@vorlek/cli 0.1.0

package/dist/commands/connect.js

@@ -0,0 +1,126 @@
+import pc from 'picocolors';
+import { ApiError } from '../client.js';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+function availableAudiencesFromError(err) {
+    if (!(err instanceof ApiError))
+        return [];
+    const detail = err.envelope.error.detail;
+    if (typeof detail !== 'object' || detail === null)
+        return [];
+    const audiences = detail.available_audiences;
+    if (!Array.isArray(audiences))
+        return [];
+    return audiences.filter((audience) => {
+        if (typeof audience !== 'object' || audience === null)
+            return false;
+        const candidate = audience;
+        return typeof candidate.id === 'string' && typeof candidate.name === 'string';
+    });
+}
+function connectionPayload(provider, opts, listId) {
+    return {
+        provider,
+        api_key: opts.apiKey ?? '',
+        ...(provider === 'mailchimp' && listId ? { list_id: listId } : {}),
+    };
+}
+function renderConnectSuccess(deps, ctx, provider, conn) {
+    renderSuccess(deps, ctx, conn, () => `${pc.green('✓')} Connected ${pc.bold(provider)} ${conn.account_name ? `(${pc.dim(conn.account_name)}) ` : ''}— connection_id ${pc.dim(conn.connection_id)}`);
+}
+export async function runConnect(deps, ctx, provider, opts) {
+    try {
+        if (!opts.apiKey)
+            throw new Error('Missing --api-key flag.');
+        if (provider === 'klaviyo') {
+            if (opts.listId)
+                throw new Error('Klaviyo connections do not use --list-id.');
+            if (opts.apiKey.startsWith('pub_') && !ctx.json) {
+                deps.stderr.write(`${pc.yellow('warning')} Klaviyo public keys start with pub_; use a private key starting with pk_ for write operations.\n`);
+            }
+        }
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        try {
+            const conn = await client.createConnection(connectionPayload(provider, opts, opts.listId));
+            renderConnectSuccess(deps, ctx, provider, conn);
+        }
+        catch (err) {
+            const audiences = availableAudiencesFromError(err);
+            if (provider !== 'mailchimp' || ctx.json || opts.listId || audiences.length === 0)
+                throw err;
+            const selected = await deps.prompts.select({
+                message: 'Select Mailchimp audience',
+                options: audiences.map((audience) => ({
+                    value: audience.id,
+                    label: audience.name,
+                    hint: audience.id,
+                })),
+            });
+            if (deps.prompts.isCancel(selected))
+                throw new Error('Audience selection cancelled.');
+            const conn = await client.createConnection(connectionPayload(provider, opts, String(selected)));
+            renderConnectSuccess(deps, ctx, provider, conn);
+        }
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export async function runList(deps, ctx) {
+    try {
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        const rows = await client.listConnections();
+        renderSuccess(deps, ctx, rows, () => {
+            if (rows.length === 0)
+                return pc.dim('No connections yet. Try `vorlek connect sendgrid --api-key SG.xxx`.');
+            const lines = [
+                `${pc.bold('PROVIDER')}  ${pc.bold('STATUS')}  ${pc.bold('ACCOUNT')}  ${pc.bold('LAST VALIDATED')}`,
+            ];
+            for (const r of rows) {
+                lines.push(`${r.provider.padEnd(9)} ${r.status.padEnd(7)} ${(r.account_name ?? '-').padEnd(8)} ${r.last_validated_at ?? '-'}`);
+            }
+            return lines.join('\n');
+        });
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export async function runRemove(deps, ctx, provider) {
+    try {
+        if (!provider)
+            throw new Error('Missing <provider> argument: `vorlek connect remove <provider>`.');
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        const result = await client.removeConnection(provider);
+        renderSuccess(deps, ctx, result, () => `${pc.green('✓')} Removed ${pc.bold(provider)} connection.`);
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerConnectCommands(cli, deps, ctx) {
+    cli
+        .command('connect <action> [target]', 'Connect: <provider> --api-key <k> | list | remove <provider>')
+        .option('--api-key <key>', 'Provider API key (required for connect <provider>)')
+        .option('--list-id <id>', 'Mailchimp audience/list id')
+        .action(async (action, target, opts) => {
+        if (action === 'list')
+            return runList(deps, ctx);
+        if (action === 'remove')
+            return runRemove(deps, ctx, target);
+        // Otherwise treat `action` as the provider name → create.
+        return runConnect(deps, ctx, action, opts);
+    });
+}
+//# sourceMappingURL=connect.js.map

