@zeroxyz/cli 0.0.46 → 0.0.47

package/dist/index.js

@@ -76374,7 +76374,7 @@ init_esm_shims();
 
 // package.json
 var package_default = {
-  version: "0.0.46"};
+  version: "0.0.47"};
 
 // src/app.ts
 init_esm_shims();
@@ -77005,6 +77005,21 @@ defineLazyProperty(apps, "safari", () => detectPlatformBinary({
 }));
 var open_default = open;
 
+// src/util/redact.ts
+init_esm_shims();
+var ERROR_MAX = 500;
+var QUERY_MAX = 200;
+var redactUrl = (raw) => {
+  try {
+    const parsed = new URL(raw);
+    return `${parsed.origin}${parsed.pathname}`;
+  } catch {
+    return raw;
+  }
+};
+var truncateQuery = (raw) => raw.length > QUERY_MAX ? `${raw.slice(0, QUERY_MAX)}\u2026` : raw;
+var truncateError = (raw) => raw.length > ERROR_MAX ? `${raw.slice(0, ERROR_MAX)}\u2026` : raw;
+
 // src/util/secure-config.ts
 init_esm_shims();
 var SECURE_DIR_MODE = 448;
@@ -77052,8 +77067,14 @@ var LEGACY_KEY_NOTICE = {
   keep: "zero wallet set <key>"
 };
 var hasLegacyPrivateKey = () => readConfig(getConfigPath()).privateKey !== void 0;
-var reportSignedIn = (result, json3) => {
+var reportSignedIn = (result, json3, la) => {
   const legacyKeyPresent = hasLegacyPrivateKey();
+  la?.analytics.capture("auth_login_completed", {
+    mode: la.mode,
+    authMethod: "workos_device",
+    legacyKeyDetected: legacyKeyPresent,
+    hadPriorSession: la.hadPriorSession
+  });
   if (json3) {
     process.stdout.write(
       `${JSON.stringify({
@@ -77085,7 +77106,12 @@ Signed in as ${result.user.email ?? result.user.id}
     );
   }
 };
-var reportExpired = (json3) => {
+var reportExpired = (json3, la) => {
+  la?.analytics.capture("auth_login_failed", {
+    mode: la.mode,
+    reason: "device_expired",
+    error: "device code expired"
+  });
   if (json3) {
     process.stdout.write(`${JSON.stringify({ status: "expired" })}
 `);
@@ -77127,7 +77153,7 @@ Once authorized, run:
 `
   );
 };
-var runFinish = async (client, deviceCode, json3) => {
+var runFinish = async (client, deviceCode, json3, la) => {
   const deadline = Date.now() + FINISH_MAX_WAIT_MS;
   while (Date.now() < deadline) {
     const result = await client.auth.device.poll(deviceCode);
@@ -77137,16 +77163,16 @@ var runFinish = async (client, deviceCode, json3) => {
       continue;
     }
     if (result.status === "expired") {
-      reportExpired(json3);
+      reportExpired(json3, la);
       return;
     }
     persistSession(result);
-    reportSignedIn(result, json3);
+    reportSignedIn(result, json3, la);
     return;
   }
-  reportExpired(json3);
+  reportExpired(json3, la);
 };
-var runInteractive = async (client, shouldOpen) => {
+var runInteractive = async (client, shouldOpen, la) => {
   const start = await client.auth.device.start();
   const url4 = `${start.verificationUri}?code=${start.userCode}`;
   process.stdout.write(
@@ -77167,14 +77193,14 @@ User code: ${start.userCode}
       continue;
     }
     if (result.status === "expired") {
-      reportExpired(false);
+      reportExpired(false, la);
       return;
     }
     persistSession(result);
-    reportSignedIn(result, false);
+    reportSignedIn(result, false, la);
     return;
   }
-  reportExpired(false);
+  reportExpired(false, la);
 };
 var authLoginCommand = (appContext) => new Command("login").description("Sign in to Zero").option("--no-open", "Do not open the browser automatically").option(
   "--start",
@@ -77184,7 +77210,7 @@ var authLoginCommand = (appContext) => new Command("login").description("Sign in
   "Complete a login begun with --start: poll until the user authorizes, then save the session."
