@switchbot/openapi-cli 3.0.0 → 3.1.1

package/dist/commands/rules.js

@@ -1,11 +1,12 @@
 import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
-import { isJsonMode, printJson, exitWithError } from '../utils/output.js';
+import { isJsonMode, printJson, exitWithError, printTable } from '../utils/output.js';
 import { loadPolicyFile, resolvePolicyPath, DEFAULT_POLICY_PATH, PolicyFileNotFoundError, PolicyYamlParseError, } from '../policy/load.js';
 import { validateLoadedPolicy } from '../policy/validate.js';
 import { isWebhookTrigger } from '../rules/types.js';
 import { lintRules, RulesEngine } from '../rules/engine.js';
+import { analyzeConflicts, } from '../rules/conflict-analyzer.js';
 import { tryLoadConfig } from '../config.js';
 import { fetchMqttCredential } from '../mqtt/credential.js';
 import { SwitchBotMqttClient } from '../mqtt/client.js';
@@ -61,7 +62,11 @@ function loadAutomation(policyPathFlag) {
                 aliases[k] = v;
         }
     }
-    return { path, automation, aliases, schemaVersion: result.schemaVersion };
+    const rawQH = data.quiet_hours;
+    const quietHours = rawQH && typeof rawQH.start === 'string' && typeof rawQH.end === 'string'
+        ? { start: rawQH.start, end: rawQH.end }
+        : null;
+    return { path, automation, aliases, schemaVersion: result.schemaVersion, quietHours };
 }
 function describeTrigger(rule) {
     const t = rule.when;
@@ -615,6 +620,209 @@ function registerSuggest(rules) {
         }
     });
 }
+function formatConflictReport(report) {
+    const lines = [];
+    lines.push(`findings: ${report.findings.length}  errors: ${report.counts.error}  warnings: ${report.counts.warning}  info: ${report.counts.info}`);
+    if (report.findings.length === 0) {
+        lines.push('No conflicts detected.');
+        return lines.join('\n');
+    }
+    for (const f of report.findings) {
+        lines.push(`  [${f.severity}] ${f.code}: ${f.message}`);
+        if (f.hint)
+            lines.push(`      hint: ${f.hint}`);
+    }
+    return lines.join('\n');
+}
+function registerConflicts(rules) {
+    rules
+        .command('conflicts [path]')
+        .description('Detect conflicting or risky rule patterns (opposing actions, high-frequency catch-all, destructive commands).')
+        .action((pathArg) => {
+        const loaded = loadAutomation(pathArg);
+        if (!loaded)
+            return;
+        const allRules = loaded.automation?.rules ?? [];
+        const report = analyzeConflicts(allRules, loaded.quietHours);
+        if (isJsonMode()) {
+            printJson({
+                policyPath: loaded.path,
+                ruleCount: allRules.length,
+                ...report,
+            });
+        }
+        else {
+            console.log(formatConflictReport(report));
+        }
+        process.exit(report.clean ? 0 : 1);
+    });
+}
+function registerDoctor(rules) {
+    rules
+        .command('doctor [path]')
+        .description('Combined health check: lint + conflict analysis + operational guidance.')
+        .action((pathArg) => {
+        const loaded = loadAutomation(pathArg);
+        if (!loaded)
+            return;
+        const allRules = loaded.automation?.rules ?? [];
+        const lintResult = lintRules(loaded.automation);
+        const conflictReport = analyzeConflicts(allRules, loaded.quietHours);
+        const overall = lintResult.valid && conflictReport.clean;
+        if (isJsonMode()) {
+            printJson({
+                policyPath: loaded.path,
+                policySchemaVersion: loaded.schemaVersion,
+                automationEnabled: loaded.automation?.enabled === true,
+                overall,
+                lint: lintResult,
+                conflicts: conflictReport,
+            });
+        }
+        else {
+            console.log('=== Lint ===');
+            console.log(formatLintHuman(lintResult, loaded.schemaVersion));
+            console.log('\n=== Conflicts ===');
