@switchbot/openapi-cli 3.1.0 → 3.2.0

package/dist/utils/output.js

@@ -1,404 +0,0 @@
-import Table from 'cli-table3';
-import chalk from 'chalk';
-import { ApiError, DryRunSignal } from '../api/client.js';
-import { getFormat, getTableStyle } from './flags.js';
-export const SCHEMA_VERSION = '1.1';
-export function isJsonMode() {
-    return process.argv.includes('--json') || getFormat() === 'json';
-}
-export function printJson(data) {
-    console.log(JSON.stringify({ schemaVersion: SCHEMA_VERSION, data }, null, 2));
-}
-/**
- * Emit a structured JSON error envelope on stdout.
- *
- * Bug #SYS-1: Under `--json`, both success and error payloads must share
- * the same output channel (stdout) so a single `cli --json ... | jq` pipe
- * can decode either shape. Use this helper everywhere that previously
- * called `console.error(JSON.stringify({ error: ... }))` in --json mode.
- *
- * The envelope is always `{ schemaVersion, error }` — callers pass only the
- * error payload. Also emits a brief human-readable line on stderr when a
- * TTY is attached, so interactive runs still see the failure.
- */
-export function emitJsonError(errorPayload) {
-    console.log(JSON.stringify({ schemaVersion: SCHEMA_VERSION, error: errorPayload }));
-    if (process.stderr.isTTY) {
-        const msg = typeof errorPayload.message === 'string' ? errorPayload.message : 'Error';
-        console.error(chalk.red(msg));
-    }
-}
-/**
- * P7: emit the stream-header first line for any NDJSON/streaming command
- * running under `--json`. Downstream JSON consumers can key on
- * `{ stream: true }` to distinguish the header from subsequent event
- * lines, and on `eventKind` / `cadence` to pick a parser strategy.
- *
- * Non-streaming commands (single-object / array output) do NOT emit this
- * header — only watch / events tail / events mqtt-tail.
- */
-export function emitStreamHeader(opts) {
-    console.log(JSON.stringify({
-        schemaVersion: '1',
-        stream: true,
-        eventKind: opts.eventKind,
-        cadence: opts.cadence,
-    }));
-}
-export function exitWithError(messageOrOpts) {
-    const opts = typeof messageOrOpts === 'string' ? { message: messageOrOpts } : messageOrOpts;
-    const { message, kind = 'usage', code = 2, hint, context, extra } = opts;
-    if (isJsonMode()) {
-        const payload = { code, kind, message };
-        if (hint)
-            payload.hint = hint;
-        if (context)
-            payload.context = context;
-        if (extra)
-            Object.assign(payload, extra);
-        emitJsonError(payload);
-    }
-    else {
-        console.error(message);
-        if (hint)
-            console.error(hint);
-    }
-    process.exit(code);
-}
-function escapeMarkdownCell(s) {
-    // Pipes break markdown table layout; backslash-escape them. Collapse
-    // newlines into <br> so each row stays on one line.
-    return s.replace(/\|/g, '\\|').replace(/\r?\n/g, '<br>');
-}
-function formatCell(cell, style) {
-    if (cell === null || cell === undefined)
-        return style === 'markdown' ? '—' : chalk.grey('—');
-    if (typeof cell === 'boolean') {
-        if (style === 'markdown')
-            return cell ? 'Yes' : 'No';
-        return cell ? chalk.green('✓') : chalk.red('✗');
-    }
-    return String(cell);
-}
-function renderMarkdownTable(headers, rows) {
-    if (rows.length === 0) {
-        return '_(empty)_';
-    }
-    const head = `| ${headers.map(escapeMarkdownCell).join(' | ')} |`;
-    const sep = `| ${headers.map(() => '---').join(' | ')} |`;
-    const body = rows.map((r) => `| ${r
-        .map((c) => escapeMarkdownCell(formatCell(c, 'markdown')))
-        .join(' | ')} |`);
-    return [head, sep, ...body].join('\n');
-}
-function renderSimpleTable(headers, rows) {
-    const widths = headers.map((h, i) => Math.max(h.length, ...rows.map((r) => String(formatCell(r[i], 'simple')).length)));
-    const fmt = (cells) => cells.map((c, i) => c.padEnd(widths[i])).join('  ').trimEnd();
-    return [
-        fmt(headers),
-        ...rows.map((r) => fmt(r.map((c) => String(formatCell(c, 'simple'))))),
-    ].join('\n');
-}
-const ASCII_BORDER_CHARS = {
-    top: '-', 'top-mid': '+', 'top-left': '+', 'top-right': '+',
-    bottom: '-', 'bottom-mid': '+', 'bottom-left': '+', 'bottom-right': '+',
-    left: '|', 'left-mid': '+', mid: '-', 'mid-mid': '+',
-    right: '|', 'right-mid': '+', middle: '|',
-};
-export function printTable(headers, rows, styleOverride) {
-    const style = styleOverride ?? getTableStyle();
-    if (style === 'markdown') {
