npm - @visa/cli - Versions diffs - 1.0.4-rc.2 → 1.0.4-rc.3 - Mend

@visa/cli 1.0.4-rc.2 → 1.0.4-rc.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md +88 -147
package/dist/cli.js +10 -10
package/dist/mcp-server/index.js +29 -19
package/package.json +6 -5
package/LICENSE +0 -8

package/README.md CHANGED Viewed

@@ -1,190 +1,131 @@
-# Visa CLI
+# @visa/cli
-<div align="center">
+AI-powered payments for Claude Code. Exposes Visa card payment tools as MCP (Model Context Protocol) tools so Claude can pay for image generation, video, music, onchain data queries, and more — charged to a Visa card at the point of invocation.
-[![npm](https://img.shields.io/npm/v/@visa/cli?style=flat-square&logo=npm&logoColor=white&color=1a1f6e)](https://www.npmjs.com/package/@visa/cli)
-[![node](https://img.shields.io/node/v/@visa/cli?style=flat-square&logo=nodedotjs&logoColor=white&color=43853d&label=node)](https://nodejs.org)
-[![tests](https://img.shields.io/badge/tests-355_passing-2ea44f?style=flat-square&logo=jest&logoColor=white)](https://github.com/Visa-Crypto-Labs/Visa-CLI/actions/workflows/release-01-ci.yml)
-[![MCP](https://img.shields.io/badge/MCP-8_clients-f0a500?style=flat-square)](https://github.com/Visa-Crypto-Labs/Visa-CLI#supported-clients)
-</div>
-Enable AI agents to make real payments. Two commands to start, zero build steps.
+## Install
 ```bash
 npm install -g @visa/cli
-visa-cli setup
 ```
-Then ask Claude:
-```
-Generate me an image of a sunset
-```
----
-## Quick Start
-### 1. Install
+## Usage
 ```bash
-npm install -g @visa/cli
-```
+# Start MCP server (used by Claude Code)
+visa-cli mcp
-### 2. Setup
+# Login with GitHub
+visa-cli login
-```bash
-visa-cli setup
-```
-This does three things in one step:
-1. Registers the MCP server with Claude Code
-2. Opens a browser for GitHub sign-in + card enrollment
-3. Generates a Secure Enclave attestation key (for Touch ID verification)
-Restart Claude Code or run `/mcp` to connect, then start using it.
-### 3. Start Using It
+# Add a Visa card
+visa-cli add-card
-Ask Claude naturally:
-```
-Generate me an image of a sunset
-```
-```
-What's the price of SOL right now?
-```
+# Check status
+visa-cli status
-```
-Make me a lofi jazz beat
+# View transaction history
+visa-cli history
 ```
-```
-Generate a video of waves crashing on a beach
+### Claude Code integration
+```json
+{
+  "mcpServers": {
+    "visa": {
+      "command": "visa-cli",
+      "args": ["mcp"]
+    }
+  }
+}
 ```
-All payments are handled automatically with your enrolled card. Touch ID confirms each transaction. Result URLs (images, audio, video) open automatically in your browser.
 ---
-## Available Tools
-### AI Generation
-| Tool | What it does | Cost |
-|------|-------------|------|
-| `generate_image_card` | Generate an AI image (Ultra) — FLUX1.1 [pro] ultra, 2K resolution | ~$0.06 |
-| `generate_image_fast_card` | Generate an AI image (Fast) — FLUX1.1 [pro], 1K resolution | ~$0.04 |
-| `generate_video_tempo_card` | Generate an AI video — Grok Imagine Video (xAI), ~6s clip at 720p | ~$0.30 |
-| `generate_music_tempo_card` | Generate a music track via Suno AI | ~$0.10 |
-| `check_music_status_tempo_card` | Check music generation status and get audio URLs | ~$0.01 |
-### Data & Crypto
-| Tool | What it does | Cost |
-|------|-------------|------|
-| `query_onchain_prices_card` | Query real-time token prices from 150+ blockchains via Allium | ~$0.02 |
-### Payments & Account
-| Tool | What it does | Cost |
-|------|-------------|------|
-| `pay` | Pay a merchant URL (auto-detects payment rail) | varies |
-| `batch` | Run any paid tool multiple times in parallel with one Touch ID approval | per-item × count |
-| `get_status` | Check enrollment, cards, and spending controls | free |
-| `get_cards` | List enrolled cards (masked, last 4 only) | free |
-| `transaction_history` | View recent transactions and generated media | free |
-| `update_spending_controls` | Set daily limit, max per-transaction, approval mode | free |
-| `add_card` | Add a payment card (multiple cards supported) | free |
-| `set_default_card` | Promote an enrolled card to be the default for payments | free (Touch ID) |
-| `remove_card` | Remove an enrolled card by id (auto-promotes another if default) | free (Touch ID) |
-| `login` | GitHub sign-in + card enrollment | free |
-| `feedback` | Submit feedback about Visa CLI | free |
-| `reset` | Clear all credentials from this device | free |
----
+## MCP Tools
-## Security
+### Core (immutable)
-Every payment requires Touch ID (macOS) via Secure Enclave. This cannot be disabled or bypassed — attestation is verified server-side.
+| Tool | Description |
+|------|-------------|
+| `login` | GitHub OAuth login flow |
+| `add_card` | Enroll a Visa card via VGS tokenization |
+| `reset` | Reset auth state |
+| `pay` | Generic payment endpoint |
+| `get_status` | Auth + card + account status |
+| `get_cards` | List enrolled cards |
+| `transaction_history` | Recent transactions with amounts |
+| `update_spending_controls` | Set daily/per-transaction limits |
+| `send_feedback` | Submit feedback on a tool result |
+| `get_feedback` | Retrieve feedback history |
+| `batch` | Batch multiple tool calls |
+| `discover` | List all available tools with pricing |
-| Layer | Protection |
-|-------|------------|
-| Session token | macOS Keychain (only credential on device) |
-| Touch ID | Secure Enclave ECDSA signing (hardware-backed) |
-| Spending limits | Server-side enforcement |
-| Rate limiting | Server-side per-session |
-| Card data | Server-side only (never touches the client) |
+### Dynamic (from catalog)
-### Spending Controls
+Loaded from the auth server at runtime with a 5-minute TTL. Falls back to the compiled-in baseline from `@visa/tools` if the server is unreachable.
-| Setting | Default | Description |
-|---------|---------|-------------|
-| Max per transaction | $100 | Per-transaction ceiling |
-| Daily limit | $500 | Daily spend ceiling |
-| Daily transaction count | 50 | Daily transaction count ceiling |
-Adjust with: "Set my daily limit to $200"
+Current catalog (18 tools): image generation (FLUX, Recraft, Ideogram, SeedEdit, upscale), video generation (Grok/Luma, Kling, Wan, MiniMax), 3D (Meshy), audio (F5-TTS, Suno), onchain data (Allium, 150+ chains), canvas (pxlwall, USDC/x402 native).
 ---
-## CLI Commands
+## Catalog Resolution
-```bash
-visa-cli setup                        # Install, login, and enroll card
-visa-cli install <client>             # Register MCP server (claude, cursor, windsurf, cline, zed, ...)
-visa-cli install --all                # Register for all detected clients
-visa-cli install --list               # Show supported clients and install status
-visa-cli install claude --scope project  # Install to .mcp.json in current directory
-visa-cli uninstall <client>           # Remove MCP server from a client
-visa-cli uninstall --all              # Remove from all clients
-visa-cli pay <url>                    # Pay a merchant URL (amount auto-detected)
-visa-cli status                       # Show enrollment and spending controls
-visa-cli feedback "msg"               # Submit feedback about Visa CLI
-visa-cli reset --confirm              # Clear session and attestation key
 ```
-### Supported Clients
-| Client | ID | Config Path |
-|--------|-----|------------|
-| Claude Code | `claude` | `~/.claude.json` |
-| Claude Desktop | `claude-desktop` | `~/Library/Application Support/Claude/claude_desktop_config.json` |
-| Cursor | `cursor` | `~/.cursor/mcp.json` |
-| Windsurf | `windsurf` | `~/.codeium/windsurf/mcp_config.json` |
-| Cline | `cline` | `~/.vscode/mcp.json` |
-| Roo Code | `roo-code` | `~/.config/Roo/mcp_settings.json` |
-| VS Code Copilot | `copilot` | `~/.vscode/mcp.json` |
-| Zed | `zed` | `~/.config/zed/settings.json` |
+1. Live:     GET /v1/suggestions → tools[]   (auth server, TTL-cached, 5 min)
+2. Cache:    ~/.visa-mcp/catalog-cache.json  (disk, <24h)
+3. Baseline: CATALOG from @visa/tools        (compiled-in fallback)
+```
 ---
-## Troubleshooting
+## Architecture
-**"Authentication required"** — Run `visa-cli setup` to log in and enroll a card.
