@tolgamorf/env2op-cli 0.2.2 → 0.2.3

package/dist/op2env-cli.js

@@ -22,7 +22,7 @@ var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports,
 var require_package = __commonJS((exports, module) => {
   module.exports = {
     name: "@tolgamorf/env2op-cli",
-    version: "0.2.2",
+    version: "0.2.3",
     description: "Convert .env files to 1Password Secure Notes and generate templates for op inject/run",
     type: "module",
     main: "dist/index.js",
@@ -105,12 +105,11 @@ var require_package = __commonJS((exports, module) => {
 import pc5 from "picocolors";
 
 // src/commands/inject.ts
-import { existsSync, readFileSync, writeFileSync as writeFileSync2 } from "node:fs";
+import { existsSync as existsSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync3 } from "node:fs";
 import { basename } from "node:path";
-import * as p2 from "@clack/prompts";
 
-// src/core/env-parser.ts
-import { readFile } from "node:fs/promises";
+// src/core/auth.ts
+import * as p from "@clack/prompts";
 
 // src/utils/errors.ts
 class Env2OpError extends Error {
@@ -143,117 +142,17 @@ var errors = {
   envFileEmpty: (path) => new Env2OpError(`No valid environment variables found in ${path}`, ErrorCodes.ENV_FILE_EMPTY, "Ensure the file contains KEY=value pairs"),
   opCliNotInstalled: () => new Env2OpError("1Password CLI (op) is not installed", ErrorCodes.OP_CLI_NOT_INSTALLED, "Install it from https://1password.com/downloads/command-line/"),
   opNotSignedIn: () => new Env2OpError("Not signed in to 1Password CLI", ErrorCodes.OP_NOT_SIGNED_IN, 'Run "op signin" to authenticate'),
+  opSigninFailed: () => new Env2OpError("Failed to sign in to 1Password CLI", ErrorCodes.OP_SIGNIN_FAILED, 'Try running "op signin" manually'),
   vaultNotFound: (vault) => new Env2OpError(`Vault not found: ${vault}`, ErrorCodes.VAULT_NOT_FOUND, 'Run "op vault list" to see available vaults'),
   vaultCreateFailed: (message) => new Env2OpError(`Failed to create vault: ${message}`, ErrorCodes.VAULT_CREATE_FAILED),
   itemExists: (title, vault) => new Env2OpError(`Item "${title}" already exists in vault "${vault}"`, ErrorCodes.ITEM_EXISTS, "Use default behavior (overwrites) or choose a different item name"),
   itemCreateFailed: (message) => new Env2OpError(`Failed to create 1Password item: ${message}`, ErrorCodes.ITEM_CREATE_FAILED),
   itemEditFailed: (message) => new Env2OpError(`Failed to edit 1Password item: ${message}`, ErrorCodes.ITEM_EDIT_FAILED),
-  parseError: (line, message) => new Env2OpError(`Parse error at line ${line}: ${message}`, ErrorCodes.PARSE_ERROR)
+  parseError: (line, message) => new Env2OpError(`Parse error at line ${line}: ${message}`, ErrorCodes.PARSE_ERROR),
+  templateNotFound: (path) => new Env2OpError(`Template file not found: ${path}`, ErrorCodes.TEMPLATE_NOT_FOUND, "Ensure the file exists and the path is correct"),
+  injectFailed: (message) => new Env2OpError("Failed to pull secrets from 1Password", ErrorCodes.INJECT_FAILED, message)
 };
 
-// src/core/env-parser.ts
-var HEADER_SEPARATOR = "# ===========================================================================";
-function stripHeaders(content) {
-  const lines = content.split(`
-`);
-  const result = [];
-  let inHeader = false;
-  for (const line of lines) {
-    const trimmed = line.trim();
-    if (trimmed === HEADER_SEPARATOR) {
-      if (!inHeader) {
-        inHeader = true;
-      } else {
-        inHeader = false;
-      }
-      continue;
-    }
-    if (!inHeader) {
-      result.push(line);
-    }
-  }
-  while (result.length > 0 && result[0]?.trim() === "") {
-    result.shift();
-  }
-  return result.join(`
-`);
-}
-function parseValue(raw) {
-  const trimmed = raw.trim();
-  if (trimmed.startsWith('"')) {
-    const endQuote = trimmed.indexOf('"', 1);
-    if (endQuote !== -1) {
-      return trimmed.slice(1, endQuote);
-    }
-  }
-  if (trimmed.startsWith("'")) {
-    const endQuote = trimmed.indexOf("'", 1);
-    if (endQuote !== -1) {
-      return trimmed.slice(1, endQuote);
-    }
-  }
-  const parts = trimmed.split(/\s+#/);
-  return (parts[0] ?? trimmed).trim();
-}
-function stripBom(content) {
-  if (content.charCodeAt(0) === 65279) {
-    return content.slice(1);
-  }
-  return content;
-}
-async function parseEnvFile(filePath) {
-  let rawContent;
-  try {
-    rawContent = await readFile(filePath, "utf-8");
-  } catch {
-    throw errors.envFileNotFound(filePath);
-  }
-  const content = stripHeaders(stripBom(rawContent));
-  const rawLines = content.split(`
-`);
-  const variables = [];
-  const lines = [];
-  const parseErrors = [];
-  let currentComment = "";
-  for (let i = 0;i < rawLines.length; i++) {
-    const line = rawLines[i] ?? "";
-    const trimmed = line.trim();
-    const lineNumber = i + 1;
-    if (!trimmed) {
-      lines.push({ type: "empty" });
-      currentComment = "";
-      continue;
-    }
-    if (trimmed.startsWith("#")) {
-      lines.push({ type: "comment", content: line });