package/dist/commands/connection.js

@@ -0,0 +1,45 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+export async function runCleanupTestProfiles(deps, ctx, opts) {
+    try {
+        if (!opts.provider)
+            throw new Error('Missing --provider flag.');
+        if (opts.provider !== 'klaviyo') {
+            throw new Error('cleanup-test-profiles currently supports only --provider klaviyo.');
+        }
+        if (!opts.pattern) {
+            throw new Error('Cleanup requires --pattern. Pass an exact email or bounded glob (e.g., dogfood*@test.vorlek.ci) to scope the suppression.');
+        }
+        const pattern = opts.pattern;
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        if (!client.cleanupTestProfiles) {
+            throw new Error('Configured API client does not support cleanup-test-profiles.');
+        }
+        const result = await client.cleanupTestProfiles({ provider: opts.provider, pattern });
+        renderSuccess(deps, ctx, result, () => {
+            if (!result.job_id) {
+                return `${pc.yellow('!')} No Klaviyo profiles matched ${pc.bold(pattern)}.`;
+            }
+            return `${pc.green('✓')} Cleanup queued for ${pc.bold(String(result.suppressed_profiles))} Klaviyo profiles — job_id ${pc.dim(result.job_id)}`;
+        });
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerConnectionCommands(cli, deps, ctx) {
+    cli
+        .command('connection <action>', 'Connection maintenance commands (internal: cleanup dogfood test profiles)')
+        .option('--provider <provider>', 'Provider to clean up; currently only klaviyo')
+        .option('--pattern <pattern>', 'Klaviyo cleanup email pattern (required)')
+        .action(async (action, opts) => {
+        if (action === 'cleanup-test-profiles')
+            return runCleanupTestProfiles(deps, ctx, opts);
+        deps.exit(renderError(deps, ctx, new Error(`Unknown connection action: ${action}`)));
+    });
+}
+//# sourceMappingURL=connection.js.map

