antpath 0.7.0 → 0.8.0

package/dist/_shared/operations.d.ts

@@ -22,6 +22,19 @@ export declare function createOutputLink(http: HttpClient, runId: string, output
 export declare function cancelRun(http: HttpClient, runId: string): Promise<void>;
 export declare function deleteRun(http: HttpClient, runId: string): Promise<void>;
 export declare function whoami(http: HttpClient): Promise<WhoAmI>;
+/**
+ * Stream the per-run archive zip from the BFF. Returns the raw
+ * `Response` so callers can pipe the body to disk without buffering
+ * the whole archive in memory.
+ *
+ * The archive lifecycle contract lives in
+ * `apps/dashboard/src/server/run-archive.ts` and
+ * `packages/sdk/docs/outputs.md`. Pre-session runs reject with HTTP
+ * 409 `run_not_started`; mid-session and terminal both produce the
+ * same archive layout and differ only in `manifest.json`'s `source`
+ * + `partial` fields.
+ */
+export declare function downloadRunArchive(http: HttpClient, runId: string): Promise<Response>;
 export declare function submitRunFlat(http: HttpClient, request: PlatformFlatRunSubmissionInput): Promise<Run>;
 /**
  * Multipart variant of `submitRunFlat` for runs that carry transient
@@ -59,3 +72,23 @@ export declare function createSkillBundle(http: HttpClient, args: {
 export declare function listSkills(http: HttpClient): Promise<readonly Skill[]>;
 export declare function getSkill(http: HttpClient, skillId: string): Promise<Skill>;
 export declare function deleteSkill(http: HttpClient, skillId: string): Promise<void>;
+/**
+ * Lookup a live workspace skill by `(name, contentHash)`. Returns the
+ * matching `Skill` record or null when no live row carries that hash.
+ *
+ * `contentHash` is the wire format `sha256:<hex>` as returned by
+ * `hashSkillBundle`. This powers `Skill.uploadIfChanged` — the SDK
+ * computes the hash locally and calls this function to skip the upload
+ * when the bytes already exist.
+ */
+export declare function findSkillByHash(http: HttpClient, args: {
+    readonly name: string;
+    readonly contentHash: string;
+}): Promise<Skill | null>;
+/**
+ * Lookup a live workspace skill by `name`. Returns the matching `Skill`
+ * record or null when no live row carries that name. Implemented as a
+ * list-and-filter on the existing `/api/skills` endpoint — the
+ * indexed by-hash route is reserved for `uploadIfChanged`.
+ */
+export declare function findSkillByName(http: HttpClient, name: string): Promise<Skill | null>;

package/dist/_shared/operations.js

@@ -41,6 +41,22 @@ export async function deleteRun(http, runId) {
 export async function whoami(http) {
     return http.request("/api/whoami");
 }
+/**
+ * Stream the per-run archive zip from the BFF. Returns the raw
+ * `Response` so callers can pipe the body to disk without buffering
+ * the whole archive in memory.
+ *
+ * The archive lifecycle contract lives in
+ * `apps/dashboard/src/server/run-archive.ts` and
+ * `packages/sdk/docs/outputs.md`. Pre-session runs reject with HTTP
+ * 409 `run_not_started`; mid-session and terminal both produce the
+ * same archive layout and differ only in `manifest.json`'s `source`
+ * + `partial` fields.
+ */
+export async function downloadRunArchive(http, runId) {
+    const { response } = await http.download(`/api/runs/${encodeURIComponent(runId)}/download`);
+    return response;
+}
 // ===========================================================================
 // Flat (Skill / McpServer / Blueprint) operations
 // ===========================================================================
@@ -125,6 +141,33 @@ export async function deleteSkill(http, skillId) {
         method: "DELETE"
     });
 }
+/**
+ * Lookup a live workspace skill by `(name, contentHash)`. Returns the
+ * matching `Skill` record or null when no live row carries that hash.
+ *
+ * `contentHash` is the wire format `sha256:<hex>` as returned by
+ * `hashSkillBundle`. This powers `Skill.uploadIfChanged` — the SDK
+ * computes the hash locally and calls this function to skip the upload
+ * when the bytes already exist.
+ */
+export async function findSkillByHash(http, args) {
+    const params = new URLSearchParams({
+        name: args.name,
+        content_hash: args.contentHash
+    });
+    const result = await http.request(`/api/skills/by-hash?${params.toString()}`);
+    return result.skill ?? null;
+}
+/**
+ * Lookup a live workspace skill by `name`. Returns the matching `Skill`
+ * record or null when no live row carries that name. Implemented as a
+ * list-and-filter on the existing `/api/skills` endpoint — the
+ * indexed by-hash route is reserved for `uploadIfChanged`.
+ */
+export async function findSkillByName(http, name) {
+    const skills = await listSkills(http);
+    return skills.find((skill) => skill.name === name) ?? null;
+}
 function unwrapSkill(result) {
     if (result && typeof result === "object" && "skill" in result) {
         return result.skill;