-**"Session expired"** — Run `visa-cli setup` to re-authenticate.
-**"Amount exceeds limit"** — Ask Claude to increase your spending limit, or use `update_spending_controls`.
+```
+visa-cli (this package)
+├── cli.ts           Commander CLI entry (login, add-card, status, history, mcp)
+├── api-client.ts    HTTP client for apps/auth (auth, attestation, shortcuts)
+├── mcp-server/
+│   ├── index.ts     MCP server bootstrap, tool registration
+│   ├── tools.ts     Core tool handler implementations
+│   └── suggestions.ts  Dynamic catalog polling
+├── touchid.ts       macOS Touch ID / Secure Enclave attestation
+├── rc-gate.ts       RC version gate (checks RC_CODE_HASH)
+└── config/
+    └── manager.ts   ~/.visa-mcp/config.json read/write
+```
-**"Rate limited"** — Wait a few seconds and try again.
+---
-**Batch request failed / "Merchant server error"** — The upstream API (e.g. fal.ai) may be temporarily overloaded. Wait a minute and retry with a smaller batch. Timeouts scale automatically with batch size.
+## Development (monorepo)
-**Tools not showing in Claude Code** — Run `/mcp` in Claude Code to reconnect, or restart Claude Code.
+```bash
+# From monorepo root
+pnpm --filter @visa/cli build
+pnpm --filter @visa/cli test
+pnpm --filter @visa/cli test:unit:coverage
----
+# Watch mode
+pnpm --filter @visa/cli dev
+```
-## Requirements
+### RC hash stub
-- macOS (Touch ID or system password required for payment approval)
-- Node.js 18+
-- Claude Code
+`src/__generated__/rc-hash.ts` is committed with an all-zeros stub. The real hash is injected at publish time by `cli-publish.yml` from the `RC_ACCESS_CODE` secret. Local builds with the stub work normally — the RC gate only activates for prerelease versions.
 ---
-## Legal
+## Release Pipeline
-Use of this software is governed by the [Visa CLI Terms of Use](https://auth.visacli.sh/legal/terms) and [Privacy Notice](https://auth.visacli.sh/legal/privacy).
+```
+PR to dev
+  → cli-changeset.yml   (AI classifies bump type, writes .changeset/ file)
+  → CI passes on dev
+  → cli-release-rc.yml  (bumps RC version, pushes v*-rc.* tag)
+  → cli-publish.yml     (injects hash, builds, publishes @visa/cli@rc)
+Merge dev → main
+  → CI passes on main
+  → cli-release-stable.yml  (exits pre mode, bumps stable, pushes v* tag)
+  → cli-publish.yml         (publishes @visa/cli@latest)
+```

package/dist/cli.js CHANGED Viewed

@@ -1,4 +1,4 @@
-"use strict";var tt=Object.create;var fe=Object.defineProperty;var nt=Object.getOwnPropertyDescriptor;var rt=Object.getOwnPropertyNames;var ot=Object.getPrototypeOf,st=Object.prototype.hasOwnProperty;var it=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports);var at=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of rt(e))!st.call(t,s)&&s!==n&&fe(t,s,{get:()=>e[s],enumerable:!(r=nt(e,s))||r.enumerable});return t};var g=(t,e,n)=>(n=t!=null?tt(ot(t)):{},at(e||!t||!t.__esModule?fe(n,"default",{value:t,enumerable:!0}):n,t));var te=it((jt,gt)=>{gt.exports={name:"@visa/cli",version:"1.0.4-rc.2",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepare:"husky",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0",commander:"^12.1.0"},devDependencies:{"@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^25.6.0","@typescript-eslint/eslint-plugin":"^8.56.1","@typescript-eslint/parser":"^8.56.1","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",husky:"^9.1.7",jest:"^29.7.0",prettier:"^3.8.1","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},files:["bin/visa-cli.js","dist/","native/visa-keychain.m","README.md","LICENSE"]}});var ze=require("commander"),X=g(require("crypto")),I=g(require("os")),pe=require("child_process"),Xe=require("util");var Se=require("child_process"),we=require("util"),C=g(require("fs")),ve=g(require("os")),Q=g(require("path")),E=(0,we.promisify)(Se.execFile),ee=Q.join(ve.homedir(),".visa-mcp"),K=Q.join(ee,"session-token"),k="visa-cli",V="session-token",F="rc-access";async function me(){try{let{stdout:t}=await E("security",["find-generic-password","-s",k,"-a",V,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function he(t){try{try{await E("security",["delete-generic-password","-s",k,"-a",V],{timeout:5e3})}catch{}return await E("security",["add-generic-password","-s",k,"-a",V,"-w",t],{timeout:5e3}),!0}catch{return!1}}async function ye(){try{await E("security",["delete-generic-password","-s",k,"-a",V],{timeout:5e3})}catch{}}async function ct(){try{let{stdout:t}=await E("security",["find-generic-password","-s",k,"-a",F,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function lt(t){try{try{await E("security",["delete-generic-password","-s",k,"-a",F],{timeout:5e3})}catch{}await E("security",["add-generic-password","-s",k,"-a",F,"-w",t],{timeout:5e3})}catch{}}async function ut(){try{await E("security",["delete-generic-password","-s",k,"-a",F],{timeout:5e3})}catch{}}function dt(t){C.mkdirSync(ee,{recursive:!0,mode:448}),C.writeFileSync(K,t,{mode:384})}function pt(){try{return C.readFileSync(K,"utf-8").trim()||null}catch{return null}}var h=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let e=await me();if(e)return e;let n=pt();return n?(await he(n),n):null}static async saveSessionToken(e){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;if(await he(e)){if(await me()===e){try{C.unlinkSync(K)}catch{}return}await ye()}if(dt(e),await this.getSessionToken()!==e)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${ee} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?"mock-rc-token-for-testing":ct()}static async saveRcAccessToken(e){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await lt(e)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN!=="true"){await ye();try{C.unlinkSync(K)}catch{}}}static async clearAll(){await this.deleteSessionToken(),await ut()}};var H=g(require("crypto")),D=g(require("tty")),q=g(require("fs"));var R="6820f6e91b762e645c9bf020c0d3673bb99d4a25a824880c0d548e10bb9bc7b1";function ft(t){return/-rc\.|-beta\./.test(t)}function ne(t){return H.createHash("sha256").update(t.trim()).digest("hex")}function be(t){return R==="SKIP"?!0:H.timingSafeEqual(Buffer.from(ne(t)),Buffer.from(R))}function mt(t){return new Promise((e,n)=>{let r=q.openSync("/dev/tty","r+"),s=new D.ReadStream(r),o=new D.WriteStream(r),i=()=>{try{s.destroy()}catch{}try{o.destroy()}catch{}try{q.closeSync(r)}catch{}};o.write(t),s.setRawMode(!0),s.resume(),s.setEncoding("utf8");let a="";s.on("data",c=>{c==="\r"||c===`