-      currentComment = trimmed.slice(1).trim();
-      continue;
-    }
-    const match = trimmed.match(/^([A-Za-z_][A-Za-z0-9_]*)=(.*)$/);
-    if (match?.[1]) {
-      const key = match[1];
-      const rawValue = match[2] ?? "";
-      const value = parseValue(rawValue);
-      variables.push({
-        key,
-        value,
-        comment: currentComment || undefined,
-        line: lineNumber
-      });
-      lines.push({ type: "variable", key, value });
-      currentComment = "";
-    } else if (trimmed.includes("=")) {
-      parseErrors.push(`Line ${lineNumber}: Invalid variable name`);
-    }
-  }
-  return { variables, lines, errors: parseErrors };
-}
-function validateParseResult(result, filePath) {
-  if (result.variables.length === 0) {
-    throw errors.envFileEmpty(filePath);
-  }
-}
-
 // src/utils/shell.ts
 import { spawn } from "node:child_process";
 import pc from "picocolors";
@@ -263,16 +162,8 @@ function quoteArg(arg) {
   }
   return arg;
 }
-async function exec(command, args = [], options = {}) {
-  const { verbose = false } = options;
-  const fullCommand = `${command} ${args.map(quoteArg).join(" ")}`;
-  if (verbose) {
-    console.log(pc.dim(`$ ${fullCommand}`));
-  }
+function collectOutput(proc, verbose) {
   return new Promise((resolve) => {
-    const proc = spawn(command, args, {
-      stdio: ["ignore", "pipe", "pipe"]
-    });
     const stdoutChunks = [];
     const stderrChunks = [];
     proc.stdout?.on("data", (data) => {
@@ -306,48 +197,29 @@ async function exec(command, args = [], options = {}) {
     });
   });
 }
+async function exec(command, args = [], options = {}) {
+  const { verbose = false } = options;
+  const fullCommand = `${command} ${args.map(quoteArg).join(" ")}`;
+  if (verbose) {
+    console.log(pc.dim(`$ ${fullCommand}`));
+  }
+  const proc = spawn(command, args, {
+    stdio: ["ignore", "pipe", "pipe"]
+  });
+  return collectOutput(proc, verbose);
+}
 async function execWithStdin(command, args = [], options) {
   const { stdin: stdinContent, verbose = false } = options;
   if (verbose) {
     const fullCommand = `${command} ${args.map(quoteArg).join(" ")}`;
     console.log(pc.dim(`$ echo '...' | ${fullCommand}`));
   }
-  return new Promise((resolve) => {
-    const proc = spawn(command, args, {
-      stdio: ["pipe", "pipe", "pipe"]
-    });
-    const stdoutChunks = [];
-    const stderrChunks = [];
-    proc.stdin?.write(stdinContent);
-    proc.stdin?.end();
-    proc.stdout?.on("data", (data) => {
-      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
-      stdoutChunks.push(text);
-      if (verbose)
-        process.stdout.write(text);
-    });
-    proc.stderr?.on("data", (data) => {
-      const text = Buffer.isBuffer(data) ? data.toString() : String(data);
-      stderrChunks.push(text);
-      if (verbose)
-        process.stderr.write(text);
-    });
-    proc.on("close", (code) => {
-      resolve({
-        stdout: stdoutChunks.join(""),
-        stderr: stderrChunks.join(""),
-        exitCode: code ?? 1
-      });
-    });
-    proc.on("error", (err) => {
-      stderrChunks.push(err.message);
-      resolve({
-        stdout: stdoutChunks.join(""),
-        stderr: stderrChunks.join(""),
-        exitCode: 1
-      });
-    });
+  const proc = spawn(command, args, {
+    stdio: ["pipe", "pipe", "pipe"]
   });
+  proc.stdin?.write(stdinContent);
+  proc.stdin?.end();
+  return collectOutput(proc, verbose);
 }
 
 // src/core/onepassword.ts
@@ -432,47 +304,369 @@ async function createSecureNote(options) {
       vaultId: item.vault?.id ?? "",
       fieldIds
     };
-  } catch (error) {
-    const message = error instanceof Error ? error.message : String(error);
-    throw errors.itemCreateFailed(message);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    throw errors.itemCreateFailed(message);
+  }
+}
+async function editSecureNote(options) {
+  const { vault, title, fields, secret, verbose, itemId } = options;
+  const template = buildItemTemplate(title, vault, fields, secret);
+  const json = JSON.stringify(template);
+  try {
+    const result = await execWithStdin("op", ["item", "edit", itemId, "--format", "json"], {
+      stdin: json,
+      verbose
+    });
+    if (result.exitCode !== 0) {
+      throw new Error(result.stderr || "Failed to edit item");
+    }
+    const item = JSON.parse(result.stdout);
+    const fieldIds = {};
+    for (const field of item.fields ?? []) {
+      if (field.label && field.id) {
+        fieldIds[field.label] = field.id;
+      }
+    }
+    return {
+      id: item.id,
+      title: item.title,
+      vault: item.vault?.name ?? vault,
+      vaultId: item.vault?.id ?? "",
+      fieldIds
+    };
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    throw errors.itemEditFailed(message);
+  }
+}
+
+// src/core/auth.ts
+async function ensureOpAuthenticated(options) {
+  const { verbose } = options;
+  const authSpinner = p.spinner();