package/dist/_shared/proxy-protocol.d.ts

@@ -67,8 +67,16 @@ export interface ProxyIndexEntry {
  * The actual auth value lives in the run's Vault bundle under
  * `secrets.proxyEndpointAuth[i].value` and is never reflected back
  * into the container or index file.
+ *
+ * The `none` variant declares an upstream that takes no auth (public
+ * APIs like Wikimedia Commons or NASA Images). It still routes through
+ * the proxy for unified egress, audit, and budget enforcement, but
+ * carries no `proxyEndpointAuth[]` entry and the BFF injects no
+ * header or query value.
  */
 export type ProxyAuthShape = {
+    readonly type: "none";
+} | {
     readonly type: "bearer";
 } | {
     readonly type: "basic";
@@ -82,7 +90,7 @@ export type ProxyAuthShape = {
 export type ProxyAuthType = ProxyAuthShape["type"];
 /**
  * Header name (lowercase) that an upstream auth shape uses as its
- * carrier. Returns `undefined` for query-based auth.
+ * carrier. Returns `undefined` for query-based and keyless auth.
  *
  * Used by the submission parser to forbid `allowHeaders` from listing
  * the auth header (avoids leaks via caller-supplied headers), and by
@@ -92,7 +100,7 @@ export type ProxyAuthType = ProxyAuthShape["type"];
 export declare function authShapeHeaderName(shape: ProxyAuthShape): string | undefined;
 /**
  * Query-string key that an upstream query-based auth shape uses as its
- * carrier. Returns `undefined` for non-query shapes.
+ * carrier. Returns `undefined` for non-query shapes (including "none").
  */
 export declare function authShapeQueryName(shape: ProxyAuthShape): string | undefined;
 /**

package/dist/_shared/proxy-protocol.js

@@ -66,7 +66,7 @@ export const PROXY_ERROR_CODES = [
 ];
 /**
  * Header name (lowercase) that an upstream auth shape uses as its
- * carrier. Returns `undefined` for query-based auth.
+ * carrier. Returns `undefined` for query-based and keyless auth.
  *
  * Used by the submission parser to forbid `allowHeaders` from listing
  * the auth header (avoids leaks via caller-supplied headers), and by
@@ -81,12 +81,13 @@ export function authShapeHeaderName(shape) {
         case "header":
             return shape.name.toLowerCase();
         case "query":
+        case "none":
             return undefined;
     }
 }
 /**
  * Query-string key that an upstream query-based auth shape uses as its
- * carrier. Returns `undefined` for non-query shapes.
+ * carrier. Returns `undefined` for non-query shapes (including "none").
  */
 export function authShapeQueryName(shape) {
     return shape.type === "query" ? shape.name : undefined;

package/dist/_shared/runtime-types.d.ts

@@ -71,6 +71,25 @@ export interface WhoAmI {
     readonly tokenId?: string;
     readonly tokenName?: string | null;
     readonly scopes?: readonly string[];
+    /**
+     * Workspace-level caps the BFF will enforce on subsequent calls.
+     * Surfaced so consumers (e.g. broll's app-side admission gate) can
+     * decide whether to keep their own gate or rely on platform headers.
+     * All fields optional — older BFFs may omit. Numbers are concrete
+     * snapshots at the time of the `whoami` call.
+     */
+    readonly caps?: {
+        /** Token-bucket cap on POST /api/runs per minute, per workspace. */
+        readonly runSubmitPerMinute?: number;
+        /** Hard cap on concurrent non-terminal runs the workspace may hold. */
+        readonly maxConcurrentRuns?: number;
+        /** Storage cap (bytes) on captured output objects, workspace-wide. */
+        readonly storageCapBytes?: number;
+        /** Current captured-output usage in bytes. */
+        readonly storageUsedBytes?: number;
+        /** Wall-clock ceiling on a single run before forced termination. */
+        readonly maxRunDurationMs?: number;
+    };
     readonly [key: string]: unknown;
 }
 /**

