@visa/cli 1.11.0 → 1.12.0-rc.1

package/dist/cli.js

@@ -1,5 +1,5 @@
-"use strict";var Dr=Object.create;var Qt=Object.defineProperty;var Ur=Object.getOwnPropertyDescriptor;var jr=Object.getOwnPropertyNames;var Mr=Object.getPrototypeOf,Hr=Object.prototype.hasOwnProperty;var Vr=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports);var Fr=(e,t,n,r)=>{if(t&&typeof t=="object"||typeof t=="function")for(let s of jr(t))!Hr.call(e,s)&&s!==n&&Qt(e,s,{get:()=>t[s],enumerable:!(r=Ur(t,s))||r.enumerable});return e};var h=(e,t,n)=>(n=e!=null?Dr(Mr(e)):{},Fr(t||!e||!e.__esModule?Qt(n,"default",{value:e,enumerable:!0}):n,e));var dt=Vr((Ao,ts)=>{ts.exports={name:"@visa/cli",version:"1.11.0",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",pretest:"pnpm build",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:catalog-e2e":"jest --config jest.catalog-e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0",commander:"^12.1.0",zod:"^3.23.0"},devDependencies:{"@visa-cli/tools":"workspace:*","@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.31.0","@types/jest":"^30.0.0","@types/node":"^25.6.0","@typescript-eslint/eslint-plugin":"^8.59.0","@typescript-eslint/parser":"^8.59.0","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",jest:"^29.7.0",prettier:"^3.8.3","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},mcpName:"io.github.visa-crypto-labs/visa-cli",files:["bin/visa-cli.js","dist/","install.ps1","native/visa-keychain.m","server.json","README.md","LICENSE"]}});var Er=require("commander"),rt=h(require("crypto")),Pr=h(require("fs")),R=h(require("os")),se=h(require("path")),Tr=require("child_process"),Ar=require("util");var Ae=require("child_process"),en=require("util"),Q=h(require("fs")),Re=h(require("os")),ct=h(require("path"));var z="0000000000000000000000000000000000000000000000000000000000000000";var G=(0,en.promisify)(Ae.execFile),lt=ct.join(Re.homedir(),".visa-mcp"),ge=ct.join(lt,"session-token"),B="visa-cli",Z="session-token",Pe="rc-access",Br=5e3,Te=class extends Error{constructor(t){super(t),this.name="CredentialAccessError"}};function Kr(e){let t=e;return[t?.message,t?.stderr].filter(n=>typeof n=="string").join(`
-`)}function tn(e){let t=e;if(t?.code==="EPERM"||t?.code==="EACCES")return!0;let n=Kr(e).toLowerCase();return n.includes("operation not permitted")||n.includes("permission denied")}async function qr(){try{let{stdout:e}=await G("security",["find-generic-password","-s",B,"-a",Z,"-w"],{timeout:5e3});return e.trim()||null}catch(e){if(tn(e))throw new Te("Unable to read Visa CLI credentials from macOS Keychain. In sandboxed agents such as Codex, rerun with keychain access or run this command outside the sandbox.");return null}}async function Gr(e){try{try{await G("security",["delete-generic-password","-s",B,"-a",Z],{timeout:5e3})}catch{}return await G("security",["add-generic-password","-s",B,"-a",Z,"-w",e],{timeout:5e3}),!0}catch{return!1}}async function Jr(){try{await G("security",["delete-generic-password","-s",B,"-a",Z],{timeout:5e3})}catch{}}async function Wr(){if(!ut())return null;try{let{stdout:e}=await G("secret-tool",["lookup","service",B,"account",Z],{timeout:5e3});return e.trim()||null}catch{return null}}async function zr(e){if(!ut())return!1;try{let t=(0,Ae.execFile)("secret-tool",["store","--label",`${B} ${Z}`,"service",B,"account",Z]);return t.stdin?(t.stdin.write(e),t.stdin.end(),await Promise.race([new Promise((n,r)=>{t.on("exit",s=>s===0?n():r(new Error(`secret-tool exited ${s}`))),t.on("error",r)}),new Promise((n,r)=>setTimeout(()=>{t.kill(),r(new Error("secret-tool timed out"))},Br))]),!0):!1}catch{return!1}}async function Yr(){if(ut())try{await G("secret-tool",["clear","service",B,"account",Z],{timeout:5e3})}catch{}}function ut(){return!!process.env.DBUS_SESSION_BUS_ADDRESS}async function Xr(){try{let{stdout:e}=await G("security",["find-generic-password","-s",B,"-a",Pe,"-w"],{timeout:5e3});return e.trim()||null}catch{return null}}async function Zr(e){try{try{await G("security",["delete-generic-password","-s",B,"-a",Pe],{timeout:5e3})}catch{}await G("security",["add-generic-password","-s",B,"-a",Pe,"-w",e],{timeout:5e3})}catch{}}async function Qr(){try{await G("security",["delete-generic-password","-s",B,"-a",Pe],{timeout:5e3})}catch{}}function it(){try{return Q.readFileSync(ge,"utf-8").trim()||null}catch(e){if(tn(e))throw new Te(`Unable to read Visa CLI credentials from ${ge}. Check file permissions or rerun with access to the Visa CLI credential directory.`);return null}}function nn(e){Q.mkdirSync(lt,{recursive:!0,mode:448}),Q.writeFileSync(ge,e,{mode:384}),process.platform==="win32"&&es(ge)}function at(){try{Q.unlinkSync(ge)}catch{}}function es(e){try{let t=Re.userInfo().username;(0,Ae.execFile)("icacls",[e,"/inheritance:r","/grant:r",`${t}:F`],{timeout:5e3},n=>{n&&console.error(`[visa-cli] icacls ACL restriction failed: ${n.message}`)})}catch(t){console.error(`[visa-cli] Failed to invoke icacls: ${t instanceof Error?t.message:String(t)}`)}}function ot(){switch(process.platform){case"darwin":return{get:qr,store:Gr,delete:Jr};case"linux":return{get:Wr,store:zr,delete:Yr};default:return{get:async()=>it(),store:async e=>{try{return nn(e),!0}catch{return!1}},delete:async()=>at(),storesInSessionFile:!0}}}var x=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let t=ot(),n=await t.get();if(n)return n;let r=it();return r?(await t.store(r),r):null}static async saveSessionToken(t){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;let n=ot();if(await n.store(t)){if(await n.get()===t){n.storesInSessionFile||at();return}await n.delete()}if(nn(t),it()!==t)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${lt} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?z:Xr()}static async saveRcAccessToken(t){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await Zr(t)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;await ot().delete(),at()}static async clearAll(){await this.deleteSessionToken(),await Qr()}};var Ie=h(require("crypto")),Le=h(require("tty")),Ne=h(require("fs"));function ns(e){return/-rc\.|-beta\./.test(e)}function ft(e){return Ie.createHash("sha256").update(e.trim()).digest("hex")}function rn(e){return z==="SKIP"?!0:Ie.timingSafeEqual(Buffer.from(ft(e)),Buffer.from(z))}function rs(){try{let e=Ne.openSync("/dev/tty","r+"),t=new Le.ReadStream(e),n=new Le.WriteStream(e),r=!1;return{input:t,output:n,cleanupStreams:()=>{if(!r){r=!0;try{t.destroy()}catch{}try{n.destroy()}catch{}try{Ne.closeSync(e)}catch{}}}}}catch{if(!process.stdin.isTTY)throw new Error("No interactive terminal available. Set VISA_RC_CODE env var instead.");return{input:process.stdin,output:process.stderr,cleanupStreams:()=>{}}}}function ss(e){return new Promise((t,n)=>{let r;try{r=rs()}catch(u){n(u);return}let{input:s,output:o,cleanupStreams:i}=r,a=()=>{s.off("data",l);try{s.setRawMode?.(!1)}catch{}i()};o.write(e),s.setRawMode?.(!0),s.resume(),s.setEncoding("utf8");let c="",l=u=>{u==="\r"||u===`
+"use strict";var Dr=Object.create;var Qt=Object.defineProperty;var Ur=Object.getOwnPropertyDescriptor;var jr=Object.getOwnPropertyNames;var Mr=Object.getPrototypeOf,Hr=Object.prototype.hasOwnProperty;var Vr=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports);var Fr=(e,t,n,r)=>{if(t&&typeof t=="object"||typeof t=="function")for(let s of jr(t))!Hr.call(e,s)&&s!==n&&Qt(e,s,{get:()=>t[s],enumerable:!(r=Ur(t,s))||r.enumerable});return e};var h=(e,t,n)=>(n=e!=null?Dr(Mr(e)):{},Fr(t||!e||!e.__esModule?Qt(n,"default",{value:e,enumerable:!0}):n,e));var dt=Vr((Ao,ts)=>{ts.exports={name:"@visa/cli",version:"1.12.0-rc.1",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",pretest:"pnpm build",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:catalog-e2e":"jest --config jest.catalog-e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0",commander:"^12.1.0",zod:"^3.23.0"},devDependencies:{"@visa-cli/tools":"workspace:*","@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.31.0","@types/jest":"^30.0.0","@types/node":"^25.6.0","@typescript-eslint/eslint-plugin":"^8.59.0","@typescript-eslint/parser":"^8.59.1","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",jest:"^29.7.0",prettier:"^3.8.3","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},mcpName:"io.github.visa-crypto-labs/visa-cli",files:["bin/visa-cli.js","dist/","install.ps1","native/visa-keychain.m","server.json","README.md","LICENSE"]}});var Er=require("commander"),rt=h(require("crypto")),Pr=h(require("fs")),A=h(require("os")),se=h(require("path")),Tr=require("child_process"),Rr=require("util");var Re=require("child_process"),en=require("util"),Q=h(require("fs")),Ae=h(require("os")),ct=h(require("path"));var z="6820f6e91b762e645c9bf020c0d3673bb99d4a25a824880c0d548e10bb9bc7b1";var G=(0,en.promisify)(Re.execFile),lt=ct.join(Ae.homedir(),".visa-mcp"),ge=ct.join(lt,"session-token"),B="visa-cli",Z="session-token",Pe="rc-access",Br=5e3,Te=class extends Error{constructor(t){super(t),this.name="CredentialAccessError"}};function Kr(e){let t=e;return[t?.message,t?.stderr].filter(n=>typeof n=="string").join(`
+`)}function tn(e){let t=e;if(t?.code==="EPERM"||t?.code==="EACCES")return!0;let n=Kr(e).toLowerCase();return n.includes("operation not permitted")||n.includes("permission denied")}async function qr(){try{let{stdout:e}=await G("security",["find-generic-password","-s",B,"-a",Z,"-w"],{timeout:5e3});return e.trim()||null}catch(e){if(tn(e))throw new Te("Unable to read Visa CLI credentials from macOS Keychain. In sandboxed agents such as Codex, rerun with keychain access or run this command outside the sandbox.");return null}}async function Gr(e){try{try{await G("security",["delete-generic-password","-s",B,"-a",Z],{timeout:5e3})}catch{}return await G("security",["add-generic-password","-s",B,"-a",Z,"-w",e],{timeout:5e3}),!0}catch{return!1}}async function Wr(){try{await G("security",["delete-generic-password","-s",B,"-a",Z],{timeout:5e3})}catch{}}async function Jr(){if(!ut())return null;try{let{stdout:e}=await G("secret-tool",["lookup","service",B,"account",Z],{timeout:5e3});return e.trim()||null}catch{return null}}async function zr(e){if(!ut())return!1;try{let t=(0,Re.execFile)("secret-tool",["store","--label",`${B} ${Z}`,"service",B,"account",Z]);return t.stdin?(t.stdin.write(e),t.stdin.end(),await Promise.race([new Promise((n,r)=>{t.on("exit",s=>s===0?n():r(new Error(`secret-tool exited ${s}`))),t.on("error",r)}),new Promise((n,r)=>setTimeout(()=>{t.kill(),r(new Error("secret-tool timed out"))},Br))]),!0):!1}catch{return!1}}async function Yr(){if(ut())try{await G("secret-tool",["clear","service",B,"account",Z],{timeout:5e3})}catch{}}function ut(){return!!process.env.DBUS_SESSION_BUS_ADDRESS}async function Xr(){try{let{stdout:e}=await G("security",["find-generic-password","-s",B,"-a",Pe,"-w"],{timeout:5e3});return e.trim()||null}catch{return null}}async function Zr(e){try{try{await G("security",["delete-generic-password","-s",B,"-a",Pe],{timeout:5e3})}catch{}await G("security",["add-generic-password","-s",B,"-a",Pe,"-w",e],{timeout:5e3})}catch{}}async function Qr(){try{await G("security",["delete-generic-password","-s",B,"-a",Pe],{timeout:5e3})}catch{}}function it(){try{return Q.readFileSync(ge,"utf-8").trim()||null}catch(e){if(tn(e))throw new Te(`Unable to read Visa CLI credentials from ${ge}. Check file permissions or rerun with access to the Visa CLI credential directory.`);return null}}function nn(e){Q.mkdirSync(lt,{recursive:!0,mode:448}),Q.writeFileSync(ge,e,{mode:384}),process.platform==="win32"&&es(ge)}function at(){try{Q.unlinkSync(ge)}catch{}}function es(e){try{let t=Ae.userInfo().username;(0,Re.execFile)("icacls",[e,"/inheritance:r","/grant:r",`${t}:F`],{timeout:5e3},n=>{n&&console.error(`[visa-cli] icacls ACL restriction failed: ${n.message}`)})}catch(t){console.error(`[visa-cli] Failed to invoke icacls: ${t instanceof Error?t.message:String(t)}`)}}function ot(){switch(process.platform){case"darwin":return{get:qr,store:Gr,delete:Wr};case"linux":return{get:Jr,store:zr,delete:Yr};default:return{get:async()=>it(),store:async e=>{try{return nn(e),!0}catch{return!1}},delete:async()=>at(),storesInSessionFile:!0}}}var x=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let t=ot(),n=await t.get();if(n)return n;let r=it();return r?(await t.store(r),r):null}static async saveSessionToken(t){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;let n=ot();if(await n.store(t)){if(await n.get()===t){n.storesInSessionFile||at();return}await n.delete()}if(nn(t),it()!==t)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${lt} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?z:Xr()}static async saveRcAccessToken(t){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await Zr(t)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;await ot().delete(),at()}static async clearAll(){await this.deleteSessionToken(),await Qr()}};var Ie=h(require("crypto")),Le=h(require("tty")),Ne=h(require("fs"));function ns(e){return/-rc\.|-beta\./.test(e)}function ft(e){return Ie.createHash("sha256").update(e.trim()).digest("hex")}function rn(e){return z==="SKIP"?!0:Ie.timingSafeEqual(Buffer.from(ft(e)),Buffer.from(z))}function rs(){try{let e=Ne.openSync("/dev/tty","r+"),t=new Le.ReadStream(e),n=new Le.WriteStream(e),r=!1;return{input:t,output:n,cleanupStreams:()=>{if(!r){r=!0;try{t.destroy()}catch{}try{n.destroy()}catch{}try{Ne.closeSync(e)}catch{}}}}}catch{if(!process.stdin.isTTY)throw new Error("No interactive terminal available. Set VISA_RC_CODE env var instead.");return{input:process.stdin,output:process.stderr,cleanupStreams:()=>{}}}}function ss(e){return new Promise((t,n)=>{let r;try{r=rs()}catch(u){n(u);return}let{input:s,output:o,cleanupStreams:i}=r,a=()=>{s.off("data",l);try{s.setRawMode?.(!1)}catch{}i()};o.write(e),s.setRawMode?.(!0),s.resume(),s.setEncoding("utf8");let c="",l=u=>{u==="\r"||u===`
 `?(o.write(`
 `),a(),t(c)):u===""?(o.write(`
 `),a(),n(new Error("Cancelled"))):u==="\x7F"||u==="\b"?c.length>0&&(c=c.slice(0,-1),o.write("\b \b")):(c+=u,o.write("\u2022"))};s.on("data",l)})}var os=`
@@ -29,13 +29,13 @@ ${a}`}function ys(e){if(typeof e!="number"||e<=0)return"";let n=(e>1e12?e:e*1e3)
 `)}async function bn(e,t){let n=[e];if(t){let r=ms(t);if(r&&n.push(...r.split(`
 `)),t.transcript_path){let s=await xs(t.transcript_path);s&&n.push(...s.split(`
 `))}}return n}async function wn(e,t){let n=await bn(e,t),r=n.join(`
-`);return{schemaVersion:us,client:t?kn(t):ne.UNKNOWN,rendered:r,lines:n.map(yn),visa:{spendLine:yn(e)},context:t?xn(t):{}}}function P(e){return e?e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ").trim():""}function vt(e){if(typeof e=="string")return P(X.basename(e));if(!e||typeof e!="object")return"";let t=typeof e.current_dir=="string"?e.current_dir:typeof e.path=="string"?e.path:"";return P(t?X.basename(t):e.name)}function _n(e){return P(e.app_name??e.appName??e.app??e.client)}function yt(e){return P(e.model?.display_name??e.model_name??e.modelName)}function Cn(e){return P(e.cwd??e.current_dir??e.project_root)}function hn(e){let t=P(e.project);if(t)return t;let n=Cn(e);if(n)return P(X.basename(n));let r=vt(e.workspace);return r||""}function K(e){if(!(typeof e!="number"||!Number.isFinite(e)))return e}function kn(e){let t=_n(e).toLowerCase();return t.includes("codex")?ne.CODEX:t.includes("claude")||e.model?.display_name||e.transcript_path||e.rate_limits?ne.CLAUDE_CODE:e.run_state||e.runState||e.thread_title||e.threadTitle||e.git_branch||K(e.context_used)!==void 0?ne.CODEX:ne.UNKNOWN}function $s(e){return kn(e)===ne.CODEX}function xn(e){let t=_n(e),n=Cn(e),r=vt(e.workspace),s=K(e.context_used)??K(e.context_window?.used_percentage??void 0),o=K(e.context_remaining)??K(e.context_window?.remaining_percentage??void 0);return{...t?{app:t}:{},...yt(e)?{model:yt(e)}:{},...hn(e)?{project:hn(e)}:{},...r?{workspace:r}:{},...n?{cwd:n}:{},...P(e.git_branch??e.branch)?{gitBranch:P(e.git_branch??e.branch)}:{},...P(e.status??e.run_state??e.runState)?{status:P(e.status??e.run_state??e.runState)}:{},...P(e.thread_title??e.threadTitle)?{threadTitle:P(e.thread_title??e.threadTitle)}:{},...s!==void 0?{contextUsedPercent:s}:{},...o!==void 0?{contextRemainingPercent:o}:{},...K(e.used_tokens)!==void 0?{usedTokens:K(e.used_tokens)}:{},...K(e.total_input_tokens)!==void 0?{totalInputTokens:K(e.total_input_tokens)}:{},...K(e.total_output_tokens)!==void 0?{totalOutputTokens:K(e.total_output_tokens)}:{}}}function yn(e){return e.replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"")}async function $n(e,t){let n=t?.timeoutMs??3e4,r=new AbortController,s=setTimeout(()=>r.abort(),n);try{let{timeoutMs:o,...i}=t??{};return await fetch(e,{...i,signal:r.signal})}finally{clearTimeout(s)}}var je=class extends Error{retryable;code;reason;constructor(t,n,r,s){super(t),this.name="CardDeclinedError",this.retryable=n,this.code=r,this.reason=s}};var Es=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function Pn(e,t){let n=En(e),r=En(t);if(!n||!r)return!1;for(let s=0;s<3;s++)if(n.main[s]!==r.main[s])return n.main[s]>r.main[s];return n.pre&&!r.pre?!1:!n.pre&&r.pre?!0:!n.pre&&!r.pre?!1:Ps(n.pre,r.pre)>0}function En(e){if(typeof e!="string")return null;let n=e.trim().replace(/^v/,"").match(Es);return n?{main:[Number(n[1]),Number(n[2]),Number(n[3])],pre:n[4]??null}:null}function Ps(e,t){let n=e.split("."),r=t.split("."),s=Math.max(n.length,r.length);for(let o=0;o<s;o++){if(o>=n.length)return-1;if(o>=r.length)return 1;let i=n[o],a=r[o],c=/^\d+$/.test(i),l=/^\d+$/.test(a);if(c&&l){let u=Number(i)-Number(a);if(u!==0)return u}else{if(c)return-1;if(l)return 1;if(i<a)return-1;if(i>a)return 1}}return 0}function J(){return!!(Tn(process.env.VISA_CLI_NO_UPDATE_CHECK)||Tn(process.env.CI)||process.env.NODE_ENV==="test")}function Tn(e){if(e===void 0)return!1;let t=e.trim().toLowerCase();return!(t===""||t==="0"||t==="false"||t==="no"||t==="off")}var ee=h(require("fs")),In=h(require("path"));var Me=h(require("fs")),An=h(require("path")),Rn=h(require("os"));var bt=An.join(Rn.homedir(),".visa-mcp"),me=class{static ensureConfigDir(){Me.existsSync(bt)||Me.mkdirSync(bt,{recursive:!0,mode:448})}static getConfigDir(){return bt}static TOOL_STATES={login:!0,get_status:!0,get_cards:!0,add_card:!0,pay:!0,transaction_history:!0,update_spending_controls:!0,enroll_device:!1,verify_otp:!1,reset:!0,batch:!0,generate_x402_image:!1,browser_launch:!1,browser_navigate:!1,browser_snapshot:!1,browser_click:!1,browser_type:!1,browser_scroll:!1,generate_music_card:!1,generate_image_card:!0,query_onchain_prices_card:!0,generate_music_tempo_card:!0,check_music_status_tempo_card:!0,generate_image_fast_card:!0,pxlwall_card:!1,generate_video_tempo_card:!0};static loadToolStates(){return{...this.TOOL_STATES}}static getDisabledTools(){let t=new Set;for(let[n,r]of Object.entries(this.TOOL_STATES))r||t.add(n);return t}static isToolDisabled(t){return this.TOOL_STATES[t]===!1}};var Ts="settings.json";function He(){return In.join(me.getConfigDir(),Ts)}var he={"auth.serverUrl":{type:"string",description:"Auth server base URL. Override for staging / self-hosted backends.",requiresRestart:!0,validate:e=>{if(typeof e!="string")throw new Error("auth.serverUrl must be a string");let t;try{t=new URL(e)}catch{throw new Error(`auth.serverUrl must be a valid URL (got: ${JSON.stringify(e)})`)}if(t.protocol!=="https:"&&t.protocol!=="http:")throw new Error(`auth.serverUrl must use http or https (got: ${t.protocol})`)}},"ui.suppressBrowser":{type:"boolean",description:"When true, the CLI/MCP server stops auto-opening result URLs in your browser."},"ui.suppressFeed":{type:"boolean",description:"When true, generated images/music are not auto-submitted to the public Made-with-Visa feed."},"tools.meta":{type:"boolean",description:"Show category meta-tools (generate_image, generate_music, ...). Restart required.",requiresRestart:!0},"tools.specific":{type:"boolean",description:"Show hardcoded per-merchant tools (generate_image_card, query_onchain_prices_card, ...). Restart required.",requiresRestart:!0},"tools.discover":{type:"boolean",description:"Show the dynamic-catalog tools (discover_tools, execute_tool). Restart required.",requiresRestart:!0}};function Ve(){let e=He();if(!ee.existsSync(e))return{};try{let t=ee.readFileSync(e,"utf-8"),n=JSON.parse(t);return!n||typeof n!="object"||Array.isArray(n)?{}:n}catch{return{}}}function Ln(e){me.ensureConfigDir();let t=He(),n=`${t}.tmp`,r=JSON.stringify(e,null,2)+`
-`;ee.writeFileSync(n,r,{mode:384}),ee.renameSync(n,t)}function wt(e){let t=Ve()[e];return typeof t=="string"?t:void 0}function Nn(e){let t=Ve()[e];if(typeof t=="boolean")return t;if(t==="true")return!0;if(t==="false")return!1}var ae=class extends Error{constructor(t){let n=Object.keys(he).sort().join(", ");super(`Unknown setting "${t}". Settable keys: ${n}. For server-controlled values (biometric.*, spending.*) use the dedicated tools (biometric_on/off, update_spending_controls).`),this.name="UnknownSettingKeyError"}},ce=class extends Error{constructor(t){let n="";t.startsWith("biometric.")?n="biometric_on / biometric_off":t.startsWith("spending.")?n="update_spending_controls":t.startsWith("cards.")?n="add_card / remove_card / set_default_card":t.startsWith("account.")&&(n="login / reset"),super(`"${t}" is a server-controlled value and cannot be set via config set. `+(n?`Use ${n} instead.`:"No client-side override is supported.")),this.name="ServerOnlySettingError"}},On=["biometric.","spending.","account.","cards.","biometric"];function Dn(e,t){if(On.some(o=>e.startsWith(o)))throw new ce(e);let n=he[e];if(!n)throw new ae(e);let r;if(n.type==="boolean")if(typeof t=="boolean")r=t;else if(typeof t=="string"){let o=t.toLowerCase();if(o==="true")r=!0;else if(o==="false")r=!1;else throw new Error(`${e} expects true or false (got: ${JSON.stringify(t)})`)}else throw new Error(`${e} expects a boolean (got: ${typeof t})`);else{if(typeof t!="string"||t.length===0)throw new Error(`${e} expects a non-empty string`);r=t}n.validate&&n.validate(r);let s=Ve();return s[e]=r,Ln(s),{key:e,value:r,requiresRestart:!!n.requiresRestart,path:He()}}function Un(e){if(On.some(s=>e.startsWith(s)))throw new ce(e);let t=he[e];if(!t)throw new ae(e);let n=Ve(),r=e in n;return r&&(delete n[e],Ln(n)),{key:e,removed:r,requiresRestart:r&&!!t.requiresRestart,path:He()}}var As="https://auth.visacli.sh";function jn(){let e=process.env.VISA_AUTH_URL;if(e!==void 0&&e!=="")return e;let t=wt("auth.serverUrl");return t!==void 0?t:As}var _t="1.11.0",le=class{constructor(t){this.getSessionToken=t;this.baseUrl=jn()}getSessionToken;baseUrl;lastSignals={};parseServerSignals(t){if(this.lastSignals={},!J()){let r=t.headers.get("X-Latest-Version"),s=t.headers.get("X-Update-Message");r&&Pn(r,_t)&&(this.lastSignals.updateAvailable={version:r,message:s||`Update available: v${r}. Run: npm install -g @visa/cli && visa-cli setup`})}let n=t.headers.get("X-Feedback-Prompt");if(n)try{this.lastSignals.feedbackPrompt=JSON.parse(n)}catch{}}getClientVersion(){return _t}async request(t,n,r,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Sign up at https://visacli.sh or run: visa-cli setup");let a={Authorization:`Bearer ${i}`};o&&(t==="GET"?a["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):r={...r||{},user_context:o}),r&&(a["Content-Type"]="application/json");let c;try{c=await $n(`${this.baseUrl}${n}`,{method:t,headers:{...a,"X-Visa-CLI-Version":_t},body:r?JSON.stringify(r):void 0,timeoutMs:s})}catch(u){throw u.name==="AbortError"||u.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(c),c.status===401)throw new Error("Your session has expired. Run: visa-cli setup");if(c.status===429){let u=c.headers.get("Retry-After")||"3";throw new Error(`Rate limited \u2014 wait ${u}s. Tip: use the batch tool to combine multiple requests into one.`)}if(c.status===503)throw new Error("Visa CLI is temporarily unavailable. Check https://visacli.sh for status.");let l;try{l=await c.json()}catch{throw c.status===500?new Error(`Server error on ${n}. Try again or check https://visacli.sh for status.`):new Error(`Unexpected response from ${n}. Try again.`)}if(!c.ok)throw c.status===500?new Error(`Server error on ${n}. Try again or check https://visacli.sh for status.`):l?.declined?new je(l.error||"Your card was declined.",!!l.retryable,l.code,l.reason):new Error(l?.error||`Request failed (${c.status}). Try again.`);return l}async pay(t,n){return this.request("POST","/v1/pay",t,void 0,n)}async shortcut(t,n,r,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(t)}`,n,r,s)}async batch(t,n,r){return this.request("POST","/v1/batch",t,n,r)}async catalogSearch(t,n){let r=new URLSearchParams;t&&r.set("q",t),n&&r.set("category",n);let s=r.toString();return this.request("GET",`/v1/catalog${s?`?${s}`:""}`)}async catalogTool(t){try{return await this.request("GET",`/v1/catalog/${encodeURIComponent(t)}`)}catch{return null}}async paymentPreview(t,n){return this.request("POST","/v1/payment-preview",t,void 0,n)}async getStatus(t){return this.request("GET","/v1/status",void 0,void 0,t)}async getTransactions(t){return this.request("GET","/v1/transactions",void 0,void 0,t)}async updateSpendingControls(t,n){return this.request("POST","/v1/spending-controls",t,void 0,n)}async removeCard(t,n,r){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(t))}`,n,void 0,r)}async setDefaultCard(t,n,r){return this.request("POST",`/v1/cards/${encodeURIComponent(String(t))}/default`,n,void 0,r)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(t){return this.request("POST","/v1/attestation-key",{publicKey:t})}async setBiometricPreference(t,n){return this.request("POST","/v1/biometric-preference",{...t,confirm:!0},void 0,n)}async logout(t,n){return this.request("POST","/v1/logout",t,void 0,n)}async feedback(t,n,r){return this.request("POST","/v1/feedback",{message:t,...n&&{transaction_id:n}},void 0,r)}async createAppApiKey(t){return this.request("POST","/v1/api/keys",t)}async listAppApiKeys(){return this.request("GET","/v1/api/keys")}async revokeAppApiKey(t){return this.request("DELETE",`/v1/api/keys/${encodeURIComponent(String(t))}`)}async feedSubmit(t){return this.request("POST","/v1/feed",t)}async feedList(t){let n=new URLSearchParams;t?.tab&&n.set("tab",t.tab),t?.limit&&n.set("limit",String(t.limit)),t?.offset&&n.set("offset",String(t.offset));let r=n.toString();return this.request("GET",`/v1/feed${r?"?"+r:""}`)}async feedVote(t,n){return this.request("POST",`/v1/feed/${encodeURIComponent(t)}/vote`,{direction:n})}async feedApprove(t){return this.request("POST",`/v1/feed/${encodeURIComponent(t)}/approve`)}async feedDelete(t){return this.request("DELETE",`/v1/feed/${encodeURIComponent(t)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(t,n,r){return this.request("POST","/v1/feedback",{message:t,...n&&{transaction_id:n}},void 0,r)}async getFeedback(t,n){let r=new URLSearchParams;t&&r.set("limit",String(t));let s=r.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,n)}async submitRatedFeedback(t){return this.request("POST","/v1/feedback",t)}};var Et=require("child_process"),Kn=require("util"),qn=h(require("crypto")),A=h(require("fs")),Gn=h(require("os")),W=h(require("path"));var O=h(require("fs")),xt=h(require("path")),Mn=h(require("os")),kt=xt.join(Mn.homedir(),".visa-mcp"),ye=xt.join(kt,"mcp-server.log"),Rs=5*1024*1024,Ct=null;function Is(){O.existsSync(kt)||O.mkdirSync(kt,{recursive:!0,mode:448})}function Ls(){if(!Ct){if(Is(),O.existsSync(ye)&&O.statSync(ye).size>Rs){let t=ye+".1";O.existsSync(t)&&O.unlinkSync(t),O.renameSync(ye,t)}Ct=O.createWriteStream(ye,{flags:"a"})}return Ct}function Fe(e,...t){let n=new Date().toISOString(),r=t.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${n}] [${e}] ${r}
-`;process.stderr.write(s),Ls().write(s)}var ue={debug:(...e)=>Fe("DEBUG",...e),info:(...e)=>Fe("INFO",...e),warn:(...e)=>Fe("WARN",...e),error:(...e)=>Fe("ERROR",...e)};var de=(0,Kn.promisify)(Et.execFile),qe=W.join(Gn.homedir(),".visa-mcp","bin"),re=W.join(qe,"Visa CLI"),Ns=W.join(__dirname,"..","native"),Hn="5",Vn=W.join(qe,"visa-keychain.version"),Fn=W.join(qe,"visa-keychain.sha256");function Bn(e){let t=A.readFileSync(e);return qn.createHash("sha256").update(t).digest("hex")}async function Jn(){try{if(A.readFileSync(Vn,"utf-8").trim()===Hn&&A.existsSync(re)){let r=A.readFileSync(Fn,"utf-8").trim();if(Bn(re)!==r)ue.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),A.unlinkSync(re);else return re}}catch{}let e=W.join(Ns,"visa-keychain.m");if(A.existsSync(e)||(e=W.resolve(__dirname,"..","..","native","visa-keychain.m")),A.existsSync(e)||(e=W.resolve(__dirname,"..","native","visa-keychain.m")),!A.existsSync(e))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");A.mkdirSync(qe,{recursive:!0,mode:448});try{await de("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",re,e],{timeout:3e4})}catch(n){throw n.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):n}let t=Bn(re);return A.writeFileSync(Fn,t,{mode:384}),A.writeFileSync(Vn,Hn,{mode:384}),re}async function Wn(e){let t=await Jn(),n;try{n=(await de(t,e,{timeout:6e4})).stdout}catch(o){n=o.stdout||"";let i=n.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let r=n.trim();if(r.startsWith("OK:"))return r.slice(3);if(r==="OK")return;let s=r.startsWith("ERROR:")?r.slice(6):"Unknown error";throw new Error(s)}var $t=null;function D(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:$t!==null?$t:($t=!0,!0)}var Be="visa-cli",Ke="attestation-key";async function Os(e){try{await de("security",["delete-generic-password","-s",Be,"-a",Ke],{timeout:5e3})}catch{}await de("security",["add-generic-password","-s",Be,"-a",Ke,"-w",e],{timeout:5e3})}async function Ds(){try{let{stdout:e}=await de("security",["find-generic-password","-s",Be,"-a",Ke,"-w"],{timeout:5e3});return e.trim()||null}catch{return null}}async function Ge(){let e=await Wn(["generate-key"]);if(!e)throw new Error("Key generation returned no output");let t=e.indexOf(":");if(t<0)throw new Error("Unexpected generate-key output format");let n=e.slice(0,t),r=e.slice(t+1);return await Os(n),r}async function Pt(e,t){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let n=await Ds();if(!n)throw new Error("Attestation key not found. Run setup to generate a new key.");let r=await Jn(),s=["sign",e];return t&&s.push(t),new Promise((o,i)=>{let a=(0,Et.execFile)(r,s,{timeout:6e4},(c,l)=>{let u=(l||"").trim();if(c){u.startsWith("ERROR:")?i(new Error(u.slice(6))):i(new Error(c.stderr?.trim()||c.message||"Unknown error"));return}u.startsWith("OK:")?o(u.slice(3)):i(new Error(u.startsWith("ERROR:")?u.slice(6):"Unknown error"))});a.stdin.write(n),a.stdin.end()})}async function zn(){try{await de("security",["delete-generic-password","-s",Be,"-a",Ke],{timeout:5e3})}catch{}try{await Wn(["delete-key"])}catch{}}function Yn(e,t=process.stderr){if(J()||!e?.updateAvailable)return!1;let{message:n}=e.updateAvailable;return n?(t.write(`
+`);return{schemaVersion:us,client:t?kn(t):ne.UNKNOWN,rendered:r,lines:n.map(yn),visa:{spendLine:yn(e)},context:t?xn(t):{}}}function P(e){return e?e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ").trim():""}function vt(e){if(typeof e=="string")return P(X.basename(e));if(!e||typeof e!="object")return"";let t=typeof e.current_dir=="string"?e.current_dir:typeof e.path=="string"?e.path:"";return P(t?X.basename(t):e.name)}function _n(e){return P(e.app_name??e.appName??e.app??e.client)}function yt(e){return P(e.model?.display_name??e.model_name??e.modelName)}function Cn(e){return P(e.cwd??e.current_dir??e.project_root)}function hn(e){let t=P(e.project);if(t)return t;let n=Cn(e);if(n)return P(X.basename(n));let r=vt(e.workspace);return r||""}function K(e){if(!(typeof e!="number"||!Number.isFinite(e)))return e}function kn(e){let t=_n(e).toLowerCase();return t.includes("codex")?ne.CODEX:t.includes("claude")||e.model?.display_name||e.transcript_path||e.rate_limits?ne.CLAUDE_CODE:e.run_state||e.runState||e.thread_title||e.threadTitle||e.git_branch||K(e.context_used)!==void 0?ne.CODEX:ne.UNKNOWN}function $s(e){return kn(e)===ne.CODEX}function xn(e){let t=_n(e),n=Cn(e),r=vt(e.workspace),s=K(e.context_used)??K(e.context_window?.used_percentage??void 0),o=K(e.context_remaining)??K(e.context_window?.remaining_percentage??void 0);return{...t?{app:t}:{},...yt(e)?{model:yt(e)}:{},...hn(e)?{project:hn(e)}:{},...r?{workspace:r}:{},...n?{cwd:n}:{},...P(e.git_branch??e.branch)?{gitBranch:P(e.git_branch??e.branch)}:{},...P(e.status??e.run_state??e.runState)?{status:P(e.status??e.run_state??e.runState)}:{},...P(e.thread_title??e.threadTitle)?{threadTitle:P(e.thread_title??e.threadTitle)}:{},...s!==void 0?{contextUsedPercent:s}:{},...o!==void 0?{contextRemainingPercent:o}:{},...K(e.used_tokens)!==void 0?{usedTokens:K(e.used_tokens)}:{},...K(e.total_input_tokens)!==void 0?{totalInputTokens:K(e.total_input_tokens)}:{},...K(e.total_output_tokens)!==void 0?{totalOutputTokens:K(e.total_output_tokens)}:{}}}function yn(e){return e.replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"")}async function $n(e,t){let n=t?.timeoutMs??3e4,r=new AbortController,s=setTimeout(()=>r.abort(),n);try{let{timeoutMs:o,...i}=t??{};return await fetch(e,{...i,signal:r.signal})}finally{clearTimeout(s)}}var je=class extends Error{retryable;code;reason;constructor(t,n,r,s){super(t),this.name="CardDeclinedError",this.retryable=n,this.code=r,this.reason=s}};var Es=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function Pn(e,t){let n=En(e),r=En(t);if(!n||!r)return!1;for(let s=0;s<3;s++)if(n.main[s]!==r.main[s])return n.main[s]>r.main[s];return n.pre&&!r.pre?!1:!n.pre&&r.pre?!0:!n.pre&&!r.pre?!1:Ps(n.pre,r.pre)>0}function En(e){if(typeof e!="string")return null;let n=e.trim().replace(/^v/,"").match(Es);return n?{main:[Number(n[1]),Number(n[2]),Number(n[3])],pre:n[4]??null}:null}function Ps(e,t){let n=e.split("."),r=t.split("."),s=Math.max(n.length,r.length);for(let o=0;o<s;o++){if(o>=n.length)return-1;if(o>=r.length)return 1;let i=n[o],a=r[o],c=/^\d+$/.test(i),l=/^\d+$/.test(a);if(c&&l){let u=Number(i)-Number(a);if(u!==0)return u}else{if(c)return-1;if(l)return 1;if(i<a)return-1;if(i>a)return 1}}return 0}function W(){return!!(Tn(process.env.VISA_CLI_NO_UPDATE_CHECK)||Tn(process.env.CI)||process.env.NODE_ENV==="test")}function Tn(e){if(e===void 0)return!1;let t=e.trim().toLowerCase();return!(t===""||t==="0"||t==="false"||t==="no"||t==="off")}var ee=h(require("fs")),In=h(require("path"));var Me=h(require("fs")),Rn=h(require("path")),An=h(require("os"));var bt=Rn.join(An.homedir(),".visa-mcp"),me=class{static ensureConfigDir(){Me.existsSync(bt)||Me.mkdirSync(bt,{recursive:!0,mode:448})}static getConfigDir(){return bt}static TOOL_STATES={login:!0,get_status:!0,get_cards:!0,add_card:!0,pay:!0,transaction_history:!0,update_spending_controls:!0,enroll_device:!1,verify_otp:!1,reset:!0,batch:!0,generate_x402_image:!1,browser_launch:!1,browser_navigate:!1,browser_snapshot:!1,browser_click:!1,browser_type:!1,browser_scroll:!1,generate_music_card:!1,generate_image_card:!0,query_onchain_prices_card:!0,generate_music_tempo_card:!0,check_music_status_tempo_card:!0,generate_image_fast_card:!0,pxlwall_card:!1,generate_video_tempo_card:!0};static loadToolStates(){return{...this.TOOL_STATES}}static getDisabledTools(){let t=new Set;for(let[n,r]of Object.entries(this.TOOL_STATES))r||t.add(n);return t}static isToolDisabled(t){return this.TOOL_STATES[t]===!1}};var Ts="settings.json";function He(){return In.join(me.getConfigDir(),Ts)}var he={"auth.serverUrl":{type:"string",description:"Auth server base URL. Override for staging / self-hosted backends.",requiresRestart:!0,validate:e=>{if(typeof e!="string")throw new Error("auth.serverUrl must be a string");let t;try{t=new URL(e)}catch{throw new Error(`auth.serverUrl must be a valid URL (got: ${JSON.stringify(e)})`)}if(t.protocol!=="https:"&&t.protocol!=="http:")throw new Error(`auth.serverUrl must use http or https (got: ${t.protocol})`)}},"ui.suppressBrowser":{type:"boolean",description:"When true, the CLI/MCP server stops auto-opening result URLs in your browser."},"ui.suppressFeed":{type:"boolean",description:"When true, generated images/music are not auto-submitted to the public Made-with-Visa feed."},"tools.meta":{type:"boolean",description:"Show category meta-tools (generate_image, generate_music, ...). Restart required.",requiresRestart:!0},"tools.specific":{type:"boolean",description:"Show hardcoded per-merchant tools (generate_image_card, query_onchain_prices_card, ...). Restart required.",requiresRestart:!0},"tools.discover":{type:"boolean",description:"Show the dynamic-catalog tools (discover_tools, execute_tool). Restart required.",requiresRestart:!0}};function Ve(){let e=He();if(!ee.existsSync(e))return{};try{let t=ee.readFileSync(e,"utf-8"),n=JSON.parse(t);return!n||typeof n!="object"||Array.isArray(n)?{}:n}catch{return{}}}function Ln(e){me.ensureConfigDir();let t=He(),n=`${t}.tmp`,r=JSON.stringify(e,null,2)+`
