,EAC1B,aAAa,wBAAwB,EACrC,OAAO,MAAM,EACb,YAAY,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACnC,UAAU,qBAAqB,KAC9B,OAAO,CAAC,CAAC,CAYT,CAAC"}

package/dist/serialization/sitecore-api/graphql.js

@@ -0,0 +1,20 @@
+"use strict";
+/**
+ * Management GraphQL transport for serialization commands.
+ *
+ * Thin wrapper over `src/shared/graphql.ts` — supplies the Management
+ * service path and label. Parallels `src/recipe/api/graphql.ts` which
+ * targets the Authoring endpoint.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runGraphQL = void 0;
+const graphql_1 = require("../../shared/graphql");
+const auth_1 = require("./auth");
+const SERVICE_PATH = "/sitecore/api/management";
+const runGraphQL = (environment, query, variables, options) => (0, graphql_1.runSitecoreGraphQL)(environment, query, variables, {
+    servicePath: SERVICE_PATH,
+    label: "Management",
+    requireToken: false,
+    getAccessToken: auth_1.getAccessToken,
+}, options);
+exports.runGraphQL = runGraphQL;

package/dist/serialization/sitecore-api/history.d.ts

@@ -0,0 +1,9 @@
+import { EnvironmentConfiguration } from "../../config";
+import { HistoryEntry } from "../types";
+import { GraphQLRequestOptions } from "./graphql";
+export declare const fetchHistoryTimestamp: (environment: EnvironmentConfiguration, options?: GraphQLRequestOptions) => Promise<string>;
+export declare const fetchHistoryEntries: (environment: EnvironmentConfiguration, timestamp: string, options?: GraphQLRequestOptions) => Promise<{
+    timestamp: string;
+    entries: HistoryEntry[];
+}>;
+//# sourceMappingURL=history.d.ts.map

package/dist/serialization/sitecore-api/history.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"history.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/history.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAc,MAAM,WAAW,CAAC;AAuB9D,eAAO,MAAM,qBAAqB,GAChC,aAAa,wBAAwB,EACrC,UAAU,qBAAqB,KAC9B,OAAO,CAAC,MAAM,CAQhB,CAAC;AAEF,eAAO,MAAM,mBAAmB,GAC9B,aAAa,wBAAwB,EACrC,WAAW,MAAM,EACjB,UAAU,qBAAqB,KAC9B,OAAO,CAAC;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,YAAY,EAAE,CAAA;CAAE,CAYxD,CAAC"}

package/dist/serialization/sitecore-api/history.js

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchHistoryEntries = exports.fetchHistoryTimestamp = void 0;
+const graphql_1 = require("./graphql");
+const historyTimestampQuery = `
+{
+  history {
+    currentTimestamp
+  }
+}`;
+const historyEntriesQuery = `
+query Entries($timestamp: String!) {
+  history {
+    currentTimestamp
+    entries(timestamp: $timestamp) {
+      id
+      path
+      database
+      oldPath
+      changeType
+    }
+  }
+}`;
+const fetchHistoryTimestamp = async (environment, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, historyTimestampQuery, undefined, options);
+    return data.history.currentTimestamp;
+};
+exports.fetchHistoryTimestamp = fetchHistoryTimestamp;
+const fetchHistoryEntries = async (environment, timestamp, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, historyEntriesQuery, { timestamp }, options);
+    return {
+        timestamp: data.history.currentTimestamp,
+        entries: data.history.entries ?? [],
+    };
+};
+exports.fetchHistoryEntries = fetchHistoryEntries;

package/dist/serialization/sitecore-api/index.d.ts

@@ -0,0 +1,7 @@
+export * from "./auth";
+export * from "./items";
+export * from "./history";
+export * from "./roles";
+export * from "./users";
+export * from "./publish";
+//# sourceMappingURL=index.d.ts.map

package/dist/serialization/sitecore-api/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC;AAC1B,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,WAAW,CAAC"}

package/dist/serialization/sitecore-api/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./auth"), exports);
+__exportStar(require("./items"), exports);
+__exportStar(require("./history"), exports);
+__exportStar(require("./roles"), exports);
+__exportStar(require("./users"), exports);
+__exportStar(require("./publish"), exports);