package/dist/_shared/submission.d.ts

@@ -175,6 +175,27 @@ export interface PlatformFlatSubmission {
     readonly mcpServers: readonly McpServerRef[];
     readonly environment?: PlatformTemplateEnvironment;
     readonly metadata?: Record<string, JsonValue>;
+    /**
+     * Opt-in container paths to capture as `output_objects` at session
+     * terminal. When omitted, the worker still persists run metadata
+     * (status, events, snapshots, cleanup state) but does not capture
+     * any container file bytes. When present, the worker drives a
+     * synthetic agent turn at session terminal that instructs the agent
+     * to register every file under these paths via the Anthropic Files
+     * API, then walks the resulting list and copies bytes into private
+     * Supabase Storage.
+     *
+     * Validation:
+     *   - Absolute UNIX paths only (starts with `/`).
+     *   - No `..` segments, no NUL bytes, no embedded newlines.
+     *   - Max 32 entries.
+     *   - Max 512 bytes per entry.
+     *
+     * Entries are normalised (collapse `/+`, drop trailing `/` except
+     * for `/`) and deduplicated. The normalised list is what travels in
+     * the idempotency hash and the run snapshot.
+     */
+    readonly outputDirs?: readonly string[];
 }
 export interface PlatformFlatRunSubmissionRequest {
     readonly workspaceId: string;

package/dist/_shared/submission.js

@@ -272,6 +272,9 @@ function parseProxyAuthShape(input, field) {
     const value = requireRecord(input, field);
     const type = requireString(value.type, `${field}.type`);
     switch (type) {
+        case "none":
+            assertOnlyKeys(value, field, ["type"]);
+            return { type: "none" };
         case "bearer":
             assertOnlyKeys(value, field, ["type"]);
             return { type: "bearer" };
@@ -293,7 +296,7 @@ function parseProxyAuthShape(input, field) {
             return { type: "query", name };
         }
         default:
-            throw new Error(`${field}.type must be one of: bearer, basic, header, query`);
+            throw new Error(`${field}.type must be one of: none, bearer, basic, header, query`);
     }
 }
 function parseProxyMethods(input, field) {
@@ -382,6 +385,16 @@ function crossValidateProxyEndpointsAndAuth(endpoints, auth) {
     const authByName = new Map(authList.map((a) => [a.name, a]));
     for (const endpoint of endpointsList) {
         const authEntry = authByName.get(endpoint.name);
+        if (endpoint.authShape.type === "none") {
+            // Keyless endpoints carry no auth value. Reject any matching
+            // auth entry so callers don't accidentally ship a secret bound
+            // to a "none" endpoint (which would be silently ignored at
+            // request time — confusing and a leak risk).
+            if (authEntry) {
+                throw new Error(`proxyEndpoints[${endpoint.name}] has authShape "none" but a matching secrets.proxyEndpointAuth entry was supplied; remove the auth entry`);
+            }
+            continue;
+        }
         if (!authEntry) {
             throw new Error(`proxyEndpoints[${endpoint.name}] has no matching secrets.proxyEndpointAuth entry`);
         }
@@ -742,7 +755,8 @@ function parseFlatSubmission(input) {
         "skills",
         "mcpServers",
         "environment",
-        "metadata"
+        "metadata",
+        "outputDirs"
     ]);
     for (const key of Object.keys(value)) {
         if (!allowed.has(key)) {
@@ -756,6 +770,7 @@ function parseFlatSubmission(input) {
     const mcpServers = parseFlatMcpServers(value.mcpServers);
     const environment = parseTemplateEnvironment(value.environment);
     const metadata = optionalJsonRecord(value.metadata, "submission.metadata");
+    const outputDirs = parseOutputDirs(value.outputDirs);
     return {
         model,
         ...(system ? { system } : {}),
@@ -763,9 +778,84 @@ function parseFlatSubmission(input) {
         skills,
         mcpServers,
         ...(environment ? { environment } : {}),
-        ...(metadata ? { metadata } : {})
+        ...(metadata ? { metadata } : {}),
+        ...(outputDirs ? { outputDirs } : {})
     };
 }
+/**
+ * Maximum number of `outputDirs` entries accepted per submission.
+ *
+ * 32 is enough room for the typical "one or two capture roots" pattern
+ * plus a generous margin for legitimate multi-root use cases (per-tool
+ * output directory + scratch state + logs, repeated across a few
+ * subdirectories), without inviting abuse of the synthetic-turn path
+ * the worker drives at session terminal.
+ */
+const MAX_OUTPUT_DIRS = 32;
+/**
+ * Maximum byte length of a single `outputDirs` entry (after UTF-8
+ * encoding). 512 bytes comfortably covers `/very/long/nested/path`
+ * style entries without letting a misuse smuggle large blobs through
+ * the field.
+ */
+const MAX_OUTPUT_DIR_BYTES = 512;
+function parseOutputDirs(input) {
+    if (input === undefined) {
+        return undefined;
+    }
+    if (!Array.isArray(input)) {
+        throw new Error("submission.outputDirs must be an array of absolute UNIX paths");
+    }
+    if (input.length === 0) {
+        // Treat an empty array as omission so the idempotency hash matches
+        // the "no outputDirs" case.
+        return undefined;
+    }
+    if (input.length > MAX_OUTPUT_DIRS) {
+        throw new Error(`submission.outputDirs has ${input.length} entries; max is ${MAX_OUTPUT_DIRS}`);
+    }
+    const seen = new Set();
+    const normalised = [];
+    for (let i = 0; i < input.length; i++) {
+        const item = input[i];
+        if (typeof item !== "string") {
+            throw new Error(`submission.outputDirs[${i}] must be a string`);
+        }
+        if (item.length === 0) {
+            throw new Error(`submission.outputDirs[${i}] must be a non-empty absolute UNIX path`);
+        }
+        const bytes = new TextEncoder().encode(item).length;
+        if (bytes > MAX_OUTPUT_DIR_BYTES) {
+            throw new Error(`submission.outputDirs[${i}] exceeds ${MAX_OUTPUT_DIR_BYTES} bytes (got ${bytes})`);
+        }
+        if (!item.startsWith("/")) {
+            throw new Error(`submission.outputDirs[${i}] must be an absolute UNIX path (start with '/')`);
+        }
+        if (item.includes("\0")) {
+            throw new Error(`submission.outputDirs[${i}] must not contain NUL bytes`);
+        }
+        if (item.includes("\n") || item.includes("\r")) {
+            throw new Error(`submission.outputDirs[${i}] must not contain newline characters`);
+        }
+        const segments = item.split("/");
+        if (segments.includes("..")) {
+            throw new Error(`submission.outputDirs[${i}] must not contain '..' segments`);
+        }
+        const collapsed = segments
+            .filter((seg, idx) => seg.length > 0 || idx === 0)
+            .join("/");
+        const stripped = collapsed.length > 1 && collapsed.endsWith("/")
+            ? collapsed.slice(0, -1)
+            : collapsed;
+        const canonical = stripped.length === 0 ? "/" : stripped;
+        if (seen.has(canonical)) {
+            continue;
+        }
+        seen.add(canonical);
+        normalised.push(canonical);
+    }
+    return normalised;
+}
 function parseFlatPrompt(input) {
     if (typeof input === "string") {
         if (input.length === 0) {

