@toolforge-js/sdk 0.8.0 → 0.8.2

package/dist/cli/index.js

@@ -1,21 +1,26 @@
-import { C as __toESM, S as __require, _ as startAgentMessageSchema, a as AGENT_TAG_NAME, b as stopToolMessageSchema, c as getErrorMessage, d as runWithRetries, f as ackMessageSchema, g as runnerId, h as initCommunicationMessageSchema, i as AGENT_STEP_TAG_NAME, l as invariant, m as heartbeatAckMessageSchema, n as TOOL_TAG_NAME, o as Agent, p as baseMessageSchema, r as Tool, s as convertToWords, t as TOOL_HANDLER_TAG_NAME, u as exponentialBackoff, v as startToolMessageSchema, x as __commonJS, y as stopAgentMessageSchema } from "../tool-UVAGtnlr.js";
-import { t as toolForgeConfigSchema } from "../config-schema-CcWOtgOv.js";
+import { C as __toESM, S as __require, _ as stopToolMessageSchema, a as AGENT_TAG_NAME, b as invariant, c as runWithRetries, d as heartbeatAckMessageSchema, f as initCommunicationMessageSchema, g as stopAgentMessageSchema, h as startToolMessageSchema, i as AGENT_STEP_TAG_NAME, l as ackMessageSchema, m as startAgentMessageSchema, n as TOOL_TAG_NAME, o as Agent, p as runnerId, r as Tool, s as exponentialBackoff, t as TOOL_HANDLER_TAG_NAME, u as baseMessageSchema, v as convertToWords, x as __commonJS, y as getErrorMessage } from "../tool-DDDEH8M3.js";
+import { n as toolForgeConfigSchema, r as TOKEN_PREFIX, t as TF_CONFIG_TAG_NAME } from "../config-schema-DcLVggqh.js";
 import * as z$1 from "zod";
 import z from "zod";
-import { readFileSync } from "node:fs";
+import { createReadStream, readFileSync } from "node:fs";
 import * as path from "node:path";
 import { EventEmitter } from "node:events";
 import ora from "ora";
 import { pino } from "pino";
-import { P, match } from "ts-pattern";
-import { setTimeout as setTimeout$1 } from "node:timers/promises";
-import chokidar from "chokidar";
-import { nanoid } from "nanoid";
-import picocolors from "picocolors";
+import * as crypto from "node:crypto";
 import * as fs from "node:fs/promises";
+import { create } from "tar";
 import * as os from "node:os";
 import { camelCase, capitalize, kebabCase } from "es-toolkit/string";
 import esbuild from "esbuild";
+import { nanoid } from "nanoid";
+import { P, match } from "ts-pattern";
+import { setTimeout as setTimeout$1 } from "node:timers/promises";
+import * as prompts from "@clack/prompts";
+import picocolors from "picocolors";
+import { createAuthClient } from "better-auth/client";
+import { deviceAuthorizationClient } from "better-auth/client/plugins";
+import chokidar from "chokidar";
 
 //#region ../../node_modules/.bun/commander@14.0.2/node_modules/commander/lib/error.js
 var require_error = /* @__PURE__ */ __commonJS({ "../../node_modules/.bun/commander@14.0.2/node_modules/commander/lib/error.js": ((exports) => {
@@ -3066,13 +3071,17 @@ async function gatherForgeItems(toolsDir, mode, logger) {
 		return await import(bundleFilePath);
 	}
 	const { forgeItems, toolEntries, agentEntries } = await gatherToolAndAgentEntries(toolsDir, mode, logger);
-	if (forgeItems.length || toolEntries.length || agentEntries.length) return await import(`${await bundleForge({