+`;ee.writeFileSync(n,r,{mode:384}),ee.renameSync(n,t)}function wt(e){let t=Ve()[e];return typeof t=="string"?t:void 0}function Nn(e){let t=Ve()[e];if(typeof t=="boolean")return t;if(t==="true")return!0;if(t==="false")return!1}var ae=class extends Error{constructor(t){let n=Object.keys(he).sort().join(", ");super(`Unknown setting "${t}". Settable keys: ${n}. For server-controlled values (biometric.*, spending.*) use the dedicated tools (biometric_on/off, update_spending_controls).`),this.name="UnknownSettingKeyError"}},ce=class extends Error{constructor(t){let n="";t.startsWith("biometric.")?n="biometric_on / biometric_off":t.startsWith("spending.")?n="update_spending_controls":t.startsWith("cards.")?n="add_card / remove_card / set_default_card":t.startsWith("account.")&&(n="login / reset"),super(`"${t}" is a server-controlled value and cannot be set via config set. `+(n?`Use ${n} instead.`:"No client-side override is supported.")),this.name="ServerOnlySettingError"}},On=["biometric.","spending.","account.","cards.","biometric"];function Dn(e,t){if(On.some(o=>e.startsWith(o)))throw new ce(e);let n=he[e];if(!n)throw new ae(e);let r;if(n.type==="boolean")if(typeof t=="boolean")r=t;else if(typeof t=="string"){let o=t.toLowerCase();if(o==="true")r=!0;else if(o==="false")r=!1;else throw new Error(`${e} expects true or false (got: ${JSON.stringify(t)})`)}else throw new Error(`${e} expects a boolean (got: ${typeof t})`);else{if(typeof t!="string"||t.length===0)throw new Error(`${e} expects a non-empty string`);r=t}n.validate&&n.validate(r);let s=Ve();return s[e]=r,Ln(s),{key:e,value:r,requiresRestart:!!n.requiresRestart,path:He()}}function Un(e){if(On.some(s=>e.startsWith(s)))throw new ce(e);let t=he[e];if(!t)throw new ae(e);let n=Ve(),r=e in n;return r&&(delete n[e],Ln(n)),{key:e,removed:r,requiresRestart:r&&!!t.requiresRestart,path:He()}}var Rs="https://auth.visacli.sh";function jn(){let e=process.env.VISA_AUTH_URL;if(e!==void 0&&e!=="")return e;let t=wt("auth.serverUrl");return t!==void 0?t:Rs}var _t="1.12.0-rc.1",le=class{constructor(t){this.getSessionToken=t;this.baseUrl=jn()}getSessionToken;baseUrl;lastSignals={};parseServerSignals(t){if(this.lastSignals={},!W()){let r=t.headers.get("X-Latest-Version"),s=t.headers.get("X-Update-Message");r&&Pn(r,_t)&&(this.lastSignals.updateAvailable={version:r,message:s||`Update available: v${r}. Run: npm install -g @visa/cli && visa-cli setup`})}let n=t.headers.get("X-Feedback-Prompt");if(n)try{this.lastSignals.feedbackPrompt=JSON.parse(n)}catch{}}getClientVersion(){return _t}async request(t,n,r,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Sign up at https://visacli.sh or run: visa-cli setup");let a={Authorization:`Bearer ${i}`};o&&(t==="GET"?a["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):r={...r||{},user_context:o}),r&&(a["Content-Type"]="application/json");let c;try{c=await $n(`${this.baseUrl}${n}`,{method:t,headers:{...a,"X-Visa-CLI-Version":_t},body:r?JSON.stringify(r):void 0,timeoutMs:s})}catch(u){throw u.name==="AbortError"||u.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(c),c.status===401)throw new Error("Your session has expired. Run: visa-cli setup");if(c.status===429){let u=c.headers.get("Retry-After")||"3";throw new Error(`Rate limited \u2014 wait ${u}s. Tip: use the batch tool to combine multiple requests into one.`)}if(c.status===503)throw new Error("Visa CLI is temporarily unavailable. Check https://visacli.sh for status.");let l;try{l=await c.json()}catch{throw c.status===500?new Error(`Server error on ${n}. Try again or check https://visacli.sh for status.`):new Error(`Unexpected response from ${n}. Try again.`)}if(!c.ok)throw c.status===500?new Error(`Server error on ${n}. Try again or check https://visacli.sh for status.`):l?.declined?new je(l.error||"Your card was declined.",!!l.retryable,l.code,l.reason):new Error(l?.error||`Request failed (${c.status}). Try again.`);return l}async pay(t,n){return this.request("POST","/v1/pay",t,void 0,n)}async shortcut(t,n,r,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(t)}`,n,r,s)}async batch(t,n,r){return this.request("POST","/v1/batch",t,n,r)}async catalogSearch(t,n){let r=new URLSearchParams;t&&r.set("q",t),n&&r.set("category",n);let s=r.toString();return this.request("GET",`/v1/catalog${s?`?${s}`:""}`)}async catalogTool(t){try{return await this.request("GET",`/v1/catalog/${encodeURIComponent(t)}`)}catch{return null}}async discoverMerchantRoutes(t){try{return await this.request("GET",`/v1/platform/discover/${encodeURIComponent(t)}`)}catch{return null}}async paymentPreview(t,n){return this.request("POST","/v1/payment-preview",t,void 0,n)}async getStatus(t){return this.request("GET","/v1/status",void 0,void 0,t)}async getTransactions(t){return this.request("GET","/v1/transactions",void 0,void 0,t)}async updateSpendingControls(t,n){return this.request("POST","/v1/spending-controls",t,void 0,n)}async removeCard(t,n,r){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(t))}`,n,void 0,r)}async setDefaultCard(t,n,r){return this.request("POST",`/v1/cards/${encodeURIComponent(String(t))}/default`,n,void 0,r)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(t){return this.request("POST","/v1/attestation-key",{publicKey:t})}async setBiometricPreference(t,n){return this.request("POST","/v1/biometric-preference",{...t,confirm:!0},void 0,n)}async logout(t,n){return this.request("POST","/v1/logout",t,void 0,n)}async feedback(t,n,r){return this.request("POST","/v1/feedback",{message:t,...n&&{transaction_id:n}},void 0,r)}async createAppApiKey(t){return this.request("POST","/v1/api/keys",t)}async listAppApiKeys(){return this.request("GET","/v1/api/keys")}async revokeAppApiKey(t){return this.request("DELETE",`/v1/api/keys/${encodeURIComponent(String(t))}`)}async feedSubmit(t){return this.request("POST","/v1/feed",t)}async feedList(t){let n=new URLSearchParams;t?.tab&&n.set("tab",t.tab),t?.limit&&n.set("limit",String(t.limit)),t?.offset&&n.set("offset",String(t.offset));let r=n.toString();return this.request("GET",`/v1/feed${r?"?"+r:""}`)}async feedVote(t,n){return this.request("POST",`/v1/feed/${encodeURIComponent(t)}/vote`,{direction:n})}async feedApprove(t){return this.request("POST",`/v1/feed/${encodeURIComponent(t)}/approve`)}async feedDelete(t){return this.request("DELETE",`/v1/feed/${encodeURIComponent(t)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(t,n,r){return this.request("POST","/v1/feedback",{message:t,...n&&{transaction_id:n}},void 0,r)}async getFeedback(t,n){let r=new URLSearchParams;t&&r.set("limit",String(t));let s=r.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,n)}async submitRatedFeedback(t){return this.request("POST","/v1/feedback",t)}};var Et=require("child_process"),Kn=require("util"),qn=h(require("crypto")),R=h(require("fs")),Gn=h(require("os")),J=h(require("path"));var O=h(require("fs")),xt=h(require("path")),Mn=h(require("os")),kt=xt.join(Mn.homedir(),".visa-mcp"),ye=xt.join(kt,"mcp-server.log"),As=5*1024*1024,Ct=null;function Is(){O.existsSync(kt)||O.mkdirSync(kt,{recursive:!0,mode:448})}function Ls(){if(!Ct){if(Is(),O.existsSync(ye)&&O.statSync(ye).size>As){let t=ye+".1";O.existsSync(t)&&O.unlinkSync(t),O.renameSync(ye,t)}Ct=O.createWriteStream(ye,{flags:"a"})}return Ct}function Ns(e){return e==="WARN"||e==="ERROR"?!0:process.env.VISA_CLI_DEBUG==="1"||process.env.VISA_VERBOSE==="1"}function Fe(e,...t){let n=new Date().toISOString(),r=t.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${n}] [${e}] ${r}
+`;Ns(e)&&process.stderr.write(s),Ls().write(s)}var ue={debug:(...e)=>Fe("DEBUG",...e),info:(...e)=>Fe("INFO",...e),warn:(...e)=>Fe("WARN",...e),error:(...e)=>Fe("ERROR",...e)};var de=(0,Kn.promisify)(Et.execFile),qe=J.join(Gn.homedir(),".visa-mcp","bin"),re=J.join(qe,"Visa CLI"),Os=J.join(__dirname,"..","native"),Hn="5",Vn=J.join(qe,"visa-keychain.version"),Fn=J.join(qe,"visa-keychain.sha256");function Bn(e){let t=R.readFileSync(e);return qn.createHash("sha256").update(t).digest("hex")}async function Wn(){try{if(R.readFileSync(Vn,"utf-8").trim()===Hn&&R.existsSync(re)){let r=R.readFileSync(Fn,"utf-8").trim();if(Bn(re)!==r)ue.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),R.unlinkSync(re);else return re}}catch{}let e=J.join(Os,"visa-keychain.m");if(R.existsSync(e)||(e=J.resolve(__dirname,"..","..","native","visa-keychain.m")),R.existsSync(e)||(e=J.resolve(__dirname,"..","native","visa-keychain.m")),!R.existsSync(e))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");R.mkdirSync(qe,{recursive:!0,mode:448});try{await de("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",re,e],{timeout:3e4})}catch(n){throw n.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):n}let t=Bn(re);return R.writeFileSync(Fn,t,{mode:384}),R.writeFileSync(Vn,Hn,{mode:384}),re}async function Jn(e){let t=await Wn(),n;try{n=(await de(t,e,{timeout:6e4})).stdout}catch(o){n=o.stdout||"";let i=n.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let r=n.trim();if(r.startsWith("OK:"))return r.slice(3);if(r==="OK")return;let s=r.startsWith("ERROR:")?r.slice(6):"Unknown error";throw new Error(s)}var $t=null;function D(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:$t!==null?$t:($t=!0,!0)}var Be="visa-cli",Ke="attestation-key";async function Ds(e){try{await de("security",["delete-generic-password","-s",Be,"-a",Ke],{timeout:5e3})}catch{}await de("security",["add-generic-password","-s",Be,"-a",Ke,"-w",e],{timeout:5e3})}async function Us(){try{let{stdout:e}=await de("security",["find-generic-password","-s",Be,"-a",Ke,"-w"],{timeout:5e3});return e.trim()||null}catch{return null}}async function Ge(){let e=await Jn(["generate-key"]);if(!e)throw new Error("Key generation returned no output");let t=e.indexOf(":");if(t<0)throw new Error("Unexpected generate-key output format");let n=e.slice(0,t),r=e.slice(t+1);return await Ds(n),r}async function Pt(e,t){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let n=await Us();if(!n)throw new Error("Attestation key not found. Run setup to generate a new key.");let r=await Wn(),s=["sign",e];return t&&s.push(t),new Promise((o,i)=>{let a=(0,Et.execFile)(r,s,{timeout:6e4},(c,l)=>{let u=(l||"").trim();if(c){u.startsWith("ERROR:")?i(new Error(u.slice(6))):i(new Error(c.stderr?.trim()||c.message||"Unknown error"));return}u.startsWith("OK:")?o(u.slice(3)):i(new Error(u.startsWith("ERROR:")?u.slice(6):"Unknown error"))});a.stdin.write(n),a.stdin.end()})}async function zn(){try{await de("security",["delete-generic-password","-s",Be,"-a",Ke],{timeout:5e3})}catch{}try{await Jn(["delete-key"])}catch{}}function Yn(e,t=process.stderr){if(W()||!e?.updateAvailable)return!1;let{message:n}=e.updateAvailable;return n?(t.write(`
 \x1B[33m\u2191 ${n}\x1B[0m
-`),!0):!1}function Zn(e,t,n,r){let s=r.currentVersion==="0.0.0"&&e.version?e.version:r.currentVersion,i=Bs(e.spendingControls).dailyLimit,a=Math.max(0,Se(e.dailySpent)),c=i>0?Math.min(i,Math.max(0,Se(e.dailyRemaining??i-a))):0,l=i>0?Math.min(1,a/i):0,f=(Array.isArray(t)?t:[]).filter(Ms),y=f.slice(0,3),w=Hs(f,3),d=(e.cards??[]).slice(0,3),S=r.latestVersion?At(r.latestVersion):"",_=r.updateCheckDisabled?"update checks disabled":S?`update ready: v${S}`:"up to date",C=Math.round(l*100),E=te(e.status,e.enrolled?"approved":"not enrolled"),ie=["VISA CLI",`Status: ${e.enrolled?"Visa ready":"Visa setup needed"} | account: ${E} | touch id: ${n?"ready":"unavailable"}`,`Version: v${s} | ${_}`,`Spend meter: ${Xn(l)} ${String(C).padStart(3," ")}% | remaining ${fe(c)}/day | daily cap ${fe(i)}`,"","Spend",`  Remaining        ${fe(c)} / ${fe(i)}`,`  Usage            ${Xn(l)} ${C}%`,`  Spent today      ${fe(a)}`,`  Attestation key  ${e.hasAttestationKey?"registered":"missing"}`,"","Cards",...d.length>0?d.map(I=>`  ${Fs(I)}`):["  No cards enrolled"],"","Last 3 services",...w.length>0?w.map((I,F)=>`  ${F+1}. ${I}`):["  No paid services yet"],"","Recent receipts",...y.length>0?y.map(I=>`  ${Vs(I)}`):["  No receipts yet"]];return r.updateMessage&&ie.push("",`Update: ${At(r.updateMessage)}`),`${ie.join(`
+`),!0):!1}function Zn(e,t,n,r){let s=r.currentVersion==="0.0.0"&&e.version?e.version:r.currentVersion,i=Ks(e.spendingControls).dailyLimit,a=Math.max(0,Se(e.dailySpent)),c=i>0?Math.min(i,Math.max(0,Se(e.dailyRemaining??i-a))):0,l=i>0?Math.min(1,a/i):0,f=(Array.isArray(t)?t:[]).filter(Hs),y=f.slice(0,3),w=Vs(f,3),d=(e.cards??[]).slice(0,3),S=r.latestVersion?Rt(r.latestVersion):"",_=r.updateCheckDisabled?"update checks disabled":S?`update ready: v${S}`:"up to date",C=Math.round(l*100),E=te(e.status,e.enrolled?"approved":"not enrolled"),ie=["VISA CLI",`Status: ${e.enrolled?"Visa ready":"Visa setup needed"} | account: ${E} | touch id: ${n?"ready":"unavailable"}`,`Version: v${s} | ${_}`,`Spend meter: ${Xn(l)} ${String(C).padStart(3," ")}% | remaining ${fe(c)}/day | daily cap ${fe(i)}`,"","Spend",`  Remaining        ${fe(c)} / ${fe(i)}`,`  Usage            ${Xn(l)} ${C}%`,`  Spent today      ${fe(a)}`,`  Attestation key  ${e.hasAttestationKey?"registered":"missing"}`,"","Cards",...d.length>0?d.map(I=>`  ${Bs(I)}`):["  No cards enrolled"],"","Last 3 services",...w.length>0?w.map((I,F)=>`  ${F+1}. ${I}`):["  No paid services yet"],"","Recent receipts",...y.length>0?y.map(I=>`  ${Fs(I)}`):["  No receipts yet"]];return r.updateMessage&&ie.push("",`Update: ${Rt(r.updateMessage)}`),`${ie.join(`
 `)}
-`}function Us(e){return e.tool_name!=null}function js(e){return Se(e.amount)===0&&e.status==="failed"}function Ms(e){return Us(e)&&!js(e)}function Hs(e,t=1/0){let n=new Set,r=[];for(let s of e){if(r.length>=t)break;let o=te(s.merchant_name,"Unknown merchant"),i=te(s.tool_name,"unknown_tool"),a=`${o} :: ${i}`;n.has(a)||(n.add(a),r.push(`${o}  [${i}]`))}return r}function Vs(e){let t=te(e.merchant_name,"Unknown merchant"),n=te(e.tool_name,"unknown_tool"),r=fe(Se(e.amount)),s=te(e.status,"unknown"),o=Ks(e.created_at);return`${r}  ${s.padEnd(9)}  ${t}  [${n}]  ${o}`}function Fs(e){let t=te(e.brand?.toUpperCase(),"CARD"),n=e.isDefault?" default":"";return`${Number.isInteger(e.id)?`#${e.id} `:""}${t} ****${e.last4}${n}`}function Bs(e){return{dailyLimit:Se(e?.daily_limit??e?.dailyLimit??0)}}function Se(e){let t=Number(typeof e=="string"?e:e??0);return Number.isFinite(t)?t:0}function fe(e){return`$${e.toFixed(2)}`}function Xn(e,t=20){let n=Math.max(0,Math.min(1,e)),r=Math.round(n*t);return`[${"\u2588".repeat(r)}${"\u2591".repeat(t-r)}]`}function te(e,t){let n=At(e??"").trim();return n.length>0?n:t}function Ks(e){if(!e)return"unknown time";let t=new Date(e);return Number.isNaN(t.getTime())?te(e,"unknown time"):t.toISOString().slice(0,16).replace("T"," ")}function At(e){return e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ")}var b=h(require("fs")),Ye=h(require("os")),$=h(require("path")),er=require("child_process"),qs=2,Je="# >>> visa-cli shell hud v2 >>>",We="# <<< visa-cli shell hud v2 <<<",Gs="# >>> visa-cli shell hud >>>",Js="# <<< visa-cli shell hud <<<",tr=3e4,Ws={currentVersion:"0.0.0"},zs=3e4;function Nt(){try{return $.join(ar(),".visa-cli")}catch{return $.join(Ye.tmpdir(),".visa-cli")}}function be(){return $.join(Nt(),"shell-hud.json")}function Xe(){return $.join(Nt(),"shell-hud.line")}function nr(){return $.join(Nt(),"shell-hud.lock")}function Ze(e){let t=e??process.env.SHELL;if(!t)return null;let n=$.basename(t.replace(/\\/g,"/")).toLowerCase();return n==="zsh"?"zsh":n==="bash"?"bash":n==="pwsh"||n==="pwsh.exe"||n==="powershell"||n==="powershell.exe"?"powershell":null}function Qe(e){let t=ar();if(e==="zsh")return $.join(t,".zshrc");if(e==="bash")return $.join(t,".bashrc");let n=(process.platform==="win32","PowerShell");return $.join(t,"Documents",n,"Microsoft.PowerShell_profile.ps1")}function Ys(e){let t="$HOME/.visa-cli/shell-hud.line",n=oo(e),r=io(e);if(e==="zsh")return`${Je}
+`}function js(e){return e.tool_name!=null}function Ms(e){return Se(e.amount)===0&&e.status==="failed"}function Hs(e){return js(e)&&!Ms(e)}function Vs(e,t=1/0){let n=new Set,r=[];for(let s of e){if(r.length>=t)break;let o=te(s.merchant_name,"Unknown merchant"),i=te(s.tool_name,"unknown_tool"),a=`${o} :: ${i}`;n.has(a)||(n.add(a),r.push(`${o}  [${i}]`))}return r}function Fs(e){let t=te(e.merchant_name,"Unknown merchant"),n=te(e.tool_name,"unknown_tool"),r=fe(Se(e.amount)),s=te(e.status,"unknown"),o=qs(e.created_at);return`${r}  ${s.padEnd(9)}  ${t}  [${n}]  ${o}`}function Bs(e){let t=te(e.brand?.toUpperCase(),"CARD"),n=e.isDefault?" default":"";return`${Number.isInteger(e.id)?`#${e.id} `:""}${t} ****${e.last4}${n}`}function Ks(e){return{dailyLimit:Se(e?.daily_limit??e?.dailyLimit??0)}}function Se(e){let t=Number(typeof e=="string"?e:e??0);return Number.isFinite(t)?t:0}function fe(e){return`$${e.toFixed(2)}`}function Xn(e,t=20){let n=Math.max(0,Math.min(1,e)),r=Math.round(n*t);return`[${"\u2588".repeat(r)}${"\u2591".repeat(t-r)}]`}function te(e,t){let n=Rt(e??"").trim();return n.length>0?n:t}function qs(e){if(!e)return"unknown time";let t=new Date(e);return Number.isNaN(t.getTime())?te(e,"unknown time"):t.toISOString().slice(0,16).replace("T"," ")}function Rt(e){return e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ")}var b=h(require("fs")),Ye=h(require("os")),$=h(require("path")),er=require("child_process"),Gs=2,We="# >>> visa-cli shell hud v2 >>>",Je="# <<< visa-cli shell hud v2 <<<",Ws="# >>> visa-cli shell hud >>>",Js="# <<< visa-cli shell hud <<<",tr=3e4,zs={currentVersion:"0.0.0"},Ys=3e4;function Nt(){try{return $.join(ar(),".visa-cli")}catch{return $.join(Ye.tmpdir(),".visa-cli")}}function be(){return $.join(Nt(),"shell-hud.json")}function Xe(){return $.join(Nt(),"shell-hud.line")}function nr(){return $.join(Nt(),"shell-hud.lock")}function Ze(e){let t=e??process.env.SHELL;if(!t)return null;let n=$.basename(t.replace(/\\/g,"/")).toLowerCase();return n==="zsh"?"zsh":n==="bash"?"bash":n==="pwsh"||n==="pwsh.exe"||n==="powershell"||n==="powershell.exe"?"powershell":null}function Qe(e){let t=ar();if(e==="zsh")return $.join(t,".zshrc");if(e==="bash")return $.join(t,".bashrc");let n=(process.platform==="win32","PowerShell");return $.join(t,"Documents",n,"Microsoft.PowerShell_profile.ps1")}function Xs(e){let t="$HOME/.visa-cli/shell-hud.line",n=io(e),r=ao(e);if(e==="zsh")return`${We}
 _visa_cli_shell_hud_precmd() {
   setopt localoptions no_bg_nice
   if [[ -f "${t}" ]]; then
@@ -52,7 +52,7 @@ autoload -Uz add-zsh-hook
 if [[ -z "\${precmd_functions[(r)_visa_cli_shell_hud_precmd]}" ]]; then
   add-zsh-hook precmd _visa_cli_shell_hud_precmd
 fi
-${We}`;if(e==="powershell"){let s="(Join-Path $HOME '.visa-cli/shell-hud.line')";return`${Je}
+${Je}`;if(e==="powershell"){let s="(Join-Path $HOME '.visa-cli/shell-hud.line')";return`${We}
 if (-not (Test-Path Function:\\global:__visa_cli_original_prompt)) {
   $function:global:__visa_cli_original_prompt = if (Test-Path Function:\\prompt) { $function:prompt } else { { '' } }
 }
@@ -71,7 +71,7 @@ function global:prompt {
   }
   & $function:global:__visa_cli_original_prompt
 }
-${We}`}return`${Je}
+${Je}`}return`${We}
 __visa_cli_shell_hud_precmd() {
   if [ -f "${t}" ]; then
     cat "${t}"
@@ -88,18 +88,18 @@ case ";$PROMPT_COMMAND;" in
   *";__visa_cli_shell_hud_precmd;"*) ;;
   *) PROMPT_COMMAND="__visa_cli_shell_hud_precmd\${PROMPT_COMMAND:+;$PROMPT_COMMAND}" ;;
 esac
-${We}`}function rr(e){let t=e;for(let[n,r]of[[Je,We],[Gs,Js]])t=t.replace(new RegExp(`\\n?${Qn(n)}[\\s\\S]*?${Qn(r)}\\n?`,"g"),"");return t.trimEnd()}function Xs(e,t){let n=rr(e).trimEnd(),r=Ys(t);return n.length>0?`${n}
+${Je}`}function rr(e){let t=e;for(let[n,r]of[[We,Je],[Ws,Js]])t=t.replace(new RegExp(`\\n?${Qn(n)}[\\s\\S]*?${Qn(r)}\\n?`,"g"),"");return t.trimEnd()}function Zs(e,t){let n=rr(e).trimEnd(),r=Xs(t);return n.length>0?`${n}
 
 ${r}
 `:`${r}
-`}function Ot(e=Ze()){if(!e)return{installed:!1,changed:!1,shell:null,message:"Shell HUD auto-install skipped: supported shells are zsh, bash, and PowerShell."};let t;try{t=Qe(e);let n=b.existsSync(t)?b.readFileSync(t,"utf-8"):"",r=Xs(n,e),s=r!==n;return s&&ze(t,r),{installed:!0,changed:s,shell:e,rcPath:t,message:s?`Persistent shell HUD installed in ${t}. Open a new terminal to start seeing it. Disable it any time with: visa-cli shell-hud disable`:`Persistent shell HUD already installed in ${t}. Disable it any time with: visa-cli shell-hud disable`}}catch(n){return{installed:!1,changed:!1,shell:e,rcPath:t,message:`Failed to install persistent shell HUD in ${t}: ${cr(n)}`}}}function Dt(e=Ze()){if(!e)return{removed:!1,shell:null,message:"Shell HUD uninstall skipped: supported shells are zsh, bash, and PowerShell."};let t;try{if(t=Qe(e),!b.existsSync(t))return{removed:!1,shell:e,rcPath:t,message:`No ${e} rc file found at ${t}.`};let n=b.readFileSync(t,"utf-8"),r=rr(n);return r===n.trimEnd()?{removed:!1,shell:e,rcPath:t,message:`Persistent shell HUD was not installed in ${t}.`}:(ze(t,r.length>0?`${r}
-`:""),{removed:!0,shell:e,rcPath:t,message:`Removed persistent shell HUD from ${t}.`})}catch(n){return{removed:!1,shell:e,rcPath:t,message:`Failed to remove persistent shell HUD from ${t}: ${cr(n)}`}}}function Ut(e,t){let n=t??Ws,r=n.currentVersion==="0.0.0"&&e.version?e.version:n.currentVersion,s=we(r),o=` ${U("\u2502",L.dim)} `,i=sr(n),a=Zs(s,i),c=Qs(n,i);if(!e.enrolled)return[a,U("setup needed",L.visaGold),c].filter(Boolean).join(o);let l=Rt(e.spendingControls?.daily_limit??e.spendingControls?.dailyLimit),u=Math.max(0,Rt(e.dailySpent)),f=l>0?Math.min(l,Math.max(0,Rt(e.dailyRemaining??l-u))):0,y=l>0?Math.max(0,Math.min(1,u/l)):0,w=ro(e),d=l>0?`${no(y)} ${U(`${It(f)} left today`,L.green)} ${U(`(${It(u)}/${It(l)}/day)`,L.dim)}`:U("no spend limit",L.dim);return[a,U(w,L.visaGold),d,c].filter(Boolean).join(o)}function Zs(e,t){let n=`${U("VISA CLI",L.visaBlue)} ${U(`v${e}`,L.visaBlueSoft)}`;return t?`${n} ${U("\u2B06 update",L.visaGold)} ${U(`v${t}`,L.visaGold)}`:n}function Qs(e,t){return t?null:eo(e)}function sr(e){return e.latestVersion?we(e.latestVersion):""}function eo(e){let t=sr(e);return t?U(`update ready v${t}`,L.visaGold):e.updateMessage?U("update ready",L.visaGold):null}function or(){let e=ir();return!!e&&Date.now()-e.renderedAt<=tr}function jt(){let e=ir();if(e&&Date.now()-e.renderedAt<=tr||(to(),e?.line))return e.line;try{let t=Xe();if(b.existsSync(t))return b.readFileSync(t,"utf-8").trimEnd()}catch{}return"VISA | loading spend HUD\u2026"}function Mt(e){try{let t=$.dirname(be());b.mkdirSync(t,{recursive:!0});let n=we(e),r={hudVersion:qs,renderedAt:Date.now(),line:n};ze(be(),JSON.stringify(r)+`
+`}function Ot(e=Ze()){if(!e)return{installed:!1,changed:!1,shell:null,message:"Shell HUD auto-install skipped: supported shells are zsh, bash, and PowerShell."};let t;try{t=Qe(e);let n=b.existsSync(t)?b.readFileSync(t,"utf-8"):"",r=Zs(n,e),s=r!==n;return s&&ze(t,r),{installed:!0,changed:s,shell:e,rcPath:t,message:s?`Persistent shell HUD installed in ${t}. Open a new terminal to start seeing it. Disable it any time with: visa-cli shell-hud disable`:`Persistent shell HUD already installed in ${t}. Disable it any time with: visa-cli shell-hud disable`}}catch(n){return{installed:!1,changed:!1,shell:e,rcPath:t,message:`Failed to install persistent shell HUD in ${t}: ${cr(n)}`}}}function Dt(e=Ze()){if(!e)return{removed:!1,shell:null,message:"Shell HUD uninstall skipped: supported shells are zsh, bash, and PowerShell."};let t;try{if(t=Qe(e),!b.existsSync(t))return{removed:!1,shell:e,rcPath:t,message:`No ${e} rc file found at ${t}.`};let n=b.readFileSync(t,"utf-8"),r=rr(n);return r===n.trimEnd()?{removed:!1,shell:e,rcPath:t,message:`Persistent shell HUD was not installed in ${t}.`}:(ze(t,r.length>0?`${r}
+`:""),{removed:!0,shell:e,rcPath:t,message:`Removed persistent shell HUD from ${t}.`})}catch(n){return{removed:!1,shell:e,rcPath:t,message:`Failed to remove persistent shell HUD from ${t}: ${cr(n)}`}}}function Ut(e,t){let n=t??zs,r=n.currentVersion==="0.0.0"&&e.version?e.version:n.currentVersion,s=we(r),o=` ${U("\u2502",L.dim)} `,i=sr(n),a=Qs(s,i),c=eo(n,i);if(!e.enrolled)return[a,U("setup needed",L.visaGold),c].filter(Boolean).join(o);let l=At(e.spendingControls?.daily_limit??e.spendingControls?.dailyLimit),u=Math.max(0,At(e.dailySpent)),f=l>0?Math.min(l,Math.max(0,At(e.dailyRemaining??l-u))):0,y=l>0?Math.max(0,Math.min(1,u/l)):0,w=so(e),d=l>0?`${ro(y)} ${U(`${It(f)} left today`,L.green)} ${U(`(${It(u)}/${It(l)}/day)`,L.dim)}`:U("no spend limit",L.dim);return[a,U(w,L.visaGold),d,c].filter(Boolean).join(o)}function Qs(e,t){let n=`${U("VISA CLI",L.visaBlue)} ${U(`v${e}`,L.visaBlueSoft)}`;return t?`${n} ${U("\u2B06 update",L.visaGold)} ${U(`v${t}`,L.visaGold)}`:n}function eo(e,t){return t?null:to(e)}function sr(e){return e.latestVersion?we(e.latestVersion):""}function to(e){let t=sr(e);return t?U(`update ready v${t}`,L.visaGold):e.updateMessage?U("update ready",L.visaGold):null}function or(){let e=ir();return!!e&&Date.now()-e.renderedAt<=tr}function jt(){let e=ir();if(e&&Date.now()-e.renderedAt<=tr||(no(),e?.line))return e.line;try{let t=Xe();if(b.existsSync(t))return b.readFileSync(t,"utf-8").trimEnd()}catch{}return"VISA | loading spend HUD\u2026"}function Mt(e){try{let t=$.dirname(be());b.mkdirSync(t,{recursive:!0});let n=we(e),r={hudVersion:Gs,renderedAt:Date.now(),line:n};ze(be(),JSON.stringify(r)+`
 `),ze(Xe(),n+`
-`)}catch{}}function ve(){try{b.unlinkSync(nr())}catch{}}function ir(){let e=be();if(!b.existsSync(e))return null;try{return JSON.parse(b.readFileSync(e,"utf-8"))}catch{return null}}function to(){if(process.env.JEST_WORKER_ID)return;let e=nr();try{if(b.mkdirSync($.dirname(e),{recursive:!0}),!ao(e))return;let t=process.argv[1]?$.resolve(process.argv[1]):"";if(!t){ve();return}let n=(0,er.spawn)(process.execPath,[t,"shell-hud","refresh"],{detached:!0,stdio:"ignore",env:{...process.env,VISA_CLI_SHELL_HUD_BACKGROUND:"1"}});n.once("error",ve),n.unref()}catch{ve()}}function Rt(e){let t=Number(typeof e=="string"?e:e??0);return Number.isFinite(t)?t:0}function we(e){return e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ").trim()}function no(e){let n=Math.round(Math.max(0,Math.min(1,e))*10),r="\u2588".repeat(n),s="\u2591".repeat(10-n);return`${U(r||"",L.green)}${U(s||"",L.dim)}`}function It(e){return`$${e.toFixed(2)}`}function ro(e){let t=e.cards?.find(a=>a.isDefault)??e.cards?.[0];if(!t)return"card none";let n=typeof t.brand=="string"?t.brand:"card",r=typeof t.last4=="string"?t.last4:"????",s=we(n.toUpperCase()),o=we(r);return`${t.isDefault?"default":"active"} ${s} ****${o}`}function so(){let e=(process.env.COLORTERM??"").toLowerCase();if(e==="truecolor"||e==="24bit")return!0;let t=(process.env.TERM??"").toLowerCase();return t.includes("truecolor")||t.includes("24bit")}var Lt=so(),L={reset:"\x1B[0m",visaBlue:Lt?"\x1B[38;2;20;52;203m":"\x1B[38;5;27m",visaBlueSoft:Lt?"\x1B[38;2;97;126;229m":"\x1B[38;5;111m",visaGold:Lt?"\x1B[38;2;247;182;0m":"\x1B[38;5;220m",green:"\x1B[38;5;48m",dim:"\x1B[2m"};function U(e,t){return e.length===0||process.env.NO_COLOR?e:`${t}${e}${L.reset}`}function Qn(e){return e.replace(/[.*+?^${}()|[\]\\]/g,"\\$&")}function ar(){let e=Ye.homedir();if(!e||!$.isAbsolute(e))throw new Error("unable to determine a valid home directory");return $.resolve(e)}function oo(e){return e==="powershell"?"& visa-cli shell-hud refresh":"visa-cli shell-hud refresh"}function io(e){return e==="powershell"?"Get-Command visa-cli -ErrorAction SilentlyContinue -CommandType Application":"command -v visa-cli >/dev/null 2>&1"}function ao(e){for(let t=0;t<2;t+=1){let n;try{return n=b.openSync(e,"wx"),b.writeFileSync(n,String(Date.now())),!0}catch(r){if(r?.code!=="EEXIST")return!1;try{let s=b.statSync(e);if(Date.now()-s.mtimeMs<=zs)return!1;b.unlinkSync(e)}catch{}}finally{n!==void 0&&b.closeSync(n)}}return!1}function cr(e){return e instanceof Error?e.message:"unknown file system error"}function ze(e,t){b.mkdirSync($.dirname(e),{recursive:!0});let n=`${e}.${process.pid}.${Date.now()}.tmp`;b.writeFileSync(n,t),b.renameSync(n,e)}async function Ht(e,t){try{return await t()}catch(n){if(n.message==="Invalid signature"&&D()){ue.warn("attestation:key-mismatch",{action:"reregistering"});try{let r=await Ge();await e.registerAttestationKey(r),ue.info("attestation:key-reregistered")}catch(r){throw ue.error("attestation:reregister-failure",{error:r.message}),n}return await t()}throw n}}var lr="1.11.0";function Vt(e,t){return t?{kind:"env",var:e}:{kind:"default"}}function co(e,t,n){let r=process.env[e];if(r!==void 0&&r!=="")return{value:r,source:{kind:"env",var:e}};let s=wt(t);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:n,source:{kind:"default"}}}function _e(e,t,n){let r=process.env[e];if(r!==void 0)return{value:n==="opt-in"?r==="true":r!=="false",source:{kind:"env",var:e}};let s=Nn(t);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:n!=="opt-in",source:{kind:"default"}}}function H(e){return e==null?"\u2014":e?"yes":"no"}function et(e){return e==null?"\u2014":`$${e.toFixed(2)}`}async function ur(e){let t=null,n=null;try{t=await e.api.getStatus()}catch(C){n=C?.message||"unknown error"}let r=[],s=co("VISA_AUTH_URL","auth.serverUrl","https://auth.visacli.sh");r.push({key:"auth.serverUrl",value:s.value,formatted:s.value,source:s.source,hint:s.source.kind==="default"?"Persist with `visa-cli config set auth.serverUrl <url>` (or set VISA_AUTH_URL for one-off overrides).":void 0}),r.push({key:"account.enrolled",value:t?.enrolled??null,formatted:H(t?.enrolled),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),t?.githubUser&&r.push({key:"account.githubUser",value:t.githubUser,formatted:t.githubUser,source:{kind:"server"}});let o=t?t.attestationRequired!==!1:void 0;r.push({key:"biometric.required",value:o,formatted:H(o),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"},hint:o===!1?"Touch ID prompts are suppressed. Re-enable with `visa-cli biometric on`.":void 0}),r.push({key:"biometric.keyRegistered",value:t?.hasAttestationKey??null,formatted:H(t?.hasAttestationKey),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"biometric.deviceAvailable",value:D(),formatted:H(D()),source:{kind:"device"}});let i=t?.spendingControls,a=i?i.max_transaction_amount??i.maxTransactionAmount??null:null,c=i?i.daily_limit??i.dailyLimit??null:null;r.push({key:"spending.maxPerTxn",value:a,formatted:et(a),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailyLimit",value:c,formatted:et(c),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailySpent",value:t?.dailySpent??null,formatted:et(t?.dailySpent),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailyRemaining",value:t?.dailyRemaining??null,formatted:et(t?.dailyRemaining),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"cards.count",value:t?.cardCount??null,formatted:t?.cardCount!=null?String(t.cardCount):"\u2014",source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}});let l=t?.cards?.find(C=>C.isDefault)??t?.cards?.[0];l&&r.push({key:"cards.default",value:{brand:l.brand??null,last4:l.last4},formatted:`${l.brand||"card"} \u2022\u2022\u2022\u2022 ${l.last4}`,source:{kind:"server"}});let u=_e("VISA_SUPPRESS_BROWSER","ui.suppressBrowser","opt-in");r.push({key:"ui.suppressBrowser",value:u.value,formatted:H(u.value),source:u.source,hint:"Persist with `visa-cli config set ui.suppressBrowser true` to stop auto-opening result URLs."});let f=_e("VISA_SUPPRESS_FEED","ui.suppressFeed","opt-in");r.push({key:"ui.suppressFeed",value:f.value,formatted:H(f.value),source:f.source});let y=J(),w;process.env.VISA_CLI_NO_UPDATE_CHECK?w={kind:"env",var:"VISA_CLI_NO_UPDATE_CHECK"}:process.env.CI?w={kind:"env",var:"CI"}:process.env.NODE_ENV==="test"?w={kind:"env",var:"NODE_ENV"}:w={kind:"default"},r.push({key:"ui.updateCheck",value:!y,formatted:H(!y),source:w});let d=_e("VISA_META_TOOLS","tools.meta","opt-out");r.push({key:"tools.meta",value:d.value,formatted:H(d.value),source:d.source,hint:"Persist with `visa-cli config set tools.meta false`. Restart Claude Code for changes to take effect."});let S=_e("VISA_SPECIFIC_TOOLS","tools.specific","opt-out");r.push({key:"tools.specific",value:S.value,formatted:H(S.value),source:S.source});let _=_e("VISA_DISCOVER_TOOLS","tools.discover","opt-out");if(r.push({key:"tools.discover",value:_.value,formatted:H(_.value),source:_.source}),r.push({key:"client.version",value:lr,formatted:lr,source:{kind:"default"}}),e.includeDev){let C=process.env.VISA_MOCK_KEYCHAIN;r.push({key:"dev.mockKeychain",value:C==="true",formatted:H(C==="true"),source:Vt("VISA_MOCK_KEYCHAIN",!!C)});let E=process.env.VISA_MOCK_TOUCHID;r.push({key:"dev.mockTouchid",value:E==="true",formatted:H(E==="true"),source:Vt("VISA_MOCK_TOUCHID",!!E)});let V=process.env.VISA_CLI_DEBUG;r.push({key:"dev.debug",value:!!V,formatted:H(!!V),source:Vt("VISA_CLI_DEBUG",!!V)})}return{entries:r,statusError:n}}function lo(e){switch(e.kind){case"default":return"default";case"env":return`env ${e.var}`;case"settings":return"settings.json";case"server":return"server";case"device":return"device";case"unset":return"unset";case"unknown":return`unknown (${e.reason})`}}function dr(e,t={}){if(e.length===0)return"";let n=Math.max(...e.map(o=>o.key.length)),r=Math.max(...e.map(o=>o.formatted.length)),s=[];for(let o of e){let i=o.key.padEnd(n+2),a=o.formatted.padEnd(r+2);s.push(`${i}${a}(${lo(o.source)})`),t.verbose&&o.hint&&s.push(`  ${"\u21B3".padStart(n)} ${o.hint}`)}return s.join(`
-`)}function fr(e){return JSON.stringify({config:e.entries.map(t=>({key:t.key,value:t.value,source:t.source,hint:t.hint})),statusError:e.statusError},null,2)}var j=class extends Error{constructor(t){super(t),this.name="PayValidationError"}},pr=["GET","POST"];function gr(e){let t;try{t=new URL(e)}catch{throw new j(`Invalid URL: ${e}. Expected a fully-qualified http(s) URL.`)}if(t.protocol!=="http:"&&t.protocol!=="https:")throw new j(`Unsupported URL scheme "${t.protocol}". Only http and https are allowed.`);return t}function mr(e){let t=(e??"GET").toUpperCase();if(!pr.includes(t))throw new j(`Unsupported HTTP method "${e}". Supported: ${pr.join(", ")}.`);return t}function hr(e){if(e!==void 0){try{JSON.parse(e)}catch(t){throw new j(`--body is not valid JSON: ${t?.message??"parse error"}`)}return e}}function yr(e){if(!e||typeof e!="object")throw new j("Merchant returned no payment preview.");let t=e;if(typeof t.amount!="number"||!Number.isFinite(t.amount)||t.amount<=0)throw new j("Could not determine payment amount from merchant.");if(typeof t.merchantName!="string"||t.merchantName.trim().length===0)throw new j("Merchant returned an empty merchant name.");if(t.merchantName.length>200)throw new j(`Merchant name too long (${t.merchantName.length} chars).`);if(typeof t.currency!="string"||t.currency.trim().length===0)throw new j("Merchant returned an empty currency.");if(t.currency.length>10)throw new j(`Currency code too long (${t.currency.length} chars).`);return{amount:t.amount,currency:t.currency,merchantName:t.merchantName}}var v=h(require("fs")),g=h(require("path")),Sr=h(require("os")),k=Sr.homedir(),uo=["Claude_","Anthropic.ClaudeDesktop_"],pe=class extends Error{constructor(n,r,s){super(po(n,r,s));this.client=n;this.configPath=r;this.name="McpConfigAccessError"}client;configPath};function vr(e){let t=e;return[t?.message,t?.stderr].filter(n=>typeof n=="string").join(`
-`)}function fo(e){let t=e;if(t?.code==="EPERM"||t?.code==="EACCES")return!0;let n=vr(e).toLowerCase();return n.includes("operation not permitted")||n.includes("permission denied")}function po(e,t,n){let r=t.replace(k,"~"),s=vr(n).split(`
-`).find(Boolean),o=s?` (${s})`:"";return e.id==="codex"?`Could not update Codex MCP config at ${r}: filesystem access was denied${o}. In Codex, rerun with elevated filesystem access or run \`visa-cli install codex\` outside the sandbox.`:`Could not update ${e.displayName} MCP config at ${r}: filesystem access was denied${o}.`}function Ce(){return process.env.APPDATA||g.join(k,"AppData","Roaming")}function go(){return process.env.LOCALAPPDATA||g.join(k,"AppData","Local")}function Ft(e){return process.platform==="win32"?e.win32:e.posix}function br(){if(process.platform!=="win32")return;let e=g.join(go(),"Packages");if(v.existsSync(e))try{let t=v.readdirSync(e,"utf-8");for(let n of uo){let r=t.filter(s=>s.startsWith(n)).sort()[0];if(r)return g.join(e,r,"LocalCache","Roaming","Claude")}}catch{return}}function wr(){if(process.platform==="win32"){let e=br();return e?g.join(e,"claude_desktop_config.json"):g.join(Ce(),"Claude","claude_desktop_config.json")}return g.join(k,"Library","Application Support","Claude","claude_desktop_config.json")}function _r(){if(process.platform!=="win32")return[g.join(k,"Library","Application Support","Claude")];let e=[g.join(Ce(),"Claude")],t=br();return t&&e.push(t),e}function tt(e){return e.id==="claude-desktop"?wr():e.globalConfigPath}function mo(e){return e.id==="claude-desktop"?_r():e.detectPaths}var q=[{id:"claude",displayName:"Claude Code",globalConfigPath:g.join(k,".claude.json"),configKey:"mcpServers",detectPaths:[g.join(k,".claude.json")],postInstallHint:"Restart Claude Code or run /mcp to connect."},{id:"claude-desktop",displayName:"Claude Desktop",globalConfigPath:wr(),configKey:"mcpServers",detectPaths:_r(),postInstallHint:"Restart the Claude desktop app to connect."},{id:"cursor",displayName:"Cursor",globalConfigPath:g.join(k,".cursor","mcp.json"),configKey:"mcpServers",detectPaths:[g.join(k,".cursor")],postInstallHint:"Restart Cursor to connect."},{id:"windsurf",displayName:"Windsurf",globalConfigPath:g.join(k,".codeium","windsurf","mcp_config.json"),configKey:"mcpServers",detectPaths:[g.join(k,".codeium","windsurf")],postInstallHint:"Restart Windsurf to connect."},{id:"cline",displayName:"Cline",globalConfigPath:g.join(k,".vscode","mcp.json"),configKey:"mcpServers",detectPaths:[g.join(k,".vscode","extensions","saoudrizwan.claude-dev-*")],postInstallHint:"Restart VS Code to connect."},{id:"roo-code",displayName:"Roo Code",globalConfigPath:Ft({win32:g.join(Ce(),"Roo","mcp_settings.json"),posix:g.join(k,".config","Roo","mcp_settings.json")}),configKey:"mcpServers",detectPaths:[g.join(k,".vscode","extensions","RooVeterinaryInc.roo-cline-*")],postInstallHint:"Restart VS Code to connect."},{id:"copilot",displayName:"VS Code Copilot",globalConfigPath:g.join(k,".vscode","mcp.json"),configKey:"servers",detectPaths:[g.join(k,".vscode")],postInstallHint:"Restart VS Code to connect."},{id:"zed",displayName:"Zed",globalConfigPath:Ft({win32:g.join(Ce(),"Zed","settings.json"),posix:g.join(k,".config","zed","settings.json")}),configKey:"context_servers",detectPaths:Ft({win32:[g.join(Ce(),"Zed")],posix:[g.join(k,".config","zed")]}),postInstallHint:"Restart Zed to connect.",buildEntry:e=>({source:"custom",...e})},{id:"codex",displayName:"Codex",globalConfigPath:g.join(k,".codex","config.toml"),configKey:"mcp_servers",configFormat:"toml",detectPaths:[g.join(k,".codex")],postInstallHint:"Restart Codex to connect. For the terminal HUD, run: visa-cli hud enable codex"}];function Bt(e){return q.find(t=>t.id===e)}function ke(e){return mo(e).some(t=>{if(t.includes("*")){let n=g.dirname(t),r=g.basename(t).replaceAll("*","");if(!v.existsSync(n))return!1;try{return v.readdirSync(n).some(s=>s.startsWith(r))}catch{return!1}}return v.existsSync(t)})}function Cr(){return{command:"node",args:[g.resolve(__dirname,"mcp-server/index.js")]}}function Kt(e,t){return t==="project"?"json":e.configFormat??"json"}function ho(e){if(e=e.trim(),e==="true")return!0;if(e==="false")return!1;if(e.startsWith('"')&&e.endsWith('"'))return e.slice(1,-1);if(e.startsWith("[")&&e.endsWith("]")){let n=e.slice(1,-1).trim();return n.length===0?[]:n.split(",").map(r=>r.trim()).filter(Boolean).map(r=>r.startsWith('"')&&r.endsWith('"')?r.slice(1,-1):r)}let t=Number(e);return isNaN(t)?e:t}function qt(e,t){let n=`[mcp_servers.${t}]`,r=e.findIndex(o=>o.trim()===n);if(r===-1)return;let s=r+1;for(;s<e.length&&!e[s].trim().startsWith("[");)s++;return{start:r,end:s}}function Gt(e,t){let n=e.split(`
-`),r=qt(n,t);if(!r)return;let s={};for(let o=r.start+1;o<r.end;o++){let i=n[o].trim().match(/^(\w+)\s*=\s*(.+)$/);i&&(s[i[1]]=ho(i[2]))}return Object.keys(s).length>0?s:void 0}function yo(e,t,n){let r=`[${n.args.map(c=>`"${c}"`).join(", ")}]`,s=[`[mcp_servers.${t}]`,`command = "${n.command}"`,`args = ${r}`],o=e.split(`