package/dist/cli.mjs

@@ -6,7 +6,12 @@ var __export = (target, all) => {
 };
 
 // dist/cli.js
-import { readFile as readFile2, writeFile } from "node:fs/promises";
+import { readFile as readFile2, writeFile, readdir as readdir2, stat as stat2 } from "node:fs/promises";
+import { resolve as resolvePath4 } from "node:path";
+
+// dist/internal.js
+var ANTPATH_INDEX_PATH = "/antpath/index.json";
+var ANTPATH_RUN_TOKEN_PATH = "/antpath/run-token";
 
 // ../shared/dist/config.js
 var DEFAULT_CAPS = {
@@ -527,6 +532,9 @@ __export(operations_exports, {
   createSkillBundle: () => createSkillBundle,
   deleteRun: () => deleteRun,
   deleteSkill: () => deleteSkill,
+  downloadRunArchive: () => downloadRunArchive,
+  findSkillByHash: () => findSkillByHash,
+  findSkillByName: () => findSkillByName,
   getRun: () => getRun,
   getSkill: () => getSkill,
   listOutputs: () => listOutputs,
@@ -567,6 +575,10 @@ async function deleteRun(http, runId) {
 async function whoami(http) {
   return http.request("/api/whoami");
 }
+async function downloadRunArchive(http, runId) {
+  const { response } = await http.download(`/api/runs/${encodeURIComponent(runId)}/download`);
+  return response;
+}
 async function submitRunFlat(http, request) {
   return http.request("/api/runs", {
     method: "POST",
@@ -623,6 +635,18 @@ async function deleteSkill(http, skillId) {
     method: "DELETE"
   });
 }
+async function findSkillByHash(http, args) {
+  const params = new URLSearchParams({
+    name: args.name,
+    content_hash: args.contentHash
+  });
+  const result = await http.request(`/api/skills/by-hash?${params.toString()}`);
+  return result.skill ?? null;
+}
+async function findSkillByName(http, name) {
+  const skills = await listSkills(http);
+  return skills.find((skill) => skill.name === name) ?? null;
+}
 function unwrapSkill(result) {
   if (result && typeof result === "object" && "skill" in result) {
     return result.skill;
@@ -669,10 +693,6 @@ function validateProxyAuth(endpoints, auth) {
   }
 }
 