+            console.log(formatConflictReport(conflictReport));
+            console.log(`\noverall: ${overall ? 'ok' : 'issues found'}`);
+        }
+        process.exit(overall ? 0 : 1);
+    });
+}
+function registerSummary(rules) {
+    rules
+        .command('summary')
+        .description('Aggregate rule-* audit entries per rule over a time window (fires, throttled, errors).')
+        .option('--file <path>', `Audit log path (default ${DEFAULT_AUDIT_PATH})`)
+        .option('--since <duration>', 'Only entries newer than this window (default: 24h). E.g. 1h, 7d.')
+        .option('--rule <name>', 'Filter to a single rule name.')
+        .action((opts) => {
+        const file = opts.file ?? DEFAULT_AUDIT_PATH;
+        const entries = fs.existsSync(file) ? readAudit(file) : [];
+        const sinceMs = resolveSinceMs(opts.since ?? '24h');
+        const filtered = filterRuleAudits(entries, { sinceMs, ruleName: opts.rule });
+        const report = aggregateRuleAudits(filtered);
+        if (isJsonMode()) {
+            printJson({ file, window: opts.since ?? '24h', ruleFilter: opts.rule ?? null, ...report });
+            return;
+        }
+        console.log(`Rule summary (${opts.since ?? '24h'} window, ${report.total} entries)`);
+        if (report.summaries.length === 0) {
+            console.log('(no rule activity in this window)');
+            return;
+        }
+        printTable(['Rule', 'Trigger', 'Fires', 'Throttled', 'Errors', 'Error%', 'Last fired'], report.summaries.map((s) => [
+            s.rule,
+            s.triggerSource ?? '-',
+            String(s.fires),
+            String(s.throttled),
+            String(s.errors),
+            `${(s.errorRate * 100).toFixed(1)}%`,
+            s.lastAt ?? '-',
+        ]));
+    });
+}
+function registerLastFired(rules) {
+    rules
+        .command('last-fired')
+        .description('Show the N most recently fired rule-fire entries from the audit log.')
+        .option('--file <path>', `Audit log path (default ${DEFAULT_AUDIT_PATH})`)
+        .option('--rule <name>', 'Filter to a single rule name.')
+        .option('-n <count>', 'Number of entries to show (default: 10).', (v) => Number.parseInt(v, 10))
+        .action((opts) => {
+        const file = opts.file ?? DEFAULT_AUDIT_PATH;
+        const n = opts.n ?? 10;
+        const entries = fs.existsSync(file) ? readAudit(file) : [];
+        const fires = filterRuleAudits(entries, {
+            ruleName: opts.rule,
+            kinds: ['rule-fire', 'rule-fire-dry'],
+        });
+        const recent = fires.slice(-n).reverse();
+        if (isJsonMode()) {
+            printJson({ file, ruleFilter: opts.rule ?? null, count: recent.length, entries: recent });
+            return;
+        }
+        if (recent.length === 0) {
+            console.log(`(no rule-fire entries in ${file}${opts.rule ? ` for rule "${opts.rule}"` : ''})`);
+            return;
+        }
+        for (const e of recent) {
+            const parts = [e.t, e.kind, e.rule?.name ?? '-'];
+            if (e.deviceId)
+                parts.push(`device=${e.deviceId}`);
+            if (e.command)
+                parts.push(`cmd=${e.command}`);
+            if (e.result)
+                parts.push(`result=${e.result}`);
+            console.log(parts.join('  '));
+        }
+    });
+}
+function registerExplain(rules) {
+    rules
+        .command('explain <name> [path]')
+        .description('Show full detail for a named rule: trigger, conditions, actions, and last-fired time.')
+        .option('--file <path>', `Audit log path (default ${DEFAULT_AUDIT_PATH}).`)
+        .action((name, pathArg, opts) => {
+        const loaded = loadAutomation(pathArg);
+        if (!loaded)
+            return;
+        const allRules = loaded.automation?.rules ?? [];
+        const rule = allRules.find((r) => r.name === name);
+        if (!rule) {
+            exitWithError({