 ).option("--json", "Emit machine-readable JSON instead of human text").action(
   async (opts) => {
-    const { client } = appContext.services;
+    const { client, analyticsService } = appContext.services;
     const json3 = opts.json ?? false;
     if (opts.start && opts.finish) {
       process.stderr.write("Pass either --start or --finish, not both.\n");
@@ -77195,23 +77221,42 @@ var authLoginCommand = (appContext) => new Command("login").description("Sign in
       await runStart(client, json3);
       return;
     }
-    if (opts.finish) {
-      await runFinish(client, opts.finish, json3);
-      return;
+    const mode = opts.finish ? "finish" : "interactive";
+    const hadPriorSession = readConfig(getConfigPath()).session !== void 0;
+    analyticsService.capture("auth_login_started", { mode, json: json3 });
+    const la = {
+      analytics: analyticsService,
+      mode,
+      hadPriorSession
+    };
+    try {
+      if (opts.finish) {
+        await runFinish(client, opts.finish, json3, la);
+        return;
+      }
+      await runInteractive(client, opts.open, la);
+    } catch (err) {
+      analyticsService.capture("auth_login_failed", {
+        mode,
+        reason: "api_error",
+        error: truncateError(err.message)
+      });
+      throw err;
     }
-    await runInteractive(client, opts.open);
   }
 );
 var authLogoutCommand = (appContext) => new Command("logout").description("Sign out of Zero").action(async () => {
-  const { client } = appContext.services;
+  const { client, analyticsService } = appContext.services;
   const path3 = getConfigPath();
   const config2 = readConfig(path3);
+  const hadSession = config2.session !== void 0;
   if (config2.session) {
     await client.auth.logout(config2.session.refreshToken).catch(() => {
     });
   }
   const { session: _drop, ...rest } = config2;
   writeSecureFile(path3, JSON.stringify(rest, null, 2));
+  analyticsService.capture("auth_logout_completed", { hadSession });
   process.stdout.write("Signed out.\n");
 });
 var authWhoamiCommand = (appContext) => new Command("whoami").description("Print the current Zero identity").option("--json", "Emit machine-readable JSON instead of human text").action(async (opts) => {
@@ -138372,7 +138417,7 @@ var isTextContentType = (contentType) => {
   const lower = contentType.toLowerCase();
   return TEXT_CONTENT_TYPES.some((marker) => lower.includes(marker));
 };
-var redactUrl = (url4) => {
+var redactUrl2 = (url4) => {
   try {
     const u2 = new URL(url4);
     return `${u2.origin}${u2.pathname}`;
@@ -138819,7 +138864,7 @@ var clientFetch = async (client, url4, opts = {}) => {
           level: "warn",
           message: "Failed to record run for fetch",
           meta: {
-            url: redactUrl(url4),
+            url: redactUrl2(url4),
             capabilityId: opts.capabilityId,
             error: errorMessage22,
             errorCode: code
@@ -139575,21 +139620,6 @@ var tryParseJson2 = (text) => {
   }
 };
 
-// src/util/redact.ts
-init_esm_shims();
-var ERROR_MAX = 500;
-var QUERY_MAX = 200;
-var redactUrl2 = (raw) => {
-  try {
-    const parsed = new URL(raw);
-    return `${parsed.origin}${parsed.pathname}`;
-  } catch {
-    return raw;
-  }
-};
-var truncateQuery = (raw) => raw.length > QUERY_MAX ? `${raw.slice(0, QUERY_MAX)}\u2026` : raw;
-var truncateError = (raw) => raw.length > ERROR_MAX ? `${raw.slice(0, ERROR_MAX)}\u2026` : raw;
-
 // src/commands/fetch-command.ts
 var MAX_INLINE_REQUEST_BODY_BYTES = 10 * 1024 * 1024;
 var MAX_FILE_REQUEST_BODY_BYTES = 500 * 1024 * 1024;
@@ -139753,7 +139783,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
         const message2 = err instanceof Error ? err.message : "Failed to read request body";
         analyticsService.capture("fetch_error", {