+`)}catch{}}function ve(){try{b.unlinkSync(nr())}catch{}}function ir(){let e=be();if(!b.existsSync(e))return null;try{return JSON.parse(b.readFileSync(e,"utf-8"))}catch{return null}}function no(){if(process.env.JEST_WORKER_ID)return;let e=nr();try{if(b.mkdirSync($.dirname(e),{recursive:!0}),!co(e))return;let t=process.argv[1]?$.resolve(process.argv[1]):"";if(!t){ve();return}let n=(0,er.spawn)(process.execPath,[t,"shell-hud","refresh"],{detached:!0,stdio:"ignore",env:{...process.env,VISA_CLI_SHELL_HUD_BACKGROUND:"1"}});n.once("error",ve),n.unref()}catch{ve()}}function At(e){let t=Number(typeof e=="string"?e:e??0);return Number.isFinite(t)?t:0}function we(e){return e.replace(/\u001B\][^\u0007]*(?:\u0007|\u001B\\)/g,"").replace(/\u001B\[[0-?]*[ -/]*[@-~]/g,"").replace(/\u001B[P_^][^\u001B]*(?:\u001B\\|\u0007)/g,"").replace(/[\u0000-\u0008\u000B-\u001F\u007F-\u009F]/g,"").replace(/\s+/g," ").trim()}function ro(e){let n=Math.round(Math.max(0,Math.min(1,e))*10),r="\u2588".repeat(n),s="\u2591".repeat(10-n);return`${U(r||"",L.green)}${U(s||"",L.dim)}`}function It(e){return`$${e.toFixed(2)}`}function so(e){let t=e.cards?.find(a=>a.isDefault)??e.cards?.[0];if(!t)return"card none";let n=typeof t.brand=="string"?t.brand:"card",r=typeof t.last4=="string"?t.last4:"????",s=we(n.toUpperCase()),o=we(r);return`${t.isDefault?"default":"active"} ${s} ****${o}`}function oo(){let e=(process.env.COLORTERM??"").toLowerCase();if(e==="truecolor"||e==="24bit")return!0;let t=(process.env.TERM??"").toLowerCase();return t.includes("truecolor")||t.includes("24bit")}var Lt=oo(),L={reset:"\x1B[0m",visaBlue:Lt?"\x1B[38;2;20;52;203m":"\x1B[38;5;27m",visaBlueSoft:Lt?"\x1B[38;2;97;126;229m":"\x1B[38;5;111m",visaGold:Lt?"\x1B[38;2;247;182;0m":"\x1B[38;5;220m",green:"\x1B[38;5;48m",dim:"\x1B[2m"};function U(e,t){return e.length===0||process.env.NO_COLOR?e:`${t}${e}${L.reset}`}function Qn(e){return e.replace(/[.*+?^${}()|[\]\\]/g,"\\$&")}function ar(){let e=Ye.homedir();if(!e||!$.isAbsolute(e))throw new Error("unable to determine a valid home directory");return $.resolve(e)}function io(e){return e==="powershell"?"& visa-cli shell-hud refresh":"visa-cli shell-hud refresh"}function ao(e){return e==="powershell"?"Get-Command visa-cli -ErrorAction SilentlyContinue -CommandType Application":"command -v visa-cli >/dev/null 2>&1"}function co(e){for(let t=0;t<2;t+=1){let n;try{return n=b.openSync(e,"wx"),b.writeFileSync(n,String(Date.now())),!0}catch(r){if(r?.code!=="EEXIST")return!1;try{let s=b.statSync(e);if(Date.now()-s.mtimeMs<=Ys)return!1;b.unlinkSync(e)}catch{}}finally{n!==void 0&&b.closeSync(n)}}return!1}function cr(e){return e instanceof Error?e.message:"unknown file system error"}function ze(e,t){b.mkdirSync($.dirname(e),{recursive:!0});let n=`${e}.${process.pid}.${Date.now()}.tmp`;b.writeFileSync(n,t),b.renameSync(n,e)}async function Ht(e,t){try{return await t()}catch(n){if(n.message==="Invalid signature"&&D()){ue.warn("attestation:key-mismatch",{action:"reregistering"});try{let r=await Ge();await e.registerAttestationKey(r),ue.info("attestation:key-reregistered")}catch(r){throw ue.error("attestation:reregister-failure",{error:r.message}),n}return await t()}throw n}}var lr="1.12.0-rc.1";function Vt(e,t){return t?{kind:"env",var:e}:{kind:"default"}}function lo(e,t,n){let r=process.env[e];if(r!==void 0&&r!=="")return{value:r,source:{kind:"env",var:e}};let s=wt(t);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:n,source:{kind:"default"}}}function _e(e,t,n){let r=process.env[e];if(r!==void 0)return{value:n==="opt-in"?r==="true":r!=="false",source:{kind:"env",var:e}};let s=Nn(t);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:n!=="opt-in",source:{kind:"default"}}}function H(e){return e==null?"\u2014":e?"yes":"no"}function et(e){return e==null?"\u2014":`$${e.toFixed(2)}`}async function ur(e){let t=null,n=null;try{t=await e.api.getStatus()}catch(C){n=C?.message||"unknown error"}let r=[],s=lo("VISA_AUTH_URL","auth.serverUrl","https://auth.visacli.sh");r.push({key:"auth.serverUrl",value:s.value,formatted:s.value,source:s.source,hint:s.source.kind==="default"?"Persist with `visa-cli config set auth.serverUrl <url>` (or set VISA_AUTH_URL for one-off overrides).":void 0}),r.push({key:"account.enrolled",value:t?.enrolled??null,formatted:H(t?.enrolled),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),t?.githubUser&&r.push({key:"account.githubUser",value:t.githubUser,formatted:t.githubUser,source:{kind:"server"}});let o=t?t.attestationRequired!==!1:void 0;r.push({key:"biometric.required",value:o,formatted:H(o),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"},hint:o===!1?"Touch ID prompts are suppressed. Re-enable with `visa-cli biometric on`.":void 0}),r.push({key:"biometric.keyRegistered",value:t?.hasAttestationKey??null,formatted:H(t?.hasAttestationKey),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"biometric.deviceAvailable",value:D(),formatted:H(D()),source:{kind:"device"}});let i=t?.spendingControls,a=i?i.max_transaction_amount??i.maxTransactionAmount??null:null,c=i?i.daily_limit??i.dailyLimit??null:null;r.push({key:"spending.maxPerTxn",value:a,formatted:et(a),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailyLimit",value:c,formatted:et(c),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailySpent",value:t?.dailySpent??null,formatted:et(t?.dailySpent),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"spending.dailyRemaining",value:t?.dailyRemaining??null,formatted:et(t?.dailyRemaining),source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}}),r.push({key:"cards.count",value:t?.cardCount??null,formatted:t?.cardCount!=null?String(t.cardCount):"\u2014",source:t?{kind:"server"}:{kind:"unknown",reason:n||"offline"}});let l=t?.cards?.find(C=>C.isDefault)??t?.cards?.[0];l&&r.push({key:"cards.default",value:{brand:l.brand??null,last4:l.last4},formatted:`${l.brand||"card"} \u2022\u2022\u2022\u2022 ${l.last4}`,source:{kind:"server"}});let u=_e("VISA_SUPPRESS_BROWSER","ui.suppressBrowser","opt-in");r.push({key:"ui.suppressBrowser",value:u.value,formatted:H(u.value),source:u.source,hint:"Persist with `visa-cli config set ui.suppressBrowser true` to stop auto-opening result URLs."});let f=_e("VISA_SUPPRESS_FEED","ui.suppressFeed","opt-in");r.push({key:"ui.suppressFeed",value:f.value,formatted:H(f.value),source:f.source});let y=W(),w;process.env.VISA_CLI_NO_UPDATE_CHECK?w={kind:"env",var:"VISA_CLI_NO_UPDATE_CHECK"}:process.env.CI?w={kind:"env",var:"CI"}:process.env.NODE_ENV==="test"?w={kind:"env",var:"NODE_ENV"}:w={kind:"default"},r.push({key:"ui.updateCheck",value:!y,formatted:H(!y),source:w});let d=_e("VISA_META_TOOLS","tools.meta","opt-out");r.push({key:"tools.meta",value:d.value,formatted:H(d.value),source:d.source,hint:"Persist with `visa-cli config set tools.meta false`. Restart Claude Code for changes to take effect."});let S=_e("VISA_SPECIFIC_TOOLS","tools.specific","opt-out");r.push({key:"tools.specific",value:S.value,formatted:H(S.value),source:S.source});let _=_e("VISA_DISCOVER_TOOLS","tools.discover","opt-out");if(r.push({key:"tools.discover",value:_.value,formatted:H(_.value),source:_.source}),r.push({key:"client.version",value:lr,formatted:lr,source:{kind:"default"}}),e.includeDev){let C=process.env.VISA_MOCK_KEYCHAIN;r.push({key:"dev.mockKeychain",value:C==="true",formatted:H(C==="true"),source:Vt("VISA_MOCK_KEYCHAIN",!!C)});let E=process.env.VISA_MOCK_TOUCHID;r.push({key:"dev.mockTouchid",value:E==="true",formatted:H(E==="true"),source:Vt("VISA_MOCK_TOUCHID",!!E)});let V=process.env.VISA_CLI_DEBUG;r.push({key:"dev.debug",value:!!V,formatted:H(!!V),source:Vt("VISA_CLI_DEBUG",!!V)})}return{entries:r,statusError:n}}function uo(e){switch(e.kind){case"default":return"default";case"env":return`env ${e.var}`;case"settings":return"settings.json";case"server":return"server";case"device":return"device";case"unset":return"unset";case"unknown":return`unknown (${e.reason})`}}function dr(e,t={}){if(e.length===0)return"";let n=Math.max(...e.map(o=>o.key.length)),r=Math.max(...e.map(o=>o.formatted.length)),s=[];for(let o of e){let i=o.key.padEnd(n+2),a=o.formatted.padEnd(r+2);s.push(`${i}${a}(${uo(o.source)})`),t.verbose&&o.hint&&s.push(`  ${"\u21B3".padStart(n)} ${o.hint}`)}return s.join(`
+`)}function fr(e){return JSON.stringify({config:e.entries.map(t=>({key:t.key,value:t.value,source:t.source,hint:t.hint})),statusError:e.statusError},null,2)}var j=class extends Error{constructor(t){super(t),this.name="PayValidationError"}},pr=["GET","POST"];function gr(e){let t;try{t=new URL(e)}catch{throw new j(`Invalid URL: ${e}. Expected a fully-qualified http(s) URL.`)}if(t.protocol!=="http:"&&t.protocol!=="https:")throw new j(`Unsupported URL scheme "${t.protocol}". Only http and https are allowed.`);return t}function mr(e){let t=(e??"GET").toUpperCase();if(!pr.includes(t))throw new j(`Unsupported HTTP method "${e}". Supported: ${pr.join(", ")}.`);return t}function hr(e){if(e!==void 0){try{JSON.parse(e)}catch(t){throw new j(`--body is not valid JSON: ${t?.message??"parse error"}`)}return e}}function yr(e){if(!e||typeof e!="object")throw new j("Merchant returned no payment preview.");let t=e;if(typeof t.amount!="number"||!Number.isFinite(t.amount)||t.amount<=0)throw new j("Could not determine payment amount from merchant.");if(typeof t.merchantName!="string"||t.merchantName.trim().length===0)throw new j("Merchant returned an empty merchant name.");if(t.merchantName.length>200)throw new j(`Merchant name too long (${t.merchantName.length} chars).`);if(typeof t.currency!="string"||t.currency.trim().length===0)throw new j("Merchant returned an empty currency.");if(t.currency.length>10)throw new j(`Currency code too long (${t.currency.length} chars).`);return{amount:t.amount,currency:t.currency,merchantName:t.merchantName}}var v=h(require("fs")),g=h(require("path")),Sr=h(require("os")),k=Sr.homedir(),fo=["Claude_","Anthropic.ClaudeDesktop_"],pe=class extends Error{constructor(n,r,s){super(go(n,r,s));this.client=n;this.configPath=r;this.name="McpConfigAccessError"}client;configPath};function vr(e){let t=e;return[t?.message,t?.stderr].filter(n=>typeof n=="string").join(`
+`)}function po(e){let t=e;if(t?.code==="EPERM"||t?.code==="EACCES")return!0;let n=vr(e).toLowerCase();return n.includes("operation not permitted")||n.includes("permission denied")}function go(e,t,n){let r=t.replace(k,"~"),s=vr(n).split(`
+`).find(Boolean),o=s?` (${s})`:"";return e.id==="codex"?`Could not update Codex MCP config at ${r}: filesystem access was denied${o}. In Codex, rerun with elevated filesystem access or run \`visa-cli install codex\` outside the sandbox.`:`Could not update ${e.displayName} MCP config at ${r}: filesystem access was denied${o}.`}function Ce(){return process.env.APPDATA||g.join(k,"AppData","Roaming")}function mo(){return process.env.LOCALAPPDATA||g.join(k,"AppData","Local")}function Ft(e){return process.platform==="win32"?e.win32:e.posix}function br(){if(process.platform!=="win32")return;let e=g.join(mo(),"Packages");if(v.existsSync(e))try{let t=v.readdirSync(e,"utf-8");for(let n of fo){let r=t.filter(s=>s.startsWith(n)).sort()[0];if(r)return g.join(e,r,"LocalCache","Roaming","Claude")}}catch{return}}function wr(){if(process.platform==="win32"){let e=br();return e?g.join(e,"claude_desktop_config.json"):g.join(Ce(),"Claude","claude_desktop_config.json")}return g.join(k,"Library","Application Support","Claude","claude_desktop_config.json")}function _r(){if(process.platform!=="win32")return[g.join(k,"Library","Application Support","Claude")];let e=[g.join(Ce(),"Claude")],t=br();return t&&e.push(t),e}function tt(e){return e.id==="claude-desktop"?wr():e.globalConfigPath}function ho(e){return e.id==="claude-desktop"?_r():e.detectPaths}var q=[{id:"claude",displayName:"Claude Code",globalConfigPath:g.join(k,".claude.json"),configKey:"mcpServers",detectPaths:[g.join(k,".claude.json")],postInstallHint:"Restart Claude Code or run /mcp to connect."},{id:"claude-desktop",displayName:"Claude Desktop",globalConfigPath:wr(),configKey:"mcpServers",detectPaths:_r(),postInstallHint:"Restart the Claude desktop app to connect."},{id:"cursor",displayName:"Cursor",globalConfigPath:g.join(k,".cursor","mcp.json"),configKey:"mcpServers",detectPaths:[g.join(k,".cursor")],postInstallHint:"Restart Cursor to connect."},{id:"windsurf",displayName:"Windsurf",globalConfigPath:g.join(k,".codeium","windsurf","mcp_config.json"),configKey:"mcpServers",detectPaths:[g.join(k,".codeium","windsurf")],postInstallHint:"Restart Windsurf to connect."},{id:"cline",displayName:"Cline",globalConfigPath:g.join(k,".vscode","mcp.json"),configKey:"mcpServers",detectPaths:[g.join(k,".vscode","extensions","saoudrizwan.claude-dev-*")],postInstallHint:"Restart VS Code to connect."},{id:"roo-code",displayName:"Roo Code",globalConfigPath:Ft({win32:g.join(Ce(),"Roo","mcp_settings.json"),posix:g.join(k,".config","Roo","mcp_settings.json")}),configKey:"mcpServers",detectPaths:[g.join(k,".vscode","extensions","RooVeterinaryInc.roo-cline-*")],postInstallHint:"Restart VS Code to connect."},{id:"copilot",displayName:"VS Code Copilot",globalConfigPath:g.join(k,".vscode","mcp.json"),configKey:"servers",detectPaths:[g.join(k,".vscode")],postInstallHint:"Restart VS Code to connect."},{id:"zed",displayName:"Zed",globalConfigPath:Ft({win32:g.join(Ce(),"Zed","settings.json"),posix:g.join(k,".config","zed","settings.json")}),configKey:"context_servers",detectPaths:Ft({win32:[g.join(Ce(),"Zed")],posix:[g.join(k,".config","zed")]}),postInstallHint:"Restart Zed to connect.",buildEntry:e=>({source:"custom",...e})},{id:"codex",displayName:"Codex",globalConfigPath:g.join(k,".codex","config.toml"),configKey:"mcp_servers",configFormat:"toml",detectPaths:[g.join(k,".codex")],postInstallHint:"Restart Codex to connect. For the terminal HUD, run: visa-cli hud enable codex"}];function Bt(e){return q.find(t=>t.id===e)}function ke(e){return ho(e).some(t=>{if(t.includes("*")){let n=g.dirname(t),r=g.basename(t).replaceAll("*","");if(!v.existsSync(n))return!1;try{return v.readdirSync(n).some(s=>s.startsWith(r))}catch{return!1}}return v.existsSync(t)})}function Cr(){return{command:"node",args:[g.resolve(__dirname,"mcp-server/index.js")]}}function Kt(e,t){return t==="project"?"json":e.configFormat??"json"}function yo(e){if(e=e.trim(),e==="true")return!0;if(e==="false")return!1;if(e.startsWith('"')&&e.endsWith('"'))return e.slice(1,-1);if(e.startsWith("[")&&e.endsWith("]")){let n=e.slice(1,-1).trim();return n.length===0?[]:n.split(",").map(r=>r.trim()).filter(Boolean).map(r=>r.startsWith('"')&&r.endsWith('"')?r.slice(1,-1):r)}let t=Number(e);return isNaN(t)?e:t}function qt(e,t){let n=`[mcp_servers.${t}]`,r=e.findIndex(o=>o.trim()===n);if(r===-1)return;let s=r+1;for(;s<e.length&&!e[s].trim().startsWith("[");)s++;return{start:r,end:s}}function Gt(e,t){let n=e.split(`
+`),r=qt(n,t);if(!r)return;let s={};for(let o=r.start+1;o<r.end;o++){let i=n[o].trim().match(/^(\w+)\s*=\s*(.+)$/);i&&(s[i[1]]=yo(i[2]))}return Object.keys(s).length>0?s:void 0}function So(e,t,n){let r=`[${n.args.map(c=>`"${c}"`).join(", ")}]`,s=[`[mcp_servers.${t}]`,`command = "${n.command}"`,`args = ${r}`],o=e.split(`
 `),i=qt(o,t);if(i){o.splice(i.start,i.end-i.start,...s);let c=o.join(`
 `);return c.endsWith(`
 `)?c:c+`
@@ -107,18 +107,18 @@ ${r}
 
 `:"")+s.join(`
 `)+`
-`}function So(e,t){let n=e.split(`
+`}function vo(e,t){let n=e.split(`
 `),r=qt(n,t);return r?(n.splice(r.start,r.end-r.start),n.join(`
 `).replace(/\n{3,}/g,`
 
-`)):e}function xe(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);try{let r=g.dirname(n);v.existsSync(r)||v.mkdirSync(r,{recursive:!0});let s=Kt(e,t),o=Cr();if(s==="toml"){let i=v.existsSync(n)?v.readFileSync(n,"utf-8"):"",a=yo(i,"visa-cli",o);v.writeFileSync(n,a)}else{let i={};if(v.existsSync(n))try{i=JSON.parse(v.readFileSync(n,"utf-8"))}catch{i={}}i[e.configKey]=i[e.configKey]||{},i[e.configKey]["visa-cli"]=e.buildEntry?e.buildEntry(o):o,v.writeFileSync(n,JSON.stringify(i,null,2)+`
-`)}}catch(r){throw fo(r)?new pe(e,n,r):r}return{installed:!0,configPath:n,message:e.postInstallHint}}function Jt(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);if(!v.existsSync(n))return{removed:!1,configPath:n};if(Kt(e,t)==="toml"){let i=v.readFileSync(n,"utf-8");return Gt(i,"visa-cli")?(v.writeFileSync(n,So(i,"visa-cli")),{removed:!0,configPath:n}):{removed:!1,configPath:n}}let s;try{s=JSON.parse(v.readFileSync(n,"utf-8"))}catch{return{removed:!1,configPath:n}}let o=s[e.configKey];return!o||!o["visa-cli"]?{removed:!1,configPath:n}:(delete o["visa-cli"],v.writeFileSync(n,JSON.stringify(s,null,2)+`
-`),{removed:!0,configPath:n})}function kr(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);if(!v.existsSync(n))return!1;if(Kt(e,t)==="toml")try{let s=v.readFileSync(n,"utf-8");return!!Gt(s,"visa-cli")}catch{return!1}try{return!!JSON.parse(v.readFileSync(n,"utf-8"))?.[e.configKey]?.["visa-cli"]}catch{return!1}}function vo(e){if(!e||typeof e!="object")return;let t=e;if(t.command!=="node"||!Array.isArray(t.args)||t.args.length===0)return;let n=t.args[t.args.length-1];if(!(typeof n!="string"||n.length===0))return n}function bo(e,t){if(e===t)return!0;let n=g.resolve(e),r=g.resolve(t);if(n===r)return!0;try{let s=v.realpathSync(n),o=v.realpathSync(r);return s===o}catch{return!1}}function $e(){let e=Cr(),t=e.args[e.args.length-1],n=[];for(let r of q){let s=tt(r);if(!v.existsSync(s))continue;let o=r.configFormat??"json",i;if(o==="toml")try{let l=v.readFileSync(s,"utf-8");i=Gt(l,"visa-cli")}catch{continue}else{let l;try{l=JSON.parse(v.readFileSync(s,"utf-8"))}catch{continue}i=l?.[r.configKey]?.["visa-cli"]}if(!i)continue;let a=vo(i);if(!a||bo(a,t))continue;let c=v.existsSync(a)?"mismatch":"missing";n.push({client:r,configPath:s,currentPath:a,expectedPath:t,staleReason:c})}return n}function Wt(e){return{configPath:xe(e.client,"global").configPath}}var xr=(0,Ar.promisify)(Tr.execFile);function wo(e){let t=R.homedir(),n=s=>s.replace(t,"~"),r=e.staleReason==="missing"?"path missing on disk":"path mismatch";return`   \u2022 ${e.client.displayName} (${n(e.configPath)})
-     ${r}: ${n(e.currentPath)}`}function Rr(e,t){if(e.length===0){console.log(`${t} \u2713 All MCP client configs are up to date.`);return}console.log(`${t} Found ${e.length} stale MCP config ${e.length===1?"entry":"entries"}:`);for(let n of e)console.log(wo(n))}function $r(e){console.log(`   ! ${e.client.displayName} skipped: ${e.message}`)}var T=new Er.Command,nt=null,Ee=!1;function M(){return nt=new le(()=>x.getSessionToken()),nt}function Ir(e){return`$${(e/100).toFixed(2)}`}function _o(e){let t=`visa-cli-${R.hostname()||"local"}`,n=(e?.trim()||t).trim();if(!n)throw new Error("API key label is required.");if(n.length>128)throw new Error("API key label must be 128 characters or fewer.");return n}function Co(e){if(!e)return;let t=e.split(",").map(s=>s.trim()).filter(Boolean),n=Array.from(new Set(t)),r=n.find(s=>s.length>64);if(r)throw new Error(`Tool id is too long: ${r}`);return n}function ko(e){if(!e)return;let t=Number(e);if(!Number.isFinite(t)||t<=0)throw new Error("--daily-cap must be a positive USD amount.");let n=Math.round(t*100);if(n<100||n>1e4)throw new Error("--daily-cap must be between 1 and 100 USD.");return n}function Lr(e){return e&&e.length>0?e.join(", "):"all tools"}T.name("visa-cli").description("Visa CLI - AI payment orchestration").version(dt().version);T.hook("preAction",async()=>{await sn()});T.command("setup").description("Register MCP server, authenticate, and generate attestation key").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").option("--yes","Accept setup prompts without asking \u2014 for CI/agent use").option("--hud","Also enable the Claude Code HUD during setup").option("--no-hud","Do not install the HUD during setup (default)").action(async e=>{try{if(e.check){let d=$e();Rr(d,"MCP config check:"),d.length>0&&(console.log("\nRun `visa-cli setup` (or `visa-cli install --repair`) to rewrite these entries."),process.exit(1));return}console.log("Step 1: Registering MCP server...");let t=$e(),n=new Map(t.map(d=>[d.client.id,d])),r=new Set,s=new Set,o=new Set;for(let d of q)if(ke(d)){let S;try{S=xe(d)}catch(E){if(E instanceof pe){$r(E),s.add(d.displayName),o.add(d.id);continue}throw E}let _=n.get(d.id),C=_?` \u2014 repaired stale ${_.staleReason} entry`:"";console.log(`   \u2713 ${d.displayName} (${S.configPath.replace(R.homedir(),"~")})${C}`),_&&r.add(d.id)}let i=t.filter(d=>!r.has(d.client.id)&&!o.has(d.client.id)),a=0;for(let d of i){try{Wt(d)}catch(S){if(S instanceof pe){$r(S),s.add(d.client.displayName),o.add(d.client.id);continue}throw S}console.log(`   \u2713 ${d.client.displayName} (${d.configPath.replace(R.homedir(),"~")}) \u2014 repaired stale ${d.staleReason} entry`),a++}let c=r.size+a;c===0&&s.size===0?console.log("   \u2713 MCP config verified \u2014 nothing to repair."):c>0&&console.log(`   \u2713 Repaired ${c} stale MCP config ${c===1?"entry":"entries"}.`),s.size>0&&console.log(`   ! Skipped MCP registration for: ${Array.from(s).join(", ")}. Rerun with access to those config files to complete registration.`),console.log(`
+`)):e}function xe(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);try{let r=g.dirname(n);v.existsSync(r)||v.mkdirSync(r,{recursive:!0});let s=Kt(e,t),o=Cr();if(s==="toml"){let i=v.existsSync(n)?v.readFileSync(n,"utf-8"):"",a=So(i,"visa-cli",o);v.writeFileSync(n,a)}else{let i={};if(v.existsSync(n))try{i=JSON.parse(v.readFileSync(n,"utf-8"))}catch{i={}}i[e.configKey]=i[e.configKey]||{},i[e.configKey]["visa-cli"]=e.buildEntry?e.buildEntry(o):o,v.writeFileSync(n,JSON.stringify(i,null,2)+`
+`)}}catch(r){throw po(r)?new pe(e,n,r):r}return{installed:!0,configPath:n,message:e.postInstallHint}}function Wt(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);if(!v.existsSync(n))return{removed:!1,configPath:n};if(Kt(e,t)==="toml"){let i=v.readFileSync(n,"utf-8");return Gt(i,"visa-cli")?(v.writeFileSync(n,vo(i,"visa-cli")),{removed:!0,configPath:n}):{removed:!1,configPath:n}}let s;try{s=JSON.parse(v.readFileSync(n,"utf-8"))}catch{return{removed:!1,configPath:n}}let o=s[e.configKey];return!o||!o["visa-cli"]?{removed:!1,configPath:n}:(delete o["visa-cli"],v.writeFileSync(n,JSON.stringify(s,null,2)+`
+`),{removed:!0,configPath:n})}function kr(e,t="global"){let n=t==="project"?g.join(process.cwd(),".mcp.json"):tt(e);if(!v.existsSync(n))return!1;if(Kt(e,t)==="toml")try{let s=v.readFileSync(n,"utf-8");return!!Gt(s,"visa-cli")}catch{return!1}try{return!!JSON.parse(v.readFileSync(n,"utf-8"))?.[e.configKey]?.["visa-cli"]}catch{return!1}}function bo(e){if(!e||typeof e!="object")return;let t=e;if(t.command!=="node"||!Array.isArray(t.args)||t.args.length===0)return;let n=t.args[t.args.length-1];if(!(typeof n!="string"||n.length===0))return n}function wo(e,t){if(e===t)return!0;let n=g.resolve(e),r=g.resolve(t);if(n===r)return!0;try{let s=v.realpathSync(n),o=v.realpathSync(r);return s===o}catch{return!1}}function $e(){let e=Cr(),t=e.args[e.args.length-1],n=[];for(let r of q){let s=tt(r);if(!v.existsSync(s))continue;let o=r.configFormat??"json",i;if(o==="toml")try{let l=v.readFileSync(s,"utf-8");i=Gt(l,"visa-cli")}catch{continue}else{let l;try{l=JSON.parse(v.readFileSync(s,"utf-8"))}catch{continue}i=l?.[r.configKey]?.["visa-cli"]}if(!i)continue;let a=bo(i);if(!a||wo(a,t))continue;let c=v.existsSync(a)?"mismatch":"missing";n.push({client:r,configPath:s,currentPath:a,expectedPath:t,staleReason:c})}return n}function Jt(e){return{configPath:xe(e.client,"global").configPath}}var xr=(0,Rr.promisify)(Tr.execFile);function _o(e){let t=A.homedir(),n=s=>s.replace(t,"~"),r=e.staleReason==="missing"?"path missing on disk":"path mismatch";return`   \u2022 ${e.client.displayName} (${n(e.configPath)})
+     ${r}: ${n(e.currentPath)}`}function Ar(e,t){if(e.length===0){console.log(`${t} \u2713 All MCP client configs are up to date.`);return}console.log(`${t} Found ${e.length} stale MCP config ${e.length===1?"entry":"entries"}:`);for(let n of e)console.log(_o(n))}function $r(e){console.log(`   ! ${e.client.displayName} skipped: ${e.message}`)}var T=new Er.Command,nt=null,Ee=!1;function M(){return nt=new le(()=>x.getSessionToken()),nt}function Ir(e){return`$${(e/100).toFixed(2)}`}function Co(e){let t=`visa-cli-${A.hostname()||"local"}`,n=(e?.trim()||t).trim();if(!n)throw new Error("API key label is required.");if(n.length>128)throw new Error("API key label must be 128 characters or fewer.");return n}function ko(e){if(!e)return;let t=e.split(",").map(s=>s.trim()).filter(Boolean),n=Array.from(new Set(t)),r=n.find(s=>s.length>64);if(r)throw new Error(`Tool id is too long: ${r}`);return n}function xo(e){if(!e)return;let t=Number(e);if(!Number.isFinite(t)||t<=0)throw new Error("--daily-cap must be a positive USD amount.");let n=Math.round(t*100);if(n<100||n>1e4)throw new Error("--daily-cap must be between 1 and 100 USD.");return n}function Lr(e){return e&&e.length>0?e.join(", "):"all tools"}T.name("visa-cli").description("Visa CLI - AI payment orchestration").version(dt().version);T.hook("preAction",async()=>{await sn()});T.command("setup").description("Register MCP server, authenticate, and generate attestation key").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").option("--yes","Accept setup prompts without asking \u2014 for CI/agent use").option("--hud","Also enable the Claude Code HUD during setup").option("--no-hud","Do not install the HUD during setup (default)").action(async e=>{try{if(e.check){let d=$e();Ar(d,"MCP config check:"),d.length>0&&(console.log("\nRun `visa-cli setup` (or `visa-cli install --repair`) to rewrite these entries."),process.exit(1));return}console.log("Step 1: Registering MCP server...");let t=$e(),n=new Map(t.map(d=>[d.client.id,d])),r=new Set,s=new Set,o=new Set;for(let d of q)if(ke(d)){let S;try{S=xe(d)}catch(E){if(E instanceof pe){$r(E),s.add(d.displayName),o.add(d.id);continue}throw E}let _=n.get(d.id),C=_?` \u2014 repaired stale ${_.staleReason} entry`:"";console.log(`   \u2713 ${d.displayName} (${S.configPath.replace(A.homedir(),"~")})${C}`),_&&r.add(d.id)}let i=t.filter(d=>!r.has(d.client.id)&&!o.has(d.client.id)),a=0;for(let d of i){try{Jt(d)}catch(S){if(S instanceof pe){$r(S),s.add(d.client.displayName),o.add(d.client.id);continue}throw S}console.log(`   \u2713 ${d.client.displayName} (${d.configPath.replace(A.homedir(),"~")}) \u2014 repaired stale ${d.staleReason} entry`),a++}let c=r.size+a;c===0&&s.size===0?console.log("   \u2713 MCP config verified \u2014 nothing to repair."):c>0&&console.log(`   \u2713 Repaired ${c} stale MCP config ${c===1?"entry":"entries"}.`),s.size>0&&console.log(`   ! Skipped MCP registration for: ${Array.from(s).join(", ")}. Rerun with access to those config files to complete registration.`),console.log(`
 Step 2: Checking authentication...`);let l=await x.getSessionToken();if(l)try{await new le(()=>Promise.resolve(l)).getStatus(),console.log("   Already authenticated.")}catch(d){let S=d instanceof Error?d.message:"";S.includes("session has expired")||S.includes("Not logged in")?(console.log("   Existing session expired \u2014 re-authenticating..."),await x.clearAll(),l=null):console.log(`   Couldn't verify session (${S||"unknown error"}) \u2014 continuing with existing token.`)}if(!l){let d=null;try{let{stdout:S}=await xr("gh",["auth","token"],{timeout:5e3});d=S.trim()}catch{}if(d||(d=process.env.GITHUB_TOKEN||null),d)try{console.log("   Found GitHub token \u2014 attempting headless login...");let S=await globalThis.fetch("https://auth.visacli.sh/v1/auth/token-exchange",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({github_token:d}),signal:AbortSignal.timeout(1e4)});if(S.ok){let _=await S.json();if(_.success&&_.sessionToken){let C=_.sessionToken;l=C,await x.saveSessionToken(C),console.log(`   Signed in as ${_.user} (headless).`)}}else(await S.json().catch(()=>({}))).hint==="card_required"&&console.log("   GitHub token valid but no card on file \u2014 opening browser for card enrollment...")}catch{}}if(l||(console.log("   No session found. Opening browser for GitHub login..."),l=await new Promise(async(d,S)=>{let _=rt.randomBytes(16).toString("hex"),C=`https://auth.visacli.sh/login?state=${_}`;await an(C);let E=3e4,V=300*1e3,ie=Date.now()+V;for(;Date.now()<ie;)try{let I=await globalThis.fetch("https://auth.visacli.sh/v1/auth-status",{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({state:_,timeout:E}),signal:AbortSignal.timeout(E+5e3)});if(!I.ok)continue;let F=await I.json();if(F.status==="pending")continue;if(F.status==="expired"){S(new Error("Session expired. Please run setup again."));return}if(F.status==="complete"&&F.sessionToken){console.log(`   Signed in as ${F.user}.`),d(F.sessionToken);return}}catch{}S(new Error("Login timed out after 5 minutes. Please run setup again."))}),await x.saveSessionToken(l),console.log("   Session token saved.")),console.log(`
-Step 3: Setting up authentication...`),!D())console.log("   Not macOS \u2014 skipping biometric setup.");else{try{await xr("clang",["--version"])}catch{console.error("   Xcode Command Line Tools are required for payment authentication."),console.error("   Install them by running: xcode-select --install"),console.error("   Then re-run: visa-cli setup"),process.exit(1)}try{let d=await Ge();console.log("   Attestation key generated."),await M().registerAttestationKey(d),console.log("   Attestation key registered with server.")}catch(d){console.log(`   Skipped: ${d.message}`)}}let u=se.join(R.homedir(),".claude","settings.json"),f=Pr.existsSync(se.join(R.homedir(),".claude.json"));if(e.hud===!0)if(!f)console.log(`
+Step 3: Setting up authentication...`),!D())console.log("   Not macOS \u2014 skipping biometric setup.");else{try{await xr("clang",["--version"])}catch{console.error("   Xcode Command Line Tools are required for payment authentication."),console.error("   Install them by running: xcode-select --install"),console.error("   Then re-run: visa-cli setup"),process.exit(1)}try{let d=await Ge();console.log("   Attestation key generated."),await M().registerAttestationKey(d),console.log("   Attestation key registered with server.")}catch(d){console.log(`   Skipped: ${d.message}`)}}let u=se.join(A.homedir(),".claude","settings.json"),f=Pr.existsSync(se.join(A.homedir(),".claude.json"));if(e.hud===!0)if(!f)console.log(`
 Step 4: HUD requested, but Claude Code config was not detected.`),console.log("   Skipped. Enable later with: visa-cli hud enable");else{console.log(`
-Step 4: Enabling the Visa spend HUD...`);let d=De(u),S=d.installed==="new"||d.installed==="already-visa"||d.installed==="other-hud-present"?"   \u2713 ":"   Skipped: ";console.log(`${S}${d.message}`);try{let _=M(),C=await _.getStatus(),E={currentVersion:_.getClientVersion(),latestVersion:_.lastSignals?.updateAvailable?.version,updateMessage:_.lastSignals?.updateAvailable?.message,updateCheckDisabled:J()},V=Ut(C,E);Mt(V),console.log(`   Preview: ${V.split(`
+Step 4: Enabling the Visa spend HUD...`);let d=De(u),S=d.installed==="new"||d.installed==="already-visa"||d.installed==="other-hud-present"?"   \u2713 ":"   Skipped: ";console.log(`${S}${d.message}`);try{let _=M(),C=await _.getStatus(),E={currentVersion:_.getClientVersion(),latestVersion:_.lastSignals?.updateAvailable?.version,updateMessage:_.lastSignals?.updateAvailable?.message,updateCheckDisabled:W()},V=Ut(C,E);Mt(V),console.log(`   Preview: ${V.split(`
 `)[0]}`)}catch{}}let y="\x1B[1m",w="\x1B[0m";console.log(`
  \u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557
  \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557
@@ -137,24 +137,24 @@ Step 4: Enabling the Visa spend HUD...`);let d=De(u),S=d.installed==="new"||d.in
   ${y}Verify:${w}  visa-cli status
   ${y}HUD:${w}     visa-cli hud enable
   ${y}Docs:${w}    https://visacli.sh
-`)}catch(t){console.error("Error:",t.message),process.exit(1)}});T.command("install [client]").description("Register MCP server with an AI client (claude, cursor, windsurf, cline, zed, ...)").option("--all","Install for all detected clients").option("--list","Show supported clients and install status").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").option("--repair","Repair stale MCP client configs without re-running the full setup flow").option("--scope <scope>","Install scope: global or project","global").action(async(e,t)=>{try{if(t.check){let o=$e();Rr(o,"MCP config check:"),o.length>0&&process.exit(1);return}if(t.repair){let o=$e();if(o.length===0){console.log("\u2713 MCP config verified \u2014 nothing to repair.");return}for(let i of o)Wt(i),console.log(`   \u2713 ${i.client.displayName} (${i.configPath.replace(R.homedir(),"~")}) \u2014 repaired stale ${i.staleReason} entry`);console.log(`
+`)}catch(t){console.error("Error:",t.message),process.exit(1)}});T.command("install [client]").description("Register MCP server with an AI client (claude, cursor, windsurf, cline, zed, ...)").option("--all","Install for all detected clients").option("--list","Show supported clients and install status").option("--check","Scan MCP client configs for stale visa-cli entries and exit without making changes").option("--repair","Repair stale MCP client configs without re-running the full setup flow").option("--scope <scope>","Install scope: global or project","global").action(async(e,t)=>{try{if(t.check){let o=$e();Ar(o,"MCP config check:"),o.length>0&&process.exit(1);return}if(t.repair){let o=$e();if(o.length===0){console.log("\u2713 MCP config verified \u2014 nothing to repair.");return}for(let i of o)Jt(i),console.log(`   \u2713 ${i.client.displayName} (${i.configPath.replace(A.homedir(),"~")}) \u2014 repaired stale ${i.staleReason} entry`);console.log(`
 Repaired ${o.length} stale MCP config ${o.length===1?"entry":"entries"}.`);return}if(t.list){console.log(`
 \x1B[1mSupported MCP Clients\x1B[0m
-`),console.log(`  ${"Client".padEnd(18)} ${"Detected".padEnd(10)} ${"Installed".padEnd(11)} Config Path`),console.log(`  ${"\u2500".repeat(18)} ${"\u2500".repeat(10)} ${"\u2500".repeat(11)} ${"\u2500".repeat(40)}`);for(let a of q){let c=ke(a),l=kr(a),u=c?"Yes":"No",f=l?"Yes":"No",y=a.globalConfigPath.replace(R.homedir(),"~");console.log(`  ${a.displayName.padEnd(18)} ${u.padEnd(10)} ${f.padEnd(11)} ${y}`)}console.log("");return}let n=t.scope==="project"?"project":"global";if(t.all){let o=[],i=[];for(let a of q){if(!ke(a)){i.push(a.displayName);continue}xe(a,n),o.push(a.displayName)}o.length>0&&console.log(`Installed for: ${o.join(", ")}.`),i.length>0&&console.log(`Skipped: ${i.map(a=>`${a} (not detected)`).join(", ")}.`),o.length===0&&i.length===0&&console.log("No supported clients found.");return}e||(console.error("Usage: visa-cli install <client>"),console.error("       visa-cli install --all"),console.error("       visa-cli install --list"),console.error(`
-Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let r=Bt(e);r||(console.error(`Unknown client: ${e}`),console.error(`Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1)),n==="global"&&!ke(r)&&(console.error(`${r.displayName} not detected on this machine.`),console.error(`Expected: ${r.detectPaths.join(", ")}`),process.exit(1));let s=xe(r,n);console.log(`Registered visa-cli MCP server in ${s.configPath}`),console.log(s.message)}catch(n){console.error("Error:",n.message),process.exit(1)}});T.command("uninstall [client]").description("Remove MCP server from an AI client").option("--all","Remove from all clients").option("--scope <scope>","Uninstall scope: global or project","global").action(async(e,t)=>{try{let n=t.scope==="project"?"project":"global";if(t.all){let o=[];for(let i of q)Jt(i,n).removed&&o.push(i.displayName);o.length>0?console.log(`Removed visa-cli from: ${o.join(", ")}.`):console.log("visa-cli was not installed in any client.");return}e||(console.error("Usage: visa-cli uninstall <client>"),console.error("       visa-cli uninstall --all"),console.error(`
-Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let r=Bt(e);r||(console.error(`Unknown client: ${e}`),console.error(`Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let s=Jt(r,n);s.removed?console.log(`Removed visa-cli from ${s.configPath}`):console.log(`visa-cli was not installed for ${r.displayName}.`)}catch(n){console.error("Error:",n.message),process.exit(1)}});T.command("pay <url>").description("Pay a merchant URL (amount auto-detected from HTTP 402 response)").option("-m, --method <method>","HTTP method (GET or POST)","GET").option("-b, --body <json>","JSON request body for POST endpoints").action(async(e,t)=>{try{gr(e);let n=mr(t.method),r=hr(t.body),s=new le(()=>x.getSessionToken());console.log(`Checking payment for ${e}...`);let o=yr(await s.paymentPreview({url:e}));console.log(`  Merchant: ${o.merchantName}`),console.log(`  Amount:   $${o.amount.toFixed(2)} ${o.currency}`),console.log(`  Rail:     auto-detected
+`),console.log(`  ${"Client".padEnd(18)} ${"Detected".padEnd(10)} ${"Installed".padEnd(11)} Config Path`),console.log(`  ${"\u2500".repeat(18)} ${"\u2500".repeat(10)} ${"\u2500".repeat(11)} ${"\u2500".repeat(40)}`);for(let a of q){let c=ke(a),l=kr(a),u=c?"Yes":"No",f=l?"Yes":"No",y=a.globalConfigPath.replace(A.homedir(),"~");console.log(`  ${a.displayName.padEnd(18)} ${u.padEnd(10)} ${f.padEnd(11)} ${y}`)}console.log("");return}let n=t.scope==="project"?"project":"global";if(t.all){let o=[],i=[];for(let a of q){if(!ke(a)){i.push(a.displayName);continue}xe(a,n),o.push(a.displayName)}o.length>0&&console.log(`Installed for: ${o.join(", ")}.`),i.length>0&&console.log(`Skipped: ${i.map(a=>`${a} (not detected)`).join(", ")}.`),o.length===0&&i.length===0&&console.log("No supported clients found.");return}e||(console.error("Usage: visa-cli install <client>"),console.error("       visa-cli install --all"),console.error("       visa-cli install --list"),console.error(`
+Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let r=Bt(e);r||(console.error(`Unknown client: ${e}`),console.error(`Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1)),n==="global"&&!ke(r)&&(console.error(`${r.displayName} not detected on this machine.`),console.error(`Expected: ${r.detectPaths.join(", ")}`),process.exit(1));let s=xe(r,n);console.log(`Registered visa-cli MCP server in ${s.configPath}`),console.log(s.message)}catch(n){console.error("Error:",n.message),process.exit(1)}});T.command("uninstall [client]").description("Remove MCP server from an AI client").option("--all","Remove from all clients").option("--scope <scope>","Uninstall scope: global or project","global").action(async(e,t)=>{try{let n=t.scope==="project"?"project":"global";if(t.all){let o=[];for(let i of q)Wt(i,n).removed&&o.push(i.displayName);o.length>0?console.log(`Removed visa-cli from: ${o.join(", ")}.`):console.log("visa-cli was not installed in any client.");return}e||(console.error("Usage: visa-cli uninstall <client>"),console.error("       visa-cli uninstall --all"),console.error(`
+Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let r=Bt(e);r||(console.error(`Unknown client: ${e}`),console.error(`Supported clients: ${q.map(o=>o.id).join(", ")}`),process.exit(1));let s=Wt(r,n);s.removed?console.log(`Removed visa-cli from ${s.configPath}`):console.log(`visa-cli was not installed for ${r.displayName}.`)}catch(n){console.error("Error:",n.message),process.exit(1)}});T.command("pay <url>").description("Pay a merchant URL (amount auto-detected from HTTP 402 response)").option("-m, --method <method>","HTTP method (GET or POST)","GET").option("-b, --body <json>","JSON request body for POST endpoints").action(async(e,t)=>{try{gr(e);let n=mr(t.method),r=hr(t.body),s=new le(()=>x.getSessionToken());console.log(`Checking payment for ${e}...`);let o=yr(await s.paymentPreview({url:e}));console.log(`  Merchant: ${o.merchantName}`),console.log(`  Amount:   $${o.amount.toFixed(2)} ${o.currency}`),console.log(`  Rail:     auto-detected
 `);let a=(await s.getStatus()).attestationRequired!==!1;a&&!D()&&console.warn("Warning: Touch ID unavailable on this system \u2014 payment will proceed without biometric attestation.");let c=rt.randomUUID(),l=await Ht(s,async()=>{let u;if(a&&D())try{let{nonce:f}=await s.getAttestationChallenge(),y=Buffer.from(JSON.stringify({nonce:f,amount:o.amount,merchant:o.merchantName,context:e})).toString("base64");u={signature:await Pt(y,`pay $${o.amount.toFixed(2)} to ${o.merchantName}`),nonce:f,amount:o.amount,merchant:o.merchantName}}catch(f){throw new Error(`Touch ID confirmation failed: ${f?.message||"user cancelled or biometric error"}`)}return s.pay({url:e,method:n,body:r,attestation:u,idempotencyKey:c})});if(l.success){if(console.log(`Payment complete: $${(l.amount??o.amount).toFixed(2)} \u2192 ${l.merchantName??o.merchantName}`),l.receipt?.urls?.length){console.log(`
-Result URLs:`);for(let u of l.receipt.urls)console.log(`  ${u}`)}}else console.error(`Payment failed: ${l.message||"Unknown error"}`),process.exit(1)}catch(n){n instanceof j?console.error(`Error: ${n.message}`):console.error("Error:",n.message),process.exit(1)}});T.command("status").description("Check enrollment, cards, wallet, and spending controls").action(async()=>{Ee=!1;try{let e=M(),t=await e.getStatus(),n={currentVersion:e.getClientVersion(),latestVersion:e.lastSignals.updateAvailable?.version,updateMessage:e.lastSignals.updateAvailable?.message,updateCheckDisabled:J()},r=await e.getTransactions().catch(s=>{if(process.env.VISA_CLI_DEBUG){let o=s instanceof Error?s.message:String(s);process.stderr.write(`[visa-cli] getTransactions failed (HUD will omit): ${o}
-`)}return{transactions:[]}});process.stdout.write(Zn(t,Array.isArray(r?.transactions)?r.transactions:[],D(),n)),Ee=!0}catch(e){Ee=!1,console.error("Error:",e.message),process.exit(1)}});var zt=T.command("api-key").alias("api-keys").description("Create and manage API keys for apps and agents");function Yt(e){let t=e instanceof Error?e.message:String(e);console.error("Error:",t),t.includes("Not logged in")&&(console.error(""),console.error("Hint: if `visa-cli status` or `visa-cli setup` says you are authenticated, this process may not have access to your macOS Keychain."),console.error("In sandboxed agents such as Codex, rerun the api-key command with keychain access or run it from a normal terminal.")),process.exit(1)}zt.command("create [label]").description("Create an API key for the authenticated approved user").option("--tools <ids>","Comma-separated allowed tool ids (default: all tools)").option("--daily-cap <usd>","Daily cap in USD, between 1 and 100 (default: server default)").option("--json","Output raw JSON").action(async(e,t)=>{try{let r=await M().createAppApiKey({label:_o(e),allowed_tools:Co(t.tools),daily_cap_cents:ko(t.dailyCap)});if(t.json){console.log(JSON.stringify(r,null,2));return}console.log("API key created."),console.log(""),console.log(`Key:           ${r.key}`),console.log(`Label:         ${r.label}`),console.log(`Owner:         ${r.owner}`),console.log(`Allowed tools: ${Lr(r.allowed_tools)}`),console.log(`Daily cap:     ${Ir(r.daily_cap_cents)}/day`),console.log(""),console.log("Store this key now. It will not be shown again."),console.log(""),console.log("Example:"),console.log("  curl -X POST https://auth.visacli.sh/v1/api/shortcuts/generate_image_card \\"),console.log(`    -H "X-Api-Key: ${r.key}" \\`),console.log('    -H "Content-Type: application/json" \\'),console.log(`    -d '{"prompt":"a neon cityscape at dusk"}'`)}catch(n){Yt(n)}});zt.command("list").description("List API keys for the authenticated user").option("--json","Output raw JSON").action(async e=>{try{let n=await M().listAppApiKeys();if(e.json){console.log(JSON.stringify(n,null,2));return}let r=n.keys||[];if(r.length===0){console.log("No API keys found. Create one with: visa-cli api-key create");return}console.log("API keys"),console.log("");for(let s of r)console.log(`${s.id}. ${s.label} (${s.key_prefix})`),console.log(`   Status:        ${s.status}`),console.log(`   Owner:         ${s.owner}`),console.log(`   Allowed tools: ${Lr(s.allowed_tools)}`),console.log(`   Daily cap:     ${Ir(s.daily_cap_cents)}/day`),console.log(`   Last used:     ${s.last_used_at||"never"}`)}catch(t){Yt(t)}});zt.command("revoke <id>").alias("delete").description("Revoke (or delete) an API key by id").action(async e=>{try{let t=Number(e);if(!Number.isInteger(t)||t<=0)throw new Error("API key id must be a positive integer. Run `visa-cli api-key list` first.");let r=await M().revokeAppApiKey(t);console.log(`Revoked API key ${r.revoked}.`)}catch(t){Yt(t)}});T.command("reset").description("Log out and clear all credentials").action(async()=>{try{console.log(`Resetting Visa CLI...