+                code: 1,
+                kind: 'usage',
+                message: `Rule "${name}" not found in policy.`,
+                extra: {
+                    subKind: 'rule-not-found',
+                    available: allRules.map((r) => r.name),
+                },
+            });
+            return;
+        }
+        const auditFile = opts.file ?? DEFAULT_AUDIT_PATH;
+        const entries = fs.existsSync(auditFile) ? readAudit(auditFile) : [];
+        const fires = filterRuleAudits(entries, { ruleName: name, kinds: ['rule-fire', 'rule-fire-dry'] });
+        const lastFired = fires.length > 0 ? fires[fires.length - 1].t : null;
+        const detail = {
+            name: rule.name,
+            enabled: rule.enabled !== false,
+            trigger: describeTrigger(rule),
+            conditions: rule.conditions ?? [],
+            actions: rule.then,
+            cooldown: rule.cooldown ?? rule.throttle?.max_per ?? null,
+            hysteresis: rule.hysteresis ?? rule.requires_stable_for ?? null,
+            maxFiringsPerHour: rule.maxFiringsPerHour ?? null,
+            suppressIfAlreadyDesired: rule.suppressIfAlreadyDesired ?? false,
+            dryRun: rule.dry_run === true,
+            lastFired,
+        };
+        if (isJsonMode()) {
+            printJson(detail);
+            return;
+        }
+        console.log(`name:                  ${detail.name}`);
+        console.log(`enabled:               ${detail.enabled}`);
+        console.log(`trigger:               ${detail.trigger}`);
+        console.log(`conditions:            ${detail.conditions.length === 0 ? '(none)' : JSON.stringify(detail.conditions)}`);
+        console.log(`actions:               ${detail.actions.length}`);
+        for (const a of detail.actions) {
+            console.log(`  - ${a.command}${a.device ? ` [${a.device}]` : ''}${a.on_error ? ` on_error=${a.on_error}` : ''}`);
+        }
+        if (detail.cooldown)
+            console.log(`cooldown:              ${detail.cooldown}`);
+        if (detail.hysteresis)
+            console.log(`hysteresis:            ${detail.hysteresis}`);
+        if (detail.maxFiringsPerHour !== null)
+            console.log(`maxFiringsPerHour:     ${detail.maxFiringsPerHour}`);
+        if (detail.suppressIfAlreadyDesired)
+            console.log(`suppressIfAlreadyDesired: true`);
+        if (detail.dryRun)
+            console.log(`dry_run:               true`);
+        console.log(`last fired:            ${detail.lastFired ?? '(never)'}`);
+    });
+}
 export function registerRulesCommand(program) {
     const rules = program
         .command('rules')
@@ -627,11 +835,16 @@ Subcommands:
   suggest                   Generate a candidate rule YAML from intent (heuristic, no LLM).
   lint [path]               Static-check rule definitions; no MQTT, no API calls.
   list [path]               Print a human/JSON summary of each rule's trigger + actions.
+  explain <name>            Show full detail for a rule: trigger, conditions, actions, last-fired.
   run  [path]               Subscribe to MQTT (+ cron/webhook) and execute matching rules.
   reload                    Hot-reload the running engine's policy (SIGHUP on Unix,
                             pid-file sentinel on Windows).
   tail                      Stream rule-* entries from the audit log (--follow tails).
   replay                    Per-rule aggregate: fires/dries/throttled/errors + window.
+  conflicts [path]          Detect conflicting or risky rule patterns.
+  doctor [path]             Combined health check: lint + conflict analysis + summary.
+  summary                   Aggregate rule-fire counts per rule over a time window.
+  last-fired                Show the N most recently fired rule-fire audit entries.
   webhook-rotate-token      Rotate the bearer token used for webhook triggers.
   webhook-show-token        Print the current bearer token (creating one if absent).
 