           cliErrorClass: /exceeds the .* byte local cap/.test(message2) ? "payload_too_large" : "schema_validation_failed",
-          url: redactUrl2(resolvedUrl),
+          url: redactUrl(resolvedUrl),
           error: truncateError(message2)
         });
         console.error(message2);
@@ -139809,7 +139839,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
           const lastSearch = stateService.loadLastSearch();
           const cached2 = lastSearch?.capabilities ?? [];
           analyticsService.capture("capability_resolution_missed", {
-            url: redactUrl2(resolvedUrl),
+            url: redactUrl(resolvedUrl),
             method,
             hasLastSearch: lastSearch !== null,
             lastSearchSize: cached2.length,
@@ -139867,7 +139897,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
         const message2 = err instanceof Error ? err.message : "Fetch failed";
         analyticsService.capture("fetch_error", {
           cliErrorClass: "network",
-          url: redactUrl2(resolvedUrl),
+          url: redactUrl(resolvedUrl),
           error: truncateError(message2)
         });
         console.error(`  Fetch failed: ${message2}`);
@@ -139959,7 +139989,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
         }
       }
       analyticsService.capture("fetch_executed", {
-        url: redactUrl2(resolvedUrl),
+        url: redactUrl(resolvedUrl),
         status: status ?? void 0,
         outcome,
         latencyMs,
@@ -139978,6 +140008,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
         resultRank: resultRank ?? void 0,
         runId: runId ?? void 0,
         runTracked: !!runId,
+        signingSource: signing?.source ?? "none",
         // A NULL searchId on a direct_slug fetch is correct here,
         // not a funnel gap to paper over.
         fetchOrigin,
@@ -139997,7 +140028,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
           capabilityId: capabilityId ?? void 0,
           searchId: searchId ?? void 0,
           resultRank: resultRank ?? void 0,
-          url: redactUrl2(resolvedUrl),
+          url: redactUrl(resolvedUrl),
           status: typeof status === "number" ? status : void 0,
           upstreamErrorMessage: upstreamError?.message,
           errorSnippetHash: upstreamError?.snippetHash,
@@ -140094,7 +140125,7 @@ var fetchCommand = (appContext) => new Command("fetch").description(
       try {
         appContext.services.analyticsService.capture("fetch_error", {
           cliErrorClass: "unknown",
-          url: url4 ? redactUrl2(url4) : "unknown",
+          url: url4 ? redactUrl(url4) : "unknown",
           error: truncateError(message2)
         });
       } catch {
@@ -142344,7 +142375,7 @@ var walletGenerateCommand = (appContext) => new Command("generate").description(
 var walletMigrateCommand = (appContext) => new Command("migrate").description(
   "Sweep all USDC from your private-key wallet into your Zero wallet"
 ).option("--json", "Emit the migration result as JSON").option("-y, --yes", "Skip the confirmation prompt").action(async (options) => {
-  const { client, walletMigrationService } = appContext.services;
+  const { client, walletMigrationService, analyticsService } = appContext.services;
   const zeroDir = join(homedir(), ".zero");
   const configPath = join(zeroDir, "config.json");
   const config2 = existsSync(configPath) ? readConfig(configPath) : {};
@@ -142372,99 +142403,126 @@ var walletMigrateCommand = (appContext) => new Command("migrate").description(
     process.exitCode = 1;
     return;
   }
-  const to2 = await resolveManagedWalletAddress(client);
-  if (!to2) {
-    console.error(
-      "Could not resolve your Zero wallet. Run `zero auth login` and try again."
