@tailor-platform/sdk 1.25.1 → 1.25.2

package/dist/{query-D3UyoG68.mjs → query-CRSZGUmD.mjs}

@@ -1,8 +1,8 @@
-import { t as db } from "./schema-Fbfeq9gi.mjs";
-import { $ as AuthSCIMAttribute_Mutability, A as platformBaseUrl, B as TailorDBType_Permission_Permit, C as readPlatformConfig, E as fetchMachineUserToken, F as WorkflowJobExecution_Status, H as PipelineResolver_OperationType, I as TailorDBGQLPermission_Action, J as ExecutorTriggerType, K as ExecutorJobStatus, L as TailorDBGQLPermission_Operator, M as userAgent, N as WorkspacePlatformUserRole, P as WorkflowExecution_Status, Q as AuthOAuth2Client_GrantType, R as TailorDBGQLPermission_Permit, S as loadWorkspaceId, T as fetchAll, U as IdPLang, V as TailorDBType_PermitAction, W as FunctionExecution_Status, X as AuthInvokerSchema, Y as AuthIDPConfig_AuthType, Z as AuthOAuth2Client_ClientType, _ as hashFile, a as loadConfig, at as UserProfileProviderConfig_UserProfileProviderType, b as loadFolderId, ct as Condition_Operator, d as TailorDBTypeSchema, dt as ApplicationSchemaUpdateAttemptStatus, et as AuthSCIMAttribute_Type, f as stringifyFunction, ft as Subgraph_ServiceType, g as getDistDir, h as createBundleCache, ht as symbols, it as TenantProviderConfig_TenantProviderType, j as resolveStaticWebsiteUrls, k as initOperatorClient, l as OAuth2ClientSchema, lt as FilterSchema, m as loadFilesWithIgnores, mt as styles, n as generatePluginFilesIfNeeded, nt as AuthSCIMConfig_AuthorizationType, ot as GetApplicationSchemaHealthResponse_ApplicationSchemaHealthStatus, p as tailorUserMap, pt as logger, q as ExecutorTargetType, r as loadApplication, s as createExecutorService, st as ConditionSchema, t as defineApplication, tt as AuthSCIMAttribute_Uniqueness, ut as PageDirection, w as writePlatformConfig, x as loadOrganizationId, y as loadAccessToken, z as TailorDBType_Permission_Operator } from "./application-iRp2OYMz.mjs";
-import { t as readPackageJson } from "./package-json-DnbGCOkg.mjs";
-import { r as withSpan } from "./telemetry-d_lgTL33.mjs";
-import { arg, defineCommand, runCommand } from "politty";
+import { t as db } from "./schema-BePzTFBV.mjs";
+import { $ as AuthSCIMAttribute_Uniqueness, A as userAgent, B as PipelineResolver_OperationType, C as fetchAll, D as initOperatorClient, F as TailorDBGQLPermission_Operator, G as ExecutorTargetType, H as FunctionExecution_Status, I as TailorDBGQLPermission_Permit, J as AuthInvokerSchema, K as ExecutorTriggerType, L as TailorDBType_Permission_Operator, M as WorkflowExecution_Status, N as WorkflowJobExecution_Status, O as platformBaseUrl, P as TailorDBGQLPermission_Action, Q as AuthSCIMAttribute_Type, R as TailorDBType_Permission_Permit, S as writePlatformConfig, V as IdPLang, W as ExecutorJobStatus, X as AuthOAuth2Client_GrantType, Y as AuthOAuth2Client_ClientType, Z as AuthSCIMAttribute_Mutability, _ as hashFile, a as loadConfig, at as ConditionSchema, b as loadWorkspaceId, ct as PageDirection, d as TailorDBTypeSchema, dt as logger, et as AuthSCIMConfig_AuthorizationType, f as stringifyFunction, ft as styles, g as getDistDir, h as createBundleCache, it as GetApplicationSchemaHealthResponse_ApplicationSchemaHealthStatus, j as WorkspacePlatformUserRole, k as resolveStaticWebsiteUrls, l as OAuth2ClientSchema, lt as ApplicationSchemaUpdateAttemptStatus, m as loadFilesWithIgnores, n as generatePluginFilesIfNeeded, nt as TenantProviderConfig_TenantProviderType, ot as Condition_Operator, p as tailorUserMap, pt as symbols, q as AuthIDPConfig_AuthType, r as loadApplication, rt as UserProfileProviderConfig_UserProfileProviderType, s as createExecutorService, st as FilterSchema, t as defineApplication, ut as Subgraph_ServiceType, w as fetchMachineUserToken, x as readPlatformConfig, y as loadAccessToken, z as TailorDBType_PermitAction } from "./application-BGO3TtXi.mjs";
+import { t as readPackageJson } from "./package-json-CVUv8Y9T.mjs";
+import { r as withSpan } from "./telemetry-0w8OupuQ.mjs";
+import { arg, createDefineCommand, defineCommand, runCommand } from "politty";
 import { z } from "zod";
 import * as fs$1 from "node:fs";
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
@@ -34,44 +34,6 @@ import { createInterface } from "node:readline/promises";
 import { astVisitor, parse, toSql } from "pgsql-ast-parser";
 import { parse as parse$1 } from "@0no-co/graphql.web";
 
-//#region src/cli/shared/errors.ts
-/**
-* Format CLI error for output
-* @param error - CLIError instance to format
-* @returns Formatted error message
-*/
-function formatError(error) {
-	const parts = [chalk.red(`Error${error.code ? ` [${error.code}]` : ""}: ${error.message}`)];
-	if (error.details) parts.push(`\n  ${chalk.gray("Details:")} ${error.details}`);
-	if (error.suggestion) parts.push(`\n  ${chalk.cyan("Suggestion:")} ${error.suggestion}`);
-	if (error.command) parts.push(`\n  ${chalk.gray("Help:")} Run \`tailor-sdk ${error.command} --help\` for usage information.`);
-	return parts.join("");
-}
-/**
-* Create a CLI error with formatted output
-* @param options - Options to construct a CLIError
-* @returns Constructed CLIError instance
-*/
-function createCLIError(options) {
-	const error = new Error(options.message);
-	error.name = "CLIError";
-	error.code = options.code;
-	error.details = options.details;
-	error.suggestion = options.suggestion;
-	error.command = options.command;
-	error.format = () => formatError(error);
-	return error;
-}
-/**
-* Type guard to check if an error is a CLIError
-* @param error - Error to check
-* @returns True if the error is a CLIError
-*/
-function isCLIError(error) {
-	return error instanceof Error && error.name === "CLIError";
-}
-
-//#endregion
 //#region src/cli/shared/args.ts
 const unitToMs = {
 	ms: 1,
@@ -151,9 +113,24 @@ const commonArgs = {
 		completion: {
 			type: "file",
 			matcher: [".env.*", ".env"]
+		},
+		effect: (_value, { args }) => {
+			loadEnvFiles(args["env-file"], args["env-file-if-exists"]);
 		}
 	}),
-	verbose: arg(z.boolean().default(false), { description: "Enable verbose logging" })
+	verbose: arg(z.boolean().default(false), {
+		description: "Enable verbose logging",
+		effect: (value) => {
+			verboseMode = value;
+		}
+	}),
+	json: arg(z.boolean().default(false), {
+		alias: "j",
+		description: "Output as JSON",
+		effect: (value) => {
+			logger.jsonMode = value;
+		}
+	})
 };
 /**
 * Arguments for commands that require workspace context
@@ -162,11 +139,13 @@ const workspaceArgs = {
 	"workspace-id": arg(z.string().optional(), {
 		alias: "w",
 		description: "Workspace ID",
+		env: "TAILOR_PLATFORM_WORKSPACE_ID",
 		completion: { type: "none" }
 	}),
 	profile: arg(z.string().optional(), {
 		alias: "p",
 		description: "Workspace profile",
+		env: "TAILOR_PLATFORM_PROFILE",
 		completion: { type: "none" }
 	})
 };
@@ -176,6 +155,7 @@ const workspaceArgs = {
 const configArg = { config: arg(z.string().default("tailor.config.ts"), {
 	alias: "c",
 	description: "Path to SDK config file",
+	env: "TAILOR_PLATFORM_SDK_CONFIG_PATH",
 	completion: {
 		type: "file",
 		extensions: ["ts"]
@@ -195,44 +175,24 @@ const confirmationArgs = { yes: arg(z.boolean().default(false), {
 	alias: "y",
 	description: "Skip confirmation prompts"
 }) };
+let verboseMode = false;
 /**
-* Arguments for JSON output
+* Returns whether verbose mode is enabled.
+* Used by the global cleanup handler which doesn't have access to parsed args.
+* @returns Whether verbose mode is enabled
 */
-const jsonArgs = { json: arg(z.boolean().default(false), {
-	alias: "j",
-	description: "Output as JSON"
-}) };
+function isVerbose() {
+	return verboseMode;
+}
+
+//#endregion
+//#region src/cli/shared/command.ts
 /**
-* Wrapper for command handlers that provides:
-* - Environment file loading
-* - Error handling with formatted output
-* - Exit code management
-* @template T
-* @param handler - Command handler function
-* @returns Wrapped handler
+* defineCommand with global args type (CommonArgsType).
+* Use this for leaf commands with `run` to get type-safe access to global args.
+* Parent commands with only `subCommands` can use `defineCommand` from politty directly.
 */
-const withCommonArgs = (handler) => async (args) => {
-	try {
-		if ("json" in args && typeof args.json === "boolean") logger.jsonMode = args.json;
-		loadEnvFiles(args["env-file"], args["env-file-if-exists"]);
-		const { initTelemetry } = await import("./telemetry-J6dpByo2.mjs");
-		await initTelemetry();
-		await handler(args);
-	} catch (error) {
-		if (isCLIError(error)) {
-			logger.log(error.format());
-			if (args.verbose && error.stack) logger.debug(`\nStack trace:\n${error.stack}`);
-		} else if (error instanceof Error) {
-			logger.error(error.message);
-			if (args.verbose && error.stack) logger.debug(`\nStack trace:\n${error.stack}`);
-		} else logger.error(`Unknown error: ${error}`);
-		process.exit(1);
-	} finally {
-		const { shutdownTelemetry } = await import("./telemetry-J6dpByo2.mjs");
-		await shutdownTelemetry();
-	}
-	process.exit(0);
-};
+const defineAppCommand = createDefineCommand();
 
 //#endregion
 //#region src/cli/commands/api.ts
@@ -267,12 +227,10 @@ async function apiCall(options) {
 		data
 	};
 }
-const apiCommand = defineCommand({
+const apiCommand = defineAppCommand({
 	name: "api",
 	description: "Call Tailor Platform API endpoints directly.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		body: arg(z.string().default("{}"), {
 			alias: "b",
@@ -283,7 +241,7 @@ const apiCommand = defineCommand({
 			description: "API endpoint to call (e.g., 'GetApplication' or 'tailor.v1.OperatorService/GetApplication')"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const result = await apiCall({
 			profile: args.profile,
 			endpoint: args.endpoint,
@@ -291,7 +249,7 @@ const apiCommand = defineCommand({
 		});
 		if (args.json) logger.log(JSON.stringify(result.data, null, 2));
 		else logger.log(JSON.stringify(result.data, null, 2));
-	})
+	}
 });
 