+"use strict";var tt=Object.create;var fe=Object.defineProperty;var nt=Object.getOwnPropertyDescriptor;var rt=Object.getOwnPropertyNames;var ot=Object.getPrototypeOf,st=Object.prototype.hasOwnProperty;var it=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports);var at=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of rt(e))!st.call(t,s)&&s!==n&&fe(t,s,{get:()=>e[s],enumerable:!(r=nt(e,s))||r.enumerable});return t};var p=(t,e,n)=>(n=t!=null?tt(ot(t)):{},at(e||!t||!t.__esModule?fe(n,"default",{value:t,enumerable:!0}):n,t));var te=it((jt,pt)=>{pt.exports={name:"@visa/cli",version:"1.0.4-rc.3",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:catalog-e2e":"jest --config jest.catalog-e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0","@visa-cli/tools":"workspace:*",commander:"^12.1.0",zod:"^3.23.0"},devDependencies:{"@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.30.0","@types/jest":"^30.0.0","@types/node":"^22.10.0","@typescript-eslint/eslint-plugin":"^8.56.1","@typescript-eslint/parser":"^8.56.1","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",jest:"^29.7.0",prettier:"^3.8.1","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},files:["bin/visa-cli.js","dist/","native/visa-keychain.m","README.md","LICENSE"]}});var ze=require("commander"),X=p(require("crypto")),I=p(require("os")),ge=require("child_process"),Xe=require("util");var Se=require("child_process"),we=require("util"),C=p(require("fs")),ve=p(require("os")),Q=p(require("path")),E=(0,we.promisify)(Se.execFile),ee=Q.join(ve.homedir(),".visa-mcp"),K=Q.join(ee,"session-token"),k="visa-cli",V="session-token",F="rc-access";async function me(){try{let{stdout:t}=await E("security",["find-generic-password","-s",k,"-a",V,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function he(t){try{try{await E("security",["delete-generic-password","-s",k,"-a",V],{timeout:5e3})}catch{}return await E("security",["add-generic-password","-s",k,"-a",V,"-w",t],{timeout:5e3}),!0}catch{return!1}}async function ye(){try{await E("security",["delete-generic-password","-s",k,"-a",V],{timeout:5e3})}catch{}}async function ct(){try{let{stdout:t}=await E("security",["find-generic-password","-s",k,"-a",F,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function lt(t){try{try{await E("security",["delete-generic-password","-s",k,"-a",F],{timeout:5e3})}catch{}await E("security",["add-generic-password","-s",k,"-a",F,"-w",t],{timeout:5e3})}catch{}}async function ut(){try{await E("security",["delete-generic-password","-s",k,"-a",F],{timeout:5e3})}catch{}}function dt(t){C.mkdirSync(ee,{recursive:!0,mode:448}),C.writeFileSync(K,t,{mode:384})}function gt(){try{return C.readFileSync(K,"utf-8").trim()||null}catch{return null}}var h=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let e=await me();if(e)return e;let n=gt();return n?(await he(n),n):null}static async saveSessionToken(e){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;if(await he(e)){if(await me()===e){try{C.unlinkSync(K)}catch{}return}await ye()}if(dt(e),await this.getSessionToken()!==e)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${ee} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?"mock-rc-token-for-testing":ct()}static async saveRcAccessToken(e){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await lt(e)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN!=="true"){await ye();try{C.unlinkSync(K)}catch{}}}static async clearAll(){await this.deleteSessionToken(),await ut()}};var H=p(require("crypto")),D=p(require("tty")),q=p(require("fs"));var R="6820f6e91b762e645c9bf020c0d3673bb99d4a25a824880c0d548e10bb9bc7b1";function ft(t){return/-rc\.|-beta\./.test(t)}function ne(t){return H.createHash("sha256").update(t.trim()).digest("hex")}function be(t){return R==="SKIP"?!0:H.timingSafeEqual(Buffer.from(ne(t)),Buffer.from(R))}function mt(t){return new Promise((e,n)=>{let r=q.openSync("/dev/tty","r+"),s=new D.ReadStream(r),o=new D.WriteStream(r),i=()=>{try{s.destroy()}catch{}try{o.destroy()}catch{}try{q.closeSync(r)}catch{}};o.write(t),s.setRawMode(!0),s.resume(),s.setEncoding("utf8");let a="";s.on("data",c=>{c==="\r"||c===`
 `?(o.write(`
 `),i(),e(a)):c===""?(o.write(`
 `),i(),n(new Error("Cancelled"))):c==="\x7F"||c==="\b"?a.length>0&&(a=a.slice(0,-1),o.write("\b \b")):(a+=c,o.write("\u2022"))})})}var ht=`
@@ -17,16 +17,16 @@
   Invalid code. ${s-o} attempt(s) remaining.
 `)}console.log(`
   Invalid code. Contact your team lead.
-`),process.exit(1)}async function Pe(t,e){let n=e?.timeoutMs??3e4,r=new AbortController,s=setTimeout(()=>r.abort(),n);try{let{timeoutMs:o,...i}=e??{};return await fetch(t,{...i,signal:r.signal})}finally{clearTimeout(s)}}var yt=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function ke(t,e){let n=Ee(t),r=Ee(e);if(!n||!r)return!1;for(let s=0;s<3;s++)if(n.main[s]!==r.main[s])return n.main[s]>r.main[s];return n.pre&&!r.pre?!1:!n.pre&&r.pre?!0:!n.pre&&!r.pre?!1:St(n.pre,r.pre)>0}function Ee(t){if(typeof t!="string")return null;let n=t.trim().replace(/^v/,"").match(yt);return n?{main:[Number(n[1]),Number(n[2]),Number(n[3])],pre:n[4]??null}:null}function St(t,e){let n=t.split("."),r=e.split("."),s=Math.max(n.length,r.length);for(let o=0;o<s;o++){if(o>=n.length)return-1;if(o>=r.length)return 1;let i=n[o],a=r[o],c=/^\d+$/.test(i),l=/^\d+$/.test(a);if(c&&l){let p=Number(i)-Number(a);if(p!==0)return p}else{if(c)return-1;if(l)return 1;if(i<a)return-1;if(i>a)return 1}}return 0}function G(){return!!(Re(process.env.VISA_CLI_NO_UPDATE_CHECK)||Re(process.env.CI)||process.env.NODE_ENV==="test")}function Re(t){if(t===void 0)return!1;let e=t.trim().toLowerCase();return!(e===""||e==="0"||e==="false"||e==="no"||e==="off")}var re="1.0.4-rc.2",j=class{constructor(e){this.getSessionToken=e;this.baseUrl=process.env.VISA_AUTH_URL||"https://auth.visacli.sh"}baseUrl;lastSignals={};parseServerSignals(e){if(this.lastSignals={},!G()){let r=e.headers.get("X-Latest-Version"),s=e.headers.get("X-Update-Message");r&&ke(r,re)&&(this.lastSignals.updateAvailable={version:r,message:s||`Update available: v${r}. Run: npm install -g @visa/cli && visa-cli setup`})}let n=e.headers.get("X-Feedback-Prompt");if(n)try{this.lastSignals.feedbackPrompt=JSON.parse(n)}catch{}}getClientVersion(){return re}async request(e,n,r,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Use the login tool to authenticate.");let a={Authorization:`Bearer ${i}`};o&&(e==="GET"?a["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):r={...r||{},user_context:o}),r&&(a["Content-Type"]="application/json");let c;try{c=await Pe(`${this.baseUrl}${n}`,{method:e,headers:{...a,"X-Visa-CLI-Version":re},body:r?JSON.stringify(r):void 0,timeoutMs:s})}catch(p){throw p.name==="AbortError"||p.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(c),c.status===401)throw new Error("Your session has expired. Use the login tool to re-authenticate.");if(c.status===429){let p=c.headers.get("Retry-After")||"3";throw new Error(`Too many requests. Please wait ${p} seconds before trying again.`)}if(c.status===503)throw new Error("The Visa CLI service is temporarily unavailable. Please try again in a few minutes.");let l;try{l=await c.json()}catch{throw c.status===500?new Error("Something went wrong on our end. Please try again."):new Error("Something went wrong. Please try again.")}if(!c.ok)throw c.status===500?new Error("Something went wrong on our end. Please try again."):new Error(l?.error||"Something went wrong. Please try again.");return l}async pay(e,n){return this.request("POST","/v1/pay",e,void 0,n)}async shortcut(e,n,r,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(e)}`,n,r,s)}async batch(e,n,r){return this.request("POST","/v1/batch",e,n,r)}async paymentPreview(e,n){return this.request("POST","/v1/payment-preview",e,void 0,n)}async getStatus(e){return this.request("GET","/v1/status",void 0,void 0,e)}async getTransactions(e){return this.request("GET","/v1/transactions",void 0,void 0,e)}async updateSpendingControls(e,n){return this.request("POST","/v1/spending-controls",e,void 0,n)}async removeCard(e,n,r){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(e))}`,n,void 0,r)}async setDefaultCard(e,n,r){return this.request("POST",`/v1/cards/${encodeURIComponent(String(e))}/default`,n,void 0,r)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(e){return this.request("POST","/v1/attestation-key",{publicKey:e})}async logout(e,n){return this.request("POST","/v1/logout",e,void 0,n)}async feedback(e,n,r){return this.request("POST","/v1/feedback",{message:e,...n&&{transaction_id:n}},void 0,r)}async feedSubmit(e){return this.request("POST","/v1/feed",e)}async feedList(e){let n=new URLSearchParams;e?.tab&&n.set("tab",e.tab),e?.limit&&n.set("limit",String(e.limit)),e?.offset&&n.set("offset",String(e.offset));let r=n.toString();return this.request("GET",`/v1/feed${r?"