@@ -648,10 +861,15 @@ Exit codes (lint):
     registerSuggest(rules);
     registerLint(rules);
     registerList(rules);
+    registerExplain(rules);
     registerRun(rules);
     registerReload(rules);
     registerTail(rules);
     registerReplay(rules);
+    registerConflicts(rules);
+    registerDoctor(rules);
+    registerSummary(rules);
+    registerLastFired(rules);
     registerWebhookRotateToken(rules);
     registerWebhookShowToken(rules);
 }

package/dist/commands/scenes.js

@@ -121,4 +121,144 @@ Example:
             handleError(error);
         }
     });
+    // switchbot scenes validate [sceneId...]
+    scenes
+        .command('validate')
+        .description('Verify that one or more scenes exist. If no IDs are given, validates all scenes are reachable.')
+        .argument('[sceneId...]', 'Scene IDs to validate (default: all scenes)')
+        .addHelpText('after', `
+Note: SwitchBot API v1.1 does not expose scene steps; validation only confirms
+the scene IDs exist in your account.
+
+Examples:
+  $ switchbot scenes validate
+  $ switchbot scenes validate T12345678 T87654321
+`)
+        .action(async (sceneIds) => {
+        try {
+            const sceneList = await fetchScenes();
+            const sceneMap = new Map(sceneList.map((s) => [s.sceneId, s.sceneName]));
+            const targets = sceneIds.length > 0 ? sceneIds : sceneList.map((s) => s.sceneId);
+            const results = targets.map((id) => ({
+                sceneId: id,
+                sceneName: sceneMap.get(id) ?? null,
+                valid: sceneMap.has(id),
+            }));
+            const allValid = results.every((r) => r.valid);
+            if (isJsonMode()) {
+                printJson({ ok: allValid, results });
+                if (!allValid)
+                    process.exit(1);
+                return;
+            }
+            for (const r of results) {
+                const icon = r.valid ? '✓' : '✗';
+                const label = r.valid ? r.sceneName : '(not found)';
+                console.log(`${icon} ${r.sceneId}  ${label}`);
+            }
+            if (!allValid)
+                process.exit(1);
+        }
+        catch (error) {
+            handleError(error);
+        }
+    });
+    // switchbot scenes simulate <sceneId>
+    scenes
+        .command('simulate')
+        .description('Show what `scenes execute` would do without actually executing the scene.')
+        .argument('<sceneId>', 'Scene ID from "scenes list"')
+        .addHelpText('after', `
+Note: SwitchBot API v1.1 does not expose scene step details. Simulation reports
+the scene name, confirms it exists, and shows the POST that would be issued.
+
+Example:
+  $ switchbot scenes simulate T12345678
+`)
+        .action(async (sceneId) => {
+        try {
+            const sceneList = await fetchScenes();
+            const found = sceneList.find((s) => s.sceneId === sceneId);
+            if (!found) {
+                throw new StructuredUsageError(`scene not found: ${sceneId}`, {
+                    error: 'scene_not_found',
+                    sceneId,
+                    candidates: sceneList.map((s) => ({ sceneId: s.sceneId, sceneName: s.sceneName })),
+                });
+            }
+            const simulation = {
+                sceneId: found.sceneId,
+                sceneName: found.sceneName,
+                wouldSend: { method: 'POST', url: `/v1.1/scenes/${sceneId}/execute` },
+                note: 'SwitchBot API v1.1 does not expose individual scene steps.',
+            };
+            if (isJsonMode()) {
+                printJson({ simulated: true, ...simulation });
+                return;
+            }
+            console.log(`sceneId:   ${simulation.sceneId}`);
+            console.log(`sceneName: ${simulation.sceneName}`);
+            console.log(`wouldSend: ${simulation.wouldSend.method} ${simulation.wouldSend.url}`);
+            console.log(`note:      ${simulation.note}`);
+        }
+        catch (error) {
+            handleError(error);
+        }
+    });
+    // switchbot scenes explain <sceneId>
+    scenes
+        .command('explain')
+        .description('Explain in plain language what a scene does and how to execute it safely.')
+        .argument('<sceneId>', 'Scene ID from "scenes list"')
+        .addHelpText('after', `
+Shows the scene name, action description, risk level, and the exact command to
+run. Unlike "simulate" (which shows raw HTTP detail), "explain" is aimed at a
+human or agent deciding whether to proceed.
+
+Note: SwitchBot API v1.1 does not expose scene step details; risk is reported
+as "low" because scenes only trigger pre-configured automations in the app.
+
+Example:
+  $ switchbot scenes explain T12345678
+`)
+        .action(async (sceneId) => {
+        try {
+            const sceneList = await fetchScenes();
+            const found = sceneList.find((s) => s.sceneId === sceneId);
+            if (!found) {
+                throw new StructuredUsageError(`scene not found: ${sceneId}`, {
+                    error: 'scene_not_found',
+                    sceneId,
+                    candidates: sceneList.map((s) => ({ sceneId: s.sceneId, sceneName: s.sceneName })),
+                });
+            }
+            const explanation = {
+                sceneId: found.sceneId,
+                sceneName: found.sceneName,
+                action: `Trigger scene (POST /v1.1/scenes/${found.sceneId}/execute)`,
+                riskLevel: 'low',
+                idempotent: null,
+                toExecute: `switchbot scenes execute ${found.sceneId}`,
+                dryRun: isDryRun(),
+                note: 'SwitchBot API v1.1 does not expose individual scene steps.',
+            };
+            if (isJsonMode()) {
+                printJson(explanation);
+                return;
+            }
+            console.log(`sceneId:    ${explanation.sceneId}`);
+            console.log(`sceneName:  ${explanation.sceneName}`);
+            console.log(`action:     ${explanation.action}`);
+            console.log(`riskLevel:  ${explanation.riskLevel}`);
+            console.log(`idempotent: unknown (scene steps not exposed by API)`);
+            console.log(`toExecute:  ${explanation.toExecute}`);
+            if (explanation.dryRun) {
+                console.log(`dryRun:     true  (pass --dry-run to execute would be a no-op)`);
+            }
+            console.log(`note:       ${explanation.note}`);
+        }
+        catch (error) {
+            handleError(error);
+        }
+    });
 }