-// dist/internal.js
-var ANTPATH_INDEX_PATH = "/antpath/index.json";
-var ANTPATH_RUN_TOKEN_PATH = "/antpath/run-token";
-
 // dist/host/common.js
 var SUCCESS = { code: 0 };
 var USAGE_ERR = { code: 2 };
@@ -830,6 +850,52 @@ function takeBooleanFlag(rest, flag) {
   return { present, remaining };
 }
 
+// dist/outputs-sync.js
+async function runOutputsSyncCmd(io2, dirs) {
+  if (dirs.length === 0) {
+    io2.stderr("usage: antpath outputs sync <dir> [<dir> ...]\n");
+    return USAGE_ERR;
+  }
+  try {
+    await io2.readFile(ANTPATH_INDEX_PATH);
+  } catch {
+    io2.stderr("`antpath outputs sync` is an in-container internal command and cannot run on the host.\n");
+    return USAGE_ERR;
+  }
+  if (!io2.walkDirectory) {
+    io2.stderr("antpath outputs sync: walkDirectory IO is not available\n");
+    return RUNTIME_ERR;
+  }
+  let scanned = 0;
+  let missing = 0;
+  for (const dir of dirs) {
+    if (!dir.startsWith("/")) {
+      io2.stderr(JSON.stringify({ dir, error: "non_absolute_path", message: "skipping non-absolute output dir" }) + "\n");
+      missing++;
+      continue;
+    }
+    let entries;
+    try {
+      entries = await io2.walkDirectory(dir);
+    } catch (err2) {
+      io2.stderr(JSON.stringify({ dir, error: "walk_failed", message: err2.message ?? "walk failed" }) + "\n");
+      missing++;
+      continue;
+    }
+    if (entries === null) {
+      io2.stderr(JSON.stringify({ dir, error: "missing_or_unreadable" }) + "\n");
+      missing++;
+      continue;
+    }
+    for (const entry of entries) {
+      io2.stdout(JSON.stringify({ dir, path: entry.path, sizeBytes: entry.sizeBytes }) + "\n");
+      scanned++;
+    }
+  }
+  io2.stdout(JSON.stringify({ summary: { dirs: dirs.length, files: scanned, missing } }) + "\n");
+  return SUCCESS;
+}
+
 // dist/proxy.js
 function parseProxyFlags(rest) {
   let endpointName = null;
@@ -2644,7 +2710,7 @@ async function runOutputsCmd(io2, argv) {
 }
 