?"+r:""}`)}async feedVote(e,n){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/vote`,{direction:n})}async feedApprove(e){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/approve`)}async feedDelete(e){return this.request("DELETE",`/v1/feed/${encodeURIComponent(e)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(e,n,r){return this.request("POST","/v1/feedback",{message:e,...n&&{transaction_id:n}},void 0,r)}async getFeedback(e,n){let r=new URLSearchParams;e&&r.set("limit",String(e));let s=r.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,n)}async submitRatedFeedback(e){return this.request("POST","/v1/feedback",e)}};var ce=require("child_process"),je=require("util"),Oe=g(require("crypto")),f=g(require("fs")),_e=g(require("os")),b=g(require("path"));var y=g(require("fs")),ie=g(require("path")),xe=g(require("os")),se=ie.join(xe.homedir(),".visa-mcp"),O=ie.join(se,"mcp-server.log"),wt=5*1024*1024,oe=null;function vt(){y.existsSync(se)||y.mkdirSync(se,{recursive:!0,mode:448})}function bt(){if(!oe){if(vt(),y.existsSync(O)&&y.statSync(O).size>wt){let e=O+".1";y.existsSync(e)&&y.unlinkSync(e),y.renameSync(O,e)}oe=y.createWriteStream(O,{flags:"a"})}return oe}function B(t,...e){let n=new Date().toISOString(),r=e.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${n}] [${t}] ${r}
-`;process.stderr.write(s),bt().write(s)}var $e={debug:(...t)=>B("DEBUG",...t),info:(...t)=>B("INFO",...t),warn:(...t)=>B("WARN",...t),error:(...t)=>B("ERROR",...t)};var T=(0,je.promisify)(ce.execFile),Y=b.join(_e.homedir(),".visa-mcp","bin"),x=b.join(Y,"Visa CLI"),Ct=b.join(__dirname,"..","native"),Te="5",Ie=b.join(Y,"visa-keychain.version"),Ne=b.join(Y,"visa-keychain.sha256");function Ae(t){let e=f.readFileSync(t);return Oe.createHash("sha256").update(e).digest("hex")}async function Me(){try{if(f.readFileSync(Ie,"utf-8").trim()===Te&&f.existsSync(x)){let r=f.readFileSync(Ne,"utf-8").trim();if(Ae(x)!==r)$e.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),f.unlinkSync(x);else return x}}catch{}let t=b.join(Ct,"visa-keychain.m");if(f.existsSync(t)||(t=b.resolve(__dirname,"..","..","native","visa-keychain.m")),f.existsSync(t)||(t=b.resolve(__dirname,"..","native","visa-keychain.m")),!f.existsSync(t))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");f.mkdirSync(Y,{recursive:!0,mode:448});try{await T("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",x,t],{timeout:3e4})}catch(n){throw n.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):n}let e=Ae(x);return f.writeFileSync(Ne,e,{mode:384}),f.writeFileSync(Ie,Te,{mode:384}),x}async function Ue(t){let e=await Me(),n;try{n=(await T(e,t,{timeout:6e4})).stdout}catch(o){n=o.stdout||"";let i=n.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let r=n.trim();if(r.startsWith("OK:"))return r.slice(3);if(r==="OK")return;let s=r.startsWith("ERROR:")?r.slice(6):"Unknown error";throw new Error(s)}var ae=null;function _(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:ae!==null?ae:(ae=!0,!0)}var W="visa-cli",J="attestation-key";async function Pt(t){try{await T("security",["delete-generic-password","-s",W,"-a",J],{timeout:5e3})}catch{}await T("security",["add-generic-password","-s",W,"-a",J,"-w",t],{timeout:5e3})}async function Et(){try{let{stdout:t}=await T("security",["find-generic-password","-s",W,"-a",J,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function Le(){let t=await Ue(["generate-key"]);if(!t)throw new Error("Key generation returned no output");let e=t.indexOf(":");if(e<0)throw new Error("Unexpected generate-key output format");let n=t.slice(0,e),r=t.slice(e+1);return await Pt(n),r}async function Ke(t,e){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let n=await Et();if(!n)throw new Error("Attestation key not found. Run setup to generate a new key.");let r=await Me(),s=["sign",t];return e&&s.push(e),new Promise((o,i)=>{let a=(0,ce.execFile)(r,s,{timeout:6e4},(c,l)=>{let p=(l||"").trim();if(c){p.startsWith("ERROR:")?i(new Error(p.slice(6))):i(new Error(c.stderr?.trim()||c.message||"Unknown error"));return}p.startsWith("OK:")?o(p.slice(3)):i(new Error(p.startsWith("ERROR:")?p.slice(6):"Unknown error"))});a.stdin.write(n),a.stdin.end()})}async function Ve(){try{await T("security",["delete-generic-password","-s",W,"-a",J],{timeout:5e3})}catch{}try{await Ue(["delete-key"])}catch{}}function Fe(t,e=process.stderr){if(G()||!t?.updateAvailable)return!1;let{message:n}=t.updateAvailable;return n?(e.write(`
+`),process.exit(1)}async function Pe(t,e){let n=e?.timeoutMs??3e4,r=new AbortController,s=setTimeout(()=>r.abort(),n);try{let{timeoutMs:o,...i}=e??{};return await fetch(t,{...i,signal:r.signal})}finally{clearTimeout(s)}}var yt=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function ke(t,e){let n=Ee(t),r=Ee(e);if(!n||!r)return!1;for(let s=0;s<3;s++)if(n.main[s]!==r.main[s])return n.main[s]>r.main[s];return n.pre&&!r.pre?!1:!n.pre&&r.pre?!0:!n.pre&&!r.pre?!1:St(n.pre,r.pre)>0}function Ee(t){if(typeof t!="string")return null;let n=t.trim().replace(/^v/,"").match(yt);return n?{main:[Number(n[1]),Number(n[2]),Number(n[3])],pre:n[4]??null}:null}function St(t,e){let n=t.split("."),r=e.split("."),s=Math.max(n.length,r.length);for(let o=0;o<s;o++){if(o>=n.length)return-1;if(o>=r.length)return 1;let i=n[o],a=r[o],c=/^\d+$/.test(i),l=/^\d+$/.test(a);if(c&&l){let g=Number(i)-Number(a);if(g!==0)return g}else{if(c)return-1;if(l)return 1;if(i<a)return-1;if(i>a)return 1}}return 0}function G(){return!!(Re(process.env.VISA_CLI_NO_UPDATE_CHECK)||Re(process.env.CI)||process.env.NODE_ENV==="test")}function Re(t){if(t===void 0)return!1;let e=t.trim().toLowerCase();return!(e===""||e==="0"||e==="false"||e==="no"||e==="off")}var re="1.0.4-rc.3",j=class{constructor(e){this.getSessionToken=e;this.baseUrl=process.env.VISA_AUTH_URL||"https://auth.visacli.sh"}getSessionToken;baseUrl;lastSignals={};parseServerSignals(e){if(this.lastSignals={},!G()){let r=e.headers.get("X-Latest-Version"),s=e.headers.get("X-Update-Message");r&&ke(r,re)&&(this.lastSignals.updateAvailable={version:r,message:s||`Update available: v${r}. Run: npm install -g @visa/cli && visa-cli setup`})}let n=e.headers.get("X-Feedback-Prompt");if(n)try{this.lastSignals.feedbackPrompt=JSON.parse(n)}catch{}}getClientVersion(){return re}async request(e,n,r,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Use the login tool to authenticate.");let a={Authorization:`Bearer ${i}`};o&&(e==="GET"?a["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):r={...r||{},user_context:o}),r&&(a["Content-Type"]="application/json");let c;try{c=await Pe(`${this.baseUrl}${n}`,{method:e,headers:{...a,"X-Visa-CLI-Version":re},body:r?JSON.stringify(r):void 0,timeoutMs:s})}catch(g){throw g.name==="AbortError"||g.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(c),c.status===401)throw new Error("Your session has expired. Use the login tool to re-authenticate.");if(c.status===429){let g=c.headers.get("Retry-After")||"3";throw new Error(`Too many requests. Please wait ${g} seconds before trying again.