-    );
-    process.exitCode = 1;
-    return;
-  }
-  if (to2.toLowerCase() === source.address.toLowerCase()) {
-    console.error(
-      "Source and destination are the same wallet \u2014 nothing to migrate."
-    );
-    process.exitCode = 1;
-    return;
-  }
-  const balance = await walletMigrationService.getSweepableBalance();
-  if (balance.raw <= 0n) {
-    if (options.json) {
-      console.log(
-        JSON.stringify({ destination: to2, legs: [], keyRemoved: false })
-      );
-    } else {
-      console.log("Nothing to migrate (no USDC found).");
-    }
-    return;
-  }
-  if (!options.yes) {
-    if (options.json || !process.stdin.isTTY) {
+  const keySource = appContext.env.ZERO_PRIVATE_KEY ? "env" : "config";
+  let step = "destination_resolve";
+  try {
+    const to2 = await resolveManagedWalletAddress(client);
+    if (!to2) {
       console.error(
-        "Refusing to migrate without confirmation. Re-run with --yes to proceed."
+        "Could not resolve your Zero wallet. Run `zero auth login` and try again."
       );
       process.exitCode = 1;
       return;
     }
-    const proceed = await ye({
-      message: `Please confirm you would like to transfer $${balance.usdc} from your private wallet to your Zero managed wallet`
-    });
-    if (pD(proceed) || !proceed) {
-      console.log("Migration cancelled.");
+    if (to2.toLowerCase() === source.address.toLowerCase()) {
+      console.error(
+        "Source and destination are the same wallet \u2014 nothing to migrate."
+      );
+      process.exitCode = 1;
       return;
     }
-  }
-  const results = await walletMigrationService.migrateAllUsdc(to2, {
-    migrateWallet: (authorization) => client.wallet.migrateAuthorization(authorization)
-  });
-  const anyFailed = results.some((r2) => r2.status === "failed");
-  const anySwept = results.some((r2) => r2.status === "swept");
-  let backupPath = null;
-  if (anySwept && !anyFailed && config2.privateKey) {
-    try {
-      backupPath = backupAndStripPrivateKey(zeroDir).backupPath;
-    } catch {
-      backupPath = null;
-    }
-  }
-  if (options.json) {
-    console.log(
-      JSON.stringify({
-        destination: to2,
-        legs: results,
-        keyRemoved: backupPath !== null,
-        backupPath
-      })
-    );
-  } else {
-    console.log(`Migrating USDC \u2192 ${to2}`);
-    for (const r2 of results) {
-      if (r2.status === "swept") {
+    step = "balance_check";
+    const balance = await walletMigrationService.getSweepableBalance();
+    if (balance.raw <= 0n) {
+      if (options.json) {
         console.log(
-          `  ${r2.chain}: swept ${r2.amount} USDC (tx ${r2.txHash})`
+          JSON.stringify({ destination: to2, legs: [], keyRemoved: false })
         );
-      } else if (r2.status === "skipped") {
-        console.log(`  ${r2.chain}: skipped (no balance)`);
       } else {
-        console.log(`  ${r2.chain}: FAILED \u2014 ${r2.error}`);
+        console.log("Nothing to migrate (no USDC found).");
       }
+      return;
     }
-    if (backupPath) {
-      console.log("");
-      console.log(
-        `Private key removed from config (backed up to ${backupPath}). Your Zero wallet is now primary.`
-      );
-    } else if (anyFailed) {
-      console.log("");
+    analyticsService.capture("wallet_migrate_started", {
+      hasLegacyKey: config2.privateKey !== void 0,
+      keySource
+    });
+    if (!options.yes) {
+      if (options.json || !process.stdin.isTTY) {
+        console.error(
+          "Refusing to migrate without confirmation. Re-run with --yes to proceed."