package/dist/serialization/sitecore-api/items.d.ts

@@ -0,0 +1,8 @@
+import { ItemData, ItemMetadata } from "../types";
+import { EnvironmentConfiguration } from "../../config";
+import { FieldFilterSet } from "../field-filter";
+import { GraphQLRequestOptions } from "./graphql";
+export declare const fetchItemMetadata: (environment: EnvironmentConfiguration, database: string, pathOrId: string, scope: string, fieldFilter: FieldFilterSet, useDebugSignatures: boolean, options?: GraphQLRequestOptions) => Promise<ItemMetadata[]>;
+export declare const fetchItemData: (environment: EnvironmentConfiguration, database: string, pathOrId: string, scope: string, fieldFilter: FieldFilterSet, options?: GraphQLRequestOptions) => Promise<ItemData[]>;
+export declare const executeSerializationCommands: (environment: EnvironmentConfiguration, commands: unknown[], minimumLogLevel: string, options?: GraphQLRequestOptions) => Promise<unknown[]>;
+//# sourceMappingURL=items.d.ts.map

package/dist/serialization/sitecore-api/items.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"items.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/items.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGlD,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AAEpD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAc,MAAM,WAAW,CAAC;AAqG9D,eAAO,MAAM,iBAAiB,GAC5B,aAAa,wBAAwB,EACrC,UAAU,MAAM,EAChB,UAAU,MAAM,EAChB,OAAO,MAAM,EACb,aAAa,cAAc,EAC3B,oBAAoB,OAAO,EAC3B,UAAU,qBAAqB,KAC9B,OAAO,CAAC,YAAY,EAAE,CAmCxB,CAAC;AAEF,eAAO,MAAM,aAAa,GACxB,aAAa,wBAAwB,EACrC,UAAU,MAAM,EAChB,UAAU,MAAM,EAChB,OAAO,MAAM,EACb,aAAa,cAAc,EAC3B,UAAU,qBAAqB,KAC9B,OAAO,CAAC,QAAQ,EAAE,CAgBpB,CAAC;AAEF,eAAO,MAAM,4BAA4B,GACvC,aAAa,wBAAwB,EACrC,UAAU,OAAO,EAAE,EACnB,iBAAiB,MAAM,EACvB,UAAU,qBAAqB,KAC9B,OAAO,CAAC,OAAO,EAAE,CAWnB,CAAC"}