-		toolEntries,
-		agentEntries,
-		forgeItems,
-		toolsDir,
-		logger
-	})}?t=${Date.now()}`);
+	if (forgeItems.length || toolEntries.length || agentEntries.length) {
+		const { bundleFilePath } = await bundleForge({
+			toolEntries,
+			agentEntries,
+			forgeItems,
+			toolsDir,
+			logger
+		});
+		logger.debug("loading bundled tools from %s", bundleFilePath);
+		return await import(`${bundleFilePath}?t=${Date.now()}`);
+	}
 	return {
 		forgeItems: [],
 		tools: {},
@@ -3196,11 +3205,11 @@ ${agentEntries.map(({ variableName, id }) => `  '${id}': agent_${variableName},`
 		}
 		const entryFileContent = entryFileContentGroups.join("\n\n");
 		logger.debug(`generate file content\n${"-".repeat(70)}\n%s\n${"-".repeat(70)}`, entryFileContent);
-		const outDir = path.resolve(process.cwd(), TOOL_FORGE_BUILD_DIR);
-		const bundleFilePath = path.resolve(outDir, TOOL_FORGE_BUILD_BUNDLE_FILE);
+		const bundleDirPath = path.resolve(process.cwd(), TOOL_FORGE_BUILD_DIR);
+		const bundleFilePath = path.resolve(bundleDirPath, TOOL_FORGE_BUILD_BUNDLE_FILE);
 		logger.debug("bundling tools to %s", bundleFilePath);
-		await setupOutputDir(outDir);
-		logger.debug("ensured output directory exists at %s", outDir);
+		await setupOutputDir(bundleDirPath);
+		logger.debug("ensured output directory exists at %s", bundleDirPath);
 		logger.debug("starting esbuild bundling...");
 		await esbuild.build({
 			stdin: {
@@ -3212,11 +3221,20 @@ ${agentEntries.map(({ variableName, id }) => `  '${id}': agent_${variableName},`
 			platform: "node",
 			outfile: bundleFilePath,
 			logLevel: "error",
-			format: "esm"
+			format: "esm",
+			banner: { js: [
+				"/* eslint-disable */",
+				"// @ts-nocheck",
+				"// noinspection JSUnusedGlobalSymbols",
+				"// This file is auto-generated by ToolForge. Do not edit manually."
+			].join("\n\n") }
 		});
 		logger.debug("esbuild bundling completed");
-		return bundleFilePath;
-	}
+		return {
+			bundleFilePath,
+			bundleDirPath
+		};
+	} else throw new Error("no tools or agents found to bundle");
 }
 function isToolDefinition(obj) {
 	return "__tf__tag__name__" in obj && obj.__tf__tag__name__ === TOOL_TAG_NAME && "handler" in obj && typeof obj.handler === "function" && "__tf__tag__name__" in obj.handler && obj.handler.__tf__tag__name__ === TOOL_HANDLER_TAG_NAME;
@@ -3260,6 +3278,417 @@ function getMemoryUsage() {
 	};
 }
 
+//#endregion
+//#region src/cli/actions/utils.ts
+async function getToolForgeConfig(configRelPath) {
+	try {
+		const configPath = path.resolve(process.cwd(), configRelPath);
+		return {
+			config: toolForgeConfigSchema.extend({ __tf__tag__name__: z$1.symbol(TF_CONFIG_TAG_NAME.description) }).parse(await import(configPath).then((mod) => mod.default)),
+			configPath
+		};
+	} catch (error) {
+		if (error instanceof z$1.ZodError) throw new Error("Invalid tool forge config.\n\nPlease refer the documentation [https://docs.tool-forge.ai/sdk/configuration] for the correct configuration schema");
+		throw error;
+	}
+}
+/**
+* Opens the given URL in the default web browser.