 // dist/host/download.js
-import { resolve as resolvePath3, basename as basename2 } from "node:path";
+import { resolve as resolvePath3 } from "node:path";
 async function runDownloadCmd(io2, argv) {
   if (await refuseInsideManagedRun(io2, "download"))
     return USAGE_ERR;
@@ -2661,51 +2727,38 @@ async function runDownloadCmd(io2, argv) {
     return USAGE_ERR;
   }
   const positional = outFlag.remaining.filter((arg) => !arg.startsWith("--"));
-  if (positional.length !== 2) {
-    io2.stderr("usage: antpath download <run-id> <output-id> [--out path] [common flags]\n");
+  if (positional.length !== 1) {
+    io2.stderr("usage: antpath download <run-id> [--out path] [common flags]\n");
     return USAGE_ERR;
   }
   const runId = positional[0];
-  const outputId = positional[1];
   const http = makeHttpClient(io2, common.flags);
-  let link;
+  let response;
   try {
-    link = await operations_exports.createOutputLink(http, runId, outputId);
+    response = await operations_exports.downloadRunArchive(http, runId);
   } catch (err2) {
-    return emitJsonError(io2, "link_failed", err2.message ?? "create link failed", { runId, outputId });
+    return emitJsonError(io2, "download_failed", err2.message ?? "download failed", { runId });
   }
-  let response;
+  let bytes;
   try {
-    response = await io2.fetchImpl(link.url, { method: "GET", redirect: "follow" });
+    bytes = new Uint8Array(await response.arrayBuffer());
   } catch (err2) {
-    return emitJsonError(io2, "download_failed", `download fetch failed: ${err2.message}`, { runId, outputId });
-  }
-  if (!response.ok) {
-    return emitJsonError(io2, "download_failed", `download HTTP ${response.status}`, { runId, outputId });
+    return emitJsonError(io2, "download_failed", `download read failed: ${err2.message}`, { runId });
   }
-  const buffer = new Uint8Array(await response.arrayBuffer());
-  const destination = resolveDestination(io2, outFlag.value, outputId, link.url);
+  const destination = resolveDestination(io2, outFlag.value, runId);
   try {
-    await io2.writeFile(destination, buffer);
+    await io2.writeFile(destination, bytes);
   } catch (err2) {
-    return emitJsonError(io2, "write_failed", `failed to write output: ${err2.message}`, { destination });
+    return emitJsonError(io2, "write_failed", `failed to write archive: ${err2.message}`, { destination });
   }
-  io2.stdout(JSON.stringify({ runId, outputId, path: destination, bytes: buffer.byteLength }) + "\n");
+  io2.stdout(JSON.stringify({ runId, path: destination, bytes: bytes.byteLength }) + "\n");
   return SUCCESS;
 }
-function resolveDestination(io2, out, outputId, signedUrl) {
+function resolveDestination(io2, out, runId) {
   if (out) {
     return resolvePath3(io2.cwd(), out);
   }
-  let fileName = `${outputId}`;
-  try {
-    const url = new URL(signedUrl);
-    const tail = basename2(url.pathname);
-    if (tail)
-      fileName = tail;
-  } catch {
-  }
-  return resolvePath3(io2.cwd(), fileName);
+  return resolvePath3(io2.cwd(), `antpath-run-${runId}.zip`);
 }
 
 // dist/host/cancel.js
@@ -2815,6 +2868,9 @@ async function dispatch(io2, args) {
     case "events":
       return runEventsCmd(io2, rest);
     case "outputs":
+      if (rest[0] === "sync") {
+        return runOutputsSyncCmd(io2, rest.slice(1));
+      }
       return runOutputsCmd(io2, rest);
     case "download":
       return runDownloadCmd(io2, rest);
@@ -2864,7 +2920,7 @@ Protocol version: ${manifest.protocolVersion}
   io2.stdout("  antpath status <run-id> --api-token T\n");
   io2.stdout("  antpath events <run-id> [--follow] --api-token T\n");
   io2.stdout("  antpath outputs <run-id> --api-token T\n");
-  io2.stdout("  antpath download <run-id> <output-id> [--out path] --api-token T\n");
+  io2.stdout("  antpath download <run-id> [--out path] --api-token T\n");
   io2.stdout("  antpath cancel <run-id> --api-token T\n");
   io2.stdout("  antpath delete <run-id> --api-token T\n");
   io2.stdout("  antpath whoami --api-token T\n");
@@ -2892,6 +2948,30 @@ Protocol version: ${manifest.protocolVersion}
 }
 
 // dist/cli.js
+async function walkDirectory(root) {
+  try {
+    const rootStat = await stat2(root);
+    if (!rootStat.isDirectory())
+      return null;
+  } catch {
+    return null;
+  }
+  const out = [];
+  async function visit(dir) {
+    const entries = await readdir2(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const full = resolvePath4(dir, entry.name);
+      if (entry.isDirectory()) {
+        await visit(full);
+      } else if (entry.isFile()) {
+        const s = await stat2(full);
+        out.push({ path: full, sizeBytes: s.size });
+      }
+    }
+  }
+  await visit(root);
+  return out;
+}
 var io = {
   readFile: (path) => readFile2(path, "utf8"),
   writeFile: (path, data) => writeFile(path, data),
@@ -2900,6 +2980,7 @@ var io = {
   stderr: (chunk) => process.stderr.write(chunk),
   exit: (code) => process.exit(code),
   argv: process.argv,
-  cwd: () => process.cwd()
+  cwd: () => process.cwd(),
+  walkDirectory
 };
 await runCli(io);

package/dist/cli.mjs.sha256

@@ -1 +1 @@
-974924653a05ddcd4ac437ebc2c1e38f3ddc833c56c113f838f1c6df235b0473  cli.mjs
+e7ee04a6c02d7ddfef1546abddda3b7031c92b8f21471a1e1cec10478a30fa50  cli.mjs