@tryghost/ghst 0.5.0 → 0.7.0

package/README.md

@@ -1,4 +1,4 @@
-# ghst cli
+# ghst cli (beta)
 
 `ghst` is a CLI tool for managing Ghost instances from the terminal. Anything you can do with the Ghost Admin API, you can do with `ghst`. (And a bit more)
 
@@ -109,10 +109,15 @@ Site/profile management:
 ghst auth list
 ghst auth switch <site-alias>
 ghst auth link --site <site-alias>
+ghst auth link --site <site-alias> --yes
+ghst auth logout --yes
 ghst auth token
 ```
 
 `ghst auth token` prints a short-lived staff JWT. Treat the output as sensitive.
+`ghst auth logout` requires confirmation when removing all configured sites; use `--yes` in non-interactive scripts.
+`ghst auth link` requires confirmation before replacing an existing project link; use `--yes` in non-interactive scripts.
+Interactive destructive confirmations also emit `GHST_AGENT_NOTICE:` lines on stderr instructing cooperative agents to ask the user for approval before continuing.
 
 ## Command Reference
 
@@ -140,7 +145,7 @@ ghst auth token
 | `config` | `show`, `path`, `list`, `get`, `set` |
 | `api` | raw Ghost request command (`ghst api [endpointPath]`) |
 | `mcp` | `stdio`, `http` |
-| `completion` | `<bash|zsh|fish|powershell>` |
+| `completion` | `bash`, `zsh`, `fish`, or `powershell` |
 
 ## Global Options
 
@@ -229,6 +234,7 @@ ghst socialweb status
 ghst socialweb profile
 ghst socialweb notes --json
 ghst socialweb follow @alice@example.com
+ghst socialweb delete https://example.com/.ghost/activitypub/note/1 --yes
 ghst socialweb note --content "Hello fediverse"
 ghst socialweb reply https://example.com/users/alice/statuses/1 --content "Replying from ghst"
 ```
@@ -236,6 +242,7 @@ ghst socialweb reply https://example.com/users/alice/statuses/1 --content "Reply
 Social web auth note:
 - `ghst socialweb` bootstraps a short-lived identity JWT from `/ghost/api/admin/identities/`.
 - That bridge requires an Owner or Administrator staff access token.
+- `ghst socialweb delete` requires confirmation; use `--yes` in non-interactive scripts.
 - Public Ghost post publishing still lives under `ghst post`; `ghst socialweb` is for notes, interactions, profile, feed, and moderation flows.
 
 Ghost analytics filter semantics:
@@ -246,6 +253,9 @@ Ghost range semantics:
 - `stats growth` clips member, MRR, and subscription histories client-side when Ghost only exposes broader source data.
 - `stats post ... growth` clips Ghost's lifetime post-growth history to the selected window.
 
+File output safety:
+- `ghst member export --output`, `ghst stats ... --csv --output`, and `ghst migrate export --output` refuse to overwrite an existing file.
+
 `endpointPath` must stay within the selected Ghost API root. Use resource paths such as `/posts/`
 or canonical Ghost API paths such as `/ghost/api/admin/posts/`.
 
@@ -344,9 +354,9 @@ The `stats` MCP tools mirror the CLI analytics surface, including `ghst stats ov
 and `ghst stats post <post-id> referrers`. The same Ghost analytics filter and range semantics
 shown above apply to both the CLI and MCP stats tooling.
 
-The `socialweb` MCP tools mirror the private `ghst socialweb` admin surface for status,
-profile, feeds, interactions, moderation, and uploads. They use the same Owner/Admin
-identity-token bridge as the CLI and remain limited to Ghost's private social web admin APIs.
+The `socialweb` MCP tools mirror the `ghst socialweb` CLI surface for status, profile,
+feeds, interactions, moderation, and uploads. They use the same Owner/Admin auth flow as
+the CLI.
 