+*/
+function openInBrowser(url) {
+	const platform = process.platform;
+	let command;
+	if (platform === "win32") command = `start '${url}'`;
+	else if (platform === "darwin") command = `open '${url}'`;
+	else command = `xdg-open '${url}'`;
+	Bun.spawn({
+		cmd: [
+			"sh",
+			"-c",
+			command
+		],
+		stdout: "ignore",
+		stderr: "ignore"
+	});
+}
+const TOOL_FORGE_CLI_DOMAIN = "ai.tool-forge.cli";
+const TOOL_FORGE_ACCESS_TOKEN_KEY = "access-token";
+async function buildForge(config, logger) {
+	const toolsDir = path.resolve(process.cwd(), config.toolsDir);
+	const { toolEntries, agentEntries, forgeItems } = await gatherToolAndAgentEntries(toolsDir, "production", logger);
+	if (forgeItems.length === 0) {
+		logger.warn("no tools or agents found to build");
+		process.exit(0);
+	}
+	logger.info("building %d tools and agents...", forgeItems.length);
+	const { bundleFilePath, bundleDirPath } = await bundleForge({
+		toolEntries,
+		agentEntries,
+		forgeItems,
+		toolsDir,
+		logger
+	});
+	logger.info("tools built successfully");
+	return {
+		bundleFilePath,
+		bundleDirPath
+	};
+}
+const FILES_TO_COPY = [
+	"package.json",
+	"toolforge.config.ts",
+	"tsconfig.json",
+	"bun.lock",
+	"bun.lockb"
+];
+const DIRS_TO_COPY = ["prisma"];
+async function createCompleteBundle({ bundleDirPath, rootPath }, logger) {
+	for (const file of FILES_TO_COPY) {
+		const srcPath = path.resolve(rootPath, file);
+		if (!await fs.exists(srcPath)) continue;
+		if (file === "package.json") {
+			logger.debug("cleaning package.json before adding to bundle");
+			const cleanedPackageJSON = await cleanPackageJSON(srcPath, logger);
+			const destPath = path.resolve(bundleDirPath, "package.json");
+			logger.debug("cleaned package.json: %o", cleanedPackageJSON);
+			logger.debug("writing cleaned package.json to %s", destPath);
+			try {
+				await fs.writeFile(destPath, JSON.stringify(cleanedPackageJSON, null, 2), "utf-8");
+			} catch (error) {
+				logger.warn("failed to write cleaned package.json: %s", error.message);
+			}
+		} else {
+			const srcPath$1 = path.resolve(rootPath, file);
+			const destPath = path.resolve(bundleDirPath, file);
+			logger.debug("copying %s to %s", srcPath$1, destPath);
+			try {
+				await fs.copyFile(srcPath$1, destPath);
+			} catch (error) {
+				logger.warn("failed to copy %s: %s", srcPath$1, error.message);
+			}
+		}
+	}
+	for (const dir of DIRS_TO_COPY) {
+		const srcPath = path.join(rootPath, dir);
+		const destPath = path.join(bundleDirPath, dir);
+		logger.debug("copying %s to %s", srcPath, destPath);
+		try {
+			if (!(await fs.stat(srcPath)).isDirectory()) continue;
+			await fs.cp(srcPath, destPath, { recursive: true });
+		} catch (error) {
+			logger.warn("failed to copy %s: %s", srcPath, error.message);
+		}
+	}
+	const tarballPath = path.resolve(rootPath, ".toolforge-bundle.tar.gz");
+	logger.info("creating tarball at %s", tarballPath);
+	await create({
+		gzip: true,
+		file: tarballPath,
+		cwd: bundleDirPath
+	}, ["."]);
+	const sha256 = await getFileSha256(tarballPath);
+	logger.debug("tarball sha256: %s", sha256);
+	logger.info("tarball created successfully");
+	return {
+		tarballPath,
+		sha256
+	};
+}
+const VALID_TOOL_FORGE_PACKAGES = ["@toolforge-js/sdk"];
+/**
+* Cleans the package.json file by removing toolforge internal dependencies
+* and updating other workspace dependencies to their latest versions.
+*/
+async function cleanPackageJSON(filePath, logger) {
+	const packageJSON = z$1.object({
+		devDependencies: z$1.record(z$1.string(), z$1.string()).optional().default({}),
+		dependencies: z$1.record(z$1.string(), z$1.string()).optional().default({})
+	}).loose().parse(JSON.parse(await fs.readFile(filePath, "utf-8")));
+	for (const key of ["devDependencies", "dependencies"]) {
+		const deps = packageJSON[key];
+		for (const dep of Object.keys(deps)) {
+			logger.trace("processing dependency %s", dep);
+			if (!dep.startsWith("@toolforge-js/")) {
+				logger.trace("skipping non-toolforge package %s", dep);
+				continue;
+			}
+			if (!VALID_TOOL_FORGE_PACKAGES.includes(dep)) {
+				logger.trace("removing invalid toolforge package %s", dep);
+				delete deps[dep];
+			} else {
+				if (deps[dep].startsWith("workspace:")) {
+					const latestVersion = await getPackageLatestVersion(dep);
+					if (latestVersion) deps[dep] = latestVersion;
+				}
+				logger.trace("updated dependency %s to version %s", dep, deps[dep]);
+			}
+		}
+	}
+	return packageJSON;
+}
+/**
+* Gets the latest version of a package from npm registry.