 //#endregion
@@ -958,11 +916,11 @@ const sdkNameLabelKey = "sdk-name";
 * @param existingLabels - Existing labels to preserve (optional)
 * @returns Metadata request
 */
-async function buildMetaRequest(trn$7, appName, existingLabels) {
+async function buildMetaRequest(trn, appName, existingLabels) {
 	const packageJson = await readPackageJson();
 	const sdkVersion = packageJson.version ? `v${packageJson.version.replace(/\./g, "-")}` : "unknown";
 	return {
-		trn: trn$7,
+		trn,
 		labels: {
 			...existingLabels ?? {},
 			[sdkNameLabelKey]: appName,
@@ -981,10 +939,10 @@ async function buildMetaRequest(trn$7, appName, existingLabels) {
 * @returns Promise that resolves when applications are applied
 */
 async function applyApplication(client, changeSet, phase = "create-update") {
-	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create$1) => {
-		create$1.request.cors = await resolveStaticWebsiteUrls(client, create$1.request.workspaceId, create$1.request.cors, "CORS");
-		await client.createApplication(create$1.request);
-		await client.setMetadata(create$1.metaRequest);
+	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create) => {
+		create.request.cors = await resolveStaticWebsiteUrls(client, create.request.workspaceId, create.request.cors, "CORS");
+		await client.createApplication(create.request);
+		await client.setMetadata(create.metaRequest);
 	}), ...changeSet.updates.map(async (update) => {
 		update.request.cors = await resolveStaticWebsiteUrls(client, update.request.workspaceId, update.request.cors, "CORS");
 		await client.updateApplication(update.request);
@@ -1043,13 +1001,13 @@ async function planApplication(context) {
 		authNamespace = application.config.auth.name;
 		const idpConfigs = await fetchAll(async (pageToken, maxPageSize) => {
 			try {
-				const { idpConfigs: idpConfigs$1, nextPageToken } = await client.listAuthIDPConfigs({
+				const { idpConfigs, nextPageToken } = await client.listAuthIDPConfigs({
 					workspaceId,
 					namespaceName: authNamespace,
 					pageToken,
 					pageSize: maxPageSize
 				});
-				return [idpConfigs$1, nextPageToken];
+				return [idpConfigs, nextPageToken];
 			} catch (error) {
 				if (error instanceof ConnectError && error.code === Code.NotFound) return [[], ""];
 				throw error;
@@ -1142,23 +1100,23 @@ function idpClientSecretName(namespaceName, clientName) {
 async function applyIdP(client, result, phase = "create-update") {
 	const { changeSet } = result;
 	if (phase === "create-update") {
-		await Promise.all([...changeSet.service.creates.map(async (create$1) => {
-			await client.createIdPService(create$1.request);
-			await client.setMetadata(create$1.metaRequest);
+		await Promise.all([...changeSet.service.creates.map(async (create) => {
+			await client.createIdPService(create.request);
+			await client.setMetadata(create.metaRequest);
 		}), ...changeSet.service.updates.map(async (update) => {
 			await client.updateIdPService(update.request);
 			await client.setMetadata(update.metaRequest);
 		})]);
-		await Promise.all([...changeSet.client.creates.map(async (create$1) => {
-			const resp = await client.createIdPClient(create$1.request);
-			const vaultName = idpClientVaultName(create$1.request.namespaceName, create$1.request.client?.name || "");
-			const secretName = idpClientSecretName(create$1.request.namespaceName, create$1.request.client?.name || "");
+		await Promise.all([...changeSet.client.creates.map(async (create) => {
+			const resp = await client.createIdPClient(create.request);
+			const vaultName = idpClientVaultName(create.request.namespaceName, create.request.client?.name || "");
+			const secretName = idpClientSecretName(create.request.namespaceName, create.request.client?.name || "");
 			await client.createSecretManagerVault({
-				workspaceId: create$1.request.workspaceId,
+				workspaceId: create.request.workspaceId,
 				secretmanagerVaultName: vaultName
 			});
 			await client.createSecretManagerSecret({
-				workspaceId: create$1.request.workspaceId,
+				workspaceId: create.request.workspaceId,
 				secretmanagerVaultName: vaultName,
 				secretmanagerSecretName: secretName,
 				secretmanagerSecretValue: resp.client?.clientSecret
@@ -1346,8 +1304,8 @@ async function planClients(client, workspaceId, idps, deletedServices) {
 		const namespaceName = idp.name;
 		const existingClients = clientsByIdp[i];
 		const existingNameMap = /* @__PURE__ */ new Map();
-		existingClients.forEach((client$1) => {
-			existingNameMap.set(client$1.name, client$1.clientSecret);
+		existingClients.forEach((client) => {
+			existingNameMap.set(client.name, client.clientSecret);
 		});
 		for (const name of idp.clients) if (existingNameMap.has(name)) {
 			changeSet.updates.push({
@@ -1379,13 +1337,13 @@ async function planClients(client, workspaceId, idps, deletedServices) {
 	const deletedClientsByService = await Promise.all(deletedServices.map((namespaceName) => fetchClients(namespaceName)));
 	for (let i = 0; i < deletedServices.length; i++) {
 		const namespaceName = deletedServices[i];
-		deletedClientsByService[i].forEach((client$1) => {
+		deletedClientsByService[i].forEach((client) => {
 			changeSet.deletes.push({
-				name: client$1.name,
+				name: client.name,
 				request: {
 					workspaceId,
 					namespaceName,
-					name: client$1.name
+					name: client.name
 				}
 			});
 		});
@@ -1422,26 +1380,26 @@ function convertGqlOperationsToDisable(gqlOperations) {
 async function applyAuth(client, result, phase = "create-update") {
 	const { changeSet } = result;
 	if (phase === "create-update") {
-		await Promise.all([...changeSet.service.creates.map(async (create$1) => {
-			await client.createAuthService(create$1.request);
-			await client.setMetadata(create$1.metaRequest);
+		await Promise.all([...changeSet.service.creates.map(async (create) => {
+			await client.createAuthService(create.request);
+			await client.setMetadata(create.metaRequest);
 		}), ...changeSet.service.updates.map(async (update) => {
 			await client.updateAuthService(update.request);
 			await client.setMetadata(update.metaRequest);
 		})]);
-		await Promise.all([...changeSet.idpConfig.creates.map(async (create$1) => {
-			if (create$1.idpConfig.kind === "BuiltInIdP") create$1.request.idpConfig.config = await protoBuiltinIdPConfig(client, create$1.request.workspaceId, create$1.idpConfig);
-			return client.createAuthIDPConfig(create$1.request);
+		await Promise.all([...changeSet.idpConfig.creates.map(async (create) => {
+			if (create.idpConfig.kind === "BuiltInIdP") create.request.idpConfig.config = await protoBuiltinIdPConfig(client, create.request.workspaceId, create.idpConfig);
+			return client.createAuthIDPConfig(create.request);
 		}), ...changeSet.idpConfig.updates.map(async (update) => {
 			if (update.idpConfig.kind === "BuiltInIdP") update.request.idpConfig.config = await protoBuiltinIdPConfig(client, update.request.workspaceId, update.idpConfig);
 			return client.updateAuthIDPConfig(update.request);
 		})]);
-		await Promise.all([...changeSet.userProfileConfig.creates.map((create$1) => client.createUserProfileConfig(create$1.request)), ...changeSet.userProfileConfig.updates.map((update) => client.updateUserProfileConfig(update.request))]);
-		await Promise.all([...changeSet.tenantConfig.creates.map((create$1) => client.createTenantConfig(create$1.request)), ...changeSet.tenantConfig.updates.map((update) => client.updateTenantConfig(update.request))]);
-		await Promise.all([...changeSet.machineUser.creates.map((create$1) => client.createAuthMachineUser(create$1.request)), ...changeSet.machineUser.updates.map((update) => client.updateAuthMachineUser(update.request))]);
-		await Promise.all([...changeSet.oauth2Client.creates.map(async (create$1) => {
-			create$1.request.oauth2Client.redirectUris = await resolveStaticWebsiteUrls(client, create$1.request.workspaceId, create$1.request.oauth2Client.redirectUris, "OAuth2 redirect URIs");
-			return client.createAuthOAuth2Client(create$1.request);
+		await Promise.all([...changeSet.userProfileConfig.creates.map((create) => client.createUserProfileConfig(create.request)), ...changeSet.userProfileConfig.updates.map((update) => client.updateUserProfileConfig(update.request))]);
+		await Promise.all([...changeSet.tenantConfig.creates.map((create) => client.createTenantConfig(create.request)), ...changeSet.tenantConfig.updates.map((update) => client.updateTenantConfig(update.request))]);
+		await Promise.all([...changeSet.machineUser.creates.map((create) => client.createAuthMachineUser(create.request)), ...changeSet.machineUser.updates.map((update) => client.updateAuthMachineUser(update.request))]);
+		await Promise.all([...changeSet.oauth2Client.creates.map(async (create) => {
+			create.request.oauth2Client.redirectUris = await resolveStaticWebsiteUrls(client, create.request.workspaceId, create.request.oauth2Client.redirectUris, "OAuth2 redirect URIs");
+			return client.createAuthOAuth2Client(create.request);
 		}), ...changeSet.oauth2Client.updates.map(async (update) => {
 			update.request.oauth2Client.redirectUris = await resolveStaticWebsiteUrls(client, update.request.workspaceId, update.request.oauth2Client.redirectUris, "OAuth2 redirect URIs");
 			return client.updateAuthOAuth2Client(update.request);
@@ -1451,8 +1409,8 @@ async function applyAuth(client, result, phase = "create-update") {
 			replace.createRequest.oauth2Client.redirectUris = await resolveStaticWebsiteUrls(client, replace.createRequest.workspaceId, replace.createRequest.oauth2Client.redirectUris, "OAuth2 redirect URIs");
 			await client.createAuthOAuth2Client(replace.createRequest);
 		}
-		await Promise.all([...changeSet.scim.creates.map((create$1) => client.createAuthSCIMConfig(create$1.request)), ...changeSet.scim.updates.map((update) => client.updateAuthSCIMConfig(update.request))]);
-		await Promise.all([...changeSet.scimResource.creates.map((create$1) => client.createAuthSCIMResource(create$1.request)), ...changeSet.scimResource.updates.map((update) => client.updateAuthSCIMResource(update.request))]);
+		await Promise.all([...changeSet.scim.creates.map((create) => client.createAuthSCIMConfig(create.request)), ...changeSet.scim.updates.map((update) => client.updateAuthSCIMConfig(update.request))]);
+		await Promise.all([...changeSet.scimResource.creates.map((create) => client.createAuthSCIMResource(create.request)), ...changeSet.scimResource.updates.map((update) => client.updateAuthSCIMResource(update.request))]);
 	} else if (phase === "delete-resources") {
 		await Promise.all(changeSet.scimResource.deletes.map((del) => client.deleteAuthSCIMResource(del.request)));
 		await Promise.all(changeSet.scim.deletes.map((del) => client.deleteAuthSCIMConfig(del.request)));
@@ -1614,8 +1572,8 @@ async function planIdPConfigs(client, workspaceId, auths, deletedServices) {
 		const { parsedConfig: config } = authService;
 		const existingIdPConfigs = await fetchIdPConfigs(config.name);
 		const existingNameSet = /* @__PURE__ */ new Set();
-		existingIdPConfigs.forEach((idpConfig$1) => {
-			existingNameSet.add(idpConfig$1.name);
+		existingIdPConfigs.forEach((idpConfig) => {
+			existingNameSet.add(idpConfig.name);
 		});
 		const idpConfig = config.idProvider;
 		if (idpConfig) if (existingNameSet.has(idpConfig.name)) {
@@ -2297,7 +2255,7 @@ function protoSCIMAttribute(attr) {
 		multiValued: attr.multiValued,
 		uniqueness,
 		canonicalValues: attr.canonicalValues ?? void 0,
-		subAttributes: attr.subAttributes?.map((attr$1) => protoSCIMAttribute(attr$1))
+		subAttributes: attr.subAttributes?.map((attr) => protoSCIMAttribute(attr))
 	};
 }
 