`)}if(c.status===503)throw new Error("The Visa CLI service is temporarily unavailable. Please try again in a few minutes.");let l;try{l=await c.json()}catch{throw c.status===500?new Error("Something went wrong on our end. Please try again."):new Error("Something went wrong. Please try again.")}if(!c.ok)throw c.status===500?new Error("Something went wrong on our end. Please try again."):new Error(l?.error||"Something went wrong. Please try again.");return l}async pay(e,n){return this.request("POST","/v1/pay",e,void 0,n)}async shortcut(e,n,r,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(e)}`,n,r,s)}async batch(e,n,r){return this.request("POST","/v1/batch",e,n,r)}async catalogSearch(e,n){let r=new URLSearchParams;e&&r.set("q",e),n&&r.set("category",n);let s=r.toString();return this.request("GET",`/v1/catalog${s?`?${s}`:""}`)}async catalogTool(e){try{return await this.request("GET",`/v1/catalog/${encodeURIComponent(e)}`)}catch{return null}}async paymentPreview(e,n){return this.request("POST","/v1/payment-preview",e,void 0,n)}async getStatus(e){return this.request("GET","/v1/status",void 0,void 0,e)}async getTransactions(e){return this.request("GET","/v1/transactions",void 0,void 0,e)}async updateSpendingControls(e,n){return this.request("POST","/v1/spending-controls",e,void 0,n)}async removeCard(e,n,r){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(e))}`,n,void 0,r)}async setDefaultCard(e,n,r){return this.request("POST",`/v1/cards/${encodeURIComponent(String(e))}/default`,n,void 0,r)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(e){return this.request("POST","/v1/attestation-key",{publicKey:e})}async logout(e,n){return this.request("POST","/v1/logout",e,void 0,n)}async feedback(e,n,r){return this.request("POST","/v1/feedback",{message:e,...n&&{transaction_id:n}},void 0,r)}async feedSubmit(e){return this.request("POST","/v1/feed",e)}async feedList(e){let n=new URLSearchParams;e?.tab&&n.set("tab",e.tab),e?.limit&&n.set("limit",String(e.limit)),e?.offset&&n.set("offset",String(e.offset));let r=n.toString();return this.request("GET",`/v1/feed${r?"?"+r:""}`)}async feedVote(e,n){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/vote`,{direction:n})}async feedApprove(e){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/approve`)}async feedDelete(e){return this.request("DELETE",`/v1/feed/${encodeURIComponent(e)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(e,n,r){return this.request("POST","/v1/feedback",{message:e,...n&&{transaction_id:n}},void 0,r)}async getFeedback(e,n){let r=new URLSearchParams;e&&r.set("limit",String(e));let s=r.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,n)}async submitRatedFeedback(e){return this.request("POST","/v1/feedback",e)}};var ce=require("child_process"),je=require("util"),Oe=p(require("crypto")),f=p(require("fs")),_e=p(require("os")),b=p(require("path"));var y=p(require("fs")),ie=p(require("path")),xe=p(require("os")),se=ie.join(xe.homedir(),".visa-mcp"),O=ie.join(se,"mcp-server.log"),wt=5*1024*1024,oe=null;function vt(){y.existsSync(se)||y.mkdirSync(se,{recursive:!0,mode:448})}function bt(){if(!oe){if(vt(),y.existsSync(O)&&y.statSync(O).size>wt){let e=O+".1";y.existsSync(e)&&y.unlinkSync(e),y.renameSync(O,e)}oe=y.createWriteStream(O,{flags:"a"})}return oe}function B(t,...e){let n=new Date().toISOString(),r=e.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${n}] [${t}] ${r}
+`;process.stderr.write(s),bt().write(s)}var $e={debug:(...t)=>B("DEBUG",...t),info:(...t)=>B("INFO",...t),warn:(...t)=>B("WARN",...t),error:(...t)=>B("ERROR",...t)};var T=(0,je.promisify)(ce.execFile),Y=b.join(_e.homedir(),".visa-mcp","bin"),x=b.join(Y,"Visa CLI"),Ct=b.join(__dirname,"..","native"),Te="5",Ie=b.join(Y,"visa-keychain.version"),Ne=b.join(Y,"visa-keychain.sha256");function Ae(t){let e=f.readFileSync(t);return Oe.createHash("sha256").update(e).digest("hex")}async function Me(){try{if(f.readFileSync(Ie,"utf-8").trim()===Te&&f.existsSync(x)){let r=f.readFileSync(Ne,"utf-8").trim();if(Ae(x)!==r)$e.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),f.unlinkSync(x);else return x}}catch{}let t=b.join(Ct,"visa-keychain.m");if(f.existsSync(t)||(t=b.resolve(__dirname,"..","..","native","visa-keychain.m")),f.existsSync(t)||(t=b.resolve(__dirname,"..","native","visa-keychain.m")),!f.existsSync(t))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");f.mkdirSync(Y,{recursive:!0,mode:448});try{await T("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",x,t],{timeout:3e4})}catch(n){throw n.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):n}let e=Ae(x);return f.writeFileSync(Ne,e,{mode:384}),f.writeFileSync(Ie,Te,{mode:384}),x}async function Ue(t){let e=await Me(),n;try{n=(await T(e,t,{timeout:6e4})).stdout}catch(o){n=o.stdout||"";let i=n.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let r=n.trim();if(r.startsWith("OK:"))return r.slice(3);if(r==="OK")return;let s=r.startsWith("ERROR:")?r.slice(6):"Unknown error";throw new Error(s)}var ae=null;function _(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:ae!==null?ae:(ae=!0,!0)}var W="visa-cli",J="attestation-key";async function Pt(t){try{await T("security",["delete-generic-password","-s",W,"-a",J],{timeout:5e3})}catch{}await T("security",["add-generic-password","-s",W,"-a",J,"-w",t],{timeout:5e3})}async function Et(){try{let{stdout:t}=await T("security",["find-generic-password","-s",W,"-a",J,"-w"],{timeout:5e3});return t.trim()||null}catch{return null}}async function Le(){let t=await Ue(["generate-key"]);if(!t)throw new Error("Key generation returned no output");let e=t.indexOf(":");if(e<0)throw new Error("Unexpected generate-key output format");let n=t.slice(0,e),r=t.slice(e+1);return await Pt(n),r}async function Ke(t,e){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let n=await Et();if(!n)throw new Error("Attestation key not found. Run setup to generate a new key.");let r=await Me(),s=["sign",t];return e&&s.push(e),new Promise((o,i)=>{let a=(0,ce.execFile)(r,s,{timeout:6e4},(c,l)=>{let g=(l||"").trim();if(c){g.startsWith("ERROR:")?i(new Error(g.slice(6))):i(new Error(c.stderr?.trim()||c.message||"Unknown error"));return}g.startsWith("OK:")?o(g.slice(3)):i(new Error(g.startsWith("ERROR:")?g.slice(6):"Unknown error"))});a.stdin.write(n),a.stdin.end()})}async function Ve(){try{await T("security",["delete-generic-password","-s",W,"-a",J],{timeout:5e3})}catch{}try{await Ue(["delete-key"])}catch{}}function Fe(t,e=process.stderr){if(G()||!t?.updateAvailable)return!1;let{message:n}=t.updateAvailable;return n?(e.write(`
 \x1B[33m\u2191 ${n}\x1B[0m