+  authSpinner.start("Checking 1Password CLI...");
+  const opInstalled = await checkOpCli({ verbose });
+  if (!opInstalled) {
+    authSpinner.stop("1Password CLI not found");
+    throw errors.opCliNotInstalled();
+  }
+  let signedIn = await checkSignedIn({ verbose });
+  if (!signedIn) {
+    authSpinner.message("Signing in to 1Password...");
+    const signInSuccess = await signIn({ verbose });
+    if (!signInSuccess) {
+      authSpinner.stop();
+      throw errors.opSigninFailed();
+    }
+    signedIn = await checkSignedIn({ verbose });
+    if (!signedIn) {
+      authSpinner.stop();
+      throw errors.opNotSignedIn();
+    }
+  }
+  authSpinner.stop("1Password CLI ready");
+}
+
+// src/core/env-parser.ts
+import { readFile } from "node:fs/promises";
+
+// src/core/constants.ts
+var HEADER_SEPARATOR = `# ${"=".repeat(75)}`;
+
+// src/core/env-parser.ts
+function stripHeaders(content) {
+  const lines = content.split(`
+`);
+  const result = [];
+  let inHeader = false;
+  for (const line of lines) {
+    const trimmed = line.trim();
+    if (trimmed === HEADER_SEPARATOR) {
+      if (!inHeader) {
+        inHeader = true;
+      } else {
+        inHeader = false;
+      }
+      continue;
+    }
+    if (!inHeader) {
+      result.push(line);
+    }
+  }
+  while (result.length > 0 && result[0]?.trim() === "") {
+    result.shift();
+  }
+  return result.join(`
+`);
+}
+function parseValue(raw) {
+  const trimmed = raw.trim();
+  if (trimmed.startsWith('"')) {
+    const endQuote = trimmed.indexOf('"', 1);
+    if (endQuote !== -1) {
+      return trimmed.slice(1, endQuote);
+    }
+  }
+  if (trimmed.startsWith("'")) {
+    const endQuote = trimmed.indexOf("'", 1);
+    if (endQuote !== -1) {
+      return trimmed.slice(1, endQuote);
+    }
+  }
+  const parts = trimmed.split(/\s+#/);
+  return (parts[0] ?? trimmed).trim();
+}
+function stripBom(content) {
+  if (content.charCodeAt(0) === 65279) {
+    return content.slice(1);
+  }
+  return content;
+}
+async function parseEnvFile(filePath) {
+  let rawContent;
+  try {
+    rawContent = await readFile(filePath, "utf-8");
+  } catch {
+    throw errors.envFileNotFound(filePath);
+  }
+  const content = stripHeaders(stripBom(rawContent));
+  const rawLines = content.split(`
+`);
+  const variables = [];
+  const lines = [];
+  const parseErrors = [];
+  let currentComment = "";
+  for (let i = 0;i < rawLines.length; i++) {
+    const line = rawLines[i] ?? "";
+    const trimmed = line.trim();
+    const lineNumber = i + 1;
+    if (!trimmed) {
+      lines.push({ type: "empty" });
+      currentComment = "";
+      continue;
+    }
+    if (trimmed.startsWith("#")) {
+      lines.push({ type: "comment", content: line });
+      currentComment = trimmed.slice(1).trim();
+      continue;
+    }
+    const match = trimmed.match(/^([A-Za-z_][A-Za-z0-9_]*)=(.*)$/);
+    if (match?.[1]) {
+      const key = match[1];
+      const rawValue = match[2] ?? "";
+      const value = parseValue(rawValue);
+      variables.push({
+        key,
+        value,
+        comment: currentComment || undefined,
+        line: lineNumber
+      });
+      lines.push({ type: "variable", key, value });
+      currentComment = "";
+    } else if (trimmed.includes("=")) {
+      parseErrors.push(`Line ${lineNumber}: Invalid variable name`);
+    }
+  }
+  return { variables, lines, errors: parseErrors };
+}
+function validateParseResult(result, filePath) {
+  if (result.variables.length === 0) {
+    throw errors.envFileEmpty(filePath);
+  }
+}
+
+// src/core/template-generator.ts
+import { writeFileSync as writeFileSync2 } from "node:fs";
+
+// src/lib/update.ts
+import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+// src/lib/package-manager.ts
+var UPDATE_COMMANDS = {
+  homebrew: "brew upgrade tolgamorf/tap/env2op-cli",
+  npm: "npm update -g @tolgamorf/env2op-cli",
+  bun: "bun update -g @tolgamorf/env2op-cli",
+  pnpm: "pnpm update -g @tolgamorf/env2op-cli",
+  unknown: "npm update -g @tolgamorf/env2op-cli"
+};
+var DISPLAY_NAMES = {
+  homebrew: "Homebrew",
+  npm: "npm",
+  bun: "Bun",
+  pnpm: "pnpm",
+  unknown: "npm (default)"
+};
+function detectFromPath() {
+  const binPath = process.argv[1] ?? "";
+  if (binPath.includes("/Cellar/") || binPath.includes("/homebrew/") || binPath.includes("/opt/homebrew/") || binPath.includes("/home/linuxbrew/")) {
+    return "homebrew";
+  }
+  if (binPath.includes("/.bun/")) {
+    return "bun";
+  }
+  if (binPath.includes("/pnpm/") || binPath.includes("/.pnpm/")) {
+    return "pnpm";
+  }
+  if (binPath.includes("/node_modules/")) {
+    return "npm";
+  }
+  return null;
+}
+async function detectFromCommands() {
+  const brewResult = await exec("brew", ["list", "env2op-cli"], { verbose: false });
+  if (brewResult.exitCode === 0) {
+    return "homebrew";
+  }
+  return "npm";
+}
+async function detectPackageManager() {
+  const fromPath = detectFromPath();