@@ -2681,9 +2639,9 @@ async function uploadFunctionScript(client, workspaceId, entry, isCreate) {
 async function applyFunctionRegistry(client, workspaceId, result, phase = "create-update") {
 	const { changeSet } = result;
 	if (phase === "create-update") {
-		for (const create$1 of changeSet.creates) {
-			await uploadFunctionScript(client, workspaceId, create$1.entry, true);
-			await client.setMetadata(create$1.metaRequest);
+		for (const create of changeSet.creates) {
+			await uploadFunctionScript(client, workspaceId, create.entry, true);
+			await client.setMetadata(create.metaRequest);
 		}
 		for (const update of changeSet.updates) {
 			await uploadFunctionScript(client, workspaceId, update.entry, false);
@@ -2706,9 +2664,9 @@ async function applyFunctionRegistry(client, workspaceId, result, phase = "creat
 */
 async function applyExecutor(client, result, phase = "create-update") {
 	const { changeSet } = result;
-	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create$1) => {
-		await client.createExecutorExecutor(create$1.request);
-		await client.setMetadata(create$1.metaRequest);
+	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create) => {
+		await client.createExecutorExecutor(create.request);
+		await client.setMetadata(create.metaRequest);
 	}), ...changeSet.updates.map(async (update) => {
 		await client.updateExecutorExecutor(update.request);
 		await client.setMetadata(update.metaRequest);
@@ -2731,12 +2689,12 @@ async function planExecutor(context) {
 	const resourceOwners = /* @__PURE__ */ new Set();
 	const withoutLabel = await fetchAll(async (pageToken, maxPageSize) => {
 		try {
-			const { executors: executors$1, nextPageToken } = await client.listExecutorExecutors({
+			const { executors, nextPageToken } = await client.listExecutorExecutors({
 				workspaceId,
 				pageToken,
 				pageSize: maxPageSize
 			});
-			return [executors$1, nextPageToken];
+			return [executors, nextPageToken];
 		} catch (error) {
 			if (error instanceof ConnectError && error.code === Code.NotFound) return [[], ""];
 			throw error;
@@ -3004,14 +2962,14 @@ const SCALAR_TYPE_MAP = {
 async function applyPipeline(client, result, phase = "create-update") {
 	const { changeSet } = result;
 	if (phase === "create-update") {
-		await Promise.all([...changeSet.service.creates.map(async (create$1) => {
-			await client.createPipelineService(create$1.request);
-			await client.setMetadata(create$1.metaRequest);
+		await Promise.all([...changeSet.service.creates.map(async (create) => {
+			await client.createPipelineService(create.request);
+			await client.setMetadata(create.metaRequest);
 		}), ...changeSet.service.updates.map(async (update) => {
 			await client.updatePipelineService(update.request);
 			await client.setMetadata(update.metaRequest);
 		})]);
-		await Promise.all([...changeSet.resolver.creates.map((create$1) => client.createPipelineResolver(create$1.request)), ...changeSet.resolver.updates.map((update) => client.updatePipelineResolver(update.request))]);
+		await Promise.all([...changeSet.resolver.creates.map((create) => client.createPipelineResolver(create.request)), ...changeSet.resolver.updates.map((update) => client.updatePipelineResolver(update.request))]);
 	} else if (phase === "delete-resources") await Promise.all(changeSet.resolver.deletes.map((del) => client.deletePipelineResolver(del.request)));
 	else if (phase === "delete-services") await Promise.all(changeSet.service.deletes.map((del) => client.deletePipelineService(del.request)));
 }
@@ -3400,13 +3358,13 @@ async function planSecretManager(context) {
 		if (label === application.name) {
 			const secrets = await fetchAll(async (pageToken, maxPageSize) => {
 				try {
-					const { secrets: secrets$1, nextPageToken } = await client.listSecretManagerSecrets({
+					const { secrets, nextPageToken } = await client.listSecretManagerSecrets({
 						workspaceId,
 						secretmanagerVaultName: name,
 						pageToken,
 						pageSize: maxPageSize
 					});
-					return [secrets$1, nextPageToken];
+					return [secrets, nextPageToken];
 				} catch (error) {
 					if (error instanceof ConnectError && error.code === Code.NotFound) return [[], ""];
 					throw error;
@@ -3448,13 +3406,13 @@ function vaultTrn(workspaceId, name) {
 async function applySecretManager(client, result, phase = "create-update", application) {
 	const { vaultChangeSet, secretChangeSet } = result;
 	if (phase === "create-update") {
-		await Promise.all(vaultChangeSet.creates.map(async (create$1) => {
+		await Promise.all(vaultChangeSet.creates.map(async (create) => {
 			await client.createSecretManagerVault({
-				workspaceId: create$1.workspaceId,
-				secretmanagerVaultName: create$1.name
+				workspaceId: create.workspaceId,
+				secretmanagerVaultName: create.name
 			});
 			if (application) {
-				const metaRequest = await buildMetaRequest(vaultTrn(create$1.workspaceId, create$1.name), application.name);
+				const metaRequest = await buildMetaRequest(vaultTrn(create.workspaceId, create.name), application.name);
 				await client.setMetadata(metaRequest);
 			}
 		}));
@@ -3462,11 +3420,11 @@ async function applySecretManager(client, result, phase = "create-update", appli
 			const metaRequest = await buildMetaRequest(vaultTrn(update.workspaceId, update.name), application.name);
 			await client.setMetadata(metaRequest);
 		}));
-		await Promise.all(secretChangeSet.creates.map((create$1) => client.createSecretManagerSecret({
-			workspaceId: create$1.workspaceId,
-			secretmanagerVaultName: create$1.vaultName,
-			secretmanagerSecretName: create$1.secretName,
-			secretmanagerSecretValue: create$1.value
+		await Promise.all(secretChangeSet.creates.map((create) => client.createSecretManagerSecret({
+			workspaceId: create.workspaceId,
+			secretmanagerVaultName: create.vaultName,
+			secretmanagerSecretName: create.secretName,
+			secretmanagerSecretValue: create.value
 		})));
 		await Promise.all(secretChangeSet.updates.map((update) => client.updateSecretManagerSecret({
 			workspaceId: update.workspaceId,
@@ -3515,9 +3473,9 @@ async function applySecretManager(client, result, phase = "create-update", appli
 */
 async function applyStaticWebsite(client, result, phase = "create-update") {
 	const { changeSet } = result;
-	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create$1) => {
-		await client.createStaticWebsite(create$1.request);
-		await client.setMetadata(create$1.metaRequest);
+	if (phase === "create-update") await Promise.all([...changeSet.creates.map(async (create) => {
+		await client.createStaticWebsite(create.request);
+		await client.setMetadata(create.metaRequest);
 	}), ...changeSet.updates.map(async (update) => {
 		await client.updateStaticWebsite(update.request);
 		await client.setMetadata(update.metaRequest);
@@ -3657,10 +3615,6 @@ function getNamespacesWithMigrations(config, configDir) {
 //#endregion
 //#region src/cli/commands/tailordb/migrate/diff-calculator.ts
 /**
-* Current schema snapshot format version
-*/
-const SCHEMA_SNAPSHOT_VERSION = 1;
-/**
 * Check if a migration diff has any changes
 * @param {MigrationDiff} diff - Migration diff to check
 * @returns {boolean} True if diff has changes
@@ -4065,7 +4019,7 @@ function createSnapshotFromLocalTypes(types, namespace) {
 	const snapshotTypes = {};
 	for (const [typeName, type] of Object.entries(types)) snapshotTypes[typeName] = createSnapshotType(type);
 	return {
-		version: SCHEMA_SNAPSHOT_VERSION,
+		version: 1,
 		namespace,
 		createdAt: (/* @__PURE__ */ new Date()).toISOString(),
 		types: snapshotTypes
@@ -4127,7 +4081,7 @@ function getMigrationFiles(migrationsDir) {
 */
 function getNextMigrationNumber(migrationsDir) {
 	const files = getMigrationFiles(migrationsDir);
-	if (files.length === 0) return INITIAL_SCHEMA_NUMBER;
+	if (files.length === 0) return 0;
 	return Math.max(...files.map((f) => f.number)) + 1;
 }
 /**
@@ -4280,8 +4234,8 @@ function applyDiffToSnapshot(snapshot, diff) {
 function reconstructSnapshotFromMigrations(migrationsDir, maxVersion) {
 	const files = getMigrationFiles(migrationsDir);
 	if (files.length === 0) return null;
-	const schemaFile = files.find((f) => f.type === "schema" && f.number === INITIAL_SCHEMA_NUMBER);
-	if (!schemaFile) throw new Error(`No initial schema file found in ${migrationsDir}. Expected ${formatMigrationNumber(INITIAL_SCHEMA_NUMBER)}/schema.json`);
+	const schemaFile = files.find((f) => f.type === "schema" && f.number === 0);
+	if (!schemaFile) throw new Error(`No initial schema file found in ${migrationsDir}. Expected ${formatMigrationNumber(0)}/schema.json`);
 	let snapshot = loadSnapshot(schemaFile.path);
 	for (const file of files) if (file.type === "diff" && file.number > schemaFile.number) {
 		if (maxVersion !== void 0 && file.number > maxVersion) continue;
@@ -4650,7 +4604,7 @@ function compareSnapshots(previous, current) {
 		comparePermissions(ctx, typeName, prevType.permissions?.record, currType.permissions?.record, prevType.permissions?.gql, currType.permissions?.gql);
 	}
 	return {
-		version: SCHEMA_SNAPSHOT_VERSION,
+		version: 1,
 		namespace: current.namespace,
 		createdAt: (/* @__PURE__ */ new Date()).toISOString(),
 		changes: ctx.changes,
@@ -4689,30 +4643,30 @@ function validateMigrationFiles(migrationsDir) {
 	const diffFiles = [];
 	for (const file of migrationFiles) if (file.type === "schema") schemaFiles.push(file.number);
 	else if (file.type === "diff") diffFiles.push(file.number);
-	if (!schemaFiles.includes(INITIAL_SCHEMA_NUMBER)) errors.push({
+	if (!schemaFiles.includes(0)) errors.push({
 		type: "missing_schema",
-		message: `Initial schema snapshot (${formatMigrationNumber(INITIAL_SCHEMA_NUMBER)}/schema.json) is missing`,
-		migrationNumber: INITIAL_SCHEMA_NUMBER
+		message: `Initial schema snapshot (${formatMigrationNumber(0)}/schema.json) is missing`,
+		migrationNumber: 0
 	});
-	for (const num of schemaFiles) if (num !== INITIAL_SCHEMA_NUMBER) errors.push({
+	for (const num of schemaFiles) if (num !== 0) errors.push({
 		type: "invalid_schema_number",
-		message: `Schema file found at migration ${formatMigrationNumber(num)}, but schema should only exist at ${formatMigrationNumber(INITIAL_SCHEMA_NUMBER)}`,
+		message: `Schema file found at migration ${formatMigrationNumber(num)}, but schema should only exist at ${formatMigrationNumber(0)}`,
 		migrationNumber: num
 	});
 	const allNumbers = [...new Set([...schemaFiles, ...diffFiles])].sort((a, b) => a - b);
 	if (allNumbers.length === 0) return errors;
-	for (const num of schemaFiles) if (num !== INITIAL_SCHEMA_NUMBER && diffFiles.includes(num)) errors.push({
+	for (const num of schemaFiles) if (num !== 0 && diffFiles.includes(num)) errors.push({
 		type: "duplicate",
 		message: `Migration ${formatMigrationNumber(num)} has both schema and diff files`,
 		migrationNumber: num
 	});
 	const maxNum = Math.max(...allNumbers);
-	for (let i = INITIAL_SCHEMA_NUMBER; i <= maxNum; i++) if (!allNumbers.includes(i)) errors.push({
+	for (let i = 0; i <= maxNum; i++) if (!allNumbers.includes(i)) errors.push({
 		type: "gap",
 		message: `Migration ${formatMigrationNumber(i)} is missing (gap in sequence)`,
 		migrationNumber: i
 	});
-	for (const num of allNumbers) if (num > INITIAL_SCHEMA_NUMBER && !diffFiles.includes(num)) errors.push({
+	for (const num of allNumbers) if (num > 0 && !diffFiles.includes(num)) errors.push({
 		type: "missing_diff",
 		message: `Migration ${formatMigrationNumber(num)} is missing diff file`,
 		migrationNumber: num
@@ -4961,7 +4915,7 @@ async function bundleMigrationScript(sourceFile, namespace, migrationNumber) {
 			format: "esm",
 			sourcemap: false,
 			minify: false,
-			inlineDynamicImports: true,
+			codeSplitting: false,
 			globals: { tailordb: "tailordb" }
 		},
 		external: ["tailordb"],
@@ -4997,7 +4951,7 @@ const MIGRATION_LABEL_KEY = "sdk-migration";
 * @returns {number | null} Parsed number or null if invalid
 */
 function parseMigrationLabelNumber(label) {
-	if (!label.startsWith(MIGRATION_LABEL_PREFIX)) return null;
+	if (!label.startsWith("m")) return null;
 	const numStr = label.slice(1);
 	const num = parseInt(numStr, 10);
 	return isNaN(num) ? null : num;
@@ -5039,7 +4993,7 @@ async function waitForExecution$1(client, workspaceId, executionId, pollInterval
 			logs: execution.logs,
 			result: execution.result
 		};
-		await new Promise((resolve$1) => setTimeout(resolve$1, pollInterval));
+		await new Promise((resolve) => setTimeout(resolve, pollInterval));
 	}
 }
 /**
@@ -5053,12 +5007,12 @@ async function waitForExecution$1(client, workspaceId, executionId, pollInterval
 * @returns {Promise<ScriptExecutionResult>} Execution result
 */
 async function executeScript(options) {
-	const { client, workspaceId, name, code, arg: arg$1, invoker, pollInterval } = options;
+	const { client, workspaceId, name, code, arg, invoker, pollInterval } = options;
 	const response = await client.testExecScript({
 		workspaceId,
 		name,
 		code,
-		arg: arg$1 ?? JSON.stringify({}),
+		arg: arg ?? JSON.stringify({}),
 		invoker
 	});
 	const executionId = response.executionId;
@@ -5092,8 +5046,8 @@ async function executeScript(options) {
 */
 async function getCurrentMigrationNumber(client, workspaceId, namespace) {
 	try {
-		const trn$7 = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
-		const { metadata } = await client.getMetadata({ trn: trn$7 });
+		const trn = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
+		const { metadata } = await client.getMetadata({ trn });
 		const label = metadata?.labels[MIGRATION_LABEL_KEY];
 		if (!label) return 0;
 		return parseMigrationLabelNumber(label) ?? 0;
@@ -5171,12 +5125,12 @@ async function executeSingleMigration(options, migration) {
 * @returns {Promise<void>}
 */
 async function updateMigrationLabel(client, workspaceId, namespace, migrationNumber) {
-	const trn$7 = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
-	const { metadata } = await client.getMetadata({ trn: trn$7 });
+	const trn = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
+	const { metadata } = await client.getMetadata({ trn });
 	const existingLabels = metadata?.labels ?? {};
 	const newLabel = `m${formatMigrationNumber(migrationNumber)}`;
 	await client.setMetadata({
-		trn: trn$7,
+		trn,
 		labels: {
 			...existingLabels,
 			[MIGRATION_LABEL_KEY]: newLabel
@@ -5288,8 +5242,8 @@ async function fetchRemoteTypes(client, workspaceId, namespace) {
 */
 async function getRemoteMigrationNumber(client, workspaceId, namespace) {
 	try {
-		const trn$7 = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
-		const { metadata } = await client.getMetadata({ trn: trn$7 });
+		const trn = `${trnPrefix(workspaceId)}:tailordb:${namespace}`;
+		const { metadata } = await client.getMetadata({ trn });
 		const label = metadata?.labels?.["sdk-migration"];
 		if (!label) return null;
 		const match = label.match(/^m(\d+)$/);
@@ -5467,16 +5421,16 @@ async function applyTailorDB(client, result, phase = "create-update") {
 			});
 			if (remainingGqlPermissionDeletes.length > 0) await Promise.all(remainingGqlPermissionDeletes.map((del) => client.deleteTailorDBGQLPermission(del.request)));
 		} else {
-			await Promise.all([...changeSet.service.creates.map(async (create$1) => {
-				await client.createTailorDBService(create$1.request);
-				await client.setMetadata(create$1.metaRequest);
+			await Promise.all([...changeSet.service.creates.map(async (create) => {
+				await client.createTailorDBService(create.request);
+				await client.setMetadata(create.metaRequest);
 			}), ...changeSet.service.updates.map((update) => client.setMetadata(update.metaRequest))]);
 			try {
-				await Promise.all([...changeSet.type.creates.map((create$1) => client.createTailorDBType(create$1.request)), ...changeSet.type.updates.map((update) => client.updateTailorDBType(update.request))]);
+				await Promise.all([...changeSet.type.creates.map((create) => client.createTailorDBType(create.request)), ...changeSet.type.updates.map((update) => client.updateTailorDBType(update.request))]);
 			} catch (error) {
 				handleOptionalToRequiredError(error, ["Run 'tailor-sdk tailordb migration generate' to create migration files.", "Migration scripts allow you to handle existing data before applying the schema change."]);
 			}
-			await Promise.all([...changeSet.gqlPermission.creates.map((create$1) => client.createTailorDBGQLPermission(create$1.request)), ...changeSet.gqlPermission.updates.map((update) => client.updateTailorDBGQLPermission(update.request))]);
+			await Promise.all([...changeSet.gqlPermission.creates.map((create) => client.createTailorDBGQLPermission(create.request)), ...changeSet.gqlPermission.updates.map((update) => client.updateTailorDBGQLPermission(update.request))]);
 			await Promise.all(changeSet.gqlPermission.deletes.map((del) => client.deleteTailorDBGQLPermission(del.request)));
 			await Promise.all(changeSet.type.deletes.map((del) => client.deleteTailorDBType(del.request)));
 		}
@@ -5568,9 +5522,9 @@ function getDeletedTypeNames(migration) {
 * @returns {Promise<void>} Promise that resolves when services are created
 */
 async function executeServicesCreation(client, changeSet) {
-	await Promise.all([...changeSet.service.creates.map(async (create$1) => {
-		await client.createTailorDBService(create$1.request);
-		await client.setMetadata(create$1.metaRequest);
+	await Promise.all([...changeSet.service.creates.map(async (create) => {
+		await client.createTailorDBService(create.request);
+		await client.setMetadata(create.metaRequest);
 	}), ...changeSet.service.updates.map((update) => client.setMetadata(update.metaRequest))]);
 }
 /**
@@ -5598,35 +5552,35 @@ async function executeSingleMigrationPrePhase(client, changeSet, migration) {
 	const affectedTypes = getAffectedTypeNames(migration);
 	const createdBeforeMigration = new Set(processedTypes.created);
 	await Promise.all([
-		...changeSet.type.creates.filter((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		...changeSet.type.creates.filter((create) => {
+			const typeName = create.request.tailordbType?.name;
 			return typeName && affectedTypes.has(typeName) && !createdBeforeMigration.has(typeName);
-		}).map((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		}).map((create) => {
+			const typeName = create.request.tailordbType?.name;
 			if (typeName) processedTypes.created.add(typeName);
 			const typeChanges = typeName ? breakingChanges.get(typeName) : void 0;
-			if (!typeChanges || typeChanges.size === 0) return client.createTailorDBType(create$1.request);
-			const clonedRequest = structuredClone(create$1.request);
+			if (!typeChanges || typeChanges.size === 0) return client.createTailorDBType(create.request);
+			const clonedRequest = structuredClone(create.request);
 			if (clonedRequest.tailordbType?.schema?.fields) applyPreMigrationFieldAdjustments(clonedRequest.tailordbType.schema.fields, typeChanges);
 			return client.createTailorDBType(clonedRequest);
 		}),
-		...changeSet.type.creates.filter((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		...changeSet.type.creates.filter((create) => {
+			const typeName = create.request.tailordbType?.name;
 			return typeName && affectedTypes.has(typeName) && createdBeforeMigration.has(typeName);
-		}).map((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		}).map((create) => {
+			const typeName = create.request.tailordbType?.name;
 			if (typeName) processedTypes.updated.add(typeName);
 			const typeChanges = typeName ? breakingChanges.get(typeName) : void 0;
 			if (!typeChanges || typeChanges.size === 0) return client.updateTailorDBType({
-				workspaceId: create$1.request.workspaceId,
-				namespaceName: create$1.request.namespaceName,
-				tailordbType: create$1.request.tailordbType
+				workspaceId: create.request.workspaceId,
+				namespaceName: create.request.namespaceName,
+				tailordbType: create.request.tailordbType
 			});
-			const clonedRequest = structuredClone(create$1.request);
+			const clonedRequest = structuredClone(create.request);
 			if (clonedRequest.tailordbType?.schema?.fields) applyPreMigrationFieldAdjustments(clonedRequest.tailordbType.schema.fields, typeChanges);
 			return client.updateTailorDBType({
-				workspaceId: create$1.request.workspaceId,
-				namespaceName: create$1.request.namespaceName,
+				workspaceId: create.request.workspaceId,
+				namespaceName: create.request.namespaceName,
 				tailordbType: clonedRequest.tailordbType
 			});
 		}),
@@ -5644,20 +5598,20 @@ async function executeSingleMigrationPrePhase(client, changeSet, migration) {
 		})
 	]);
 	if (!processedTypes.gqlPermissionsProcessed.has(migration.namespace)) {
-		const gqlPermissionCreatesForNamespace = changeSet.gqlPermission.creates.filter((create$1) => create$1.request.namespaceName === migration.namespace);
+		const gqlPermissionCreatesForNamespace = changeSet.gqlPermission.creates.filter((create) => create.request.namespaceName === migration.namespace);
 		const gqlPermissionUpdatesForNamespace = changeSet.gqlPermission.updates.filter((update) => update.request.namespaceName === migration.namespace);
-		const gqlPermissionTypeNames = new Set(gqlPermissionCreatesForNamespace.map((create$1) => create$1.name));
-		const missingTypeCreates = changeSet.type.creates.filter((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
-			return create$1.request.namespaceName === migration.namespace && typeName && gqlPermissionTypeNames.has(typeName) && !processedTypes.created.has(typeName);
+		const gqlPermissionTypeNames = new Set(gqlPermissionCreatesForNamespace.map((create) => create.name));
+		const missingTypeCreates = changeSet.type.creates.filter((create) => {
+			const typeName = create.request.tailordbType?.name;
+			return create.request.namespaceName === migration.namespace && typeName && gqlPermissionTypeNames.has(typeName) && !processedTypes.created.has(typeName);
 		});
-		if (missingTypeCreates.length > 0) await Promise.all(missingTypeCreates.map((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		if (missingTypeCreates.length > 0) await Promise.all(missingTypeCreates.map((create) => {
+			const typeName = create.request.tailordbType?.name;
 			if (typeName) processedTypes.created.add(typeName);
-			return client.createTailorDBType(create$1.request);
+			return client.createTailorDBType(create.request);
 		}));
 		processedTypes.gqlPermissionsProcessed.add(migration.namespace);
-		await Promise.all([...gqlPermissionCreatesForNamespace.map((create$1) => client.createTailorDBGQLPermission(create$1.request)), ...gqlPermissionUpdatesForNamespace.map((update) => client.updateTailorDBGQLPermission(update.request))]);
+		await Promise.all([...gqlPermissionCreatesForNamespace.map((create) => client.createTailorDBGQLPermission(create.request)), ...gqlPermissionUpdatesForNamespace.map((update) => client.updateTailorDBGQLPermission(update.request))]);
 	}
 }
 /**
@@ -5683,13 +5637,13 @@ async function executeSingleMigrationPostPhase(client, changeSet, migration) {
 	const affectedTypes = getAffectedTypeNames(migration);
 	const deletedTypeNames = getDeletedTypeNames(migration);
 	try {
-		await Promise.all([...changeSet.type.creates.filter((create$1) => {
-			const typeName = create$1.request.tailordbType?.name;
+		await Promise.all([...changeSet.type.creates.filter((create) => {
+			const typeName = create.request.tailordbType?.name;
 			return typeName && affectedTypes.has(typeName) && breakingChanges.has(typeName);
-		}).map((create$1) => client.updateTailorDBType({
-			workspaceId: create$1.request.workspaceId,
-			namespaceName: create$1.request.namespaceName,
-			tailordbType: create$1.request.tailordbType
+		}).map((create) => client.updateTailorDBType({
+			workspaceId: create.request.workspaceId,
+			namespaceName: create.request.namespaceName,
+			tailordbType: create.request.tailordbType
 		})), ...changeSet.type.updates.filter((update) => {
 			const typeName = update.request.tailordbType?.name;
 			return typeName && affectedTypes.has(typeName) && breakingChanges.has(typeName);
@@ -6383,22 +6337,24 @@ async function applyWorkflow(client, result, phase = "create-update") {
 	const { changeSet, appName } = result;
 	if (phase === "create-update") {
 		const jobFunctionVersions = await registerJobFunctions(client, changeSet, appName);
-		await Promise.all([...changeSet.creates.map(async (create$1) => {
-			const filteredVersions = filterJobFunctionVersions(jobFunctionVersions, create$1.usedJobNames);
+		await Promise.all([...changeSet.creates.map(async (create) => {
+			const filteredVersions = filterJobFunctionVersions(jobFunctionVersions, create.usedJobNames);
 			await client.createWorkflow({
-				workspaceId: create$1.workspaceId,
-				workflowName: create$1.workflow.name,
-				mainJobFunctionName: create$1.workflow.mainJob.name,
-				jobFunctions: filteredVersions
+				workspaceId: create.workspaceId,
+				workflowName: create.workflow.name,
+				mainJobFunctionName: create.workflow.mainJob.name,
+				jobFunctions: filteredVersions,
+				...create.workflow.retryPolicy && { retryPolicy: toRetryPolicy(create.workflow.retryPolicy) }
 			});
-			await client.setMetadata(create$1.metaRequest);
+			await client.setMetadata(create.metaRequest);
 		}), ...changeSet.updates.map(async (update) => {
 			const filteredVersions = filterJobFunctionVersions(jobFunctionVersions, update.usedJobNames);
 			await client.updateWorkflow({
 				workspaceId: update.workspaceId,
 				workflowName: update.workflow.name,
 				mainJobFunctionName: update.workflow.mainJob.name,
-				jobFunctions: filteredVersions
+				jobFunctions: filteredVersions,
+				...update.workflow.retryPolicy && { retryPolicy: toRetryPolicy(update.workflow.retryPolicy) }
 			});
 			await client.setMetadata(update.metaRequest);
 		})]);
@@ -6464,13 +6420,30 @@ async function registerJobFunctions(client, changeSet, appName) {
 	const unusedJobFunctions = existingJobFunctions.filter((jobName) => !allUsedJobNames.has(jobName));
 	await Promise.all(unusedJobFunctions.map(async (jobName) => {
 		const { metadata } = await client.getMetadata({ trn: jobFunctionTrn(workspaceId, jobName) });
-		if (metadata?.labels?.[sdkNameLabelKey] === appName) await client.setMetadata({
+		if (metadata?.labels?.["sdk-name"] === appName) await client.setMetadata({
 			trn: jobFunctionTrn(workspaceId, jobName),
 			labels: { [sdkNameLabelKey]: "" }
 		});
 	}));
 	return jobFunctionVersions;
 }
+function parseDurationToProto(duration) {
+	const ms = parseDuration(duration);
+	const seconds = Math.floor(ms / 1e3);
+	const nanos = ms % 1e3 * 1e6;
+	return {
+		seconds: BigInt(seconds),
+		nanos
+	};
+}
+function toRetryPolicy(policy) {
+	return {
+		maxRetries: policy.maxRetries,
+		initialBackoff: parseDurationToProto(policy.initialBackoff),
+		maxBackoff: parseDurationToProto(policy.maxBackoff),
+		backoffMultiplier: policy.backoffMultiplier
+	};
+}
 function workflowTrn(workspaceId, name) {
 	return `trn:v1:workspace:${workspaceId}:workflow:${name}`;
 }
@@ -6571,9 +6544,9 @@ async function apply(options) {
 	return withSpan("apply", async (rootSpan) => {
 		rootSpan.setAttribute("apply.dry_run", options?.dryRun ?? false);
 		const { config, application, workflowBuildResult, buildOnly } = await withSpan("build", async () => {
-			const { config: config$1, plugins } = await withSpan("build.loadConfig", () => loadConfig(options?.configPath));
-			const dryRun$1 = options?.dryRun ?? false;
-			const buildOnly$1 = options?.buildOnly ?? process.env.TAILOR_PLATFORM_SDK_BUILD_ONLY === "true";
+			const { config, plugins } = await withSpan("build.loadConfig", () => loadConfig(options?.configPath));
+			const dryRun = options?.dryRun ?? false;
+			const buildOnly = options?.buildOnly ?? process.env.TAILOR_PLATFORM_SDK_BUILD_ONLY === "true";
 			const noCache = options?.noCache ?? false;
 			const packageJson = await readPackageJson();
 			const cacheDir = path.resolve(getDistDir(), "cache");
@@ -6584,7 +6557,7 @@ async function apply(options) {
 				});
 				logger.info("Bundle cache cleaned");
 			}
-			const configDir = path.dirname(config$1.path);
+			const configDir = path.dirname(config.path);
 			const lockfilePath = findUpSync("pnpm-lock.yaml", { cwd: configDir }) ?? findUpSync("package-lock.json", { cwd: configDir }) ?? findUpSync("yarn.lock", { cwd: configDir }) ?? findUpSync("bun.lock", { cwd: configDir });
 			const cacheManager = createCacheManager({
 				enabled: !noCache,
@@ -6595,29 +6568,29 @@ async function apply(options) {
 			let pluginManager;
 			if (plugins.length > 0) pluginManager = new PluginManager(plugins);
 			await withSpan("build.generateUserTypes", () => generateUserTypes({
-				config: config$1,
-				configPath: config$1.path
+				config,
+				configPath: config.path
 			}));
-			let application$1;
-			let workflowBuildResult$1;
+			let application;
+			let workflowBuildResult;
 			try {
 				const result = await withSpan("build.loadApplication", () => loadApplication({
-					config: config$1,
+					config,
 					pluginManager,
 					bundleCache: cacheManager.bundleCache
 				}));
-				application$1 = result.application;
-				workflowBuildResult$1 = result.workflowBuildResult;
+				application = result.application;
+				workflowBuildResult = result.workflowBuildResult;
 			} finally {
 				cacheManager.finalize();
 			}
 			return {
-				config: config$1,
+				config,
 				plugins,
-				application: application$1,
-				workflowBuildResult: workflowBuildResult$1,
-				dryRun: dryRun$1,
-				buildOnly: buildOnly$1
+				application,
+				workflowBuildResult,
+				dryRun,
+				buildOnly
 			};
 		});
 		if (buildOnly) return;
@@ -6644,7 +6617,7 @@ async function apply(options) {
 				config,
 				noSchemaCheck: options?.noSchemaCheck
 			};
-			const [functionRegistry$1, tailorDB$1, staticWebsite$1, idp$1, auth$1, pipeline$1, app$1, executor$1, workflow$1, secretManager$1] = await Promise.all([
+			const [functionRegistry, tailorDB, staticWebsite, idp, auth, pipeline, app, executor, workflow, secretManager] = await Promise.all([
 				withSpan("plan.functionRegistry", () => planFunctionRegistry(client, workspaceId, application.name, functionEntries)),
 				withSpan("plan.tailorDB", () => planTailorDB(ctx)),
 				withSpan("plan.staticWebsite", () => planStaticWebsite(ctx)),
@@ -6657,16 +6630,16 @@ async function apply(options) {
 				withSpan("plan.secretManager", () => planSecretManager(ctx))
 			]);
 			return {
-				functionRegistry: functionRegistry$1,
-				tailorDB: tailorDB$1,
-				staticWebsite: staticWebsite$1,
-				idp: idp$1,
-				auth: auth$1,
-				pipeline: pipeline$1,
-				app: app$1,
-				executor: executor$1,
-				workflow: workflow$1,
-				secretManager: secretManager$1
+				functionRegistry,
+				tailorDB,
+				staticWebsite,
+				idp,
+				auth,
+				pipeline,
+				app,
+				executor,
+				workflow,
+				secretManager
 			};
 		});
 		await withSpan("confirm", async () => {
@@ -7075,16 +7048,14 @@ async function getExecutor(options) {
 		throw error;
 	}
 }
-const getCommand$3 = defineCommand({
+const getCommand$3 = defineAppCommand({
 	name: "get",
 	description: "Get executor details",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		...nameArgs$1
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const executor = await getExecutor({
 			name: args.name,
 			workspaceId: args["workspace-id"],
@@ -7094,7 +7065,7 @@ const getCommand$3 = defineCommand({
 			triggerConfig: null,
 			targetConfig: null
 		} });
-	})
+	}
 });
 