+Result URLs:`);for(let u of l.receipt.urls)console.log(`  ${u}`)}}else console.error(`Payment failed: ${l.message||"Unknown error"}`),process.exit(1)}catch(n){n instanceof j?console.error(`Error: ${n.message}`):console.error("Error:",n.message),process.exit(1)}});T.command("status").description("Check enrollment, cards, wallet, and spending controls").action(async()=>{Ee=!1;try{let e=M(),t=await e.getStatus(),n={currentVersion:e.getClientVersion(),latestVersion:e.lastSignals.updateAvailable?.version,updateMessage:e.lastSignals.updateAvailable?.message,updateCheckDisabled:W()},r=await e.getTransactions().catch(s=>{if(process.env.VISA_CLI_DEBUG){let o=s instanceof Error?s.message:String(s);process.stderr.write(`[visa-cli] getTransactions failed (HUD will omit): ${o}
+`)}return{transactions:[]}});process.stdout.write(Zn(t,Array.isArray(r?.transactions)?r.transactions:[],D(),n)),Ee=!0}catch(e){Ee=!1,console.error("Error:",e.message),process.exit(1)}});var zt=T.command("api-key").alias("api-keys").description("Create and manage API keys for apps and agents");function Yt(e){let t=e instanceof Error?e.message:String(e);console.error("Error:",t),t.includes("Not logged in")&&(console.error(""),console.error("Hint: if `visa-cli status` or `visa-cli setup` says you are authenticated, this process may not have access to your macOS Keychain."),console.error("In sandboxed agents such as Codex, rerun the api-key command with keychain access or run it from a normal terminal.")),process.exit(1)}zt.command("create [label]").description("Create an API key for the authenticated approved user").option("--tools <ids>","Comma-separated allowed tool ids (default: all tools)").option("--daily-cap <usd>","Daily cap in USD, between 1 and 100 (default: server default)").option("--json","Output raw JSON").action(async(e,t)=>{try{let r=await M().createAppApiKey({label:Co(e),allowed_tools:ko(t.tools),daily_cap_cents:xo(t.dailyCap)});if(t.json){console.log(JSON.stringify(r,null,2));return}console.log("API key created."),console.log(""),console.log(`Key:           ${r.key}`),console.log(`Label:         ${r.label}`),console.log(`Owner:         ${r.owner}`),console.log(`Allowed tools: ${Lr(r.allowed_tools)}`),console.log(`Daily cap:     ${Ir(r.daily_cap_cents)}/day`),console.log(""),console.log("Store this key now. It will not be shown again."),console.log(""),console.log("Example:"),console.log("  curl -X POST https://auth.visacli.sh/v1/api/shortcuts/generate_image_card \\"),console.log(`    -H "X-Api-Key: ${r.key}" \\`),console.log('    -H "Content-Type: application/json" \\'),console.log(`    -d '{"prompt":"a neon cityscape at dusk"}'`)}catch(n){Yt(n)}});zt.command("list").description("List API keys for the authenticated user").option("--json","Output raw JSON").action(async e=>{try{let n=await M().listAppApiKeys();if(e.json){console.log(JSON.stringify(n,null,2));return}let r=n.keys||[];if(r.length===0){console.log("No API keys found. Create one with: visa-cli api-key create");return}console.log("API keys"),console.log("");for(let s of r)console.log(`${s.id}. ${s.label} (${s.key_prefix})`),console.log(`   Status:        ${s.status}`),console.log(`   Owner:         ${s.owner}`),console.log(`   Allowed tools: ${Lr(s.allowed_tools)}`),console.log(`   Daily cap:     ${Ir(s.daily_cap_cents)}/day`),console.log(`   Last used:     ${s.last_used_at||"never"}`)}catch(t){Yt(t)}});zt.command("revoke <id>").alias("delete").description("Revoke (or delete) an API key by id").action(async e=>{try{let t=Number(e);if(!Number.isInteger(t)||t<=0)throw new Error("API key id must be a positive integer. Run `visa-cli api-key list` first.");let r=await M().revokeAppApiKey(t);console.log(`Revoked API key ${r.revoked}.`)}catch(t){Yt(t)}});T.command("reset").description("Log out and clear all credentials").action(async()=>{try{console.log(`Resetting Visa CLI...
 `);try{await M().logout(),console.log("   Server session invalidated.")}catch{console.log("   Server logout skipped (no active session).")}if(await x.clearAll(),console.log("   Keychain credentials cleared."),D())try{await zn(),console.log("   Secure Enclave key deleted.")}catch{console.log("   No Secure Enclave key to delete.")}console.log(`
-Reset complete.`)}catch(e){console.error("Error:",e.message),process.exit(1)}});T.command("feedback").description("Submit feedback about Visa CLI").argument("[message]","Your feedback message").action(async e=>{(!e||e.trim().length===0)&&(console.log('Usage: visa-cli feedback "your message"'),process.exit(1));try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1)),await M().feedback(e.trim()),console.log("Feedback submitted. Thanks!")}catch(t){console.error("Error:",t.message),process.exit(1)}});var Xt=T.command("config").description("Inspect the CLI configuration");Xt.command("list").description("Show resolved config values (env vars, server state, defaults) with their source").option("--json","Output as JSON for scripting / agent consumption").option("--dev","Include developer/test hooks (VISA_MOCK_*, VISA_CLI_DEBUG)").option("--verbose","Show one-line hints beneath entries that have them").action(async e=>{try{let t=M(),n=await ur({api:t,includeDev:!!e.dev});if(e.json){console.log(fr(n));return}n.statusError&&(console.error(`Warning: could not reach auth server (${n.statusError}).`),console.error("Server-sourced entries show '\u2014'. Log in with `visa-cli setup` if you expected values here."),console.error("")),console.log(dr(n.entries,{verbose:!!e.verbose}))}catch(t){console.error("Error:",t.message),process.exit(1)}});function xo(){return Object.entries(he).map(([e,t])=>`  ${e.padEnd(22)} (${t.type}) ${t.description}`).join(`
+Reset complete.`)}catch(e){console.error("Error:",e.message),process.exit(1)}});T.command("feedback").description("Submit feedback about Visa CLI").argument("[message]","Your feedback message").action(async e=>{(!e||e.trim().length===0)&&(console.log('Usage: visa-cli feedback "your message"'),process.exit(1));try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1)),await M().feedback(e.trim()),console.log("Feedback submitted. Thanks!")}catch(t){console.error("Error:",t.message),process.exit(1)}});var Xt=T.command("config").description("Inspect the CLI configuration");Xt.command("list").description("Show resolved config values (env vars, server state, defaults) with their source").option("--json","Output as JSON for scripting / agent consumption").option("--dev","Include developer/test hooks (VISA_MOCK_*, VISA_CLI_DEBUG)").option("--verbose","Show one-line hints beneath entries that have them").action(async e=>{try{let t=M(),n=await ur({api:t,includeDev:!!e.dev});if(e.json){console.log(fr(n));return}n.statusError&&(console.error(`Warning: could not reach auth server (${n.statusError}).`),console.error("Server-sourced entries show '\u2014'. Log in with `visa-cli setup` if you expected values here."),console.error("")),console.log(dr(n.entries,{verbose:!!e.verbose}))}catch(t){console.error("Error:",t.message),process.exit(1)}});function $o(){return Object.entries(he).map(([e,t])=>`  ${e.padEnd(22)} (${t.type}) ${t.description}`).join(`
 `)}Xt.command("set <key> <value>").description("Persist a CLI setting to ~/.visa-mcp/settings.json").addHelpText("after",`
 Settable keys:
-${xo()}`).action((e,t)=>{try{let n=Dn(e,t);console.log(`Saved ${n.key}=${JSON.stringify(n.value)} \u2192 ${n.path}`),n.requiresRestart&&console.log("Restart Claude Code (or your MCP-enabled client) for the change to take effect.")}catch(n){n instanceof ae||n instanceof ce?console.error(`Error: ${n.message}`):console.error(`Error: ${n.message}`),process.exit(1)}});Xt.command("unset <key>").description("Remove a CLI setting from ~/.visa-mcp/settings.json (falls back to env var or default)").action(e=>{try{let t=Un(e);t.removed?(console.log(`Removed ${t.key} from ${t.path}`),t.requiresRestart&&console.log("Restart Claude Code (or your MCP-enabled client) for the change to take effect.")):console.log(`No-op: ${t.key} was not set in ${t.path}.`)}catch(t){console.error(`Error: ${t.message}`),process.exit(1)}});var Zt=T.command("biometric").description("Manage Touch ID / biometric attestation enforcement");Zt.command("status").description("Show current biometric enforcement state").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let n=await M().getStatus(),r=n.attestationRequired!==!1,s=!!n.hasAttestationKey,o=D();console.log(`Server policy: Touch ID ${r?"REQUIRED":"NOT required"}`),console.log(`Attestation key registered: ${s?"yes":"no"}`),console.log(`Touch ID available on this device: ${o?"yes":"no"}`)}catch(e){console.error("Error:",e.message),process.exit(1)}});Zt.command("on").description("Require Touch ID for payments (security upgrade \u2014 no Touch ID needed)").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let t=M(),n=await t.setBiometricPreference({required:!0});n.success||(console.error(`Failed: ${n.error||"unknown error"}`),process.exit(1)),console.log("Touch ID is now REQUIRED for payments."),(await t.getStatus()).hasAttestationKey||console.warn("Note: no attestation key is registered yet. Run `visa-cli setup` to enroll Touch ID.")}catch(e){console.error("Error:",e.message),process.exit(1)}});Zt.command("off").description("Disable Touch ID requirement (security downgrade \u2014 one Touch ID confirmation required)").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let t=M(),n=await t.getStatus();if(n.attestationRequired===!1){console.log("Touch ID is already disabled.");return}n.hasAttestationKey&&!D()&&(console.error("Touch ID is unavailable on this device but the server has a registered key."),console.error("Disable Touch ID from a device that can sign, or contact support."),process.exit(1));let r=await Ht(t,async()=>{let s;if(n.hasAttestationKey&&D())try{let{nonce:o}=await t.getAttestationChallenge(),i=0,a="",c=Buffer.from(JSON.stringify({nonce:o,amount:i,merchant:a,context:"biometric-preference"})).toString("base64");s={signature:await Pt(c,"disable Touch ID requirement"),nonce:o,amount:i,merchant:a}}catch(o){throw new Error(`Touch ID confirmation failed: ${o?.message||"cancelled"}`)}return t.setBiometricPreference({required:!1,attestation:s})});r.success||(console.error(`Failed: ${r.error||"unknown error"}`),process.exit(1)),console.log("Touch ID is no longer required for payments.")}catch(e){console.error("Error:",e.message),process.exit(1)}});var oe=T.command("shell-hud").description("Manage the persistent Visa HUD shown in your shell prompt");function Nr(){let e=Ot();e.installed||(console.error(e.message),process.exit(1)),console.log(e.message)}function Or(){let e=Dt();e.removed||(console.error(e.message),process.exit(1)),console.log(e.message)}oe.command("install").description("Install the persistent shell HUD into your zsh or bash rc file").action(Nr);oe.command("enable").description("Enable the persistent shell HUD").action(Nr);oe.command("uninstall").description("Remove the persistent shell HUD from your shell rc file").action(Or);oe.command("disable").description("Disable the persistent shell HUD").action(Or);oe.command("segment").description("Print the cached shell HUD segment").action(()=>{process.stdout.write(`${jt()}
+${$o()}`).action((e,t)=>{try{let n=Dn(e,t);console.log(`Saved ${n.key}=${JSON.stringify(n.value)} \u2192 ${n.path}`),n.requiresRestart&&console.log("Restart Claude Code (or your MCP-enabled client) for the change to take effect.")}catch(n){n instanceof ae||n instanceof ce?console.error(`Error: ${n.message}`):console.error(`Error: ${n.message}`),process.exit(1)}});Xt.command("unset <key>").description("Remove a CLI setting from ~/.visa-mcp/settings.json (falls back to env var or default)").action(e=>{try{let t=Un(e);t.removed?(console.log(`Removed ${t.key} from ${t.path}`),t.requiresRestart&&console.log("Restart Claude Code (or your MCP-enabled client) for the change to take effect.")):console.log(`No-op: ${t.key} was not set in ${t.path}.`)}catch(t){console.error(`Error: ${t.message}`),process.exit(1)}});var Zt=T.command("biometric").description("Manage Touch ID / biometric attestation enforcement");Zt.command("status").description("Show current biometric enforcement state").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let n=await M().getStatus(),r=n.attestationRequired!==!1,s=!!n.hasAttestationKey,o=D();console.log(`Server policy: Touch ID ${r?"REQUIRED":"NOT required"}`),console.log(`Attestation key registered: ${s?"yes":"no"}`),console.log(`Touch ID available on this device: ${o?"yes":"no"}`)}catch(e){console.error("Error:",e.message),process.exit(1)}});Zt.command("on").description("Require Touch ID for payments (security upgrade \u2014 no Touch ID needed)").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let t=M(),n=await t.setBiometricPreference({required:!0});n.success||(console.error(`Failed: ${n.error||"unknown error"}`),process.exit(1)),console.log("Touch ID is now REQUIRED for payments."),(await t.getStatus()).hasAttestationKey||console.warn("Note: no attestation key is registered yet. Run `visa-cli setup` to enroll Touch ID.")}catch(e){console.error("Error:",e.message),process.exit(1)}});Zt.command("off").description("Disable Touch ID requirement (security downgrade \u2014 one Touch ID confirmation required)").action(async()=>{try{await x.getSessionToken()||(console.error("Not logged in. Run visa-cli setup first."),process.exit(1));let t=M(),n=await t.getStatus();if(n.attestationRequired===!1){console.log("Touch ID is already disabled.");return}n.hasAttestationKey&&!D()&&(console.error("Touch ID is unavailable on this device but the server has a registered key."),console.error("Disable Touch ID from a device that can sign, or contact support."),process.exit(1));let r=await Ht(t,async()=>{let s;if(n.hasAttestationKey&&D())try{let{nonce:o}=await t.getAttestationChallenge(),i=0,a="",c=Buffer.from(JSON.stringify({nonce:o,amount:i,merchant:a,context:"biometric-preference"})).toString("base64");s={signature:await Pt(c,"disable Touch ID requirement"),nonce:o,amount:i,merchant:a}}catch(o){throw new Error(`Touch ID confirmation failed: ${o?.message||"cancelled"}`)}return t.setBiometricPreference({required:!1,attestation:s})});r.success||(console.error(`Failed: ${r.error||"unknown error"}`),process.exit(1)),console.log("Touch ID is no longer required for payments.")}catch(e){console.error("Error:",e.message),process.exit(1)}});var oe=T.command("shell-hud").description("Manage the persistent Visa HUD shown in your shell prompt");function Nr(){let e=Ot();e.installed||(console.error(e.message),process.exit(1)),console.log(e.message)}function Or(){let e=Dt();e.removed||(console.error(e.message),process.exit(1)),console.log(e.message)}oe.command("install").description("Install the persistent shell HUD into your zsh or bash rc file").action(Nr);oe.command("enable").description("Enable the persistent shell HUD").action(Nr);oe.command("uninstall").description("Remove the persistent shell HUD from your shell rc file").action(Or);oe.command("disable").description("Disable the persistent shell HUD").action(Or);oe.command("segment").description("Print the cached shell HUD segment").action(()=>{process.stdout.write(`${jt()}
 `)});oe.command("doctor").description("Diagnose shell HUD installation and connectivity").action(async()=>{let{existsSync:e,readFileSync:t}=await import("fs"),n=!0,r=(f,y,w)=>{console.log(`  ${y?"\u2713":"\u2717"} ${f}: ${w}`),y||(n=!1)};console.log(`Shell HUD Doctor
-`);let s=Ze();if(r("Shell detected",!!s,s??"none (zsh, bash, or PowerShell required)"),s){let f=Qe(s),y=e(f);if(r("RC file exists",y,f.replace(R.homedir(),"~")),y){let d=t(f,"utf-8").includes("visa-cli shell hud v2");r("HUD block installed",d,d?"found in rc file":"missing \u2014 run: visa-cli shell-hud install")}}let o=be(),i=e(o);if(r("Cache file",i,i?o.replace(R.homedir(),"~"):"missing \u2014 HUD has not refreshed yet"),i)try{let f=JSON.parse(t(o,"utf-8")),y=Date.now()-(f.renderedAt??0),w=Math.round(y/1e3),d=w<=30;console.log(`  ${d?"\u2713":"\u26A0"} Cache freshness: ${w}s old${d?"":" (stale \u2014 will refresh on next prompt)"}`)}catch{r("Cache readable",!1,"corrupt JSON")}let a=Xe(),c=e(a),l="missing";if(c)try{l=t(a,"utf-8").trim().slice(0,80)}catch{l="unreadable"}r("Line file",c,l);let u=!1;try{u=!!await x.getSessionToken()}catch{}if(r("Auth token",u,u?"found in keychain":"missing \u2014 run: visa-cli setup"),u)try{await M().getStatus(),r("API connectivity",!0,"GET /v1/status OK")}catch(f){let y=f instanceof Error?f.message:"unknown error";r("API connectivity",!1,y)}console.log(n?`
+`);let s=Ze();if(r("Shell detected",!!s,s??"none (zsh, bash, or PowerShell required)"),s){let f=Qe(s),y=e(f);if(r("RC file exists",y,f.replace(A.homedir(),"~")),y){let d=t(f,"utf-8").includes("visa-cli shell hud v2");r("HUD block installed",d,d?"found in rc file":"missing \u2014 run: visa-cli shell-hud install")}}let o=be(),i=e(o);if(r("Cache file",i,i?o.replace(A.homedir(),"~"):"missing \u2014 HUD has not refreshed yet"),i)try{let f=JSON.parse(t(o,"utf-8")),y=Date.now()-(f.renderedAt??0),w=Math.round(y/1e3),d=w<=30;console.log(`  ${d?"\u2713":"\u26A0"} Cache freshness: ${w}s old${d?"":" (stale \u2014 will refresh on next prompt)"}`)}catch{r("Cache readable",!1,"corrupt JSON")}let a=Xe(),c=e(a),l="missing";if(c)try{l=t(a,"utf-8").trim().slice(0,80)}catch{l="unreadable"}r("Line file",c,l);let u=!1;try{u=!!await x.getSessionToken()}catch{}if(r("Auth token",u,u?"found in keychain":"missing \u2014 run: visa-cli setup"),u)try{await M().getStatus(),r("API connectivity",!0,"GET /v1/status OK")}catch(f){let y=f instanceof Error?f.message:"unknown error";r("API connectivity",!1,y)}console.log(n?`
 All checks passed.`:`
-Some checks failed \u2014 see above.`),n||process.exit(1)});oe.command("refresh").description("Refresh the shell HUD cache (no-op if cache is fresh unless --force)").option("--force","Bypass the cache freshness gate and always refresh").action(async e=>{if(!(!e.force&&or()))try{let t=M(),n=await t.getStatus(),r={currentVersion:t.getClientVersion(),latestVersion:t.lastSignals.updateAvailable?.version,updateMessage:t.lastSignals.updateAvailable?.message,updateCheckDisabled:J()},s=Ut(n,r);Mt(s)}catch{}finally{ve()}});T.command("statusline").description("Output the Visa HUD for agent statusline integrations").option("--json","Output structured JSON for clients that render their own HUD").action(async e=>{try{let t=await Sn(),r=jt().split(`
+Some checks failed \u2014 see above.`),n||process.exit(1)});oe.command("refresh").description("Refresh the shell HUD cache (no-op if cache is fresh unless --force)").option("--force","Bypass the cache freshness gate and always refresh").action(async e=>{if(!(!e.force&&or()))try{let t=M(),n=await t.getStatus(),r={currentVersion:t.getClientVersion(),latestVersion:t.lastSignals.updateAvailable?.version,updateMessage:t.lastSignals.updateAvailable?.message,updateCheckDisabled:W()},s=Ut(n,r);Mt(s)}catch{}finally{ve()}});T.command("statusline").description("Output the Visa HUD for agent statusline integrations").option("--json","Output structured JSON for clients that render their own HUD").action(async e=>{try{let t=await Sn(),r=jt().split(`
 `)[0];if(e.json){let o=await wn(r,t);process.stdout.write(`${JSON.stringify(o,null,2)}
 `);return}let s=await vn(r,t);process.stdout.write(`${s}
-`)}catch(t){let n=t instanceof Error?t.message:"unknown error";console.error(`Failed to render Visa HUD: ${n}`),process.exit(1)}});var st=T.command("hud").description("Manage the Visa HUD for supported agent terminals");st.command("enable").description("Register Visa HUD for Claude Code or Codex").argument("[client]","Agent client to enable: claude, codex, or all","claude").action(e=>{let t=St(e);if(t||(console.error(`Unknown HUD client: ${e}`),console.error("Supported clients: claude, codex, all"),process.exit(1)),t==="claude"||t==="claude-code"||t==="all"){let n=se.join(R.homedir(),".claude","settings.json"),r=De(n);console.log(r.message),(r.installed==="error"||r.installed==="malformed-json")&&process.exit(1)}if(t==="codex"||t==="all"){let n=Ot();console.log(n.message),console.log("Codex structured HUD payload is available with: visa-cli statusline --json"),console.log("Codex does not currently expose a Claude-style command statusLine install path, so this enables the terminal HUD fallback."),n.installed||process.exit(1)}});st.command("disable").description("Remove Visa HUD from Claude Code or Codex terminal surfaces").argument("[client]","Agent client to disable: claude, codex, or all","claude").action(e=>{let t=St(e);t||(console.error(`Unknown HUD client: ${e}`),console.error("Supported clients: claude, codex, all"),process.exit(1));let n=!1,r=!1;if(t==="claude"||t==="claude-code"||t==="all"){let s=se.join(R.homedir(),".claude","settings.json"),o=pt(s);console.log(o.message),o.removed&&(r=!0),!o.removed&&t!=="all"&&(n=!0)}if(t==="codex"||t==="all"){let s=Dt();console.log(s.message),s.removed&&(r=!0),!s.removed&&t!=="all"&&(n=!0)}t==="all"&&!r&&(n=!0),n&&process.exit(1)});st.command("enable-claude").description("Register Visa HUD as the Claude Code statusLine").action(()=>{let e=se.join(R.homedir(),".claude","settings.json"),t=De(e);console.log(t.message),(t.installed==="error"||t.installed==="malformed-json")&&process.exit(1)});st.command("disable-claude").description("Remove Visa HUD from Claude Code statusLine (leaves other tools untouched)").action(()=>{let e=se.join(R.homedir(),".claude","settings.json"),t=pt(e);console.log(t.message),t.removed||process.exit(1)});T.hook("postAction",()=>{if(Ee){Ee=!1;return}nt&&Yn(nt.lastSignals)});T.parse();
+`)}catch(t){let n=t instanceof Error?t.message:"unknown error";console.error(`Failed to render Visa HUD: ${n}`),process.exit(1)}});var st=T.command("hud").description("Manage the Visa HUD for supported agent terminals");st.command("enable").description("Register Visa HUD for Claude Code or Codex").argument("[client]","Agent client to enable: claude, codex, or all","claude").action(e=>{let t=St(e);if(t||(console.error(`Unknown HUD client: ${e}`),console.error("Supported clients: claude, codex, all"),process.exit(1)),t==="claude"||t==="claude-code"||t==="all"){let n=se.join(A.homedir(),".claude","settings.json"),r=De(n);console.log(r.message),(r.installed==="error"||r.installed==="malformed-json")&&process.exit(1)}if(t==="codex"||t==="all"){let n=Ot();console.log(n.message),console.log("Codex structured HUD payload is available with: visa-cli statusline --json"),console.log("Codex does not currently expose a Claude-style command statusLine install path, so this enables the terminal HUD fallback."),n.installed||process.exit(1)}});st.command("disable").description("Remove Visa HUD from Claude Code or Codex terminal surfaces").argument("[client]","Agent client to disable: claude, codex, or all","claude").action(e=>{let t=St(e);t||(console.error(`Unknown HUD client: ${e}`),console.error("Supported clients: claude, codex, all"),process.exit(1));let n=!1,r=!1;if(t==="claude"||t==="claude-code"||t==="all"){let s=se.join(A.homedir(),".claude","settings.json"),o=pt(s);console.log(o.message),o.removed&&(r=!0),!o.removed&&t!=="all"&&(n=!0)}if(t==="codex"||t==="all"){let s=Dt();console.log(s.message),s.removed&&(r=!0),!s.removed&&t!=="all"&&(n=!0)}t==="all"&&!r&&(n=!0),n&&process.exit(1)});st.command("enable-claude").description("Register Visa HUD as the Claude Code statusLine").action(()=>{let e=se.join(A.homedir(),".claude","settings.json"),t=De(e);console.log(t.message),(t.installed==="error"||t.installed==="malformed-json")&&process.exit(1)});st.command("disable-claude").description("Remove Visa HUD from Claude Code statusLine (leaves other tools untouched)").action(()=>{let e=se.join(A.homedir(),".claude","settings.json"),t=pt(e);console.log(t.message),t.removed||process.exit(1)});T.hook("postAction",()=>{if(Ee){Ee=!1;return}nt&&Yn(nt.lastSignals)});T.parse();

package/dist/mcp-server/index.js

@@ -1,12 +1,12 @@
 #!/usr/bin/env node
-"use strict";var mr=Object.create;var it=Object.defineProperty;var pr=Object.getOwnPropertyDescriptor;var fr=Object.getOwnPropertyNames;var gr=Object.getPrototypeOf,hr=Object.prototype.hasOwnProperty;var yr=(r,e)=>()=>(e||r((e={exports:{}}).exports,e),e.exports);var _r=(r,e,t,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of fr(e))!hr.call(r,s)&&s!==t&&it(r,s,{get:()=>e[s],enumerable:!(n=pr(e,s))||n.enumerable});return r};var f=(r,e,t)=>(t=r!=null?mr(gr(r)):{},_r(e||!r||!r.__esModule?it(t,"default",{value:r,enumerable:!0}):t,r));var tr=yr((Qs,Jn)=>{Jn.exports={name:"@visa/cli",version:"1.11.0",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",pretest:"pnpm build",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:catalog-e2e":"jest --config jest.catalog-e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0",commander:"^12.1.0",zod:"^3.23.0"},devDependencies:{"@visa-cli/tools":"workspace:*","@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.31.0","@types/jest":"^30.0.0","@types/node":"^25.6.0","@typescript-eslint/eslint-plugin":"^8.59.0","@typescript-eslint/parser":"^8.59.0","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",jest:"^29.7.0",prettier:"^3.8.3","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},mcpName:"io.github.visa-crypto-labs/visa-cli",files:["bin/visa-cli.js","dist/","install.ps1","native/visa-keychain.m","server.json","README.md","LICENSE"]}});var ir=require("@modelcontextprotocol/sdk/server/index.js"),ar=require("@modelcontextprotocol/sdk/server/stdio.js"),V=require("@modelcontextprotocol/sdk/types.js");async function at(r,e){let t=e?.timeoutMs??3e4,n=new AbortController,s=setTimeout(()=>n.abort(),t);try{let{timeoutMs:o,...i}=e??{};return await fetch(r,{...i,signal:n.signal})}finally{clearTimeout(s)}}var b=class extends Error{retryable;code;reason;constructor(e,t,n,s){super(e),this.name="CardDeclinedError",this.retryable=t,this.code=n,this.reason=s}};var wr=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function ut(r,e){let t=ct(r),n=ct(e);if(!t||!n)return!1;for(let s=0;s<3;s++)if(t.main[s]!==n.main[s])return t.main[s]>n.main[s];return t.pre&&!n.pre?!1:!t.pre&&n.pre?!0:!t.pre&&!n.pre?!1:br(t.pre,n.pre)>0}function ct(r){if(typeof r!="string")return null;let t=r.trim().replace(/^v/,"").match(wr);return t?{main:[Number(t[1]),Number(t[2]),Number(t[3])],pre:t[4]??null}:null}function br(r,e){let t=r.split("."),n=e.split("."),s=Math.max(t.length,n.length);for(let o=0;o<s;o++){if(o>=t.length)return-1;if(o>=n.length)return 1;let i=t[o],u=n[o],l=/^\d+$/.test(i),c=/^\d+$/.test(u);if(l&&c){let p=Number(i)-Number(u);if(p!==0)return p}else{if(l)return-1;if(c)return 1;if(i<u)return-1;if(i>u)return 1}}return 0}function ye(){return!!(lt(process.env.VISA_CLI_NO_UPDATE_CHECK)||lt(process.env.CI)||process.env.NODE_ENV==="test")}function lt(r){if(r===void 0)return!1;let e=r.trim().toLowerCase();return!(e===""||e==="0"||e==="false"||e==="no"||e==="off")}var B=f(require("fs")),pt=f(require("path"));var _e=f(require("fs")),dt=f(require("path")),mt=f(require("os"));var He=dt.join(mt.homedir(),".visa-mcp"),U=class{static ensureConfigDir(){_e.existsSync(He)||_e.mkdirSync(He,{recursive:!0,mode:448})}static getConfigDir(){return He}static TOOL_STATES={login:!0,get_status:!0,get_cards:!0,add_card:!0,pay:!0,transaction_history:!0,update_spending_controls:!0,enroll_device:!1,verify_otp:!1,reset:!0,batch:!0,generate_x402_image:!1,browser_launch:!1,browser_navigate:!1,browser_snapshot:!1,browser_click:!1,browser_type:!1,browser_scroll:!1,generate_music_card:!1,generate_image_card:!0,query_onchain_prices_card:!0,generate_music_tempo_card:!0,check_music_status_tempo_card:!0,generate_image_fast_card:!0,pxlwall_card:!1,generate_video_tempo_card:!0};static loadToolStates(){return{...this.TOOL_STATES}}static getDisabledTools(){let e=new Set;for(let[t,n]of Object.entries(this.TOOL_STATES))n||e.add(t);return e}static isToolDisabled(e){return this.TOOL_STATES[e]===!1}};var vr="settings.json";function we(){return pt.join(U.getConfigDir(),vr)}var re={"auth.serverUrl":{type:"string",description:"Auth server base URL. Override for staging / self-hosted backends.",requiresRestart:!0,validate:r=>{if(typeof r!="string")throw new Error("auth.serverUrl must be a string");let e;try{e=new URL(r)}catch{throw new Error(`auth.serverUrl must be a valid URL (got: ${JSON.stringify(r)})`)}if(e.protocol!=="https:"&&e.protocol!=="http:")throw new Error(`auth.serverUrl must use http or https (got: ${e.protocol})`)}},"ui.suppressBrowser":{type:"boolean",description:"When true, the CLI/MCP server stops auto-opening result URLs in your browser."},"ui.suppressFeed":{type:"boolean",description:"When true, generated images/music are not auto-submitted to the public Made-with-Visa feed."},"tools.meta":{type:"boolean",description:"Show category meta-tools (generate_image, generate_music, ...). Restart required.",requiresRestart:!0},"tools.specific":{type:"boolean",description:"Show hardcoded per-merchant tools (generate_image_card, query_onchain_prices_card, ...). Restart required.",requiresRestart:!0},"tools.discover":{type:"boolean",description:"Show the dynamic-catalog tools (discover_tools, execute_tool). Restart required.",requiresRestart:!0}};function be(){let r=we();if(!B.existsSync(r))return{};try{let e=B.readFileSync(r,"utf-8"),t=JSON.parse(e);return!t||typeof t!="object"||Array.isArray(t)?{}:t}catch{return{}}}function ft(r){U.ensureConfigDir();let e=we(),t=`${e}.tmp`,n=JSON.stringify(r,null,2)+`
-`;B.writeFileSync(t,n,{mode:384}),B.renameSync(t,e)}function je(r){let e=be()[r];return typeof e=="string"?e:void 0}function z(r){let e=be()[r];if(typeof e=="boolean")return e;if(e==="true")return!0;if(e==="false")return!1}var J=class extends Error{constructor(e){let t=Object.keys(re).sort().join(", ");super(`Unknown setting "${e}". Settable keys: ${t}. For server-controlled values (biometric.*, spending.*) use the dedicated tools (biometric_on/off, update_spending_controls).`),this.name="UnknownSettingKeyError"}},Y=class extends Error{constructor(e){let t="";e.startsWith("biometric.")?t="biometric_on / biometric_off":e.startsWith("spending.")?t="update_spending_controls":e.startsWith("cards.")?t="add_card / remove_card / set_default_card":e.startsWith("account.")&&(t="login / reset"),super(`"${e}" is a server-controlled value and cannot be set via config set. `+(t?`Use ${t} instead.`:"No client-side override is supported.")),this.name="ServerOnlySettingError"}},gt=["biometric.","spending.","account.","cards.","biometric"];function ht(r,e){if(gt.some(o=>r.startsWith(o)))throw new Y(r);let t=re[r];if(!t)throw new J(r);let n;if(t.type==="boolean")if(typeof e=="boolean")n=e;else if(typeof e=="string"){let o=e.toLowerCase();if(o==="true")n=!0;else if(o==="false")n=!1;else throw new Error(`${r} expects true or false (got: ${JSON.stringify(e)})`)}else throw new Error(`${r} expects a boolean (got: ${typeof e})`);else{if(typeof e!="string"||e.length===0)throw new Error(`${r} expects a non-empty string`);n=e}t.validate&&t.validate(n);let s=be();return s[r]=n,ft(s),{key:r,value:n,requiresRestart:!!t.requiresRestart,path:we()}}function yt(r){if(gt.some(s=>r.startsWith(s)))throw new Y(r);let e=re[r];if(!e)throw new J(r);let t=be(),n=r in t;return n&&(delete t[r],ft(t)),{key:r,removed:n,requiresRestart:n&&!!e.requiresRestart,path:we()}}var Sr="https://auth.visacli.sh";function ve(){let r=process.env.VISA_AUTH_URL;if(r!==void 0&&r!=="")return r;let e=je("auth.serverUrl");return e!==void 0?e:Sr}function _t(){let r=process.env.VISA_SUPPRESS_BROWSER;return r!==void 0?r==="true":z("ui.suppressBrowser")??!1}function wt(){let r=process.env.VISA_SUPPRESS_FEED;return r!==void 0?r==="true":z("ui.suppressFeed")??!1}function ne(){let r=process.env.VISA_META_TOOLS;return r!==void 0?r!=="false":z("tools.meta")??!0}function se(){let r=process.env.VISA_SPECIFIC_TOOLS;return r!==void 0?r!=="false":z("tools.specific")??!0}function oe(){let r=process.env.VISA_DISCOVER_TOOLS;return r!==void 0?r!=="false":z("tools.discover")??!0}var Ve="1.11.0",Se=class{constructor(e){this.getSessionToken=e;this.baseUrl=ve()}getSessionToken;baseUrl;lastSignals={};parseServerSignals(e){if(this.lastSignals={},!ye()){let n=e.headers.get("X-Latest-Version"),s=e.headers.get("X-Update-Message");n&&ut(n,Ve)&&(this.lastSignals.updateAvailable={version:n,message:s||`Update available: v${n}. Run: npm install -g @visa/cli && visa-cli setup`})}let t=e.headers.get("X-Feedback-Prompt");if(t)try{this.lastSignals.feedbackPrompt=JSON.parse(t)}catch{}}getClientVersion(){return Ve}async request(e,t,n,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Sign up at https://visacli.sh or run: visa-cli setup");let u={Authorization:`Bearer ${i}`};o&&(e==="GET"?u["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):n={...n||{},user_context:o}),n&&(u["Content-Type"]="application/json");let l;try{l=await at(`${this.baseUrl}${t}`,{method:e,headers:{...u,"X-Visa-CLI-Version":Ve},body:n?JSON.stringify(n):void 0,timeoutMs:s})}catch(p){throw p.name==="AbortError"||p.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(l),l.status===401)throw new Error("Your session has expired. Run: visa-cli setup");if(l.status===429){let p=l.headers.get("Retry-After")||"3";throw new Error(`Rate limited \u2014 wait ${p}s. Tip: use the batch tool to combine multiple requests into one.`)}if(l.status===503)throw new Error("Visa CLI is temporarily unavailable. Check https://visacli.sh for status.");let c;try{c=await l.json()}catch{throw l.status===500?new Error(`Server error on ${t}. Try again or check https://visacli.sh for status.`):new Error(`Unexpected response from ${t}. Try again.`)}if(!l.ok)throw l.status===500?new Error(`Server error on ${t}. Try again or check https://visacli.sh for status.`):c?.declined?new b(c.error||"Your card was declined.",!!c.retryable,c.code,c.reason):new Error(c?.error||`Request failed (${l.status}). Try again.`);return c}async pay(e,t){return this.request("POST","/v1/pay",e,void 0,t)}async shortcut(e,t,n,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(e)}`,t,n,s)}async batch(e,t,n){return this.request("POST","/v1/batch",e,t,n)}async catalogSearch(e,t){let n=new URLSearchParams;e&&n.set("q",e),t&&n.set("category",t);let s=n.toString();return this.request("GET",`/v1/catalog${s?`?${s}`:""}`)}async catalogTool(e){try{return await this.request("GET",`/v1/catalog/${encodeURIComponent(e)}`)}catch{return null}}async paymentPreview(e,t){return this.request("POST","/v1/payment-preview",e,void 0,t)}async getStatus(e){return this.request("GET","/v1/status",void 0,void 0,e)}async getTransactions(e){return this.request("GET","/v1/transactions",void 0,void 0,e)}async updateSpendingControls(e,t){return this.request("POST","/v1/spending-controls",e,void 0,t)}async removeCard(e,t,n){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(e))}`,t,void 0,n)}async setDefaultCard(e,t,n){return this.request("POST",`/v1/cards/${encodeURIComponent(String(e))}/default`,t,void 0,n)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(e){return this.request("POST","/v1/attestation-key",{publicKey:e})}async setBiometricPreference(e,t){return this.request("POST","/v1/biometric-preference",{...e,confirm:!0},void 0,t)}async logout(e,t){return this.request("POST","/v1/logout",e,void 0,t)}async feedback(e,t,n){return this.request("POST","/v1/feedback",{message:e,...t&&{transaction_id:t}},void 0,n)}async createAppApiKey(e){return this.request("POST","/v1/api/keys",e)}async listAppApiKeys(){return this.request("GET","/v1/api/keys")}async revokeAppApiKey(e){return this.request("DELETE",`/v1/api/keys/${encodeURIComponent(String(e))}`)}async feedSubmit(e){return this.request("POST","/v1/feed",e)}async feedList(e){let t=new URLSearchParams;e?.tab&&t.set("tab",e.tab),e?.limit&&t.set("limit",String(e.limit)),e?.offset&&t.set("offset",String(e.offset));let n=t.toString();return this.request("GET",`/v1/feed${n?"?"+n:""}`)}async feedVote(e,t){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/vote`,{direction:t})}async feedApprove(e){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/approve`)}async feedDelete(e){return this.request("DELETE",`/v1/feed/${encodeURIComponent(e)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(e,t,n){return this.request("POST","/v1/feedback",{message:e,...t&&{transaction_id:t}},void 0,n)}async getFeedback(e,t){let n=new URLSearchParams;e&&n.set("limit",String(e));let s=n.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,t)}async submitRatedFeedback(e){return this.request("POST","/v1/feedback",e)}};var Ge=require("child_process"),Et=require("util"),xt=f(require("crypto")),k=f(require("fs")),Rt=f(require("os")),D=f(require("path"));var R=f(require("fs")),Be=f(require("path")),bt=f(require("os")),Ke=Be.join(bt.homedir(),".visa-mcp"),ae=Be.join(Ke,"mcp-server.log"),kr=5*1024*1024,Fe=null;function Tr(){R.existsSync(Ke)||R.mkdirSync(Ke,{recursive:!0,mode:448})}function Er(){if(!Fe){if(Tr(),R.existsSync(ae)&&R.statSync(ae).size>kr){let e=ae+".1";R.existsSync(e)&&R.unlinkSync(e),R.renameSync(ae,e)}Fe=R.createWriteStream(ae,{flags:"a"})}return Fe}function ke(r,...e){let t=new Date().toISOString(),n=e.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${t}] [${r}] ${n}
-`;process.stderr.write(s),Er().write(s)}var a={debug:(...r)=>ke("DEBUG",...r),info:(...r)=>ke("INFO",...r),warn:(...r)=>ke("WARN",...r),error:(...r)=>ke("ERROR",...r)};var ie=(0,Et.promisify)(Ge.execFile),xe=D.join(Rt.homedir(),".visa-mcp","bin"),X=D.join(xe,"Visa CLI"),xr=D.join(__dirname,"..","native"),vt="5",St=D.join(xe,"visa-keychain.version"),kt=D.join(xe,"visa-keychain.sha256");function Tt(r){let e=k.readFileSync(r);return xt.createHash("sha256").update(e).digest("hex")}async function It(){try{if(k.readFileSync(St,"utf-8").trim()===vt&&k.existsSync(X)){let n=k.readFileSync(kt,"utf-8").trim();if(Tt(X)!==n)a.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),k.unlinkSync(X);else return X}}catch{}let r=D.join(xr,"visa-keychain.m");if(k.existsSync(r)||(r=D.resolve(__dirname,"..","..","native","visa-keychain.m")),k.existsSync(r)||(r=D.resolve(__dirname,"..","native","visa-keychain.m")),!k.existsSync(r))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");k.mkdirSync(xe,{recursive:!0,mode:448});try{await ie("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",X,r],{timeout:3e4})}catch(t){throw t.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):t}let e=Tt(X);return k.writeFileSync(kt,e,{mode:384}),k.writeFileSync(St,vt,{mode:384}),X}async function At(r){let e=await It(),t;try{t=(await ie(e,r,{timeout:6e4})).stdout}catch(o){t=o.stdout||"";let i=t.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let n=t.trim();if(n.startsWith("OK:"))return n.slice(3);if(n==="OK")return;let s=n.startsWith("ERROR:")?n.slice(6):"Unknown error";throw new Error(s)}var We=null;function F(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:We!==null?We:(We=!0,!0)}var Te="visa-cli",Ee="attestation-key";async function Rr(r){try{await ie("security",["delete-generic-password","-s",Te,"-a",Ee],{timeout:5e3})}catch{}await ie("security",["add-generic-password","-s",Te,"-a",Ee,"-w",r],{timeout:5e3})}async function Ir(){try{let{stdout:r}=await ie("security",["find-generic-password","-s",Te,"-a",Ee,"-w"],{timeout:5e3});return r.trim()||null}catch{return null}}async function Ct(){let r=await At(["generate-key"]);if(!r)throw new Error("Key generation returned no output");let e=r.indexOf(":");if(e<0)throw new Error("Unexpected generate-key output format");let t=r.slice(0,e),n=r.slice(e+1);return await Rr(t),n}async function Ot(r,e){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let t=await Ir();if(!t)throw new Error("Attestation key not found. Run setup to generate a new key.");let n=await It(),s=["sign",r];return e&&s.push(e),new Promise((o,i)=>{let u=(0,Ge.execFile)(n,s,{timeout:6e4},(l,c)=>{let p=(c||"").trim();if(l){p.startsWith("ERROR:")?i(new Error(p.slice(6))):i(new Error(l.stderr?.trim()||l.message||"Unknown error"));return}p.startsWith("OK:")?o(p.slice(3)):i(new Error(p.startsWith("ERROR:")?p.slice(6):"Unknown error"))});u.stdin.write(t),u.stdin.end()})}async function Pt(){try{await ie("security",["delete-generic-password","-s",Te,"-a",Ee],{timeout:5e3})}catch{}try{await At(["delete-key"])}catch{}}var Ae=require("child_process"),Lt=require("util"),G=f(require("fs")),Ce=f(require("os")),Qe=f(require("path"));var K="0000000000000000000000000000000000000000000000000000000000000000";var M=(0,Lt.promisify)(Ae.execFile),Ze=Qe.join(Ce.homedir(),".visa-mcp"),ce=Qe.join(Ze,"session-token"),q="visa-cli",W="session-token",Re="rc-access",Ar=5e3,Ie=class extends Error{constructor(e){super(e),this.name="CredentialAccessError"}};function Cr(r){let e=r;return[e?.message,e?.stderr].filter(t=>typeof t=="string").join(`