+  if (fromPath) {
+    return {
+      type: fromPath,
+      updateCommand: UPDATE_COMMANDS[fromPath],
+      displayName: DISPLAY_NAMES[fromPath]
+    };
+  }
+  const fromCommands = await detectFromCommands();
+  return {
+    type: fromCommands,
+    updateCommand: UPDATE_COMMANDS[fromCommands],
+    displayName: DISPLAY_NAMES[fromCommands]
+  };
+}
+
+// src/lib/update.ts
+var CACHE_DIR = join(homedir(), ".env2op");
+var CACHE_FILE = join(CACHE_DIR, "update-check.json");
+var CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000;
+function getCliVersion() {
+  try {
+    const pkg = require_package();
+    return pkg.version ?? "0.0.0";
+  } catch {
+    return "0.0.0";
+  }
+}
+function loadCache() {
+  try {
+    if (existsSync(CACHE_FILE)) {
+      const content = readFileSync(CACHE_FILE, "utf-8");
+      return JSON.parse(content);
+    }
+  } catch {}
+  return { lastCheck: 0, latestVersion: null };
+}
+function saveCache(cache) {
+  try {
+    if (!existsSync(CACHE_DIR)) {
+      mkdirSync(CACHE_DIR, { recursive: true });
+    }
+    writeFileSync(CACHE_FILE, JSON.stringify(cache, null, 2));
+  } catch {}
+}
+function shouldCheckForUpdate(cache) {
+  const now = Date.now();
+  return now - cache.lastCheck > CHECK_INTERVAL_MS;
+}
+async function fetchLatestVersion() {
+  try {
+    const response = await fetch("https://registry.npmjs.org/@tolgamorf/env2op-cli/latest");
+    if (!response.ok)
+      return null;
+    const data = await response.json();
+    return data.version ?? null;
+  } catch {
+    return null;
+  }
+}
+function compareVersions(v1, v2) {
+  const parts1 = v1.split(".").map(Number);
+  const parts2 = v2.split(".").map(Number);
+  for (let i = 0;i < 3; i++) {
+    const p1 = parts1[i] || 0;
+    const p2 = parts2[i] || 0;
+    if (p1 < p2)
+      return -1;
+    if (p1 > p2)
+      return 1;
+  }
+  return 0;
+}
+async function checkForUpdate(forceCheck = false) {
+  const currentVersion = getCliVersion();
+  const cache = loadCache();
+  if (!forceCheck && !shouldCheckForUpdate(cache) && cache.latestVersion) {
+    const updateAvailable2 = compareVersions(currentVersion, cache.latestVersion) < 0;
+    const isSkipped2 = cache.skipVersion === cache.latestVersion;
+    return {
+      currentVersion,
+      latestVersion: cache.latestVersion,
+      updateAvailable: updateAvailable2,
+      isSkipped: isSkipped2,
+      fromCache: true
+    };
+  }
+  const latestVersion = await fetchLatestVersion();
+  saveCache({
+    ...cache,
+    lastCheck: Date.now(),
+    latestVersion
+  });
+  if (!latestVersion) {
+    return {
+      currentVersion,
+      latestVersion: null,
+      updateAvailable: false,
+      isSkipped: false,
+      fromCache: false
+    };
   }
+  const updateAvailable = compareVersions(currentVersion, latestVersion) < 0;
+  const isSkipped = cache.skipVersion === latestVersion;
+  return {
+    currentVersion,
+    latestVersion,
+    updateAvailable,
+    isSkipped,
+    fromCache: false
+  };
 }
-async function editSecureNote(options) {
-  const { vault, title, fields, secret, verbose, itemId } = options;
-  const template = buildItemTemplate(title, vault, fields, secret);
-  const json = JSON.stringify(template);
+async function performUpdate(pm) {
+  const packageManager = pm ?? await detectPackageManager();
   try {
-    const result = await execWithStdin("op", ["item", "edit", itemId, "--format", "json"], {
-      stdin: json,
-      verbose
-    });
+    const [command, ...args] = packageManager.updateCommand.split(" ");
+    const result = await exec(command, args, { verbose: false });
     if (result.exitCode !== 0) {
-      throw new Error(result.stderr || "Failed to edit item");
-    }
-    const item = JSON.parse(result.stdout);
-    const fieldIds = {};
-    for (const field of item.fields ?? []) {
-      if (field.label && field.id) {
-        fieldIds[field.label] = field.id;
-      }
+      return {
+        success: false,
+        error: result.stderr || `Command exited with code ${result.exitCode}`
+      };
     }
-    return {
-      id: item.id,
-      title: item.title,
-      vault: item.vault?.name ?? vault,
-      vaultId: item.vault?.id ?? "",
-      fieldIds
-    };
+    return { success: true };
   } catch (error) {
     const message = error instanceof Error ? error.message : String(error);
-    throw errors.itemEditFailed(message);
+    return { success: false, error: message };
   }
 }
+function skipVersion(version) {
+  const cache = loadCache();
+  cache.skipVersion = version;
+  saveCache(cache);
+}
+async function maybeShowUpdateNotification(cliName, showNotification) {
+  try {
+    const result = await checkForUpdate();
+    if (result.updateAvailable && !result.isSkipped) {
+      showNotification(result, cliName);
+    }
+  } catch {}
+}
 
 // src/core/template-generator.ts
-var import__package = __toESM(require_package(), 1);
-import { writeFileSync } from "node:fs";