package/dist/commands/upgrade-check.js

@@ -0,0 +1,107 @@
+import { createRequire } from 'node:module';
+import https from 'node:https';
+import { isJsonMode, printJson } from '../utils/output.js';
+import chalk from 'chalk';
+const require = createRequire(import.meta.url);
+const { name: pkgName, version: currentVersion } = require('../../package.json');
+function fetchLatestVersion(packageName, timeoutMs = 8000) {
+    const encoded = packageName.replace('/', '%2F');
+    // /latest is shorthand for dist-tags.latest — always the current stable
+    // release tag, never a prerelease unless accidentally published as such.
+    const url = `https://registry.npmjs.org/${encoded}/latest`;
+    return new Promise((resolve, reject) => {
+        const req = https.get(url, { timeout: timeoutMs }, (res) => {
+            const chunks = [];
+            res.on('data', (c) => chunks.push(c));
+            res.on('end', () => {
+                try {
+                    const body = JSON.parse(Buffer.concat(chunks).toString('utf-8'));
+                    if (typeof body.version === 'string')
+                        resolve(body.version);
+                    else
+                        reject(new Error('version field missing from registry response'));
+                }
+                catch (err) {
+                    reject(err);
+                }
+            });
+        });
+        req.on('timeout', () => { req.destroy(); reject(new Error(`registry request timed out after ${timeoutMs}ms`)); });
+        req.on('error', reject);
+    });
+}
+// Intentionally avoids the `semver` npm package (YAGNI): comparing two
+// well-formed registry version strings needs only these 10 lines, and adding
+// a runtime dep solely for version comparison would bloat install footprint.
+function semverGt(a, b) {
+    const numParts = (v) => v.replace(/-.*$/, '').split('.').map((n) => Number.parseInt(n, 10));
+    const [aMaj, aMin, aPat] = numParts(a);
+    const [bMaj, bMin, bPat] = numParts(b);
+    if (aMaj !== bMaj)
+        return aMaj > bMaj;
+    if (aMin !== bMin)
+        return aMin > bMin;
+    if (aPat !== bPat)
+        return aPat > bPat;
+    // Same numeric version: release (no prerelease) > prerelease
+    return !a.includes('-') && b.includes('-');
+}
+export function registerUpgradeCheckCommand(program) {
+    program
+        .command('upgrade-check')
+        .description('Check whether a newer version of this CLI is available on npm.')
+        .option('--timeout <ms>', 'Registry request timeout in milliseconds (default: 8000)', (v) => Number.parseInt(v, 10))
+        .action(async (opts) => {
+        let latestVersion;
+        try {
+            latestVersion = await fetchLatestVersion(pkgName, opts.timeout ?? 8000);
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            if (isJsonMode()) {
+                printJson({ ok: false, error: msg, current: currentVersion });
+            }
+            else {
+                console.error(chalk.red(`upgrade-check failed: ${msg}`));
+            }
+            process.exit(1);
+        }
+        const upToDate = !semverGt(latestVersion, currentVersion);
+        const currentMajor = Number.parseInt(currentVersion.split('.')[0], 10);
+        const latestMajor = Number.parseInt(latestVersion.split('.')[0], 10);
+        if (latestVersion.includes('-')) {
+            const msg = `Latest registry version (${latestVersion}) is a prerelease — skipping update check.`;
+            if (isJsonMode()) {
+                printJson({
+                    current: currentVersion, latest: latestVersion, upToDate: true,
+                    updateAvailable: false, breakingChange: false, installCommand: null,
+                    note: msg,
+                });
+            }
+            else {
+                console.log(`${chalk.green('✓')} You are running the latest stable version (${currentVersion}). Registry latest (${latestVersion}) is a prerelease — skipping.`);
+            }
+            return;
+        }
+        const result = {
+            current: currentVersion,
+            latest: latestVersion,
+            upToDate,
+            updateAvailable: !upToDate,
+            breakingChange: latestMajor > currentMajor,
+            installCommand: upToDate ? null : `npm install -g ${pkgName}@${latestVersion}`,
+        };
+        if (isJsonMode()) {
+            printJson(result);
+            return;
+        }
+        if (upToDate) {
+            console.log(`${chalk.green('✓')} You are running the latest version (${currentVersion}).`);
+        }
+        else {
+            console.log(`${chalk.yellow('!')} Update available: ${chalk.bold(currentVersion)} → ${chalk.bold(latestVersion)}`);
+            console.log(`  Run: ${chalk.cyan(`npm install -g ${pkgName}@${latestVersion}`)}`);
+            process.exit(1);
+        }
+    });
+}