+*/
+async function getPackageLatestVersion(packageName) {
+	const res = await fetch(`https://registry.npmjs.org/${packageName}/latest`);
+	return z$1.object({
+		version: z$1.string(),
+		name: z$1.literal(packageName)
+	}).parse(await res.json()).version;
+}
+/**
+* Generates the SHA-256 hash of a file.
+*/
+function getFileSha256(filePath) {
+	return new Promise((resolve, reject) => {
+		const hash = crypto.createHash("sha256");
+		const stream = createReadStream(filePath);
+		stream.on("error", reject);
+		stream.on("data", (chunk) => {
+			hash.update(chunk);
+		});
+		stream.on("end", () => {
+			resolve(hash.digest("hex"));
+		});
+	});
+}
+
+//#endregion
+//#region src/cli/actions/build.ts
+async function build(configRelPath, debug) {
+	const logger = pino({
+		level: debug ? "debug" : "info",
+		transport: { target: "pino-pretty" }
+	});
+	try {
+		const spinner = ora("loading configuration...").start();
+		const { config, configPath } = await getToolForgeConfig(configRelPath);
+		spinner.stop();
+		logger.debug({ config }, "loaded config from %s", configPath);
+		await buildForge(config, logger);
+	} catch (error) {
+		logger.error(error, "failed to build tools");
+		process.exit(1);
+	}
+}
+
+//#endregion
+//#region src/cli/actions/deploy.ts
+/**
+* Action to deploy the tools to Tool Forge platform.
+*/
+async function deploy(configRelPath, debug) {
+	const logFilePath = path.resolve(process.cwd(), ".tf-logs", `deploy-${Date.now()}.log`);
+	const logger = pino({
+		level: debug ? "debug" : "info",
+		transport: {
+			target: "pino/file",
+			options: {
+				destination: logFilePath,
+				mkdir: true
+			}
+		}
+	});
+	prompts.intro("Deploying to Tool Forge");
+	prompts.log.info(`Saving logs to ${logFilePath}`);
+	const spinner = prompts.spinner();
+	spinner.start("Checking authentication...");
+	const key = await Bun.secrets.get({
+		service: TOOL_FORGE_CLI_DOMAIN,
+		name: TOOL_FORGE_ACCESS_TOKEN_KEY
+	});
+	spinner.stop("Authentication checked.");
+	if (!key) {
+		prompts.outro("You are not logged in. Please run \"tool-forge login\" to login.");
+		process.exit(1);
+	}
+	const loginSpinner = prompts.spinner();
+	loginSpinner.start("Loading configuration...");
+	const { config } = await getToolForgeConfig(configRelPath).then((data) => {
+		loginSpinner.stop("Configuration loaded.");
+		return data;
+	}).catch((error) => {
+		loginSpinner.stop("Failed to load configuration.");
+		prompts.outro(getErrorMessage(error));
+		process.exit(1);
+	});
+	const envSpinner = prompts.spinner();
+	envSpinner.start("Fetching production environments...");
+	const { environments } = await fetch(new URL("/api/cli/production-environments", config.appServerUrl), { headers: { "x-tf-token": key } }).then(async (res) => {
+		if (!res.ok) throw new Error(`Failed to fetch production environments: ${res.status} ${res.statusText}`);
+		const data = z$1.object({ environments: z$1.object({
+			id: z$1.string(),
+			environmentName: z$1.string(),
+			workspaceName: z$1.string()
+		}).array() }).parse(await res.json());
+		envSpinner.stop("Production environments fetched.");
+		return data;
+	}).catch((error) => {
+		envSpinner.stop("Failed to fetch production environments.");
+		prompts.outro(getErrorMessage(error));
+		process.exit(1);
+	});
+	const environmentSelect = await prompts.select({
+		message: "Select the production environment to deploy to:",
+		options: environments.map((env) => ({
+			label: `${env.environmentName} (Workspace: ${env.workspaceName})`,
+			value: env.id
+		}))
+	});
+	if (prompts.isCancel(environmentSelect)) {
+		prompts.outro("Deployment cancelled.");
+		process.exit(0);
+	}
+	const name = await prompts.text({
+		message: "Enter a name for this deployment:",
+		validate(value) {
+			if (value.length === 0) return "Deployment name cannot be empty";
+		}
+	});