-var SEPARATOR = "# ===========================================================================";
 function deriveEnvFileName(templateFileName) {
   if (templateFileName.endsWith(".tpl")) {
     return templateFileName.slice(0, -4);
@@ -488,7 +682,7 @@ function formatTimestamp() {
 function generateTemplateHeader(templateFileName) {
   const envFileName = deriveEnvFileName(templateFileName);
   return [
-    SEPARATOR,
+    HEADER_SEPARATOR,
     `#  ${templateFileName} — 1Password Secret References`,
     "#",
     "#  This template contains references to secrets stored in 1Password.",
@@ -501,27 +695,27 @@ function generateTemplateHeader(templateFileName) {
     `#    op run --env-file ${templateFileName} -- npm start`,
     "#",
     `#  Pushed: ${formatTimestamp()}`,
-    `#  Generated by env2op v${import__package.default.version}`,
+    `#  Generated by env2op v${getCliVersion()}`,
     "#  https://github.com/tolgamorf/env2op-cli",
-    SEPARATOR,
+    HEADER_SEPARATOR,
     ""
   ];
 }
 function generateEnvHeader(envFileName) {
   const templateFileName = deriveTemplateFileName(envFileName);
   return [
-    SEPARATOR,
+    HEADER_SEPARATOR,
     `#  ${envFileName} — Environment Variables`,
     "#",
     "#  WARNING: This file contains sensitive values. Do not commit to git!",
     "#",
     `#  To push updates to 1Password and generate ${templateFileName}:`,
-    `#    env2op ${envFileName} <vault> "<item_name>"`,
+    `#    env2op ${envFileName} "<vault>" "<item_name>"`,
     "#",
     `#  Pulled: ${formatTimestamp()}`,
-    `#  Generated by op2env v${import__package.default.version}`,
+    `#  Generated by op2env v${getCliVersion()}`,
     "#  https://github.com/tolgamorf/env2op-cli",
-    SEPARATOR,
+    HEADER_SEPARATOR,
     "",
     ""
   ];
@@ -549,7 +743,7 @@ function generateTemplateContent(options, templateFileName) {
 `;
 }
 function writeTemplate(content, outputPath) {
-  writeFileSync(outputPath, content, "utf-8");
+  writeFileSync2(outputPath, content, "utf-8");
 }
 function generateUsageInstructions(templatePath) {
   return ["Usage:", `  op2env ${templatePath}`, `  op run --env-file ${templatePath} -- npm start`].join(`
@@ -557,7 +751,7 @@ function generateUsageInstructions(templatePath) {
 }
 
 // src/utils/logger.ts
-import * as p from "@clack/prompts";
+import * as p2 from "@clack/prompts";
 import pc2 from "picocolors";
 var symbols = {
   success: pc2.green("✓"),
@@ -570,29 +764,29 @@ var symbols = {
 var logger = {
   intro(name, version, dryRun = false) {
     const label = dryRun ? pc2.bgYellow(pc2.black(` ${name} v${version} [DRY RUN] `)) : pc2.bgCyan(pc2.black(` ${name} v${version} `));
-    p.intro(label);
+    p2.intro(label);
   },
   section(title) {
     console.log(`
 ${pc2.bold(pc2.underline(title))}`);
   },
   success(message) {
-    p.log.success(message);
+    p2.log.success(message);
   },
   error(message) {
-    p.log.error(message);
+    p2.log.error(message);
   },
   warn(message) {
-    p.log.warn(message);
+    p2.log.warn(message);
   },
   info(message) {
-    p.log.info(message);
+    p2.log.info(message);
   },
   step(message) {
-    p.log.step(message);
+    p2.log.step(message);
   },
   message(message) {
-    p.log.message(message);
+    p2.log.message(message);
   },
   keyValue(key, value, indent = 2) {
     console.log(`${" ".repeat(indent)}${pc2.dim(key)}: ${pc2.cyan(value)}`);
@@ -607,16 +801,16 @@ ${pc2.bold(pc2.underline(title))}`);
     console.log(`${pc2.yellow("[DRY RUN]")} ${message}`);
   },
   spinner() {
-    return p.spinner();
+    return p2.spinner();
   },
   outro(message) {
-    p.outro(pc2.green(message));
+    p2.outro(pc2.green(message));
   },
   cancel(message) {
-    p.cancel(message);
+    p2.cancel(message);
   },
   note(message, title) {
-    p.note(message, title);
+    p2.note(message, title);
   },
   formatFields(fields, max = 3) {
     if (fields.length <= max) {
@@ -626,6 +820,28 @@ ${pc2.bold(pc2.underline(title))}`);
   }
 };
 
+// src/utils/error-handler.ts
+function handleCommandError(error) {
+  if (error instanceof Env2OpError) {
+    logger.error(error.message);
+    if (error.suggestion) {
+      logger.info(`Suggestion: ${error.suggestion}`);
+    }
+    process.exit(1);
+  }
+  throw error;
+}
+
+// src/utils/prompts.ts
+import * as p3 from "@clack/prompts";
+async function confirmOrExit(message) {
+  const confirmed = await p3.confirm({ message });
+  if (p3.isCancel(confirmed) || !confirmed) {
+    logger.cancel("Operation cancelled");
+    process.exit(0);
+  }
+}
+
 // src/utils/timing.ts
 import { setTimeout } from "node:timers/promises";
 var MIN_SPINNER_TIME = 500;
@@ -644,38 +860,16 @@ function deriveOutputPath(templatePath) {
 async function runInject(options) {
   const { templateFile, output, dryRun, force, verbose } = options;
   const outputPath = output ?? deriveOutputPath(templateFile);
-  const pkg2 = await Promise.resolve().then(() => __toESM(require_package(), 1));