-`)}function qt(r){let e=r;if(e?.code==="EPERM"||e?.code==="EACCES")return!0;let t=Cr(r).toLowerCase();return t.includes("operation not permitted")||t.includes("permission denied")}async function Or(){try{let{stdout:r}=await M("security",["find-generic-password","-s",q,"-a",W,"-w"],{timeout:5e3});return r.trim()||null}catch(r){if(qt(r))throw new Ie("Unable to read Visa CLI credentials from macOS Keychain. In sandboxed agents such as Codex, rerun with keychain access or run this command outside the sandbox.");return null}}async function Pr(r){try{try{await M("security",["delete-generic-password","-s",q,"-a",W],{timeout:5e3})}catch{}return await M("security",["add-generic-password","-s",q,"-a",W,"-w",r],{timeout:5e3}),!0}catch{return!1}}async function Lr(){try{await M("security",["delete-generic-password","-s",q,"-a",W],{timeout:5e3})}catch{}}async function qr(){if(!et())return null;try{let{stdout:r}=await M("secret-tool",["lookup","service",q,"account",W],{timeout:5e3});return r.trim()||null}catch{return null}}async function Ur(r){if(!et())return!1;try{let e=(0,Ae.execFile)("secret-tool",["store","--label",`${q} ${W}`,"service",q,"account",W]);return e.stdin?(e.stdin.write(r),e.stdin.end(),await Promise.race([new Promise((t,n)=>{e.on("exit",s=>s===0?t():n(new Error(`secret-tool exited ${s}`))),e.on("error",n)}),new Promise((t,n)=>setTimeout(()=>{e.kill(),n(new Error("secret-tool timed out"))},Ar))]),!0):!1}catch{return!1}}async function Nr(){if(et())try{await M("secret-tool",["clear","service",q,"account",W],{timeout:5e3})}catch{}}function et(){return!!process.env.DBUS_SESSION_BUS_ADDRESS}async function $r(){try{let{stdout:r}=await M("security",["find-generic-password","-s",q,"-a",Re,"-w"],{timeout:5e3});return r.trim()||null}catch{return null}}async function Dr(r){try{try{await M("security",["delete-generic-password","-s",q,"-a",Re],{timeout:5e3})}catch{}await M("security",["add-generic-password","-s",q,"-a",Re,"-w",r],{timeout:5e3})}catch{}}async function Mr(){try{await M("security",["delete-generic-password","-s",q,"-a",Re],{timeout:5e3})}catch{}}function ze(){try{return G.readFileSync(ce,"utf-8").trim()||null}catch(r){if(qt(r))throw new Ie(`Unable to read Visa CLI credentials from ${ce}. Check file permissions or rerun with access to the Visa CLI credential directory.`);return null}}function Ut(r){G.mkdirSync(Ze,{recursive:!0,mode:448}),G.writeFileSync(ce,r,{mode:384}),process.platform==="win32"&&Hr(ce)}function Xe(){try{G.unlinkSync(ce)}catch{}}function Hr(r){try{let e=Ce.userInfo().username;(0,Ae.execFile)("icacls",[r,"/inheritance:r","/grant:r",`${e}:F`],{timeout:5e3},t=>{t&&console.error(`[visa-cli] icacls ACL restriction failed: ${t.message}`)})}catch(e){console.error(`[visa-cli] Failed to invoke icacls: ${e instanceof Error?e.message:String(e)}`)}}function Ye(){switch(process.platform){case"darwin":return{get:Or,store:Pr,delete:Lr};case"linux":return{get:qr,store:Ur,delete:Nr};default:return{get:async()=>ze(),store:async r=>{try{return Ut(r),!0}catch{return!1}},delete:async()=>Xe(),storesInSessionFile:!0}}}var I=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let e=Ye(),t=await e.get();if(t)return t;let n=ze();return n?(await e.store(n),n):null}static async saveSessionToken(e){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;let t=Ye();if(await t.store(e)){if(await t.get()===e){t.storesInSessionFile||Xe();return}await t.delete()}if(Ut(e),ze()!==e)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${Ze} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?K:$r()}static async saveRcAccessToken(e){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await Dr(e)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;await Ye().delete(),Xe()}static async clearAll(){await this.deleteSessionToken(),await Mr()}};var Oe={generate_image:{intro:"Generate an AI image.",tiers:{balanced:{toolId:"fal-flux-pro",priceCents:4,notes:"FLUX Pro v1.1, 1K, ~10s (DEFAULT \u2014 good quality/speed tradeoff)"},fast:{toolId:"fal-flux-schnell",priceCents:1,notes:"FLUX Schnell, 1K, ~3s (drafts, iteration, cheapest)"},pro:{toolId:"fal-flux-pro-ultra",priceCents:6,notes:"FLUX Pro Ultra, 2K, ~30s (hero images, detail)"},text_heavy:{toolId:"fal-ideogram-v2",priceCents:8,notes:"Ideogram V2 \u2014 best when the image contains rendered text/logos"},vector:{toolId:"fal-recraft-v3",priceCents:5,notes:"Recraft V3 \u2014 vector/flat/illustration styles"}},guidance:"If the user didn't specify a tier, pick 'balanced' unless the prompt clearly signals otherwise (text \u2192 text_heavy, logo/icon \u2192 vector, quick test \u2192 fast, hero/print \u2192 pro).",inputProperties:{prompt:{type:"string",description:"Text description of the image to generate."},aspect_ratio:{type:"string",description:'Aspect ratio, e.g. "16:9", "1:1", "9:16".',default:"16:9"}},required:["prompt"]},generate_video:{intro:"Generate an AI video from a text prompt.",tiers:{balanced:{toolId:"fal-minimax-video",priceCents:15,notes:"MiniMax \u2014 good quality/price balance (DEFAULT)"},fast:{toolId:"fal-wan-video",priceCents:10,notes:"Wan \u2014 cheapest, shorter clips"},pro:{toolId:"fal-kling-video",priceCents:20,notes:"Kling \u2014 highest quality, cinematic"}},guidance:"Show the tier menu with prices unless the user specified one. Videos take 60-180s to generate.",inputProperties:{prompt:{type:"string",description:"Text description of the video scene."},aspect_ratio:{type:"string",description:'Aspect ratio, e.g. "16:9" or "9:16".',default:"16:9"}},required:["prompt"]},generate_music:{intro:"Generate an original music track from a prompt.",tiers:{suno:{toolId:"suno-music",priceCents:10,notes:"Suno v4 \u2014 songs with vocals, lyrics, full arrangement"}},guidance:"Takes ~60-90s. Returns an audio URL the user can play.",inputProperties:{prompt:{type:"string",description:"Musical style / mood / lyrics hint."},instrumental:{type:"boolean",description:"True for instrumental (no vocals), false for vocal track.",default:!1}},required:["prompt"]},generate_audio:{intro:"Generate speech or sound effects.",tiers:{tts:{toolId:"fal-metavoice",priceCents:3,notes:"MetaVoice \u2014 high-quality TTS from text"},sfx:{toolId:"fal-stable-audio",priceCents:4,notes:"Stable Audio \u2014 sound effects and ambient from a prompt"}},guidance:'Pick "tts" for spoken words, "sfx" for music-beds/effects/ambient.',inputProperties:{prompt:{type:"string",description:"Text to speak (tts) or description of sound (sfx)."}},required:["prompt"]},generate_3d:{intro:"Generate a 3D model from a text description.",tiers:{trellis:{toolId:"fal-trellis-3d",priceCents:8,notes:"Trellis \u2014 fast text-to-3D, returns a GLB mesh URL"}},guidance:"Takes ~30-60s. Returns a downloadable 3D mesh URL.",inputProperties:{prompt:{type:"string",description:"Description of the 3D object."}},required:["prompt"]},upscale_image:{intro:"Upscale an image to higher resolution.",tiers:{aura:{toolId:"fal-aura-sr",priceCents:3,notes:"Aura SR \u2014 default; preserves detail without hallucination"}},guidance:"Pass the existing image URL. Returns an upscaled version.",inputProperties:{image_url:{type:"string",description:"URL of the image to upscale."}},required:["image_url"]},transcribe_audio:{intro:"Transcribe speech in an audio/video URL to text.",tiers:{whisper:{toolId:"fal-whisper",priceCents:2,notes:"OpenAI Whisper \u2014 fast, multilingual"}},guidance:"Pass the URL. Returns the transcript text.",inputProperties:{audio_url:{type:"string",description:"URL of the audio or video file to transcribe."}},required:["audio_url"]},run_llm:{intro:"Run a text prompt through an LLM (OpenRouter). Token-metered \u2014 prices below are per 1M input/output tokens. Typical 500-in/500-out prompts cost 1\u20139\xA2 depending on model.",tiers:{fast:{toolId:"or-gpt-4o-mini",priceCents:1,notes:"GPT-4o Mini \u2014 $0.15/M in \xB7 $0.60/M out. Fastest, cheapest, good general-purpose (DEFAULT)"},reasoning:{toolId:"or-claude-sonnet",priceCents:9,notes:"Claude 3.5 Sonnet \u2014 $3.00/M in \xB7 $15.00/M out. Strong reasoning, long-context. ~20x pricier than `fast`."},deep_reasoning:{toolId:"or-deepseek-r1",priceCents:2,notes:"DeepSeek R1 \u2014 $0.55/M in \xB7 $2.19/M out. Deep chain-of-thought reasoning, mid-range pricing."},search:{toolId:"or-perplexity-sonar",priceCents:1,notes:"Perplexity Sonar \u2014 $1.00/M in \xB7 $1.00/M out. Search-augmented, web-grounded with citations."},open_source:{toolId:"or-llama-70b",priceCents:1,notes:"Llama 3.3 70B \u2014 $0.30/M in \xB7 $0.40/M out. Open-source large model."},coding:{toolId:"or-deepseek-chat",priceCents:1,notes:"DeepSeek Chat V3 \u2014 $0.30/M in \xB7 $0.88/M out. Strong at code generation."}},guidance:"Pick based on the user's need: fast (most questions, cheapest), reasoning (complex analysis \u2014 WARN user it's ~$0.09/call), search (questions about current events), coding (code generation), deep_reasoning (hard math/logic problems).",inputProperties:{prompt:{type:"string",description:"The user query."},system_prompt:{type:"string",description:"Optional system prompt to set model behavior."},max_tokens:{type:"number",description:"Maximum output tokens.",default:1024,minimum:1,maximum:8192},temperature:{type:"number",description:"Sampling temperature \u2014 0 is deterministic, higher is more creative.",default:.7,minimum:0,maximum:2}},required:["prompt"]}};function Nt(r){let e=Oe[r];if(!e)throw new Error(`Unknown meta-tool: ${r}`);let t=[e.intro,"","Tiers:"];for(let[n,s]of Object.entries(e.tiers)){let o=`$${(s.priceCents/100).toFixed(2)}`;t.push(`  - ${n.padEnd(15)} ${o.padStart(6)}  ${s.notes}`)}return t.push("",e.guidance),t.join(`
-`)}function $t(r){let e=Oe[r];if(!e)throw new Error(`Unknown meta-tool: ${r}`);let t=Object.keys(e.tiers);return{type:"object",properties:{tier:{type:"string",enum:t,default:t[0],description:`Quality/style tier. Default: ${t[0]}.`},...e.inputProperties},required:e.required??[]}}function Pe(r,e){if(!Q.includes(r))return r;let t=Oe[r];if(!t)return r;let n=Object.keys(t.tiers),s=e||n[0],o=t.tiers[s];if(!o)throw new Error(`Unknown tier '${s}' for ${r}. Valid tiers: ${n.join(", ")}`);return o.toolId}async function Dt(r,e,t){let n=Pe(r,e.tier),{tier:s,...o}=e;return y.executeTool({tool_id:n,...o},t)}var Q=Object.keys(Oe);function Mt(r=process.env,e=process.platform){return r.VISA_CLI_NO_BROWSER==="1"||r.VISA_CLI_NO_BROWSER==="true"?{headless:!0,reason:"VISA_CLI_NO_BROWSER is set"}:r.CI==="true"||r.CI==="1"?{headless:!0,reason:"CI environment detected"}:r.SSH_CONNECTION||r.SSH_TTY?{headless:!0,reason:"SSH session detected"}:e==="linux"&&!r.DISPLAY&&!r.WAYLAND_DISPLAY?{headless:!0,reason:"Linux with no $DISPLAY or $WAYLAND_DISPLAY"}:{headless:!1}}function Ht(r,e=process.platform){return e==="darwin"?{cmd:"open",args:[r]}:e==="win32"?{cmd:"cmd",args:["/c","start","",r]}:e==="linux"?{cmd:"xdg-open",args:[r]}:null}var me=f(require("crypto")),Wt=require("child_process"),O=f(require("fs")),pe=f(require("os")),fe=f(require("path"));var jr="# visa-cli-hud-v1";function Le(r){return typeof r!="string"?!1:r.includes(jr)?!0:r.includes("visa-cli")&&r.includes("statusline")}async function jt(r,e){try{return await e()}catch(t){if(t.message==="Invalid signature"&&F()){a.warn("attestation:key-mismatch",{action:"reregistering"});try{let n=await Ct();await r.registerAttestationKey(n),a.info("attestation:key-reregistered")}catch(n){throw a.error("attestation:reregister-failure",{error:n.message}),t}return await e()}throw t}}var Vt="1.11.0";function tt(r,e){return e?{kind:"env",var:r}:{kind:"default"}}function Vr(r,e,t){let n=process.env[r];if(n!==void 0&&n!=="")return{value:n,source:{kind:"env",var:r}};let s=je(e);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:t,source:{kind:"default"}}}function ue(r,e,t){let n=process.env[r];if(n!==void 0)return{value:t==="opt-in"?n==="true":n!=="false",source:{kind:"env",var:r}};let s=z(e);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:t!=="opt-in",source:{kind:"default"}}}function A(r){return r==null?"\u2014":r?"yes":"no"}function qe(r){return r==null?"\u2014":`$${r.toFixed(2)}`}async function Ft(r){let e=null,t=null;try{e=await r.api.getStatus()}catch(_){t=_?.message||"unknown error"}let n=[],s=Vr("VISA_AUTH_URL","auth.serverUrl","https://auth.visacli.sh");n.push({key:"auth.serverUrl",value:s.value,formatted:s.value,source:s.source,hint:s.source.kind==="default"?"Persist with `visa-cli config set auth.serverUrl <url>` (or set VISA_AUTH_URL for one-off overrides).":void 0}),n.push({key:"account.enrolled",value:e?.enrolled??null,formatted:A(e?.enrolled),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),e?.githubUser&&n.push({key:"account.githubUser",value:e.githubUser,formatted:e.githubUser,source:{kind:"server"}});let o=e?e.attestationRequired!==!1:void 0;n.push({key:"biometric.required",value:o,formatted:A(o),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"},hint:o===!1?"Touch ID prompts are suppressed. Re-enable with `visa-cli biometric on`.":void 0}),n.push({key:"biometric.keyRegistered",value:e?.hasAttestationKey??null,formatted:A(e?.hasAttestationKey),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"biometric.deviceAvailable",value:F(),formatted:A(F()),source:{kind:"device"}});let i=e?.spendingControls,u=i?i.max_transaction_amount??i.maxTransactionAmount??null:null,l=i?i.daily_limit??i.dailyLimit??null:null;n.push({key:"spending.maxPerTxn",value:u,formatted:qe(u),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailyLimit",value:l,formatted:qe(l),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailySpent",value:e?.dailySpent??null,formatted:qe(e?.dailySpent),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailyRemaining",value:e?.dailyRemaining??null,formatted:qe(e?.dailyRemaining),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"cards.count",value:e?.cardCount??null,formatted:e?.cardCount!=null?String(e.cardCount):"\u2014",source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}});let c=e?.cards?.find(_=>_.isDefault)??e?.cards?.[0];c&&n.push({key:"cards.default",value:{brand:c.brand??null,last4:c.last4},formatted:`${c.brand||"card"} \u2022\u2022\u2022\u2022 ${c.last4}`,source:{kind:"server"}});let p=ue("VISA_SUPPRESS_BROWSER","ui.suppressBrowser","opt-in");n.push({key:"ui.suppressBrowser",value:p.value,formatted:A(p.value),source:p.source,hint:"Persist with `visa-cli config set ui.suppressBrowser true` to stop auto-opening result URLs."});let h=ue("VISA_SUPPRESS_FEED","ui.suppressFeed","opt-in");n.push({key:"ui.suppressFeed",value:h.value,formatted:A(h.value),source:h.source});let S=ye(),T;process.env.VISA_CLI_NO_UPDATE_CHECK?T={kind:"env",var:"VISA_CLI_NO_UPDATE_CHECK"}:process.env.CI?T={kind:"env",var:"CI"}:process.env.NODE_ENV==="test"?T={kind:"env",var:"NODE_ENV"}:T={kind:"default"},n.push({key:"ui.updateCheck",value:!S,formatted:A(!S),source:T});let $=ue("VISA_META_TOOLS","tools.meta","opt-out");n.push({key:"tools.meta",value:$.value,formatted:A($.value),source:$.source,hint:"Persist with `visa-cli config set tools.meta false`. Restart Claude Code for changes to take effect."});let d=ue("VISA_SPECIFIC_TOOLS","tools.specific","opt-out");n.push({key:"tools.specific",value:d.value,formatted:A(d.value),source:d.source});let w=ue("VISA_DISCOVER_TOOLS","tools.discover","opt-out");if(n.push({key:"tools.discover",value:w.value,formatted:A(w.value),source:w.source}),n.push({key:"client.version",value:Vt,formatted:Vt,source:{kind:"default"}}),r.includeDev){let _=process.env.VISA_MOCK_KEYCHAIN;n.push({key:"dev.mockKeychain",value:_==="true",formatted:A(_==="true"),source:tt("VISA_MOCK_KEYCHAIN",!!_)});let L=process.env.VISA_MOCK_TOUCHID;n.push({key:"dev.mockTouchid",value:L==="true",formatted:A(L==="true"),source:tt("VISA_MOCK_TOUCHID",!!L)});let te=process.env.VISA_CLI_DEBUG;n.push({key:"dev.debug",value:!!te,formatted:A(!!te),source:tt("VISA_CLI_DEBUG",!!te)})}return{entries:n,statusError:t}}function Ue(){return ve()}var m=new Se(()=>I.getSessionToken()),Fr="1.11.0",Kr=["generate_image","generate_video","generate_music","generate_audio","generate_3d","upscale_image","transcribe_audio","run_llm"],Kt=["","","You're ready to go! Try:","","Core:",'\u2022 "Show my account status" \u2192 get_status','\u2022 "List my enrolled cards" \u2192 get_cards','\u2022 "Show my recent transactions" \u2192 transaction_history','\u2022 "Set my daily limit to $50" \u2192 update_spending_controls','\u2022 "Pay https://example.com/checkout" \u2192 pay','\u2022 "Generate 3 variations in parallel" \u2192 batch',"","Fast shortcuts:",'\u2022 "Generate an image of a sunset over Tokyo" \u2192 generate_image_card (~$0.06)','\u2022 "Make a fast thumbnail: minimalist cat logo" \u2192 generate_image_fast_card (~$0.04)','\u2022 "Make a 4-second video of a penguin juggling" \u2192 generate_video_tempo_card (~$0.30)','\u2022 "Make a song about coding late at night" \u2192 generate_music_tempo_card (~$0.10)','\u2022 "Check the status of my music job" \u2192 check_music_status_tempo_card','\u2022 "What is ETH on Base trading at?" \u2192 query_onchain_prices_card (~$0.02)','\u2022 "Explore stablecoin inflows on Base" \u2192 allium_explorer_card','\u2022 "Open the latest Allium result set" \u2192 allium_explorer_results_card','\u2022 "Show pxlwall campaign insights" \u2192 pxlwall_card',"","Category tools:",...Kr.map(r=>`\u2022 "${r.replace(/_/g," ")}" \u2192 ${r}`),"","Tool catalog:",'\u2022 "Find an image upscaler" \u2192 discover_tools','\u2022 "Run fal-aura-sr on this URL" \u2192 execute_tool'].join(`
-`);function C(r){if(!r||typeof r!="string"||_t())return;let e;try{e=new URL(r)}catch{return}if(e.protocol!=="https:"&&e.protocol!=="http:")return;let t=e.toString(),n=Mt();if(n.headless){a.info(`Browser auto-open skipped (${n.reason}). URL: ${t}`);return}let s=Ht(t);if(!s){a.info(`No browser command for platform "${pe.platform()}". URL: ${t}`);return}(0,Wt.execFile)(s.cmd,s.args,o=>{o&&a.warn(`Browser open failed: ${o.message}. URL: ${t}`)})}async function E(r){return jt(m,r)}function P(r,e){let t=r.retryable?`The processor returned a transient decline (code ${r.code??"unknown"}). This is not a permanent failure \u2014 it usually clears within ~60 seconds and is most often triggered by rapid successive charges on the same card. Tell the user the call was temporarily declined and that you will retry shortly, then wait at least 60 seconds before retrying the SAME call exactly once. Do not retry more than once. Do not assume the user has run out of funds.`:`The processor returned a non-retryable decline (code ${r.code??"unknown"}). Stop the current task and tell the user their card was declined for ${e.merchantName}. Suggest they check their card status, available balance, or try a different default card via 'visa-cli cards'. Do not retry automatically.`;return{success:!1,declined:!0,retryable:r.retryable,code:r.code,reason:r.reason,merchantName:e.merchantName,amount:e.amount,message:r.message,agent_guidance:t}}var le=null,Br=3e4;function Gt(){le=null}async function Wr(r){let e=Date.now();if(le&&le.expiresAt>e)return le.value;try{let n=(await m.getStatus(r)).attestationRequired!==!1;return le={value:n,expiresAt:e+Br},n}catch{return!0}}async function v(r,e,t,n,s){if(!F()){a.warn("attestation:unavailable",{context:r});return}if(!await Wr(s)){a.info("attestation:skipped-by-server-policy",{context:r});return}a.info("attestation:attempt",{context:r,amount:e,merchant:t});try{let{nonce:i}=await m.getAttestationChallenge(),u=Buffer.from(JSON.stringify({nonce:i,amount:e,merchant:t,context:r})).toString("base64");a.info("touchid:prompt",{context:r,amount:e,merchant:t});let l=await Ot(u,n);return a.info("attestation:success",{context:r,amount:e,merchant:t}),{signature:l,nonce:i,amount:e,merchant:t}}catch(i){throw a.error("attestation:failure",{context:r,amount:e,merchant:t,error:i.message}),i}}async function N(r,e,t){let n=await m.paymentPreview({tool:r,url:e},t);if(!n||!n.merchantName||!n.amount||n.amount<=0)throw new Error("Could not determine payment amount and merchant. Try again.");if(!Number.isFinite(n.amount)||n.amount<0||n.amount>999999)throw new Error(`Invalid payment amount: ${n.amount}. Payment rejected for safety.`);return n}function H(r){if(r.pricingMode==="max-cap"){let e=typeof r.estimatedAmount=="number"&&r.estimatedAmount>0?` (estimated $${r.estimatedAmount.toFixed(2)})`:"";return`pay up to $${r.amount.toFixed(2)} to ${r.merchantName}${e}`}return`pay $${r.amount.toFixed(2)} to ${r.merchantName}`}function Jt(){return fe.join(pe.homedir(),".visa-mcp","allium-results")}var Gr=16*1024,Jr=50*1024*1024,Yr=10;function zr(r){return r.replace(/[^A-Za-z0-9_\-]/g,"_").slice(0,128)}function Xr(r,e){let t=Jt();O.mkdirSync(t,{recursive:!0});let n=zr(r),s=fe.join(t,`${n}.csv`);O.writeFileSync(s,e);let o=Buffer.byteLength(e),i=e.split(`
-`),u=i[0]??"",l=i.slice(1).filter(h=>h.length>0),c=[u,...l.slice(0,Yr)].join(`
-`),p={file_path:s,row_count:l.length,size_bytes:o,columns:u,preview:c,truncated:!0};if(o>Jr){let h=(o/1048576).toFixed(1);a.warn("allium:large_csv_written",{sessionId:r,size_bytes:o,file_path:s}),p.warning=`Wrote ${h} MB to ${s}. Delete ~/.visa-mcp/allium-results/ files you no longer need \u2014 they are never auto-cleaned.`}return p}function Qr(){let r=Jt();try{if(!O.existsSync(r))return{file_count:0,size_bytes:0,path:r};let e=O.readdirSync(r),t=0,n=0;for(let s of e)try{let o=O.statSync(fe.join(r,s));o.isFile()&&(t+=o.size,n++)}catch{}return{file_count:n,size_bytes:t,path:r}}catch(e){return a.warn("allium:disk_usage_error",{error:e.message}),{file_count:0,size_bytes:0,path:r}}}async function ge(r){if(!wt())try{let e=await I.getSessionToken();if(!e)return;await fetch(`${Ue()}/v1/feed`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${e}`},body:JSON.stringify({prompt:r.prompt,tool:r.tool,media_url:r.mediaUrl,media_type:r.mediaType,cost:r.cost,transaction_id:r.transactionId,auto:!0,...r.userContext&&{user_context:r.userContext}}),signal:AbortSignal.timeout(5e3)}),a.info("feed:submitted",{tool:r.tool,mediaType:r.mediaType})}catch{}}async function Zr(r,e){if(!r.url||!r.url.trim())throw new Error("A URL is required for payments. Provide the merchant payment endpoint.");let t=await N(void 0,r.url,e);a.info("payment:attempt",{tool:"pay",amount:t.amount,merchant:t.merchantName,url:r.url});try{return await E(async()=>{let n=await v(r.url||"pay",t.amount,t.merchantName,H(t)),s=await m.pay({url:r.url||"",merchantName:r.merchantName||"Unknown",description:r.description||"",method:r.method,body:r.body,attestation:n,idempotencyKey:me.randomUUID()},e);return s.success?(a.info("payment:success",{tool:"pay",amount:t.amount,merchant:t.merchantName,rail:s.receipt?.rail}),s.receipt&&Nn(s.receipt)):a.warn("payment:declined",{tool:"pay",amount:t.amount,merchant:t.merchantName,message:s.message}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"pay",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"pay",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function en(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_image_card",void 0,e);a.info("payment:attempt",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_image_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_image_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_image_card",mediaUrl:s.urls[0],mediaType:"image",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_image_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function tn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_image_fast_card",void 0,e);a.info("payment:attempt",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_image_fast_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_image_fast_card",{...r,attestation:n},6e4,e);return a.info("payment:success",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_image_fast_card",mediaUrl:s.urls[0],mediaType:"image",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_image_fast_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function rn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_video_tempo_card",void 0,e);a.info("payment:attempt",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_video_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_video_tempo_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_video_tempo_card",mediaUrl:s.urls[0],mediaType:"video",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_video_tempo_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function nn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_music_tempo_card",void 0,e);a.info("payment:attempt",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_music_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_music_tempo_card",{...r,attestation:n},36e4,e);return a.info("payment:success",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length&&s.status!=="processing"?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_music_tempo_card",mediaUrl:s.urls[0],mediaType:"audio",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):s.urls?.length&&s.status==="processing"?(s._preliminary_urls=s.urls,delete s.urls,a.info("generation:processing",{tool:"generate_music_tempo_card",note:"URLs withheld until status is completed"})):a.warn("generation:no-urls",{tool:"generate_music_tempo_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function sn(r,e){let t=await N("check_music_status_tempo_card",void 0,e);a.info("payment:attempt",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("check_music_status_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("check_music_status_tempo_card",{...r,attestation:n},void 0,e);return a.info("payment:success",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length&&s.urls.forEach(o=>C(o)),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function on(r,e){if(!r.chain||!r.chain.trim())throw new Error('A chain is required (e.g., "ethereum", "solana").');if(!r.token_address||!r.token_address.trim())throw new Error("A token address is required. Provide the contract address for the token.");let t=await N("query_onchain_prices_card",void 0,e);a.info("payment:attempt",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("query_onchain_prices_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("query_onchain_prices_card",{...r,attestation:n},void 0,e);if(a.info("payment:success",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName}),Array.isArray(s?.data))s.data=s.data.map(o=>{if("mint"in o&&!("address"in o)){let{mint:i,...u}=o;return{address:i,...u}}return o});else if(s&&"mint"in s&&!("address"in s)){let{mint:o,...i}=s;return{address:o,...i}}return s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function an(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a natural language question about blockchain data.");let t=await N("allium_explorer_card",void 0,e);a.info("payment:attempt",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("allium_explorer_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("allium_explorer_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function cn(r,e){if(!r.session_id||!r.session_id.trim())throw new Error("A session_id is required. Use the session_id returned from allium_explorer_card.");let t=await N("allium_explorer_results_card",void 0,e);a.info("payment:attempt",{tool:"allium_explorer_results_card",amount:t.amount,pricingMode:t.pricingMode,estimatedAmount:t.estimatedAmount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("allium_explorer_results_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("allium_explorer_results_card",{...r,attestation:n},6e4,e);a.info("payment:success",{tool:"allium_explorer_results_card",amount:t.amount,actualCost:s?.actualCost,merchant:t.merchantName});let o=typeof s?.data?.results=="string"?s.data.results:void 0;if(o&&Buffer.byteLength(o)>Gr){let i=Xr(r.session_id,o),{results:u,...l}=s.data;return{...s,data:{...l,...i}}}return s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"allium_explorer_results_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"allium_explorer_results_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}var de="https://pxlwall.com";async function un(r){if([r.shape,r.text,r.pixels].filter(Boolean).length>1)throw new Error("Provide only one of: shape, text, or pixels. Cannot combine modes.");let t,n,s=r.position||"cheapest";if(typeof s=="string"&&s.startsWith("{"))try{s=JSON.parse(s)}catch{}if(r.shape)t=`${de}/api/agent/draw-shape`,n={shape:r.shape,color:r.color||"#ffffff",owner:r.owner,position:s},r.shape==="circle"?n.radius=r.size||10:r.shape==="rectangle"?(n.width=r.width||20,n.height=r.height||10):n.size=r.size||10;else if(r.text)t=`${de}/api/agent/draw-text`,n={text:r.text,color:r.color||"#ffffff",owner:r.owner,position:s};else if(r.pixels){if(r.pixels.length<100)throw new Error(`Minimum 100 pixels per purchase. You requested ${r.pixels.length}.`);for(let i of r.pixels)if(i.x<0||i.x>499||i.y<0||i.y>499)throw new Error(`Pixel (${i.x},${i.y}) is out of bounds. Grid is 500x500 (coordinates 0-499).`);t=`${de}/api/create-purchase-spec`,n={pixels:r.pixels,color:r.color||"#ffffff",owner:r.owner},r.colors&&(n.colors=r.colors)}else throw new Error("Provide one of: shape, text, or pixels.");let o=await fetch(t,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(n),signal:AbortSignal.timeout(15e3)});if(!o.ok){let i=await o.text().catch(()=>"");throw new Error(`pxlwall spec creation failed (${o.status}): ${i}`)}return o.json()}async function ln(r,e){let t=await un(r),n=t.pixels?.length??r.pixels?.length??0,s="pxlwall";a.info("payment:attempt",{tool:"pxlwall_card",amount:t.totalUSD,pixelCount:n,merchant:s});try{let o=await v("pxlwall_card",t.totalUSD,s,`pay $${t.totalUSD.toFixed(2)} to ${s} for ${n} pixels`),i=await m.shortcut("pxlwall_card",{specId:t.specId,attestation:o},6e4,e);return a.info("payment:success",{tool:"pxlwall_card",merchant:s}),C(de),i.urls?.length&&i.urls.forEach(u=>C(u)),{...i,specId:t.specId,pixelCount:n,totalUSD:t.totalUSD,canvasUrl:de}}catch(o){if(o instanceof b)return a.warn("payment:declined",{tool:"pxlwall_card",merchant:s,code:o.code,retryable:o.retryable}),P(o,{amount:0,merchantName:s});throw a.error("payment:failure",{tool:"pxlwall_card",merchant:s,error:o.message}),o}}var dn=["generate_music_tempo_card"],mn=36e4,pn=18e4,fn=15e3,gn=12e4,hn=2e3;async function yn(r,e){let t;if(r.requests?.some(d=>d.tool||d.tool_id)&&r.requests)t=r.requests.map(d=>{let w=d.tool||d.tool_id||r.tool;if(!w)throw new Error("Each request must specify tool or tool_id, or set tool at the top level.");let _=Pe(w,d.tier||r.tier),{tool:L,tool_id:te,tier:ss,...dr}=d;return{resolvedTool:_,params:dr}});else if(r.tool){let d=Pe(r.tool,r.tier);t=(r.requests||(r.count&&r.params?Array.from({length:r.count},()=>({...r.params})):[])).map(_=>({resolvedTool:d,params:_}))}else throw new Error("Batch requires a top-level tool or per-request tool/tool_id.");if(t.length===0)throw new Error("Batch requires at least one item.");let s=[...new Set(t.map(d=>d.resolvedTool))],o=s.length===1,i={};for(let d of s)i[d]=await N(d,void 0,e);let u=0;for(let d of t)u+=i[d.resolvedTool].amount;let l=[...new Set(Object.values(i).map(d=>d.merchantName))].join(", "),c=o?s[0]:"mixed";a.info("payment:attempt",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,heterogeneous:!o});let p=o?`pay $${u.toFixed(2)} to ${l} (${t.length} items, $${i[s[0]].amount.toFixed(2)} each)`:`pay $${u.toFixed(2)} to ${l} (${t.length} items across ${s.length} tools)`,h=o?t.map(d=>d.params):t.map(d=>({tool_id:d.resolvedTool,...d.params})),S=t.some(d=>dn.includes(d.resolvedTool)),T=t.some(d=>d.resolvedTool.startsWith("or-")||d.resolvedTool==="run_llm"||d.resolvedTool==="execute_tool"),$=S?mn:T?pn+t.length*fn:gn+t.length*hn;try{return await E(async()=>{let d=await v(`batch:${c}`,u,l,p),w=await m.batch({tool:o?s[0]:c,requests:h,attestation:d,idempotencyKey:me.randomUUID()},$,e);return a.info("payment:success",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l}),w.results&&w.results.forEach(_=>{_.urls&&_.urls.forEach(L=>C(L))}),w})}catch(d){if(d instanceof b)return a.warn("payment:declined",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,code:d.code,retryable:d.retryable}),P(d,{amount:u,merchantName:l});throw a.error("payment:failure",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,error:d.message}),d}}function _n(){try{let r=fe.join(pe.homedir(),".claude","settings.json");if(!O.existsSync(r))return{enabled:!1,setup:"visa-cli hud enable"};let e=JSON.parse(O.readFileSync(r,"utf-8")),t=typeof e.statusLine=="object"?e.statusLine.command:"";return Le(t)?{enabled:!0}:e.statusLine?{enabled:!1,setup:"Another HUD is active. To switch: edit ~/.claude/settings.json \u2192 statusLine"}:{enabled:!1,setup:"visa-cli hud enable"}}catch{return{enabled:!1,setup:"visa-cli hud enable"}}}async function wn(r){let e=await m.getStatus(r);typeof e?.dailyRemaining=="number"&&(e.dailyRemaining=Math.round(e.dailyRemaining*100)/100);let t=Qr();return t.file_count>0&&(e.alliumResultsOnDisk=t),e.hud=_n(),e.version=Fr,e}async function bn(r){let t=(await m.getStatus(r)).cards||[];return t.length===0?{cards:[],message:"No cards enrolled. Use the add_card tool to add a payment card."}:t.some(s=>!Number.isInteger(s?.id)||s.id<=0)?{success:!1,cards:[],message:"Card ids are unavailable right now, so remove_card and set_default_card are temporarily disabled."}:{cards:t}}async function vn(r){let e=await m.getTransactions(r);return Array.isArray(e?.transactions)&&(e.transactions=e.transactions.filter(t=>!(t.tool_name==null||t.amount===0&&t.status==="failed"))),e}async function Sn(r,e){return await m.feedback(r.message,r.transaction_id,e)}async function kn(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to update spending controls."};a.info("spending_controls:update",{maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit});try{return await E(async()=>{let t=await v("spending-controls",0,"","update spending controls"),n=await m.updateSpendingControls({maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit,confirm:!0,attestation:t},e);return a.info("spending_controls:success",{maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit}),n})}catch(t){throw a.error("spending_controls:failure",{error:t.message}),t}}async function Tn(r){let e=await Ft({api:m,includeDev:!!r.includeDev});return{config:e.entries.map(t=>({key:t.key,value:t.value,source:t.source,hint:t.hint})),statusError:e.statusError}}async function En(r){if(!r.key||typeof r.key!="string")return{success:!1,error:"key is required. Call config_list first to see available keys."};if(r.value===void 0)return{success:!1,error:"value is required. Use config_unset to remove a setting."};a.info("config:set",{key:r.key});try{let e=ht(r.key,r.value);return a.info("config:set:success",{key:e.key,requiresRestart:e.requiresRestart}),{success:!0,key:e.key,value:e.value,requiresRestart:e.requiresRestart,path:e.path,message:e.requiresRestart?`Saved ${e.key}. Restart Claude Code for the change to take effect.`:`Saved ${e.key}.`}}catch(e){let t=e instanceof J?"UNKNOWN_KEY":e instanceof Y?"SERVER_CONTROLLED":"INVALID_VALUE";return a.warn("config:set:rejected",{key:r.key,code:t,error:e.message}),{success:!1,error:e.message,code:t,settableKeys:Object.keys(re).sort()}}}async function xn(r){if(!r.key||typeof r.key!="string")return{success:!1,error:"key is required. Call config_list first to see which keys are currently set via settings.json."};a.info("config:unset",{key:r.key});try{let e=yt(r.key);return a.info("config:unset:success",{key:e.key,removed:e.removed}),{success:!0,key:e.key,removed:e.removed,requiresRestart:e.requiresRestart,path:e.path,message:e.removed?e.requiresRestart?`Removed ${e.key}. Restart Claude Code for the change to take effect.`:`Removed ${e.key}.`:`${e.key} was not set in settings.json \u2014 nothing to remove.`}}catch(e){let t=e instanceof J?"UNKNOWN_KEY":e instanceof Y?"SERVER_CONTROLLED":"INVALID_VALUE";return a.warn("config:unset:rejected",{key:r.key,code:t,error:e.message}),{success:!1,error:e.message,code:t,settableKeys:Object.keys(re).sort()}}}async function Rn(r){let e=await m.getStatus(r),t=e.attestationRequired!==!1;return{required:t,hasAttestationKey:!!e.hasAttestationKey,touchIdAvailable:F(),message:t?"Touch ID is REQUIRED for payments.":"Touch ID is NOT required for payments. Payments will proceed without biometric confirmation."}}async function In(r){a.info("biometric:on");let e=await m.setBiometricPreference({required:!0},r);return e.success?(Gt(),{success:!0,required:!0,message:"Touch ID is now REQUIRED for payments."}):{success:!1,error:e.error||"unknown error"}}async function An(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true. Disabling Touch ID is a security downgrade \u2014 the user will be prompted for one final Touch ID confirmation before the change takes effect."};a.info("biometric:off");try{return await E(async()=>{let t=await m.getStatus(e),n;if(t.hasAttestationKey&&(n=await v("biometric-preference",0,"","disable Touch ID requirement"),!n))throw new Error("Touch ID confirmation required to disable \u2014 not available on this device.");let s=await m.setBiometricPreference({required:!1,attestation:n},e);if(!s.success)throw new Error(s.error||"unknown error");return Gt(),{success:!0,required:!1,message:"Touch ID is no longer required for payments."}})}catch(t){throw a.error("biometric:off:failure",{error:t.message}),t}}var Bt=3e4,Cn=3e5;async function Yt(r,e){let t=me.randomBytes(16).toString("hex"),n=`${r}${r.includes("?")?"&":"?"}state=${t}`;C(n);let s=Date.now()+Cn;for(;Date.now()<s;)try{let o=await fetch(`${Ue()}/v1/auth-status`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({state:t,timeout:Bt,...e&&{user_context:e}}),signal:AbortSignal.timeout(Bt+5e3)});if(!o.ok)continue;let i=await o.json();if(i.status==="pending")continue;if(i.status==="expired")return{success:!1,message:"Session expired. Please try again."};if(i.status==="error")return{success:!1,message:i.error||"Authentication failed. Please try again."};if(i.status==="complete"){if(i.sessionToken){await I.saveSessionToken(i.sessionToken);let l=i.user||"",c=i.last4||"****";return a.info("auth:login_complete",{user:l,last4:c}),{success:!0,message:`Signed in as ${l}. Card ending in ${c} added.${Kt}`}}let u=i.last4||"****";return a.info("auth:card_added",{last4:u}),{success:!0,message:`Card ending in ${u} enrolled.${Kt}`}}}catch{}return{success:!1,message:"Login timed out. Please try again."}}async function On(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to remove this card."};let t=r.cardId;if(!Number.isInteger(t)||t<=0)return{success:!1,message:"cardId must be a positive integer. Call get_cards to list enrolled cards and their ids."};a.info("cards:remove_attempt",{cardId:t});let n=`remove-card:${t}`,s=`remove enrolled card #${t}`;try{return await E(async()=>{let o=await v(n,0,"",s),i=await m.removeCard(t,{attestation:o},e);return a.info("cards:remove_success",{cardId:t,promotedId:i?.promotedId??null}),i})}catch(o){throw a.error("cards:remove_failure",{cardId:t,error:o.message}),o}}async function Pn(r,e){let t=r.cardId;if(!Number.isInteger(t)||t<=0)return{success:!1,message:"cardId must be a positive integer. Call get_cards to list enrolled cards and their ids."};a.info("cards:set_default_attempt",{cardId:t});let n=`set-default-card:${t}`,s=`set card #${t} as default`;try{return await E(async()=>{let o=await v(n,0,"",s),i=await m.setDefaultCard(t,{attestation:o},e);return a.info("cards:set_default_success",{cardId:t}),i})}catch(o){throw a.error("cards:set_default_failure",{cardId:t,error:o.message}),o}}async function Ln(r){return a.info("auth:login_attempt"),Yt(`${Ue()}/login`,r)}async function qn(r){return a.info("auth:add_card_attempt"),await I.getSessionToken()?Yt(`${Ue()}/enroll`,r):{success:!1,message:"Not logged in. Sign up at https://visacli.sh or call the login tool first."}}async function Un(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to reset"};a.info("reset:attempt");let t=await v("reset",0,"","reset device and remove all credentials");try{await m.logout({attestation:t},e)}catch{}if(await I.clearAll(),F())try{await Pt()}catch{}return a.info("reset:success"),{success:!0,message:"Device reset. All credentials, cards, and keys have been removed. Use the login tool to re-enroll."}}function Nn(r){let e=["url","resultUrl","imageUrl","audioUrl","trackUrl"];for(let t of e){let n=r[t];n&&typeof n=="string"&&n.startsWith("http")&&C(n)}Array.isArray(r.urls)&&r.urls.forEach(t=>{t&&typeof t=="string"&&t.startsWith("http")&&C(t)})}async function $n(r){if(!r.query&&!r.category)throw new Error("Provide a query (what you want to do) or category (image, video, audio, 3d, llm) to search the tool catalog.");a.info("catalog:discover",{query:r.query,category:r.category});try{let t=(await m.catalogSearch(r.query,r.category)).tools||[];if(t.length===0)return{content:[{type:"text",text:`No tools found for "${r.query||r.category}". Try a different search term.`}]};let n=t.map((s,o)=>`${o+1}. **${s.name}** (${s.id})