-        console.log(renderMarkdownTable(headers, rows));
-        return;
-    }
-    if (style === 'simple') {
-        console.log(renderSimpleTable(headers, rows));
-        return;
-    }
-    const tableOpts = {
-        head: headers.map((h) => (style === 'ascii' ? h : chalk.cyan(h))),
-        style: style === 'ascii' ? { border: [], head: [] } : { border: ['grey'] },
-    };
-    if (style === 'ascii') {
-        tableOpts.chars = ASCII_BORDER_CHARS;
-    }
-    const table = new Table(tableOpts);
-    for (const row of rows) {
-        table.push(row.map((cell) => formatCell(cell, style)));
-    }
-    console.log(table.toString());
-}
-export function printKeyValue(data) {
-    const style = getTableStyle();
-    if (style === 'markdown') {
-        const entries = Object.entries(data).filter(([, v]) => v !== null && v !== undefined);
-        const rows = entries.map(([k, v]) => [k, typeof v === 'object' ? JSON.stringify(v) : String(v)]);
-        console.log(renderMarkdownTable(['Key', 'Value'], rows));
-        return;
-    }
-    if (style === 'simple') {
-        for (const [key, value] of Object.entries(data)) {
-            if (value === null || value === undefined)
-                continue;
-            const displayValue = typeof value === 'object' ? JSON.stringify(value) : String(value);
-            console.log(`${key}  ${displayValue}`);
-        }
-        return;
-    }
-    const tableOpts = {
-        style: style === 'ascii' ? { border: [], head: [] } : { border: ['grey'] },
-    };
-    if (style === 'ascii') {
-        tableOpts.chars = ASCII_BORDER_CHARS;
-    }
-    const table = new Table(tableOpts);
-    for (const [key, value] of Object.entries(data)) {
-        if (value === null || value === undefined)
-            continue;
-        const displayValue = typeof value === 'object' ? JSON.stringify(value) : String(value);
-        const keyLabel = style === 'ascii' ? key : chalk.cyan(key);
-        table.push({ [keyLabel]: displayValue });
-    }
-    console.log(table.toString());
-}
-export class UsageError extends Error {
-    constructor(message) {
-        super(message);
-        this.name = 'UsageError';
-    }
-}
-export class StructuredUsageError extends Error {
-    context;
-    constructor(message, context) {
-        super(message);
-        this.context = context;
-        this.name = 'StructuredUsageError';
-    }
-}
-function classifyApiError(code) {
-    switch (code) {
-        case 151:
-        case 160:
-        case 3005: return 'command-not-supported';
-        case 152: return 'device-not-found';
-        case 161:
-        case 171: return 'device-offline';
-        case 190: return 'device-internal-error';
-        case 401: return 'auth-failed';
-        case 429: return 'quota-exceeded';
-        default: return 'unknown-api-error';
-    }
-}
-export function buildErrorPayload(error) {
-    if (error instanceof StructuredUsageError) {
-        const payload = {
-            code: 2,
-            kind: 'usage',
-            message: error.message,
-            errorClass: 'usage',
-            transient: false,
-        };
-        if (error.context) {
-            const ctx = error.context;
-            const { error: errorType, candidates, hint } = ctx;
-            if (errorType === 'ambiguous_name_match') {
-                payload.subKind = 'ambiguous-name-match';
-            }
-            if (Array.isArray(candidates) && candidates.length > 0) {
-                const normalized = candidates
-                    .map((c) => {
-                    if (typeof c !== 'object' || c === null)
-                        return null;
-                    const o = c;
-                    const name = typeof o.name === 'string' ? o.name
-                        : typeof o.sceneName === 'string' ? o.sceneName
-                            : '';
-                    const match = { name };
-                    if (typeof o.deviceId === 'string')
-                        match.deviceId = o.deviceId;
-                    if (typeof o.sceneId === 'string')
-                        match.sceneId = o.sceneId;
-                    return match;
-                })
-                    .filter((c) => c !== null && c.name.length > 0);
-                if (normalized.length > 0)
-                    payload.candidateMatches = normalized;
-            }
-            if (typeof hint === 'string') {
-                payload.resolutionHint = hint;
-            }
-            // Preserve full context for backward compatibility (including candidates / hint).