-`),!0):!1}var S=class extends Error{constructor(e){super(e),this.name="PayValidationError"}},He=["GET","POST"];function De(t){let e;try{e=new URL(t)}catch{throw new S(`Invalid URL: ${t}. Expected a fully-qualified http(s) URL.`)}if(e.protocol!=="http:"&&e.protocol!=="https:")throw new S(`Unsupported URL scheme "${e.protocol}". Only http and https are allowed.`);return e}function qe(t){let e=(t??"GET").toUpperCase();if(!He.includes(e))throw new S(`Unsupported HTTP method "${t}". Supported: ${He.join(", ")}.`);return e}function Ge(t){if(t!==void 0){try{JSON.parse(t)}catch(e){throw new S(`--body is not valid JSON: ${e?.message??"parse error"}`)}return t}}function Be(t){if(!t||typeof t!="object")throw new S("Merchant returned no payment preview.");let e=t;if(typeof e.amount!="number"||!Number.isFinite(e.amount)||e.amount<=0)throw new S("Could not determine payment amount from merchant.");if(typeof e.merchantName!="string"||e.merchantName.trim().length===0)throw new S("Merchant returned an empty merchant name.");if(e.merchantName.length>200)throw new S(`Merchant name too long (${e.merchantName.length} chars).`);if(typeof e.currency!="string"||e.currency.trim().length===0)throw new S("Merchant returned an empty currency.");if(e.currency.length>10)throw new S(`Currency code too long (${e.currency.length} chars).`);return{amount:e.amount,currency:e.currency,merchantName:e.merchantName}}var d=g(require("fs")),u=g(require("path")),We=g(require("os")),m=We.homedir(),w=[{id:"claude",displayName:"Claude Code",globalConfigPath:u.join(m,".claude.json"),configKey:"mcpServers",detectPaths:[u.join(m,".claude.json")],postInstallHint:"Restart Claude Code or run /mcp to connect."},{id:"claude-desktop",displayName:"Claude Desktop",globalConfigPath:u.join(m,"Library","Application Support","Claude","claude_desktop_config.json"),configKey:"mcpServers",detectPaths:[u.join(m,"Library","Application Support","Claude")],postInstallHint:"Restart the Claude desktop app to connect."},{id:"cursor",displayName:"Cursor",globalConfigPath:u.join(m,".cursor","mcp.json"),configKey:"mcpServers",detectPaths:[u.join(m,".cursor")],postInstallHint:"Restart Cursor to connect."},{id:"windsurf",displayName:"Windsurf",globalConfigPath:u.join(m,".codeium","windsurf","mcp_config.json"),configKey:"mcpServers",detectPaths:[u.join(m,".codeium","windsurf")],postInstallHint:"Restart Windsurf to connect."},{id:"cline",displayName:"Cline",globalConfigPath:u.join(m,".vscode","mcp.json"),configKey:"mcpServers",detectPaths:[u.join(m,".vscode","extensions","saoudrizwan.claude-dev-*")],postInstallHint:"Restart VS Code to connect."},{id:"roo-code",displayName:"Roo Code",globalConfigPath:u.join(m,".config","Roo","mcp_settings.json"),configKey:"mcpServers",detectPaths:[u.join(m,".vscode","extensions","RooVeterinaryInc.roo-cline-*")],postInstallHint:"Restart VS Code to connect."},{id:"copilot",displayName:"VS Code Copilot",globalConfigPath:u.join(m,".vscode","mcp.json"),configKey:"servers",detectPaths:[u.join(m,".vscode")],postInstallHint:"Restart VS Code to connect."},{id:"zed",displayName:"Zed",globalConfigPath:u.join(m,".config","zed","settings.json"),configKey:"context_servers",detectPaths:[u.join(m,".config","zed")],postInstallHint:"Restart Zed to connect.",buildEntry:t=>({source:"custom",...t})}];function le(t){return w.find(e=>e.id===t)}function M(t){return t.detectPaths.some(e=>{if(e.includes("*")){let n=u.dirname(e),r=u.basename(e).replaceAll("*","");if(!d.existsSync(n))return!1;try{return d.readdirSync(n).some(s=>s.startsWith(r))}catch{return!1}}return d.existsSync(e)})}function Je(){return{command:"node",args:[u.resolve(__dirname,"mcp-server/index.js")]}}function U(t,e="global"){let n=e==="project"?u.join(process.cwd(),".mcp.json"):t.globalConfigPath,r=u.dirname(n);d.existsSync(r)||d.mkdirSync(r,{recursive:!0});let s={};if(d.existsSync(n))try{s=JSON.parse(d.readFileSync(n,"utf-8"))}catch{s={}}s[t.configKey]=s[t.configKey]||{};let o=Je();return s[t.configKey]["visa-cli"]=t.buildEntry?t.buildEntry(o):o,d.writeFileSync(n,JSON.stringify(s,null,2)+`
+`),!0):!1}var S=class extends Error{constructor(e){super(e),this.name="PayValidationError"}},He=["GET","POST"];function De(t){let e;try{e=new URL(t)}catch{throw new S(`Invalid URL: ${t}. Expected a fully-qualified http(s) URL.`)}if(e.protocol!=="http:"&&e.protocol!=="https:")throw new S(`Unsupported URL scheme "${e.protocol}". Only http and https are allowed.`);return e}function qe(t){let e=(t??"GET").toUpperCase();if(!He.includes(e))throw new S(`Unsupported HTTP method "${t}". Supported: ${He.join(", ")}.`);return e}function Ge(t){if(t!==void 0){try{JSON.parse(t)}catch(e){throw new S(`--body is not valid JSON: ${e?.message??"parse error"}`)}return t}}function Be(t){if(!t||typeof t!="object")throw new S("Merchant returned no payment preview.");let e=t;if(typeof e.amount!="number"||!Number.isFinite(e.amount)||e.amount<=0)throw new S("Could not determine payment amount from merchant.");if(typeof e.merchantName!="string"||e.merchantName.trim().length===0)throw new S("Merchant returned an empty merchant name.");if(e.merchantName.length>200)throw new S(`Merchant name too long (${e.merchantName.length} chars).`);if(typeof e.currency!="string"||e.currency.trim().length===0)throw new S("Merchant returned an empty currency.");if(e.currency.length>10)throw new S(`Currency code too long (${e.currency.length} chars).`);return{amount:e.amount,currency:e.currency,merchantName:e.merchantName}}var d=p(require("fs")),u=p(require("path")),We=p(require("os")),m=We.homedir(),w=[{id:"claude",displayName:"Claude Code",globalConfigPath:u.join(m,".claude.json"),configKey:"mcpServers",detectPaths:[u.join(m,".claude.json")],postInstallHint:"Restart Claude Code or run /mcp to connect."},{id:"claude-desktop",displayName:"Claude Desktop",globalConfigPath:u.join(m,"Library","Application Support","Claude","claude_desktop_config.json"),configKey:"mcpServers",detectPaths:[u.join(m,"Library","Application Support","Claude")],postInstallHint:"Restart the Claude desktop app to connect."},{id:"cursor",displayName:"Cursor",globalConfigPath:u.join(m,".cursor","mcp.json"),configKey:"mcpServers",detectPaths:[u.join(m,".cursor")],postInstallHint:"Restart Cursor to connect."},{id:"windsurf",displayName:"Windsurf",globalConfigPath:u.join(m,".codeium","windsurf","mcp_config.json"),configKey:"mcpServers",detectPaths:[u.join(m,".codeium","windsurf")],postInstallHint:"Restart Windsurf to connect."},{id:"cline",displayName:"Cline",globalConfigPath:u.join(m,".vscode","mcp.json"),configKey:"mcpServers",detectPaths:[u.join(m,".vscode","extensions","saoudrizwan.claude-dev-*")],postInstallHint:"Restart VS Code to connect."},{id:"roo-code",displayName:"Roo Code",globalConfigPath:u.join(m,".config","Roo","mcp_settings.json"),configKey:"mcpServers",detectPaths:[u.join(m,".vscode","extensions","RooVeterinaryInc.roo-cline-*")],postInstallHint:"Restart VS Code to connect."},{id:"copilot",displayName:"VS Code Copilot",globalConfigPath:u.join(m,".vscode","mcp.json"),configKey:"servers",detectPaths:[u.join(m,".vscode")],postInstallHint:"Restart VS Code to connect."},{id:"zed",displayName:"Zed",globalConfigPath:u.join(m,".config","zed","settings.json"),configKey:"context_servers",detectPaths:[u.join(m,".config","zed")],postInstallHint:"Restart Zed to connect.",buildEntry:t=>({source:"custom",...t})}];function le(t){return w.find(e=>e.id===t)}function M(t){return t.detectPaths.some(e=>{if(e.includes("*")){let n=u.dirname(e),r=u.basename(e).replaceAll("*","");if(!d.existsSync(n))return!1;try{return d.readdirSync(n).some(s=>s.startsWith(r))}catch{return!1}}return d.existsSync(e)})}function Je(){return{command:"node",args:[u.resolve(__dirname,"mcp-server/index.js")]}}function U(t,e="global"){let n=e==="project"?u.join(process.cwd(),".mcp.json"):t.globalConfigPath,r=u.dirname(n);d.existsSync(r)||d.mkdirSync(r,{recursive:!0});let s={};if(d.existsSync(n))try{s=JSON.parse(d.readFileSync(n,"utf-8"))}catch{s={}}s[t.configKey]=s[t.configKey]||{};let o=Je();return s[t.configKey]["visa-cli"]=t.buildEntry?t.buildEntry(o):o,d.writeFileSync(n,JSON.stringify(s,null,2)+`
 `),{installed:!0,configPath:n,message:t.postInstallHint}}function ue(t,e="global"){let n=e==="project"?u.join(process.cwd(),".mcp.json"):t.globalConfigPath;if(!d.existsSync(n))return{removed:!1,configPath:n};let r;try{r=JSON.parse(d.readFileSync(n,"utf-8"))}catch{return{removed:!1,configPath:n}}let s=r[t.configKey];return!s||!s["visa-cli"]?{removed:!1,configPath:n}:(delete s["visa-cli"],d.writeFileSync(n,JSON.stringify(r,null,2)+`