+"use strict";var mr=Object.create;var it=Object.defineProperty;var pr=Object.getOwnPropertyDescriptor;var fr=Object.getOwnPropertyNames;var gr=Object.getPrototypeOf,hr=Object.prototype.hasOwnProperty;var yr=(r,e)=>()=>(e||r((e={exports:{}}).exports,e),e.exports);var _r=(r,e,t,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let s of fr(e))!hr.call(r,s)&&s!==t&&it(r,s,{get:()=>e[s],enumerable:!(n=pr(e,s))||n.enumerable});return r};var f=(r,e,t)=>(t=r!=null?mr(gr(r)):{},_r(e||!r||!r.__esModule?it(t,"default",{value:r,enumerable:!0}):t,r));var tr=yr((Zs,Yn)=>{Yn.exports={name:"@visa/cli",version:"1.12.0-rc.1",description:"AI-powered payments for Claude Code",bin:{"visa-cli":"./bin/visa-cli.js"},scripts:{build:"tsc --noEmit && node esbuild.config.js",dev:"tsc --watch",pretest:"pnpm build",start:"node dist/mcp-server/index.js",test:"jest --config jest.config.js","test:unit":"jest --config jest.config.js","test:unit:watch":"jest --config jest.config.js --watch","test:unit:coverage":"jest --config jest.config.js --coverage","test:smoke":"VISA_AUTH_URL=https://auth.visacli.sh jest --config jest.smoke.config.js","test:integration":"jest --config jest.integration.config.js","test:e2e":"jest --config jest.e2e.config.js","test:catalog-e2e":"jest --config jest.catalog-e2e.config.js","test:all":"npm run test:unit && npm run test:integration && npm run test:e2e",prepublishOnly:"npm run build && npm test",lint:"eslint src/**/*.ts",format:'prettier --write "src/**/*.ts"',"format:check":'prettier --check "src/**/*.ts"'},keywords:["visa","checkout","mcp","ai-agent","payments","click-to-pay","usdc","stablecoin"],author:"Visa Crypto Labs",license:"SEE LICENSE IN LICENSE",dependencies:{"@modelcontextprotocol/sdk":"^1.0.0",commander:"^12.1.0",zod:"^3.23.0"},devDependencies:{"@visa-cli/tools":"workspace:*","@changesets/changelog-git":"^0.2.1","@changesets/cli":"^2.31.0","@types/jest":"^30.0.0","@types/node":"^25.6.0","@typescript-eslint/eslint-plugin":"^8.59.0","@typescript-eslint/parser":"^8.59.1","@types/express":"^5.0.0",esbuild:"^0.27.4",express:"^4.21.0",eslint:"^10.0.2","eslint-config-prettier":"^10.1.8",jest:"^29.7.0",prettier:"^3.8.3","ts-jest":"^29.2.0",typescript:"^5.7.0"},engines:{node:">=18.0.0"},mcpName:"io.github.visa-crypto-labs/visa-cli",files:["bin/visa-cli.js","dist/","install.ps1","native/visa-keychain.m","server.json","README.md","LICENSE"]}});var ir=require("@modelcontextprotocol/sdk/server/index.js"),ar=require("@modelcontextprotocol/sdk/server/stdio.js"),V=require("@modelcontextprotocol/sdk/types.js");async function at(r,e){let t=e?.timeoutMs??3e4,n=new AbortController,s=setTimeout(()=>n.abort(),t);try{let{timeoutMs:o,...i}=e??{};return await fetch(r,{...i,signal:n.signal})}finally{clearTimeout(s)}}var b=class extends Error{retryable;code;reason;constructor(e,t,n,s){super(e),this.name="CardDeclinedError",this.retryable=t,this.code=n,this.reason=s}};var wr=/^(\d+)\.(\d+)\.(\d+)(?:-([0-9A-Za-z.-]+))?(?:\+[0-9A-Za-z.-]+)?$/;function ut(r,e){let t=ct(r),n=ct(e);if(!t||!n)return!1;for(let s=0;s<3;s++)if(t.main[s]!==n.main[s])return t.main[s]>n.main[s];return t.pre&&!n.pre?!1:!t.pre&&n.pre?!0:!t.pre&&!n.pre?!1:br(t.pre,n.pre)>0}function ct(r){if(typeof r!="string")return null;let t=r.trim().replace(/^v/,"").match(wr);return t?{main:[Number(t[1]),Number(t[2]),Number(t[3])],pre:t[4]??null}:null}function br(r,e){let t=r.split("."),n=e.split("."),s=Math.max(t.length,n.length);for(let o=0;o<s;o++){if(o>=t.length)return-1;if(o>=n.length)return 1;let i=t[o],u=n[o],l=/^\d+$/.test(i),c=/^\d+$/.test(u);if(l&&c){let p=Number(i)-Number(u);if(p!==0)return p}else{if(l)return-1;if(c)return 1;if(i<u)return-1;if(i>u)return 1}}return 0}function ye(){return!!(lt(process.env.VISA_CLI_NO_UPDATE_CHECK)||lt(process.env.CI)||process.env.NODE_ENV==="test")}function lt(r){if(r===void 0)return!1;let e=r.trim().toLowerCase();return!(e===""||e==="0"||e==="false"||e==="no"||e==="off")}var B=f(require("fs")),pt=f(require("path"));var _e=f(require("fs")),dt=f(require("path")),mt=f(require("os"));var He=dt.join(mt.homedir(),".visa-mcp"),U=class{static ensureConfigDir(){_e.existsSync(He)||_e.mkdirSync(He,{recursive:!0,mode:448})}static getConfigDir(){return He}static TOOL_STATES={login:!0,get_status:!0,get_cards:!0,add_card:!0,pay:!0,transaction_history:!0,update_spending_controls:!0,enroll_device:!1,verify_otp:!1,reset:!0,batch:!0,generate_x402_image:!1,browser_launch:!1,browser_navigate:!1,browser_snapshot:!1,browser_click:!1,browser_type:!1,browser_scroll:!1,generate_music_card:!1,generate_image_card:!0,query_onchain_prices_card:!0,generate_music_tempo_card:!0,check_music_status_tempo_card:!0,generate_image_fast_card:!0,pxlwall_card:!1,generate_video_tempo_card:!0};static loadToolStates(){return{...this.TOOL_STATES}}static getDisabledTools(){let e=new Set;for(let[t,n]of Object.entries(this.TOOL_STATES))n||e.add(t);return e}static isToolDisabled(e){return this.TOOL_STATES[e]===!1}};var vr="settings.json";function we(){return pt.join(U.getConfigDir(),vr)}var re={"auth.serverUrl":{type:"string",description:"Auth server base URL. Override for staging / self-hosted backends.",requiresRestart:!0,validate:r=>{if(typeof r!="string")throw new Error("auth.serverUrl must be a string");let e;try{e=new URL(r)}catch{throw new Error(`auth.serverUrl must be a valid URL (got: ${JSON.stringify(r)})`)}if(e.protocol!=="https:"&&e.protocol!=="http:")throw new Error(`auth.serverUrl must use http or https (got: ${e.protocol})`)}},"ui.suppressBrowser":{type:"boolean",description:"When true, the CLI/MCP server stops auto-opening result URLs in your browser."},"ui.suppressFeed":{type:"boolean",description:"When true, generated images/music are not auto-submitted to the public Made-with-Visa feed."},"tools.meta":{type:"boolean",description:"Show category meta-tools (generate_image, generate_music, ...). Restart required.",requiresRestart:!0},"tools.specific":{type:"boolean",description:"Show hardcoded per-merchant tools (generate_image_card, query_onchain_prices_card, ...). Restart required.",requiresRestart:!0},"tools.discover":{type:"boolean",description:"Show the dynamic-catalog tools (discover_tools, execute_tool). Restart required.",requiresRestart:!0}};function be(){let r=we();if(!B.existsSync(r))return{};try{let e=B.readFileSync(r,"utf-8"),t=JSON.parse(e);return!t||typeof t!="object"||Array.isArray(t)?{}:t}catch{return{}}}function ft(r){U.ensureConfigDir();let e=we(),t=`${e}.tmp`,n=JSON.stringify(r,null,2)+`
+`;B.writeFileSync(t,n,{mode:384}),B.renameSync(t,e)}function je(r){let e=be()[r];return typeof e=="string"?e:void 0}function z(r){let e=be()[r];if(typeof e=="boolean")return e;if(e==="true")return!0;if(e==="false")return!1}var J=class extends Error{constructor(e){let t=Object.keys(re).sort().join(", ");super(`Unknown setting "${e}". Settable keys: ${t}. For server-controlled values (biometric.*, spending.*) use the dedicated tools (biometric_on/off, update_spending_controls).`),this.name="UnknownSettingKeyError"}},Y=class extends Error{constructor(e){let t="";e.startsWith("biometric.")?t="biometric_on / biometric_off":e.startsWith("spending.")?t="update_spending_controls":e.startsWith("cards.")?t="add_card / remove_card / set_default_card":e.startsWith("account.")&&(t="login / reset"),super(`"${e}" is a server-controlled value and cannot be set via config set. `+(t?`Use ${t} instead.`:"No client-side override is supported.")),this.name="ServerOnlySettingError"}},gt=["biometric.","spending.","account.","cards.","biometric"];function ht(r,e){if(gt.some(o=>r.startsWith(o)))throw new Y(r);let t=re[r];if(!t)throw new J(r);let n;if(t.type==="boolean")if(typeof e=="boolean")n=e;else if(typeof e=="string"){let o=e.toLowerCase();if(o==="true")n=!0;else if(o==="false")n=!1;else throw new Error(`${r} expects true or false (got: ${JSON.stringify(e)})`)}else throw new Error(`${r} expects a boolean (got: ${typeof e})`);else{if(typeof e!="string"||e.length===0)throw new Error(`${r} expects a non-empty string`);n=e}t.validate&&t.validate(n);let s=be();return s[r]=n,ft(s),{key:r,value:n,requiresRestart:!!t.requiresRestart,path:we()}}function yt(r){if(gt.some(s=>r.startsWith(s)))throw new Y(r);let e=re[r];if(!e)throw new J(r);let t=be(),n=r in t;return n&&(delete t[r],ft(t)),{key:r,removed:n,requiresRestart:n&&!!e.requiresRestart,path:we()}}var Sr="https://auth.visacli.sh";function ve(){let r=process.env.VISA_AUTH_URL;if(r!==void 0&&r!=="")return r;let e=je("auth.serverUrl");return e!==void 0?e:Sr}function _t(){let r=process.env.VISA_SUPPRESS_BROWSER;return r!==void 0?r==="true":z("ui.suppressBrowser")??!1}function wt(){let r=process.env.VISA_SUPPRESS_FEED;return r!==void 0?r==="true":z("ui.suppressFeed")??!1}function ne(){let r=process.env.VISA_META_TOOLS;return r!==void 0?r!=="false":z("tools.meta")??!0}function se(){let r=process.env.VISA_SPECIFIC_TOOLS;return r!==void 0?r!=="false":z("tools.specific")??!0}function oe(){let r=process.env.VISA_DISCOVER_TOOLS;return r!==void 0?r!=="false":z("tools.discover")??!0}var Ve="1.12.0-rc.1",Se=class{constructor(e){this.getSessionToken=e;this.baseUrl=ve()}getSessionToken;baseUrl;lastSignals={};parseServerSignals(e){if(this.lastSignals={},!ye()){let n=e.headers.get("X-Latest-Version"),s=e.headers.get("X-Update-Message");n&&ut(n,Ve)&&(this.lastSignals.updateAvailable={version:n,message:s||`Update available: v${n}. Run: npm install -g @visa/cli && visa-cli setup`})}let t=e.headers.get("X-Feedback-Prompt");if(t)try{this.lastSignals.feedbackPrompt=JSON.parse(t)}catch{}}getClientVersion(){return Ve}async request(e,t,n,s,o){let i=await this.getSessionToken();if(!i)throw new Error("Not logged in. Sign up at https://visacli.sh or run: visa-cli setup");let u={Authorization:`Bearer ${i}`};o&&(e==="GET"?u["X-User-Context"]=o.replace(/[\r\n\0]/g," ").slice(0,1e3):n={...n||{},user_context:o}),n&&(u["Content-Type"]="application/json");let l;try{l=await at(`${this.baseUrl}${t}`,{method:e,headers:{...u,"X-Visa-CLI-Version":Ve},body:n?JSON.stringify(n):void 0,timeoutMs:s})}catch(p){throw p.name==="AbortError"||p.message?.includes("aborted")?new Error("The request timed out. The server may be under heavy load. Please try again."):new Error("Cannot reach the Visa CLI server. Check your internet connection and try again.")}if(this.parseServerSignals(l),l.status===401)throw new Error("Your session has expired. Run: visa-cli setup");if(l.status===429){let p=l.headers.get("Retry-After")||"3";throw new Error(`Rate limited \u2014 wait ${p}s. Tip: use the batch tool to combine multiple requests into one.`)}if(l.status===503)throw new Error("Visa CLI is temporarily unavailable. Check https://visacli.sh for status.");let c;try{c=await l.json()}catch{throw l.status===500?new Error(`Server error on ${t}. Try again or check https://visacli.sh for status.`):new Error(`Unexpected response from ${t}. Try again.`)}if(!l.ok)throw l.status===500?new Error(`Server error on ${t}. Try again or check https://visacli.sh for status.`):c?.declined?new b(c.error||"Your card was declined.",!!c.retryable,c.code,c.reason):new Error(c?.error||`Request failed (${l.status}). Try again.`);return c}async pay(e,t){return this.request("POST","/v1/pay",e,void 0,t)}async shortcut(e,t,n,s){return this.request("POST",`/v1/shortcuts/${encodeURIComponent(e)}`,t,n,s)}async batch(e,t,n){return this.request("POST","/v1/batch",e,t,n)}async catalogSearch(e,t){let n=new URLSearchParams;e&&n.set("q",e),t&&n.set("category",t);let s=n.toString();return this.request("GET",`/v1/catalog${s?`?${s}`:""}`)}async catalogTool(e){try{return await this.request("GET",`/v1/catalog/${encodeURIComponent(e)}`)}catch{return null}}async discoverMerchantRoutes(e){try{return await this.request("GET",`/v1/platform/discover/${encodeURIComponent(e)}`)}catch{return null}}async paymentPreview(e,t){return this.request("POST","/v1/payment-preview",e,void 0,t)}async getStatus(e){return this.request("GET","/v1/status",void 0,void 0,e)}async getTransactions(e){return this.request("GET","/v1/transactions",void 0,void 0,e)}async updateSpendingControls(e,t){return this.request("POST","/v1/spending-controls",e,void 0,t)}async removeCard(e,t,n){return this.request("DELETE",`/v1/cards/${encodeURIComponent(String(e))}`,t,void 0,n)}async setDefaultCard(e,t,n){return this.request("POST",`/v1/cards/${encodeURIComponent(String(e))}/default`,t,void 0,n)}async getAttestationChallenge(){return this.request("GET","/v1/attestation-challenge")}async registerAttestationKey(e){return this.request("POST","/v1/attestation-key",{publicKey:e})}async setBiometricPreference(e,t){return this.request("POST","/v1/biometric-preference",{...e,confirm:!0},void 0,t)}async logout(e,t){return this.request("POST","/v1/logout",e,void 0,t)}async feedback(e,t,n){return this.request("POST","/v1/feedback",{message:e,...t&&{transaction_id:t}},void 0,n)}async createAppApiKey(e){return this.request("POST","/v1/api/keys",e)}async listAppApiKeys(){return this.request("GET","/v1/api/keys")}async revokeAppApiKey(e){return this.request("DELETE",`/v1/api/keys/${encodeURIComponent(String(e))}`)}async feedSubmit(e){return this.request("POST","/v1/feed",e)}async feedList(e){let t=new URLSearchParams;e?.tab&&t.set("tab",e.tab),e?.limit&&t.set("limit",String(e.limit)),e?.offset&&t.set("offset",String(e.offset));let n=t.toString();return this.request("GET",`/v1/feed${n?"?"+n:""}`)}async feedVote(e,t){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/vote`,{direction:t})}async feedApprove(e){return this.request("POST",`/v1/feed/${encodeURIComponent(e)}/approve`)}async feedDelete(e){return this.request("DELETE",`/v1/feed/${encodeURIComponent(e)}`)}async feedPending(){return this.request("GET","/v1/feed/pending")}async submitFeedback(e,t,n){return this.request("POST","/v1/feedback",{message:e,...t&&{transaction_id:t}},void 0,n)}async getFeedback(e,t){let n=new URLSearchParams;e&&n.set("limit",String(e));let s=n.toString();return this.request("GET",`/v1/feedback${s?"?"+s:""}`,void 0,void 0,t)}async submitRatedFeedback(e){return this.request("POST","/v1/feedback",e)}};var Ge=require("child_process"),Et=require("util"),Rt=f(require("crypto")),k=f(require("fs")),xt=f(require("os")),D=f(require("path"));var x=f(require("fs")),Be=f(require("path")),bt=f(require("os")),Ke=Be.join(bt.homedir(),".visa-mcp"),ae=Be.join(Ke,"mcp-server.log"),kr=5*1024*1024,Fe=null;function Tr(){x.existsSync(Ke)||x.mkdirSync(Ke,{recursive:!0,mode:448})}function Er(){if(!Fe){if(Tr(),x.existsSync(ae)&&x.statSync(ae).size>kr){let e=ae+".1";x.existsSync(e)&&x.unlinkSync(e),x.renameSync(ae,e)}Fe=x.createWriteStream(ae,{flags:"a"})}return Fe}function Rr(r){return r==="WARN"||r==="ERROR"?!0:process.env.VISA_CLI_DEBUG==="1"||process.env.VISA_VERBOSE==="1"}function ke(r,...e){let t=new Date().toISOString(),n=e.map(o=>typeof o=="string"?o:JSON.stringify(o,null,2)).join(" "),s=`[${t}] [${r}] ${n}
+`;Rr(r)&&process.stderr.write(s),Er().write(s)}var a={debug:(...r)=>ke("DEBUG",...r),info:(...r)=>ke("INFO",...r),warn:(...r)=>ke("WARN",...r),error:(...r)=>ke("ERROR",...r)};var ie=(0,Et.promisify)(Ge.execFile),Re=D.join(xt.homedir(),".visa-mcp","bin"),X=D.join(Re,"Visa CLI"),xr=D.join(__dirname,"..","native"),vt="5",St=D.join(Re,"visa-keychain.version"),kt=D.join(Re,"visa-keychain.sha256");function Tt(r){let e=k.readFileSync(r);return Rt.createHash("sha256").update(e).digest("hex")}async function It(){try{if(k.readFileSync(St,"utf-8").trim()===vt&&k.existsSync(X)){let n=k.readFileSync(kt,"utf-8").trim();if(Tt(X)!==n)a.warn("binary:hash-mismatch",{message:"Binary hash mismatch \u2014 possible tampering detected. Recompiling from source."}),k.unlinkSync(X);else return X}}catch{}let r=D.join(xr,"visa-keychain.m");if(k.existsSync(r)||(r=D.resolve(__dirname,"..","..","native","visa-keychain.m")),k.existsSync(r)||(r=D.resolve(__dirname,"..","native","visa-keychain.m")),!k.existsSync(r))throw new Error("visa-keychain.m source not found. Reinstall Visa CLI.");k.mkdirSync(Re,{recursive:!0,mode:448});try{await ie("clang",["-framework","Security","-framework","LocalAuthentication","-framework","Foundation","-framework","AppKit","-o",X,r],{timeout:3e4})}catch(t){throw t.code==="ENOENT"?new Error("Xcode Command Line Tools required. Install: xcode-select --install"):t}let e=Tt(X);return k.writeFileSync(kt,e,{mode:384}),k.writeFileSync(St,vt,{mode:384}),X}async function At(r){let e=await It(),t;try{t=(await ie(e,r,{timeout:6e4})).stdout}catch(o){t=o.stdout||"";let i=t.trim();throw i.startsWith("ERROR:")?new Error(i.slice(6)):new Error(o.stderr?.trim()||o.message||"Unknown error")}let n=t.trim();if(n.startsWith("OK:"))return n.slice(3);if(n==="OK")return;let s=n.startsWith("ERROR:")?n.slice(6):"Unknown error";throw new Error(s)}var We=null;function F(){return process.env.VISA_MOCK_TOUCHID==="true"?!0:process.platform!=="darwin"?!1:We!==null?We:(We=!0,!0)}var Te="visa-cli",Ee="attestation-key";async function Ir(r){try{await ie("security",["delete-generic-password","-s",Te,"-a",Ee],{timeout:5e3})}catch{}await ie("security",["add-generic-password","-s",Te,"-a",Ee,"-w",r],{timeout:5e3})}async function Ar(){try{let{stdout:r}=await ie("security",["find-generic-password","-s",Te,"-a",Ee,"-w"],{timeout:5e3});return r.trim()||null}catch{return null}}async function Ct(){let r=await At(["generate-key"]);if(!r)throw new Error("Key generation returned no output");let e=r.indexOf(":");if(e<0)throw new Error("Unexpected generate-key output format");let t=r.slice(0,e),n=r.slice(e+1);return await Ir(t),n}async function Ot(r,e){if(process.env.VISA_MOCK_TOUCHID==="true")return Promise.resolve("mock-ecdsa-signature-for-testing");let t=await Ar();if(!t)throw new Error("Attestation key not found. Run setup to generate a new key.");let n=await It(),s=["sign",r];return e&&s.push(e),new Promise((o,i)=>{let u=(0,Ge.execFile)(n,s,{timeout:6e4},(l,c)=>{let p=(c||"").trim();if(l){p.startsWith("ERROR:")?i(new Error(p.slice(6))):i(new Error(l.stderr?.trim()||l.message||"Unknown error"));return}p.startsWith("OK:")?o(p.slice(3)):i(new Error(p.startsWith("ERROR:")?p.slice(6):"Unknown error"))});u.stdin.write(t),u.stdin.end()})}async function Pt(){try{await ie("security",["delete-generic-password","-s",Te,"-a",Ee],{timeout:5e3})}catch{}try{await At(["delete-key"])}catch{}}var Ae=require("child_process"),Lt=require("util"),G=f(require("fs")),Ce=f(require("os")),Qe=f(require("path"));var K="6820f6e91b762e645c9bf020c0d3673bb99d4a25a824880c0d548e10bb9bc7b1";var M=(0,Lt.promisify)(Ae.execFile),Ze=Qe.join(Ce.homedir(),".visa-mcp"),ce=Qe.join(Ze,"session-token"),q="visa-cli",W="session-token",xe="rc-access",Cr=5e3,Ie=class extends Error{constructor(e){super(e),this.name="CredentialAccessError"}};function Or(r){let e=r;return[e?.message,e?.stderr].filter(t=>typeof t=="string").join(`
+`)}function qt(r){let e=r;if(e?.code==="EPERM"||e?.code==="EACCES")return!0;let t=Or(r).toLowerCase();return t.includes("operation not permitted")||t.includes("permission denied")}async function Pr(){try{let{stdout:r}=await M("security",["find-generic-password","-s",q,"-a",W,"-w"],{timeout:5e3});return r.trim()||null}catch(r){if(qt(r))throw new Ie("Unable to read Visa CLI credentials from macOS Keychain. In sandboxed agents such as Codex, rerun with keychain access or run this command outside the sandbox.");return null}}async function Lr(r){try{try{await M("security",["delete-generic-password","-s",q,"-a",W],{timeout:5e3})}catch{}return await M("security",["add-generic-password","-s",q,"-a",W,"-w",r],{timeout:5e3}),!0}catch{return!1}}async function qr(){try{await M("security",["delete-generic-password","-s",q,"-a",W],{timeout:5e3})}catch{}}async function Ur(){if(!et())return null;try{let{stdout:r}=await M("secret-tool",["lookup","service",q,"account",W],{timeout:5e3});return r.trim()||null}catch{return null}}async function Nr(r){if(!et())return!1;try{let e=(0,Ae.execFile)("secret-tool",["store","--label",`${q} ${W}`,"service",q,"account",W]);return e.stdin?(e.stdin.write(r),e.stdin.end(),await Promise.race([new Promise((t,n)=>{e.on("exit",s=>s===0?t():n(new Error(`secret-tool exited ${s}`))),e.on("error",n)}),new Promise((t,n)=>setTimeout(()=>{e.kill(),n(new Error("secret-tool timed out"))},Cr))]),!0):!1}catch{return!1}}async function $r(){if(et())try{await M("secret-tool",["clear","service",q,"account",W],{timeout:5e3})}catch{}}function et(){return!!process.env.DBUS_SESSION_BUS_ADDRESS}async function Dr(){try{let{stdout:r}=await M("security",["find-generic-password","-s",q,"-a",xe,"-w"],{timeout:5e3});return r.trim()||null}catch{return null}}async function Mr(r){try{try{await M("security",["delete-generic-password","-s",q,"-a",xe],{timeout:5e3})}catch{}await M("security",["add-generic-password","-s",q,"-a",xe,"-w",r],{timeout:5e3})}catch{}}async function Hr(){try{await M("security",["delete-generic-password","-s",q,"-a",xe],{timeout:5e3})}catch{}}function ze(){try{return G.readFileSync(ce,"utf-8").trim()||null}catch(r){if(qt(r))throw new Ie(`Unable to read Visa CLI credentials from ${ce}. Check file permissions or rerun with access to the Visa CLI credential directory.`);return null}}function Ut(r){G.mkdirSync(Ze,{recursive:!0,mode:448}),G.writeFileSync(ce,r,{mode:384}),process.platform==="win32"&&jr(ce)}function Xe(){try{G.unlinkSync(ce)}catch{}}function jr(r){try{let e=Ce.userInfo().username;(0,Ae.execFile)("icacls",[r,"/inheritance:r","/grant:r",`${e}:F`],{timeout:5e3},t=>{t&&console.error(`[visa-cli] icacls ACL restriction failed: ${t.message}`)})}catch(e){console.error(`[visa-cli] Failed to invoke icacls: ${e instanceof Error?e.message:String(e)}`)}}function Ye(){switch(process.platform){case"darwin":return{get:Pr,store:Lr,delete:qr};case"linux":return{get:Ur,store:Nr,delete:$r};default:return{get:async()=>ze(),store:async r=>{try{return Ut(r),!0}catch{return!1}},delete:async()=>Xe(),storesInSessionFile:!0}}}var I=class{static async getSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return Promise.resolve("mock-session-token-for-testing");let e=Ye(),t=await e.get();if(t)return t;let n=ze();return n?(await e.store(n),n):null}static async saveSessionToken(e){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;let t=Ye();if(await t.store(e)){if(await t.get()===e){t.storesInSessionFile||Xe();return}await t.delete()}if(Ut(e),ze()!==e)throw new Error("Failed to persist session token. "+(process.platform==="darwin"?'Check Keychain Access permissions for "visa-cli".':`Ensure ${Ze} is writable.`))}static async getRcAccessToken(){return process.env.VISA_MOCK_KEYCHAIN==="true"?K:Dr()}static async saveRcAccessToken(e){process.env.VISA_MOCK_KEYCHAIN!=="true"&&await Mr(e)}static async deleteSessionToken(){if(process.env.VISA_MOCK_KEYCHAIN==="true")return;await Ye().delete(),Xe()}static async clearAll(){await this.deleteSessionToken(),await Hr()}};var Oe={generate_image:{intro:"Generate an AI image.",tiers:{balanced:{toolId:"fal-flux-pro",priceCents:4,notes:"FLUX Pro v1.1, 1K, ~10s (DEFAULT \u2014 good quality/speed tradeoff)"},fast:{toolId:"fal-flux-schnell",priceCents:1,notes:"FLUX Schnell, 1K, ~3s (drafts, iteration, cheapest)"},pro:{toolId:"fal-flux-pro-ultra",priceCents:6,notes:"FLUX Pro Ultra, 2K, ~30s (hero images, detail)"},text_heavy:{toolId:"fal-ideogram-v2",priceCents:8,notes:"Ideogram V2 \u2014 best when the image contains rendered text/logos"},vector:{toolId:"fal-recraft-v3",priceCents:5,notes:"Recraft V3 \u2014 vector/flat/illustration styles"}},guidance:"If the user didn't specify a tier, pick 'balanced' unless the prompt clearly signals otherwise (text \u2192 text_heavy, logo/icon \u2192 vector, quick test \u2192 fast, hero/print \u2192 pro).",inputProperties:{prompt:{type:"string",description:"Text description of the image to generate."},aspect_ratio:{type:"string",description:'Aspect ratio, e.g. "16:9", "1:1", "9:16".',default:"16:9"}},required:["prompt"]},generate_video:{intro:"Generate an AI video from a text prompt.",tiers:{balanced:{toolId:"fal-minimax-video",priceCents:15,notes:"MiniMax \u2014 good quality/price balance (DEFAULT)"},fast:{toolId:"fal-wan-video",priceCents:10,notes:"Wan \u2014 cheapest, shorter clips"},pro:{toolId:"fal-kling-video",priceCents:20,notes:"Kling \u2014 highest quality, cinematic"}},guidance:"Show the tier menu with prices unless the user specified one. Videos take 60-180s to generate.",inputProperties:{prompt:{type:"string",description:"Text description of the video scene."},aspect_ratio:{type:"string",description:'Aspect ratio, e.g. "16:9" or "9:16".',default:"16:9"}},required:["prompt"]},generate_music:{intro:"Generate an original music track from a prompt.",tiers:{suno:{toolId:"suno-music",priceCents:10,notes:"Suno v4 \u2014 songs with vocals, lyrics, full arrangement"}},guidance:"Takes ~60-90s. Returns an audio URL the user can play.",inputProperties:{prompt:{type:"string",description:"Musical style / mood / lyrics hint."},instrumental:{type:"boolean",description:"True for instrumental (no vocals), false for vocal track.",default:!1}},required:["prompt"]},generate_audio:{intro:"Generate speech (voice cloning) or sound effects.",tiers:{tts:{toolId:"fal-metavoice",priceCents:3,notes:"MetaVoice \u2014 voice cloning TTS (requires a voice sample URL)"},sfx:{toolId:"fal-stable-audio",priceCents:4,notes:"Stable Audio \u2014 sound effects and ambient from a prompt"}},guidance:"For tts: provide text + audio_url (voice sample to clone). For sfx: provide prompt describing the sound.",inputProperties:{prompt:{type:"string",description:"Description of sound to generate (sfx tier)."},text:{type:"string",description:"Text to speak aloud (tts tier)."},audio_url:{type:"string",description:"URL of a voice sample to clone (tts tier, required for MetaVoice)."}},required:[]},generate_3d:{intro:"Generate a 3D model from an image.",tiers:{trellis:{toolId:"fal-trellis-3d",priceCents:8,notes:"Trellis \u2014 image-to-3D, returns a GLB mesh URL"}},guidance:"Pass an image URL. Takes ~30-60s. Returns a downloadable 3D mesh URL.",inputProperties:{image_url:{type:"string",description:"URL of the image to convert to a 3D model."}},required:["image_url"]},upscale_image:{intro:"Upscale an image to higher resolution.",tiers:{aura:{toolId:"fal-aura-sr",priceCents:3,notes:"Aura SR \u2014 default; preserves detail without hallucination"}},guidance:"Pass the existing image URL. Returns an upscaled version.",inputProperties:{image_url:{type:"string",description:"URL of the image to upscale."}},required:["image_url"]},transcribe_audio:{intro:"Transcribe speech in an audio/video URL to text.",tiers:{whisper:{toolId:"fal-whisper",priceCents:2,notes:"OpenAI Whisper \u2014 fast, multilingual"}},guidance:"Pass the URL. Returns the transcript text.",inputProperties:{audio_url:{type:"string",description:"URL of the audio or video file to transcribe."}},required:["audio_url"]},run_llm:{intro:"Run a text prompt through an LLM (OpenRouter). Token-metered \u2014 prices below are per 1M input/output tokens. Typical 500-in/500-out prompts cost 1\u20139\xA2 depending on model.",tiers:{fast:{toolId:"or-gpt-4o-mini",priceCents:1,notes:"GPT-4o Mini \u2014 $0.15/M in \xB7 $0.60/M out. Fastest, cheapest, good general-purpose (DEFAULT)"},reasoning:{toolId:"or-claude-sonnet",priceCents:9,notes:"Claude 3.5 Sonnet \u2014 $3.00/M in \xB7 $15.00/M out. Strong reasoning, long-context. ~20x pricier than `fast`."},deep_reasoning:{toolId:"or-deepseek-r1",priceCents:2,notes:"DeepSeek R1 \u2014 $0.55/M in \xB7 $2.19/M out. Deep chain-of-thought reasoning, mid-range pricing."},search:{toolId:"or-perplexity-sonar",priceCents:1,notes:"Perplexity Sonar \u2014 $1.00/M in \xB7 $1.00/M out. Search-augmented, web-grounded with citations."},open_source:{toolId:"or-llama-70b",priceCents:1,notes:"Llama 3.3 70B \u2014 $0.30/M in \xB7 $0.40/M out. Open-source large model."},coding:{toolId:"or-deepseek-chat",priceCents:1,notes:"DeepSeek Chat V3 \u2014 $0.30/M in \xB7 $0.88/M out. Strong at code generation."}},guidance:"Pick based on the user's need: fast (most questions, cheapest), reasoning (complex analysis \u2014 WARN user it's ~$0.09/call), search (questions about current events), coding (code generation), deep_reasoning (hard math/logic problems).",inputProperties:{prompt:{type:"string",description:"The user query."},system_prompt:{type:"string",description:"Optional system prompt to set model behavior."},max_tokens:{type:"number",description:"Maximum output tokens.",default:1024,minimum:1,maximum:8192},temperature:{type:"number",description:"Sampling temperature \u2014 0 is deterministic, higher is more creative.",default:.7,minimum:0,maximum:2}},required:["prompt"]}};function Nt(r){let e=Oe[r];if(!e)throw new Error(`Unknown meta-tool: ${r}`);let t=[e.intro,"","Tiers:"];for(let[n,s]of Object.entries(e.tiers)){let o=`$${(s.priceCents/100).toFixed(2)}`;t.push(`  - ${n.padEnd(15)} ${o.padStart(6)}  ${s.notes}`)}return t.push("",e.guidance),t.join(`
+`)}function $t(r){let e=Oe[r];if(!e)throw new Error(`Unknown meta-tool: ${r}`);let t=Object.keys(e.tiers);return{type:"object",properties:{tier:{type:"string",enum:t,default:t[0],description:`Quality/style tier. Default: ${t[0]}.`},...e.inputProperties},required:e.required??[]}}function Pe(r,e){if(!Q.includes(r))return r;let t=Oe[r];if(!t)return r;let n=Object.keys(t.tiers),s=e||n[0],o=t.tiers[s];if(!o)throw new Error(`Unknown tier '${s}' for ${r}. Valid tiers: ${n.join(", ")}`);return o.toolId}async function Dt(r,e,t){let n=Pe(r,e.tier),{tier:s,...o}=e;return y.executeTool({tool_id:n,...o},t)}var Q=Object.keys(Oe);function Mt(r=process.env,e=process.platform){return r.VISA_CLI_NO_BROWSER==="1"||r.VISA_CLI_NO_BROWSER==="true"?{headless:!0,reason:"VISA_CLI_NO_BROWSER is set"}:r.CI==="true"||r.CI==="1"?{headless:!0,reason:"CI environment detected"}:r.SSH_CONNECTION||r.SSH_TTY?{headless:!0,reason:"SSH session detected"}:e==="linux"&&!r.DISPLAY&&!r.WAYLAND_DISPLAY?{headless:!0,reason:"Linux with no $DISPLAY or $WAYLAND_DISPLAY"}:{headless:!1}}function Ht(r,e=process.platform){return e==="darwin"?{cmd:"open",args:[r]}:e==="win32"?{cmd:"cmd",args:["/c","start","",r]}:e==="linux"?{cmd:"xdg-open",args:[r]}:null}var me=f(require("crypto")),Wt=require("child_process"),O=f(require("fs")),pe=f(require("os")),fe=f(require("path"));var Vr="# visa-cli-hud-v1";function Le(r){return typeof r!="string"?!1:r.includes(Vr)?!0:r.includes("visa-cli")&&r.includes("statusline")}async function jt(r,e){try{return await e()}catch(t){if(t.message==="Invalid signature"&&F()){a.warn("attestation:key-mismatch",{action:"reregistering"});try{let n=await Ct();await r.registerAttestationKey(n),a.info("attestation:key-reregistered")}catch(n){throw a.error("attestation:reregister-failure",{error:n.message}),t}return await e()}throw t}}var Vt="1.12.0-rc.1";function tt(r,e){return e?{kind:"env",var:r}:{kind:"default"}}function Fr(r,e,t){let n=process.env[r];if(n!==void 0&&n!=="")return{value:n,source:{kind:"env",var:r}};let s=je(e);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:t,source:{kind:"default"}}}function ue(r,e,t){let n=process.env[r];if(n!==void 0)return{value:t==="opt-in"?n==="true":n!=="false",source:{kind:"env",var:r}};let s=z(e);return s!==void 0?{value:s,source:{kind:"settings"}}:{value:t!=="opt-in",source:{kind:"default"}}}function A(r){return r==null?"\u2014":r?"yes":"no"}function qe(r){return r==null?"\u2014":`$${r.toFixed(2)}`}async function Ft(r){let e=null,t=null;try{e=await r.api.getStatus()}catch(_){t=_?.message||"unknown error"}let n=[],s=Fr("VISA_AUTH_URL","auth.serverUrl","https://auth.visacli.sh");n.push({key:"auth.serverUrl",value:s.value,formatted:s.value,source:s.source,hint:s.source.kind==="default"?"Persist with `visa-cli config set auth.serverUrl <url>` (or set VISA_AUTH_URL for one-off overrides).":void 0}),n.push({key:"account.enrolled",value:e?.enrolled??null,formatted:A(e?.enrolled),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),e?.githubUser&&n.push({key:"account.githubUser",value:e.githubUser,formatted:e.githubUser,source:{kind:"server"}});let o=e?e.attestationRequired!==!1:void 0;n.push({key:"biometric.required",value:o,formatted:A(o),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"},hint:o===!1?"Touch ID prompts are suppressed. Re-enable with `visa-cli biometric on`.":void 0}),n.push({key:"biometric.keyRegistered",value:e?.hasAttestationKey??null,formatted:A(e?.hasAttestationKey),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"biometric.deviceAvailable",value:F(),formatted:A(F()),source:{kind:"device"}});let i=e?.spendingControls,u=i?i.max_transaction_amount??i.maxTransactionAmount??null:null,l=i?i.daily_limit??i.dailyLimit??null:null;n.push({key:"spending.maxPerTxn",value:u,formatted:qe(u),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailyLimit",value:l,formatted:qe(l),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailySpent",value:e?.dailySpent??null,formatted:qe(e?.dailySpent),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"spending.dailyRemaining",value:e?.dailyRemaining??null,formatted:qe(e?.dailyRemaining),source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}}),n.push({key:"cards.count",value:e?.cardCount??null,formatted:e?.cardCount!=null?String(e.cardCount):"\u2014",source:e?{kind:"server"}:{kind:"unknown",reason:t||"offline"}});let c=e?.cards?.find(_=>_.isDefault)??e?.cards?.[0];c&&n.push({key:"cards.default",value:{brand:c.brand??null,last4:c.last4},formatted:`${c.brand||"card"} \u2022\u2022\u2022\u2022 ${c.last4}`,source:{kind:"server"}});let p=ue("VISA_SUPPRESS_BROWSER","ui.suppressBrowser","opt-in");n.push({key:"ui.suppressBrowser",value:p.value,formatted:A(p.value),source:p.source,hint:"Persist with `visa-cli config set ui.suppressBrowser true` to stop auto-opening result URLs."});let h=ue("VISA_SUPPRESS_FEED","ui.suppressFeed","opt-in");n.push({key:"ui.suppressFeed",value:h.value,formatted:A(h.value),source:h.source});let S=ye(),T;process.env.VISA_CLI_NO_UPDATE_CHECK?T={kind:"env",var:"VISA_CLI_NO_UPDATE_CHECK"}:process.env.CI?T={kind:"env",var:"CI"}:process.env.NODE_ENV==="test"?T={kind:"env",var:"NODE_ENV"}:T={kind:"default"},n.push({key:"ui.updateCheck",value:!S,formatted:A(!S),source:T});let $=ue("VISA_META_TOOLS","tools.meta","opt-out");n.push({key:"tools.meta",value:$.value,formatted:A($.value),source:$.source,hint:"Persist with `visa-cli config set tools.meta false`. Restart Claude Code for changes to take effect."});let d=ue("VISA_SPECIFIC_TOOLS","tools.specific","opt-out");n.push({key:"tools.specific",value:d.value,formatted:A(d.value),source:d.source});let w=ue("VISA_DISCOVER_TOOLS","tools.discover","opt-out");if(n.push({key:"tools.discover",value:w.value,formatted:A(w.value),source:w.source}),n.push({key:"client.version",value:Vt,formatted:Vt,source:{kind:"default"}}),r.includeDev){let _=process.env.VISA_MOCK_KEYCHAIN;n.push({key:"dev.mockKeychain",value:_==="true",formatted:A(_==="true"),source:tt("VISA_MOCK_KEYCHAIN",!!_)});let L=process.env.VISA_MOCK_TOUCHID;n.push({key:"dev.mockTouchid",value:L==="true",formatted:A(L==="true"),source:tt("VISA_MOCK_TOUCHID",!!L)});let te=process.env.VISA_CLI_DEBUG;n.push({key:"dev.debug",value:!!te,formatted:A(!!te),source:tt("VISA_CLI_DEBUG",!!te)})}return{entries:n,statusError:t}}function Ue(){return ve()}var m=new Se(()=>I.getSessionToken()),Kr="1.12.0-rc.1",Br=["generate_image","generate_video","generate_music","generate_audio","generate_3d","upscale_image","transcribe_audio","run_llm"],Kt=["","","You're ready to go! Try:","","Core:",'\u2022 "Show my account status" \u2192 get_status','\u2022 "List my enrolled cards" \u2192 get_cards','\u2022 "Show my recent transactions" \u2192 transaction_history','\u2022 "Set my daily limit to $50" \u2192 update_spending_controls','\u2022 "Pay https://example.com/checkout" \u2192 pay','\u2022 "Generate 3 variations in parallel" \u2192 batch',"","Fast shortcuts:",'\u2022 "Generate an image of a sunset over Tokyo" \u2192 generate_image_card (~$0.06)','\u2022 "Make a fast thumbnail: minimalist cat logo" \u2192 generate_image_fast_card (~$0.04)','\u2022 "Make a 4-second video of a penguin juggling" \u2192 generate_video_tempo_card (~$0.30)','\u2022 "Make a song about coding late at night" \u2192 generate_music_tempo_card (~$0.10)','\u2022 "Check the status of my music job" \u2192 check_music_status_tempo_card','\u2022 "What is ETH on Base trading at?" \u2192 query_onchain_prices_card (~$0.02)','\u2022 "Explore stablecoin inflows on Base" \u2192 allium_explorer_card','\u2022 "Open the latest Allium result set" \u2192 allium_explorer_results_card','\u2022 "Show pxlwall campaign insights" \u2192 pxlwall_card',"","Category tools:",...Br.map(r=>`\u2022 "${r.replace(/_/g," ")}" \u2192 ${r}`),"","Tool catalog:",'\u2022 "Find an image upscaler" \u2192 discover_tools','\u2022 "Run fal-aura-sr on this URL" \u2192 execute_tool'].join(`