-            payload.context = ctx;
-        }
-        return payload;
-    }
-    if (error instanceof UsageError) {
-        return { code: 2, kind: 'usage', message: error.message, errorClass: 'usage', transient: false };
-    }
-    // Idempotency conflict → exit 2 with kind:guard so scripts can react.
-    if (error instanceof Error && error.name === 'IdempotencyConflictError') {
-        return {
-            code: 2,
-            kind: 'guard',
-            message: error.message,
-            errorClass: 'guard',
-            transient: false,
-            context: {
-                existingShape: error.existingShape,
-                newShape: error.newShape,
-            },
-        };
-    }
-    // Local daily-cap refusal → exit 2 (usage-style refusal before touching net).
-    if (error instanceof Error && error.name === 'DailyCapExceededError') {
-        return {
-            code: 2,
-            kind: 'guard',
-            message: error.message,
-            errorClass: 'guard',
-            transient: false,
-            context: {
-                cap: error.cap,
-                total: error.total,
-                profile: error.profile,
-            },
-        };
-    }
-    const code = error instanceof ApiError ? error.code : 1;
-    const kind = error instanceof ApiError ? 'api' : 'runtime';
-    const message = error instanceof Error ? error.message : 'An unknown error occurred';
-    const hint = error instanceof ApiError ? (error.hint ?? errorHint(error.code)) : null;
-    const retryable = error instanceof ApiError ? error.retryable : false;
-    const retryAfterMs = error instanceof ApiError ? error.retryAfterMs : undefined;
-    const transient = error instanceof ApiError ? error.transient : false;
-    // Classify error
-    let errorClass = 'api';
-    if (kind === 'runtime') {
-        errorClass = 'api';
-    }
-    else if (transient && code >= 500) {
-        errorClass = 'api';
-    }
-    else if (code === 0) {
-        errorClass = 'network';
-    }
-    else if (code >= 400) {
-        errorClass = 'api';
-    }
-    const payload = { code, kind, message, errorClass, transient };
-    if (error instanceof ApiError)
-        payload.subKind = classifyApiError(error.code);
-    if (hint)
-        payload.hint = hint;
-    if (retryable)
-        payload.retryable = true;
-    if (retryAfterMs !== undefined)
-        payload.retryAfterMs = retryAfterMs;
-    return payload;
-}
-export function handleError(error) {
-    if (error instanceof DryRunSignal) {
-        process.exit(0);
-    }
-    const payload = buildErrorPayload(error);
-    if (isJsonMode()) {
-        // Bug #SYS-1: Under --json, route the structured envelope to stdout so
-        // `cli --json ... | jq` pipelines can decode the error shape exactly
-        // the same way they decode success. Previously it went to stderr, which
-        // silently broke every error-path pipeline. TTY users still get a
-        // terse human-readable line on stderr so interactive runs don't look
-        // like the process simply exited.