 //#endregion
@@ -7286,7 +7257,7 @@ function toWorkflowExecutionInfo(execution) {
 //#endregion
 //#region src/cli/commands/workflow/executions.ts
 function sleep$1(ms) {
-	return new Promise((resolve$1) => setTimeout(resolve$1, ms));
+	return new Promise((resolve) => setTimeout(resolve, ms));
 }
 function formatTime$2(date) {
 	return date.toLocaleTimeString("en-US", { hour12: false });
@@ -7323,14 +7294,6 @@ async function listWorkflowExecutions(options) {
 		profile: options?.profile
 	});
 	const filters = [];
-	if (workflowName) filters.push(create(FilterSchema, { condition: create(ConditionSchema, {
-		field: "workflow_name",
-		operator: Condition_Operator.EQ,
-		value: { kind: {
-			case: "stringValue",
-			value: workflowName
-		} }
-	}) }));
 	if (options?.status) {
 		const statusValue = parseStatus(options.status);
 		filters.push(create(FilterSchema, { condition: create(ConditionSchema, {
@@ -7346,6 +7309,7 @@ async function listWorkflowExecutions(options) {
 	return (await fetchAll(async (pageToken, maxPageSize) => {
 		const { executions, nextPageToken } = await client.listWorkflowExecutions({
 			workspaceId,
+			workflowName: workflowName ?? "",
 			pageToken,
 			pageSize: maxPageSize,
 			pageDirection: PageDirection.DESC,
@@ -7480,18 +7444,16 @@ function printExecutionWithLogs(execution) {
 		}
 	}
 }
-const executionsCommand = defineCommand({
+const executionsCommand = defineAppCommand({
 	name: "executions",
 	description: "List or get workflow executions.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		executionId: arg(z.string().optional(), {
 			positional: true,
 			description: "Execution ID (if provided, shows details)"
 		}),
-		"workflow-name": arg(z.string().optional(), {
+		"workflow-name": arg(z.string().regex(/^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]$/, "Must be 3-63 lowercase alphanumeric characters or hyphens, starting and ending with alphanumeric").optional(), {
 			alias: "n",
 			description: "Filter by workflow name (list mode only)"
 		}),
@@ -7502,7 +7464,7 @@ const executionsCommand = defineCommand({
 		...waitArgs,
 		logs: arg(z.boolean().default(false), { description: "Display job execution logs (detail mode only)" })
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		if (args.executionId) {
 			const interval = parseDuration(args.interval);
 			const { execution, wait } = await getWorkflowExecution({
@@ -7525,7 +7487,7 @@ const executionsCommand = defineCommand({
 			});
 			logger.out(executions);
 		}
-	})
+	}
 });
 