package/dist/commands/contact.js

@@ -0,0 +1,120 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+import { parseDetail } from './detail.js';
+import { resolveProvider } from './provider.js';
+export async function runUpsertContact(deps, ctx, opts) {
+    try {
+        if (!opts.email)
+            throw new Error('Missing --email flag.');
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        let provider = opts.provider;
+        if (!provider) {
+            const conns = await client.listConnections();
+            if (conns.length === 0) {
+                throw new Error('No connections found. Run `vorlek connect <provider> --api-key ...` first.');
+            }
+            if (conns.length > 1) {
+                throw new Error(`Multiple connections (${conns.map((c) => c.provider).join(', ')}). Pass --provider to disambiguate.`);
+            }
+            provider = conns[0]?.provider;
+        }
+        let properties;
+        if (opts.properties) {
+            try {
+                const parsed = JSON.parse(opts.properties);
+                if (typeof parsed !== 'object' || parsed === null || Array.isArray(parsed)) {
+                    throw new Error('--properties must be a JSON object.');
+                }
+                properties = parsed;
+            }
+            catch (parseErr) {
+                const msg = parseErr instanceof Error ? parseErr.message : String(parseErr);
+                throw new Error(`--properties: ${msg}`);
+            }
+        }
+        const detail = parseDetail(opts.detail);
+        const result = await client.upsertContact({
+            provider,
+            email: opts.email,
+            first_name: opts.firstName,
+            last_name: opts.lastName,
+            // Defensive String() coercion — cac may have parsed a numeric-looking
+            // phone (e.g., "+15551234567") as a JS Number; the server requires string.
+            phone: opts.phone === undefined ? undefined : String(opts.phone),
+            properties,
+            ...(detail ? { detail } : {}),
+            ...(opts.idempotencyKey ? { idempotencyKey: opts.idempotencyKey } : {}),
+        });
+        renderSuccess(deps, ctx, result, () => {
+            const fieldsHint = result.fields_auto_created.length > 0
+                ? ` ${pc.dim(`(auto-created fields: ${result.fields_auto_created.join(', ')})`)}`
+                : '';
+            return `${pc.green('✓')} Upserted contact ${pc.bold(result.contact_id)} (${result.action}) via ${pc.bold(result.provider)}.${fieldsHint}`;
+        });
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export async function runGetContact(deps, ctx, opts) {
+    try {
+        if (!opts.email)
+            throw new Error('Missing --email flag.');
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        if (!client.getContact)
+            throw new Error('Configured API client does not support get_contact.');
+        const provider = await resolveProvider(client, opts.provider);
+        const detail = parseDetail(opts.detail);
+        const result = await client.getContact({
+            provider,
+            email: opts.email,
+            ...(detail ? { detail } : {}),
+            ...(opts.idempotencyKey ? { idempotencyKey: opts.idempotencyKey } : {}),
+        });
+        renderSuccess(deps, ctx, result, () => {
+            if (!result.found) {
+                return `${pc.yellow('!')} No ${pc.bold(result.provider)} contact found for ${pc.bold(result.email)}.`;
+            }
+            const contactId = contactIdFromResult(result.contact);
+            return `${pc.green('✓')} Found ${pc.bold(result.provider)} contact ${pc.bold(contactId ?? result.email)}.`;
+        });
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerContactCommands(cli, deps, ctx) {
+    cli
+        .command('contact <action>', 'Contact operations: upsert, get')
+        .option('--email <email>', 'Contact email (required for upsert and get)')
+        .option('--first-name <name>', 'First name')
+        .option('--last-name <name>', 'Last name')
+        .option('--phone <phone>', 'Phone number')
+        .option('--properties <json>', 'Custom properties as JSON, e.g. \'{"plan":"gold","tier":"silver"}\'')
+        .option('--provider <name>', 'Provider override (defaults to auto-detect)')
+        .option('--detail <level>', 'Response detail: minimal, standard, full')
+        .option('--idempotency-key <key>', 'Override the auto-generated idempotency key')
+        .action(async (action, opts) => {
+        if (action === 'upsert')
+            return runUpsertContact(deps, ctx, opts);
+        if (action === 'get')
+            return runGetContact(deps, ctx, opts);
+        deps.stderr.write(`${pc.red('error')} Unknown contact action: ${action}. Try: upsert, get\n`);
+        deps.exit(1);
+    });
+}
+function contactIdFromResult(contact) {
+    if (typeof contact !== 'object' || contact === null)
+        return null;
+    const contactId = contact.contact_id;
+    return typeof contactId === 'string' ? contactId : null;
+}
+//# sourceMappingURL=contact.js.map

package/dist/commands/detail.js

@@ -0,0 +1,12 @@
+const DETAIL_LEVELS = ['minimal', 'standard', 'full'];
+export function parseDetail(raw) {
+    if (raw === undefined)
+        return undefined;
+    if (isDetailLevel(raw))
+        return raw;
+    throw new Error('--detail must be one of: minimal, standard, full.');
+}
+function isDetailLevel(value) {
+    return DETAIL_LEVELS.some((level) => level === value);
+}
+//# sourceMappingURL=detail.js.map

package/dist/commands/email.js

@@ -0,0 +1,67 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+import { parseDetail } from './detail.js';
+import { resolveProvider } from './provider.js';
+function parseVariables(raw) {
+    if (!raw)
+        return undefined;
+    const parsed = JSON.parse(raw);
+    if (typeof parsed !== 'object' || parsed === null || Array.isArray(parsed)) {
+        throw new Error('--variables must be a JSON object.');
+    }
+    return parsed;
+}
+export async function runEmailSend(deps, ctx, opts) {
+    try {
+        if (!opts.to)
+            throw new Error('Missing --to flag.');
+        if (!opts.subject)
+            throw new Error('Missing --subject flag.');
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        if (!client.sendTransactional)
+            throw new Error('Configured API client does not support send_transactional.');
+        const provider = await resolveProvider(client, opts.provider);
+        const detail = parseDetail(opts.detail);
+        const result = await client.sendTransactional({
+            provider,
+            to: opts.to,
+            from: opts.from,
+            subject: opts.subject,
+            template_id: opts.templateId,
+            html: opts.html,
+            text: opts.text,
+            variables: parseVariables(opts.variables),
+            ...(detail ? { detail } : {}),
+            ...(opts.idempotencyKey ? { idempotencyKey: opts.idempotencyKey } : {}),
+        });
+        renderSuccess(deps, ctx, result, () => `${pc.green('✓')} Sent email ${pc.bold(result.message_id)} via ${pc.bold(result.provider)}.`);
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerEmailCommands(cli, deps, ctx) {
+    cli
+        .command('email <action>', 'Email operations: send')
+        .option('--to <email>', 'Recipient email')
+        .option('--from <email>', 'Sender email')
+        .option('--subject <subject>', 'Email subject')
+        .option('--template-id <id>', 'Provider template id')
+        .option('--html <html>', 'HTML body')
+        .option('--text <text>', 'Text body')
+        .option('--variables <json>', 'Template variables as JSON')
+        .option('--provider <name>', 'Provider override (defaults to auto-detect)')
+        .option('--detail <level>', 'Response detail: minimal, standard, full')
+        .option('--idempotency-key <key>', 'Override the auto-generated idempotency key')
+        .action(async (action, opts) => {
+        if (action === 'send')
+            return runEmailSend(deps, ctx, opts);
+        deps.stderr.write(`${pc.red('error')} Unknown email action: ${action}. Try: send\n`);
+        deps.exit(1);
+    });
+}
+//# sourceMappingURL=email.js.map

