@trenchwork/erosolar 1.1.24 → 1.1.25

package/README.md

@@ -39,17 +39,51 @@ erosolar
 On first launch the CLI:
 
 1. Pops a browser tab to `https://ero.solar/auth?port=…`. You sign in
-   (Erosolar Auth — Firebase Auth under the hood, project
-   `erosolar-1b0db`).
+   with **Google SSO** (Erosolar Auth — Firebase Auth under the hood,
+   project `erosolar-1b0db`). SSO is enforced both at the web auth
+   page and at the Firestore-rule layer
+   (`request.auth.token.firebase.sign_in_provider == 'google.com'`).
 2. Stores a Firebase ID token + refresh token at `~/.erosolar/auth.json`
    (`0o600`). The refresh token is long-lived; the ID token is auto-
    renewed before expiry.
-3. Fetches the shared DeepSeek API key from Firestore at
+3. **Approval gate.** The CLI checks `approved_users/{your-email}` in
+   Firestore. The package ships offsec capabilities (Kali tools /
+   AFL++ / gdb / pwntools / Ghidra MCP), so only allowlisted emails
+   can launch. If your email isn't approved, the CLI writes a
+   pending request to `approval_requests/{uid}` for the operator to
+   review and exits with a clear message — re-run after the request
+   is approved.
+4. Fetches the shared DeepSeek API key from Firestore at
    `shared_secrets/deepseek` and writes it into `process.env.DEEPSEEK_API_KEY`
    for the duration of the process. **Nothing lands on disk.** Reads
-   are gated by Firestore security rules to authenticated users only;
-   writes are admin-only.
-4. Starts the interactive Ink-based shell.
+   are gated by Firestore rules to authenticated *and approved*
+   users only; writes are admin-only.
+5. Starts the interactive Ink-based shell.
+
+### Requesting approval
+
+Sign in once via Google SSO. The CLI will detect that your email
+isn't on the allowlist and file a pending request at
+`approval_requests/{uid}`. The operator reviews the queue and
+adds your email via:
+
+```sh
+node scripts/approve-user.mjs <your-email>
+```
+
+You can re-run `erosolar` once the operator confirms approval.
+
+### Approval gate — admin operations
+
+Adding a user (uses the Firebase CLI's stored OAuth token; bypasses
+Firestore rules via owner privileges):
+
+```sh
+node scripts/approve-user.mjs alice@example.com
+```
+
+Inspecting pending requests via Firebase Console:
+[Firestore → `approval_requests`](https://console.firebase.google.com/project/erosolar-1b0db/firestore/data/~2Fapproval_requests)
 
 ### Bring-your-own key
 

package/dist/bin/deepseek.js

@@ -213,10 +213,36 @@ async function main() {
     // Require authentication before continuing
     const { requireAuth } = await import('../core/auth.js');
     await requireAuth();
+    // Approved-users gate. The CLI carries offsec tooling, so every
+    // launch checks the signed-in email against the Firestore allowlist
+    // at `approved_users/{email}`. Misses get a request doc written for
+    // the operator to review, then the CLI refuses to start. SSO is
+    // also enforced at the Firestore-rule layer (sign_in_provider ==
+    // 'google.com'), so a non-SSO token can't even read the doc.
+    const { checkApproval, requestApproval } = await import('../core/userApproval.js');
+    const approval = await checkApproval();
+    if (!approval.approved) {
+        process.stderr.write('\n');
+        process.stderr.write('Access denied — this account is not on the approved-users list.\n');
+        process.stderr.write(`  Email:  ${approval.email ?? '(no email on token — SSO required)'}\n`);
+        process.stderr.write(`  Reason: ${approval.reason ?? 'unknown'}\n\n`);
+        if (approval.email && approval.uid) {
+            const req = await requestApproval();
+            if (req.ok) {
+                process.stderr.write('A request has been recorded. The administrator will review it.\n');
+                process.stderr.write('You can re-run `erosolar` once the approval lands.\n');
+            }
+            else {
+                process.stderr.write(`Could not file approval request: ${req.reason}\n`);
+            }
+        }
+        process.exit(1);
+    }
     // Hydrate shared provider keys from Firestore. Runs after requireAuth
-    // so a valid Firebase ID token is already on disk. If the user has
-    // their own DEEPSEEK_API_KEY in env or saved via /secrets, this is a
-    // no-op; otherwise it fetches the org-managed key from
+    // + checkApproval so a valid Firebase ID token is already on disk
+    // and the user is on the allowlist. If the user has their own
+    // DEEPSEEK_API_KEY in env or saved via /secrets, this is a no-op;
+    // otherwise it fetches the org-managed key from
     // shared_secrets/deepseek (Firestore-rule-gated by auth) and writes
     // it into process.env before any provider is constructed. The CLI
     // ships zero embedded keys.