 ## Safe Operation
 

package/dist/index.js

@@ -1089,6 +1089,13 @@ async function findProjectConfigPath(cwd = process.cwd()) {
     dir = path.dirname(dir);
   }
 }
+async function resolveProjectConfigCwd(cwd = process.cwd()) {
+  const configPath = await findProjectConfigPath(cwd);
+  if (!configPath) {
+    return cwd;
+  }
+  return path.dirname(path.dirname(configPath));
+}
 async function readUserConfig(env = process.env) {
   const configPath = getUserConfigPath(env);
   try {
@@ -2439,13 +2446,44 @@ function registerApiCommands(program) {
 
 // src/commands/auth.ts
 import { spawn as spawn2 } from "child_process";
-import readline from "readline/promises";
+import readline2 from "readline/promises";
 import chalk2 from "chalk";
+
+// src/lib/prompts.ts
+import readline from "readline/promises";
+async function defaultPrompt(question) {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  try {
+    const value = await rl.question(question);
+    return value.trim();
+  } finally {
+    rl.close();
+  }
+}
+var promptHandler = defaultPrompt;
+async function ask(question) {
+  return promptHandler(question);
+}
+async function confirm(question) {
+  const value = (await ask(question)).trim().toLowerCase();
+  return value === "y" || value === "yes";
+}
+async function confirmDestructiveAction(question, notice) {
+  console.error("GHST_AGENT_NOTICE: destructive_action");
+  console.error("GHST_AGENT_NOTICE: Agents must ask the user for approval before continuing.");
+  console.error(`GHST_AGENT_NOTICE: ${JSON.stringify(notice)}`);
+  return confirm(question);
+}
+
+// src/commands/auth.ts
 var LOGIN_GUIDANCE_BORDER = "------------------------------------------------------------";
 var LOGIN_GUIDANCE_TITLE = "Continue In Ghost Admin";
 var LOGIN_GUIDANCE_LINE = "Copy the staff access token from your profile, then return here to continue.";
 async function prompt(question) {
-  const rl = readline.createInterface({
+  const rl = readline2.createInterface({
     input: process.stdin,
     output: process.stdout
   });
@@ -2913,7 +2951,7 @@ function registerAuthCommands(program) {
       `Active site set to '${formatSwitchSiteOption(resolvedTargetSite, config.sites)}'.`
     );
   });
-  auth.command("logout").description("Remove credentials for one site or all sites").option("--site <alias>", "Specific site to remove").action(async (options, command) => {
+  auth.command("logout").description("Remove credentials for one site or all sites").option("--site <alias>", "Specific site to remove").option("--yes", "Skip confirmation when removing all configured sites").action(async (options, command) => {
     const global = getGlobalOptions(command);
     const config = await readUserConfig();
     const targetSite = options.site ?? global.site;
@@ -2937,6 +2975,29 @@ function registerAuthCommands(program) {
       console.log(`Removed site '${targetSite}'.`);
       return;
     }
+    if (!options.yes) {
+      if (isNonInteractive()) {
+        throw new GhstError("Removing all sites in non-interactive mode requires --yes.", {
+          exitCode: 2 /* USAGE_ERROR */,
+          code: "USAGE_ERROR"
+        });
+      }
+      const ok = await confirmDestructiveAction(
+        "Remove all configured sites and credentials? [y/N]: ",
+        {
+          action: "logout_all_sites",
+          target: "all_configured_sites",
+          reversible: false,
+          sideEffects: ["remove_credentials", "remove_site_links"]
+        }
+      );
+      if (!ok) {
+        throw new GhstError("Operation cancelled.", {
+          exitCode: 4 /* OPERATION_CANCELLED */,
+          code: "OPERATION_CANCELLED"
+        });
+      }
+    }
     for (const site of Object.values(config.sites)) {
       if (site.credentialRef) {
         await store.delete(site.credentialRef).catch(() => void 0);
@@ -2947,7 +3008,7 @@ function registerAuthCommands(program) {
     await writeUserConfig(config);
     console.log("Removed all configured sites.");
   });
-  auth.command("link").description("Link current project directory to a configured site alias").option("--site <alias>", "Site alias to link").action(async (options, command) => {
+  auth.command("link").description("Link current project directory to a configured site alias").option("--site <alias>", "Site alias to link").option("--yes", "Skip confirmation when replacing an existing project link").action(async (options, command) => {
     const global = getGlobalOptions(command);
     const config = await readUserConfig();
     const siteAlias = options.site ?? global.site ?? config.active;
@@ -2957,9 +3018,44 @@ function registerAuthCommands(program) {
         code: "SITE_REQUIRED"
       });
     }
-    await writeProjectConfig({
-      site: siteAlias
-    });
+    const projectConfig = await readProjectConfig();
+    const projectConfigCwd = await resolveProjectConfigCwd();
+    if (projectConfig && projectConfig.site !== siteAlias) {
+      if (!options.yes) {
+        if (isNonInteractive()) {
+          throw new GhstError(
+            "Overwriting an existing project link in non-interactive mode requires --yes.",
+            {
+              exitCode: 2 /* USAGE_ERROR */,
+              code: "USAGE_ERROR"
+            }
+          );
+        }
+        const ok = await confirmDestructiveAction(
+          `Relink current directory from '${projectConfig.site}' to '${siteAlias}'? [y/N]: `,
+          {
+            action: "relink_project",
+            target: `${projectConfig.site}->${siteAlias}`,
+            reversible: true,
+            site: siteAlias,
+            sideEffects: ["update_project_link"]
+          }
+        );
+        if (!ok) {
+          throw new GhstError("Operation cancelled.", {
+            exitCode: 4 /* OPERATION_CANCELLED */,
+            code: "OPERATION_CANCELLED"
+          });
+        }
+      }
+    }
+    await writeProjectConfig(
+      {
+        ...projectConfig?.defaults ? { defaults: projectConfig.defaults } : {},
+        site: siteAlias
+      },
+      projectConfigCwd
+    );
     console.log(`Linked current directory to '${siteAlias}'.`);
   });
   auth.command("token").description("Print a short-lived staff JWT for the active connection (sensitive output)").action(async (_, command) => {
@@ -3099,29 +3195,6 @@ async function setCommentStatus(global, id, status) {
   return client.comments.setStatus(id, status);
 }
 