package/dist/commands/operation.js

@@ -0,0 +1,38 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+export async function runOperationGet(deps, ctx, opts) {
+    try {
+        if (!opts.requestId)
+            throw new Error('Missing --request-id flag.');
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        if (!client.getOperation)
+            throw new Error('Configured API client does not support operation lookup.');
+        const result = await client.getOperation(opts.requestId);
+        renderSuccess(deps, ctx, result, () => renderOperation(result));
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerOperationCommands(cli, deps, ctx) {
+    cli
+        .command('operation <action> [requestId]', 'Operation operations: get')
+        .option('--request-id <id>', 'Operation request id returned as meta.request_id')
+        .action(async (action, requestId, opts) => {
+        if (action === 'get') {
+            return runOperationGet(deps, ctx, { ...opts, requestId: opts.requestId ?? requestId });
+        }
+        deps.stderr.write(`${pc.red('error')} Unknown operation action: ${action}. Try: get\n`);
+        deps.exit(1);
+    });
+}
+function renderOperation(operation) {
+    const provider = operation.provider ?? '-';
+    const error = operation.error_code ? `, error ${operation.error_code}` : '';
+    return `${pc.green('✓')} Operation ${pc.bold(operation.request_id)} ${operation.status} ${operation.tool} via ${provider} (HTTP ${operation.http_status}${error})`;
+}
+//# sourceMappingURL=operation.js.map

package/dist/commands/provider.js

@@ -0,0 +1,16 @@
+export async function resolveProvider(client, provider) {
+    if (provider)
+        return provider;
+    const conns = await client.listConnections();
+    if (conns.length === 0) {
+        throw new Error('No connections found. Run `vorlek connect <provider> --api-key ...` first.');
+    }
+    if (conns.length > 1) {
+        throw new Error(`Multiple connections (${conns.map((c) => c.provider).join(', ')}). Pass --provider to disambiguate.`);
+    }
+    const only = conns[0]?.provider;
+    if (!only)
+        throw new Error('No provider found for the only connection.');
+    return only;
+}
+//# sourceMappingURL=provider.js.map