package/dist/bin/deepseek.js.map

@@ -1 +1 @@
-{"version":3,"file":"deepseek.js","sourceRoot":"","sources":["../../src/bin/deepseek.ts"],"names":[],"mappings":";AACA;;GAEG;AACH,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AAC7E,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAE9C,sEAAsE;AACtE,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEtC,yEAAyE;AACzE,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC;AACvF,KAAK,CAAC,aAAa,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAEhE,gEAAgE;AAChE,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,OAAO,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvF,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;IACpB,IAAI,QAA4B,CAAC;IACjC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,IAAI,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1B,CAAC;SAAM,IAAI,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5E,QAAQ,GAAG,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC9B,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;oBAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,CAAC,CAAC;oBACvD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;oBAExD,IAAI,CAAC;wBACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;wBAC7C,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;4BACxC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BAClD,CAAC,CAAC,EAAE,CAAC;wBACP,QAAQ,CAAC,kBAAkB,CAAC,GAAG,QAAQ,CAAC;wBACxC,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;wBACvE,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;wBACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,YAAY,CAAC,uBAAuB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;wBAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,YAAY,CAAC,oCAAoC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;KAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IACnE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;QAC1B,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC5B,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBACtD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,oBAAoB,CAAC,CAAC;oBAC7E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;oBAC1D,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,CAAC,OAAO,IAAI,OAAO,EAAE,CAAC,CAAC;gBAC/D,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACtD,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;KAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;CAuBb,CAAC,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;KAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,OAAO,EAAE,CAAC;IAClC,qEAAqE;IACrE,sEAAsE;IACtE,mEAAmE;IACnE,uEAAuE;IACvE,0CAA0C;IAC1C,KAAK,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACnD,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;KAAM,CAAC;IACN,KAAK,IAAI,EAAE,CAAC;AACd,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,IAAc;IAC3C,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAClE,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IAE/B,MAAM,KAAK,GAAG;;;;;;;;;;;;;;;CAef,CAAC;IAEA,IAAI,CAAC;QACH,IAAI,MAAe,CAAC;QACpB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,CAAC,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;gBACpC,IAAI,CAAC,CAAC,EAAE,CAAC;oBACP,OAAO,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;oBAC/F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;gBACD,MAAM,GAAG,CAAC,CAAC;gBACX,MAAM;YACR,CAAC;YACD,KAAK,OAAO;gBACV,MAAM,GAAG,EAAE,IAAI,EAAE,YAAY,CAAC,SAAS,EAAE,EAAE,CAAC;gBAC5C,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC7C,MAAM;YACR,KAAK,OAAO;gBACV,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAC/C,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAChD,MAAM;YACR,KAAK,QAAQ;gBACX,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,KAAK;gBACR,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAC/C,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM;YACR,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrC,IAAI,CAAC,IAAI,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACrD,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBACzC,MAAM;YACR,CAAC;YACD,KAAK,OAAO;gBACV,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE,CAAC;gBACpC,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM;YACR,KAAK,QAAQ,CAAC;YACd,KAAK,IAAI,CAAC;YACV,KAAK,MAAM;gBACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB;gBACE,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,OAAO,KAAK,EAAE,CAAC,CAAC;gBACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,KAAK,CAAC,SAAS,IAAI,KAAK,GAAG,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,2CAA2C;IAC3C,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,WAAW,EAAE,CAAC;IAEpB,sEAAsE;IACtE,mEAAmE;IACnE,qEAAqE;IACrE,uDAAuD;IACvD,oEAAoE;IACpE,kEAAkE;IAClE,4BAA4B;IAC5B,MAAM,EAAE,wBAAwB,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC9E,MAAM,wBAAwB,EAAE,CAAC;IAEjC,wCAAwC;IACxC,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,GAAG,CAAC;IACjE,CAAC;IAED,iBAAiB;IACjB,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QACpC,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;QACtD,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5F,OAAO;IACT,CAAC;IAED,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,iCAAiC,CAAC,CAAC;IAChF,mBAAmB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACrD,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"deepseek.js","sourceRoot":"","sources":["../../src/bin/deepseek.ts"],"names":[],"mappings":";AACA;;GAEG;AACH,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AAC7E,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAE9C,sEAAsE;AACtE,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEtC,yEAAyE;AACzE,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC;AACvF,KAAK,CAAC,aAAa,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAEhE,gEAAgE;AAChE,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,OAAO,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvF,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;IACpB,IAAI,QAA4B,CAAC;IACjC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,IAAI,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1B,CAAC;SAAM,IAAI,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5E,QAAQ,GAAG,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;YAC1B,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC9B,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;oBAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,CAAC,CAAC;oBACvD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;oBAExD,IAAI,CAAC;wBACH,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;wBAC7C,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC;4BACxC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BAClD,CAAC,CAAC,EAAE,CAAC;wBACP,QAAQ,CAAC,kBAAkB,CAAC,GAAG,QAAQ,CAAC;wBACxC,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;wBACvE,