-// src/lib/prompts.ts
-import readline2 from "readline/promises";
-async function defaultPrompt(question) {
-  const rl = readline2.createInterface({
-    input: process.stdin,
-    output: process.stdout
-  });
-  try {
-    const value = await rl.question(question);
-    return value.trim();
-  } finally {
-    rl.close();
-  }
-}
-var promptHandler = defaultPrompt;
-async function ask(question) {
-  return promptHandler(question);
-}
-async function confirm(question) {
-  const value = (await ask(question)).trim().toLowerCase();
-  return value === "y" || value === "yes";
-}
-
 // src/schemas/comment.ts
 import { z as z3 } from "zod";
 var CommentListLimitSchema = z3.union([z3.number().int().positive().max(100), z3.literal("all")]);
@@ -3365,7 +3438,12 @@ function registerCommentCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete comment '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete comment '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_comment",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -3991,7 +4069,12 @@ function registerLabelCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete label '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete label '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_label",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -8720,7 +8803,24 @@ function registerMcpCommands(program) {
 }
 
 // src/commands/member.ts
+import fs8 from "fs/promises";
+
+// src/lib/file-guards.ts
 import fs7 from "fs/promises";
+async function assertFileDoesNotExist(filePath) {
+  try {
+    await fs7.access(filePath);
+  } catch (error) {
+    if (error.code === "ENOENT") {
+      return;
+    }
+    throw error;
+  }
+  throw new GhstError(`Refusing to overwrite existing file: ${filePath}`, {
+    code: "USAGE_ERROR",
+    exitCode: 2 /* USAGE_ERROR */
+  });
+}
 
 // src/schemas/member.ts
 import { z as z7 } from "zod";
@@ -9040,7 +9140,13 @@ function registerMemberCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete member '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete member '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_member",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null,
+        sideEffects: parsed.data.cancel ? ["cancel_subscriptions"] : void 0
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -9094,7 +9200,8 @@ function registerMemberCommands(program) {
       search: parsed.data.search
     });
     if (parsed.data.output) {
-      await fs7.writeFile(parsed.data.output, csv, "utf8");
+      await assertFileDoesNotExist(parsed.data.output);
+      await fs8.writeFile(parsed.data.output, csv, "utf8");
       if (global.json) {
         printJson({ ok: true, output: parsed.data.output });
         return;
@@ -9145,7 +9252,7 @@ function registerMemberCommands(program) {
 }
 