-`),{removed:!0,configPath:n})}function Ye(t,e="global"){let n=e==="project"?u.join(process.cwd(),".mcp.json"):t.globalConfigPath;if(!d.existsSync(n))return!1;try{return!!JSON.parse(d.readFileSync(n,"utf-8"))?.[t.configKey]?.["visa-cli"]}catch{return!1}}function Rt(t){if(!t||typeof t!="object")return;let e=t;if(e.command!=="node"||!Array.isArray(e.args)||e.args.length===0)return;let n=e.args[e.args.length-1];if(!(typeof n!="string"||n.length===0))return n}function xt(t,e){if(t===e)return!0;let n=u.resolve(t),r=u.resolve(e);if(n===r)return!0;try{let s=d.realpathSync(n),o=d.realpathSync(r);return s===o}catch{return!1}}function L(){let t=Je(),e=t.args[t.args.length-1],n=[];for(let r of w){let s=r.globalConfigPath;if(!d.existsSync(s))continue;let o;try{o=JSON.parse(d.readFileSync(s,"utf-8"))}catch{continue}let i=o?.[r.configKey]?.["visa-cli"];if(!i)continue;let a=Rt(i);if(!a||xt(a,e))continue;let c=d.existsSync(a)?"mismatch":"missing";n.push({client:r,configPath:s,currentPath:a,expectedPath:e,staleReason:c})}return n}function de(t){return{configPath:U(t.client,"global").configPath}}var $t=(0,Xe.promisify)(pe.execFile);function Tt(t){let e=I.homedir(),n=s=>s.replace(e,"~"),r=t.staleReason==="missing"?"path missing on disk":"path mismatch";return`   \u2022 ${t.client.displayName} (${n(t.configPath)})
-     ${r}: ${n(t.currentPath)}`}function Ze(t,e){if(t.length===0){console.log(`${e} \u2713 All MCP client configs are up to date.`);return}console.log(`${e} Found ${t.length} stale MCP config ${t.length===1?"entry":"entries"}:`);for(let n of t)console.log(Tt(n))}var v=new ze.Command,z=null;function Z(){return z=new j(()=>h.getSessionToken()),z}v.name("visa-cli").description("Visa CLI - AI payment orchestration").version(te().version);v.hook("preAction",async()=>{await Ce()});v.command("setup").description("Register MCP server, authenticate, and generate attestation key").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").action(async t=>{try{if(t.check){let l=L();Ze(l,"MCP config check:"),l.length>0&&(console.log("\nRun `visa-cli setup` (or `visa-cli install --repair`) to rewrite these entries."),process.exit(1));return}console.log("Step 1: Registering MCP server...");let e=L(),n=new Map(e.map(l=>[l.client.id,l])),r=new Set;for(let l of w)if(M(l)){let p=U(l),P=n.get(l.id),N=P?` \u2014 repaired stale ${P.staleReason} entry`:"";console.log(`   \u2713 ${l.displayName} (${p.configPath.replace(I.homedir(),"~")})${N}`),P&&r.add(l.id)}let s=e.filter(l=>!r.has(l.client.id));for(let l of s)de(l),console.log(`   \u2713 ${l.client.displayName} (${l.configPath.replace(I.homedir(),"~")}) \u2014 repaired stale ${l.staleReason} entry`);let o=r.size+s.length;console.log(o===0?"   \u2713 MCP config verified \u2014 nothing to repair.":`   \u2713 Repaired ${o} stale MCP config ${o===1?"entry":"entries"}.`),console.log(`
-Step 2: Checking authentication...`);let i=await h.getSessionToken();if(i?console.log("   Already authenticated."):(console.log("   No session found. Opening browser for GitHub login..."),i=await new Promise(async(l,p)=>{let P=X.randomBytes(16).toString("hex"),N=`https://auth.visacli.sh/login?state=${P}`;console.log(`   Opening browser for authentication...
-`),process.platform==="darwin"&&(0,pe.execFile)("open",[N],A=>{A&&console.error("   Failed to open browser:",A.message)}),console.log(`   Waiting for login in browser...
-`);let ge=3e4,Qe=300*1e3,et=Date.now()+Qe;for(;Date.now()<et;)try{let A=await globalThis.fetch("https://auth.visacli.sh/v1/auth-status",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({state:P,timeout:ge}),signal:AbortSignal.timeout(ge+5e3)});if(!A.ok)continue;let $=await A.json();if($.status==="pending")continue;if($.status==="expired"){p(new Error("Session expired. Please run setup again."));return}if($.status==="complete"&&$.sessionToken){console.log(`   Signed in as ${$.user}.`),l($.sessionToken);return}}catch{}p(new Error("Login timed out after 5 minutes. Please run setup again."))}),await h.saveSessionToken(i),console.log("   Session token saved.")),console.log(`
+`),{removed:!0,configPath:n})}function Ye(t,e="global"){let n=e==="project"?u.join(process.cwd(),".mcp.json"):t.globalConfigPath;if(!d.existsSync(n))return!1;try{return!!JSON.parse(d.readFileSync(n,"utf-8"))?.[t.configKey]?.["visa-cli"]}catch{return!1}}function Rt(t){if(!t||typeof t!="object")return;let e=t;if(e.command!=="node"||!Array.isArray(e.args)||e.args.length===0)return;let n=e.args[e.args.length-1];if(!(typeof n!="string"||n.length===0))return n}function xt(t,e){if(t===e)return!0;let n=u.resolve(t),r=u.resolve(e);if(n===r)return!0;try{let s=d.realpathSync(n),o=d.realpathSync(r);return s===o}catch{return!1}}function L(){let t=Je(),e=t.args[t.args.length-1],n=[];for(let r of w){let s=r.globalConfigPath;if(!d.existsSync(s))continue;let o;try{o=JSON.parse(d.readFileSync(s,"utf-8"))}catch{continue}let i=o?.[r.configKey]?.["visa-cli"];if(!i)continue;let a=Rt(i);if(!a||xt(a,e))continue;let c=d.existsSync(a)?"mismatch":"missing";n.push({client:r,configPath:s,currentPath:a,expectedPath:e,staleReason:c})}return n}function de(t){return{configPath:U(t.client,"global").configPath}}var $t=(0,Xe.promisify)(ge.execFile);function Tt(t){let e=I.homedir(),n=s=>s.replace(e,"~"),r=t.staleReason==="missing"?"path missing on disk":"path mismatch";return`   \u2022 ${t.client.displayName} (${n(t.configPath)})
+     ${r}: ${n(t.currentPath)}`}function Ze(t,e){if(t.length===0){console.log(`${e} \u2713 All MCP client configs are up to date.`);return}console.log(`${e} Found ${t.length} stale MCP config ${t.length===1?"entry":"entries"}:`);for(let n of t)console.log(Tt(n))}var v=new ze.Command,z=null;function Z(){return z=new j(()=>h.getSessionToken()),z}v.name("visa-cli").description("Visa CLI - AI payment orchestration").version(te().version);v.hook("preAction",async()=>{await Ce()});v.command("setup").description("Register MCP server, authenticate, and generate attestation key").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").action(async t=>{try{if(t.check){let l=L();Ze(l,"MCP config check:"),l.length>0&&(console.log("\nRun `visa-cli setup` (or `visa-cli install --repair`) to rewrite these entries."),process.exit(1));return}console.log("Step 1: Registering MCP server...");let e=L(),n=new Map(e.map(l=>[l.client.id,l])),r=new Set;for(let l of w)if(M(l)){let g=U(l),P=n.get(l.id),N=P?` \u2014 repaired stale ${P.staleReason} entry`:"";console.log(`   \u2713 ${l.displayName} (${g.configPath.replace(I.homedir(),"~")})${N}`),P&&r.add(l.id)}let s=e.filter(l=>!r.has(l.client.id));for(let l of s)de(l),console.log(`   \u2713 ${l.client.displayName} (${l.configPath.replace(I.homedir(),"~")}) \u2014 repaired stale ${l.staleReason} entry`);let o=r.size+s.length;console.log(o===0?"   \u2713 MCP config verified \u2014 nothing to repair.":`   \u2713 Repaired ${o} stale MCP config ${o===1?"entry":"entries"}.`),console.log(`
+Step 2: Checking authentication...`);let i=await h.getSessionToken();if(i?console.log("   Already authenticated."):(console.log("   No session found. Opening browser for GitHub login..."),i=await new Promise(async(l,g)=>{let P=X.randomBytes(16).toString("hex"),N=`https://auth.visacli.sh/login?state=${P}`;console.log(`   Opening browser for authentication...