-        console.log(JSON.stringify({ schemaVersion: SCHEMA_VERSION, error: payload }));
-        if (process.stderr.isTTY) {
-            console.error(chalk.red(payload.message));
-        }
-        process.exit(payload.code === 2 ? 2 : 1);
-    }
-    if (payload.kind === 'usage') {
-        console.error(payload.message);
-        if (Array.isArray(payload.candidateMatches) && payload.candidateMatches.length > 0) {
-            const names = payload.candidateMatches
-                .map((c) => {
-                const id = c.deviceId ?? c.sceneId;
-                if (c.name && id)
-                    return `${c.name} (${id})`;
-                return c.name ?? id ?? JSON.stringify(c);
-            })
-                .slice(0, 6);
-            console.error(`Did you mean: ${names.join(', ')}?`);
-        }
-        else {
-            const ctx = payload.context;
-            if (ctx && Array.isArray(ctx.candidates) && ctx.candidates.length > 0) {
-                const names = ctx.candidates
-                    .map((c) => {
-                    if (typeof c === 'string')
-                        return c;
-                    if (c && typeof c === 'object') {
-                        const o = c;
-                        const name = typeof o.name === 'string'
-                            ? o.name
-                            : typeof o.sceneName === 'string' ? o.sceneName : undefined;
-                        const id = typeof o.deviceId === 'string'
-                            ? o.deviceId
-                            : typeof o.sceneId === 'string' ? o.sceneId : typeof o.id === 'string' ? o.id : undefined;
-                        if (name && id)
-                            return `${name} (${id})`;
-                        return name ?? id ?? JSON.stringify(c);
-                    }
-                    return String(c);
-                })
-                    .slice(0, 6);
-                console.error(`Did you mean: ${names.join(', ')}?`);
-            }
-        }
-        if (payload.resolutionHint) {
-            console.error(payload.resolutionHint);
-        }
-        else {
-            const ctx = payload.context;
-            if (ctx && typeof ctx.hint === 'string') {
-                console.error(ctx.hint);
-            }
-        }
-        process.exit(2);
-    }
-    if (payload.kind === 'guard') {
-        console.error(chalk.yellow(`Guard: ${payload.message}`));
-        process.exit(payload.code === 2 ? 2 : 1);
-    }
-    if (error instanceof ApiError) {
-        console.error(chalk.red(`Error (code ${error.code}): ${payload.message}`));
-        if (payload.hint)
-            console.error(chalk.grey(`Hint: ${payload.hint}`));
-    }
-    else if (error instanceof Error) {
-        console.error(chalk.red(`Error: ${payload.message}`));
-    }
-    else {
-        console.error(chalk.red('An unknown error occurred'));
-    }
-    process.exit(1);
-}
-function errorHint(code) {
-    switch (code) {
-        case 152:
-            return "Check the deviceId with 'switchbot devices list' (IDs are case-sensitive).";
-        case 160:
-            return "Run 'switchbot devices describe <deviceId>' to see which commands this device supports.";
-        case 161:
-            return 'BLE-only devices require a Hub. Check the hub connection and Wi-Fi.';
-        case 171:
-            return 'The Hub itself is offline — check its power and Wi-Fi.';
-        case 190:
-            return 'SwitchBot API code 190 is a generic internal error. Common causes: invalid deviceId, unsupported command/parameter, or the endpoint does not apply (e.g., "webhook query" with no webhook configured). Verify with --verbose.';
-        case 401:
-            return "Re-run 'switchbot config set-token <token> <secret>', or verify SWITCHBOT_TOKEN / SWITCHBOT_SECRET.";
-        case 429:
-            return 'Daily quota is 10,000 requests/account — retry after midnight UTC.';
-        case 3005:
-            return "SwitchBot rejected the command as invalid for this specific device model. For IR remotes, this often means the command works only on --type customize (user-learned buttons). Try 'switchbot devices commands <type>' or check the device's capabilities.";
-        default:
-            return null;
-    }
-}

package/dist/utils/quota.js

@@ -1,227 +0,0 @@
-/**
- * Local quota counter. Tracks the SwitchBot 10k/day request budget so the
- * CLI (and any AI agent) can check "how many calls have I already burned?"
- * without pinging the API.
- *
- * Shape (`~/.switchbot/quota.json`):
- *   {
- *     "days": {
- *       "2026-04-18": {
- *         "total": 42,
- *         "endpoints": {
- *           "GET /v1.1/devices": 3,
- *           "GET /v1.1/devices/:id/status": 27,
- *           "POST /v1.1/devices/:id/commands": 12
- *         }
- *       }
- *     }
- *   }
- *
- * We keep the last 7 days to bound the file size and give a short-term
- * trend. Writes are fire-and-forget — a failed write never breaks the
- * actual API call.
- */
-import fs from 'node:fs';
-import path from 'node:path';
-import os from 'node:os';
-export const DAILY_QUOTA = 10_000;
-const MAX_RETAINED_DAYS = 7;
-const FLUSH_DELAY_MS = 250;
-let quotaCache = null;
-let loadedPath = null;
-let dirty = false;
-let flushTimer = null;
-let flushHooksRegistered = false;
-function quotaFilePath() {
-    return path.join(os.homedir(), '.switchbot', 'quota.json');
-}
-function today(now = new Date()) {
-    // Local date, not UTC — SwitchBot's quota window is loose but users
-    // reason about "today" in their own timezone.