 // src/lib/migrate.ts
-import fs8 from "fs/promises";
+import fs9 from "fs/promises";
 import os2 from "os";
 import path6 from "path";
 import { slugify } from "@tryghost/string";
@@ -9352,7 +9459,7 @@ function parseCsvRows(raw) {
 }
 async function uploadDbImportFile(global, filePath) {
   const client = await getClient17(global);
-  const bytes = await fs8.readFile(filePath);
+  const bytes = await fs9.readFile(filePath);
   const formData = new FormData();
   formData.append("importfile", new Blob([bytes]), path6.basename(filePath));
   return client.db.import(formData);
@@ -9368,9 +9475,9 @@ async function buildGhostDbImportFile(input) {
   }
   const ghostJson = await toGhostJSON(input, {});
   const payload = { db: [ghostJson] };
-  const tempDir = await fs8.mkdtemp(path6.join(os2.tmpdir(), "ghst-import-json-"));
+  const tempDir = await fs9.mkdtemp(path6.join(os2.tmpdir(), "ghst-import-json-"));
   const outputPath = path6.join(tempDir, "import.json");
-  await fs8.writeFile(outputPath, JSON.stringify(payload), "utf8");
+  await fs9.writeFile(outputPath, JSON.stringify(payload), "utf8");
   return outputPath;
 }
 async function migrateImportJson(global, filePath) {
@@ -9485,7 +9592,7 @@ async function migrateImportSubstack(global, filePath, url) {
   return uploadDbImportFile(global, importPath);
 }
 async function migrateImportCsv(global, filePath) {
-  const raw = await fs8.readFile(filePath, "utf8");
+  const raw = await fs9.readFile(filePath, "utf8");
   const rows = parseCsvRows(raw);
   const posts = rows.map((row, index) => {
     const html = row.html ?? markdownRenderer.render(row.markdown ?? "");
@@ -9523,7 +9630,8 @@ async function migrateImportCsv(global, filePath) {
 async function migrateExport(global, outputPath) {
   const client = await getClient17(global);
   const data = await client.db.export();
-  await fs8.writeFile(outputPath, data);
+  await assertFileDoesNotExist(outputPath);
+  await fs9.writeFile(outputPath, data);
   return outputPath;
 }
 
@@ -10133,7 +10241,7 @@ function registerOfferCommands(program) {
 }
 
 // src/commands/page.ts
-import fs9 from "fs/promises";
+import fs10 from "fs/promises";
 
 // src/schemas/page.ts
 import { z as z11 } from "zod";
@@ -10248,7 +10356,7 @@ async function readOptionalFile(filePath) {
   if (!filePath) {
     return void 0;
   }
-  return fs9.readFile(filePath, "utf8");
+  return fs10.readFile(filePath, "utf8");
 }
 function registerPageCommands(program) {
   const page = program.command("page").description("Page management");
@@ -10415,7 +10523,12 @@ function registerPageCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete page '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete page '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_page",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -10471,7 +10584,7 @@ function registerPageCommands(program) {
 }
 
 // src/commands/post.ts
-import fs10 from "fs/promises";
+import fs11 from "fs/promises";
 import MarkdownIt2 from "markdown-it";
 