+	if (prompts.isCancel(name)) {
+		prompts.outro("Deployment cancelled.");
+		process.exit(0);
+	}
+	const buildSpinner = prompts.spinner();
+	buildSpinner.start("Building tools...");
+	const { tarballPath, sha256 } = await buildForge(config, logger).then(async ({ bundleDirPath }) => {
+		buildSpinner.stop("Tools built successfully.");
+		const { tarballPath: tarballPath$1, sha256: sha256$1 } = await createCompleteBundle({
+			bundleDirPath,
+			rootPath: process.cwd()
+		}, logger);
+		return {
+			tarballPath: tarballPath$1,
+			sha256: sha256$1
+		};
+	}).catch((error) => {
+		buildSpinner.stop("Failed to build tools.");
+		prompts.outro(getErrorMessage(error));
+		process.exit(1);
+	});
+	const deploySpinner = prompts.spinner();
+	const environmentName = environments.find((env) => env.id === environmentSelect)?.environmentName;
+	deploySpinner.start(`Deploying tools to ${environmentName}...`);
+	const formData = new FormData();
+	formData.append("bundle", new File([await Bun.file(tarballPath).arrayBuffer()], path.basename(tarballPath), { type: "application/gzip" }));
+	formData.append("environmentId", environmentSelect);
+	formData.append("sha256", sha256);
+	formData.append("name", name);
+	const { url } = await fetch(new URL("/api/cli/initialize-deployment", config.appServerUrl), {
+		method: "POST",
+		headers: { "x-tf-token": key },
+		body: formData
+	}).then(async (res) => {
+		if (!res.ok) {
+			const errorData = await res.json().catch(() => null);
+			logger.error("deployment failed: %s %s %s", res.status, res.statusText, JSON.stringify(errorData));
+			throw new Error(`Deployment failed: ${res.status} ${res.statusText}`);
+		}
+		const data = z$1.object({
+			deploymentId: z$1.uuid(),
+			url: z$1.string()
+		}).parse(await res.json());
+		deploySpinner.stop("Tools deployed successfully.");
+		return data;
+	}).catch((error) => {
+		deploySpinner.stop("Failed to deploy tools.");
+		prompts.outro(getErrorMessage(error));
+		process.exit(1);
+	});
+	const deploymentUrl = new URL(url, config.appUrl).toString();
+	prompts.outro(`Deployment initiated successfully!\n\nYou can view the deployment status at:\n${picocolors.green(deploymentUrl)}`);
+}
+
+//#endregion
+//#region src/cli/actions/login.ts
+async function login(configRelPath) {
+	prompts.intro("Logging in to Tool Forge");
+	const spinner = prompts.spinner();
+	spinner.start("Loading configuration...");
+	try {
+		const { config } = await getToolForgeConfig(configRelPath);
+		spinner.stop("Configuration loaded.");
+		const authClient = createAuthClient({
+			baseURL: config.appServerUrl,
+			plugins: [deviceAuthorizationClient()]
+		});
+		const deviceLabel = getDeviceLabel();
+		const clientId = `toolforge-cli:${deviceLabel}`;
+		const { data: deviceCodeData, error } = await authClient.device.code({
+			client_id: clientId,
+			scope: "deployments:read deployments:write"
+		});
+		if (error || !deviceCodeData) {
+			prompts.outro(`failed to initiate device authorization flow: ${error.error_description}`);
+			process.exit(1);
+		}
+		const verificationUrl = new URL("/cli/login", config.appUrl);
+		verificationUrl.searchParams.set("deviceLabel", deviceLabel);
+		verificationUrl.searchParams.set("userCode", deviceCodeData.user_code);
+		prompts.note(`To authenticate, please visit:\n${verificationUrl.toString()}\n\n🔐 And enter the code: ${deviceCodeData.user_code}`, "Login Instructions");
+		openInBrowser(verificationUrl.toString());
+		async function pollForToken() {
+			return new Promise((resolve, reject) => {
+				let pollInterval = 5e3;
+				let timeout;
+				async function poll() {
+					const { error: error$1, data } = await authClient.device.token({
+						grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+						device_code: deviceCodeData.device_code,
+						client_id: clientId
+					});