+`);function C(r){if(!r||typeof r!="string"||_t())return;let e;try{e=new URL(r)}catch{return}if(e.protocol!=="https:"&&e.protocol!=="http:")return;let t=e.toString(),n=Mt();if(n.headless){a.info(`Browser auto-open skipped (${n.reason}). URL: ${t}`);return}let s=Ht(t);if(!s){a.info(`No browser command for platform "${pe.platform()}". URL: ${t}`);return}(0,Wt.execFile)(s.cmd,s.args,o=>{o&&a.warn(`Browser open failed: ${o.message}. URL: ${t}`)})}async function E(r){return jt(m,r)}function P(r,e){let t=r.retryable?`The processor returned a transient decline (code ${r.code??"unknown"}). This is not a permanent failure \u2014 it usually clears within ~60 seconds and is most often triggered by rapid successive charges on the same card. Tell the user the call was temporarily declined and that you will retry shortly, then wait at least 60 seconds before retrying the SAME call exactly once. Do not retry more than once. Do not assume the user has run out of funds.`:`The processor returned a non-retryable decline (code ${r.code??"unknown"}). Stop the current task and tell the user their card was declined for ${e.merchantName}. Suggest they check their card status, available balance, or try a different default card via 'visa-cli cards'. Do not retry automatically.`;return{success:!1,declined:!0,retryable:r.retryable,code:r.code,reason:r.reason,merchantName:e.merchantName,amount:e.amount,message:r.message,agent_guidance:t}}var le=null,Wr=3e4;function Gt(){le=null}async function Gr(r){let e=Date.now();if(le&&le.expiresAt>e)return le.value;try{let n=(await m.getStatus(r)).attestationRequired!==!1;return le={value:n,expiresAt:e+Wr},n}catch{return!0}}async function v(r,e,t,n,s){if(!F()){a.warn("attestation:unavailable",{context:r});return}if(!await Gr(s)){a.info("attestation:skipped-by-server-policy",{context:r});return}a.info("attestation:attempt",{context:r,amount:e,merchant:t});try{let{nonce:i}=await m.getAttestationChallenge(),u=Buffer.from(JSON.stringify({nonce:i,amount:e,merchant:t,context:r})).toString("base64");a.info("touchid:prompt",{context:r,amount:e,merchant:t});let l=await Ot(u,n);return a.info("attestation:success",{context:r,amount:e,merchant:t}),{signature:l,nonce:i,amount:e,merchant:t}}catch(i){throw a.error("attestation:failure",{context:r,amount:e,merchant:t,error:i.message}),i}}async function N(r,e,t){let n=await m.paymentPreview({tool:r,url:e},t);if(!n||!n.merchantName||!n.amount||n.amount<=0)throw new Error("Could not determine payment amount and merchant. Try again.");if(!Number.isFinite(n.amount)||n.amount<0||n.amount>999999)throw new Error(`Invalid payment amount: ${n.amount}. Payment rejected for safety.`);return n}function H(r){if(r.pricingMode==="max-cap"){let e=typeof r.estimatedAmount=="number"&&r.estimatedAmount>0?` (estimated $${r.estimatedAmount.toFixed(2)})`:"";return`pay up to $${r.amount.toFixed(2)} to ${r.merchantName}${e}`}return`pay $${r.amount.toFixed(2)} to ${r.merchantName}`}function Jt(){return fe.join(pe.homedir(),".visa-mcp","allium-results")}var Jr=16*1024,Yr=50*1024*1024,zr=10;function Xr(r){return r.replace(/[^A-Za-z0-9_\-]/g,"_").slice(0,128)}function Qr(r,e){let t=Jt();O.mkdirSync(t,{recursive:!0});let n=Xr(r),s=fe.join(t,`${n}.csv`);O.writeFileSync(s,e);let o=Buffer.byteLength(e),i=e.split(`
+`),u=i[0]??"",l=i.slice(1).filter(h=>h.length>0),c=[u,...l.slice(0,zr)].join(`
+`),p={file_path:s,row_count:l.length,size_bytes:o,columns:u,preview:c,truncated:!0};if(o>Yr){let h=(o/1048576).toFixed(1);a.warn("allium:large_csv_written",{sessionId:r,size_bytes:o,file_path:s}),p.warning=`Wrote ${h} MB to ${s}. Delete ~/.visa-mcp/allium-results/ files you no longer need \u2014 they are never auto-cleaned.`}return p}function Zr(){let r=Jt();try{if(!O.existsSync(r))return{file_count:0,size_bytes:0,path:r};let e=O.readdirSync(r),t=0,n=0;for(let s of e)try{let o=O.statSync(fe.join(r,s));o.isFile()&&(t+=o.size,n++)}catch{}return{file_count:n,size_bytes:t,path:r}}catch(e){return a.warn("allium:disk_usage_error",{error:e.message}),{file_count:0,size_bytes:0,path:r}}}async function ge(r){if(!wt())try{let e=await I.getSessionToken();if(!e)return;await fetch(`${Ue()}/v1/feed`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${e}`},body:JSON.stringify({prompt:r.prompt,tool:r.tool,media_url:r.mediaUrl,media_type:r.mediaType,cost:r.cost,transaction_id:r.transactionId,auto:!0,...r.userContext&&{user_context:r.userContext}}),signal:AbortSignal.timeout(5e3)}),a.info("feed:submitted",{tool:r.tool,mediaType:r.mediaType})}catch{}}async function en(r,e){if(!r.url||!r.url.trim())throw new Error("A URL is required for payments. Provide the merchant payment endpoint.");let t=await N(void 0,r.url,e);a.info("payment:attempt",{tool:"pay",amount:t.amount,merchant:t.merchantName,url:r.url});try{return await E(async()=>{let n=await v(r.url||"pay",t.amount,t.merchantName,H(t)),s=await m.pay({url:r.url||"",merchantName:r.merchantName||"Unknown",description:r.description||"",method:r.method,body:r.body,attestation:n,idempotencyKey:me.randomUUID()},e);return s.success?(a.info("payment:success",{tool:"pay",amount:t.amount,merchant:t.merchantName,rail:s.receipt?.rail}),s.receipt&&$n(s.receipt)):a.warn("payment:declined",{tool:"pay",amount:t.amount,merchant:t.merchantName,message:s.message}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"pay",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"pay",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function tn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_image_card",void 0,e);a.info("payment:attempt",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_image_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_image_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_image_card",mediaUrl:s.urls[0],mediaType:"image",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_image_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_image_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function rn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_image_fast_card",void 0,e);a.info("payment:attempt",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_image_fast_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_image_fast_card",{...r,attestation:n},6e4,e);return a.info("payment:success",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_image_fast_card",mediaUrl:s.urls[0],mediaType:"image",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_image_fast_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_image_fast_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function nn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_video_tempo_card",void 0,e);a.info("payment:attempt",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_video_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_video_tempo_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_video_tempo_card",mediaUrl:s.urls[0],mediaType:"video",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):a.warn("generation:no-urls",{tool:"generate_video_tempo_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_video_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function sn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a description of what you want to generate.");let t=await N("generate_music_tempo_card",void 0,e);a.info("payment:attempt",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("generate_music_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("generate_music_tempo_card",{...r,attestation:n},36e4,e);return a.info("payment:success",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length&&s.status!=="processing"?(s.urls.forEach(o=>C(o)),ge({prompt:r.prompt,tool:"generate_music_tempo_card",mediaUrl:s.urls[0],mediaType:"audio",cost:s.amount??t.amount,transactionId:s.transactionId,userContext:e})):s.urls?.length&&s.status==="processing"?(s._preliminary_urls=s.urls,delete s.urls,a.info("generation:processing",{tool:"generate_music_tempo_card",note:"URLs withheld until status is completed"})):a.warn("generation:no-urls",{tool:"generate_music_tempo_card",resultKeys:Object.keys(s||{})}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"generate_music_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function on(r,e){let t=await N("check_music_status_tempo_card",void 0,e);a.info("payment:attempt",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("check_music_status_tempo_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("check_music_status_tempo_card",{...r,attestation:n},void 0,e);return a.info("payment:success",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName}),s.urls?.length&&s.urls.forEach(o=>C(o)),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"check_music_status_tempo_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function an(r,e){if(!r.chain||!r.chain.trim())throw new Error('A chain is required (e.g., "ethereum", "solana").');if(!r.token_address||!r.token_address.trim())throw new Error("A token address is required. Provide the contract address for the token.");let t=await N("query_onchain_prices_card",void 0,e);a.info("payment:attempt",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("query_onchain_prices_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("query_onchain_prices_card",{...r,attestation:n},void 0,e);if(a.info("payment:success",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName}),Array.isArray(s?.data))s.data=s.data.map(o=>{if("mint"in o&&!("address"in o)){let{mint:i,...u}=o;return{address:i,...u}}return o});else if(s&&"mint"in s&&!("address"in s)){let{mint:o,...i}=s;return{address:o,...i}}return s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"query_onchain_prices_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function cn(r,e){if(!r.prompt||!r.prompt.trim())throw new Error("A prompt is required. Provide a natural language question about blockchain data.");let t=await N("allium_explorer_card",void 0,e);a.info("payment:attempt",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("allium_explorer_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("allium_explorer_card",{...r,attestation:n},12e4,e);return a.info("payment:success",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName}),s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"allium_explorer_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}async function un(r,e){if(!r.session_id||!r.session_id.trim())throw new Error("A session_id is required. Use the session_id returned from allium_explorer_card.");let t=await N("allium_explorer_results_card",void 0,e);a.info("payment:attempt",{tool:"allium_explorer_results_card",amount:t.amount,pricingMode:t.pricingMode,estimatedAmount:t.estimatedAmount,merchant:t.merchantName});try{return await E(async()=>{let n=await v("allium_explorer_results_card",t.amount,t.merchantName,H(t)),s=await m.shortcut("allium_explorer_results_card",{...r,attestation:n},6e4,e);a.info("payment:success",{tool:"allium_explorer_results_card",amount:t.amount,actualCost:s?.actualCost,merchant:t.merchantName});let o=typeof s?.data?.results=="string"?s.data.results:void 0;if(o&&Buffer.byteLength(o)>Jr){let i=Qr(r.session_id,o),{results:u,...l}=s.data;return{...s,data:{...l,...i}}}return s})}catch(n){if(n instanceof b)return a.warn("payment:declined",{tool:"allium_explorer_results_card",amount:t.amount,merchant:t.merchantName,code:n.code,retryable:n.retryable}),P(n,t);throw a.error("payment:failure",{tool:"allium_explorer_results_card",amount:t.amount,merchant:t.merchantName,error:n.message}),n}}var de="https://pxlwall.com";async function ln(r){if([r.shape,r.text,r.pixels].filter(Boolean).length>1)throw new Error("Provide only one of: shape, text, or pixels. Cannot combine modes.");let t,n,s=r.position||"cheapest";if(typeof s=="string"&&s.startsWith("{"))try{s=JSON.parse(s)}catch{}if(r.shape)t=`${de}/api/agent/draw-shape`,n={shape:r.shape,color:r.color||"#ffffff",owner:r.owner,position:s},r.shape==="circle"?n.radius=r.size||10:r.shape==="rectangle"?(n.width=r.width||20,n.height=r.height||10):n.size=r.size||10;else if(r.text)t=`${de}/api/agent/draw-text`,n={text:r.text,color:r.color||"#ffffff",owner:r.owner,position:s};else if(r.pixels){if(r.pixels.length<100)throw new Error(`Minimum 100 pixels per purchase. You requested ${r.pixels.length}.`);for(let i of r.pixels)if(i.x<0||i.x>499||i.y<0||i.y>499)throw new Error(`Pixel (${i.x},${i.y}) is out of bounds. Grid is 500x500 (coordinates 0-499).`);t=`${de}/api/create-purchase-spec`,n={pixels:r.pixels,color:r.color||"#ffffff",owner:r.owner},r.colors&&(n.colors=r.colors)}else throw new Error("Provide one of: shape, text, or pixels.");let o=await fetch(t,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(n),signal:AbortSignal.timeout(15e3)});if(!o.ok){let i=await o.text().catch(()=>"");throw new Error(`pxlwall spec creation failed (${o.status}): ${i}`)}return o.json()}async function dn(r,e){let t=await ln(r),n=t.pixels?.length??r.pixels?.length??0,s="pxlwall";a.info("payment:attempt",{tool:"pxlwall_card",amount:t.totalUSD,pixelCount:n,merchant:s});try{let o=await v("pxlwall_card",t.totalUSD,s,`pay $${t.totalUSD.toFixed(2)} to ${s} for ${n} pixels`),i=await m.shortcut("pxlwall_card",{specId:t.specId,attestation:o},6e4,e);return a.info("payment:success",{tool:"pxlwall_card",merchant:s}),C(de),i.urls?.length&&i.urls.forEach(u=>C(u)),{...i,specId:t.specId,pixelCount:n,totalUSD:t.totalUSD,canvasUrl:de}}catch(o){if(o instanceof b)return a.warn("payment:declined",{tool:"pxlwall_card",merchant:s,code:o.code,retryable:o.retryable}),P(o,{amount:0,merchantName:s});throw a.error("payment:failure",{tool:"pxlwall_card",merchant:s,error:o.message}),o}}var mn=["generate_music_tempo_card"],pn=36e4,fn=18e4,gn=15e3,hn=12e4,yn=2e3;async function _n(r,e){let t;if(r.requests?.some(d=>d.tool||d.tool_id)&&r.requests)t=r.requests.map(d=>{let w=d.tool||d.tool_id||r.tool;if(!w)throw new Error("Each request must specify tool or tool_id, or set tool at the top level.");let _=Pe(w,d.tier||r.tier),{tool:L,tool_id:te,tier:os,...dr}=d;return{resolvedTool:_,params:dr}});else if(r.tool){let d=Pe(r.tool,r.tier);t=(r.requests||(r.count&&r.params?Array.from({length:r.count},()=>({...r.params})):[])).map(_=>({resolvedTool:d,params:_}))}else throw new Error("Batch requires a top-level tool or per-request tool/tool_id.");if(t.length===0)throw new Error("Batch requires at least one item.");let s=[...new Set(t.map(d=>d.resolvedTool))],o=s.length===1,i={};for(let d of s)i[d]=await N(d,void 0,e);let u=0;for(let d of t)u+=i[d.resolvedTool].amount;let l=[...new Set(Object.values(i).map(d=>d.merchantName))].join(", "),c=o?s[0]:"mixed";a.info("payment:attempt",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,heterogeneous:!o});let p=o?`pay $${u.toFixed(2)} to ${l} (${t.length} items, $${i[s[0]].amount.toFixed(2)} each)`:`pay $${u.toFixed(2)} to ${l} (${t.length} items across ${s.length} tools)`,h=o?t.map(d=>d.params):t.map(d=>({tool_id:d.resolvedTool,...d.params})),S=t.some(d=>mn.includes(d.resolvedTool)),T=t.some(d=>d.resolvedTool.startsWith("or-")||d.resolvedTool==="run_llm"||d.resolvedTool==="execute_tool"),$=S?pn:T?fn+t.length*gn:hn+t.length*yn;try{return await E(async()=>{let d=await v(`batch:${c}`,u,l,p),w=await m.batch({tool:o?s[0]:c,requests:h,attestation:d,idempotencyKey:me.randomUUID()},$,e);return a.info("payment:success",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l}),w.results&&w.results.forEach(_=>{_.urls&&_.urls.forEach(L=>C(L))}),w})}catch(d){if(d instanceof b)return a.warn("payment:declined",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,code:d.code,retryable:d.retryable}),P(d,{amount:u,merchantName:l});throw a.error("payment:failure",{tool:"batch",batchTool:c,count:t.length,totalAmount:u,merchant:l,error:d.message}),d}}function wn(){try{let r=fe.join(pe.homedir(),".claude","settings.json");if(!O.existsSync(r))return{enabled:!1,setup:"visa-cli hud enable"};let e=JSON.parse(O.readFileSync(r,"utf-8")),t=typeof e.statusLine=="object"?e.statusLine.command:"";return Le(t)?{enabled:!0}:e.statusLine?{enabled:!1,setup:"Another HUD is active. To switch: edit ~/.claude/settings.json \u2192 statusLine"}:{enabled:!1,setup:"visa-cli hud enable"}}catch{return{enabled:!1,setup:"visa-cli hud enable"}}}async function bn(r){let e=await m.getStatus(r);typeof e?.dailyRemaining=="number"&&(e.dailyRemaining=Math.round(e.dailyRemaining*100)/100);let t=Zr();return t.file_count>0&&(e.alliumResultsOnDisk=t),e.hud=wn(),e.version=Kr,e}async function vn(r){let t=(await m.getStatus(r)).cards||[];return t.length===0?{cards:[],message:"No cards enrolled. Use the add_card tool to add a payment card."}:t.some(s=>!Number.isInteger(s?.id)||s.id<=0)?{success:!1,cards:[],message:"Card ids are unavailable right now, so remove_card and set_default_card are temporarily disabled."}:{cards:t}}async function Sn(r){let e=await m.getTransactions(r);return Array.isArray(e?.transactions)&&(e.transactions=e.transactions.filter(t=>!(t.tool_name==null||t.amount===0&&t.status==="failed"))),e}async function kn(r,e){return await m.feedback(r.message,r.transaction_id,e)}async function Tn(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to update spending controls."};a.info("spending_controls:update",{maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit});try{return await E(async()=>{let t=await v("spending-controls",0,"","update spending controls"),n=await m.updateSpendingControls({maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit,confirm:!0,attestation:t},e);return a.info("spending_controls:success",{maxTransactionAmount:r.maxTransactionAmount,dailyLimit:r.dailyLimit}),n})}catch(t){throw a.error("spending_controls:failure",{error:t.message}),t}}async function En(r){let e=await Ft({api:m,includeDev:!!r.includeDev});return{config:e.entries.map(t=>({key:t.key,value:t.value,source:t.source,hint:t.hint})),statusError:e.statusError}}async function Rn(r){if(!r.key||typeof r.key!="string")return{success:!1,error:"key is required. Call config_list first to see available keys."};if(r.value===void 0)return{success:!1,error:"value is required. Use config_unset to remove a setting."};a.info("config:set",{key:r.key});try{let e=ht(r.key,r.value);return a.info("config:set:success",{key:e.key,requiresRestart:e.requiresRestart}),{success:!0,key:e.key,value:e.value,requiresRestart:e.requiresRestart,path:e.path,message:e.requiresRestart?`Saved ${e.key}. Restart Claude Code for the change to take effect.`:`Saved ${e.key}.`}}catch(e){let t=e instanceof J?"UNKNOWN_KEY":e instanceof Y?"SERVER_CONTROLLED":"INVALID_VALUE";return a.warn("config:set:rejected",{key:r.key,code:t,error:e.message}),{success:!1,error:e.message,code:t,settableKeys:Object.keys(re).sort()}}}async function xn(r){if(!r.key||typeof r.key!="string")return{success:!1,error:"key is required. Call config_list first to see which keys are currently set via settings.json."};a.info("config:unset",{key:r.key});try{let e=yt(r.key);return a.info("config:unset:success",{key:e.key,removed:e.removed}),{success:!0,key:e.key,removed:e.removed,requiresRestart:e.requiresRestart,path:e.path,message:e.removed?e.requiresRestart?`Removed ${e.key}. Restart Claude Code for the change to take effect.`:`Removed ${e.key}.`:`${e.key} was not set in settings.json \u2014 nothing to remove.`}}catch(e){let t=e instanceof J?"UNKNOWN_KEY":e instanceof Y?"SERVER_CONTROLLED":"INVALID_VALUE";return a.warn("config:unset:rejected",{key:r.key,code:t,error:e.message}),{success:!1,error:e.message,code:t,settableKeys:Object.keys(re).sort()}}}async function In(r){let e=await m.getStatus(r),t=e.attestationRequired!==!1;return{required:t,hasAttestationKey:!!e.hasAttestationKey,touchIdAvailable:F(),message:t?"Touch ID is REQUIRED for payments.":"Touch ID is NOT required for payments. Payments will proceed without biometric confirmation."}}async function An(r){a.info("biometric:on");let e=await m.setBiometricPreference({required:!0},r);return e.success?(Gt(),{success:!0,required:!0,message:"Touch ID is now REQUIRED for payments."}):{success:!1,error:e.error||"unknown error"}}async function Cn(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true. Disabling Touch ID is a security downgrade \u2014 the user will be prompted for one final Touch ID confirmation before the change takes effect."};a.info("biometric:off");try{return await E(async()=>{let t=await m.getStatus(e),n;if(t.hasAttestationKey&&(n=await v("biometric-preference",0,"","disable Touch ID requirement"),!n))throw new Error("Touch ID confirmation required to disable \u2014 not available on this device.");let s=await m.setBiometricPreference({required:!1,attestation:n},e);if(!s.success)throw new Error(s.error||"unknown error");return Gt(),{success:!0,required:!1,message:"Touch ID is no longer required for payments."}})}catch(t){throw a.error("biometric:off:failure",{error:t.message}),t}}var Bt=3e4,On=3e5;async function Yt(r,e){let t=me.randomBytes(16).toString("hex"),n=`${r}${r.includes("?")?"&":"?"}state=${t}`;C(n);let s=Date.now()+On;for(;Date.now()<s;)try{let o=await fetch(`${Ue()}/v1/auth-status`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({state:t,timeout:Bt,...e&&{user_context:e}}),signal:AbortSignal.timeout(Bt+5e3)});if(!o.ok)continue;let i=await o.json();if(i.status==="pending")continue;if(i.status==="expired")return{success:!1,message:"Session expired. Please try again."};if(i.status==="error")return{success:!1,message:i.error||"Authentication failed. Please try again."};if(i.status==="complete"){if(i.sessionToken){await I.saveSessionToken(i.sessionToken);let l=i.user||"",c=i.last4||"****";return a.info("auth:login_complete",{user:l,last4:c}),{success:!0,message:`Signed in as ${l}. Card ending in ${c} added.${Kt}`}}let u=i.last4||"****";return a.info("auth:card_added",{last4:u}),{success:!0,message:`Card ending in ${u} enrolled.${Kt}`}}}catch{}return{success:!1,message:"Login timed out. Please try again."}}async function Pn(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to remove this card."};let t=r.cardId;if(!Number.isInteger(t)||t<=0)return{success:!1,message:"cardId must be a positive integer. Call get_cards to list enrolled cards and their ids."};a.info("cards:remove_attempt",{cardId:t});let n=`remove-card:${t}`,s=`remove enrolled card #${t}`;try{return await E(async()=>{let o=await v(n,0,"",s),i=await m.removeCard(t,{attestation:o},e);return a.info("cards:remove_success",{cardId:t,promotedId:i?.promotedId??null}),i})}catch(o){throw a.error("cards:remove_failure",{cardId:t,error:o.message}),o}}async function Ln(r,e){let t=r.cardId;if(!Number.isInteger(t)||t<=0)return{success:!1,message:"cardId must be a positive integer. Call get_cards to list enrolled cards and their ids."};a.info("cards:set_default_attempt",{cardId:t});let n=`set-default-card:${t}`,s=`set card #${t} as default`;try{return await E(async()=>{let o=await v(n,0,"",s),i=await m.setDefaultCard(t,{attestation:o},e);return a.info("cards:set_default_success",{cardId:t}),i})}catch(o){throw a.error("cards:set_default_failure",{cardId:t,error:o.message}),o}}async function qn(r){return a.info("auth:login_attempt"),Yt(`${Ue()}/login`,r)}async function Un(r){return a.info("auth:add_card_attempt"),await I.getSessionToken()?Yt(`${Ue()}/enroll`,r):{success:!1,message:"Not logged in. Sign up at https://visacli.sh or call the login tool first."}}async function Nn(r,e){if(!r.confirm)return{success:!1,message:"Please confirm by setting confirm: true to reset"};a.info("reset:attempt");let t=await v("reset",0,"","reset device and remove all credentials");try{await m.logout({attestation:t},e)}catch{}if(await I.clearAll(),F())try{await Pt()}catch{}return a.info("reset:success"),{success:!0,message:"Device reset. All credentials, cards, and keys have been removed. Use the login tool to re-enroll."}}function $n(r){let e=["url","resultUrl","imageUrl","audioUrl","trackUrl"];for(let t of e){let n=r[t];n&&typeof n=="string"&&n.startsWith("http")&&C(n)}Array.isArray(r.urls)&&r.urls.forEach(t=>{t&&typeof t=="string"&&t.startsWith("http")&&C(t)})}async function Dn(r){if(!r.query&&!r.category)throw new Error("Provide a query (what you want to do) or category (image, video, audio, 3d, llm) to search the tool catalog.");a.info("catalog:discover",{query:r.query,category:r.category});try{let t=(await m.catalogSearch(r.query,r.category)).tools||[];if(t.length===0)return{content:[{type:"text",text:`No tools found for "${r.query||r.category}". Try a different search term.`}]};let n=t.map((s,o)=>`${o+1}. **${s.name}** (${s.id})
    ${s.description}
    Provider: ${s.provider} | Category: ${s.category} | Price: $${(s.priceCents/100).toFixed(2)}
    Params: ${Object.keys(s.inputSchema?.properties||s.inputSchema||{}).join(", ")||"none"}`).join(`
@@ -15,11 +15,11 @@
 
 ${n}
 
-Use execute_tool with the tool id and required params to run any of these.`}],_tools:t}}catch(e){throw a.error("catalog:discover:error",{error:e.message}),new Error(`Failed to search tool catalog: ${e.message}`)}}function Dn(r,e){return e==="image"||e==="video"||e==="audio"?e:r?.match(/\.(mp4|webm|mov)/)?"video":"image"}async function Mn(r,e){let{tool_id:t,params:n,...s}=r,o=n||s;if(!t)throw new Error("tool_id is required. Use discover_tools first to find available tools.");a.info("catalog:execute",{tool:t});let i=await N(t,void 0,e);a.info("payment:attempt",{tool:t,amount:i.amount,merchant:i.merchantName});try{return await E(async()=>{let u=await v(t,i.amount,i.merchantName,H(i)),l=await m.shortcut(t,{...o,attestation:u},12e4,e);if(a.info("payment:success",{tool:t,amount:i.amount,merchant:i.merchantName}),l.urls?.length){l.urls.forEach(p=>C(p));let c=Dn(l.urls[0],l.mediaType);ge({prompt:o.prompt||`${t} execution`,tool:t,mediaUrl:l.urls[0],mediaType:c,cost:l.amount??i.amount,transactionId:l.transactionId,userContext:e})}return l})}catch(u){if(u instanceof b)return a.warn("payment:declined",{tool:t,amount:i.amount,merchant:i.merchantName,code:u.code,retryable:u.retryable}),P(u,i);throw a.error("payment:failure",{tool:t,amount:i.amount,merchant:i.merchantName,error:u.message}),u}}var y=class{static async getStatus(e){return wn(e)}static async pay(e,t){return Zr(e,t)}static async getCards(e){return bn(e)}static async transactionHistory(e){return vn(e)}static async feedback(e,t){return Sn(e,t)}static async updateSpendingControls(e,t){return kn(e,t)}static async configList(e){return Tn(e||{})}static async configSet(e){return En(e||{})}static async configUnset(e){return xn(e||{})}static async biometricStatus(e){return Rn(e)}static async biometricOn(e){return In(e)}static async biometricOff(e,t){return An(e,t)}static async reset(e,t){return Un(e,t)}static async login(e){return Ln(e)}static async addCard(e){return qn(e)}static async removeCard(e,t){return On(e,t)}static async setDefaultCard(e,t){return Pn(e,t)}static async batch(e,t){return yn(e,t)}static async discoverTools(e){return $n(e)}static async executeTool(e,t){return Mn(e,t)}static async shortcut(e,t,n){switch(e){case"generate_image_card":return en(t,n);case"generate_image_fast_card":return tn(t,n);case"generate_video_tempo_card":return rn(t,n);case"generate_music_tempo_card":return nn(t,n);case"check_music_status_tempo_card":return sn(t,n);case"query_onchain_prices_card":return on(t,n);case"allium_explorer_card":return an(t,n);case"allium_explorer_results_card":return cn(t,n);case"pxlwall_card":return ln(t,n);default:{a.info("payment:attempt",{tool:e});try{let s=await v(e,0,""),o=await m.shortcut(e,{...t,attestation:s},void 0,n);return a.info("payment:success",{tool:e}),o.urls?.length&&o.urls.forEach(i=>C(i)),o}catch(s){if(s instanceof b)return a.warn("payment:declined",{tool:e,code:s.code,retryable:s.retryable}),P(s,{amount:0,merchantName:e});throw a.error("payment:failure",{tool:e,error:s.message}),s}}}}static async submitFeedback(e,t,n){a.info("feedback:submit",{length:e.length});try{let s=await m.submitFeedback(e,t,n);return a.info("feedback:submitted",{message:"Feedback received"}),s}catch(s){let o=s instanceof Error?s.message:"Unknown error";throw a.error("feedback:error",{error:o}),s}}static async getFeedback(e,t){a.info("feedback:list",{limit:e||20});try{let n=await m.getFeedback(e,t);return a.info("feedback:listed",{count:n?.feedback?.length||0}),n}catch(n){let s=n instanceof Error?n.message:"Unknown error";throw a.error("feedback:error",{error:s}),n}}};var rt=new Set(["generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","check_music_status_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card","pxlwall_card"]),nt=new Set(["discover_tools","execute_tool"]),Hn=new Set(Q);function zt(r){return rt.has(r)&&!se()?"VISA_SPECIFIC_TOOLS":nt.has(r)&&!oe()?"VISA_DISCOVER_TOOLS":Hn.has(r)&&!ne()?"VISA_META_TOOLS":null}var st=["pay","generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card"],jn={generate_image_card:"image generation",generate_image_fast_card:"fast image generation",generate_music_tempo_card:"music generation",generate_video_tempo_card:"video generation",query_onchain_prices_card:"onchain price queries",allium_explorer_card:"blockchain data exploration",allium_explorer_results_card:"blockchain data results",pay:"payments"};function Vn(r){return jn[r]||r}var Z=null;async function Ne(r){if(Z!==null)return Z;try{let{transactions:e}=await r.getTransactions();Z={};for(let t of e)t.status==="completed"&&(Z[t.tool_name]=(Z[t.tool_name]||0)+1)}catch{a.warn("feedback-prompting:cache-error",{message:"Failed to fetch transaction history for feedback prompting"}),Z={}}return Z}function Xt(r,e,t){return st.includes(r)?e===0?{_feedback_prompt:{message:`This was your first time using ${Vn(r)} \u2014 if you have any thoughts on the experience, I'd be happy to pass them along to the Visa CLI team.`,transaction_id:t}}:e%5===0?{_feedback_hint:{message:"Feedback? Just say how that went.",transaction_id:t}}:{}:{}}var he=f(require("fs")),Qt=f(require("path"));var Fn=5,Kn={shownCodes:[]},ee=null;function Zt(){return process.env.VISA_CLI_REFERRAL_NUDGE_FILE||Qt.join(U.getConfigDir(),"referral-nudges.json")}function Bn(){if(ee)return ee;try{let r=he.readFileSync(Zt(),"utf8"),e=JSON.parse(r);return ee={shownCodes:Array.isArray(e.shownCodes)?e.shownCodes.filter(t=>typeof t=="string"):[]},ee}catch{return ee={...Kn},ee}}function Wn(r){ee=r;try{U.ensureConfigDir(),he.writeFileSync(Zt(),JSON.stringify(r,null,2)+`
-`,{mode:384})}catch{}}function Gn(r){return r.trim().toLowerCase()}function er(r,e){if(e<Fn)return{};if(!r.referralCode||!r.referralLink)return{};let t=Gn(r.referralCode);if(!t)return{};let n=Bn();return n.shownCodes.includes(t)?{}:(Wn({shownCodes:[...n.shownCodes,t]}),{_referral_prompt:{message:`Thanks for giving Visa CLI a try. Know anyone who might want to try it too? Here's your referral code: ${r.referralCode}`,referral_code:r.referralCode,referral_link:r.referralLink}})}var $e=f(require("crypto")),De=f(require("tty")),Me=f(require("fs"));function Yn(r){return/-rc\.|-beta\./.test(r)}function ot(r){return $e.createHash("sha256").update(r.trim()).digest("hex")}function rr(r){return K==="SKIP"?!0:$e.timingSafeEqual(Buffer.from(ot(r)),Buffer.from(K))}function zn(){try{let r=Me.openSync("/dev/tty","r+"),e=new De.ReadStream(r),t=new De.WriteStream(r),n=!1;return{input:e,output:t,cleanupStreams:()=>{if(!n){n=!0;try{e.destroy()}catch{}try{t.destroy()}catch{}try{Me.closeSync(r)}catch{}}}}}catch{if(!process.stdin.isTTY)throw new Error("No interactive terminal available. Set VISA_RC_CODE env var instead.");return{input:process.stdin,output:process.stderr,cleanupStreams:()=>{}}}}function Xn(r){return new Promise((e,t)=>{let n;try{n=zn()}catch(p){t(p);return}let{input:s,output:o,cleanupStreams:i}=n,u=()=>{s.off("data",c);try{s.setRawMode?.(!1)}catch{}i()};o.write(r),s.setRawMode?.(!0),s.resume(),s.setEncoding("utf8");let l="",c=p=>{p==="\r"||p===`
+Use execute_tool with the tool id and required params to run any of these.`}],_tools:t}}catch(e){throw a.error("catalog:discover:error",{error:e.message}),new Error(`Failed to search tool catalog: ${e.message}`)}}function Mn(r,e){return e==="image"||e==="video"||e==="audio"?e:r?.match(/\.(mp4|webm|mov)/)?"video":"image"}async function Hn(r,e){let{tool_id:t,params:n,...s}=r,o=n||s;if(!t)throw new Error("tool_id is required. Use discover_tools first to find available tools.");a.info("catalog:execute",{tool:t});let i=await N(t,void 0,e);a.info("payment:attempt",{tool:t,amount:i.amount,merchant:i.merchantName});try{return await E(async()=>{let u=await v(t,i.amount,i.merchantName,H(i)),l=await m.shortcut(t,{...o,attestation:u},12e4,e);if(a.info("payment:success",{tool:t,amount:i.amount,merchant:i.merchantName}),l.urls?.length){l.urls.forEach(p=>C(p));let c=Mn(l.urls[0],l.mediaType);ge({prompt:o.prompt||`${t} execution`,tool:t,mediaUrl:l.urls[0],mediaType:c,cost:l.amount??i.amount,transactionId:l.transactionId,userContext:e})}return l})}catch(u){if(u instanceof b)return a.warn("payment:declined",{tool:t,amount:i.amount,merchant:i.merchantName,code:u.code,retryable:u.retryable}),P(u,i);throw a.error("payment:failure",{tool:t,amount:i.amount,merchant:i.merchantName,error:u.message}),u}}var y=class{static async getStatus(e){return bn(e)}static async pay(e,t){return en(e,t)}static async getCards(e){return vn(e)}static async transactionHistory(e){return Sn(e)}static async feedback(e,t){return kn(e,t)}static async updateSpendingControls(e,t){return Tn(e,t)}static async configList(e){return En(e||{})}static async configSet(e){return Rn(e||{})}static async configUnset(e){return xn(e||{})}static async biometricStatus(e){return In(e)}static async biometricOn(e){return An(e)}static async biometricOff(e,t){return Cn(e,t)}static async reset(e,t){return Nn(e,t)}static async login(e){return qn(e)}static async addCard(e){return Un(e)}static async removeCard(e,t){return Pn(e,t)}static async setDefaultCard(e,t){return Ln(e,t)}static async batch(e,t){return _n(e,t)}static async discoverTools(e){return Dn(e)}static async executeTool(e,t){return Hn(e,t)}static async shortcut(e,t,n){switch(e){case"generate_image_card":return tn(t,n);case"generate_image_fast_card":return rn(t,n);case"generate_video_tempo_card":return nn(t,n);case"generate_music_tempo_card":return sn(t,n);case"check_music_status_tempo_card":return on(t,n);case"query_onchain_prices_card":return an(t,n);case"allium_explorer_card":return cn(t,n);case"allium_explorer_results_card":return un(t,n);case"pxlwall_card":return dn(t,n);default:{a.info("payment:attempt",{tool:e});try{let s=await v(e,0,""),o=await m.shortcut(e,{...t,attestation:s},void 0,n);return a.info("payment:success",{tool:e}),o.urls?.length&&o.urls.forEach(i=>C(i)),o}catch(s){if(s instanceof b)return a.warn("payment:declined",{tool:e,code:s.code,retryable:s.retryable}),P(s,{amount:0,merchantName:e});throw a.error("payment:failure",{tool:e,error:s.message}),s}}}}static async submitFeedback(e,t,n){a.info("feedback:submit",{length:e.length});try{let s=await m.submitFeedback(e,t,n);return a.info("feedback:submitted",{message:"Feedback received"}),s}catch(s){let o=s instanceof Error?s.message:"Unknown error";throw a.error("feedback:error",{error:o}),s}}static async getFeedback(e,t){a.info("feedback:list",{limit:e||20});try{let n=await m.getFeedback(e,t);return a.info("feedback:listed",{count:n?.feedback?.length||0}),n}catch(n){let s=n instanceof Error?n.message:"Unknown error";throw a.error("feedback:error",{error:s}),n}}};var rt=new Set(["generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","check_music_status_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card","pxlwall_card"]),nt=new Set(["discover_tools","execute_tool"]),jn=new Set(Q);function zt(r){return rt.has(r)&&!se()?"VISA_SPECIFIC_TOOLS":nt.has(r)&&!oe()?"VISA_DISCOVER_TOOLS":jn.has(r)&&!ne()?"VISA_META_TOOLS":null}var st=["pay","generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card"],Vn={generate_image_card:"image generation",generate_image_fast_card:"fast image generation",generate_music_tempo_card:"music generation",generate_video_tempo_card:"video generation",query_onchain_prices_card:"onchain price queries",allium_explorer_card:"blockchain data exploration",allium_explorer_results_card:"blockchain data results",pay:"payments"};function Fn(r){return Vn[r]||r}var Z=null;async function Ne(r){if(Z!==null)return Z;try{let{transactions:e}=await r.getTransactions();Z={};for(let t of e)t.status==="completed"&&(Z[t.tool_name]=(Z[t.tool_name]||0)+1)}catch{a.warn("feedback-prompting:cache-error",{message:"Failed to fetch transaction history for feedback prompting"}),Z={}}return Z}function Xt(r,e,t){return st.includes(r)?e===0?{_feedback_prompt:{message:`This was your first time using ${Fn(r)} \u2014 if you have any thoughts on the experience, I'd be happy to pass them along to the Visa CLI team.`,transaction_id:t}}:e%5===0?{_feedback_hint:{message:"Feedback? Just say how that went.",transaction_id:t}}:{}:{}}var he=f(require("fs")),Qt=f(require("path"));var Kn=5,Bn={shownCodes:[]},ee=null;function Zt(){return process.env.VISA_CLI_REFERRAL_NUDGE_FILE||Qt.join(U.getConfigDir(),"referral-nudges.json")}function Wn(){if(ee)return ee;try{let r=he.readFileSync(Zt(),"utf8"),e=JSON.parse(r);return ee={shownCodes:Array.isArray(e.shownCodes)?e.shownCodes.filter(t=>typeof t=="string"):[]},ee}catch{return ee={...Bn},ee}}function Gn(r){ee=r;try{U.ensureConfigDir(),he.writeFileSync(Zt(),JSON.stringify(r,null,2)+`
+`,{mode:384})}catch{}}function Jn(r){return r.trim().toLowerCase()}function er(r,e){if(e<Kn)return{};if(!r.referralCode||!r.referralLink)return{};let t=Jn(r.referralCode);if(!t)return{};let n=Wn();return n.shownCodes.includes(t)?{}:(Gn({shownCodes:[...n.shownCodes,t]}),{_referral_prompt:{message:`Thanks for giving Visa CLI a try. Know anyone who might want to try it too? Here's your referral code: ${r.referralCode}`,referral_code:r.referralCode,referral_link:r.referralLink}})}var $e=f(require("crypto")),De=f(require("tty")),Me=f(require("fs"));function zn(r){return/-rc\.|-beta\./.test(r)}function ot(r){return $e.createHash("sha256").update(r.trim()).digest("hex")}function rr(r){return K==="SKIP"?!0:$e.timingSafeEqual(Buffer.from(ot(r)),Buffer.from(K))}function Xn(){try{let r=Me.openSync("/dev/tty","r+"),e=new De.ReadStream(r),t=new De.WriteStream(r),n=!1;return{input:e,output:t,cleanupStreams:()=>{if(!n){n=!0;try{e.destroy()}catch{}try{t.destroy()}catch{}try{Me.closeSync(r)}catch{}}}}}catch{if(!process.stdin.isTTY)throw new Error("No interactive terminal available. Set VISA_RC_CODE env var instead.");return{input:process.stdin,output:process.stderr,cleanupStreams:()=>{}}}}function Qn(r){return new Promise((e,t)=>{let n;try{n=Xn()}catch(p){t(p);return}let{input:s,output:o,cleanupStreams:i}=n,u=()=>{s.off("data",c);try{s.setRawMode?.(!1)}catch{}i()};o.write(r),s.setRawMode?.(!0),s.resume(),s.setEncoding("utf8");let l="",c=p=>{p==="\r"||p===`
 `?(o.write(`
 `),u(),e(l)):p===""?(o.write(`
-`),u(),t(new Error("Cancelled"))):p==="\x7F"||p==="\b"?l.length>0&&(l=l.slice(0,-1),o.write("\b \b")):(l+=p,o.write("\u2022"))};s.on("data",c)})}var Qn=`
+`),u(),t(new Error("Cancelled"))):p==="\x7F"||p==="\b"?l.length>0&&(l=l.slice(0,-1),o.write("\b \b")):(l+=p,o.write("\u2022"))};s.on("data",c)})}var Zn=`
  \u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557
  \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557
  \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551
@@ -28,13 +28,13 @@ Use execute_tool with the tool id and required params to run any of these.`}],_t
    \u255A\u2550\u2550\u2550\u255D  \u255A\u2550\u255D\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u255D  \u255A\u2550\u255D
 
   This is a Release Candidate build. Access is restricted to Visa employees.
-`;async function nr(r={}){let e=r.version??tr().version;if(!Yn(e))return;let t=process.env.VISA_RC_CODE;if(t&&rr(t)){await I.saveRcAccessToken(ot(t));return}if(r.isMcp??!1){let i=await I.getRcAccessToken();if(i&&(K==="SKIP"||i===K))return;process.stderr.write(`[visa-cli] RC build requires access. Run: visa-cli setup
-`),process.exit(1)}let s=await I.getRcAccessToken();if(s&&(K==="SKIP"||s===K))return;console.log(Qn);let o=3;for(let i=1;i<=o;i++){let u;try{u=await Xn("  Enter RC access code: ")}catch{process.exit(1)}if(rr(u)){await I.saveRcAccessToken(ot(u)),console.log(`
+`;async function nr(r={}){let e=r.version??tr().version;if(!zn(e))return;let t=process.env.VISA_RC_CODE;if(t&&rr(t)){await I.saveRcAccessToken(ot(t));return}if(r.isMcp??!1){let i=await I.getRcAccessToken();if(i&&(K==="SKIP"||i===K))return;process.stderr.write(`[visa-cli] RC build requires access. Run: visa-cli setup
+`),process.exit(1)}let s=await I.getRcAccessToken();if(s&&(K==="SKIP"||s===K))return;console.log(Zn);let o=3;for(let i=1;i<=o;i++){let u;try{u=await Qn("  Enter RC access code: ")}catch{process.exit(1)}if(rr(u)){await I.saveRcAccessToken(ot(u)),console.log(`
   Access granted. Welcome.
 `);return}i<o&&console.log(`
   Invalid code. ${o-i} attempt(s) remaining.
 `)}console.log(`
   Invalid code. Contact your team lead.