 // src/schemas/post.ts
@@ -10685,7 +10798,7 @@ async function readOptionalFile2(filePath) {
   if (!filePath) {
     return void 0;
   }
-  return fs10.readFile(filePath, "utf8");
+  return fs11.readFile(filePath, "utf8");
 }
 async function readOptionalStdin(enabled) {
   if (!enabled) {
@@ -10723,7 +10836,7 @@ async function readOptionalPostJson(filePath) {
   if (!filePath) {
     return {};
   }
-  const payload = JSON.parse(await fs10.readFile(filePath, "utf8"));
+  const payload = JSON.parse(await fs11.readFile(filePath, "utf8"));
   return asPostPayload(payload);
 }
 function assignDefined(target, values) {
@@ -10979,7 +11092,13 @@ function registerPostCommands(program) {
         });
       }
       const label = parsed.data.filter ? `Delete posts matching '${parsed.data.filter}'` : `Delete post '${parsed.data.id}'`;
-      const ok = await confirm(`${label}? [y/N]: `);
+      const ok = await confirmDestructiveAction(`${label}? [y/N]: `, {
+        action: "delete_post",
+        target: parsed.data.filter ?? parsed.data.id ?? "(unknown)",
+        count: parsed.data.filter ? void 0 : 1,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -11226,7 +11345,7 @@ function registerSiteCommands(program) {
 }
 
 // src/commands/socialweb.ts
-import fs11 from "fs/promises";
+import fs12 from "fs/promises";
 
 // src/schemas/socialweb.ts
 import { z as z14 } from "zod";
@@ -11292,6 +11411,10 @@ var SocialWebHandleActionInputSchema = z14.object({
 var SocialWebIdInputSchema = z14.object({
   id: UrlSchema2
 });
+var SocialWebDeleteInputSchema = z14.object({
+  id: UrlSchema2,
+  yes: z14.boolean().optional()
+});
 var SocialWebBlockDomainInputSchema = z14.object({
   url: UrlSchema2
 });
@@ -11580,10 +11703,9 @@ function registerSocialWebCommands(program) {
     ["like", likePost, "Like a post"],
     ["unlike", unlikePost, "Unlike a post"],
     ["repost", repostPost, "Repost a post"],
-    ["derepost", derepostPost, "Undo repost on a post"],
-    ["delete", deleteSocialWebPost, "Delete a post"]
+    ["derepost", derepostPost, "Undo repost on a post"]
   ]) {
-    socialweb.command(`${entry[0]} <id>`).description(entry[2]).action(async (id, _, command) => {
+    socialweb.command(`${entry[0]} <id>`).description(entry[2]).action(async (id, _options, command) => {
       const global = getGlobalOptions(command);
       const parsed = SocialWebIdInputSchema.safeParse({ id });
       if (!parsed.success) {
@@ -11594,9 +11716,48 @@ function registerSocialWebCommands(program) {
         printJson(payload, global.jq);
         return;
       }
-      console.log(entry[0] === "delete" ? "Deleted post" : "OK");
+      console.log("OK");
     });
   }
+  socialweb.command("delete <id>").description("Delete a post").option("--yes", "Skip confirmation").action(async (id, options, command) => {
+    const global = getGlobalOptions(command);
+    const parsed = SocialWebDeleteInputSchema.safeParse({
+      id,
+      yes: parseBooleanFlag(options.yes)
+    });
+    if (!parsed.success) {
+      throwValidationError11(parsed.error);
+    }
+    if (!parsed.data.yes) {
+      if (isNonInteractive()) {
+        throw new GhstError("Deleting in non-interactive mode requires --yes.", {
+          code: "USAGE_ERROR",
+          exitCode: 2 /* USAGE_ERROR */
+        });
+      }
+      const ok = await confirmDestructiveAction(
+        `Delete social web post '${parsed.data.id}'? [y/N]: `,
+        {
+          action: "delete_socialweb_post",
+          target: parsed.data.id,
+          reversible: false,
+          site: global.site ?? null
+        }
+      );
+      if (!ok) {
+        throw new GhstError("Operation cancelled.", {
+          code: "OPERATION_CANCELLED",
+          exitCode: 4 /* OPERATION_CANCELLED */
+        });
+      }
+    }
+    const payload = await deleteSocialWebPost(global, parsed.data.id);
+    if (global.json) {
+      printJson(payload, global.jq);
+      return;
+    }
+    console.log("Deleted post");
+  });
   socialweb.command("note").description("Create a social web note").option("--content <text>", "Note content").option("--stdin", "Read note content from stdin").option("--image-file <path>", "Attach an image from a local file").option("--image-url <url>", "Attach an image by URL").option("--image-alt <text>", "Image alt text").action(async (options, command) => {
     const global = getGlobalOptions(command);
     const parsed = SocialWebContentInputSchema.safeParse({
@@ -11733,7 +11894,7 @@ function registerSocialWebCommands(program) {
       throwValidationError11(parsed.error);
     }
     try {
-      await fs11.access(parsed.data.filePath);
+      await fs12.access(parsed.data.filePath);
     } catch {
       throw new GhstError(`File not found: ${parsed.data.filePath}`, {
         code: "VALIDATION_ERROR",
@@ -11750,7 +11911,7 @@ function registerSocialWebCommands(program) {
 }
 