+					if (error$1) match(error$1.error).returnType().with("authorization_pending", () => {
+						clearTimeout(timeout);
+						timeout = setTimeout(poll, pollInterval);
+					}).with("slow_down", () => {
+						clearTimeout(timeout);
+						pollInterval += 5e3;
+						timeout = setTimeout(poll, pollInterval);
+					}).with("access_denied", () => {
+						clearTimeout(timeout);
+						reject(/* @__PURE__ */ new Error("access denied by user"));
+					}).with("expired_token", () => {
+						clearTimeout(timeout);
+						reject(/* @__PURE__ */ new Error("device code has expired"));
+					}).with("invalid_grant", () => {
+						clearTimeout(timeout);
+						reject(/* @__PURE__ */ new Error("invalid grant, please try again"));
+					}).with("invalid_request", () => {
+						clearTimeout(timeout);
+						reject(/* @__PURE__ */ new Error("invalid request, please try again"));
+					}).run();
+					if (data) {
+						clearTimeout(timeout);
+						resolve(data.access_token);
+					}
+				}
+				timeout = setTimeout(poll, pollInterval);
+			});
+		}
+		const pollSpinner = prompts.spinner();
+		pollSpinner.start("Waiting for authentication...");
+		try {
+			const token = await pollForToken();
+			await Bun.secrets.set({
+				service: TOOL_FORGE_CLI_DOMAIN,
+				name: TOOL_FORGE_ACCESS_TOKEN_KEY,
+				value: token
+			});
+			pollSpinner.stop("Authentication successful!");
+			prompts.outro("Successfully authenticated and stored access token securely");
+		} catch (error$1) {
+			pollSpinner.stop("Authentication failed.");
+			prompts.outro(getErrorMessage(error$1));
+		}
+	} catch (error) {
+		spinner.stop("Failed to load configuration.");
+		prompts.outro(getErrorMessage(error));
+	}
+}
+function getDeviceLabel() {
+	return `${os.userInfo().username}@${os.hostname()}`;
+}
+
 //#endregion
 //#region src/internal/websocket-client.ts
 const optionsSchema$1 = z$1.object({
@@ -3313,7 +3742,10 @@ var WebSocketClient = class extends EventEmitter {
 		this.#connectToServer();
 	}
 	#connectToServer() {
-		if (this.#connectionState !== "closing") this.#logger.warn("start called while closing, ignoring");
+		if (this.#connectionState === "closing") {
+			this.#logger.warn("start called while closing, ignoring");
+			return;
+		}
 		if (this.#connectionState === "connected" || this.#connectionState === "connecting") {
 			this.#logger.warn("already connecting, connected, or stopped, ignoring");
 			return;
@@ -3530,8 +3962,8 @@ var WebSocketClient = class extends EventEmitter {
 	#stop() {
 		if (this.#heartbeatInterval) clearInterval(this.#heartbeatInterval);
 		if (this.#heartbeatTimeout) clearTimeout(this.#heartbeatTimeout);
-		if (this.#socket) {
-			if (this.#socket.readyState === WebSocket.OPEN) this.#socket.close(WS_ERROR_CODES.GOING_AWAY, "runner shutting down");
+		if (this.#socket && this.#socket.readyState !== WebSocket.CLOSED) {
+			this.#socket.close(WS_ERROR_CODES.GOING_AWAY, "runner shutting down");
 			this.#socket.removeEventListener("open", this.#handleWebSocketOpen.bind(this));
 			this.#socket.removeEventListener("close", this.#handleWebSocketClose.bind(this));
 			this.#socket.removeEventListener("message", this.#handleWebSocketMessage.bind(this));
@@ -3572,6 +4004,8 @@ var ForgeRunner = class extends EventEmitter {
 	#logger;
 	#config;
 	#serverUrl;
+	#apiKey;
+	#refreshApiKeyInterval;
 	#forgeItems = [];
 	#tools = {};
 	#agents = {};
@@ -3583,8 +4017,9 @@ var ForgeRunner = class extends EventEmitter {
 	constructor(config, options, logger) {
 		super({ captureRejections: true });
 		this.#config = config;
+		this.#apiKey = config.apiKey;
 		const url = new URL(this.#config.sdkServer);
-		url.searchParams.set("apiKey", this.#config.apiKey);
+		url.searchParams.set("apiKey", this.#apiKey);
 		url.searchParams.set("runnerId", this.#id);
 		url.pathname = "/socket";
 		this.#serverUrl = url.toString();