+`),process.platform==="darwin"&&(0,ge.execFile)("open",[N],A=>{A&&console.error("   Failed to open browser:",A.message)}),console.log(`   Waiting for login in browser...
+`);let pe=3e4,Qe=300*1e3,et=Date.now()+Qe;for(;Date.now()<et;)try{let A=await globalThis.fetch("https://auth.visacli.sh/v1/auth-status",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({state:P,timeout:pe}),signal:AbortSignal.timeout(pe+5e3)});if(!A.ok)continue;let $=await A.json();if($.status==="pending")continue;if($.status==="expired"){g(new Error("Session expired. Please run setup again."));return}if($.status==="complete"&&$.sessionToken){console.log(`   Signed in as ${$.user}.`),l($.sessionToken);return}}catch{}g(new Error("Login timed out after 5 minutes. Please run setup again."))}),await h.saveSessionToken(i),console.log("   Session token saved.")),console.log(`
 Step 3: Setting up authentication...`),!_())console.log("   Not macOS \u2014 skipping biometric setup.");else{try{await $t("clang",["--version"])}catch{console.error("   Xcode Command Line Tools are required for payment authentication."),console.error("   Install them by running: xcode-select --install"),console.error("   Then re-run: visa-cli setup"),process.exit(1)}try{let l=await Le();console.log("   Attestation key generated."),await Z().registerAttestationKey(l),console.log("   Attestation key registered with server.")}catch(l){console.log(`   Skipped: ${l.message}`)}}let a="\x1B[1m",c="\x1B[0m";console.log(`
  \u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557
  \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557
@@ -47,7 +47,7 @@ Step 3: Setting up authentication...`),!_())console.log("   Not macOS \u2014 ski
 `)}catch(e){console.error("Error:",e.message),process.exit(1)}});v.command("install [client]").description("Register MCP server with an AI client (claude, cursor, windsurf, cline, zed, ...)").option("--all","Install for all detected clients").option("--list","Show supported clients and install status").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").option("--repair","Repair stale MCP client configs without re-running the full setup flow").option("--scope <scope>","Install scope: global or project","global").action(async(t,e)=>{try{if(e.check){let o=L();Ze(o,"MCP config check:"),o.length>0&&process.exit(1);return}if(e.repair){let o=L();if(o.length===0){console.log("\u2713 MCP config verified \u2014 nothing to repair.");return}for(let i of o)de(i),console.log(`   \u2713 ${i.client.displayName} (${i.configPath.replace(I.homedir(),"~")}) \u2014 repaired stale ${i.staleReason} entry`);console.log(`
 Repaired ${o.length} stale MCP config ${o.length===1?"entry":"entries"}.`);return}if(e.list){console.log(`
 \x1B[1mSupported MCP Clients\x1B[0m
-`),console.log(`  ${"Client".padEnd(18)} ${"Detected".padEnd(10)} ${"Installed".padEnd(11)} Config Path`),console.log(`  ${"\u2500".repeat(18)} ${"\u2500".repeat(10)} ${"\u2500".repeat(11)} ${"\u2500".repeat(40)}`);for(let a of w){let c=M(a),l=Ye(a),p=c?"Yes":"No",P=l?"Yes":"No",N=a.globalConfigPath.replace(I.homedir(),"~");console.log(`  ${a.displayName.padEnd(18)} ${p.padEnd(10)} ${P.padEnd(11)} ${N}`)}console.log("");return}let n=e.scope==="project"?"project":"global";if(e.all){let o=[],i=[];for(let a of w){if(!M(a)){i.push(a.displayName);continue}U(a,n),o.push(a.displayName)}o.length>0&&console.log(`Installed for: ${o.join(", ")}.`),i.length>0&&console.log(`Skipped: ${i.map(a=>`${a} (not detected)`).join(", ")}.`),o.length===0&&i.length===0&&console.log("No supported clients found.");return}t||(console.error("Usage: visa-cli install <client>"),console.error("       visa-cli install --all"),console.error("       visa-cli install --list"),console.error(`
+`),console.log(`  ${"Client".padEnd(18)} ${"Detected".padEnd(10)} ${"Installed".padEnd(11)} Config Path`),console.log(`  ${"\u2500".repeat(18)} ${"\u2500".repeat(10)} ${"\u2500".repeat(11)} ${"\u2500".repeat(40)}`);for(let a of w){let c=M(a),l=Ye(a),g=c?"Yes":"No",P=l?"Yes":"No",N=a.globalConfigPath.replace(I.homedir(),"~");console.log(`  ${a.displayName.padEnd(18)} ${g.padEnd(10)} ${P.padEnd(11)} ${N}`)}console.log("");return}let n=e.scope==="project"?"project":"global";if(e.all){let o=[],i=[];for(let a of w){if(!M(a)){i.push(a.displayName);continue}U(a,n),o.push(a.displayName)}o.length>0&&console.log(`Installed for: ${o.join(", ")}.`),i.length>0&&console.log(`Skipped: ${i.map(a=>`${a} (not detected)`).join(", ")}.`),o.length===0&&i.length===0&&console.log("No supported clients found.");return}t||(console.error("Usage: visa-cli install <client>"),console.error("       visa-cli install --all"),console.error("       visa-cli install --list"),console.error(`
 Supported clients: ${w.map(o=>o.id).join(", ")}`),process.exit(1));let r=le(t);r||(console.error(`Unknown client: ${t}`),console.error(`Supported clients: ${w.map(o=>o.id).join(", ")}`),process.exit(1)),n==="global"&&!M(r)&&(console.error(`${r.displayName} not detected on this machine.`),console.error(`Expected: ${r.detectPaths.join(", ")}`),process.exit(1));let s=U(r,n);console.log(`Registered visa-cli MCP server in ${s.configPath}`),console.log(s.message)}catch(n){console.error("Error:",n.message),process.exit(1)}});v.command("uninstall [client]").description("Remove MCP server from an AI client").option("--all","Remove from all clients").option("--scope <scope>","Uninstall scope: global or project","global").action(async(t,e)=>{try{let n=e.scope==="project"?"project":"global";if(e.all){let o=[];for(let i of w)ue(i,n).removed&&o.push(i.displayName);o.length>0?console.log(`Removed visa-cli from: ${o.join(", ")}.`):console.log("visa-cli was not installed in any client.");return}t||(console.error("Usage: visa-cli uninstall <client>"),console.error("       visa-cli uninstall --all"),console.error(`
 Supported clients: ${w.map(o=>o.id).join(", ")}`),process.exit(1));let r=le(t);r||(console.error(`Unknown client: ${t}`),console.error(`Supported clients: ${w.map(o=>o.id).join(", ")}`),process.exit(1));let s=ue(r,n);s.removed?console.log(`Removed visa-cli from ${s.configPath}`):console.log(`visa-cli was not installed for ${r.displayName}.`)}catch(n){console.error("Error:",n.message),process.exit(1)}});v.command("pay <url>").description("Pay a merchant URL (amount auto-detected from HTTP 402 response)").option("-m, --method <method>","HTTP method (GET or POST)","GET").option("-b, --body <json>","JSON request body for POST endpoints").action(async(t,e)=>{try{De(t);let n=qe(e.method),r=Ge(e.body),s=new j(()=>h.getSessionToken());console.log(`Checking payment for ${t}...`);let o=Be(await s.paymentPreview({url:t}));console.log(`  Merchant: ${o.merchantName}`),console.log(`  Amount:   $${o.amount.toFixed(2)} ${o.currency}`),console.log(`  Rail:     auto-detected
 `);let i;if(_())try{let{nonce:c}=await s.getAttestationChallenge(),l=Buffer.from(JSON.stringify({nonce:c,amount:o.amount,merchant:o.merchantName,context:t})).toString("base64");i={signature:await Ke(l,`pay $${o.amount.toFixed(2)} to ${o.merchantName}`),nonce:c,amount:o.amount,merchant:o.merchantName}}catch(c){console.error(`Touch ID confirmation failed: ${c?.message||"user cancelled or biometric error"}`),process.exit(1)}else console.warn("Warning: Touch ID unavailable on this system \u2014 payment will proceed without biometric attestation.");let a=await s.pay({url:t,method:n,body:r,attestation:i,idempotencyKey:X.randomUUID()});if(a.success){if(console.log(`Payment complete: $${(a.amount??o.amount).toFixed(2)} \u2192 ${a.merchantName??o.merchantName}`),a.receipt?.urls?.length){console.log(`