 //#endregion
@@ -7562,29 +7524,27 @@ async function getWorkflow(options) {
 		throw error;
 	}
 }
-const getCommand$2 = defineCommand({
+const getCommand$2 = defineAppCommand({
 	name: "get",
 	description: "Get workflow details.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		...nameArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const workflow = await getWorkflow({
 			name: args.name,
 			workspaceId: args["workspace-id"],
 			profile: args.profile
 		});
 		logger.out(workflow);
-	})
+	}
 });
 
 //#endregion
 //#region src/cli/commands/workflow/start.ts
 function sleep(ms) {
-	return new Promise((resolve$1) => setTimeout(resolve$1, ms));
+	return new Promise((resolve) => setTimeout(resolve, ms));
 }
 function formatTime$1(date) {
 	return date.toLocaleTimeString("en-US", { hour12: false });
@@ -7672,12 +7632,12 @@ async function startWorkflowCore(options) {
 	try {
 		const workflow = await resolveWorkflow(client, workspaceId, workflowName);
 		const authInvoker = create(AuthInvokerSchema, options.authInvoker);
-		const arg$1 = options.arg === void 0 ? void 0 : typeof options.arg === "string" ? options.arg : JSON.stringify(options.arg);
+		const arg = options.arg === void 0 ? void 0 : typeof options.arg === "string" ? options.arg : JSON.stringify(options.arg);
 		const { executionId } = await client.testStartWorkflow({
 			workspaceId,
 			workflowId: workflow.id,
 			authInvoker,
-			arg: arg$1
+			arg
 		});
 		return {
 			executionId,
@@ -7739,12 +7699,10 @@ async function startWorkflow(options) {
 		interval: options.interval
 	});
 }
-const startCommand = defineCommand({
+const startCommand = defineAppCommand({
 	name: "start",
 	description: "Start a workflow execution.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...deploymentArgs,
 		...nameArgs,
 		machineuser: arg(z.string(), {
@@ -7757,7 +7715,7 @@ const startCommand = defineCommand({
 		}),
 		...waitArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const { executionId, wait } = await startWorkflowByName({
 			name: args.name,
 			machineUser: args.machineuser,
@@ -7780,7 +7738,7 @@ const startCommand = defineCommand({
 				printExecutionWithLogs(execution);
 			} else logger.out(result);
 		} else logger.out({ executionId });
-	})
+	}
 });
 
 //#endregion
@@ -7845,14 +7803,14 @@ async function getExecutorJob(options) {
 		const jobInfo = toExecutorJobInfo(job);
 		if (options.attempts) {
 			const attempts = await fetchAll(async (pageToken, maxPageSize) => {
-				const { attempts: attempts$1, nextPageToken } = await client.listExecutorJobAttempts({
+				const { attempts, nextPageToken } = await client.listExecutorJobAttempts({
 					workspaceId,
 					jobId: options.jobId,
 					pageToken,
 					pageSize: maxPageSize,
 					pageDirection: PageDirection.DESC
 				});
-				return [attempts$1, nextPageToken];
+				return [attempts, nextPageToken];
 			});
 			return {
 				...jobInfo,
@@ -7936,10 +7894,10 @@ async function watchExecutorJob(options) {
 							profile: options.profile,
 							logs: true
 						});
-						if (execWithLogs.jobDetails) workflowJobLogs = execWithLogs.jobDetails.filter((job$1) => job$1.logs || job$1.result).map((job$1) => ({
-							jobName: job$1.stackedJobName || job$1.id,
-							logs: job$1.logs,
-							result: job$1.result
+						if (execWithLogs.jobDetails) workflowJobLogs = execWithLogs.jobDetails.filter((job) => job.logs || job.result).map((job) => ({
+							jobName: job.stackedJobName || job.id,
+							logs: job.logs,
+							result: job.result
 						}));
 					}
 					return {
@@ -8027,7 +7985,7 @@ function printJobWithAttempts(job) {
 		}
 	}
 }
-const jobsCommand = defineCommand({
+const jobsCommand = defineAppCommand({
 	name: "jobs",
 	description: "List or get executor jobs.",
 	examples: [
@@ -8061,8 +8019,6 @@ const jobsCommand = defineCommand({
 		}
 	],
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		executorName: arg(z.string(), {
 			positional: true,
@@ -8091,7 +8047,7 @@ const jobsCommand = defineCommand({
 		}),
 		limit: arg(positiveIntArg.optional(), { description: "Maximum number of jobs to list (default: 50, max: 1000) (list mode only)" })
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		if (args.jobId) {
 			if (args.wait) {
 				const result = await watchExecutorJob({
@@ -8159,7 +8115,7 @@ const jobsCommand = defineCommand({
 			});
 			logger.out(jobs);
 		}
-	})
+	}
 });
 
 //#endregion
@@ -8187,15 +8143,11 @@ async function listExecutors(options) {
 		return [executors, nextPageToken];
 	})).map((e) => toExecutorListInfo(e));
 }
-const listCommand$6 = defineCommand({
+const listCommand$6 = defineAppCommand({
 	name: "list",
 	description: "List all executors",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...workspaceArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...workspaceArgs }).strict(),
+	run: async (args) => {
 		const executors = await listExecutors({
 			workspaceId: args["workspace-id"],
 			profile: args.profile
@@ -8208,7 +8160,7 @@ const listCommand$6 = defineCommand({
 		if (!args.json) {
 			if (executors.some((e) => e.triggerType === "webhook")) logger.info("To see webhook URLs, run: tailor-sdk executor webhook list");
 		}
-	})
+	}
 });
 
 //#endregion
@@ -8271,7 +8223,7 @@ async function triggerExecutor(options) {
 		profile: options.profile
 	});
 }
-const triggerCommand = defineCommand({
+const triggerCommand = defineAppCommand({
 	name: "trigger",
 	description: "Trigger an executor manually.",
 	notes: `Only executors with \`INCOMING_WEBHOOK\` or \`SCHEDULE\` trigger types can be triggered manually.
@@ -8311,8 +8263,6 @@ The \`--logs\` option displays logs from the downstream execution when available
 		}
 	],
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		executorName: arg(z.string(), {
 			positional: true,
@@ -8340,7 +8290,7 @@ The \`--logs\` option displays logs from the downstream execution when available
 			description: "Display function execution logs after completion (requires --wait)"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const client = await initOperatorClient(await loadAccessToken({
 			useProfile: true,
 			profile: args.profile
@@ -8421,7 +8371,7 @@ The \`--logs\` option displays logs from the downstream execution when available
 				}
 			} else logger.out(watchResult);
 		}
-	})
+	}
 });
 