@@ -3595,6 +4030,9 @@ var ForgeRunner = class extends EventEmitter {
 			runnerId: this.#id
 		}, this, this.#logger);
 		this.#webSocketClient.on(WEB_SOCKET_CLIENT_EVENTS.COMMUNICATION_INITIALIZED, this.#handleWebSocketCommunicationInitialized.bind(this));
+		if (this.#apiKey.startsWith(TOKEN_PREFIX)) this.#refreshApiKeyInterval = setInterval(() => {
+			this.#refreshApiKey();
+		}, 840 * 1e3);
 		this.#logger.info({
 			mode: this.#options.mode,
 			id: this.#id
@@ -3612,6 +4050,8 @@ var ForgeRunner = class extends EventEmitter {
 			this.#tools = tools;
 			this.#agents = agents;
 			this.#logger.debug(`gathered ${this.#forgeItems.length} tools and directories`);
+			this.#logger.info("websocket communication initialized, sending forge list...");
+			await this.#sendListForge();
 			this.#watchToolChanges();
 			this.#unsubscribeMessageHandler = this.#webSocketClient.subscribeToMessages(this.#handleWebSocketMessage.bind(this));
 		} catch (error) {
@@ -3780,6 +4220,26 @@ var ForgeRunner = class extends EventEmitter {
 		});
 	}
 	#handleStopAgentMessage(message) {}
+	/**
+	* Refreshes the API key by requesting a new token from the SDK server,
+	* when the apiKey is a (short lived) token used when runner is deployed
+	* using Tool Forge Cloud.
+	*/
+	async #refreshApiKey() {
+		const url = new URL(this.#serverUrl);
+		url.pathname = "/token/refresh";
+		const res = await fetch(url.toString(), {
+			method: "POST",
+			headers: { "Content-Type": "application/json" },
+			body: JSON.stringify({ token: this.#apiKey })
+		});
+		if (!res.ok) throw new Error(`failed to refresh token: ${res.status} ${res.statusText}`);
+		const data = await res.json();
+		const result = z$1.object({ token: z$1.string().startsWith(TOKEN_PREFIX) }).safeParse(data);
+		if (!result.success) throw new Error("invalid response from token refresh");
+		this.#apiKey = result.data.token;
+		this.#logger.info("successfully refreshed API token");
+	}
 	stop() {
 		this.#logger.info("gracefully stopping tool runner...");
 		if (this.#fsWatcher) {
@@ -3794,59 +4254,17 @@ var ForgeRunner = class extends EventEmitter {
 		}
 		this.#webSocketClient.off(WEB_SOCKET_CLIENT_EVENTS.COMMUNICATION_INITIALIZED, this.#handleWebSocketCommunicationInitialized.bind(this));
 		this.#webSocketClient.stop();
+		if (this.#refreshApiKeyInterval) {
+			clearInterval(this.#refreshApiKeyInterval);
+			this.#refreshApiKeyInterval = void 0;
+			this.#logger.info("token refresh interval cleared");
+		}
 		this.#logger.info("tool runner stopped");
 	}
 };
 
 //#endregion
-//#region src/cli/index.ts
-const version = JSON.parse(readFileSync(path.resolve(__dirname, "../../package.json"), "utf-8")).version;
-program.name("toolforge").description("Tool Forge SDK cli").version(version);
-program.command("dev").description("start the tool forge development server").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function startServer() {
-	const debug = z$1.boolean().optional().default(false).parse(this.opts().debug);
-	await startToolForge({
-		configRelPath: z$1.string().parse(this.opts().config),
-		debug,
-		mode: "development"
-	});
-});
-program.command("start").description("start the tool forge server in production mode").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function startServer() {
-	const debug = z$1.boolean().optional().default(false).parse(this.opts().debug);
-	await startToolForge({
-		configRelPath: z$1.string().parse(this.opts().config),
-		debug,
-		mode: "production"
-	});
-});
-program.command("build").description("build the tools for production").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function() {
-	const logger = pino({
-		level: z$1.boolean().optional().default(false).parse(this.opts().debug) ? "debug" : "info",
-		transport: { target: "pino-pretty" }
-	});
-	try {