package/dist/serialization/sitecore-api/items.js

@@ -0,0 +1,132 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.executeSerializationCommands = exports.fetchItemData = exports.fetchItemMetadata = void 0;
+const item_path_1 = require("../item-path");
+const signature_1 = require("../signature");
+const errors_1 = require("../../shared/errors");
+const graphql_1 = require("./graphql");
+const serializeMetadataFragment = `
+  serialize(path: $path, database: $database, scope: $scope, excludedFieldIds: $excludedFieldIds) {
+    id
+    parentId
+    templateId
+    path
+    hasChildren
+    dataSignature
+  }
+`;
+const serializeMetadataDebugFragment = serializeMetadataFragment.replace("dataSignature", "dataSignature(debug: true)");
+const serializeDataFragment = `
+  serialize(path: $path, database: $database, scope: $scope, excludedFieldIds: $excludedFieldIds) {
+    data
+  }
+`;
+const executeSerializationCommandsMutation = `
+mutation($commands: [ItemCommand], $minimumLogLevel: LogLevel) {
+  executeSerializationCommands(commands: $commands, minimumLogLevel: $minimumLogLevel) {
+    success
+    name
+    messages {
+      logLevel
+      eventID { id name }
+      message
+    }
+  }
+}`;
+const mapScope = (scope) => {
+    if (scope.toLowerCase() === "singleitem") {
+        return "SingleItem";
+    }
+    if (scope.toLowerCase() === "itemandchildren") {
+        return "ItemAndChildren";
+    }
+    if (scope.toLowerCase() === "descendantsonly") {
+        return "DescendantsOnly";
+    }
+    return "ItemAndDescendants";
+};
+const parseItemData = (data, database) => {
+    if (!data || typeof data !== "string") {
+        throw (0, errors_1.createCliError)("GraphQL response did not contain serialized item data.", "UNKNOWN");
+    }
+    const parsed = JSON.parse(data);
+    const versions = parsed.versions?.map((version) => ({
+        language: version.language,
+        version: version.version,
+        fields: version.fields.map((field) => ({
+            fieldId: field.fieldId,
+            nameHint: field.nameHint,
+            value: field.value ?? "",
+            blobId: field.blobId ?? null,
+        })),
+    })) ?? [];
+    const item = {
+        id: parsed.id,
+        parentId: parsed.parentId,
+        templateId: parsed.templateId,
+        path: item_path_1.ItemPath.fromPathString(parsed.path.toString()),
+        name: parsed.name,
+        branchId: parsed.branchId,
+        database,
+        sharedFields: parsed.sharedFields.map((field) => ({
+            fieldId: field.fieldId,
+            nameHint: field.nameHint,
+            value: field.value ?? "",
+            blobId: field.blobId ?? null,
+        })),
+        unversionedFields: parsed.unversionedFields.map((language) => ({
+            language: language.language,
+            fields: language.fields.map((field) => ({
+                fieldId: field.fieldId,
+                nameHint: field.nameHint,
+                value: field.value ?? "",
+                blobId: field.blobId ?? null,
+            })),
+        })),
+        versions,
+        dataSignature: parsed.dataSignature,
+    };
+    if (!item.dataSignature) {
+        const base = (0, signature_1.createDataSignatureBase)(item);
+        item.dataSignature = (0, signature_1.createSignature)(base) ?? "";
+    }
+    return item;
+};
+const fetchItemMetadata = async (environment, database, pathOrId, scope, fieldFilter, useDebugSignatures, options) => {
+    const query = `query($path: String!, $database: String!, $scope: TreeScope!, $excludedFieldIds: [String]) { ${useDebugSignatures ? serializeMetadataDebugFragment : serializeMetadataFragment} }`;
+    const data = await (0, graphql_1.runGraphQL)(environment, query, {
+        path: pathOrId,
+        database,
+        scope: mapScope(scope),
+        excludedFieldIds: Array.from(fieldFilter.excludes),
+    }, options);
+    return data.serialize.map((item) => ({
+        id: item.id,
+        parentId: item.parentId,
+        templateId: item.templateId,
+        path: item_path_1.ItemPath.fromPathString(item.path),
+        hasChildren: item.hasChildren,
+        dataSignature: item.dataSignature,
+        database,
+    }));
+};
+exports.fetchItemMetadata = fetchItemMetadata;
+const fetchItemData = async (environment, database, pathOrId, scope, fieldFilter, options) => {
+    const query = `query($path: String!, $database: String!, $scope: TreeScope!, $excludedFieldIds: [String]) { ${serializeDataFragment} }`;
+    const data = await (0, graphql_1.runGraphQL)(environment, query, {
+        path: pathOrId,
+        database,
+        scope: mapScope(scope),
+        excludedFieldIds: Array.from(fieldFilter.excludes),
+    }, options);
+    return data.serialize.map((entry) => parseItemData(entry.data, database));
+};
+exports.fetchItemData = fetchItemData;
+const executeSerializationCommands = async (environment, commands, minimumLogLevel, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, executeSerializationCommandsMutation, {
+        commands,
+        minimumLogLevel,
+    }, options);
+    return data.executeSerializationCommands;
+};
+exports.executeSerializationCommands = executeSerializationCommands;

package/dist/serialization/sitecore-api/publish.d.ts

@@ -0,0 +1,14 @@
+import { EnvironmentConfiguration } from "../../config";
+import { GraphQLRequestOptions } from "./graphql";
+export declare const publishItems: (environment: EnvironmentConfiguration, itemIds: string[], target?: string, options?: GraphQLRequestOptions) => Promise<{
+    id: string;
+    processedCount: number;
+    stateName: string;
+}>;
+export declare const checkPublishStatus: (environment: EnvironmentConfiguration, publishId: string, options?: GraphQLRequestOptions) => Promise<{
+    id: string;
+    processedCount: number;
+    stateName: string;
+}>;
+export declare const fetchPublishingTargets: (environment: EnvironmentConfiguration, options?: GraphQLRequestOptions) => Promise<string[]>;
+//# sourceMappingURL=publish.d.ts.map