 //#endregion
@@ -8462,15 +8412,11 @@ async function listWebhookExecutors(options) {
 		disabled: e.disabled
 	}));
 }
-const listWebhookCommand = defineCommand({
+const listWebhookCommand = defineAppCommand({
 	name: "list",
 	description: "List executors with incoming webhook triggers",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...workspaceArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...workspaceArgs }).strict(),
+	run: async (args) => {
 		const executors = await listWebhookExecutors({
 			workspaceId: args["workspace-id"],
 			profile: args.profile
@@ -8481,7 +8427,7 @@ const listWebhookCommand = defineCommand({
 		}
 		logger.out(executors, { display: { disabled: (v) => v ? styles.warning("true") : styles.dim("false") } });
 		if (!args.json) logger.info("To test a webhook, run: tailor-sdk executor trigger <name> -d '{\"key\":\"value\"}'");
-	})
+	}
 });
 const webhookCommand = defineCommand({
 	name: "webhook",
@@ -8959,10 +8905,10 @@ function createGenerationManager(params) {
 		const results = generatorResults[gen.id];
 		results.resolverResults[namespace] = {};
 		if (!gen.processResolver) return;
-		const processResolver$1 = gen.processResolver;
+		const processResolver = gen.processResolver;
 		await Promise.allSettled(Object.entries(resolvers).map(async ([resolverName, resolver]) => {
 			try {
-				results.resolverResults[namespace][resolverName] = await processResolver$1({
+				results.resolverResults[namespace][resolverName] = await processResolver({
 					resolver,
 					namespace
 				});
@@ -9093,7 +9039,7 @@ function createGenerationManager(params) {
 	* @param hookName - Name of the hook to call
 	* @param watch - Whether running in watch mode (suppresses throws)
 	*/
-	async function runPluginHook(hookName, watch$1) {
+	async function runPluginHook(hookName, watch) {
 		const plugins = generationPlugins.filter((p) => p[hookName] != null);
 		if (plugins.length === 0) return;
 		const results = await Promise.allSettled(plugins.map(async (plugin) => {
@@ -9102,10 +9048,10 @@ function createGenerationManager(params) {
 			} catch (error) {
 				logger.error(`Error processing plugin ${styles.bold(plugin.id)} (${hookName})`);
 				logger.error(String(error));
-				if (!watch$1) throw error;
+				if (!watch) throw error;
 			}
 		}));
-		if (!watch$1) {
+		if (!watch) {
 			const failures = results.filter((r) => r.status === "rejected");
 			if (failures.length > 0) throw new AggregateError(failures.map((f) => f.reason));
 		}
@@ -9118,11 +9064,11 @@ function createGenerationManager(params) {
 	async function writeGeneratedFiles(sourceId, result) {
 		await Promise.all(result.files.map(async (file) => {
 			fs$1.mkdirSync(path.dirname(file.path), { recursive: true });
-			return new Promise((resolve$1, reject) => {
+			return new Promise((resolve, reject) => {
 				if (file.skipIfExists && fs$1.existsSync(file.path)) {
 					const relativePath = path.relative(process.cwd(), file.path);
 					logger.debug(`${sourceId} | skip existing: ${relativePath}`);
-					return resolve$1();
+					return resolve();
 				}
 				fs$1.writeFile(file.path, file.content, (err) => {
 					if (err) {
@@ -9135,13 +9081,13 @@ function createGenerationManager(params) {
 						logger.log(`${sourceId} | generate: ${styles.success(relativePath)}`);
 						if (file.executable) fs$1.chmod(file.path, 493, (chmodErr) => {
 							if (chmodErr) {
-								const relativePath$1 = path.relative(process.cwd(), file.path);
-								logger.error(`Error setting executable permission on ${styles.bold(relativePath$1)}`);
+								const relativePath = path.relative(process.cwd(), file.path);
+								logger.error(`Error setting executable permission on ${styles.bold(relativePath)}`);
 								logger.error(String(chmodErr));
 								reject(chmodErr);
-							} else resolve$1();
+							} else resolve();
 						});
-						else resolve$1();
+						else resolve();
 					}
 				});
 			});
@@ -9160,7 +9106,7 @@ function createGenerationManager(params) {
 		if (hasDependency(gen, "executor")) await processExecutors(gen);
 		await aggregate(gen);
 	}
-	async function runGenerators(gens, watch$1) {
+	async function runGenerators(gens, watch) {
 		const results = await Promise.allSettled(gens.map(async (gen) => {
 			await withSpan(`generate.generator.${gen.id}`, async () => {
 				try {
@@ -9168,11 +9114,11 @@ function createGenerationManager(params) {
 				} catch (error) {
 					logger.error(`Error processing generator ${styles.bold(gen.id)}`);
 					logger.error(String(error));
-					if (!watch$1) throw error;
+					if (!watch) throw error;
 				}
 			});
 		}));
-		if (!watch$1) {
+		if (!watch) {
 			const failures = results.filter((r) => r.status === "rejected");
 			if (failures.length > 0) throw new AggregateError(failures.map((f) => f.reason));
 		}
@@ -9212,36 +9158,36 @@ function createGenerationManager(params) {
 		processResolverNamespace,
 		processExecutors,
 		aggregate,
-		async generate(watch$1) {
+		async generate(watch) {
 			logger.newline();
 			logger.log(`Generation for application: ${styles.highlight(application.config.name)}`);
 			const app = application;
 			await withSpan("generate.loadTailorDBTypes", async (span) => {
 				span.setAttribute("generate.namespace_count", app.tailorDBServices.length);
-				for (const db$1 of app.tailorDBServices) {
-					const namespace = db$1.namespace;
+				for (const db of app.tailorDBServices) {
+					const namespace = db.namespace;
 					await withSpan(`generate.loadTypes.${namespace}`, async () => {
 						try {
-							await db$1.loadTypes();
-							await db$1.processNamespacePlugins();
+							await db.loadTypes();
+							await db.processNamespacePlugins();
 							services.tailordb[namespace] = {
-								types: db$1.types,
-								sourceInfo: db$1.typeSourceInfo,
-								pluginAttachments: db$1.pluginAttachments
+								types: db.types,
+								sourceInfo: db.typeSourceInfo,
+								pluginAttachments: db.pluginAttachments
 							};
 						} catch (error) {
 							logger.error(`Error loading types for TailorDB service ${styles.bold(namespace)}`);
 							logger.error(String(error));
-							if (!watch$1) throw error;
+							if (!watch) throw error;
 						}
 					});
 				}
 			});
 			const { pluginExecutorFiles, executorService } = await withSpan("generate.pluginFiles", async () => {
-				const pluginExecutorFiles$1 = generatePluginFilesIfNeeded(pluginManager, app.tailorDBServices, config.path);
+				const pluginExecutorFiles = generatePluginFilesIfNeeded(pluginManager, app.tailorDBServices, config.path);
 				return {
-					pluginExecutorFiles: pluginExecutorFiles$1,
-					executorService: app.executorService ?? (pluginExecutorFiles$1.length > 0 ? createExecutorService({ config: { files: [] } }) : void 0)
+					pluginExecutorFiles,
+					executorService: app.executorService ?? (pluginExecutorFiles.length > 0 ? createExecutorService({ config: { files: [] } }) : void 0)
 				};
 			});
 			if (app.authService) await withSpan("generate.resolveAuthNamespaces", async () => app.authService.resolveNamespaces());
@@ -9250,7 +9196,7 @@ function createGenerationManager(params) {
 			const hasOnTailorDBReady = generationPlugins.some((p) => p.onTailorDBReady != null);
 			if (readyAfterTailorDB.length > 0 || hasOnTailorDBReady) {
 				await withSpan("generate.onTailorDBReady", async () => {
-					await Promise.all([runGenerators(readyAfterTailorDB, watch$1), runPluginHook("onTailorDBReady", watch$1)]);
+					await Promise.all([runGenerators(readyAfterTailorDB, watch), runPluginHook("onTailorDBReady", watch)]);
 				});
 				logger.newline();
 			}
@@ -9267,7 +9213,7 @@ function createGenerationManager(params) {
 						} catch (error) {
 							logger.error(`Error loading resolvers for Resolver service ${styles.bold(namespace)}`);
 							logger.error(String(error));
-							if (!watch$1) throw error;
+							if (!watch) throw error;
 						}
 					});
 				}
@@ -9276,7 +9222,7 @@ function createGenerationManager(params) {
 			const hasOnResolverReady = generationPlugins.some((p) => p.onResolverReady != null);
 			if (readyAfterResolvers.length > 0 || hasOnResolverReady) {
 				await withSpan("generate.onResolversReady", async () => {
-					await Promise.all([runGenerators(readyAfterResolvers, watch$1), runPluginHook("onResolverReady", watch$1)]);
+					await Promise.all([runGenerators(readyAfterResolvers, watch), runPluginHook("onResolverReady", watch)]);
 				});
 				logger.newline();
 			}
@@ -9294,7 +9240,7 @@ function createGenerationManager(params) {
 			const hasOnExecutorReady = generationPlugins.some((p) => p.onExecutorReady != null);
 			if (readyAfterExecutors.length > 0 || hasOnExecutorReady) {
 				await withSpan("generate.onExecutorsReady", async () => {
-					await Promise.all([runGenerators(readyAfterExecutors, watch$1), runPluginHook("onExecutorReady", watch$1)]);
+					await Promise.all([runGenerators(readyAfterExecutors, watch), runPluginHook("onExecutorReady", watch)]);
 				});
 				logger.newline();
 			}
@@ -9306,9 +9252,9 @@ function createGenerationManager(params) {
 			});
 			await watcher.addWatchGroup("Config", [config.path]);
 			const app = application;
-			for (const db$1 of app.tailorDBServices) {
-				const dbNamespace = db$1.namespace;
-				await watcher?.addWatchGroup(`TailorDB/${dbNamespace}`, db$1.config.files);
+			for (const db of app.tailorDBServices) {
+				const dbNamespace = db.namespace;
+				await watcher?.addWatchGroup(`TailorDB/${dbNamespace}`, db.config.files);
 			}
 			for (const resolverService of app.resolverServices) {
 				const resolverNamespace = resolverService.namespace;
@@ -9326,8 +9272,8 @@ function createGenerationManager(params) {
 async function generate$1(options) {
 	return withSpan("generate", async (rootSpan) => {
 		const { config, generators, plugins } = await withSpan("generate.loadConfig", async () => loadConfig(options?.configPath));
-		const watch$1 = options?.watch ?? false;
-		rootSpan.setAttribute("generate.watch", watch$1);
+		const watch = options?.watch ?? false;
+		rootSpan.setAttribute("generate.watch", watch);
 		rootSpan.setAttribute("generate.generators.count", generators.length);
 		await withSpan("generate.generateUserTypes", async () => generateUserTypes({
 			config,
@@ -9346,8 +9292,8 @@ async function generate$1(options) {
 			generators,
 			pluginManager
 		});
-		await manager.generate(watch$1);
-		if (watch$1) await manager.watch();
+		await manager.generate(watch);
+		if (watch) await manager.watch();
 	});
 }
 
@@ -9398,15 +9344,11 @@ async function listMachineUsers(options) {
 		return [machineUsers, nextPageToken];
 	})).map(machineUserInfo);
 }
-const listCommand$5 = defineCommand({
+const listCommand$5 = defineAppCommand({
 	name: "list",
 	description: "List all machine users in the application.",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...deploymentArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...deploymentArgs }).strict(),
+	run: async (args) => {
 		const machineUsers = await listMachineUsers({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -9416,7 +9358,7 @@ const listCommand$5 = defineCommand({
 			createdAt: null,
 			updatedAt: null
 		} });
-	})
+	}
 });
 
 //#endregion
@@ -9456,19 +9398,17 @@ async function getMachineUserToken(options) {
 		expiresAt: expiresAt.toISOString()
 	};
 }
-const tokenCommand = defineCommand({
+const tokenCommand = defineAppCommand({
 	name: "token",
 	description: "Get an access token for a machine user.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...deploymentArgs,
 		name: arg(z.string(), {
 			positional: true,
 			description: "Machine user name"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const token = await getMachineUserToken({
 			name: args.name,
 			workspaceId: args["workspace-id"],
@@ -9481,7 +9421,7 @@ const tokenCommand = defineCommand({
 			expires_at: token.expiresAt
 		};
 		logger.out(tokenInfo);
-	})
+	}
 });
 
 //#endregion
@@ -9559,19 +9499,17 @@ async function getOAuth2Client(options) {
 		throw error;
 	}
 }
-const getCommand$1 = defineCommand({
+const getCommand$1 = defineAppCommand({
 	name: "get",
 	description: "Get OAuth2 client credentials (including client secret).",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...deploymentArgs,
 		name: arg(z.string(), {
 			positional: true,
 			description: "OAuth2 client name"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const credentials = await getOAuth2Client({
 			name: args.name,
 			workspaceId: args["workspace-id"],
@@ -9579,7 +9517,7 @@ const getCommand$1 = defineCommand({
 			configPath: args.config
 		});
 		logger.out(credentials);
-	})
+	}
 });
 
 //#endregion
@@ -9614,22 +9552,18 @@ async function listOAuth2Clients(options) {
 		return [oauth2Clients, nextPageToken];
 	})).map(toOAuth2ClientInfo);
 }
-const listCommand$4 = defineCommand({
+const listCommand$4 = defineAppCommand({
 	name: "list",
 	description: "List all OAuth2 clients in the application.",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...deploymentArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...deploymentArgs }).strict(),
+	run: async (args) => {
 		const oauth2Clients = await listOAuth2Clients({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
 			configPath: args.config
 		});
 		logger.out(oauth2Clients);
-	})
+	}
 });
 
 //#endregion
@@ -9695,15 +9629,14 @@ async function remove(options) {
 	const { client, workspaceId, application, config } = await loadOptions$10(options);
 	await execRemove(client, workspaceId, application, config);
 }
-const removeCommand$1 = defineCommand({
+const removeCommand$1 = defineAppCommand({
 	name: "remove",
 	description: "Remove all resources managed by the application from the workspace.",
 	args: z.object({
-		...commonArgs,
 		...deploymentArgs,
 		...confirmationArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const { client, workspaceId, application, config } = await loadOptions$10({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -9723,7 +9656,7 @@ const removeCommand$1 = defineCommand({
 			} else logger.success("Removing all resources (--yes flag specified)...");
 		});
 		logger.success(`Successfully removed all resources managed by "${application.name}".`);
-	})
+	}
 });
 
 //#endregion
@@ -9760,31 +9693,27 @@ async function show(options) {
 		workspaceId,
 		applicationName: config.name
 	})]);
-	const { name, ...appInfo$1 } = applicationInfo(resp.application);
+	const { name, ...appInfo } = applicationInfo(resp.application);
 	return {
 		name,
 		workspaceId,
 		workspaceName: workspaceResp.workspace?.name ?? "",
 		workspaceRegion: workspaceResp.workspace?.region ?? "",
-		...appInfo$1
+		...appInfo
 	};
 }
-const showCommand = defineCommand({
+const showCommand = defineAppCommand({
 	name: "show",
 	description: "Show information about the deployed application.",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...deploymentArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
-		const appInfo$1 = await show({
+	args: z.object({ ...deploymentArgs }).strict(),
+	run: async (args) => {
+		const appInfo = await show({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
 			configPath: args.config
 		});
-		logger.out(appInfo$1);
-	})
+		logger.out(appInfo);
+	}
 });
 