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;wBACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,YAAY,CAAC,uBAAuB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;wBAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,YAAY,CAAC,oCAAoC,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;KAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IACnE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;QAC1B,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC9B,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC5B,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBACtD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,oBAAoB,CAAC,CAAC;oBAC7E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;oBAC1D,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,CAAC,OAAO,IAAI,OAAO,EAAE,CAAC,CAAC;gBAC/D,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACtD,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;KAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;CAuBb,CAAC,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;KAAM,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,OAAO,EAAE,CAAC;IAClC,qEAAqE;IACrE,sEAAsE;IACtE,mEAAmE;IACnE,uEAAuE;IACvE,0CAA0C;IAC1C,KAAK,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QACnD,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;KAAM,CAAC;IACN,KAAK,IAAI,EAAE,CAAC;AACd,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,IAAc;IAC3C,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAClE,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IAE/B,MAAM,KAAK,GAAG;;;;;;;;;;;;;;;CAef,CAAC;IAEA,IAAI,CAAC;QACH,IAAI,MAAe,CAAC;QACpB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,CAAC,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;gBACpC,IAAI,CAAC,CAAC,EAAE,CAAC;oBACP,OAAO,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;oBAC/F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;gBACD,MAAM,GAAG,CAAC,CAAC;gBACX,MAAM;YACR,CAAC;YACD,KAAK,OAAO;gBACV,MAAM,GAAG,EAAE,IAAI,EAAE,YAAY,CAAC,SAAS,EAAE,EAAE,CAAC;gBAC5C,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC7C,MAAM;YACR,KAAK,OAAO;gBACV,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAC/C,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAChD,MAAM;YACR,KAAK,QAAQ;gBACX,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,KAAK;gBACR,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACxD,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;gBAC/C,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM;YACR,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrC,IAAI,CAAC,IAAI,EAAE,CAAC;oBAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;oBAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAC,CAAC;gBACrD,MAAM,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBACzC,MAAM;YACR,CAAC;YACD,KAAK,OAAO;gBACV,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE,CAAC;gBACpC,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM;YACR,KAAK,QAAQ,CAAC;YACd,KAAK,IAAI,CAAC;YACV,KAAK,MAAM;gBACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB;gBACE,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,OAAO,KAAK,EAAE,CAAC,CAAC;gBACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,KAAK,CAAC,SAAS,IAAI,KAAK,GAAG,EAAE,CAAC,CAAC;QACvC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,2CAA2C;IAC3C,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,WAAW,EAAE,CAAC;IAEpB,gEAAgE;IAChE,oEAAoE;IACpE,oEAAoE;IACpE,gEAAgE;IAChE,iEAAiE;IACjE,6DAA6D;IAC7D,MAAM,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,CAAC;IACnF,MAAM,QAAQ,GAAG,MAAM,aAAa,EAAE,CAAC;IACvC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACvB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;QAC1F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,QAAQ,CAAC,KAAK,IAAI,oCAAoC,IAAI,CAAC,CAAC;QAC9F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,QAAQ,CAAC,MAAM,IAAI,SAAS,MAAM,CAAC,CAAC;QACtE,IAAI,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;YACnC,MAAM,GAAG,GAAG,MAAM,eAAe,EAAE,CAAC;YACpC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;gBACzF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC/E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,sEAAsE;IACtE,kEAAkE;IAClE,8DAA8D;IAC9D,kEAAkE;IAClE,gDAAgD;IAChD,oEAAoE;IACpE,kEAAkE;IAClE,4BAA4B;IAC5B,MAAM,EAAE,wBAAwB,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC9E,MAAM,wBAAwB,EAAE,CAAC;IAEjC,wCAAwC;IACxC,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,GAAG,CAAC;IACjE,CAAC;IAED,iBAAiB;IACjB,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QACpC,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;QACtD,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5F,OAAO;IACT,CAAC;IAED,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,iCAAiC,CAAC,CAAC;IAChF,mBAAmB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACrD,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/core/userApproval.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Approved-user gate.
+ *
+ * The CLI ships offsec capabilities (Kali tools, AFL++, gdb, pwntools,
+ * Ghidra MCP wiring). To prevent random Google accounts from picking
+ * up the package and burning the shared key on toy targets, every
+ * launch checks the user's email against `approved_users/{email}` in
+ * Firestore. Misses get a `approval_requests/{uid}` doc written for
+ * the operator to review, then the CLI exits with an explanatory
+ * message.
+ *
+ * SSO is enforced two ways:
+ *   1. The web sign-in page only offers Google.
+ *   2. Firestore rules also check `request.auth.token.firebase.sign_in_provider == 'google.com'`
+ *      so a non-SSO token (anonymous, password) can't read the
+ *      approved_users doc — defense in depth.
+ *
+ * Email is the canonical identity here, lowercased + trimmed. UID is
+ * recorded on the request doc so the admin can correlate but not used
+ * as the primary key (UIDs are opaque; humans review by email).
+ */
+export interface ApprovalResult {
+    approved: boolean;
+    email: string | null;
+    uid: string | null;
+    reason?: string;
+}
+export declare function normalizeEmail(email: string): string;
+/**
+ * Verify the currently-signed-in user is on the approved list.
+ * Side-effect free; just reads. Errors are surfaced as `approved: false`
+ * with a reason so the caller can decide whether to file a request
+ * doc and/or surface the message.
+ */
+export declare function checkApproval(): Promise<ApprovalResult>;
+/**
+ * Idempotently write `approval_requests/{uid}` so the admin sees a
+ * pending request. Firestore rules let any authenticated user PATCH
+ * their own request doc but no one can read a sibling's. Returning
+ * `ok: true` doesn't mean approved — only that the request landed.
+ */
+export declare function requestApproval(): Promise<{
+    ok: boolean;
+    reason?: string;
+}>;
+//# sourceMappingURL=userApproval.d.ts.map