 // src/commands/stats.ts
-import fs12 from "fs/promises";
+import fs13 from "fs/promises";
 
 // src/schemas/stats.ts
 import { z as z15 } from "zod";
@@ -12079,7 +12240,8 @@ function postReferrersCsv(payload) {
 }
 async function emitCsv(csv, output) {
   if (output) {
-    await fs12.writeFile(output, `${csv}
+    await assertFileDoesNotExist(output);
+    await fs13.writeFile(output, `${csv}
 `, "utf8");
     return;
   }
@@ -12598,7 +12760,12 @@ function registerTagCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete tag '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete tag '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_tag",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",
@@ -12642,13 +12809,13 @@ function registerTagCommands(program) {
 
 // src/commands/theme.ts
 import { spawn as spawn4 } from "child_process";
-import fs14 from "fs/promises";
+import fs15 from "fs/promises";
 import os4 from "os";
 import path8 from "path";
 
 // src/lib/theme-dev.ts
 import { spawn as spawn3 } from "child_process";
-import fs13 from "fs";
+import fs14 from "fs";
 import fsPromises from "fs/promises";
 import os3 from "os";
 import path7 from "path";
@@ -12705,7 +12872,7 @@ async function runThemeDev(global, options) {
   if (!options.watch) {
     return initial.payload;
   }
-  const watcher = fs13.watch(options.path, { recursive: true });
+  const watcher = fs14.watch(options.path, { recursive: true });
   let timer = null;
   let running = false;
   let queued = false;
@@ -12817,7 +12984,7 @@ function throwValidationError14(error) {
   );
 }
 async function zipDirectory2(directoryPath) {
-  const tempDir = await fs14.mkdtemp(path8.join(os4.tmpdir(), "ghst-theme-"));
+  const tempDir = await fs15.mkdtemp(path8.join(os4.tmpdir(), "ghst-theme-"));
   const zipPath = path8.join(tempDir, `${path8.basename(directoryPath)}.zip`);
   await new Promise((resolve, reject) => {
     const child = spawn4("zip", ["-r", zipPath, "."], {
@@ -12838,7 +13005,7 @@ async function zipDirectory2(directoryPath) {
 async function validateTheme(targetPath) {
   const gscanModule = await import("gscan");
   const gscan = gscanModule.default ?? gscanModule;
-  const stat = await fs14.stat(targetPath);
+  const stat = await fs15.stat(targetPath);
   if (stat.isDirectory()) {
     const result2 = await gscan.check?.(targetPath, {
       checkVersion: "v6"
@@ -12894,7 +13061,7 @@ function registerThemeCommands(program) {
     if (!parsed.success) {
       throwValidationError14(parsed.error);
     }
-    const stat = await fs14.stat(parsed.data.path);
+    const stat = await fs15.stat(parsed.data.path);
     let uploadPath = parsed.data.path;
     if (stat.isDirectory()) {
       if (!parsed.data.zip) {
@@ -13795,7 +13962,12 @@ function registerWebhookCommands(program) {
           exitCode: 2 /* USAGE_ERROR */
         });
       }
-      const ok = await confirm(`Delete webhook '${parsed.data.id}'? [y/N]: `);
+      const ok = await confirmDestructiveAction(`Delete webhook '${parsed.data.id}'? [y/N]: `, {
+        action: "delete_webhook",
+        target: parsed.data.id,
+        reversible: false,
+        site: global.site ?? null
+      });
       if (!ok) {
         throw new GhstError("Operation cancelled.", {
           code: "OPERATION_CANCELLED",