 //#endregion
@@ -9835,7 +9764,7 @@ function parseEditorCommand(editor) {
 */
 async function openInEditor(filePath, editor = getEditorCommand()) {
 	const { command, args } = parseEditorCommand(editor);
-	await new Promise((resolve$1, reject) => {
+	await new Promise((resolve, reject) => {
 		const child = spawn(command, [...args, filePath], {
 			stdio: "inherit",
 			detached: false
@@ -9843,7 +9772,7 @@ async function openInEditor(filePath, editor = getEditorCommand()) {
 		child.once("error", (error) => reject(error));
 		child.once("close", (code) => {
 			if (code == null || code === 0) {
-				resolve$1();
+				resolve();
 				return;
 			}
 			reject(/* @__PURE__ */ new Error(`Editor exited with code ${code}.`));
@@ -10371,8 +10300,8 @@ async function generate(options) {
 	if (options.init) await handleInitOption(namespacesWithMigrations, options.yes);
 	let pluginManager;
 	if (plugins.length > 0) pluginManager = new PluginManager(plugins);
-	const { defineApplication: defineApplication$1 } = await import("./application-B4ORumjE.mjs");
-	const application = defineApplication$1({
+	const { defineApplication } = await import("./application-C0lXqKBr.mjs");
+	const application = defineApplication({
 		config,
 		pluginManager
 	});
@@ -10403,7 +10332,7 @@ async function generate(options) {
 * @returns {Promise<void>} Promise that resolves when snapshot is generated
 */
 async function generateInitialSnapshot(snapshot, migrationsDir) {
-	const result = await generateSchemaFile(snapshot, migrationsDir, INITIAL_SCHEMA_NUMBER);
+	const result = await generateSchemaFile(snapshot, migrationsDir, 0);
 	logger.success(`Generated initial schema snapshot`);
 	logger.info(`  File: ${result.filePath}`);
 	logger.info(`  Types: ${Object.keys(snapshot.types).length}`);
@@ -10489,11 +10418,10 @@ async function generateDiffFromSnapshot(previousSnapshot, currentSnapshot, migra
 /**
 * CLI command definition for generate
 */
-const generateCommand = defineCommand({
+const generateCommand = defineAppCommand({
 	name: "generate",
 	description: "Generate migration files by detecting schema differences between current local types and the previous migration snapshot.",
 	args: z.object({
-		...commonArgs,
 		...confirmationArgs,
 		...configArg,
 		name: arg(z.string().optional(), {
@@ -10502,14 +10430,14 @@ const generateCommand = defineCommand({
 		}),
 		init: arg(z.boolean().default(false), { description: "Delete existing migrations and start fresh" })
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		await generate({
 			configPath: args.config,
 			name: args.name,
 			yes: args.yes,
 			init: args.init
 		});
-	})
+	}
 });
 
 //#endregion
@@ -10683,11 +10611,10 @@ async function $truncate(options) {
 		}
 	}
 }
-const truncateCommand = defineCommand({
+const truncateCommand = defineAppCommand({
 	name: "truncate",
 	description: "Truncate (delete all records from) TailorDB tables.",
 	args: z.object({
-		...commonArgs,
 		...deploymentArgs,
 		...confirmationArgs,
 		types: arg(z.string().array().optional(), {
@@ -10703,7 +10630,7 @@ const truncateCommand = defineCommand({
 			description: "Truncate all tables in specified namespace"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const types = args.types && args.types.length > 0 ? args.types : void 0;
 		await $truncate({
 			workspaceId: args["workspace-id"],
@@ -10714,7 +10641,7 @@ const truncateCommand = defineCommand({
 			types,
 			yes: args.yes
 		});
-	})
+	}
 });
 
 //#endregion
@@ -10742,15 +10669,11 @@ async function listWorkflows(options) {
 		return [workflows, nextPageToken];
 	})).map(toWorkflowListInfo);
 }
-const listCommand$3 = defineCommand({
+const listCommand$3 = defineAppCommand({
 	name: "list",
 	description: "List all workflows in the workspace.",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...workspaceArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...workspaceArgs }).strict(),
+	run: async (args) => {
 		const workflows = await listWorkflows({
 			workspaceId: args["workspace-id"],
 			profile: args.profile
@@ -10760,7 +10683,7 @@ const listCommand$3 = defineCommand({
 			return;
 		}
 		logger.out(workflows);
-	})
+	}
 });
 
 //#endregion
@@ -10802,12 +10725,10 @@ async function resumeWorkflow(options) {
 		throw error;
 	}
 }
-const resumeCommand = defineCommand({
+const resumeCommand = defineAppCommand({
 	name: "resume",
 	description: "Resume a failed or pending workflow execution.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		executionId: arg(z.string(), {
 			positional: true,
@@ -10815,7 +10736,7 @@ const resumeCommand = defineCommand({
 		}),
 		...waitArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const { executionId, wait } = await resumeWorkflow({
 			executionId: args.executionId,
 			workspaceId: args["workspace-id"],
@@ -10835,7 +10756,7 @@ const resumeCommand = defineCommand({
 				printExecutionWithLogs(execution);
 			} else logger.out(result);
 		} else logger.out({ executionId });
-	})
+	}
 });
 
 //#endregion
@@ -10906,19 +10827,17 @@ async function getAppHealth(options) {
 		applicationName: name
 	}));
 }
-const healthCommand = defineCommand({
+const healthCommand = defineAppCommand({
 	name: "health",
 	description: "Check application schema health",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		name: arg(z.string(), {
 			description: "Application name",
 			alias: "n"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const health = await getAppHealth({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -10930,7 +10849,7 @@ const healthCommand = defineCommand({
 			lastAttemptAt: humanizeRelativeTime(health.lastAttemptAt)
 		};
 		logger.out(formattedHealth);
-	})
+	}
 });
 
 //#endregion
@@ -10979,19 +10898,17 @@ async function listApps(options) {
 	}
 	return results;
 }
-const listCommand$2 = defineCommand({
+const listCommand$2 = defineAppCommand({
 	name: "list",
 	description: "List applications in a workspace",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		limit: arg(positiveIntArg.optional(), {
 			alias: "l",
 			description: "Maximum number of applications to list"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const apps = await listApps({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -11002,7 +10919,7 @@ const listCommand$2 = defineCommand({
 			createdAt: humanizeRelativeTime(createdAt)
 		}));
 		logger.out(formattedApps);
-	})
+	}
 });
 
 //#endregion
@@ -11054,22 +10971,18 @@ async function createWorkspace(options) {
 	const validated = result.data;
 	const client = await initOperatorClient(await loadAccessToken());
 	await validateRegion(validated.region, client);
-	const organizationId = loadOrganizationId(validated.organizationId);
-	const folderId = loadFolderId(validated.folderId);
 	return workspaceInfo((await client.createWorkspace({
 		workspaceName: validated.name,
 		workspaceRegion: validated.region,
 		deleteProtection: validated.deleteProtection ?? false,
-		organizationId,
-		folderId
+		organizationId: validated.organizationId,
+		folderId: validated.folderId
 	})).workspace);
 }
-const createCommand = defineCommand({
+const createCommand = defineAppCommand({
 	name: "create",
 	description: "Create a new Tailor Platform workspace.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		name: arg(z.string(), {
 			alias: "n",
 			description: "Workspace name"
@@ -11084,11 +10997,13 @@ const createCommand = defineCommand({
 		}),
 		"organization-id": arg(z.string().optional(), {
 			alias: "o",
-			description: "Organization ID to workspace associate with"
+			description: "Organization ID to workspace associate with",
+			env: "TAILOR_PLATFORM_ORGANIZATION_ID"
 		}),
 		"folder-id": arg(z.string().optional(), {
 			alias: "f",
-			description: "Folder ID to workspace associate with"
+			description: "Folder ID to workspace associate with",
+			env: "TAILOR_PLATFORM_FOLDER_ID"
 		}),
 		"profile-name": arg(z.string().optional(), {
 			alias: "p",
@@ -11096,7 +11011,7 @@ const createCommand = defineCommand({
 		}),
 		"profile-user": arg(z.string().optional(), { description: "User email for the profile (defaults to current user)" })
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const workspace = await createWorkspace({
 			name: args.name,
 			region: args.region,
@@ -11137,7 +11052,7 @@ const createCommand = defineCommand({
 			logger.out("Profile:");
 			logger.out(profileInfo);
 		}
-	})
+	}
 });
 
 //#endregion
@@ -11160,18 +11075,17 @@ async function deleteWorkspace(options) {
 	const { client, workspaceId } = await loadOptions$7(options);
 	await client.deleteWorkspace({ workspaceId });
 }
-const deleteCommand = defineCommand({
+const deleteCommand = defineAppCommand({
 	name: "delete",
 	description: "Delete a Tailor Platform workspace.",
 	args: z.object({
-		...commonArgs,
 		"workspace-id": arg(z.string(), {
 			alias: "w",
 			description: "Workspace ID"
 		}),
 		...confirmationArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const { client, workspaceId } = await loadOptions$7({ workspaceId: args["workspace-id"] });
 		let workspace;
 		try {
@@ -11194,7 +11108,7 @@ const deleteCommand = defineCommand({
 		}
 		if (profilesToDelete.length > 0) logger.success(`Workspace "${args["workspace-id"]}" and ${profilesToDelete.length} associated profile(s) deleted successfully.`);
 		else logger.success(`Workspace "${args["workspace-id"]}" deleted successfully.`);
-	})
+	}
 });
 
 //#endregion
@@ -11225,15 +11139,11 @@ async function getWorkspace(options) {
 	if (!response.workspace) throw new Error(`Workspace "${workspaceId}" not found.`);
 	return workspaceDetails(response.workspace);
 }
-const getCommand = defineCommand({
+const getCommand = defineAppCommand({
 	name: "get",
 	description: "Show detailed information about a workspace",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		...workspaceArgs
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ ...workspaceArgs }).strict(),
+	run: async (args) => {
 		const workspace = await getWorkspace({
 			workspaceId: args["workspace-id"],
 			profile: args.profile
@@ -11244,7 +11154,7 @@ const getCommand = defineCommand({
 			updatedAt: humanizeRelativeTime(workspace.updatedAt)
 		};
 		logger.out(formattedWorkspace);
-	})
+	}
 });
 
 //#endregion
@@ -11276,21 +11186,17 @@ async function listWorkspaces(options) {
 	}
 	return results;
 }
-const listCommand$1 = defineCommand({
+const listCommand$1 = defineAppCommand({
 	name: "list",
 	description: "List all Tailor Platform workspaces.",
-	args: z.object({
-		...commonArgs,
-		...jsonArgs,
-		limit: arg(positiveIntArg.optional(), {
-			alias: "l",
-			description: "Maximum number of workspaces to list"
-		})
-	}).strict(),
-	run: withCommonArgs(async (args) => {
+	args: z.object({ limit: arg(positiveIntArg.optional(), {
+		alias: "l",
+		description: "Maximum number of workspaces to list"
+	}) }).strict(),
+	run: async (args) => {
 		const workspaces = await listWorkspaces({ limit: args.limit });
 		logger.out(workspaces, { display: { updatedAt: null } });
-	})
+	}
 });
 
 //#endregion
@@ -11313,18 +11219,17 @@ async function restoreWorkspace(options) {
 	const { client, workspaceId } = await loadOptions$5(options);
 	await client.restoreWorkspace({ workspaceId });
 }
-const restoreCommand = defineCommand({
+const restoreCommand = defineAppCommand({
 	name: "restore",
 	description: "Restore a deleted workspace",
 	args: z.object({
-		...commonArgs,
 		"workspace-id": arg(z.string(), {
 			alias: "w",
 			description: "Workspace ID"
 		}),
 		...confirmationArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const { client, workspaceId } = await loadOptions$5({ workspaceId: args["workspace-id"] });
 		if (!args.yes) {
 			if (await logger.prompt(`Are you sure you want to restore workspace "${workspaceId}"? (yes/no):`, { type: "text" }) !== "yes") {
@@ -11334,7 +11239,7 @@ const restoreCommand = defineCommand({
 		}
 		await client.restoreWorkspace({ workspaceId });
 		logger.success(`Workspace "${workspaceId}" restored successfully.`);
-	})
+	}
 });
 
 //#endregion
@@ -11402,11 +11307,10 @@ async function inviteUser(options) {
 		role
 	});
 }
-const inviteCommand = defineCommand({
+const inviteCommand = defineAppCommand({
 	name: "invite",
 	description: "Invite a user to a workspace",
 	args: z.object({
-		...commonArgs,
 		...workspaceArgs,
 		email: arg(z.email(), { description: "Email address of the user to invite" }),
 		role: arg(z.enum(validRoles), {
@@ -11414,7 +11318,7 @@ const inviteCommand = defineCommand({
 			alias: "r"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		await inviteUser({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -11422,7 +11326,7 @@ const inviteCommand = defineCommand({
 			role: args.role
 		});
 		logger.success(`User "${args.email}" invited successfully with role "${args.role}".`);
-	})
+	}
 });
 
 //#endregion
@@ -11471,26 +11375,24 @@ async function listUsers(options) {
 	}
 	return results;
 }
-const listCommand = defineCommand({
+const listCommand = defineAppCommand({
 	name: "list",
 	description: "List users in a workspace",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...workspaceArgs,
 		limit: arg(positiveIntArg.optional(), {
 			alias: "l",
 			description: "Maximum number of users to list"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const users = await listUsers({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
 			limit: args.limit
 		});
 		logger.out(users);
-	})
+	}
 });
 
 //#endregion
@@ -11524,16 +11426,15 @@ async function removeUser(options) {
 		email
 	});
 }
-const removeCommand = defineCommand({
+const removeCommand = defineAppCommand({
 	name: "remove",
 	description: "Remove a user from a workspace",
 	args: z.object({
-		...commonArgs,
 		...workspaceArgs,
 		email: arg(z.email(), { description: "Email address of the user to remove" }),
 		...confirmationArgs
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		if (!args.yes) {
 			if (await logger.prompt(`Are you sure you want to remove user "${args.email}" from the workspace? (yes/no):`, { type: "text" }) !== "yes") {
 				logger.info("User removal cancelled.");
@@ -11546,7 +11447,7 @@ const removeCommand = defineCommand({
 			email: args.email
 		});
 		logger.success(`User "${args.email}" removed from workspace.`);
-	})
+	}
 });
 