+        );
+        process.exitCode = 1;
+        return;
+      }
+      const proceed = await ye({
+        message: `Please confirm you would like to transfer $${balance.usdc} from your private wallet to your Zero managed wallet`
+      });
+      if (pD(proceed) || !proceed) {
+        console.log("Migration cancelled.");
+        return;
+      }
+    }
+    step = "sweep";
+    const results = await walletMigrationService.migrateAllUsdc(to2, {
+      migrateWallet: (authorization) => client.wallet.migrateAuthorization(authorization)
+    });
+    const anyFailed = results.some((r2) => r2.status === "failed");
+    const anySwept = results.some((r2) => r2.status === "swept");
+    step = "key_backup";
+    let backupPath = null;
+    if (anySwept && !anyFailed && config2.privateKey) {
+      try {
+        backupPath = backupAndStripPrivateKey(zeroDir).backupPath;
+      } catch {
+        backupPath = null;
+      }
+    }
+    const baseLeg = results.find((r2) => r2.chain === "base");
+    const tempoLeg = results.find((r2) => r2.chain === "tempo");
+    analyticsService.capture("wallet_migrate_completed", {
+      baseStatus: baseLeg?.status ?? "skipped",
+      tempoStatus: tempoLeg?.status ?? "skipped",
+      baseAmountUsdc: baseLeg?.amount,
+      tempoAmountUsdc: tempoLeg?.amount,
+      keyRemoved: backupPath !== null,
+      anyFailed
+    });
+    if (options.json) {
       console.log(
-        "A transfer failed \u2014 your private key was kept. Re-run `zero wallet migrate` to retry."
+        JSON.stringify({
+          destination: to2,
+          legs: results,
+          keyRemoved: backupPath !== null,
+          backupPath
+        })
       );
-    } else if (!anySwept) {
-      console.log("");
-      console.log("Nothing to migrate (no USDC found).");
+    } else {
+      console.log(`Migrating USDC \u2192 ${to2}`);
+      for (const r2 of results) {
+        if (r2.status === "swept") {
+          console.log(
+            `  ${r2.chain}: swept ${r2.amount} USDC (tx ${r2.txHash})`
+          );
+        } else if (r2.status === "skipped") {
+          console.log(`  ${r2.chain}: skipped (no balance)`);
+        } else {
+          console.log(`  ${r2.chain}: FAILED \u2014 ${r2.error}`);
+        }
+      }
+      if (backupPath) {
+        console.log("");
+        console.log(
+          `Private key removed from config (backed up to ${backupPath}). Your Zero wallet is now primary.`
+        );
+      } else if (anyFailed) {
+        console.log("");
+        console.log(
+          "A transfer failed \u2014 your private key was kept. Re-run `zero wallet migrate` to retry."
+        );
+      } else if (!anySwept) {
+        console.log("");
+        console.log("Nothing to migrate (no USDC found).");
+      }
     }
+    if (anyFailed) process.exitCode = 1;
+  } catch (err) {
+    analyticsService.capture("wallet_migrate_failed", {
+      step,
+      error: truncateError(err.message)
+    });
+    throw err;
   }
-  if (anyFailed) process.exitCode = 1;
 });
 var walletCommand = (appContext) => {
   const cmd = new Command("wallet").description("Manage your wallet");
@@ -147072,7 +147130,9 @@ var getServices = async (env) => {
     account = legacyAccount;
     signingSource = "legacy";
   }
-  const walletMigrationService = new WalletMigrationService(account);
+  const walletMigrationService = new WalletMigrationService(
+    byoAccount ?? legacyAccount
+  );
   const stateService = new StateService(zeroDir);
   const analyticsService = new AnalyticsService({
     walletAddress: account?.address ?? null,

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@zeroxyz/cli",
-	"version": "0.0.46",
+	"version": "0.0.47",
 	"type": "module",
 	"bin": {
 		"zero": "dist/index.js",