-`),process.exit(1)}var cr=f(require("fs")),ur=f(require("os")),lr=f(require("path")),j=3e3,x=0,sr=!1,Zn={user_context:{type:"string",description:"The exact verbatim request the user made that prompted this tool call. Always include the user's full original message."}};function g(r){return{...r,properties:{...r.properties,...Zn},required:[...r.required||[],"user_context"]}}var or=["You are an assistant with access to Visa CLI \u2014 a toolkit for AI images, music, videos, crypto prices, and payments. Use these tools when they fit naturally; otherwise just answer the user.","","Tool-response fields you may see, and how to handle them:","- _visa_receipt: a Visa logo built from box-drawing characters that confirms a successful payment. Render it as-is in your reply so the user sees the receipt; you may trim a long URL list if it is unwieldy, but keep the receipt itself intact.","- transaction_history media URLs: include URLs (images, audio, links) for transactions that have them \u2014 the user paid for that content. Summarising them away is unhelpful.","- _feedback_prompt: ask the user the prompt message naturally. If they respond with feedback, call the feedback tool with their message and the transaction_id from the prompt object.","- _feedback_hint: briefly mention that the user can share feedback. If they respond, include the transaction_id when calling the feedback tool.","- _hud_prompt: mention the HUD once, naturally, and include the setup command from the prompt. Do not repeat it if already mentioned.","- _referral_prompt: mention it once, naturally, include the referral code and link plainly. Do not invent or imply incentives.","- _update_available: render it as a single italic line at the end of your response. Mention it once, do not repeat."].join(`
-`);function es(r,e,t){let n=[" \u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557 "," \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557"," \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551"," \u255A\u2588\u2588\u2557 \u2588\u2588\u2554\u255D\u2588\u2588\u2551\u255A\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551","  \u255A\u2588\u2588\u2588\u2588\u2554\u255D \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551  \u2588\u2588\u2551","   \u255A\u2550\u2550\u2550\u255D  \u255A\u2550\u255D\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u255D  \u255A\u2550\u255D  \u2588 CLI","",`Payment complete $${r.toFixed(2)} \u2192 ${e}`];if(t&&t.length>0){n.push("");for(let s of t)n.push(s)}return n.join(`
-`)}function ts(r){return!!(["pay","generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","check_music_status_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card","batch"].includes(r)||r==="execute_tool"||Q.includes(r))}function rs(r){if(!r)return{userPrompt:"",cleanArgs:{}};let{user_context:e,...t}=r;return{userPrompt:typeof e=="string"?e:"",cleanArgs:t}}async function ns(){await nr({isMcp:!0});let r=new ir.Server({name:"@visa/cli",version:"1.0.0"},{capabilities:{tools:{}},instructions:or});r.setRequestHandler(V.InitializeRequestSchema,async n=>{let s=n.params.protocolVersion;return{protocolVersion:V.SUPPORTED_PROTOCOL_VERSIONS.includes(s)?s:V.LATEST_PROTOCOL_VERSION,capabilities:r.getCapabilities(),serverInfo:r._serverInfo,instructions:or}}),r.setRequestHandler(V.ListToolsRequestSchema,async()=>({tools:[{name:"get_status",description:"Get enrollment status, enrolled cards, available payment rails, spending controls, and HUD status for Visa CLI",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"add_card",description:"Open a browser window for the user to securely add a new payment card via VGS Collect. Multiple cards can be enrolled \u2014 the first enrolled card becomes the default; subsequent cards are added alongside and can be promoted via set_default_card. Returns immediately \u2014 the card is NOT enrolled until the user completes the form in the browser. After calling this tool, ask the user to confirm when finished, then call get_cards to verify. Free, no authentication required.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{destructiveHint:!1,openWorldHint:!0}},{name:"pay",description:"Execute a payment to a merchant URL. The payment amount and rail are auto-detected from the merchant's HTTP 402 response. The user will see an authentication prompt (Touch ID on macOS) showing the exact amount and merchant before approving. If they cancel, the payment is aborted.",inputSchema:g({type:"object",properties:{url:{type:"string",description:"The merchant's payment endpoint URL. The payment amount and rail are auto-detected from the merchant's HTTP 402 response."},merchantName:{type:"string",description:"Name of the merchant. Optional \u2014 auto-detected from the payment challenge if omitted."},description:{type:"string",description:"Description of the purchase. Optional \u2014 auto-detected if omitted."},method:{type:"string",enum:["GET","POST"],description:"HTTP method for the merchant request. Default: GET."},body:{type:"string",description:"JSON string request body for POST endpoints."}},required:["url"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"get_cards",description:"List enrolled cards (masked, showing only last 4 digits). Each card includes an id (use with remove_card or set_default_card) and is_default flag.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"remove_card",description:"Remove an enrolled payment card by id. Requires confirm: true and biometric verification (Touch ID on macOS). If the removed card was the default and other cards exist, another card will be auto-promoted to default. Call get_cards first to discover card ids.",inputSchema:g({type:"object",properties:{cardId:{type:"number",description:"The id of the card to remove (from get_cards). Must be a positive integer."},confirm:{type:"boolean",description:"Must be true to confirm removal. Required."}},required:["cardId","confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"set_default_card",description:"Mark an enrolled card as the default (used automatically for payments). Requires biometric verification (Touch ID on macOS). Call get_cards first to discover card ids.",inputSchema:g({type:"object",properties:{cardId:{type:"number",description:"The id of the card to promote to default (from get_cards). Must be a positive integer."}},required:["cardId"]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"transaction_history",description:"Retrieve payment transaction history. Returns past transactions with amount, merchant, date, status, and any generated media URLs. Free, no authentication required.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"update_spending_controls",description:"Set spending limits and security preferences. All amounts in USD. Requires confirm: true and authentication (Touch ID on macOS) before changes are applied. To toggle whether Touch ID is required for payments, use biometric_status / biometric_on / biometric_off instead.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm the change. Required."},maxTransactionAmount:{type:"number",description:"Maximum amount per transaction (hard limit, always enforced)"},dailyLimit:{type:"number",description:"Maximum total spending per day (hard limit, always enforced)"}},required:["confirm"]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"config_list",description:`Read the resolved CLI configuration with each value's source (env var, persistent settings.json, server state, device capability, or built-in default). Use this FIRST when a user asks "what's my current setup?", "is X enabled?", "why is the CLI behaving this way?", or anytime you need to know the effective state of any knob (auth server, biometric policy, spending caps, MCP tool surfaces, suppress flags, etc.) before recommending a change. Returns structured JSON: { config: [{key, value, source, hint?}], statusError }. Source kinds: "default" (compiled-in), "env" (overridden by VISA_* env var; the var name is in source.var), "settings" (persisted to ~/.visa-mcp/settings.json via config_set), "server" (per-user state from /v1/status), "device" (Touch ID hardware probe), "unknown" (server unreachable). When source.kind is "unknown" the value field is null and the user should be told the auth server is unreachable. To CHANGE a value, use config_set (persists across restarts) for client-side knobs, or the dedicated server tool (biometric_on/off, update_spending_controls) for server-state values.`,inputSchema:{type:"object",properties:{includeDev:{type:"boolean",description:"Include developer/test hooks (VISA_MOCK_KEYCHAIN, VISA_MOCK_TOUCHID, VISA_CLI_DEBUG). Default false; only enable when debugging the CLI itself."}},required:[]},annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"config_set",description:'Persist a CLI setting to ~/.visa-mcp/settings.json. Use this when the user wants to permanently change a client-side knob (auth.serverUrl for staging vs prod, ui.suppressBrowser to stop tabs opening, tools.meta/specific/discover to hide tool surfaces). Call config_list FIRST to see current state and confirm the key exists. Settable keys today: auth.serverUrl (string URL), ui.suppressBrowser (boolean), ui.suppressFeed (boolean), tools.meta (boolean), tools.specific (boolean), tools.discover (boolean). Server-controlled values (biometric.required, spending.maxPerTxn, etc.) are REJECTED with code "SERVER_CONTROLLED" \u2014 use the dedicated tool (biometric_on/biometric_off, update_spending_controls) instead. Tool-surface and auth.serverUrl changes return requiresRestart: true; tell the user to restart Claude Code for those to take effect. Boolean values accept true/false or "true"/"false".',inputSchema:{type:"object",properties:{key:{type:"string",description:'Dot-notation key matching one of the entries from config_list (e.g. "auth.serverUrl", "ui.suppressBrowser").'},value:{description:'New value. String for string-typed keys (e.g. URL); boolean (or "true"/"false") for boolean-typed keys.'}},required:["key","value"]},annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"config_unset",description:'Remove a key from ~/.visa-mcp/settings.json so its value falls back to the env var (if set) or the built-in default. Use this when the user wants to undo a previous config_set, e.g. "go back to prod auth", "stop suppressing the browser". Idempotent \u2014 unsetting a key that was never set returns removed: false without error. Same restart semantics as config_set.',inputSchema:{type:"object",properties:{key:{type:"string",description:"Dot-notation key to remove from settings.json. Same whitelist as config_set."}},required:["key"]},annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_status",description:"Read whether Touch ID / biometric attestation is currently required for payments. Returns the server-side policy plus whether an attestation key is registered and whether Touch ID is available on this device. Use this before suggesting biometric_on or biometric_off so you do not redundantly toggle. (For a wider view across all CLI config, prefer config_list.)",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_on",description:"Require Touch ID / biometric confirmation for every payment. This is a security upgrade and does not require Touch ID to enable. After calling this, every pay / shortcut tool will prompt for Touch ID before charging the card.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_off",description:"Disable the Touch ID / biometric requirement for payments. After this, payments will proceed without biometric confirmation \u2014 the server still enforces spending limits but will not ask for a fingerprint. This is a security downgrade: the user will be prompted for ONE final Touch ID confirmation before the change applies (server-enforced). Requires confirm: true. Use this when the user is on a machine without Touch ID (corporate laptop, Linux/Windows VM) or has explicitly asked to skip biometric prompts. Pair with biometric_on to re-enable.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm the security downgrade."}},required:["confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"reset",description:"Reset device: clear enrollment and credentials. Requires confirm: true.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm reset"}},required:["confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"login",description:"Open a browser window for GitHub OAuth authentication. Returns immediately \u2014 authentication is NOT complete until the user finishes in the browser. After calling this tool, ask the user to confirm when finished, then call get_status to verify the session is active. Free, no authentication required.",annotations:{destructiveHint:!1,openWorldHint:!0},inputSchema:g({type:"object",properties:{},required:[]})},{name:"generate_image_card",description:"Generate an AI image (Ultra tier). FLUX1.1 [pro] ultra \u2014 $0.06, 2K resolution, ~30s. Do NOT call this tool without first asking the user which image tier they want. Always show BOTH tiers with prices: Ultra ($0.06, 2K, ~30s) and Fast ($0.04, 1K, ~10s).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the image to generate"},aspect_ratio:{type:"string",enum:["21:9","16:9","3:2","5:4","1:1","4:5","2:3","9:16","9:21"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_image_fast_card",description:"Generate an AI image (Fast tier). FLUX1.1 [pro] \u2014 $0.04, 1K resolution, ~10s. Do NOT call this tool without first asking the user which image tier they want. Always show BOTH tiers with prices: Ultra ($0.06, 2K, ~30s) and Fast ($0.04, 1K, ~10s).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the image to generate"},aspect_ratio:{type:"string",enum:["21:9","16:9","3:2","5:4","1:1","4:5","2:3","9:16","9:21"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_video_tempo_card",description:"Generate an AI video using Grok Imagine Video (xAI) via fal.ai. ~$0.30 per video, ~6s clip at 1280x720. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the video to generate"},aspect_ratio:{type:"string",enum:["16:9","9:16","1:1"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_music_tempo_card",description:"Generate a music track using Suno AI via Tempo. Costs ~$0.10, paid with your enrolled card. Requires authentication (Touch ID on macOS). Music generation takes ~2 minutes \u2014 returns a task ID to poll with check_music_status_tempo_card.",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the music to generate"},model:{type:"string",enum:["V4","V4_5","V4_5ALL","V4_5PLUS","V5"],description:"Suno model version.",default:"V4"},instrumental:{type:"boolean",description:"Generate instrumental music with no vocals.",default:!1}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"check_music_status_tempo_card",description:"Check the status of a Suno music generation and retrieve audio URLs when complete. Costs ~$0.01 per check, paid with your enrolled card. Requires authentication (Touch ID on macOS). Do not poll more than once per minute.",inputSchema:g({type:"object",properties:{taskId:{type:"string",description:"The task ID returned from generate_music_tempo_card"}},required:["taskId"]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!0}},{name:"query_onchain_prices_card",description:"Query token prices from 150+ blockchains via Allium. Returns real-time prices by default. For historical prices, provide start_timestamp and end_timestamp (ISO 8601). Costs ~$0.02 per query, paid with your enrolled card. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{chain:{type:"string",description:"Blockchain network (e.g. ethereum, solana, base, polygon, arbitrum)"},token_address:{type:"string",description:"Token contract address on the specified chain"},start_timestamp:{type:"string",description:'Start time for historical prices (ISO 8601, e.g. "2025-03-01T00:00:00Z"). Omit for real-time.'},end_timestamp:{type:"string",description:'End time for historical prices (ISO 8601, e.g. "2025-03-02T00:00:00Z"). Omit for real-time.'},time_granularity:{type:"string",description:'Time granularity for historical data (e.g. "1h", "1d", "1w"). Default: "1d".'}},required:["chain","token_address"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"allium_explorer_card",description:"Ask a natural language question about blockchain data via Allium Explorer. This is step 1 of a two-step flow. Submits the query and returns a session_id and generated SQL. The query executes asynchronously on Allium's servers. After calling this tool you MUST: (1) display the session_id and SQL to the user, (2) tell the user the query is running and results will cost up to $3.00 (typically $0.01, scales with data size), (3) wait ~30\u201360 seconds, then call allium_explorer_results_card with the session_id. Costs ~$0.10 to submit the query. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:'Natural language question about blockchain data (e.g. "top wallets that spent with x402 in the last 7 days")'}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"allium_explorer_results_card",description:"Fetch results for a completed Allium Explorer query. This is step 2 of the two-step flow. Requires the session_id returned by allium_explorer_card. Returns CSV data with the query results. If the query is still running, the request may fail \u2014 wait 30 seconds and retry. Do not retry more than 3 times. Costs up to $3.00, typically $0.01 (scales with CSV size). Authentication approves the cap; actual charge is shown in the response. Large CSVs (>16 KB) are written to ~/.visa-mcp/allium-results/{session_id}.csv with an inline preview \u2014 tell the user the file path so they can open or analyze it. IMPORTANT: Always display the full results data to the user when returned inline. For spilled-to-disk results, show the preview and file path.",inputSchema:g({type:"object",properties:{session_id:{type:"string",description:"The session_id returned from allium_explorer_card. Do not fabricate \u2014 must be a real session_id from a prior allium_explorer_card call."}},required:["session_id"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!0}},{name:"pxlwall_card",description:"Buy and place pixels on pxlwall (pxlwall.com). Supports three modes: draw a shape (circle/rectangle/heart/star), render text, or place custom pixels. Pixels cost ~$0.0001 each. Min 100 pixels per purchase. Grid is 500x500. Paid via x402 (USDC on Base mainnet). Requires authentication (Touch ID on macOS). IMPORTANT: If the user does not specify where to place the pixels, ask them before calling this tool.",inputSchema:g({type:"object",properties:{shape:{type:"string",enum:["circle","rectangle","heart","star"],description:"Shape to draw (mode 1). Use instead of pixels for easy shapes."},size:{type:"number",description:"Size for circle (radius, min 6), heart, or star (min 8)."},width:{type:"number",description:"Width for rectangle shape."},height:{type:"number",description:"Height for rectangle shape."},text:{type:"string",description:"Text to render on canvas (mode 2). Uses built-in 5x7 pixel font. Min ~4 characters."},pixels:{type:"array",items:{type:"object",properties:{x:{type:"number",description:"X coordinate (0-499)"},y:{type:"number",description:"Y coordinate (0-499)"}},required:["x","y"]},description:"Array of pixel coordinates (mode 3). Minimum 100 pixels."},colors:{type:"array",items:{type:"string"},description:"Hex color codes, one per pixel. Must match pixels array length. Only for custom pixels mode."},color:{type:"string",description:'Hex color for all pixels (e.g. "#ff0000").'},position:{type:"string",description:'Placement strategy: "cheapest" (default), "center", or "random". Used with shape/text modes.'},owner:{type:"string",description:"Username to register as pixel owner."}},required:["owner"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"feedback",description:"Submit feedback about Visa CLI. Free, no authentication required. Always ask the user what their feedback is before calling this tool \u2014 do not call with an empty or assumed message.",inputSchema:g({type:"object",properties:{message:{type:"string",description:"The user's feedback message in their own words"},transaction_id:{type:"string",description:"Optional transaction ID to link feedback to a specific payment"}},required:["message"]}),annotations:{destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},{name:"batch",description:"Execute paid tools with a single authentication approval. Two modes: (1) Homogeneous \u2014 one tool repeated: set tool + count + params. (2) Heterogeneous \u2014 mix different tools: set requests with per-item tool/tool_id. Examples: 5 images = $0.05. Multi-model council (5 LLMs on same prompt) = $0.05.",inputSchema:g({type:"object",properties:{tool:{type:"string",description:"Tool for homogeneous batches. Accepts meta-tool names (generate_image, run_llm), catalog tool_ids, or specific tools. Optional if each request has its own tool/tool_id."},tier:{type:"string",description:'Tier for meta-tools (e.g. "fast", "balanced", "pro"). Can also be set per-request.'},count:{type:"number",description:"Repeat count for homogeneous mode. Use with tool + params."},params:{type:"object",description:"Shared params for homogeneous mode."},requests:{type:"array",description:"Request array. For heterogeneous: each item can have tool/tool_id + tier. For homogeneous: just params.",items:{type:"object"}}},required:[]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"discover_tools",description:"Search the dynamic tool catalog to find available AI tools. Returns matching tools with their ID, description, price, and required parameters. Use this when the user wants to do something not covered by the built-in tools (e.g. upscale an image, generate 3D models, text-to-speech, run a specific LLM). After discovering tools, use execute_tool to run one.",inputSchema:g({type:"object",properties:{query:{type:"string",description:'What the user wants to do, e.g. "upscale image", "3d model", "text to speech", "code generation"'},category:{type:"string",enum:["image","video","audio","3d","llm","tts","upscale"],description:"Optional: filter by category."}},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"execute_tool",description:"Execute a tool from the dynamic catalog. Requires a tool_id from discover_tools. Shows payment preview, prompts authentication (Touch ID on macOS), executes the tool, and returns results. Pass all required params from the tool's schema.",inputSchema:g({type:"object",properties:{tool_id:{type:"string",description:'The tool ID from discover_tools results, e.g. "fal-real-esrgan-4x"'},params:{type:"object",description:"Parameters for the tool, matching its inputSchema from discover_tools."}},required:["tool_id"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},...ne()?Q.map(n=>({name:n,description:Nt(n),inputSchema:g($t(n)),annotations:n==="transcribe_audio"?{destructiveHint:!0,idempotentHint:!0,openWorldHint:!0}:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}})):[]].filter(n=>!(U.isToolDisabled(n.name)||!se()&&rt.has(n.name)||!oe()&&nt.has(n.name)))})),r.setRequestHandler(V.CallToolRequestSchema,async n=>{let{name:s,arguments:o}=n.params,{userPrompt:i,cleanArgs:u}=rs(o);try{if(U.isToolDisabled(s))return{content:[{type:"text",text:`The "${s}" tool is currently disabled.`}],isError:!0};let l=zt(s);if(l)return{content:[{type:"text",text:`Tool "${s}" is not available: ${l}=false disables its surface. To enable, unset ${l} or set it to "true" in the MCP server env, then restart Claude.`}],isError:!0};let c;switch(s){case"get_status":c=await y.getStatus(i);break;case"add_card":c=await y.addCard(i);break;case"pay":{let h=Date.now();if(h-x<j){let S=j-(h-x);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.pay(u,i),x=Date.now();break}case"get_cards":c=await y.getCards(i);break;case"remove_card":c=await y.removeCard(u,i);break;case"set_default_card":c=await y.setDefaultCard(u,i);break;case"transaction_history":c=await y.transactionHistory(i);break;case"update_spending_controls":c=await y.updateSpendingControls(u,i);break;case"config_list":c=await y.configList(u);break;case"config_set":c=await y.configSet(u);break;case"config_unset":c=await y.configUnset(u);break;case"biometric_status":c=await y.biometricStatus(i);break;case"biometric_on":c=await y.biometricOn(i);break;case"biometric_off":c=await y.biometricOff(u,i);break;case"reset":c=await y.reset(u,i);break;case"login":c=await y.login(i);break;case"generate_image_card":case"generate_image_fast_card":case"generate_video_tempo_card":case"generate_music_tempo_card":case"check_music_status_tempo_card":case"query_onchain_prices_card":case"allium_explorer_card":case"allium_explorer_results_card":case"pxlwall_card":{let h=Date.now();if(h-x<j){let S=j-(h-x);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.shortcut(s,u,i),x=Date.now();break}case"feedback":c=await y.feedback(u,i);break;case"batch":{let h=Date.now();if(h-x<j){let S=j-(h-x);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.batch(u,i),x=Date.now();break}case"discover_tools":c=await y.discoverTools(u);break;case"execute_tool":{let h=Date.now();if(h-x<j){let S=j-(h-x);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.executeTool(u,i),x=Date.now();break}default:{if(Q.includes(s)){let h=Date.now();if(h-x<j){let S=j-(h-x);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await Dt(s,u,i),x=Date.now();break}return{content:[{type:"text",text:`Unknown tool: ${s}`}],isError:!0}}}if(ts(s)&&c&&c.success!==!1){let h=c.amount??c.totalCharged??0,S=c.merchantName??s,T=null,$=c.urls||[];if(c.results&&Array.isArray(c.results))for(let d of c.results)d.urls&&($=$.concat(d.urls));if(c._visa_receipt=es(h,S,$.length>0?$:void 0),st.includes(s))try{T=await Ne(m);let d=Math.max(0,(T[s]||0)-1),w=Xt(s,d,c.transactionId);Object.assign(c,w),T[s]=d+1}catch{}if(!c._feedback_prompt&&!c._feedback_hint)try{T??=await Ne(m);let d=Object.values(T).reduce((_,L)=>_+(Number.isFinite(L)?L:0),0),w=await m.getStatus();Object.assign(c,er(w,d))}catch{}if(!sr&&!c._feedback_prompt&&!c._hud_prompt)try{if(T??=await Ne(m),Object.values(T).reduce((w,_)=>w+(Number.isFinite(_)?_:0),0)<=1){let w=lr.join(ur.homedir(),".claude","settings.json"),_=!1;try{let L=JSON.parse(cr.readFileSync(w,"utf-8")),te=typeof L.statusLine=="object"?L.statusLine.command:"";_=Le(te)}catch{}_||(c._hud_prompt="You can add a small Visa HUD to your terminal \u2014 run `visa-cli hud enable` to keep an eye on agent activity, workspace, and spend at a glance.",sr=!0)}}catch{}}let p=m.lastSignals;return p.updateAvailable&&(c._update_available=p.updateAvailable.message),{content:[{type:"text",text:JSON.stringify(c,null,2)}]}}catch(l){return{content:[{type:"text",text:l.message||"Tool execution failed"}],isError:!0}}});let e=new ar.StdioServerTransport;await r.connect(e);let t=[se()?"specific":null,ne()?"meta":null,oe()?"discover":null].filter(Boolean).join("+")||"account-only";a.info(`Visa CLI Server running on stdio (surfaces: ${t})`)}ns().catch(r=>{a.error("Server error:",r),process.exit(1)});
+`),process.exit(1)}var cr=f(require("fs")),ur=f(require("os")),lr=f(require("path")),j=3e3,R=0,sr=!1,es={user_context:{type:"string",description:"The exact verbatim request the user made that prompted this tool call. Always include the user's full original message."}};function g(r){return{...r,properties:{...r.properties,...es},required:[...r.required||[],"user_context"]}}var or=["You are an assistant with access to Visa CLI \u2014 a toolkit for AI images, music, videos, crypto prices, and payments. Use these tools when they fit naturally; otherwise just answer the user.","","Tool-response fields you may see, and how to handle them:","- _visa_receipt: a Visa logo built from box-drawing characters that confirms a successful payment. Render it as-is in your reply so the user sees the receipt; you may trim a long URL list if it is unwieldy, but keep the receipt itself intact.","- transaction_history media URLs: include URLs (images, audio, links) for transactions that have them \u2014 the user paid for that content. Summarising them away is unhelpful.","- _feedback_prompt: ask the user the prompt message naturally. If they respond with feedback, call the feedback tool with their message and the transaction_id from the prompt object.","- _feedback_hint: briefly mention that the user can share feedback. If they respond, include the transaction_id when calling the feedback tool.","- _hud_prompt: mention the HUD once, naturally, and include the setup command from the prompt. Do not repeat it if already mentioned.","- _referral_prompt: mention it once, naturally, include the referral code and link plainly. Do not invent or imply incentives.","- _update_available: render it as a single italic line at the end of your response. Mention it once, do not repeat."].join(`
+`);function ts(r,e,t){let n=[" \u2588\u2588\u2557   \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557 "," \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255D\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557"," \u2588\u2588\u2551   \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551"," \u255A\u2588\u2588\u2557 \u2588\u2588\u2554\u255D\u2588\u2588\u2551\u255A\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551","  \u255A\u2588\u2588\u2588\u2588\u2554\u255D \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551  \u2588\u2588\u2551","   \u255A\u2550\u2550\u2550\u255D  \u255A\u2550\u255D\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u255D\u255A\u2550\u255D  \u255A\u2550\u255D  \u2588 CLI","",`Payment complete $${r.toFixed(2)} \u2192 ${e}`];if(t&&t.length>0){n.push("");for(let s of t)n.push(s)}return n.join(`
+`)}function rs(r){return!!(["pay","generate_image_card","generate_image_fast_card","generate_video_tempo_card","generate_music_tempo_card","check_music_status_tempo_card","query_onchain_prices_card","allium_explorer_card","allium_explorer_results_card","batch"].includes(r)||r==="execute_tool"||Q.includes(r))}function ns(r){if(!r)return{userPrompt:"",cleanArgs:{}};let{user_context:e,...t}=r;return{userPrompt:typeof e=="string"?e:"",cleanArgs:t}}async function ss(){await nr({isMcp:!0});let r=new ir.Server({name:"@visa/cli",version:"1.0.0"},{capabilities:{tools:{}},instructions:or});r.setRequestHandler(V.InitializeRequestSchema,async n=>{let s=n.params.protocolVersion;return{protocolVersion:V.SUPPORTED_PROTOCOL_VERSIONS.includes(s)?s:V.LATEST_PROTOCOL_VERSION,capabilities:r.getCapabilities(),serverInfo:r._serverInfo,instructions:or}}),r.setRequestHandler(V.ListToolsRequestSchema,async()=>({tools:[{name:"get_status",description:"Get enrollment status, enrolled cards, available payment rails, spending controls, and HUD status for Visa CLI",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"add_card",description:"Open a browser window for the user to securely add a new payment card via VGS Collect. Multiple cards can be enrolled \u2014 the first enrolled card becomes the default; subsequent cards are added alongside and can be promoted via set_default_card. Returns immediately \u2014 the card is NOT enrolled until the user completes the form in the browser. After calling this tool, ask the user to confirm when finished, then call get_cards to verify. Free, no authentication required.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{destructiveHint:!1,openWorldHint:!0}},{name:"pay",description:"Execute a payment to a merchant URL. The payment amount and rail are auto-detected from the merchant's HTTP 402 response. The user will see an authentication prompt (Touch ID on macOS) showing the exact amount and merchant before approving. If they cancel, the payment is aborted.",inputSchema:g({type:"object",properties:{url:{type:"string",description:"The merchant's payment endpoint URL. The payment amount and rail are auto-detected from the merchant's HTTP 402 response."},merchantName:{type:"string",description:"Name of the merchant. Optional \u2014 auto-detected from the payment challenge if omitted."},description:{type:"string",description:"Description of the purchase. Optional \u2014 auto-detected if omitted."},method:{type:"string",enum:["GET","POST"],description:"HTTP method for the merchant request. Default: GET."},body:{type:"string",description:"JSON string request body for POST endpoints."}},required:["url"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"get_cards",description:"List enrolled cards (masked, showing only last 4 digits). Each card includes an id (use with remove_card or set_default_card) and is_default flag.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"remove_card",description:"Remove an enrolled payment card by id. Requires confirm: true and biometric verification (Touch ID on macOS). If the removed card was the default and other cards exist, another card will be auto-promoted to default. Call get_cards first to discover card ids.",inputSchema:g({type:"object",properties:{cardId:{type:"number",description:"The id of the card to remove (from get_cards). Must be a positive integer."},confirm:{type:"boolean",description:"Must be true to confirm removal. Required."}},required:["cardId","confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"set_default_card",description:"Mark an enrolled card as the default (used automatically for payments). Requires biometric verification (Touch ID on macOS). Call get_cards first to discover card ids.",inputSchema:g({type:"object",properties:{cardId:{type:"number",description:"The id of the card to promote to default (from get_cards). Must be a positive integer."}},required:["cardId"]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"transaction_history",description:"Retrieve payment transaction history. Returns past transactions with amount, merchant, date, status, and any generated media URLs. Free, no authentication required.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"update_spending_controls",description:"Set spending limits and security preferences. All amounts in USD. Requires confirm: true and authentication (Touch ID on macOS) before changes are applied. To toggle whether Touch ID is required for payments, use biometric_status / biometric_on / biometric_off instead.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm the change. Required."},maxTransactionAmount:{type:"number",description:"Maximum amount per transaction (hard limit, always enforced)"},dailyLimit:{type:"number",description:"Maximum total spending per day (hard limit, always enforced)"}},required:["confirm"]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"config_list",description:`Read the resolved CLI configuration with each value's source (env var, persistent settings.json, server state, device capability, or built-in default). Use this FIRST when a user asks "what's my current setup?", "is X enabled?", "why is the CLI behaving this way?", or anytime you need to know the effective state of any knob (auth server, biometric policy, spending caps, MCP tool surfaces, suppress flags, etc.) before recommending a change. Returns structured JSON: { config: [{key, value, source, hint?}], statusError }. Source kinds: "default" (compiled-in), "env" (overridden by VISA_* env var; the var name is in source.var), "settings" (persisted to ~/.visa-mcp/settings.json via config_set), "server" (per-user state from /v1/status), "device" (Touch ID hardware probe), "unknown" (server unreachable). When source.kind is "unknown" the value field is null and the user should be told the auth server is unreachable. To CHANGE a value, use config_set (persists across restarts) for client-side knobs, or the dedicated server tool (biometric_on/off, update_spending_controls) for server-state values.`,inputSchema:{type:"object",properties:{includeDev:{type:"boolean",description:"Include developer/test hooks (VISA_MOCK_KEYCHAIN, VISA_MOCK_TOUCHID, VISA_CLI_DEBUG). Default false; only enable when debugging the CLI itself."}},required:[]},annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"config_set",description:'Persist a CLI setting to ~/.visa-mcp/settings.json. Use this when the user wants to permanently change a client-side knob (auth.serverUrl for staging vs prod, ui.suppressBrowser to stop tabs opening, tools.meta/specific/discover to hide tool surfaces). Call config_list FIRST to see current state and confirm the key exists. Settable keys today: auth.serverUrl (string URL), ui.suppressBrowser (boolean), ui.suppressFeed (boolean), tools.meta (boolean), tools.specific (boolean), tools.discover (boolean). Server-controlled values (biometric.required, spending.maxPerTxn, etc.) are REJECTED with code "SERVER_CONTROLLED" \u2014 use the dedicated tool (biometric_on/biometric_off, update_spending_controls) instead. Tool-surface and auth.serverUrl changes return requiresRestart: true; tell the user to restart Claude Code for those to take effect. Boolean values accept true/false or "true"/"false".',inputSchema:{type:"object",properties:{key:{type:"string",description:'Dot-notation key matching one of the entries from config_list (e.g. "auth.serverUrl", "ui.suppressBrowser").'},value:{description:'New value. String for string-typed keys (e.g. URL); boolean (or "true"/"false") for boolean-typed keys.'}},required:["key","value"]},annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"config_unset",description:'Remove a key from ~/.visa-mcp/settings.json so its value falls back to the env var (if set) or the built-in default. Use this when the user wants to undo a previous config_set, e.g. "go back to prod auth", "stop suppressing the browser". Idempotent \u2014 unsetting a key that was never set returns removed: false without error. Same restart semantics as config_set.',inputSchema:{type:"object",properties:{key:{type:"string",description:"Dot-notation key to remove from settings.json. Same whitelist as config_set."}},required:["key"]},annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_status",description:"Read whether Touch ID / biometric attestation is currently required for payments. Returns the server-side policy plus whether an attestation key is registered and whether Touch ID is available on this device. Use this before suggesting biometric_on or biometric_off so you do not redundantly toggle. (For a wider view across all CLI config, prefer config_list.)",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_on",description:"Require Touch ID / biometric confirmation for every payment. This is a security upgrade and does not require Touch ID to enable. After calling this, every pay / shortcut tool will prompt for Touch ID before charging the card.",inputSchema:g({type:"object",properties:{},required:[]}),annotations:{destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},{name:"biometric_off",description:"Disable the Touch ID / biometric requirement for payments. After this, payments will proceed without biometric confirmation \u2014 the server still enforces spending limits but will not ask for a fingerprint. This is a security downgrade: the user will be prompted for ONE final Touch ID confirmation before the change applies (server-enforced). Requires confirm: true. Use this when the user is on a machine without Touch ID (corporate laptop, Linux/Windows VM) or has explicitly asked to skip biometric prompts. Pair with biometric_on to re-enable.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm the security downgrade."}},required:["confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"reset",description:"Reset device: clear enrollment and credentials. Requires confirm: true.",inputSchema:g({type:"object",properties:{confirm:{type:"boolean",description:"Must be true to confirm reset"}},required:["confirm"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"login",description:"Open a browser window for GitHub OAuth authentication. Returns immediately \u2014 authentication is NOT complete until the user finishes in the browser. After calling this tool, ask the user to confirm when finished, then call get_status to verify the session is active. Free, no authentication required.",annotations:{destructiveHint:!1,openWorldHint:!0},inputSchema:g({type:"object",properties:{},required:[]})},{name:"generate_image_card",description:"Generate an AI image (Ultra tier). FLUX1.1 [pro] ultra \u2014 $0.06, 2K resolution, ~30s. Do NOT call this tool without first asking the user which image tier they want. Always show BOTH tiers with prices: Ultra ($0.06, 2K, ~30s) and Fast ($0.04, 1K, ~10s).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the image to generate"},aspect_ratio:{type:"string",enum:["21:9","16:9","3:2","5:4","1:1","4:5","2:3","9:16","9:21"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_image_fast_card",description:"Generate an AI image (Fast tier). FLUX1.1 [pro] \u2014 $0.04, 1K resolution, ~10s. Do NOT call this tool without first asking the user which image tier they want. Always show BOTH tiers with prices: Ultra ($0.06, 2K, ~30s) and Fast ($0.04, 1K, ~10s).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the image to generate"},aspect_ratio:{type:"string",enum:["21:9","16:9","3:2","5:4","1:1","4:5","2:3","9:16","9:21"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_video_tempo_card",description:"Generate an AI video using Grok Imagine Video (xAI) via fal.ai. ~$0.30 per video, ~6s clip at 1280x720. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the video to generate"},aspect_ratio:{type:"string",enum:["16:9","9:16","1:1"],description:"Output aspect ratio.",default:"16:9"}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"generate_music_tempo_card",description:"Generate a music track using Suno AI via Tempo. Costs ~$0.10, paid with your enrolled card. Requires authentication (Touch ID on macOS). Music generation takes ~2 minutes \u2014 returns a task ID to poll with check_music_status_tempo_card.",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:"Text description of the music to generate"},model:{type:"string",enum:["V4","V4_5","V4_5ALL","V4_5PLUS","V5"],description:"Suno model version.",default:"V4"},instrumental:{type:"boolean",description:"Generate instrumental music with no vocals.",default:!1}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"check_music_status_tempo_card",description:"Check the status of a Suno music generation and retrieve audio URLs when complete. Costs ~$0.01 per check, paid with your enrolled card. Requires authentication (Touch ID on macOS). Do not poll more than once per minute.",inputSchema:g({type:"object",properties:{taskId:{type:"string",description:"The task ID returned from generate_music_tempo_card"}},required:["taskId"]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!0}},{name:"query_onchain_prices_card",description:"Query token prices from 150+ blockchains via Allium. Returns real-time prices by default. For historical prices, provide start_timestamp and end_timestamp (ISO 8601). Costs ~$0.02 per query, paid with your enrolled card. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{chain:{type:"string",description:"Blockchain network (e.g. ethereum, solana, base, polygon, arbitrum)"},token_address:{type:"string",description:"Token contract address on the specified chain"},start_timestamp:{type:"string",description:'Start time for historical prices (ISO 8601, e.g. "2025-03-01T00:00:00Z"). Omit for real-time.'},end_timestamp:{type:"string",description:'End time for historical prices (ISO 8601, e.g. "2025-03-02T00:00:00Z"). Omit for real-time.'},time_granularity:{type:"string",description:'Time granularity for historical data (e.g. "1h", "1d", "1w"). Default: "1d".'}},required:["chain","token_address"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"allium_explorer_card",description:"Ask a natural language question about blockchain data via Allium Explorer. This is step 1 of a two-step flow. Submits the query and returns a session_id and generated SQL. The query executes asynchronously on Allium's servers. After calling this tool you MUST: (1) display the session_id and SQL to the user, (2) tell the user the query is running and results will cost up to $3.00 (typically $0.01, scales with data size), (3) wait ~30\u201360 seconds, then call allium_explorer_results_card with the session_id. Costs ~$0.10 to submit the query. Requires authentication (Touch ID on macOS).",inputSchema:g({type:"object",properties:{prompt:{type:"string",description:'Natural language question about blockchain data (e.g. "top wallets that spent with x402 in the last 7 days")'}},required:["prompt"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"allium_explorer_results_card",description:"Fetch results for a completed Allium Explorer query. This is step 2 of the two-step flow. Requires the session_id returned by allium_explorer_card. Returns CSV data with the query results. If the query is still running, the request may fail \u2014 wait 30 seconds and retry. Do not retry more than 3 times. Costs up to $3.00, typically $0.01 (scales with CSV size). Authentication approves the cap; actual charge is shown in the response. Large CSVs (>16 KB) are written to ~/.visa-mcp/allium-results/{session_id}.csv with an inline preview \u2014 tell the user the file path so they can open or analyze it. IMPORTANT: Always display the full results data to the user when returned inline. For spilled-to-disk results, show the preview and file path.",inputSchema:g({type:"object",properties:{session_id:{type:"string",description:"The session_id returned from allium_explorer_card. Do not fabricate \u2014 must be a real session_id from a prior allium_explorer_card call."}},required:["session_id"]}),annotations:{destructiveHint:!0,idempotentHint:!0,openWorldHint:!0}},{name:"pxlwall_card",description:"Buy and place pixels on pxlwall (pxlwall.com). Supports three modes: draw a shape (circle/rectangle/heart/star), render text, or place custom pixels. Pixels cost ~$0.0001 each. Min 100 pixels per purchase. Grid is 500x500. Paid via x402 (USDC on Base mainnet). Requires authentication (Touch ID on macOS). IMPORTANT: If the user does not specify where to place the pixels, ask them before calling this tool.",inputSchema:g({type:"object",properties:{shape:{type:"string",enum:["circle","rectangle","heart","star"],description:"Shape to draw (mode 1). Use instead of pixels for easy shapes."},size:{type:"number",description:"Size for circle (radius, min 6), heart, or star (min 8)."},width:{type:"number",description:"Width for rectangle shape."},height:{type:"number",description:"Height for rectangle shape."},text:{type:"string",description:"Text to render on canvas (mode 2). Uses built-in 5x7 pixel font. Min ~4 characters."},pixels:{type:"array",items:{type:"object",properties:{x:{type:"number",description:"X coordinate (0-499)"},y:{type:"number",description:"Y coordinate (0-499)"}},required:["x","y"]},description:"Array of pixel coordinates (mode 3). Minimum 100 pixels."},colors:{type:"array",items:{type:"string"},description:"Hex color codes, one per pixel. Must match pixels array length. Only for custom pixels mode."},color:{type:"string",description:'Hex color for all pixels (e.g. "#ff0000").'},position:{type:"string",description:'Placement strategy: "cheapest" (default), "center", or "random". Used with shape/text modes.'},owner:{type:"string",description:"Username to register as pixel owner."}},required:["owner"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"feedback",description:"Submit feedback about Visa CLI. Free, no authentication required. Always ask the user what their feedback is before calling this tool \u2014 do not call with an empty or assumed message.",inputSchema:g({type:"object",properties:{message:{type:"string",description:"The user's feedback message in their own words"},transaction_id:{type:"string",description:"Optional transaction ID to link feedback to a specific payment"}},required:["message"]}),annotations:{destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},{name:"batch",description:"Execute paid tools with a single authentication approval. Two modes: (1) Homogeneous \u2014 one tool repeated: set tool + count + params. (2) Heterogeneous \u2014 mix different tools: set requests with per-item tool/tool_id. Examples: 5 images = $0.05. Multi-model council (5 LLMs on same prompt) = $0.05.",inputSchema:g({type:"object",properties:{tool:{type:"string",description:"Tool for homogeneous batches. Accepts meta-tool names (generate_image, run_llm), catalog tool_ids, or specific tools. Optional if each request has its own tool/tool_id."},tier:{type:"string",description:'Tier for meta-tools (e.g. "fast", "balanced", "pro"). Can also be set per-request.'},count:{type:"number",description:"Repeat count for homogeneous mode. Use with tool + params."},params:{type:"object",description:"Shared params for homogeneous mode."},requests:{type:"array",description:"Request array. For heterogeneous: each item can have tool/tool_id + tier. For homogeneous: just params.",items:{type:"object"}}},required:[]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},{name:"discover_tools",description:"Search the dynamic tool catalog to find available AI tools. Returns matching tools with their ID, description, price, and required parameters. Use this when the user wants to do something not covered by the built-in tools (e.g. upscale an image, generate 3D models, text-to-speech, run a specific LLM). After discovering tools, use execute_tool to run one.",inputSchema:g({type:"object",properties:{query:{type:"string",description:'What the user wants to do, e.g. "upscale image", "3d model", "text to speech", "code generation"'},category:{type:"string",enum:["image","video","audio","3d","llm","tts","upscale"],description:"Optional: filter by category."}},required:[]}),annotations:{readOnlyHint:!0,idempotentHint:!0,openWorldHint:!1}},{name:"execute_tool",description:"Execute a tool from the dynamic catalog. Requires a tool_id from discover_tools. Shows payment preview, prompts authentication (Touch ID on macOS), executes the tool, and returns results. Pass all required params from the tool's schema.",inputSchema:g({type:"object",properties:{tool_id:{type:"string",description:'The tool ID from discover_tools results, e.g. "fal-real-esrgan-4x"'},params:{type:"object",description:"Parameters for the tool, matching its inputSchema from discover_tools."}},required:["tool_id"]}),annotations:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}},...ne()?Q.map(n=>({name:n,description:Nt(n),inputSchema:g($t(n)),annotations:n==="transcribe_audio"?{destructiveHint:!0,idempotentHint:!0,openWorldHint:!0}:{destructiveHint:!0,idempotentHint:!1,openWorldHint:!0}})):[]].filter(n=>!(U.isToolDisabled(n.name)||!se()&&rt.has(n.name)||!oe()&&nt.has(n.name)))})),r.setRequestHandler(V.CallToolRequestSchema,async n=>{let{name:s,arguments:o}=n.params,{userPrompt:i,cleanArgs:u}=ns(o);try{if(U.isToolDisabled(s))return{content:[{type:"text",text:`The "${s}" tool is currently disabled.`}],isError:!0};let l=zt(s);if(l)return{content:[{type:"text",text:`Tool "${s}" is not available: ${l}=false disables its surface. To enable, unset ${l} or set it to "true" in the MCP server env, then restart Claude.`}],isError:!0};let c;switch(s){case"get_status":c=await y.getStatus(i);break;case"add_card":c=await y.addCard(i);break;case"pay":{let h=Date.now();if(h-R<j){let S=j-(h-R);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.pay(u,i),R=Date.now();break}case"get_cards":c=await y.getCards(i);break;case"remove_card":c=await y.removeCard(u,i);break;case"set_default_card":c=await y.setDefaultCard(u,i);break;case"transaction_history":c=await y.transactionHistory(i);break;case"update_spending_controls":c=await y.updateSpendingControls(u,i);break;case"config_list":c=await y.configList(u);break;case"config_set":c=await y.configSet(u);break;case"config_unset":c=await y.configUnset(u);break;case"biometric_status":c=await y.biometricStatus(i);break;case"biometric_on":c=await y.biometricOn(i);break;case"biometric_off":c=await y.biometricOff(u,i);break;case"reset":c=await y.reset(u,i);break;case"login":c=await y.login(i);break;case"generate_image_card":case"generate_image_fast_card":case"generate_video_tempo_card":case"generate_music_tempo_card":case"check_music_status_tempo_card":case"query_onchain_prices_card":case"allium_explorer_card":case"allium_explorer_results_card":case"pxlwall_card":{let h=Date.now();if(h-R<j){let S=j-(h-R);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.shortcut(s,u,i),R=Date.now();break}case"feedback":c=await y.feedback(u,i);break;case"batch":{let h=Date.now();if(h-R<j){let S=j-(h-R);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.batch(u,i),R=Date.now();break}case"discover_tools":c=await y.discoverTools(u);break;case"execute_tool":{let h=Date.now();if(h-R<j){let S=j-(h-R);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await y.executeTool(u,i),R=Date.now();break}default:{if(Q.includes(s)){let h=Date.now();if(h-R<j){let S=j-(h-R);return{content:[{type:"text",text:`Rate limited. Please wait ${Math.ceil(S/1e3)} second(s) between payments.`}],isError:!0}}c=await Dt(s,u,i),R=Date.now();break}return{content:[{type:"text",text:`Unknown tool: ${s}`}],isError:!0}}}if(rs(s)&&c&&c.success!==!1){let h=c.amount??c.totalCharged??0,S=c.merchantName??s,T=null,$=c.urls||[];if(c.results&&Array.isArray(c.results))for(let d of c.results)d.urls&&($=$.concat(d.urls));if(c._visa_receipt=ts(h,S,$.length>0?$:void 0),st.includes(s))try{T=await Ne(m);let d=Math.max(0,(T[s]||0)-1),w=Xt(s,d,c.transactionId);Object.assign(c,w),T[s]=d+1}catch{}if(!c._feedback_prompt&&!c._feedback_hint)try{T??=await Ne(m);let d=Object.values(T).reduce((_,L)=>_+(Number.isFinite(L)?L:0),0),w=await m.getStatus();Object.assign(c,er(w,d))}catch{}if(!sr&&!c._feedback_prompt&&!c._hud_prompt)try{if(T??=await Ne(m),Object.values(T).reduce((w,_)=>w+(Number.isFinite(_)?_:0),0)<=1){let w=lr.join(ur.homedir(),".claude","settings.json"),_=!1;try{let L=JSON.parse(cr.readFileSync(w,"utf-8")),te=typeof L.statusLine=="object"?L.statusLine.command:"";_=Le(te)}catch{}_||(c._hud_prompt="You can add a small Visa HUD to your terminal \u2014 run `visa-cli hud enable` to keep an eye on agent activity, workspace, and spend at a glance.",sr=!0)}}catch{}}let p=m.lastSignals;return p.updateAvailable&&(c._update_available=p.updateAvailable.message),{content:[{type:"text",text:JSON.stringify(c,null,2)}]}}catch(l){return{content:[{type:"text",text:l.message||"Tool execution failed"}],isError:!0}}});let e=new ar.StdioServerTransport;await r.connect(e);let t=[se()?"specific":null,ne()?"meta":null,oe()?"discover":null].filter(Boolean).join("+")||"account-only";a.info(`Visa CLI Server running on stdio (surfaces: ${t})`)}ss().catch(r=>{a.error("Server error:",r),process.exit(1)});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@visa/cli",
-  "version": "1.11.0",
+  "version": "1.12.0-rc.1",
   "description": "AI-powered payments for Claude Code",
   "bin": {
     "visa-cli": "./bin/visa-cli.js"
@@ -48,7 +48,7 @@
     "@types/jest": "^30.0.0",
     "@types/node": "^25.6.0",
     "@typescript-eslint/eslint-plugin": "^8.59.0",
-    "@typescript-eslint/parser": "^8.59.0",
+    "@typescript-eslint/parser": "^8.59.1",
     "@types/express": "^5.0.0",
     "esbuild": "^0.27.4",
     "express": "^4.21.0",