package/dist/serialization/sitecore-api/publish.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"publish.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/publish.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAc,MAAM,WAAW,CAAC;AA6B9D,eAAO,MAAM,YAAY,GACvB,aAAa,wBAAwB,EACrC,SAAS,MAAM,EAAE,EACjB,SAAS,MAAM,EACf,UAAU,qBAAqB,KAC9B,OAAO,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAKnE,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAC7B,aAAa,wBAAwB,EACrC,WAAW,MAAM,EACjB,UAAU,qBAAqB,KAC9B,OAAO,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAKnE,CAAC;AAEF,eAAO,MAAM,sBAAsB,GACjC,aAAa,wBAAwB,EACrC,UAAU,qBAAqB,KAC9B,OAAO,CAAC,MAAM,EAAE,CAQlB,CAAC"}

package/dist/serialization/sitecore-api/publish.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fetchPublishingTargets = exports.checkPublishStatus = exports.publishItems = void 0;
+const graphql_1 = require("./graphql");
+const publishMutation = `
+mutation($path: String, $languages: [String] , $itemIds : [String], $republish : Boolean, $target : String) {
+  publish(path: $path, languages: $languages, itemIds :$itemIds, republish :$republish, target :$target) {
+    id
+    processedCount
+    stateCode
+    stateName
+  }
+}`;
+const publishStatusQuery = `
+query($id: String)
+{
+  publishingStatus(id: $id)
+  {
+    id
+    processedCount
+    stateCode
+    stateName
+  }
+}`;
+const listTargetsQuery = `
+query {
+  listOfTargets
+}`;
+const publishItems = async (environment, itemIds, target, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, publishMutation, { itemIds, target }, options);
+    return data.publish;
+};
+exports.publishItems = publishItems;
+const checkPublishStatus = async (environment, publishId, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, publishStatusQuery, { id: publishId }, options);
+    return data.publishingStatus;
+};
+exports.checkPublishStatus = checkPublishStatus;
+const fetchPublishingTargets = async (environment, options) => {
+    const data = await (0, graphql_1.runGraphQL)(environment, listTargetsQuery, undefined, options);
+    return data.listOfTargets ?? [];
+};
+exports.fetchPublishingTargets = fetchPublishingTargets;

package/dist/serialization/sitecore-api/roles.d.ts

@@ -0,0 +1,9 @@
+import { EnvironmentConfiguration } from "../../config";
+import { RoleData } from "../types";
+import { GraphQLRequestOptions } from "./graphql";
+export declare const fetchRoles: (environment: EnvironmentConfiguration, predicates: Array<{
+    domain: string;
+    pattern: string;
+}>, options?: GraphQLRequestOptions) => Promise<RoleData[]>;
+export declare const pushRoleCommands: (environment: EnvironmentConfiguration, commands: unknown[], options?: GraphQLRequestOptions) => Promise<unknown[]>;
+//# sourceMappingURL=roles.d.ts.map

package/dist/serialization/sitecore-api/roles.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"roles.d.ts","sourceRoot":"","sources":["../../../src/serialization/sitecore-api/roles.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,qBAAqB,EAAc,MAAM,WAAW,CAAC;AA4B9D,eAAO,MAAM,UAAU,GACrB,aAAa,wBAAwB,EACrC,YAAY,KAAK,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,EACtD,UAAU,qBAAqB,KAC9B,OAAO,CAAC,QAAQ,EAAE,CAUpB,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAC3B,aAAa,wBAAwB,EACrC,UAAU,OAAO,EAAE,EACnB,UAAU,qBAAqB,KAC9B,OAAO,CAAC,OAAO,EAAE,CAUnB,CAAC"}