-		const configRelPath = z$1.string().parse(this.opts().config);
-		const configPath = path.resolve(process.cwd(), configRelPath);
-		const config = toolForgeConfigSchema.parse(await import(configPath).then((mod) => mod.default));
-		logger.debug({ config }, "loaded config from %s", configPath);
-		const toolsDir = path.resolve(process.cwd(), config.toolsDir);
-		const { toolEntries, agentEntries, forgeItems } = await gatherToolAndAgentEntries(toolsDir, "production", logger);
-		if (forgeItems.length === 0) {
-			logger.warn("no tools or agents found to build");
-			process.exit(0);
-		}
-		await bundleForge({
-			toolEntries,
-			agentEntries,
-			forgeItems,
-			toolsDir,
-			logger
-		});
-		logger.info("tools built successfully");
-	} catch (error) {
-		logger.error(error, "failed to build tools");
-		process.exit(1);
-	}
-});
+//#region src/cli/actions/start-tool-forge.ts
 async function startToolForge({ configRelPath, debug, mode }) {
 	const logger = pino({
 		level: debug ? "debug" : "info",
@@ -3854,8 +4272,7 @@ async function startToolForge({ configRelPath, debug, mode }) {
 	});
 	try {
 		const spinner = ora("loading configuration...").start();
-		const configPath = path.resolve(process.cwd(), configRelPath);
-		const config = toolForgeConfigSchema.parse(await import(configPath).then((mod) => mod.default));
+		const { config, configPath } = await getToolForgeConfig(configRelPath);
 		spinner.stop();
 		logger.debug({ config }, "loaded config from %s", configPath);
 		const runner = new ForgeRunner(config, { mode }, logger);
@@ -3879,6 +4296,43 @@ async function startToolForge({ configRelPath, debug, mode }) {
 		process.exit(1);
 	}
 }
+
+//#endregion
+//#region src/cli/index.ts
+const version = JSON.parse(readFileSync(path.resolve(__dirname, "../../package.json"), "utf-8")).version;
+program.name("toolforge").description("Tool Forge SDK cli").version(version);
+program.command("dev").description("start the tool forge development server").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function startServer() {
+	const debug = z$1.boolean().optional().default(false).parse(this.opts().debug);
+	await startToolForge({
+		configRelPath: z$1.string().parse(this.opts().config),
+		debug,
+		mode: "development"
+	}).catch((error) => {
+		if (error instanceof Error) console.warn("Failed to start development server:", error.message);
+		process.exit(1);
+	});
+});
+program.command("start").description("start the tool forge server in production mode").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function startServer() {
+	const debug = z$1.boolean().optional().default(false).parse(this.opts().debug);
+	await startToolForge({
+		configRelPath: z$1.string().parse(this.opts().config),
+		debug,
+		mode: "production"
+	}).catch((error) => {
+		if (error instanceof Error) console.warn("Failed to start server:", error.message);
+		process.exit(1);
+	});
+});
+program.command("build").description("build the tools for production").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function() {
+	const debug = z$1.boolean().optional().default(false).parse(this.opts().debug);
+	await build(z$1.string().parse(this.opts().config), debug);
+});
+program.command("login").description("login to Tool Forge").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").action(async function() {
+	await login(z$1.string().parse(this.opts().config));
+});
+program.command("deploy").description("deploy the tools to Tool Forge").option("-c, --config <path>", "path to the tool-forge config file", (val) => z$1.string().parse(val), "toolforge.config.ts").option("-d, --debug", "enable debug logging", false).action(async function() {
+	await deploy(z$1.string().parse(this.opts().config), z$1.boolean().optional().default(false).parse(this.opts().debug));
+});
 program.parse(Bun.argv);
 
 //#endregion