-  logger.intro("op2env", pkg2.version, dryRun);
+  logger.intro("op2env", getCliVersion(), dryRun);
   try {
-    if (!existsSync(templateFile)) {
-      throw new Env2OpError(`Template file not found: ${templateFile}`, "TEMPLATE_NOT_FOUND", "Ensure the file exists and the path is correct");
+    if (!existsSync2(templateFile)) {
+      throw errors.templateNotFound(templateFile);
     }
     logger.success(`Found template: ${basename(templateFile)}`);
     if (!dryRun) {
-      const authSpinner = p2.spinner();
-      authSpinner.start("Checking 1Password CLI...");
-      const opInstalled = await checkOpCli({ verbose });
-      if (!opInstalled) {
-        authSpinner.stop("1Password CLI not found");
-        throw new Env2OpError("1Password CLI (op) is not installed", "OP_CLI_NOT_INSTALLED", "Install from https://1password.com/downloads/command-line/");
-      }
-      let signedIn = await checkSignedIn({ verbose });
-      if (!signedIn) {
-        authSpinner.message("Signing in to 1Password...");
-        const signInSuccess = await signIn({ verbose });
-        if (!signInSuccess) {
-          authSpinner.stop();
-          throw new Env2OpError("Failed to sign in to 1Password CLI", "OP_SIGNIN_FAILED", 'Try running "op signin" manually');
-        }
-        signedIn = await checkSignedIn({ verbose });
-        if (!signedIn) {
-          authSpinner.stop();
-          throw new Env2OpError("Not signed in to 1Password CLI", "OP_NOT_SIGNED_IN", 'Run "op signin" to authenticate');
-        }
-      }
-      authSpinner.stop("1Password CLI ready");
+      await ensureOpAuthenticated({ verbose });
     }
-    const outputExists = existsSync(outputPath);
+    const outputExists = existsSync2(outputPath);
     if (dryRun) {
       if (outputExists) {
         logger.warn(`Would overwrite: ${outputPath}`);
@@ -686,13 +880,7 @@ async function runInject(options) {
       return;
     }
     if (outputExists && !force) {
-      const shouldOverwrite = await p2.confirm({
-        message: `File "${outputPath}" already exists. Overwrite?`
-      });
-      if (p2.isCancel(shouldOverwrite) || !shouldOverwrite) {
-        logger.cancel("Operation cancelled");
-        process.exit(0);
-      }
+      await confirmOrExit(`File "${outputPath}" already exists. Overwrite?`);
     }
     const spinner3 = verbose ? null : logger.spinner();
     spinner3?.start("Pulling secrets from 1Password...");
@@ -701,11 +889,11 @@ async function runInject(options) {
       if (result.exitCode !== 0) {
         throw new Error(result.stderr);
       }
-      const rawContent = readFileSync(outputPath, "utf-8");
+      const rawContent = readFileSync2(outputPath, "utf-8");
       const envContent = stripHeaders(rawContent);
       const header = generateEnvHeader(basename(outputPath)).join(`
 `);
-      writeFileSync2(outputPath, header + envContent, "utf-8");
+      writeFileSync3(outputPath, header + envContent, "utf-8");
       const varCount = envContent.split(`
 `).filter((line) => line.trim() && !line.trim().startsWith("#")).length;
       const stopMessage = `Generated ${basename(outputPath)} — ${varCount} variable${varCount === 1 ? "" : "s"}`;
@@ -718,204 +906,20 @@ async function runInject(options) {
       spinner3?.stop("Failed to pull secrets");
       const stderr = error?.stderr;
       const message = stderr || (error instanceof Error ? error.message : String(error));
-      throw new Env2OpError("Failed to pull secrets from 1Password", "INJECT_FAILED", message);
+      throw errors.injectFailed(message);
     }
     logger.outro("Done! Your .env file is ready");
   } catch (error) {
-    if (error instanceof Env2OpError) {
-      logger.error(error.message);
-      if (error.suggestion) {
-        logger.info(`Suggestion: ${error.suggestion}`);
-      }
-      process.exit(1);
-    }
-    throw error;
+    handleCommandError(error);
   }
 }
 
 // src/commands/update.ts
-import * as p4 from "@clack/prompts";
+import * as p5 from "@clack/prompts";
 import pc4 from "picocolors";
 
-// src/lib/package-manager.ts
-var UPDATE_COMMANDS = {
-  homebrew: "brew upgrade tolgamorf/tap/env2op-cli",
-  npm: "npm update -g @tolgamorf/env2op-cli",
-  bun: "bun update -g @tolgamorf/env2op-cli",
-  pnpm: "pnpm update -g @tolgamorf/env2op-cli",
-  unknown: "npm update -g @tolgamorf/env2op-cli"
-};
-var DISPLAY_NAMES = {
-  homebrew: "Homebrew",
-  npm: "npm",
-  bun: "Bun",
-  pnpm: "pnpm",
-  unknown: "npm (default)"
-};
-function detectFromPath() {
-  const binPath = process.argv[1] ?? "";
-  if (binPath.includes("/Cellar/") || binPath.includes("/homebrew/") || binPath.includes("/opt/homebrew/") || binPath.includes("/home/linuxbrew/")) {
-    return "homebrew";
-  }
-  if (binPath.includes("/.bun/")) {
-    return "bun";
-  }
-  if (binPath.includes("/pnpm/") || binPath.includes("/.pnpm/")) {
-    return "pnpm";
-  }
-  if (binPath.includes("/node_modules/")) {
-    return "npm";
-  }