package/dist/core/userApproval.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"userApproval.d.ts","sourceRoot":"","sources":["../../src/core/userApproval.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAMH,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpD;AA4BD;;;;;GAKG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,cAAc,CAAC,CAkB7D;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC;IAAE,EAAE,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA6BjF"}

package/dist/core/userApproval.js

@@ -0,0 +1,107 @@
+/**
+ * Approved-user gate.
+ *
+ * The CLI ships offsec capabilities (Kali tools, AFL++, gdb, pwntools,
+ * Ghidra MCP wiring). To prevent random Google accounts from picking
+ * up the package and burning the shared key on toy targets, every
+ * launch checks the user's email against `approved_users/{email}` in
+ * Firestore. Misses get a `approval_requests/{uid}` doc written for
+ * the operator to review, then the CLI exits with an explanatory
+ * message.
+ *
+ * SSO is enforced two ways:
+ *   1. The web sign-in page only offers Google.
+ *   2. Firestore rules also check `request.auth.token.firebase.sign_in_provider == 'google.com'`
+ *      so a non-SSO token (anonymous, password) can't read the
+ *      approved_users doc — defense in depth.
+ *
+ * Email is the canonical identity here, lowercased + trimmed. UID is
+ * recorded on the request doc so the admin can correlate but not used
+ * as the primary key (UIDs are opaque; humans review by email).
+ */
+import { FIREBASE_PROJECT_ID, getAuthStatus, getValidIdToken } from './auth.js';
+const FIRESTORE_BASE = `https://firestore.googleapis.com/v1/projects/${FIREBASE_PROJECT_ID}/databases/(default)/documents`;
+export function normalizeEmail(email) {
+    return email.trim().toLowerCase();
+}
+async function fetchApprovalDoc(email) {
+    const idToken = await getValidIdToken();
+    const url = `${FIRESTORE_BASE}/approved_users/${encodeURIComponent(email)}`;
+    const res = await fetch(url, {
+        headers: { Authorization: `Bearer ${idToken}`, Accept: 'application/json' },
+    });
+    if (res.status === 404)
+        return null;
+    if (!res.ok) {
+        const body = await res.text().catch(() => '<no body>');
+        throw new Error(`Firestore ${res.status} reading approved_users/${email}: ${body.slice(0, 200)}`);
+    }
+    const doc = (await res.json());
+    const approved = doc.fields?.['approved']?.booleanValue === true;
+    return { approved };
+}
+/**
+ * Verify the currently-signed-in user is on the approved list.
+ * Side-effect free; just reads. Errors are surfaced as `approved: false`
+ * with a reason so the caller can decide whether to file a request
+ * doc and/or surface the message.
+ */
+export async function checkApproval() {
+    const status = getAuthStatus();
+    if (!status.authenticated) {
+        return { approved: false, email: null, uid: null, reason: 'not signed in' };
+    }
+    const email = status.email ? normalizeEmail(status.email) : null;
+    const uid = status.uid ?? null;
+    if (!email) {
+        return { approved: false, email, uid, reason: 'no email on auth token (SSO required)' };
+    }
+    try {
+        const doc = await fetchApprovalDoc(email);
+        if (doc?.approved)
+            return { approved: true, email, uid };
+        return { approved: false, email, uid, reason: 'email not on approved-users list' };
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        return { approved: false, email, uid, reason: `approval check failed: ${msg}` };
+    }
+}
+/**
+ * Idempotently write `approval_requests/{uid}` so the admin sees a
+ * pending request. Firestore rules let any authenticated user PATCH
+ * their own request doc but no one can read a sibling's. Returning
+ * `ok: true` doesn't mean approved — only that the request landed.
+ */
+export async function requestApproval() {
+    const status = getAuthStatus();
+    if (!status.authenticated || !status.uid) {
+        return { ok: false, reason: 'not signed in' };
+    }
+    try {
+        const idToken = await getValidIdToken();
+        const url = `${FIRESTORE_BASE}/approval_requests/${encodeURIComponent(status.uid)}`;
+        const body = {
+            fields: {
+                email: { stringValue: status.email ?? '' },
+                uid: { stringValue: status.uid },
+                requestedAt: { timestampValue: new Date().toISOString() },
+                status: { stringValue: 'pending' },
+            },
+        };
+        const res = await fetch(url, {
+            method: 'PATCH',
+            headers: { Authorization: `Bearer ${idToken}`, 'Content-Type': 'application/json' },
+            body: JSON.stringify(body),
+        });
+        if (!res.ok) {
+            const txt = await res.text().catch(() => '<no body>');
+            return { ok: false, reason: `Firestore ${res.status}: ${txt.slice(0, 200)}` };
+        }
+        return { ok: true };
+    }
+    catch (err) {
+        return { ok: false, reason: err instanceof Error ? err.message : String(err) };
+    }
+}
+//# sourceMappingURL=userApproval.js.map