-    const y = now.getFullYear();
-    const m = String(now.getMonth() + 1).padStart(2, '0');
-    const d = String(now.getDate()).padStart(2, '0');
-    return `${y}-${m}-${d}`;
-}
-function emptyFile() {
-    return { days: {} };
-}
-function loadQuotaFromDisk(file) {
-    if (!fs.existsSync(file))
-        return emptyFile();
-    try {
-        const raw = fs.readFileSync(file, 'utf-8');
-        const parsed = JSON.parse(raw);
-        if (!parsed || typeof parsed !== 'object' || !parsed.days)
-            return emptyFile();
-        return parsed;
-    }
-    catch {
-        return emptyFile();
-    }
-}
-function saveQuota(data, file = quotaFilePath()) {
-    const dir = path.dirname(file);
-    try {
-        if (!fs.existsSync(dir))
-            fs.mkdirSync(dir, { recursive: true });
-        fs.writeFileSync(file, JSON.stringify(data, null, 2));
-    }
-    catch {
-        // swallow: counting is best-effort, must not break a real API call
-    }
-}
-function clearScheduledFlush() {
-    if (flushTimer) {
-        clearTimeout(flushTimer);
-        flushTimer = null;
-    }
-}
-function syncLoadedQuota() {
-    const file = quotaFilePath();
-    if (loadedPath !== file) {
-        clearScheduledFlush();
-        quotaCache = loadQuotaFromDisk(file);
-        loadedPath = file;
-        dirty = false;
-    }
-    if (!quotaCache) {
-        quotaCache = loadQuotaFromDisk(file);
-        loadedPath = file;
-    }
-    return quotaCache;
-}
-function ensureFlushHooks() {
-    if (flushHooksRegistered)
-        return;
-    flushHooksRegistered = true;
-    process.on('beforeExit', () => flushQuota());
-    process.on('exit', () => flushQuota());
-    // SIGINT/SIGTERM: attaching a listener suppresses Node's default terminate.
-    // Flush the counter, then re-raise the conventional exit code (128 + signo).
-    process.on('SIGINT', () => {
-        flushQuota();
-        process.exit(130);
-    });
-    process.on('SIGTERM', () => {
-        flushQuota();
-        process.exit(143);
-    });
-}
-function scheduleFlush() {
-    dirty = true;
-    ensureFlushHooks();
-    if (flushTimer)
-        return;
-    flushTimer = setTimeout(() => {
-        flushTimer = null;
-        flushQuota();
-    }, FLUSH_DELAY_MS);
-    flushTimer.unref?.();
-}
-export function loadQuota() {
-    return syncLoadedQuota();
-}
-function prune(data) {
-    const keys = Object.keys(data.days).sort();
-    if (keys.length <= MAX_RETAINED_DAYS)
-        return data;
-    const keep = keys.slice(keys.length - MAX_RETAINED_DAYS);
-    const next = { days: {} };
-    for (const k of keep)
-        next.days[k] = data.days[k];
-    return next;
-}
-/**
- * Normalise a full URL into a SwitchBot-style endpoint pattern. The segment
- * immediately after `devices` or `scenes` is collapsed to `:id` so we can
- * bucket by endpoint shape rather than by specific deviceId/sceneId.
- */
-export function normaliseEndpoint(method, url) {
-    const m = (method || 'GET').toUpperCase();
-    let pathOnly = url;
-    try {
-        const parsed = new URL(url);
-        pathOnly = parsed.pathname;
-    }
-    catch {
-        const q = url.indexOf('?');
-        if (q !== -1)
-            pathOnly = url.slice(0, q);
-    }
-    const segments = pathOnly.split('/');
-    for (let i = 0; i < segments.length - 1; i++) {
-        if (segments[i] === 'devices' || segments[i] === 'scenes') {
-            // Only collapse when the next segment looks like an id (not another
-            // API verb); the SwitchBot API uses lower-case keywords elsewhere,
-            // but guard against future collisions.