 //#endregion
@@ -11583,11 +11484,10 @@ async function updateUser(options) {
 		role
 	});
 }
-const updateCommand = defineCommand({
+const updateCommand = defineAppCommand({
 	name: "update",
 	description: "Update a user's role in a workspace",
 	args: z.object({
-		...commonArgs,
 		...workspaceArgs,
 		email: arg(z.email(), { description: "Email address of the user to update" }),
 		role: arg(z.enum(validRoles), {
@@ -11595,7 +11495,7 @@ const updateCommand = defineCommand({
 			alias: "r"
 		})
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		await updateUser({
 			workspaceId: args["workspace-id"],
 			profile: args.profile,
@@ -11603,7 +11503,7 @@ const updateCommand = defineCommand({
 			role: args.role
 		});
 		logger.success(`User "${args.email}" updated to role "${args.role}".`);
-	})
+	}
 });
 
 //#endregion
@@ -11702,7 +11602,7 @@ async function bundleQueryScript(engine) {
 			format: "esm",
 			sourcemap: false,
 			minify: false,
-			inlineDynamicImports: true,
+			codeSplitting: false,
 			globals: { tailordb: "tailordb" }
 		},
 		external: engine === "sql" ? ["tailordb"] : [],
@@ -11718,6 +11618,44 @@ async function bundleQueryScript(engine) {
 	return fs$1.readFileSync(outputPath, "utf-8");
 }
 
+//#endregion
+//#region src/cli/shared/errors.ts
+/**
+* Format CLI error for output
+* @param error - CLIError instance to format
+* @returns Formatted error message
+*/
+function formatError(error) {
+	const parts = [chalk.red(`Error${error.code ? ` [${error.code}]` : ""}: ${error.message}`)];
+	if (error.details) parts.push(`\n  ${chalk.gray("Details:")} ${error.details}`);
+	if (error.suggestion) parts.push(`\n  ${chalk.cyan("Suggestion:")} ${error.suggestion}`);
+	if (error.command) parts.push(`\n  ${chalk.gray("Help:")} Run \`tailor-sdk ${error.command} --help\` for usage information.`);
+	return parts.join("");
+}
+/**
+* Create a CLI error with formatted output
+* @param options - Options to construct a CLIError
+* @returns Constructed CLIError instance
+*/
+function createCLIError(options) {
+	const error = new Error(options.message);
+	error.name = "CLIError";
+	error.code = options.code;
+	error.details = options.details;
+	error.suggestion = options.suggestion;
+	error.command = options.command;
+	error.format = () => formatError(error);
+	return error;
+}
+/**
+* Type guard to check if an error is a CLIError
+* @param error - Error to check
+* @returns True if the error is a CLIError
+*/
+function isCLIError(error) {
+	return error instanceof Error && error.name === "CLIError";
+}
+
 //#endregion
 //#region src/cli/query/errors.ts
 function toErrorMessage(error) {
@@ -11871,10 +11809,10 @@ function isSqlInputComplete(input) {
 * @param query - SQL query
 * @returns Type names referenced by query
 */
-function extractTypeNamesFromSql(query$1) {
+function extractTypeNamesFromSql(query) {
 	let statements;
 	try {
-		statements = parse(query$1);
+		statements = parse(query);
 	} catch (error) {
 		const message = error instanceof Error ? error.message : String(error);
 		throw new Error(`SQL parse error: ${message}\nIf your table name is a reserved keyword (e.g. User), wrap it in double quotes: SELECT * FROM "User"`);
@@ -11909,9 +11847,9 @@ function collectAliasMap(fromClauses) {
 * @param query - SQL query
 * @returns Column slots if wildcards are present, null otherwise
 */
-function extractColumnTemplate(query$1) {
+function extractColumnTemplate(query) {
 	try {
-		const statements = parse(query$1);
+		const statements = parse(query);
 		for (const statement of statements) {
 			if (statement.type !== "select" || !statement.columns) continue;
 			const aliasMap = collectAliasMap(statement.from ?? []);
@@ -11981,10 +11919,10 @@ const queryBaseOptionsSchema = z.object({
 	machineUser: z.string()
 });
 const queryOptionsSchema = queryBaseOptionsSchema.extend({ query: z.string() });
-async function getNamespaceFromSqlQuery(workspaceId, query$1, client, namespaces) {
+async function getNamespaceFromSqlQuery(workspaceId, query, client, namespaces) {
 	if (namespaces.length === 0) throw new Error("No namespaces found in configuration.");
 	if (namespaces.length === 1) return namespaces[0];
-	const typeNames = extractTypeNamesFromSql(query$1);
+	const typeNames = extractTypeNamesFromSql(query);
 	if (typeNames.length === 0) throw new Error(`Could not infer namespace from query. Detected namespaces: ${namespaces.join(", ")}.`);
 	const typeNamespaceMap = await resolveTypeNamespaces({
 		workspaceId,
@@ -12278,9 +12216,9 @@ async function runRepl(options) {
 			if (statement.length === 0) continue;
 			try {
 				if (options.engine === "sql") {
-					const result$1 = await execute(statement);
-					if (result$1.engine !== "sql") throw new Error(`Expected sql engine result but got: ${result$1.engine}`);
-					printSqlResult(result$1, { json: options.json });
+					const result = await execute(statement);
+					if (result.engine !== "sql") throw new Error(`Expected sql engine result but got: ${result.engine}`);
+					printSqlResult(result, { json: options.json });
 					continue;
 				}
 				const result = await execute(statement);
@@ -12346,9 +12284,9 @@ async function queryGql(options) {
 	if (result.engine !== "gql") throw new Error(`Expected gql engine result but got: ${result.engine}`);
 	return result;
 }
-async function reorderSqlColumns(result, config, namespace, sqlQuery$1) {
+async function reorderSqlColumns(result, config, namespace, sqlQuery) {
 	if (!isSQLExecutionResult(result.result) || result.result.rows.length === 0) return result;
-	const template = extractColumnTemplate(sqlQuery$1);
+	const template = extractColumnTemplate(sqlQuery);
 	if (!template) return result;
 	try {
 		const expectedOrder = buildExpectedColumnOrder(template, await loadTypeFieldOrder(config, namespace));
@@ -12391,12 +12329,10 @@ function reorderRowByTemplate(row, expectedOrder) {
 	for (const key of rowKeys) ordered[key] = row[key];
 	return ordered;
 }
-const queryCommand = defineCommand({
+const queryCommand = defineAppCommand({
 	name: "query",
 	description: "Run SQL/GraphQL query.",
 	args: z.object({
-		...commonArgs,
-		...jsonArgs,
 		...deploymentArgs,
 		engine: arg(queryEngineSchema, { description: "Query engine (sql or gql)" }),
 		query: arg(z.string().optional(), {
@@ -12429,7 +12365,7 @@ const queryCommand = defineCommand({
 			message: "Pass only one of --edit, -q/--query, or -f/--file."
 		});
 	}).strict(),
-	run: withCommonArgs(async (args) => {
+	run: async (args) => {
 		const mode = await resolveQueryCommandInput({
 			query: args.query,
 			file: args.file,
@@ -12466,7 +12402,7 @@ const queryCommand = defineCommand({
 			...sharedOptions,
 			query: directQuery
 		}), { json: args.json });
-	})
+	}
 });
 function isSQLExecutionResult(value) {
 	if (!value || typeof value !== "object") return false;
@@ -12495,13 +12431,13 @@ function printSingleSqlResult(execResult, options = {}) {
 	logger.out(execResult.rows, { showNull: true });
 	logger.out(`rows: ${execResult.rowCount}`);
 }
-function splitSqlStatements(query$1) {
+function splitSqlStatements(query) {
 	try {
-		const statements = parse(query$1);
+		const statements = parse(query);
 		if (statements.length === 0) return [];
 		return statements.map((s) => toSql.statement(s));
 	} catch {
-		const trimmed = query$1.trim();
+		const trimmed = query.trim();
 		return trimmed.length > 0 ? [trimmed] : [];
 	}
 }
@@ -12544,5 +12480,5 @@ function printGqlResult(result, options = {}) {
 }
 
 //#endregion
-export { getExecutorJob as $, truncateCommand as A, getMigrationDirPath as At, getCommand$1 as B, getNamespacesWithMigrations as Bt, getAppHealth as C, MIGRATE_FILE_NAME as Ct, listCommand$3 as D, createSnapshotFromLocalTypes as Dt, resumeWorkflow as E, compareSnapshots as Et, showCommand as F, loadDiff as Ft, listMachineUsers as G, commonArgs as Gt, getMachineUserToken as H, generateUserTypes as Ht, remove as I, reconstructSnapshotFromMigrations as It, webhookCommand as J, jsonArgs as Jt, generate$1 as K, confirmationArgs as Kt, removeCommand$1 as L, formatDiffSummary as Lt, generateCommand as M, getMigrationFiles as Mt, logBetaWarning as N, getNextMigrationNumber as Nt, listWorkflows as O, formatMigrationNumber as Ot, show as P, isValidMigrationNumber as Pt, listExecutors as Q, listCommand$4 as R, formatMigrationDiff as Rt, listCommand$2 as S, INITIAL_SCHEMA_NUMBER as St, resumeCommand as T, compareLocalTypesWithSnapshot as Tt, tokenCommand as U, apiCall as Ut, getOAuth2Client as V, trnPrefix as Vt, listCommand$5 as W, apiCommand as Wt, triggerExecutor as X, workspaceArgs as Xt, triggerCommand as Y, withCommonArgs as Yt, listCommand$6 as Z, deleteCommand as _, MIGRATION_LABEL_KEY as _t, removeCommand as a, getCommand$2 as at, createWorkspace as b, DB_TYPES_FILE_NAME as bt, listUsers as c, getWorkflowExecution as ct, restoreCommand as d, formatKeyValueTable as dt, jobsCommand as et, restoreWorkspace as f, getCommand$3 as ft, getWorkspace as g, waitForExecution$1 as gt, getCommand as h, executeScript as ht, updateUser as i, startWorkflow as it, generate as j, getMigrationFilePath as jt, truncate as k, getLatestMigrationNumber as kt, inviteCommand as l, listWorkflowExecutions as lt, listWorkspaces as m, apply as mt, queryCommand as n, watchExecutorJob as nt, removeUser as o, getWorkflow as ot, listCommand$1 as p, getExecutor as pt, listWebhookExecutors as q, deploymentArgs as qt, updateCommand as r, startCommand as rt, listCommand as s, executionsCommand as st, query as t, listExecutorJobs as tt, inviteUser as u, functionExecutionStatusToString as ut, deleteWorkspace as v, parseMigrationLabelNumber as vt, healthCommand as w, SCHEMA_FILE_NAME as wt, listApps as x, DIFF_FILE_NAME as xt, createCommand as y, bundleMigrationScript as yt, listOAuth2Clients as z, hasChanges as zt };
-//# sourceMappingURL=query-D3UyoG68.mjs.map
+export { listExecutors as $, truncate as A, getLatestMigrationNumber as At, listOAuth2Clients as B, hasChanges as Bt, listCommand$2 as C, INITIAL_SCHEMA_NUMBER as Ct, resumeWorkflow as D, compareSnapshots as Dt, resumeCommand as E, compareLocalTypesWithSnapshot as Et, show as F, isValidMigrationNumber as Ft, listCommand$5 as G, apiCommand as Gt, getOAuth2Client as H, trnPrefix as Ht, showCommand as I, loadDiff as It, listWebhookExecutors as J, confirmationArgs as Jt, listMachineUsers as K, defineAppCommand as Kt, remove as L, reconstructSnapshotFromMigrations as Lt, generate as M, getMigrationFilePath as Mt, generateCommand as N, getMigrationFiles as Nt, listCommand$3 as O, createSnapshotFromLocalTypes as Ot, logBetaWarning as P, getNextMigrationNumber as Pt, listCommand$6 as Q, removeCommand$1 as R, formatDiffSummary as Rt, listApps as S, DIFF_FILE_NAME as St, healthCommand as T, SCHEMA_FILE_NAME as Tt, getMachineUserToken as U, generateUserTypes as Ut, getCommand$1 as V, getNamespacesWithMigrations as Vt, tokenCommand as W, apiCall as Wt, triggerCommand as X, isVerbose as Xt, webhookCommand as Y, deploymentArgs as Yt, triggerExecutor as Z, workspaceArgs as Zt, getWorkspace as _, waitForExecution$1 as _t, updateUser as a, startWorkflow as at, createCommand as b, bundleMigrationScript as bt, listCommand as c, executionsCommand as ct, inviteUser as d, functionExecutionStatusToString as dt, getExecutorJob as et, restoreCommand as f, formatKeyValueTable as ft, getCommand as g, executeScript as gt, listWorkspaces as h, apply as ht, updateCommand as i, startCommand as it, truncateCommand as j, getMigrationDirPath as jt, listWorkflows as k, formatMigrationNumber as kt, listUsers as l, getWorkflowExecution as lt, listCommand$1 as m, getExecutor as mt, queryCommand as n, listExecutorJobs as nt, removeCommand as o, getCommand$2 as ot, restoreWorkspace as p, getCommand$3 as pt, generate$1 as q, commonArgs as qt, isCLIError as r, watchExecutorJob as rt, removeUser as s, getWorkflow as st, query as t, jobsCommand as tt, inviteCommand as u, listWorkflowExecutions as ut, deleteCommand as v, MIGRATION_LABEL_KEY as vt, getAppHealth as w, MIGRATE_FILE_NAME as wt, createWorkspace as x, DB_TYPES_FILE_NAME as xt, deleteWorkspace as y, parseMigrationLabelNumber as yt, listCommand$4 as z, formatMigrationDiff as zt };
+//# sourceMappingURL=query-CRSZGUmD.mjs.map