package/dist/commands/status.js

@@ -0,0 +1,65 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+/**
+ * Phase 1.5.9 — `vorlek status`. Composite "am I set up + how am I doing?"
+ * One round-trip per resource: identity, connections, usage. Renders a
+ * single block in human mode; in --json emits all three under one envelope.
+ */
+export function registerStatusCommand(cli, deps, ctx) {
+    cli
+        .command('status', 'Show account, connections, and current-period usage')
+        .option('--check', 'Freshly validate each connected provider')
+        .action(async (opts) => {
+        try {
+            const cfg = await deps.loadConfig();
+            if (!cfg)
+                throw new ConfigMissingError();
+            const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+            const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+            const [identity, connections, usage] = await Promise.all([
+                client.getAccount(),
+                client.listConnections(),
+                client.getUsage(),
+            ]);
+            const checks = opts.check
+                ? await Promise.all(connections.map((connection) => {
+                    if (!client.getConnectionStatus) {
+                        throw new Error('Configured API client does not support get_connection_status.');
+                    }
+                    return client.getConnectionStatus({ provider: connection.provider });
+                }))
+                : undefined;
+            const checksByProvider = new Map(checks?.map((check) => [check.provider, check]) ?? []);
+            renderSuccess(deps, ctx, { account: identity, connections, usage, checks }, () => {
+                const lines = [];
+                lines.push(pc.bold('account'));
+                lines.push(`  ${identity.email}  ${pc.dim(`(${identity.account_id})`)}`);
+                lines.push(`  plan: ${identity.plan}`);
+                lines.push('');
+                lines.push(pc.bold('connections'));
+                if (connections.length === 0) {
+                    lines.push(pc.dim('  (none)'));
+                }
+                else {
+                    for (const c of connections) {
+                        const name = c.account_name ? ` — ${pc.dim(c.account_name)}` : '';
+                        const fresh = checksByProvider.get(c.provider);
+                        const checkText = fresh ? `, checked: ${fresh.status}` : '';
+                        lines.push(`  ${pc.green('●')} ${c.provider} (${c.status}${checkText})${name}`);
+                    }
+                }
+                lines.push('');
+                lines.push(pc.bold('usage'));
+                lines.push(`  ${usage.quota.used} / ${usage.quota.limit} this period  ${pc.dim(`(resets ${usage.quota.resets_at})`)}`);
+                if (usage.recent_operations.errors > 0) {
+                    lines.push(`  ${pc.yellow(String(usage.recent_operations.errors))} errors of ${usage.recent_operations.total} total`);
+                }
+                return lines.join('\n');
+            });
+        }
+        catch (err) {
+            deps.exit(renderError(deps, ctx, err));
+        }
+    });
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/table.js

@@ -0,0 +1,10 @@
+export function renderTable(headers, rows) {
+    const widths = headers.map((header, index) => Math.max(header.length, ...rows.map((row) => row[index]?.length ?? 0)));
+    const format = (cells) => cells.map((cell, index) => cell.padEnd(widths[index] ?? cell.length)).join('  ');
+    return [
+        format(headers),
+        format(widths.map((width) => '-'.repeat(width))),
+        ...rows.map(format),
+    ].join('\n');
+}
+//# sourceMappingURL=table.js.map

package/dist/commands/template.js

@@ -0,0 +1,82 @@
+import pc from 'picocolors';
+import { ConfigMissingError, renderError, renderSuccess } from '../run-context.js';
+import { parseDetail } from './detail.js';
+import { resolveProvider } from './provider.js';
+import { renderTable } from './table.js';
+const ALL_PAGE_CAP = 100;
+export async function runTemplateList(deps, ctx, opts) {
+    try {
+        const cfg = await deps.loadConfig();
+        if (!cfg)
+            throw new ConfigMissingError();
+        const apiBase = ctx.apiBaseOverride ?? cfg.api_base;
+        const client = deps.createApiClient({ apiBase, apiKey: cfg.api_key });
+        if (!client.template?.list)
+            throw new Error('Configured API client does not support list_templates.');
+        const provider = await resolveProvider(client, opts.provider);
+        const limit = parseLimit(opts.limit);
+        const detail = parseDetail(opts.detail);
+        const templates = [];
+        let cursor = opts.cursor ?? null;
+        let nextCursor = null;
+        for (let page = 0;; page++) {
+            if (page >= ALL_PAGE_CAP) {
+                throw new Error('--all reached the 100-page safety cap. Use --cursor to continue from the last seen page.');
+            }
+            const result = await client.template.list({
+                provider,
+                ...(limit ? { limit } : {}),
+                ...(cursor ? { cursor } : {}),
+                ...(detail ? { detail } : {}),
+                ...(opts.idempotencyKey ? { idempotencyKey: opts.idempotencyKey } : {}),
+            });
+            templates.push(...result.templates);
+            nextCursor = result.next_cursor;
+            if (!opts.all || !nextCursor)
+                break;
+            cursor = nextCursor;
+        }
+        renderSuccess(deps, ctx, { provider, templates, next_cursor: nextCursor }, () => renderTemplates(provider, templates, nextCursor));
+    }
+    catch (err) {
+        deps.exit(renderError(deps, ctx, err));
+    }
+}
+export function registerTemplateCommands(cli, deps, ctx) {
+    cli
+        .command('template <action>', 'Template operations: list')
+        .option('--provider <name>', 'Provider override (defaults to auto-detect)')
+        .option('--limit <n>', 'Page size, 1-100')
+        .option('--cursor <cursor>', 'Pagination cursor returned by the previous page')
+        .option('--all', 'Follow next_cursor until exhausted (max 100 pages)')
+        .option('--detail <level>', 'Response detail: minimal, standard, full')
+        .option('--idempotency-key <key>', 'Override the auto-generated idempotency key')
+        .action(async (action, opts) => {
+        if (action === 'list')
+            return runTemplateList(deps, ctx, opts);
+        deps.stderr.write(`${pc.red('error')} Unknown template action: ${action}. Try: list\n`);
+        deps.exit(1);
+    });
+}
+function parseLimit(raw) {
+    if (raw === undefined)
+        return undefined;
+    const parsed = typeof raw === 'number' ? raw : Number.parseInt(raw, 10);
+    if (!Number.isInteger(parsed) || parsed < 1 || parsed > 100) {
+        throw new Error('--limit must be an integer between 1 and 100.');
+    }
+    return parsed;
+}
+function renderTemplates(provider, templates, nextCursor) {
+    if (templates.length === 0)
+        return pc.dim(`No templates found for ${provider}.`);
+    const table = renderTable(['id', 'name', 'subject', 'updated_at'], templates.map((template) => [
+        template.id,
+        template.name,
+        template.subject ?? '-',
+        template.updated_at,
+    ]));
+    const cursorHint = nextCursor ? `\n${pc.dim(`next_cursor: ${nextCursor}`)}` : '';
+    return `${pc.green('✓')} ${pc.bold(provider)} templates\n${table}${cursorHint}`;
+}
+//# sourceMappingURL=template.js.map