-  return null;
-}
-async function detectFromCommands() {
-  const brewResult = await exec("brew", ["list", "env2op-cli"], { verbose: false });
-  if (brewResult.exitCode === 0) {
-    return "homebrew";
-  }
-  return "npm";
-}
-async function detectPackageManager() {
-  const fromPath = detectFromPath();
-  if (fromPath) {
-    return {
-      type: fromPath,
-      updateCommand: UPDATE_COMMANDS[fromPath],
-      displayName: DISPLAY_NAMES[fromPath]
-    };
-  }
-  const fromCommands = await detectFromCommands();
-  return {
-    type: fromCommands,
-    updateCommand: UPDATE_COMMANDS[fromCommands],
-    displayName: DISPLAY_NAMES[fromCommands]
-  };
-}
-
-// src/lib/update.ts
-import { existsSync as existsSync2, mkdirSync, readFileSync as readFileSync2, unlinkSync, writeFileSync as writeFileSync3 } from "node:fs";
-import { homedir } from "node:os";
-import { join } from "node:path";
-var CACHE_DIR = join(homedir(), ".env2op");
-var CACHE_FILE = join(CACHE_DIR, "update-check.json");
-var CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000;
-function getCliVersion() {
-  try {
-    const pkg2 = require_package();
-    return pkg2.version ?? "0.0.0";
-  } catch {
-    return "0.0.0";
-  }
-}
-function loadCache() {
-  try {
-    if (existsSync2(CACHE_FILE)) {
-      const content = readFileSync2(CACHE_FILE, "utf-8");
-      return JSON.parse(content);
-    }
-  } catch {}
-  return { lastCheck: 0, latestVersion: null };
-}
-function saveCache(cache) {
-  try {
-    if (!existsSync2(CACHE_DIR)) {
-      mkdirSync(CACHE_DIR, { recursive: true });
-    }
-    writeFileSync3(CACHE_FILE, JSON.stringify(cache, null, 2));
-  } catch {}
-}
-function shouldCheckForUpdate(cache) {
-  const now = Date.now();
-  return now - cache.lastCheck > CHECK_INTERVAL_MS;
-}
-async function fetchLatestVersion() {
-  try {
-    const response = await fetch("https://registry.npmjs.org/@tolgamorf/env2op-cli/latest");
-    if (!response.ok)
-      return null;
-    const data = await response.json();
-    return data.version ?? null;
-  } catch {
-    return null;
-  }
-}
-function compareVersions(v1, v2) {
-  const parts1 = v1.split(".").map(Number);
-  const parts2 = v2.split(".").map(Number);
-  for (let i = 0;i < 3; i++) {
-    const p1 = parts1[i] || 0;
-    const p22 = parts2[i] || 0;
-    if (p1 < p22)
-      return -1;
-    if (p1 > p22)
-      return 1;
-  }
-  return 0;
-}
-async function checkForUpdate(forceCheck = false) {
-  const currentVersion = getCliVersion();
-  const cache = loadCache();
-  if (!forceCheck && !shouldCheckForUpdate(cache) && cache.latestVersion) {
-    const updateAvailable2 = compareVersions(currentVersion, cache.latestVersion) < 0;
-    const isSkipped2 = cache.skipVersion === cache.latestVersion;
-    return {
-      currentVersion,
-      latestVersion: cache.latestVersion,
-      updateAvailable: updateAvailable2,
-      isSkipped: isSkipped2,
-      fromCache: true
-    };
-  }
-  const latestVersion = await fetchLatestVersion();
-  saveCache({
-    ...cache,
-    lastCheck: Date.now(),
-    latestVersion
-  });
-  if (!latestVersion) {
-    return {
-      currentVersion,
-      latestVersion: null,
-      updateAvailable: false,
-      isSkipped: false,
-      fromCache: false
-    };
-  }
-  const updateAvailable = compareVersions(currentVersion, latestVersion) < 0;
-  const isSkipped = cache.skipVersion === latestVersion;
-  return {
-    currentVersion,
-    latestVersion,
-    updateAvailable,
-    isSkipped,
-    fromCache: false
-  };
-}
-async function performUpdate(pm) {
-  const packageManager = pm ?? await detectPackageManager();
-  try {
-    const [command, ...args] = packageManager.updateCommand.split(" ");
-    const result = await exec(command, args, { verbose: false });
-    if (result.exitCode !== 0) {
-      return {
-        success: false,
-        error: result.stderr || `Command exited with code ${result.exitCode}`
-      };
-    }
-    return { success: true };
-  } catch (error) {
-    const message = error instanceof Error ? error.message : String(error);
-    return { success: false, error: message };
-  }
-}
-function skipVersion(version) {
-  const cache = loadCache();
-  cache.skipVersion = version;
-  saveCache(cache);
-}
-
 // src/lib/update-prompts.ts
-import * as p3 from "@clack/prompts";
+import * as p4 from "@clack/prompts";
 import pc3 from "picocolors";
 var S_BAR_START = "┌";
 var S_BAR_END = "└";
@@ -925,7 +929,7 @@ function showUpdateNotification(result, cliName = "env2op") {
   console.log(`${pc3.gray(S_BAR_END)}${pc3.gray("─")} Run ${pc3.cyan(`'${cliName} update'`)} to update`);
 }
 async function askToUpdate(result) {
-  const response = await p3.select({
+  const response = await p4.select({
     message: "Would you like to update?",
     options: [
       { value: "update", label: "Update now", hint: "Download and install the latest version" },
@@ -933,16 +937,16 @@ async function askToUpdate(result) {