package/dist/index.js

@@ -29,6 +29,9 @@ import { registerAuthCommand } from './commands/auth.js';
 import { registerInstallCommand } from './commands/install.js';
 import { registerUninstallCommand } from './commands/uninstall.js';
 import { registerStatusSyncCommand } from './commands/status-sync.js';
+import { registerHealthCommand } from './commands/health.js';
+import { registerUpgradeCheckCommand } from './commands/upgrade-check.js';
+import { registerDaemonCommand } from './commands/daemon.js';
 import { primeCredentials } from './credentials/prime.js';
 import { getActiveProfile } from './lib/request-context.js';
 const require = createRequire(import.meta.url);
@@ -50,6 +53,7 @@ const TOP_LEVEL_COMMANDS = [
     'config', 'devices', 'scenes', 'webhook', 'completion', 'mcp',
     'quota', 'catalog', 'cache', 'events', 'doctor', 'schema',
     'history', 'plan', 'capabilities', 'agent-bootstrap', 'install', 'uninstall', 'status-sync',
+    'health', 'upgrade-check', 'daemon',
 ];
 const cacheModeArg = (value) => {
     if (value.startsWith('-')) {
@@ -108,6 +112,9 @@ registerAuthCommand(program);
 registerInstallCommand(program);
 registerUninstallCommand(program);
 registerStatusSyncCommand(program);
+registerHealthCommand(program);
+registerUpgradeCheckCommand(program);
+registerDaemonCommand(program);
 // Prime keychain-stored credentials before any command runs. This is a
 // best-effort probe: failures are silently swallowed inside primeCredentials,
 // so the existing file-based path remains the safety net. We probe once per

package/dist/lib/daemon-state.js

@@ -0,0 +1,46 @@
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+function getStateDir() {
+    return path.join(os.homedir(), '.switchbot');
+}
+function getDaemonPidFile() {
+    return path.join(getStateDir(), 'daemon.pid');
+}
+function getDaemonLogFile() {
+    return path.join(getStateDir(), 'daemon.log');
+}
+function getDaemonStateFile() {
+    return path.join(getStateDir(), 'daemon.state.json');
+}
+function getHealthzPidFile() {
+    return path.join(getStateDir(), 'healthz.pid');
+}
+export const DAEMON_PID_FILE = getDaemonPidFile();
+export const DAEMON_LOG_FILE = getDaemonLogFile();
+export const DAEMON_STATE_FILE = getDaemonStateFile();
+export const HEALTHZ_PID_FILE = getHealthzPidFile();
+function ensureStateDir() {
+    fs.mkdirSync(getStateDir(), { recursive: true, mode: 0o700 });
+}
+export function writeDaemonState(state) {
+    ensureStateDir();
+    fs.writeFileSync(getDaemonStateFile(), JSON.stringify(state, null, 2), { mode: 0o600 });
+}
+export function readDaemonState() {
+    try {
+        const raw = fs.readFileSync(getDaemonStateFile(), 'utf-8');
+        return JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+}
+export function removeDaemonState() {
+    try {
+        fs.unlinkSync(getDaemonStateFile());
+    }
+    catch {
+        // best effort
+    }
+}

package/dist/lib/destructive-mode.js

@@ -0,0 +1,12 @@
+import { getActiveProfile } from './request-context.js';
+const DIRECT_DESTRUCTIVE_PROFILES = new Set(['dev', 'development']);
+export function allowsDirectDestructiveExecution(profile = getActiveProfile()) {
+    if (process.env.SWITCHBOT_ALLOW_DIRECT_DESTRUCTIVE === '1')
+        return true;
+    if (!profile)
+        return false;
+    return DIRECT_DESTRUCTIVE_PROFILES.has(profile.toLowerCase());
+}
+export function destructiveExecutionHint() {
+    return "Use 'switchbot plan save <file>' -> 'switchbot plan review <planId>' -> 'switchbot plan approve <planId>' -> 'switchbot plan execute <planId>' instead.";
+}

package/dist/lib/devices.js

@@ -101,6 +101,7 @@ export async function executeCommand(deviceId, cmd, parameter, commandType, clie
         parameter,
         commandType,
         dryRun: isDryRun(),
+        ...(options?.planId ? { planId: options.planId } : {}),
     };
     // Wrap in idempotency cache if key is provided
     const execute = async () => {