package/dist/core/userApproval.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userApproval.js","sourceRoot":"","sources":["../../src/core/userApproval.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,mBAAmB,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEhF,MAAM,cAAc,GAAG,gDAAgD,mBAAmB,gCAAgC,CAAC;AAS3H,MAAM,UAAU,cAAc,CAAC,KAAa;IAC1C,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;AACpC,CAAC;AAYD,KAAK,UAAU,gBAAgB,CAAC,KAAa;IAC3C,MAAM,OAAO,GAAG,MAAM,eAAe,EAAE,CAAC;IACxC,MAAM,GAAG,GAAG,GAAG,cAAc,mBAAmB,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC;IAC5E,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE;KAC5E,CAAC,CAAC;IACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACpC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,aAAa,GAAG,CAAC,MAAM,2BAA2B,KAAK,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;IACpG,CAAC;IACD,MAAM,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsB,CAAC;IACpD,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,UAAU,CAAC,EAAE,YAAY,KAAK,IAAI,CAAC;IACjE,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QAC1B,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAC9E,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACjE,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC;IAC/B,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,uCAAuC,EAAE,CAAC;IAC1F,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAC1C,IAAI,GAAG,EAAE,QAAQ;YAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;QACzD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,kCAAkC,EAAE,CAAC;IACrF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,0BAA0B,GAAG,EAAE,EAAE,CAAC;IAClF,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QACzC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAChD,CAAC;IACD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,eAAe,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,GAAG,cAAc,sBAAsB,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QACpF,MAAM,IAAI,GAAG;YACX,MAAM,EAAE;gBACN,KAAK,EAAE,EAAE,WAAW,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE;gBAC1C,GAAG,EAAE,EAAE,WAAW,EAAE,MAAM,CAAC,GAAG,EAAE;gBAChC,WAAW,EAAE,EAAE,cAAc,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE;gBACzD,MAAM,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE;aACnC;SACF,CAAC;QACF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAC3B,MAAM,EAAE,OAAO;YACf,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YACnF,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC;YACtD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC;QAChF,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;IACjF,CAAC;AACH,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@trenchwork/erosolar",
-  "version": "1.1.24",
+  "version": "1.1.25",
   "description": "DeepSeek AI-powered CLI agent for code assistance and automation",
   "deepseek": {
     "rulebookSchema": "src/contracts/schemas/agent-rules.schema.json"