package/dist/config.js

@@ -0,0 +1,83 @@
+import { chmod, mkdir, readFile, stat, unlink, writeFile } from 'node:fs/promises';
+import { homedir } from 'node:os';
+import { dirname, join } from 'node:path';
+import { z } from 'zod';
+/**
+ * Phase 1.5.2 — local config file at `~/.vorlek/config.json` with 0600
+ * permissions (owner read/write only). Stores the live API key plus
+ * minimal account context so commands like `whoami` and `status` don't
+ * have to round-trip the server unless they want fresh data.
+ *
+ * Test_api_key is intentionally NOT persisted — `signup` prints it once
+ * for the user to copy somewhere if they want it. Persisting both keys
+ * would make a single config-leak more dangerous than necessary.
+ */
+export const CONFIG_DIR = join(homedir(), '.vorlek');
+export const CONFIG_PATH = join(CONFIG_DIR, 'config.json');
+export const CONFIG_FILE_MODE = 0o600;
+export const CONFIG_DIR_MODE = 0o700;
+export const ConfigSchema = z
+    .object({
+    api_base: z.string().url(),
+    api_key: z.string().min(1),
+    account_id: z.string().min(1),
+    email: z.string().email(),
+    created_at: z.string(),
+})
+    .strict();
+/** Returns the parsed config or `null` if no config file exists yet. */
+export async function loadConfig(path = CONFIG_PATH) {
+    let raw;
+    try {
+        raw = await readFile(path, 'utf8');
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === 'ENOENT')
+            return null;
+        throw err;
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        throw new Error(`Config file at ${path} is not valid JSON.`);
+    }
+    return ConfigSchema.parse(parsed);
+}
+export async function saveConfig(config, path = CONFIG_PATH) {
+    // Validate before writing so a bug in the caller can't poison the file.
+    const validated = ConfigSchema.parse(config);
+    await mkdir(dirname(path), { recursive: true, mode: CONFIG_DIR_MODE });
+    // writeFile's `mode` only applies when *creating* the file. If a previous
+    // run left the file at 0644 (e.g., from a buggy older CLI version), the
+    // mode would persist. Explicit chmod after write fixes both new + existing.
+    await writeFile(path, JSON.stringify(validated, null, 2), { mode: CONFIG_FILE_MODE });
+    await chmod(path, CONFIG_FILE_MODE);
+}
+export async function deleteConfig(path = CONFIG_PATH) {
+    try {
+        await unlink(path);
+        return true;
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === 'ENOENT')
+            return false;
+        throw err;
+    }
+}
+/** Verify the current file mode is 0600. Used by tests + paranoid status check. */
+export async function configFileMode(path = CONFIG_PATH) {
+    try {
+        const s = await stat(path);
+        return s.mode & 0o777;
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return null;
+        throw err;
+    }
+}
+//# sourceMappingURL=config.js.map