       { value: "skip", label: "Skip this version", hint: `Don't ask about ${result.latestVersion} again` }
     ]
   });
-  if (p3.isCancel(response)) {
+  if (p4.isCancel(response)) {
     return "later";
   }
   return response;
 }
 function showUpdateAvailable(result) {
-  p3.log.success(`Update available: ${pc3.dim(result.currentVersion)} ${pc3.dim("→")} ${pc3.green(result.latestVersion)}`);
+  p4.log.success(`Update available: ${pc3.dim(result.currentVersion)} ${pc3.dim("→")} ${pc3.green(result.latestVersion)}`);
 }
 function showUpToDate(currentVersion) {
-  p3.log.success(`You're on the latest version ${pc3.green(`(${currentVersion})`)}`);
+  p4.log.success(`You're on the latest version ${pc3.green(`(${currentVersion})`)}`);
 }
 function showPackageManagerInfo(pm) {
   console.log();
@@ -951,21 +955,21 @@ function showPackageManagerInfo(pm) {
   console.log();
 }
 function showUpdateSuccess(newVersion) {
-  p3.log.success(`Updated to version ${pc3.green(newVersion)}`);
-  p3.log.info("Please restart to use the new version.");
+  p4.log.success(`Updated to version ${pc3.green(newVersion)}`);
+  p4.log.info("Please restart to use the new version.");
 }
 function showUpdateError(error, pm) {
   if (error) {
-    p3.log.error(pc3.dim(error));
+    p4.log.error(pc3.dim(error));
   }
-  p3.log.info(`Try running manually: ${pc3.cyan(pm.updateCommand)}`);
+  p4.log.info(`Try running manually: ${pc3.cyan(pm.updateCommand)}`);
 }
 
 // src/commands/update.ts
 async function runUpdate(options) {
   const { force = false, cliName = "env2op" } = options;
-  p4.intro(pc4.bgCyan(pc4.black(` ${cliName} update `)));
-  const spinner4 = p4.spinner();
+  p5.intro(pc4.bgCyan(pc4.black(` ${cliName} update `)));
+  const spinner4 = p5.spinner();
   spinner4.start("Checking for updates...");
   const result = await checkForUpdate(true);
   spinner4.stop("Checked for updates");
@@ -980,15 +984,15 @@ async function runUpdate(options) {
     const choice = await askToUpdate(result);
     if (choice === "skip") {
       skipVersion(result.latestVersion);
-      p4.log.info(`Skipped version ${result.latestVersion}`);
+      p5.log.info(`Skipped version ${result.latestVersion}`);
       return;
     }
     if (choice === "later") {
-      p4.log.info("Update postponed");
+      p5.log.info("Update postponed");
       return;
     }
   }
-  const updateSpinner = p4.spinner();
+  const updateSpinner = p5.spinner();
   updateSpinner.start(`Updating to ${result.latestVersion}...`);
   const updateResult = await performUpdate(pm);
   if (updateResult.success) {
@@ -1001,35 +1005,39 @@ async function runUpdate(options) {
   }
 }
 
-// src/op2env-cli.ts
-var pkg2 = await Promise.resolve().then(() => __toESM(require_package(), 1));
-var args = process.argv.slice(2);
-var flags = new Set;
-var positional = [];
-var options = {};
-for (let i = 0;i < args.length; i++) {
-  const arg = args[i];
-  if (arg === "-o" || arg === "--output") {
-    const next = args[i + 1];
-    if (next && !next.startsWith("-")) {
-      options.output = next;
-      i++;
-    }
-  } else if (arg.startsWith("--")) {
-    flags.add(arg.slice(2));
-  } else if (arg.startsWith("-")) {
-    for (const char of arg.slice(1)) {
-      flags.add(char);
+// src/utils/args.ts
+function parseArgs(args) {
+  const flags = new Set;
+  const positional = [];
+  const options = {};
+  for (let i = 0;i < args.length; i++) {
+    const arg = args[i];
+    if (arg === "-o" || arg === "--output") {
+      const next = args[i + 1];
+      if (next && !next.startsWith("-")) {
+        options.output = next;
+        i++;
+      }
+    } else if (arg.startsWith("--")) {
+      flags.add(arg.slice(2));
+    } else if (arg.startsWith("-")) {
+      for (const char of arg.slice(1)) {
+        flags.add(char);
+      }
+    } else {
+      positional.push(arg);
     }
-  } else {
-    positional.push(arg);
   }
+  return { flags, positional, options };
 }
+
+// src/op2env-cli.ts
+var { flags, positional, options } = parseArgs(process.argv.slice(2));
 var hasHelp = flags.has("h") || flags.has("help");
 var hasVersion = flags.has("v") || flags.has("version");
 var hasUpdate = flags.has("update");
 if (hasVersion) {
-  console.log(pkg2.version);
+  console.log(getCliVersion());
   process.exit(0);
 }
 if (hasUpdate) {
@@ -1052,15 +1060,10 @@ await runInject({
   force: flags.has("f") || flags.has("force"),
   verbose: flags.has("verbose")
 });
-try {
-  const updateResult = await checkForUpdate();
-  if (updateResult.updateAvailable && !updateResult.isSkipped) {
-    showUpdateNotification(updateResult, "op2env");
-  }
-} catch {}
+await maybeShowUpdateNotification("op2env", showUpdateNotification);
 function showHelp() {
   const name = pc5.bold(pc5.cyan("op2env"));
-  const version = pc5.dim(`v${pkg2.version}`);
+  const version = pc5.dim(`v${getCliVersion()}`);
   console.log(`
 ${name} ${version}
 Pull secrets from 1Password to generate .env files