-            const next = segments[i + 1];
-            if (next && next.length > 0) {
-                segments[i + 1] = ':id';
-            }
-        }
-    }
-    return `${m} ${segments.join('/')}`;
-}
-/** Record a single request. Bucketed by local-date + endpoint pattern. */
-export function recordRequest(method, url, now = new Date()) {
-    const key = today(now);
-    const endpoint = normaliseEndpoint(method, url);
-    const data = syncLoadedQuota();
-    const bucket = data.days[key] ?? { total: 0, endpoints: {} };
-    bucket.total += 1;
-    bucket.endpoints[endpoint] = (bucket.endpoints[endpoint] ?? 0) + 1;
-    data.days[key] = bucket;
-    quotaCache = prune(data);
-    scheduleFlush();
-}
-export function flushQuota() {
-    if (!dirty)
-        return;
-    const data = syncLoadedQuota();
-    saveQuota(prune(data));
-    dirty = false;
-}
-export function resetQuotaState() {
-    clearScheduledFlush();
-    quotaCache = null;
-    loadedPath = null;
-    dirty = false;
-}
-export function resetQuota() {
-    resetQuotaState();
-    const file = quotaFilePath();
-    try {
-        if (fs.existsSync(file))
-            fs.unlinkSync(file);
-    }
-    catch {
-        // ignore
-    }
-}
-/** Return today's usage (convenience for `quota status`). */
-export function todayUsage(now = new Date()) {
-    const key = today(now);
-    const data = loadQuota();
-    const bucket = data.days[key] ?? { total: 0, endpoints: {} };
-    return {
-        date: key,
-        total: bucket.total,
-        remaining: Math.max(0, DAILY_QUOTA - bucket.total),
-        endpoints: { ...bucket.endpoints },
-    };
-}
-/**
- * Check whether today's call count is at or over the given cap. Returns the
- * current counter either way so callers can render a helpful refusal message.
- * Undefined cap → returns { over: false } without loading anything.
- */
-export function checkDailyCap(dailyCap, now = new Date()) {
-    const date = today(now);
-    if (!dailyCap || dailyCap <= 0) {
-        return { over: false, total: 0, date };
-    }
-    const data = loadQuota();
-    const total = data.days[date]?.total ?? 0;
-    return { over: total >= dailyCap, total, cap: dailyCap, date };
-}

package/dist/utils/redact.js

@@ -1,68 +0,0 @@
-/**
- * Header/value redaction utilities for verbose traces.
- *
- * C6 contract: any header whose name matches a sensitive pattern is mid-masked
- * (first 2 chars + `*` run + last 2 chars) before it is written to stderr. The
- * `--trace-unsafe` flag turns masking off — with a prominent one-time warning.
- */
-import { isTraceUnsafe } from './flags.js';
-const SENSITIVE_HEADER_PATTERNS = [
-    /^authorization$/i,
-    /^token$/i,
-    /^sign$/i,
-    /^nonce$/i,
-    /^x-api-key$/i,
-    /^cookie$/i,
-    /^set-cookie$/i,
-    /^x-auth-token$/i,
-];
-// The `t` header (timestamp) is treated as sensitive alongside sign because
-// together they reconstruct the HMAC signature — anyone watching the logs
-// shouldn't be able to replay the exact timestamp that was used.
-const SENSITIVE_EXACT_KEYS = new Set(['t']);
-export function isSensitiveHeader(name) {
-    if (SENSITIVE_EXACT_KEYS.has(name))
-        return true;
-    return SENSITIVE_HEADER_PATTERNS.some((re) => re.test(name));
-}
-export function maskValue(value) {
-    if (value.length <= 4)
-        return '****';
-    return `${value.slice(0, 2)}${'*'.repeat(Math.max(4, value.length - 4))}${value.slice(-2)}`;
-}
-/**
- * Redact the sensitive entries of a headers object. Returns a new object
- * alongside the count of entries that were masked.
- */
-export function redactHeaders(headers) {
-    const safe = {};
-    let redactedCount = 0;
-    if (!headers)
-        return { safe, redactedCount };
-    const unsafe = isTraceUnsafe();
-    for (const [k, v] of Object.entries(headers)) {
-        const strVal = typeof v === 'string' ? v : v == null ? '' : String(v);
-        if (!unsafe && isSensitiveHeader(k)) {
-            safe[k] = maskValue(strVal);
-            redactedCount++;
-        }
-        else {
-            safe[k] = strVal;
-        }
-    }
-    return { safe, redactedCount };
-}
-let unsafeBannerShown = false;
-/**
- * Print the big "REDACTION DISABLED" banner once per process when
- * --trace-unsafe is on. Callers should invoke this once before any
- * header-spilling output.
- */
-export function warnOnceIfUnsafe() {
-    if (unsafeBannerShown)
-        return;
-    if (!isTraceUnsafe())
-        return;
-    unsafeBannerShown = true;
-    process.stderr.write('⚠️  --trace-unsafe: sensitive headers will be printed UNMASKED. Do not share this output.\n');
-}